Commit Graph

202 Commits

Author SHA1 Message Date
Erik Arvstedt
a587a2b02a
defaultHardening: explain where @system-service is defined 2021-02-07 22:39:06 +01:00
Erik Arvstedt
41fe9b0c1d
elementsd: minor refactoring
- Use pname
- urls -> url
2021-02-07 22:39:05 +01:00
nixbitcoin
ebd478fd0d
lnd: add option 'restOnionService' 2021-02-05 09:17:14 +01:00
Erik Arvstedt
a344ae95c9
move mkHiddenService to lib 2021-02-04 12:39:54 +00:00
Erik Arvstedt
a26ed03d77
rename nix-bitcoin-services.nix -> lib.nix 2021-02-04 12:39:48 +00:00
nixbitcoin
a33c678d3b
update nixpkgs-unstable
Includes c-lightning 0.9.3 and lnd 0.12.0-beta
2021-02-01 10:11:30 +00:00
Erik Arvstedt
8f9ea61d6e
update nixpkgs-unstable
- bitcoind 0.20.1 -> 0.21.0
  Manually create a wallet in the backup test because bitcoind
  does not create a default wallet anymore

- disable the failing elementsd build on unstable
2021-01-31 22:26:30 +01:00
Erik Arvstedt
05e5ec99ec
modules packages: build electrs, lightning-loop with nixpkgs stable
Building with nixBitcoinPkgsUnstable was only a temporary measure to
fix build errors on stable.
2021-01-30 11:38:47 +01:00
Jonas Nick
58a88619ae
Merge #306: Update nixpkgs
f96591c030 Update nixpkgs (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f96591c030

Tree-SHA512: 41e79c1660108a7f6d879a11eecdcfd01135079f664794c198eef08c542dd0e829a6033cfc0851d3d9d5fb0f154db7933efa11a3e3d808dd40ef6d89dee0c58a
2021-01-27 16:17:11 +00:00
nixbitcoin
f96591c030
Update nixpkgs
Includes CVE-2021-3156 patch
2021-01-27 15:15:47 +00:00
nixbitcoin
69da6f94f1
electrs: v0.8.6 -> v0.8.7 2021-01-20 13:20:18 +00:00
nixbitcoin
8c125ec48c
joinmarket-obwatcher: add pkg & module 2021-01-17 17:40:12 +00:00
Erik Arvstedt
915df059f4
joinmarket: 0.8.0-bcfa7eb -> 0.8.0-a5e8879 2021-01-17 17:40:01 +00:00
Erik Arvstedt
254246cf39
joinmarket: use installPhase
This simplifies the build.
2021-01-17 14:17:14 +01:00
Erik Arvstedt
55073eee70
remove nix-bitcoin.pkgs.lib
Type ipv4Address is not needed anymore because all services have
separate 'port' and 'address' options.
2021-01-14 13:25:05 +01:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module 2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module 2021-01-01 17:37:30 +00:00
nixbitcoin
9423eadcee
clboss: add pkg 2020-12-22 09:39:37 +00:00
Jonas Nick
7b32a78de2
Merge #284: Fix containers
2bfb4efbd8 make-container: fix usage comment (Erik Arvstedt)
3403795c86 tests: add example scripts (Erik Arvstedt)
ff94985b8b tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66 generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274 make-container: fix renamed variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 2bfb4efbd8
  jonasnick:
    utACK 2bfb4efbd8

Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00
Erik Arvstedt
44b06aea5a
extra-container: 0.5-pre -> 0.5 2020-12-18 19:56:56 +01:00
Erik Arvstedt
a359cdfb66
generate-secrets: use pwgen
Password length and alphabet is unchanged, but the restriction to
include at least one numeric and one capital char has been removed.
This restriction is not needed by client applications,
adds code complexity, and even (insignificantly) reduces entropy.

Reason for switching to pwgen:
apg uses /dev/random instead of /dev/urandom which brings no security
benefits but can stall the generate-secrets script on low-entropy
devices due to blocking.

Since `security.rngd` has been disabled in NixOS 20.09, blocking
in generate-secrets can also appear on regular NixOS desktop systems.
2020-12-18 19:56:56 +01:00
nixbitcoin
fdfafb2f40
joinmarket: 0.7.4 -> 0.8.0-bcfa7eb
Update to 0.8.0 with hotfix for genwallet script
Includes module versioning error with migration instructions
2020-12-17 11:12:58 +00:00
nixbitcoin
c9657305e7
temp: modify get-sha256 for hotfix commit 2020-12-14 16:55:03 +00:00
nixbitcoin
522b0000e6
lightning-loop: 0.11.1-beta -> 0.11.2-beta 2020-12-09 16:13:24 +00:00
Jonas Nick
fabe4df478
Update nixpkgs
Includes clightning: 0.9.1 -> 0.9.2 and btcpayserver: 1.0.5.5 -> 1.0.5.9
2020-12-07 12:30:11 +00:00
Jonas Nick
8e268c5ced
Fetch from the nixpkgs repo instead of nixpkgs-channels
nixpkgs-channels is deprecated.
2020-12-06 21:42:20 +00:00
Erik Arvstedt
1c0233c0a8
use Cirrus CI
- Make more economic use of the free CI resources by removing redundant build tasks:
  - Build unstable pkgs in a single separate task ("pkgs_unstable").
  - All stable pkgs are implicitly built by the modules tests.
- The build script (ci/build.sh) can now be executed locally for easier
  debugging.
- Use an explicit 'cachix push' command instead of helper/wait-for-network-idle.rb.
  This is simpler and more reliable.
2020-12-06 19:07:54 +01:00
Erik Arvstedt
a6346c2561
electrs: 0.8.5 -> 0.8.6 2020-12-01 12:51:36 +01:00
Ian Shipman
1d44b99340 add curated clightning plugins 2020-11-18 20:21:34 -06:00
Erik Arvstedt
5399f73b20 add txzmq python pkg 2020-11-18 20:21:34 -06:00
Erik Arvstedt
e62e163177 add clightning python pkgs 2020-11-18 20:21:34 -06:00
Erik Arvstedt
1a16e55237 move python packages to pkgs/python-packages
Remove obsolete passthru from joinmarket because joinmarket packages are
now accessible via pkgs/python-packages.
2020-11-18 20:21:34 -06:00
nixbitcoin
50372c9f2f
lightning-loop: 0.11.0-beta -> 0.11.1-beta 2020-11-18 15:36:38 +00:00
Erik Arvstedt
f1681f5b45
add option nix-bitcoin.pkgs, remove overlay
This works around a nixpkgs bug where overlays are ignored in containers.
2020-11-09 22:10:07 +01:00
Jonas Nick
a36957203c
Update nixpkgs (stable 20.03 -> 20.09) 2020-11-08 20:37:16 +00:00
nixbitcoin
546053511b
lightning-loop: 0.10.0-beta -> 0.11.0-beta 2020-11-06 08:51:30 +00:00
nixbitcoin
d4c0653c64
joinmarket: 0.7.0 -> 0.7.2 2020-11-06 08:51:15 +00:00
Jonas Nick
dbad828851
Merge #255: Improve netns-isolation and Tor config
b4b607dfa5 netns: simplify firewall setup (Erik Arvstedt)
25639cec42 netns: fix error msg when starting netns (Erik Arvstedt)
67068afd6b netns: fix error when stopping netns (Erik Arvstedt)
4ff88efc50 netns: add address binding test (Erik Arvstedt)
8da01fe8a6 lightning-loop: allow RPC access from main netns (Erik Arvstedt)
d76b080b74 lightning-loop: add RPC and REST server options (Erik Arvstedt)
9ddf7864a4 lightning-loop regtest: fix incorrectly succeeding test (Erik Arvstedt)
e66636ef0e liquidd: use type str for rpcbind (Erik Arvstedt)
de23fdd377 lnd: use type str for rpclisten, restlisten (Erik Arvstedt)
8b053326cc bitcoind: use type str for rpcbind (Erik Arvstedt)
6903e8afcc netns-liquidd: allow RPC access from main netns (Erik Arvstedt)
82f4901880 netns-lnd: allow RPC access from main netns (Erik Arvstedt)
58d24e735d netns-bitcoind: allow RPC access from main netns (Erik Arvstedt)
0e2ff948d3 test: add scenario 'netnsRegtest' (Erik Arvstedt)
e0675cb256 move enforceTor logic to service modules (Erik Arvstedt)
0cc8caa737 lnd: only set tor.active on enforceTor (Erik Arvstedt)
9a931483b9 netns test: remove strict dependency on clightning, electrs (Erik Arvstedt)
bae1b7f413 netns test: improve ping test (Erik Arvstedt)
5e0e16529c netns: fix default addressblock value type (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b4b607dfa5
  nixbitcoin:
    ACK b4b607dfa5

Tree-SHA512: b290831d9a3fa4de56b0f19cf84a1998e830aa844532d7cba8cd8227c785a23bfa1514123a974652e8e61060e1297b6bfbcff9640580206a04c5292309b1daef
2020-11-02 16:11:34 +00:00
Erik Arvstedt
8da01fe8a6
lightning-loop: allow RPC access from main netns
Note that this also exposes the REST server, which is secured by
macaroon auth like the RPC server.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
6903e8afcc
netns-liquidd: allow RPC access from main netns 2020-10-29 21:21:28 +01:00
Erik Arvstedt
82f4901880
netns-lnd: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
58d24e735d
netns-bitcoind: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
2a9b918f72
generate-secrets: always run with Bash, stop on errors 2020-10-23 10:54:15 +02:00
nixbitcoin
486f385fdd
lightning-loop: 0.9.0 -> 0.10.0
Includes macaroon authentication
2020-10-19 08:59:14 +00:00
nixbitcoin
480df0dd65
elementsd: 0.18.1.8 -> 0.18.1.9 2020-10-18 16:00:08 +00:00
nixbitcoin
1f2f910774
spark-wallet: 0.2.16 -> 0.2.17 2020-10-18 16:00:06 +00:00
Erik Arvstedt
572967d3ad
extra-container: pre-release -> 0.5-pre 2020-10-16 15:53:32 +02:00
Erik Arvstedt
ac6cee5c12
pkgs: add extra-container 2020-10-11 19:40:26 +02:00
Jonas Nick
c051544d46
Merge #234: loop: v0.8.1 -> v0.9.0
a89a3e934f test: increase diskSize (nixbitcoin)
24b506ff8a tests: simplify lightning-loop test (nixbitcoin)
e7c5f956ea lightning-loop: update module (nixbitcoin)
4a503f57bd lightning-loop: v0.8.1 -> v0.9.0 (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    reACK a89a3e934f
  erikarvstedt:
    I think it's okay if you would just merge 24b506ff8a, which is the direct parent of the ACK'd a89a3e934f, and removing a89a3e934f itself is totally uncontroversial.

Tree-SHA512: cee2a2714c714a22c35cea0fa829b42a371540983609cda6609f4d063d849f2e725643bd77cfe78eb71665725164d63f83b6c2589be9e72ba30aaecd7c8dee6c
2020-09-29 17:53:09 +00:00
Jonas Nick
d4f9bbac3f
Update nixpkgs
Includes clightning: 0.9.0-1 -> 0.9.1
2020-09-28 18:22:08 +00:00