greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
510 Commits 8 Branches 0 Tags
Commit Graph

510 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
nixbitcoin
1acb22a872
Get electrs source tarball with gpg verified sha256 and corresponding helper script 
move script to pkg dir, add hint to script in pkg def

remove unneeded script deps

add extended bash error checking

rename DIR -> TMPDIR

remove TMPDIR on exit

strip whitespace, simplify comments

gpg2 -> gpg

latesttagelectrs -> latest

tmpdir: don't use XDG_RUNTIME_DIR

XDG_RUNTIME_DIR is often in RAM and shouldn't be used for larger
workloads like repo downlaods

verify fingerprint of the imported key

remove trailing '-' in output

simplify output

Hide --fetch-key output

Output is not relevant to user, looks better without it

More accurately describe ./get-sha256 function

User might think that ./get-sha256 automatically updates sha256 in default.nix

Fetch key from sks keyservers instead of keybase.io

Using --recv-key simplifies getting the right key, and only the
right key, greatly. I try to refrain from using sks keyservers,
but the certificate spamming attack shouldn't be an issue in this
case because we create a temporary keychain just for the
verificaiton.

remove unneeded cargoDepsHook

Make clang nativeBuildInput instead of buildInput
 2020-04-26 17:02:14 +02:00
nixbitcoin
707b06aed1
Update pinned nixpkgs 2020-04-26 16:59:41 +02:00
Jonas Nick
aee39d6549
Merge #165: Electrs fixes 
e95f5981aa184ca5dce5a452d57fa279c70eba74 Remove KN countrycode (nixbitcoin)
742aef1e0f4f52118211013d00c959debe9e8840 Only set dataDirReadableByGroup if cfg.high-memory is enabled (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e95f5981aa184ca5dce5a452d57fa279c70eba74

Tree-SHA512: e8253b934211e6fc6be11917f8acb05a05e390caafdf86f90670f9299d9c0d98596758ff021c65aae199c9a5a3f86f87854e1b8f50a53bab8ad28d9a7003d98e
 2020-04-25 18:58:53 +00:00
Jonas Nick
fa5937624d
Merge #163: Make it easy to use pinned packages 
47b2b110ccf93f45a2bd59370552fc87316d7b7a pinned: make it easy to use pinned packages (William Casarin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 47b2b110ccf93f45a2bd59370552fc87316d7b7a

Tree-SHA512: 4a45eee55ff87d8f00f7ef7af7bd6dfc4674c492d45a4875dc933edb5d21e06cd1bcedc73b07b8a2b804a4b1fe9d52223e623d382a348524621749beda8cc115
 2020-04-25 18:55:56 +00:00
William Casarin
47b2b110cc pinned: make it easy to use pinned packages 
It appears the pinned attrset is a bit adhoc. This generalizes
pinned.nix so that you can do:

  $ nix build -f . pinned.stable.hwi
  $ nix build -f . pinned.unstable.hwi

etc

Signed-off-by: William Casarin <jb55@jb55.com>
 2020-04-24 16:58:00 -07:00
nixbitcoin
e95f5981aa
Remove KN countrycode 2020-04-24 16:27:48 +02:00
nixbitcoin
742aef1e0f
Only set dataDirReadableByGroup if cfg.high-memory is enabled 2020-04-24 16:21:12 +02:00
Jonas Nick
39ff39eb32
Merge #160: Document low-entropy problem 
0382d3a6b82976d98e207a0115ec1ebb2f98fc35 Document low-entropy problem (nixbitcoin)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 4b5e69a7163171e30e995a4944fa262141466b5a15680bfba4d483b3fd5e26d1d40384199ae467bc12794fae0a83a8f99a487cc12be711df5c1e567f2c6cef35
 2020-04-23 20:34:48 +00:00
nixbitcoin
0382d3a6b8
Document low-entropy problem 2020-04-19 15:16:00 +02:00
Jonas Nick
faed3043c4
Merge #158: Update spark-wallet 0.2.12 -> 0.2.13 
89dc836f9428ce3a65d26725df8f9ab80306a8da Update spark-wallet 0.2.12 -> 0.2.13 (nixbitcoin)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 6b39b7442546938f84d5d7fb11e6ade4338b84e481f9510cfaa9e029397f3ef30d086161770a82d1d0adf931cb79e033f8d3c7024b99bd08528a930916ed4d2e
 2020-04-18 18:59:43 +00:00
Jonas Nick
57752ffe4e
Merge #157: Minor example improvements 
7ffbe83de3b060681eb62df461847df7d855e577 README: add links to example scripts (Erik Arvstedt)
ade3f84317efd8b5adfe97b0841f2a4da86154a5 examples: add shell session snippets (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 7ffbe83

Tree-SHA512: d59bf0553e7c7d224f5c39a94de675c11386dd9b664d62984582d02b866b72aad7e7a443ea8b07e5e2c6c838b80b796f12f184d815dca4d7b8fabd4be7283ebc
 2020-04-18 18:58:48 +00:00
Jonas Nick
e97b132a37
Merge #153: Improve bitcoind 
4dc6c3ba5d627d40a9eb2bd5b408fe0c87f56c9d add option 'dataDirReadableByGroup' (Erik Arvstedt)
3e188238d08ce0090b2affa150f25210c42b219e only update bitcoin.conf when changed (Erik Arvstedt)
08322eed9be055a2999d93ee5af77f0227465df3 use [[ test (Erik Arvstedt)
201fc3378297e1451f9d344f574abb570a137841 move line to relevant code section (blocks dir setup) (Erik Arvstedt)
1f8fe310d065fc744a455d205af9f9a9c9109d97 remove option 'configFileOption' (Erik Arvstedt)
4e5c1d7551796136ef6d341e99302320f20734e4 disable redundant logfile (Erik Arvstedt)
a05551fd1c5af487d0562225b6e4da1903228fbb improve config file formatting (Erik Arvstedt)
5e81d60d63d017d7d3f71b961d0703ddb093f672 improve formatting (Erik Arvstedt)
d60a5aa4db891cd26e85f7a268af8022ea64a0fe define rpc.users submodule inline (Erik Arvstedt)
1a2271fb14c34a90b395d41e17a3e15875e84a36 remove unused variable 'hexStr' (Erik Arvstedt)
4e92b1c818a1d04149dccb61e615c6c5ea022dcb remove redundant hardening options (Erik Arvstedt)
47fd6cd0f3e4cc65f1d73e6e3022f14deb574c4f simplify ExecStart (Erik Arvstedt)
64fc63cc40f1b673651170e837356ab70d1930de remove pidFile (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 4dc6c3ba5d627d40a9eb2bd5b408fe0c87f56c9d
  jonasnick:
    ACK 4dc6c3ba5d627d40a9eb2bd5b408fe0c87f56c9d

Tree-SHA512: 370dcabe89cc99480a3f272a5819607bce5e454b3000a95ff5b4a3b04819d0d8341385c2bbf0de361f061a43460bf87be10d2321a0525f19e121b28ede8f722e
 2020-04-18 18:57:39 +00:00
nixbitcoin
89dc836f94
Update spark-wallet 0.2.12 -> 0.2.13 2020-04-17 14:13:04 +02:00
Erik Arvstedt
4dc6c3ba5d
add option 'dataDirReadableByGroup' 
These settings are now more accessible for users that don't use
nix-bitcoin's default node config.
Additionally, remove 'other' permissions via umask.
 2020-04-16 15:55:34 +02:00
Erik Arvstedt
7ffbe83de3
README: add links to example scripts 2020-04-15 18:57:55 +02:00
Erik Arvstedt
ade3f84317
examples: add shell session snippets 2020-04-15 18:55:02 +02:00
Erik Arvstedt
3e188238d0
only update bitcoin.conf when changed 2020-04-12 22:32:37 +02:00
Erik Arvstedt
08322eed9b
use [[ test 2020-04-12 22:32:37 +02:00
Erik Arvstedt
201fc33782
move line to relevant code section (blocks dir setup) 2020-04-12 22:32:37 +02:00
Erik Arvstedt
1f8fe310d0
remove option 'configFileOption' 
It doesn't make sense for bitcoind users to completely redefine their
config file. Also, it's poorly named and the description is faulty.

This is a breaking change, but this option has probably no actual users.
 2020-04-12 22:32:37 +02:00
Erik Arvstedt
4e5c1d7551
disable redundant logfile 2020-04-12 22:32:37 +02:00
Erik Arvstedt
a05551fd1c
improve config file formatting 2020-04-12 22:32:37 +02:00
Erik Arvstedt
5e81d60d63
improve formatting 2020-04-12 22:32:37 +02:00
Erik Arvstedt
d60a5aa4db
define rpc.users submodule inline 
Improves readability.
 2020-04-12 22:32:37 +02:00
Erik Arvstedt
1a2271fb14
remove unused variable 'hexStr' 2020-04-12 22:32:36 +02:00
Erik Arvstedt
4e92b1c818
remove redundant hardening options 
These are already defined in nix-bitcoin-services.defaultHardening.
 2020-04-12 22:32:36 +02:00
Erik Arvstedt
47fd6cd0f3
simplify ExecStart 2020-04-12 22:32:36 +02:00
Erik Arvstedt
64fc63cc40
remove pidFile 
- service type "simple" is the default
- pidFile is not needed for service type "simple"
 2020-04-12 22:32:36 +02:00
Jonas Nick
1131c795dc
Merge #152: Rename nix-bitcoin.nix to presets/secure-node.nix 
bceaa361cab2a3008bba93abd918de4594b27b12 operator: allow reading systemd journal (Erik Arvstedt)
145961c2de1265425dbd3200e1fa4b6e9e75eb8c fix operator authorized keys setup (Erik Arvstedt)
37b2faf63cf2a7ae1ad95fff2b2db6e314c83c4c move systemPackages definitions to services (Erik Arvstedt)
6c22e13b7f431eddab26e50e05f67039ee8f6b7a copy-root-authorized-keys: use inline script definition (Erik Arvstedt)
63c6fe3213c7bed068ac49596b6fcd79cf410c11 fixup! use '' for multi-line string (Erik Arvstedt)
ab617946a9d041d28d10a9f5416ba9c3ea7906f4 extract variable 'cfg' (Erik Arvstedt)
36c84d83601b3e9687b0a0727a00ab18f9b843a6 add option clightning.onionport (Erik Arvstedt)
681dbaf328eabb5590e8893048acd3391896c115 move electrs.onionport option (Erik Arvstedt)
74fbfa3a5da2c503d8e14267366500b65fb9e878 use lib.optionals (Erik Arvstedt)
ec6d33fbb6e992413b00e0361ea87d25d1e4de06 rearrange code sections (Erik Arvstedt)
e16ddc9c771b3757eb11c07be7bfa92d7a2a9e23 extract 'mkHiddenService' (Erik Arvstedt)
89d3d58850cae43279828cf9b717e24d1abaff84 use mkIf (Erik Arvstedt)
85e52a06cb610f0b755472137b6b1ad4da0a2f73 improve grouping of suboptions (Erik Arvstedt)
1a63f0ca6acaebdfc6448424e155aaf5d96d61fe remove option 'services.nix-bitcoin.enable' (Erik Arvstedt)
0f8b2e91fd02676e380d8a6298766c873fbb6618 add nix-bitcoin.nix for backwards compatibility (Erik Arvstedt)
28792f79dc1ff0a581dee8dd30f4d49950b2cef7 rename nix-bitcoin.nix -> presets/secure-node.nix (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK bceaa361cab2a3008bba93abd918de4594b27b12

Tree-SHA512: d9c691d862c73f47399c97a50d9fa70ca934f82e8d9664bedacd5cc013fea040ec0431981aba78ade7f607d30809a5bab68effd627904e2cfa990e9d2612bf11
 2020-04-12 14:49:04 +00:00
Erik Arvstedt
bceaa361ca
operator: allow reading systemd journal 2020-04-09 11:02:06 +02:00
Erik Arvstedt
145961c2de
fix operator authorized keys setup 
This fixes these flaws in `copy-root-authorized-keys`:
- When `.vbox-nixops-client-key` is missing, operator's authorized_keys
  file is always appended to, growing the file indefinitely.
- Service is always added and not restricted to nixops-vbox deployments.
 2020-04-09 11:02:06 +02:00
Jonas Nick
d7d7070e8c
Merge #155: nixops: build with pinned nixpkgs 
041ec557943445fe41fb54225374d370c162bef9 nixops: build with pinned nixpkgs (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 041ec557943445fe41fb54225374d370c162bef9

Tree-SHA512: dfe01993b2f8d6f135069dc59dc03e5902f5a36a7f9f63f3299453314cb2cec5da3be9ef66f0186f03c132d0828d30b53d2760aaf91b77f3e2b95555304c4269
 2020-04-08 18:48:06 +00:00
Erik Arvstedt
37b2faf63c
move systemPackages definitions to services 
These are generally useful and shouldn't be limited to secure-node.nix.

Also, only add the hardware-wallets group when hardware wallets are enabled.
 2020-04-08 17:35:14 +02:00
Erik Arvstedt
6c22e13b7f
copy-root-authorized-keys: use inline script definition 2020-04-08 17:35:14 +02:00
Erik Arvstedt
63c6fe3213
fixup! use '' for multi-line string 2020-04-08 17:35:14 +02:00
Erik Arvstedt
ab617946a9
extract variable 'cfg' 2020-04-08 17:35:13 +02:00
Erik Arvstedt
36c84d8360
add option clightning.onionport 
Analogous to electrs.onionport
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
681dbaf328
move electrs.onionport option 
Only used in secure-node.nix
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
74fbfa3a5d
use lib.optionals 2020-04-08 17:35:13 +02:00
Erik Arvstedt
ec6d33fbb6
rearrange code sections 
Move services to the top, operator account setup to the bottom.
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
e16ddc9c77
extract 'mkHiddenService' 
toPort equals port by default.
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
89d3d58850
use mkIf 2020-04-08 17:35:13 +02:00
Erik Arvstedt
85e52a06cb
improve grouping of suboptions 2020-04-08 17:35:12 +02:00
Erik Arvstedt
1a63f0ca6a
remove option 'services.nix-bitcoin.enable' 
Users can enable the node config just by importing secure-node.nix
 2020-04-08 17:35:12 +02:00
Erik Arvstedt
0f8b2e91fd
add nix-bitcoin.nix for backwards compatibility 2020-04-08 17:35:12 +02:00
Erik Arvstedt
28792f79dc
rename nix-bitcoin.nix -> presets/secure-node.nix 2020-04-08 17:35:12 +02:00
Erik Arvstedt
041ec55794
nixops: build with pinned nixpkgs 2020-04-08 17:29:50 +02:00
Jonas Nick
0c4ba43ee8
Merge #149: docs: update nix installation instructions 
0ac7b1660b80ef044c68d0a5b2038ccfe09a0953 docs: update nix installation instructions (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 34c4ef923d3893d1fb1245f6140bca844e44c1733edd781e88e848542360993658c70ae24519c9a49f7ffb64765c5353da5056f59d9d25a2b8d13fd02f9fe97a
 2020-04-08 15:11:45 +00:00
Jonas Nick
0ac7b1660b
docs: update nix installation instructions 2020-04-08 15:10:34 +00:00
Jonas Nick
9239268ab6
Merge #136: Change the nix-bitcoin deployment from forking this repo to importing the module 
b2e15c17b8c9fe5c55a271204b5c12e80aba15ec docs: Update to new deployment method (import instead of fork) (Jonas Nick)
5ed0284db99e6659b8be3065db44648d6660d57c Add fetch-release script (Jonas Nick)
c303cd47e4880dae59f8ada846f0c61f0931058f Add push-release.sh helper (Jonas Nick)
705d187a35b728e6091428be3fd07da576516e2a examples/shell.nix: don't run shellHook on subsequent nix-shells (Erik Arvstedt)
65039be65692fee706b03d9049dd08028dfecf11 docs: Remove duplicate instructions (Jonas Nick)
455c5664c9beefc3fc68491523481988801e9536 docs: Replace tabs with spaces (Jonas Nick)
8aa4714979d8296fae023bb21a4a9fc3b0ca3095 docs: Update NixOS version (Jonas Nick)
9df22a2764a550f0f9a94f759a091d1d8cdd1135 add deploy-qemu-vm.sh example (Erik Arvstedt)
548ced19943efd48d12bc4f52bf26b440c43a4f2 README: Add Example section (Jonas Nick)
44ccbb91d0a03211f4b6c1a0349db38a21c0ab09 Clean up development shell.nix (Jonas Nick)
abcee651d3c24213b5efddf7e1532a6eafa70600 add deploy-container.sh (Erik Arvstedt)
5dadea310cc0522c2bf6a6a7771c6889f0ad39e0 add deploy-nixops.sh (Erik Arvstedt)
0c74c365de8cb5df3b9f8433d5e9baecc8df1aac mention performance loss with hardened kernel profile (Erik Arvstedt)
f3121892ef22e269fd799ce38bd2a7aea3f1370e move main module import to configuration.nix (Erik Arvstedt)
0c0978c0073d18d195e8518ca4624592000fb8a9 extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' (Erik Arvstedt)
87d0286498b7d7d9e85a2ac0fa3af650723ca196 Change the nix-bitcoin deployment from forking this repo to importing the module (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 18e8b71f42715c5e82e2dafde9dcc965594d76aacc6be7ee2ec746a9510065749cc65331687a57d7140f45779c3b7867f6260ec224d361fb5a477062a27d6e4c
 2020-04-08 15:03:08 +00:00