Commit Graph

233 Commits

Author SHA1 Message Date
nixbitcoin
d56a363d3d
services: improve default hardening 2021-04-02 10:59:17 +00:00
nixbitcoin
cde9597fc4
lightning-loop: 0.12.0 -> 0.12.1 2021-03-26 09:31:11 +00:00
Jonas Nick
aea1706e49
Merge #345: electrs: 0.8.8 -> 0.8.9
d5c53e1510 electrs: 0.8.8 -> 0.8.9 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK d5c53e1510

Tree-SHA512: f57bd85e2c9ca592774d1e5aaa13042cdf6f3887715e99ed6a0aa9a4d5f5e3c9b32200c616ba2a51b7d50ab414297ea79cca0a0be5002c3cf1b1c92023a6e9c5
2021-03-22 19:58:28 +00:00
Erik Arvstedt
4cddf284e9
treewide: remove use of deprecated stdenv.lib 2021-03-22 14:39:32 +01:00
Erik Arvstedt
08fe9ba84a
services: add finer-grained address family restrictions
Due to a possible NixOS bug, this commit has no effect on NixOS 20.09
where `RestrictAddressFamilies` is a no-op.
It's only relevant for NixOS unstable with cgroups v2.

bitcoind+zmq: instead of allowing all address families, only add the required
AF_NETLINK family.

lnd: lnd only runs a zmq client, not a server, therefore it requires
no additional address families.

lightning-pool, clightning-plugin-zmq: add AF_NETLINK.
2021-03-22 14:35:29 +01:00
Erik Arvstedt
020433cec6
services: add helper fn setAllowedIPAddresses
Also use 'allowLocalIPAddresses' instead of 'allowTor' in bitcoind-import-banlist
which doesn't use Tor.
2021-03-22 13:20:45 +01:00
nixbitcoin
d5c53e1510
electrs: 0.8.8 -> 0.8.9 2021-03-22 11:54:28 +00:00
Erik Arvstedt
d214605b32
spark-wallet: add flakes compatibility
Pure flakes can't use NIX_PATH.
2021-03-16 12:46:19 +01:00
Erik Arvstedt
81db927f66
spark-wallet/generate: remove supplement.json
This file is empty and has no effect.
2021-03-16 12:46:19 +01:00
Jonas Nick
e017675d5e
krops: add package 2021-03-15 18:53:07 +01:00
Jonas Nick
b07185915a
Merge #331: nixops: remove libvirtd plugin
f1064761d7 nixops: remove libvirtd plugin (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f1064761d7
  erikarvstedt:
    ACK f1064761d7

Tree-SHA512: 66c8fc20c2f210d5d37025cc1772330354a6a8ecbdb1fb9e8fcd1391030485c936ab28647f739bd90b083d627602ade39a5575114d69db8e8d1375989d5cdd0e
2021-03-14 14:42:43 +00:00
Jonas Nick
1377cf5147
Merge #337: joinmarket: 0.8.1 -> 0.8.2
5ead2a7075 joinmarket: 0.8.1 -> 0.8.2 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 5ead2a7075

Tree-SHA512: 2ac87f74a1008c058adef81d11049d985a64f435d75ef61584e8debdcc985f78c1d43430c09ee71c247a93908a5ba3a1efdcf91b0666a84b3269509a99685343
2021-03-10 21:24:12 +00:00
nixbitcoin
5ead2a7075
joinmarket: 0.8.1 -> 0.8.2
- add SNICKER to default config
- update package
- ob-watcher: copy vendorized js and css dependencies
- add missing dependency to jmbase
- use cryptography from pinned.nixpkgs-unstable
2021-03-10 13:33:49 +00:00
nixbitcoin
6c9c820862
lightning-loop: 0.11.3-beta -> 0.12.0-beta 2021-03-07 18:28:08 +00:00
kon
eb21012745 pool: add pkg, module & tests 2021-03-01 10:59:35 +01:00
Jonas Nick
f214a703a5
Merge #332: update nixpkgs-unstable
32acaa5f48 update nixpkgs-unstable (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 32acaa5f48
  jonasnick:
    ACK 32acaa5f48

Tree-SHA512: b688c81da82ef5166fc8074471187f72188b3fb5dc455a9b24c5e3497e3406898185acd2e551356af3300578b2b98eeabf22edcbb7614f02f6ca34afa05b05b0
2021-02-25 08:03:24 +00:00
nixbitcoin
32acaa5f48
update nixpkgs-unstable
btcpayserver: 1.0.5.9 -> 1.0.6.8
nbxplorer: 2.1.46 -> 2.1.49
2021-02-23 10:57:55 +00:00
nixbitcoin
eaa58505a7
electrs: v0.8.7 -> v0.8.8 2021-02-23 10:51:43 +00:00
nixbitcoin
f1064761d7
nixops: remove libvirtd plugin
Fix "Package 'libvirt-5.9.0' is marked as insecure, refusing to
evaluate."
2021-02-23 10:36:30 +00:00
nixbitcoin
42f7e9f874
joinmarket: 0.8.0-a5e8879 -> 0.8.1
- Update joinmarket package
- Revert unofficial release settings
- Move Yield Generator config to configFile
- Add new config option max_sweep_fee_change
2021-02-14 16:23:53 +00:00
Jonas Nick
1302f87c70
Merge #321: Update nixpkgs
47e5442910 Update nixpkgs (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 47e5442910

Tree-SHA512: 4bbcd7711ca3fdf3b8cca36c22b60ceed79a965b3d844dffd44299357ddedd0522c1b5835c53ac0d07b8c0c9456b390d3414017b6d98c8eff469c0039114b471
2021-02-12 22:24:39 +00:00
nixbitcoin
47e5442910
Update nixpkgs
Includes CVE-2019-25016 patch
2021-02-12 09:59:55 +00:00
nixbitcoin
b6f6b5e372
lightning-loop: 0.11.2-beta -> 0.11.3-beta 2021-02-10 15:37:29 +00:00
Jonas Nick
f9683889d9
Merge #312: Refactorings, cleanups
0a2c8e4864 run-tests: add option --copy-src (Erik Arvstedt)
803584a288 backups: don't use hardcoded secrets dir (Erik Arvstedt)
c29d44b49a ci: use 'cachix watch-exec' (Erik Arvstedt)
6a32812412 services: add names for systemd helper scripts (Erik Arvstedt)
6982699613 services: use consistent layout (Erik Arvstedt)
a43534dda0 services: improve config file setup (Erik Arvstedt)
18f2002cf0 joinmarket-yieldgenerator: improve systemd journal output (Erik Arvstedt)
9d0b8c8f6f joinmarket-ob-watcher: use DynamicUser (Erik Arvstedt)
e9c98f415c joinmarket: explain need for tor control socket (Erik Arvstedt)
d9c87b6a8f joinmarket: fix wallet creation (Erik Arvstedt)
7458350108 treewide: remove deprecated types.loaOf (Erik Arvstedt)
9cf038939c treewide: use mkEnableOption (Erik Arvstedt)
7a97304f13 treewide: remove unit descriptions (Erik Arvstedt)
a942177ecf treewide: remove user descriptions (Erik Arvstedt)
4f6ff408ef treewide: remove unneeded string literals (Erik Arvstedt)
e6a6c721c1 treewide: streamline 'extraConfig' descriptions (Erik Arvstedt)
e774c045de treewide: fix formatting (Erik Arvstedt)
0b5b29a2a3 netns-isolation: simplify permission definition for netns-exec (Erik Arvstedt)
a587a2b02a defaultHardening: explain where @system-service is defined (Erik Arvstedt)
bb3a69797e README: minor improvements (Erik Arvstedt)
13fc9dfabf examples: improve introductory comments (Erik Arvstedt)
af2040f4c4 netns-isolation: use 'true' for systemd option (Erik Arvstedt)
c246bbb36e bitcoind, clightning, lnd: improve descriptions (Erik Arvstedt)
7533f12ef1 bitcoind, clightning, run-tests: minor refactoring (Erik Arvstedt)
41fe9b0c1d elementsd: minor refactoring (Erik Arvstedt)
f0850d3f23 btcpayserver: reorder config settings (Erik Arvstedt)
d1c0ea9f85 btcpayserver: add missing systemd postgresql dependency (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 0a2c8e4864

Tree-SHA512: 5c81b36042fbb2f016c8e58ba9e05ef3389d5376b8df713d3258d2cd0b6a9239904531171aca8e49bea7039341d5fa91aa9474c6d98de849c25ede52deccc5a3
2021-02-08 20:32:03 +00:00
Erik Arvstedt
6a32812412
services: add names for systemd helper scripts
The systemd journal now shows a specific script name instead of
the generic name "script" before script output.
2021-02-07 22:45:36 +01:00
Jonas Nick
2ebd1129a5
Merge #317: Pkg updates
a0f48c9de9 examples: fix deploy-container interactive flag (nixbitcoin)
a2f265cd35 secp256k1: move to top-level packages (Erik Arvstedt)
d41a843167 jmbitcoin: remove secp256k1 from propagatedBuildInputs (Erik Arvstedt)
c22adb03af extra-container: 0.5 -> 0.6 (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK a0f48c9de9
  jonasnick:
    ACK a0f48c9de9

Tree-SHA512: 29fa58a960673df407831dd41594c66b26dad1de1e792f4fcc8e35641f39dd873d77b725651be5e01c875bf42284fa78903bab0ea677ec5a0e7eccf98816845d
2021-02-07 21:44:10 +00:00
Erik Arvstedt
4f6ff408ef
treewide: remove unneeded string literals 2021-02-07 22:41:29 +01:00
Erik Arvstedt
e774c045de
treewide: fix formatting 2021-02-07 22:40:10 +01:00
Erik Arvstedt
a587a2b02a
defaultHardening: explain where @system-service is defined 2021-02-07 22:39:06 +01:00
Erik Arvstedt
41fe9b0c1d
elementsd: minor refactoring
- Use pname
- urls -> url
2021-02-07 22:39:05 +01:00
Erik Arvstedt
a2f265cd35
secp256k1: move to top-level packages
Reason: secp256k1 is not a Python package.
2021-02-06 11:43:36 +01:00
Erik Arvstedt
d41a843167
jmbitcoin: remove secp256k1 from propagatedBuildInputs
Adding this input has no effect. jmbitcoin accesses secp256k1 via bitcointx.
2021-02-06 11:43:36 +01:00
Erik Arvstedt
c22adb03af
extra-container: 0.5 -> 0.6 2021-02-06 11:43:36 +01:00
nixbitcoin
ebd478fd0d
lnd: add option 'restOnionService' 2021-02-05 09:17:14 +01:00
Erik Arvstedt
a344ae95c9
move mkHiddenService to lib 2021-02-04 12:39:54 +00:00
Erik Arvstedt
a26ed03d77
rename nix-bitcoin-services.nix -> lib.nix 2021-02-04 12:39:48 +00:00
nixbitcoin
a33c678d3b
update nixpkgs-unstable
Includes c-lightning 0.9.3 and lnd 0.12.0-beta
2021-02-01 10:11:30 +00:00
Erik Arvstedt
8f9ea61d6e
update nixpkgs-unstable
- bitcoind 0.20.1 -> 0.21.0
  Manually create a wallet in the backup test because bitcoind
  does not create a default wallet anymore

- disable the failing elementsd build on unstable
2021-01-31 22:26:30 +01:00
Erik Arvstedt
05e5ec99ec
modules packages: build electrs, lightning-loop with nixpkgs stable
Building with nixBitcoinPkgsUnstable was only a temporary measure to
fix build errors on stable.
2021-01-30 11:38:47 +01:00
Jonas Nick
58a88619ae
Merge #306: Update nixpkgs
f96591c030 Update nixpkgs (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f96591c030

Tree-SHA512: 41e79c1660108a7f6d879a11eecdcfd01135079f664794c198eef08c542dd0e829a6033cfc0851d3d9d5fb0f154db7933efa11a3e3d808dd40ef6d89dee0c58a
2021-01-27 16:17:11 +00:00
nixbitcoin
f96591c030
Update nixpkgs
Includes CVE-2021-3156 patch
2021-01-27 15:15:47 +00:00
nixbitcoin
69da6f94f1
electrs: v0.8.6 -> v0.8.7 2021-01-20 13:20:18 +00:00
nixbitcoin
8c125ec48c
joinmarket-obwatcher: add pkg & module 2021-01-17 17:40:12 +00:00
Erik Arvstedt
915df059f4
joinmarket: 0.8.0-bcfa7eb -> 0.8.0-a5e8879 2021-01-17 17:40:01 +00:00
Erik Arvstedt
254246cf39
joinmarket: use installPhase
This simplifies the build.
2021-01-17 14:17:14 +01:00
Erik Arvstedt
55073eee70
remove nix-bitcoin.pkgs.lib
Type ipv4Address is not needed anymore because all services have
separate 'port' and 'address' options.
2021-01-14 13:25:05 +01:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module 2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module 2021-01-01 17:37:30 +00:00
nixbitcoin
9423eadcee
clboss: add pkg 2020-12-22 09:39:37 +00:00
Jonas Nick
7b32a78de2
Merge #284: Fix containers
2bfb4efbd8 make-container: fix usage comment (Erik Arvstedt)
3403795c86 tests: add example scripts (Erik Arvstedt)
ff94985b8b tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66 generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274 make-container: fix renamed variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 2bfb4efbd8
  jonasnick:
    utACK 2bfb4efbd8

Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00