Commit Graph

1583 Commits

Author SHA1 Message Date
Jonas Nick
4040e4fd32
Merge fort-nix/nix-bitcoin#379: Add flake support
dde04f8cbe update nixpkgs-unstable (Erik Arvstedt)
87df809a88 add helper/update-flake.sh (Erik Arvstedt)
f7c2133250 add flake support (Erik Arvstedt)
de77281cba pkgs: import pinned nixpkgs in default.nix (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK dde04f8cbe
  jonasnick:
    ACK dde04f8cbe

Tree-SHA512: 251bbaf748bc429e1f094bf37f1bbf00eed91108f165e378f3ac4de817d42f3e1e4e8c1bbf79ea81447f24d0c172e81fd4eec98164379ea27095d6ba5420af6c
2021-08-28 06:51:25 +00:00
Erik Arvstedt
dde04f8cbe
update nixpkgs-unstable
Includes:
btcpayserver: 1.1.2 -> 1.2.0
lightning-loop: 0.14.2-beta -> 0.15.0-beta
nbxplorer: 2.1.52 -> 2.1.58
2021-08-26 12:45:10 +02:00
Erik Arvstedt
87df809a88
add helper/update-flake.sh
This greatly simplifies updating nixpkgs.
See the comment at the top of update-flake.sh for a description.
2021-08-26 12:45:10 +02:00
Erik Arvstedt
f7c2133250
add flake support
This change is fully backwards compatible.

We continue to use the standard non-flake evaluation mode in our
examples and internal tooling until the flakes design has stabilized.

'clightning-plugins = pkgs.recurseIntoAttrs' in pkgs/default.nix is
needed by flake-utils.lib.flattenTree in flake.nix.
It transforms the packages in `clightning-plugins` to top-level packages
named like `clightning-plugins/summary`. (The flake attr `packages`
must be a non-nested attrset of derivations.)
2021-08-26 12:45:10 +02:00
Erik Arvstedt
de77281cba
pkgs: import pinned nixpkgs in default.nix
pkgs/default.nix now explicitly specifies all its dependencies as arguments.
This is required for flake support.

Also simplify pinned.nix and python-packages by removing unused attrs.
2021-08-16 10:43:07 +02:00
Jonas Nick
9b24a74b23
Merge fort-nix/nix-bitcoin#378: Misc. improvements
b0c66c41e1 tests: add container-minimal example (Erik Arvstedt)
a8a8b9ce4d backups: backup NixOS uid, gid mappings (Erik Arvstedt)
ee8b83681b modules: document module dependencies (Erik Arvstedt)
9f7d048769 modules: move assertion to lnd.nix (Erik Arvstedt)
cce9a3f6b2 modules: move nix-bitcoin options to file 'nix-bitcoin.nix' (Erik Arvstedt)
fdc278a0b8 lib: fix comment (Erik Arvstedt)
13b4650e84 versioning: add usage comment (Erik Arvstedt)
ca3c7a281b secrets: mark option 'secretsSetupMethod' as internal (Erik Arvstedt)
f9a0fd7a17 nodeinfo: fix indentation (Erik Arvstedt)
4ece606e8b examples/minimal-configuration: improve comment (Erik Arvstedt)
6de9aba854 run-tests: quote scriptDir (Erik Arvstedt)
1ef8cbb384 joinmarket: fix allowRunAsUsers setting (Erik Arvstedt)
fb36f2abe5 joinmarket-ob-watcher: use consistent mode formatting (Erik Arvstedt)
f14af1fc48 treewide: use consistent echo message formatting (Erik Arvstedt)
b8043d3db5 treewide: use consistent bash script indentation (Erik Arvstedt)
c758d68ea4 lib: rename privileged -> rootScript (Erik Arvstedt)
1c3735b600 examples/README: add nixbitcoin.org server repo (Erik Arvstedt)
c041079ae1 configuration.nix: reorder sections (Erik Arvstedt)
3734ab38a6 configuration.nix: improve wording and formatting (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b0c66c41e1

Tree-SHA512: 11411e13de4ed8a6c8c942b2843b9ad45f3340a0682fe673a5cee18db93bb75f995c717eb9624f6a754615c508d089c03bf1790848c5112a7d5e9546d583fb24
2021-08-15 21:28:01 +00:00
Erik Arvstedt
b0c66c41e1
tests: add container-minimal example 2021-08-15 22:42:03 +02:00
Erik Arvstedt
a8a8b9ce4d
backups: backup NixOS uid, gid mappings
Now that service uid, gid mappings are included in the backups, along
with the service data dirs, we can remove 'chown -R' for
clightning and liquidd data dirs.

Note that we used 'chown -R' only for these two services, while this
approach would have been relevant for all services with data dirs.
2021-08-15 22:40:35 +02:00
Erik Arvstedt
ee8b83681b
modules: document module dependencies 2021-08-15 22:40:35 +02:00
Erik Arvstedt
9f7d048769
modules: move assertion to lnd.nix
nix-bitcoin.nix is now no longer dependent on clightning.nix and lnd.nix.
Due to condition '!(config.services ? clightning)' lnd.nix still
doesn't depend on clightning.nix.

Also fix the assertion message by renaming clightning.bindPort to clightning.port.
2021-08-15 22:40:35 +02:00
Erik Arvstedt
cce9a3f6b2
modules: move nix-bitcoin options to file 'nix-bitcoin.nix'
This allows modules.nix to consist only of a list of modules.
2021-08-15 22:40:35 +02:00
Erik Arvstedt
fdc278a0b8
lib: fix comment 2021-08-15 11:29:36 +02:00
Erik Arvstedt
13b4650e84
versioning: add usage comment 2021-08-15 11:29:36 +02:00
Erik Arvstedt
ca3c7a281b
secrets: mark option 'secretsSetupMethod' as internal 2021-08-15 11:29:36 +02:00
Erik Arvstedt
f9a0fd7a17
nodeinfo: fix indentation 2021-08-15 11:29:36 +02:00
Erik Arvstedt
4ece606e8b
examples/minimal-configuration: improve comment 2021-08-15 11:29:35 +02:00
Erik Arvstedt
6de9aba854
run-tests: quote scriptDir
scriptDir may contain spaces.
2021-08-15 11:29:35 +02:00
Erik Arvstedt
1ef8cbb384
joinmarket: fix allowRunAsUsers setting
This option requires user names instead of groups.
2021-08-15 11:29:35 +02:00
Erik Arvstedt
fb36f2abe5
joinmarket-ob-watcher: use consistent mode formatting
Remove redundant leading zero.
2021-08-15 11:29:34 +02:00
Erik Arvstedt
f14af1fc48
treewide: use consistent echo message formatting
Quote the echo message.
2021-08-15 11:29:34 +02:00
Erik Arvstedt
b8043d3db5
treewide: use consistent bash script indentation
Always use two spaces.
2021-08-15 11:29:34 +02:00
Erik Arvstedt
c758d68ea4
lib: rename privileged -> rootScript
The naming is now analogous the related function `script`.
2021-08-15 11:29:34 +02:00
Erik Arvstedt
1c3735b600
examples/README: add nixbitcoin.org server repo 2021-08-15 11:29:33 +02:00
Erik Arvstedt
c041079ae1
configuration.nix: reorder sections
Move backups and netns-isolation to the end.
2021-08-15 11:29:33 +02:00
Erik Arvstedt
3734ab38a6
configuration.nix: improve wording and formatting 2021-08-15 11:29:33 +02:00
Jonas Nick
e275b48011
Merge fort-nix/nix-bitcoin#376: update nixpkgs-{stable,unstable}
8a49b41bb4 update nixpkgs-{stable,unstable} (Jonas Nick)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 8a49b41bb4

Tree-SHA512: 8c6a3f7df6d4233b4a30f0dec6a4c59868e99e3fa79922dafcf12c8a969f5ed23b33186f30d62fae05dc20fa7b9cbbeb3e6a146e778db98707ab3ac14e0f13ed
2021-08-15 09:01:30 +00:00
Jonas Nick
8a49b41bb4
update nixpkgs-{stable,unstable}
Includes
- clightning 0.10.1
- lightning-loop 0.14.2
2021-08-14 17:57:49 +00:00
Jonas Nick
08c8f70ebe
Merge fort-nix/nix-bitcoin#374: Update to NixOS 21.05
a2454975a5 doas: fix recursive calls to doas (Erik Arvstedt)
7c876664b1 netns test: update matching of 'capsh' output (Erik Arvstedt)
308a11f22b tests: avoid postgresql timeout failures on CI nodes (Erik Arvstedt)
01804e6dfb tests: improve test script formatting (Erik Arvstedt)
1be924529d tests: adapt to new linter (Erik Arvstedt)
c1c663d0a9 tests: fix formatting (Erik Arvstedt)
c4c2b03e19 extra-container: 0.6 -> 0.7 (Erik Arvstedt)
161baa7e68 joinmarket-ob-watcher: allow required 'mbind' system call (Erik Arvstedt)
ca64a4a64f clightning-plugins.prometheus: use current nixpkgs version of prometheus-client (Erik Arvstedt)
3aab1fc267 spark-wallet: update to new node-env (Erik Arvstedt)
a0e5894f1f backups: remove illegal option definition (Erik Arvstedt)
35fe939cf8 security: update /proc restriction mechanism (Erik Arvstedt)
178a0dcf8f services: use new 'tor' options (Erik Arvstedt)
e44f78ebb8 services: set isSystemUser for service users (Erik Arvstedt)
0ef66c920b treewide: use services.getty option (Erik Arvstedt)
a25ceecca5 update to NixOS 21.05 (Erik Arvstedt)
b758150c9e pinned: expose nixpkgsStable, nixpkgsUnstable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK a2454975a5

Tree-SHA512: a8a25c25d835662ec63c3a042eb237d29b857b2030d9023a8b4ead94e03a4f9dffe2d6616e2a286800e40288985e5db3a55056d6b45d8984161b9a19aba28a60
2021-08-14 15:01:43 +00:00
Erik Arvstedt
a2454975a5
doas: fix recursive calls to doas
Doas was broken for recursive calls like `doas -u operator lncli`
where `lncli` internally calls doas.
2021-08-14 10:46:42 +02:00
Erik Arvstedt
7c876664b1
netns test: update matching of 'capsh' output
The output now contains multiple lines.
2021-08-14 10:46:42 +02:00
Erik Arvstedt
308a11f22b
tests: avoid postgresql timeout failures on CI nodes 2021-08-14 10:46:42 +02:00
Erik Arvstedt
01804e6dfb
tests: improve test script formatting
Remove annyoing spacing constraints enforced by the previous 'black' linter.
2021-08-14 10:46:42 +02:00
Erik Arvstedt
1be924529d
tests: adapt to new linter
The Python test driver now uses 'pyflakes'.
Remove hacks that were needed for the 'black' linter.
2021-08-14 10:46:42 +02:00
Erik Arvstedt
c1c663d0a9
tests: fix formatting 2021-08-14 10:46:42 +02:00
Erik Arvstedt
c4c2b03e19
extra-container: 0.6 -> 0.7
Version 0.7 adds support for NixOS 21.05.
2021-08-14 10:46:41 +02:00
Erik Arvstedt
161baa7e68
joinmarket-ob-watcher: allow required 'mbind' system call 2021-08-14 10:46:41 +02:00
Erik Arvstedt
ca64a4a64f
clightning-plugins.prometheus: use current nixpkgs version of prometheus-client 2021-08-14 10:46:41 +02:00
Erik Arvstedt
3aab1fc267
spark-wallet: update to new node-env 2021-08-14 10:46:41 +02:00
Erik Arvstedt
a0e5894f1f
backups: remove illegal option definition 2021-08-14 10:46:41 +02:00
Erik Arvstedt
35fe939cf8
security: update /proc restriction mechanism
NixOS option `security.hideProcessInformation` for globally restricting
access to /proc has been removed.
Use per-service restrictions via 'ProtectProc' instead.

Rename
`nix-bitcoin.security.hideProcessInformation` to
`nix-bitcoin.security.dbusHideProcessInformation`
because this option now only implements the dbus restriction.
2021-08-14 10:46:41 +02:00
Erik Arvstedt
178a0dcf8f
services: use new 'tor' options 2021-08-14 10:46:41 +02:00
Erik Arvstedt
e44f78ebb8
services: set isSystemUser for service users
'isSystemUser' has to be explicitly set in NixOS 21.05.
Previously, it was the implicit default.
2021-08-14 10:46:40 +02:00
Erik Arvstedt
0ef66c920b
treewide: use services.getty option
services.mingetty is equivalent but deprecated.
2021-08-14 10:46:40 +02:00
Erik Arvstedt
a25ceecca5
update to NixOS 21.05 2021-08-12 11:18:26 +02:00
Erik Arvstedt
b758150c9e
pinned: expose nixpkgsStable, nixpkgsUnstable
This allows accessing the pinned nixpkgs.
E.g., this is useful for comparing package versions between stable
and unstable.
2021-08-12 11:18:08 +02:00
Jonas Nick
1ecd9756f6
Merge fort-nix/nix-bitcoin#369: BTCPayServer L-BTC Support
54810ce1bf btcpayserver: add L-BTC support (nixbitcoin)
b24c14ec61 liquidd: make regtest capable (nixbitcoin)
b7225f5d11 update nixpkgs-unstable (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 54810ce1bf

Tree-SHA512: 363165d3b977cd4425191bce4246dd9e83daf914bf2adcaf3cf42d0c170f5730e7e79934a97e5f9c071d0f52bf9ee75a3aa710c4c52135ea58bcdd898babcc74
2021-08-10 12:23:46 +00:00
Jonas Nick
fb456f8847
Merge fort-nix/nix-bitcoin#368: joinmarket: 0.8.2 -> 0.8.3
881a3aa004 joinmarket: use preStart, postStart (Erik Arvstedt)
e2c6eb6681 joinmarket: create bitcoind wallet (nixbitcoin)
6258d64cb6 joinmarket: run with group 'bitcoin' (nixbitcoin)
ed480a35af joinmarket: 0.8.2 -> 0.8.3 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 881a3aa004

Tree-SHA512: 7ed7571d1aac5bbe9cb8c4092f3e6cd66f6ac299d7ed0631124ff10ad05adc3d026700ded130d3ff86048d3cd397915ec55ba4730949b478a02d5d0e10f85e04
2021-08-10 12:19:59 +00:00
Erik Arvstedt
881a3aa004
joinmarket: use preStart, postStart 2021-08-10 10:12:42 +00:00
nixbitcoin
e2c6eb6681
joinmarket: create bitcoind wallet
Starting with 0.21.0, bitcoin no longer automatically creates and loads
a default wallet.
This was being ignored because of a JoinMarket issue [1] in CI builds prior
to this version. Now a watch-only Bitcoin Core wallet is created in ExecStartPost.

[1] https://github.com/JoinMarket-Org/joinmarket-clientserver/issues/812
2021-08-10 10:12:37 +00:00
nixbitcoin
6258d64cb6
joinmarket: run with group 'bitcoin'
Don't copy bitcoin-rpcpassword-privileged as root, instead run service
with group "bitcoin".
Same effect, less complexity. Note, PoLP still obeyed for joinmarket-ob-watcher.
2021-08-10 10:12:33 +00:00