Erik Arvstedt
4cddf284e9
treewide: remove use of deprecated stdenv.lib
2021-03-22 14:39:32 +01:00
Erik Arvstedt
08fe9ba84a
services: add finer-grained address family restrictions
...
Due to a possible NixOS bug, this commit has no effect on NixOS 20.09
where `RestrictAddressFamilies` is a no-op.
It's only relevant for NixOS unstable with cgroups v2.
bitcoind+zmq: instead of allowing all address families, only add the required
AF_NETLINK family.
lnd: lnd only runs a zmq client, not a server, therefore it requires
no additional address families.
lightning-pool, clightning-plugin-zmq: add AF_NETLINK.
2021-03-22 14:35:29 +01:00
Erik Arvstedt
020433cec6
services: add helper fn setAllowedIPAddresses
...
Also use 'allowLocalIPAddresses' instead of 'allowTor' in bitcoind-import-banlist
which doesn't use Tor.
2021-03-22 13:20:45 +01:00
Erik Arvstedt
d214605b32
spark-wallet: add flakes compatibility
...
Pure flakes can't use NIX_PATH.
2021-03-16 12:46:19 +01:00
Erik Arvstedt
81db927f66
spark-wallet/generate: remove supplement.json
...
This file is empty and has no effect.
2021-03-16 12:46:19 +01:00
Jonas Nick
e017675d5e
krops: add package
2021-03-15 18:53:07 +01:00
Jonas Nick
b07185915a
Merge #331 : nixops: remove libvirtd plugin
...
f1064761d7
nixops: remove libvirtd plugin (nixbitcoin)
Pull request description:
ACKs for top commit:
jonasnick:
ACK f1064761d7
erikarvstedt:
ACK f1064761d7
Tree-SHA512: 66c8fc20c2f210d5d37025cc1772330354a6a8ecbdb1fb9e8fcd1391030485c936ab28647f739bd90b083d627602ade39a5575114d69db8e8d1375989d5cdd0e
2021-03-14 14:42:43 +00:00
Jonas Nick
1377cf5147
Merge #337 : joinmarket: 0.8.1 -> 0.8.2
...
5ead2a7075
joinmarket: 0.8.1 -> 0.8.2 (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 5ead2a7075
Tree-SHA512: 2ac87f74a1008c058adef81d11049d985a64f435d75ef61584e8debdcc985f78c1d43430c09ee71c247a93908a5ba3a1efdcf91b0666a84b3269509a99685343
2021-03-10 21:24:12 +00:00
nixbitcoin
5ead2a7075
joinmarket: 0.8.1 -> 0.8.2
...
- add SNICKER to default config
- update package
- ob-watcher: copy vendorized js and css dependencies
- add missing dependency to jmbase
- use cryptography from pinned.nixpkgs-unstable
2021-03-10 13:33:49 +00:00
nixbitcoin
6c9c820862
lightning-loop: 0.11.3-beta -> 0.12.0-beta
2021-03-07 18:28:08 +00:00
kon
eb21012745
pool: add pkg, module & tests
2021-03-01 10:59:35 +01:00
Jonas Nick
f214a703a5
Merge #332 : update nixpkgs-unstable
...
32acaa5f48
update nixpkgs-unstable (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 32acaa5f48
jonasnick:
ACK 32acaa5f48
Tree-SHA512: b688c81da82ef5166fc8074471187f72188b3fb5dc455a9b24c5e3497e3406898185acd2e551356af3300578b2b98eeabf22edcbb7614f02f6ca34afa05b05b0
2021-02-25 08:03:24 +00:00
nixbitcoin
32acaa5f48
update nixpkgs-unstable
...
btcpayserver: 1.0.5.9 -> 1.0.6.8
nbxplorer: 2.1.46 -> 2.1.49
2021-02-23 10:57:55 +00:00
nixbitcoin
eaa58505a7
electrs: v0.8.7 -> v0.8.8
2021-02-23 10:51:43 +00:00
nixbitcoin
f1064761d7
nixops: remove libvirtd plugin
...
Fix "Package 'libvirt-5.9.0' is marked as insecure, refusing to
evaluate."
2021-02-23 10:36:30 +00:00
nixbitcoin
42f7e9f874
joinmarket: 0.8.0-a5e8879 -> 0.8.1
...
- Update joinmarket package
- Revert unofficial release settings
- Move Yield Generator config to configFile
- Add new config option max_sweep_fee_change
2021-02-14 16:23:53 +00:00
Jonas Nick
1302f87c70
Merge #321 : Update nixpkgs
...
47e5442910
Update nixpkgs (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 47e5442910
Tree-SHA512: 4bbcd7711ca3fdf3b8cca36c22b60ceed79a965b3d844dffd44299357ddedd0522c1b5835c53ac0d07b8c0c9456b390d3414017b6d98c8eff469c0039114b471
2021-02-12 22:24:39 +00:00
nixbitcoin
47e5442910
Update nixpkgs
...
Includes CVE-2019-25016 patch
2021-02-12 09:59:55 +00:00
nixbitcoin
b6f6b5e372
lightning-loop: 0.11.2-beta -> 0.11.3-beta
2021-02-10 15:37:29 +00:00
Jonas Nick
f9683889d9
Merge #312 : Refactorings, cleanups
...
0a2c8e4864
run-tests: add option --copy-src (Erik Arvstedt)
803584a288
backups: don't use hardcoded secrets dir (Erik Arvstedt)
c29d44b49a
ci: use 'cachix watch-exec' (Erik Arvstedt)
6a32812412
services: add names for systemd helper scripts (Erik Arvstedt)
6982699613
services: use consistent layout (Erik Arvstedt)
a43534dda0
services: improve config file setup (Erik Arvstedt)
18f2002cf0
joinmarket-yieldgenerator: improve systemd journal output (Erik Arvstedt)
9d0b8c8f6f
joinmarket-ob-watcher: use DynamicUser (Erik Arvstedt)
e9c98f415c
joinmarket: explain need for tor control socket (Erik Arvstedt)
d9c87b6a8f
joinmarket: fix wallet creation (Erik Arvstedt)
7458350108
treewide: remove deprecated types.loaOf (Erik Arvstedt)
9cf038939c
treewide: use mkEnableOption (Erik Arvstedt)
7a97304f13
treewide: remove unit descriptions (Erik Arvstedt)
a942177ecf
treewide: remove user descriptions (Erik Arvstedt)
4f6ff408ef
treewide: remove unneeded string literals (Erik Arvstedt)
e6a6c721c1
treewide: streamline 'extraConfig' descriptions (Erik Arvstedt)
e774c045de
treewide: fix formatting (Erik Arvstedt)
0b5b29a2a3
netns-isolation: simplify permission definition for netns-exec (Erik Arvstedt)
a587a2b02a
defaultHardening: explain where @system-service is defined (Erik Arvstedt)
bb3a69797e
README: minor improvements (Erik Arvstedt)
13fc9dfabf
examples: improve introductory comments (Erik Arvstedt)
af2040f4c4
netns-isolation: use 'true' for systemd option (Erik Arvstedt)
c246bbb36e
bitcoind, clightning, lnd: improve descriptions (Erik Arvstedt)
7533f12ef1
bitcoind, clightning, run-tests: minor refactoring (Erik Arvstedt)
41fe9b0c1d
elementsd: minor refactoring (Erik Arvstedt)
f0850d3f23
btcpayserver: reorder config settings (Erik Arvstedt)
d1c0ea9f85
btcpayserver: add missing systemd postgresql dependency (Erik Arvstedt)
Pull request description:
ACKs for top commit:
jonasnick:
ACK 0a2c8e4864
Tree-SHA512: 5c81b36042fbb2f016c8e58ba9e05ef3389d5376b8df713d3258d2cd0b6a9239904531171aca8e49bea7039341d5fa91aa9474c6d98de849c25ede52deccc5a3
2021-02-08 20:32:03 +00:00
Erik Arvstedt
6a32812412
services: add names for systemd helper scripts
...
The systemd journal now shows a specific script name instead of
the generic name "script" before script output.
2021-02-07 22:45:36 +01:00
Jonas Nick
2ebd1129a5
Merge #317 : Pkg updates
...
a0f48c9de9
examples: fix deploy-container interactive flag (nixbitcoin)
a2f265cd35
secp256k1: move to top-level packages (Erik Arvstedt)
d41a843167
jmbitcoin: remove secp256k1 from propagatedBuildInputs (Erik Arvstedt)
c22adb03af
extra-container: 0.5 -> 0.6 (Erik Arvstedt)
Pull request description:
ACKs for top commit:
nixbitcoin:
ACK a0f48c9de9
jonasnick:
ACK a0f48c9de9
Tree-SHA512: 29fa58a960673df407831dd41594c66b26dad1de1e792f4fcc8e35641f39dd873d77b725651be5e01c875bf42284fa78903bab0ea677ec5a0e7eccf98816845d
2021-02-07 21:44:10 +00:00
Erik Arvstedt
4f6ff408ef
treewide: remove unneeded string literals
2021-02-07 22:41:29 +01:00
Erik Arvstedt
e774c045de
treewide: fix formatting
2021-02-07 22:40:10 +01:00
Erik Arvstedt
a587a2b02a
defaultHardening: explain where @system-service is defined
2021-02-07 22:39:06 +01:00
Erik Arvstedt
41fe9b0c1d
elementsd: minor refactoring
...
- Use pname
- urls -> url
2021-02-07 22:39:05 +01:00
Erik Arvstedt
a2f265cd35
secp256k1: move to top-level packages
...
Reason: secp256k1 is not a Python package.
2021-02-06 11:43:36 +01:00
Erik Arvstedt
d41a843167
jmbitcoin: remove secp256k1 from propagatedBuildInputs
...
Adding this input has no effect. jmbitcoin accesses secp256k1 via bitcointx.
2021-02-06 11:43:36 +01:00
Erik Arvstedt
c22adb03af
extra-container: 0.5 -> 0.6
2021-02-06 11:43:36 +01:00
nixbitcoin
ebd478fd0d
lnd: add option 'restOnionService'
2021-02-05 09:17:14 +01:00
Erik Arvstedt
a344ae95c9
move mkHiddenService to lib
2021-02-04 12:39:54 +00:00
Erik Arvstedt
a26ed03d77
rename nix-bitcoin-services.nix -> lib.nix
2021-02-04 12:39:48 +00:00
nixbitcoin
a33c678d3b
update nixpkgs-unstable
...
Includes c-lightning 0.9.3 and lnd 0.12.0-beta
2021-02-01 10:11:30 +00:00
Erik Arvstedt
8f9ea61d6e
update nixpkgs-unstable
...
- bitcoind 0.20.1 -> 0.21.0
Manually create a wallet in the backup test because bitcoind
does not create a default wallet anymore
- disable the failing elementsd build on unstable
2021-01-31 22:26:30 +01:00
Erik Arvstedt
05e5ec99ec
modules packages: build electrs, lightning-loop with nixpkgs stable
...
Building with nixBitcoinPkgsUnstable was only a temporary measure to
fix build errors on stable.
2021-01-30 11:38:47 +01:00
Jonas Nick
58a88619ae
Merge #306 : Update nixpkgs
...
f96591c030
Update nixpkgs (nixbitcoin)
Pull request description:
ACKs for top commit:
jonasnick:
ACK f96591c030
Tree-SHA512: 41e79c1660108a7f6d879a11eecdcfd01135079f664794c198eef08c542dd0e829a6033cfc0851d3d9d5fb0f154db7933efa11a3e3d808dd40ef6d89dee0c58a
2021-01-27 16:17:11 +00:00
nixbitcoin
f96591c030
Update nixpkgs
...
Includes CVE-2021-3156 patch
2021-01-27 15:15:47 +00:00
nixbitcoin
69da6f94f1
electrs: v0.8.6 -> v0.8.7
2021-01-20 13:20:18 +00:00
nixbitcoin
8c125ec48c
joinmarket-obwatcher: add pkg & module
2021-01-17 17:40:12 +00:00
Erik Arvstedt
915df059f4
joinmarket: 0.8.0-bcfa7eb -> 0.8.0-a5e8879
2021-01-17 17:40:01 +00:00
Erik Arvstedt
254246cf39
joinmarket: use installPhase
...
This simplifies the build.
2021-01-17 14:17:14 +01:00
Erik Arvstedt
55073eee70
remove nix-bitcoin.pkgs.lib
...
Type ipv4Address is not needed anymore because all services have
separate 'port' and 'address' options.
2021-01-14 13:25:05 +01:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module
2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module
2021-01-01 17:37:30 +00:00
nixbitcoin
9423eadcee
clboss: add pkg
2020-12-22 09:39:37 +00:00
Jonas Nick
7b32a78de2
Merge #284 : Fix containers
...
2bfb4efbd8
make-container: fix usage comment (Erik Arvstedt)
3403795c86
tests: add example scripts (Erik Arvstedt)
ff94985b8b
tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e
fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a
extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66
generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274
make-container: fix renamed variable (Erik Arvstedt)
Pull request description:
ACKs for top commit:
nixbitcoin:
ACK 2bfb4efbd8
jonasnick:
utACK 2bfb4efbd8
Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00
Erik Arvstedt
44b06aea5a
extra-container: 0.5-pre -> 0.5
2020-12-18 19:56:56 +01:00
Erik Arvstedt
a359cdfb66
generate-secrets: use pwgen
...
Password length and alphabet is unchanged, but the restriction to
include at least one numeric and one capital char has been removed.
This restriction is not needed by client applications,
adds code complexity, and even (insignificantly) reduces entropy.
Reason for switching to pwgen:
apg uses /dev/random instead of /dev/urandom which brings no security
benefits but can stall the generate-secrets script on low-entropy
devices due to blocking.
Since `security.rngd` has been disabled in NixOS 20.09, blocking
in generate-secrets can also appear on regular NixOS desktop systems.
2020-12-18 19:56:56 +01:00
nixbitcoin
fdfafb2f40
joinmarket: 0.7.4 -> 0.8.0-bcfa7eb
...
Update to 0.8.0 with hotfix for genwallet script
Includes module versioning error with migration instructions
2020-12-17 11:12:58 +00:00
nixbitcoin
c9657305e7
temp: modify get-sha256 for hotfix commit
2020-12-14 16:55:03 +00:00