Commit Graph

1703 Commits

Author SHA1 Message Date
Jonas Nick
3ba5888268
Merge #264: Fix containers for nixpkgs 20.09
f1681f5b45 add option nix-bitcoin.pkgs, remove overlay (Erik Arvstedt)
b1a5f5e7b9 don't add service-only pkgs to systemPackages (Erik Arvstedt)
e39ad358a4 lnd: remove unused bitcoind from PATH (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f1681f5b45

Tree-SHA512: 1f55b015da3ab9696b6503b37bcf282e0c2776ea81117881e1b91d4807c4741c8fa9d0258d5e3fcd162b46836b245cf6f19ac8c0ca01481488de04df8eb39f96
2020-11-11 20:47:30 +00:00
Erik Arvstedt
f1681f5b45
add option nix-bitcoin.pkgs, remove overlay
This works around a nixpkgs bug where overlays are ignored in containers.
2020-11-09 22:10:07 +01:00
Erik Arvstedt
b1a5f5e7b9
don't add service-only pkgs to systemPackages
These packages are not useful in shell environemnts.
2020-11-09 22:10:07 +01:00
Erik Arvstedt
e39ad358a4
lnd: remove unused bitcoind from PATH 2020-11-09 22:10:07 +01:00
Jonas Nick
eda6dcfde3
Merge #263: Update nixpkgs (stable 20.03 -> 20.09)
a36957203c Update nixpkgs (stable 20.03 -> 20.09) (Jonas Nick)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK a36957203c

Tree-SHA512: 3d30b4d44745453d3984da888a63cf3544b948d79d73fec38a40ec39f81567b89c8fb58e356ebcc2a0349535ba1df56afaaa053b90ae13e3c8b6e62146bfcfd1
2020-11-09 07:12:43 +00:00
Jonas Nick
a36957203c
Update nixpkgs (stable 20.03 -> 20.09) 2020-11-08 20:37:16 +00:00
Jonas Nick
4e8b9f2989
Merge #258: joinmarket 0.7.0 -> 0.7.2 & lightning-loop 0.10.0-beta -> 0.11.0-beta
546053511b lightning-loop: 0.10.0-beta -> 0.11.0-beta (nixbitcoin)
f2faf708fb test: update joinmarket query strings (nixbitcoin)
59e128a994 joinmarket: add payjoin configuration (nixbitcoin)
f29f04c0c4 secure-node: LND no longer requires ControlPort (nixbitcoin)
d4c0653c64 joinmarket: 0.7.0 -> 0.7.2 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 546053511b

Tree-SHA512: b95742cba407725c95c240fb59b1a03dc27477c1d71e37b6e02847bb747e6cc7d51bb0960b299a1783ca5364706b0f2e6137aa4ab746a37c573196b0f22b551c
2020-11-06 12:17:18 +00:00
nixbitcoin
546053511b
lightning-loop: 0.10.0-beta -> 0.11.0-beta 2020-11-06 08:51:30 +00:00
nixbitcoin
f2faf708fb
test: update joinmarket query strings
JoinMarket changed message strings in
a2aafd254d and removed P2EPDaemonServerProtocolFactory in v0.7.1
2020-11-06 08:51:27 +00:00
nixbitcoin
59e128a994
joinmarket: add payjoin configuration 2020-11-06 08:51:25 +00:00
nixbitcoin
f29f04c0c4
secure-node: LND no longer requires ControlPort
Onion service is now generated through mkHiddenService function.
2020-11-06 08:51:23 +00:00
nixbitcoin
d4c0653c64
joinmarket: 0.7.0 -> 0.7.2 2020-11-06 08:51:15 +00:00
Jonas Nick
75bbd4d4a6
Merge #261: Fix netns restart
0972af55f1 netns: fix setup service restarts (Erik Arvstedt)
63a464431b netns: fail when netns already exists (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    utACK 0972af55f1

Tree-SHA512: 0923d26c144eb19a11ec4c1f0cd512bb7a70b12c9b73c787f4af476c95c91ea012ff593d2b59e1ccea34193c6995ba60783049c5086ab286b323460905ca62e7
2020-11-04 13:29:53 +00:00
Erik Arvstedt
0972af55f1
netns: fix setup service restarts 2020-11-03 21:55:13 +01:00
Erik Arvstedt
63a464431b
netns: fail when netns already exists
Under normal circumstances, service-specific netns should never exist
before the netns setup service starts.
An existing netns is a genuine error that should not be silently ignored.
2020-11-03 21:55:13 +01:00
Jonas Nick
dbad828851
Merge #255: Improve netns-isolation and Tor config
b4b607dfa5 netns: simplify firewall setup (Erik Arvstedt)
25639cec42 netns: fix error msg when starting netns (Erik Arvstedt)
67068afd6b netns: fix error when stopping netns (Erik Arvstedt)
4ff88efc50 netns: add address binding test (Erik Arvstedt)
8da01fe8a6 lightning-loop: allow RPC access from main netns (Erik Arvstedt)
d76b080b74 lightning-loop: add RPC and REST server options (Erik Arvstedt)
9ddf7864a4 lightning-loop regtest: fix incorrectly succeeding test (Erik Arvstedt)
e66636ef0e liquidd: use type str for rpcbind (Erik Arvstedt)
de23fdd377 lnd: use type str for rpclisten, restlisten (Erik Arvstedt)
8b053326cc bitcoind: use type str for rpcbind (Erik Arvstedt)
6903e8afcc netns-liquidd: allow RPC access from main netns (Erik Arvstedt)
82f4901880 netns-lnd: allow RPC access from main netns (Erik Arvstedt)
58d24e735d netns-bitcoind: allow RPC access from main netns (Erik Arvstedt)
0e2ff948d3 test: add scenario 'netnsRegtest' (Erik Arvstedt)
e0675cb256 move enforceTor logic to service modules (Erik Arvstedt)
0cc8caa737 lnd: only set tor.active on enforceTor (Erik Arvstedt)
9a931483b9 netns test: remove strict dependency on clightning, electrs (Erik Arvstedt)
bae1b7f413 netns test: improve ping test (Erik Arvstedt)
5e0e16529c netns: fix default addressblock value type (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b4b607dfa5
  nixbitcoin:
    ACK b4b607dfa5

Tree-SHA512: b290831d9a3fa4de56b0f19cf84a1998e830aa844532d7cba8cd8227c785a23bfa1514123a974652e8e61060e1297b6bfbcff9640580206a04c5292309b1daef
2020-11-02 16:11:34 +00:00
Erik Arvstedt
b4b607dfa5
netns: simplify firewall setup 2020-10-29 22:36:20 +01:00
Erik Arvstedt
25639cec42
netns: fix error msg when starting netns
Previously, the failing initial `netns delete` resulted in a
"Cannot remove namespace file ..." error visible in the journal
and status output.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
67068afd6b
netns: fix error when stopping netns
A short time after `netns delete` finishes, the peer link in the main
netns is automatically removed.
When `link del` is run before that, it fails with
`Cannot find device "nb-veth-br-*"` and the netns service enters a failed state.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
4ff88efc50
netns: add address binding test
Proposed by Jonas Nick.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
8da01fe8a6
lightning-loop: allow RPC access from main netns
Note that this also exposes the REST server, which is secured by
macaroon auth like the RPC server.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
d76b080b74
lightning-loop: add RPC and REST server options 2020-10-29 21:21:29 +01:00
Erik Arvstedt
9ddf7864a4
lightning-loop regtest: fix incorrectly succeeding test
When 'loop getparams' fails, jq gets no stdin and exits with code 0.
Because -o pipefail is not enabled in the testing shell, the whole test
command succeeds, although it should fail.

Just test "loop getparams" instead and ignore its output.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
e66636ef0e
liquidd: use type str for rpcbind 2020-10-29 21:21:29 +01:00
Erik Arvstedt
de23fdd377
lnd: use type str for rpclisten, restlisten 2020-10-29 21:21:28 +01:00
Erik Arvstedt
8b053326cc
bitcoind: use type str for rpcbind
Extra RPC bind addresses can still be added via extraConfig.
2020-10-29 21:21:28 +01:00
Erik Arvstedt
6903e8afcc
netns-liquidd: allow RPC access from main netns 2020-10-29 21:21:28 +01:00
Erik Arvstedt
82f4901880
netns-lnd: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
58d24e735d
netns-bitcoind: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
0e2ff948d3
test: add scenario 'netnsRegtest'
The 'basic' test command now cover regtest mode and using nix-bitcoin without
the secure-node preset.
2020-10-29 21:21:27 +01:00
Erik Arvstedt
e0675cb256
move enforceTor logic to service modules
This enables tor support for services without using secure-node.nix
2020-10-29 21:21:27 +01:00
Erik Arvstedt
0cc8caa737
lnd: only set tor.active on enforceTor
This also enables the test scenario 'netnsRegtest' introduced in a
later commit by fixing the following bug:
For unknown reasons, when tor.active=true and tor is not running, lnd
fails with a tor connection error on netns-isolation, but runs fine
without netns-isolation.
2020-10-29 21:21:26 +01:00
Erik Arvstedt
9a931483b9
netns test: remove strict dependency on clightning, electrs
This allows the netns test to be run with a reduced service set for debugging.
2020-10-29 21:21:26 +01:00
Erik Arvstedt
bae1b7f413
netns test: improve ping test
- Use fping for pinging multiple hosts in parallel.
  Significantly improves test runtime:
  >13 s -> ~200 ms for the negative ping tests.
- Only test network namespaces that are enabled.
  This allows running the netns test with a reduced service set for debugging.
- Remove deprecated services, instead add btcpayserver, spark-wallet
2020-10-29 21:21:26 +01:00
Jonas Nick
c0d04b9081
Merge #257: generate-secrets: always run with Bash, stop on errors
2a9b918f72 generate-secrets: always run with Bash, stop on errors (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 2a9b918f72

Tree-SHA512: 9993f6b1880dabfed60f6ef9e4827c8d1a465572571e353bc81936ebd40f99c8e554a7c7f1b821d16f3dda31aa229d71e3307cad42b0a79d142ff6acc8d4959c
2020-10-24 15:03:07 +00:00
Erik Arvstedt
2a9b918f72
generate-secrets: always run with Bash, stop on errors 2020-10-23 10:54:15 +02:00
Erik Arvstedt
5e0e16529c
netns: fix default addressblock value type
Also remove redundant definition in secure-node.nix
2020-10-20 18:21:37 +02:00
Jonas Nick
5ec9ea1f6d
Merge #250: Improve examples
b574cb097f examples: add deploy-container-minimal.sh (Erik Arvstedt)
e6340426c1 deploy-container.sh: fix sudo (Erik Arvstedt)
c19f7ebb01 examples: add option --interactive|-i (Erik Arvstedt)
33ff8d82be examples: fix running outside of examples dir (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK b574cb097f

Tree-SHA512: 1cf73206af950b157c87476a205e035311416ebb801f90f573868a8c0b8437f900e8b5b85e45e3bacbd3235972b4d3d311de394c63dd93fe4c222919d3364851
2020-10-20 11:18:43 +00:00
Jonas Nick
6933b0ef47
Merge #251: Services: Auto-enable dependencies
67e49fe415 services: auto-enable dependencies (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 67e49fe415

Tree-SHA512: 6e0f2e2ca4acdb7c5edd41eb3b56a9e95fc6d2ea9cfd08c1142429f88455c9d771f2f2be6339336448a289632f9768c4ae8f6c307038c5aa69c48b303043dda0
2020-10-20 11:17:10 +00:00
Erik Arvstedt
b574cb097f
examples: add deploy-container-minimal.sh 2020-10-20 12:35:23 +02:00
Jonas Nick
d4256f79b7
Merge #252: nix-bitcoin pkg updates
e61d7b1d46 test: improve lightning-loop regtest (Erik Arvstedt)
486f385fdd lightning-loop: 0.9.0 -> 0.10.0 (nixbitcoin)
480df0dd65 elementsd: 0.18.1.8 -> 0.18.1.9 (nixbitcoin)
1f2f910774 spark-wallet: 0.2.16 -> 0.2.17 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK e61d7b1d46

Tree-SHA512: 6af29a4f77c096a2628cfd69cdf26f02f37650ce37fb210ab36fc9884fa7b77972816550be99140fba8dd161a38ac53270d986c4f9870b4172047854c69c1e13
2020-10-20 09:43:55 +00:00
Jonas Nick
36935291ff
Merge #254: shell.nix: fix failing generate-secrets
d2dbad256f shell.nix: fix failing generate-secrets (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK d2dbad256f

Tree-SHA512: 7cf29fa9a658d12ad3aec00cc8f38660623e00950eebad92cef8ec4a28180eebfd0dfb1a56cdcd15389f31c4ce15302c241ac9aaba11267b8da0cd842a5701e2
2020-10-20 07:41:39 +00:00
Erik Arvstedt
67e49fe415
services: auto-enable dependencies 2020-10-19 14:55:59 +02:00
Erik Arvstedt
d2dbad256f
shell.nix: fix failing generate-secrets
generate-secrets failed due to the `PYTHONPATH` env var that was set
through the nixops19_09 buildInput.

Fixes:
- Don't pull in the build environments of binaries that should be
  available in PATH. Only extend PATH instead.
- Run generate-secrets in an empty environment
2020-10-19 11:35:32 +02:00
Erik Arvstedt
e61d7b1d46
test: improve lightning-loop regtest 2020-10-19 08:59:26 +00:00
nixbitcoin
486f385fdd
lightning-loop: 0.9.0 -> 0.10.0
Includes macaroon authentication
2020-10-19 08:59:14 +00:00
nixbitcoin
480df0dd65
elementsd: 0.18.1.8 -> 0.18.1.9 2020-10-18 16:00:08 +00:00
nixbitcoin
1f2f910774
spark-wallet: 0.2.16 -> 0.2.17 2020-10-18 16:00:06 +00:00
Erik Arvstedt
e6340426c1
deploy-container.sh: fix sudo
The 'echo sudo' approach used previously failed when PATH or
NIX_PATH contains spaces. Exec the script with sudo instead.
2020-10-18 13:42:58 +02:00
Erik Arvstedt
c19f7ebb01
examples: add option --interactive|-i 2020-10-18 13:42:58 +02:00