Erik Arvstedt
bceaa361ca
operator: allow reading systemd journal
2020-04-09 11:02:06 +02:00
Erik Arvstedt
145961c2de
fix operator authorized keys setup
...
This fixes these flaws in `copy-root-authorized-keys`:
- When `.vbox-nixops-client-key` is missing, operator's authorized_keys
file is always appended to, growing the file indefinitely.
- Service is always added and not restricted to nixops-vbox deployments.
2020-04-09 11:02:06 +02:00
Jonas Nick
d7d7070e8c
Merge #155 : nixops: build with pinned nixpkgs
...
041ec55794041ec55794
2020-04-08 18:48:06 +00:00
Erik Arvstedt
37b2faf63c
move systemPackages definitions to services
...
These are generally useful and shouldn't be limited to secure-node.nix.
Also, only add the hardware-wallets group when hardware wallets are enabled.
2020-04-08 17:35:14 +02:00
Erik Arvstedt
6c22e13b7f
copy-root-authorized-keys: use inline script definition
2020-04-08 17:35:14 +02:00
Erik Arvstedt
63c6fe3213
fixup! use '' for multi-line string
2020-04-08 17:35:14 +02:00
Erik Arvstedt
ab617946a9
extract variable 'cfg'
2020-04-08 17:35:13 +02:00
Erik Arvstedt
36c84d8360
add option clightning.onionport
...
Analogous to electrs.onionport
2020-04-08 17:35:13 +02:00
Erik Arvstedt
681dbaf328
move electrs.onionport option
...
Only used in secure-node.nix
2020-04-08 17:35:13 +02:00
Erik Arvstedt
74fbfa3a5d
use lib.optionals
2020-04-08 17:35:13 +02:00
Erik Arvstedt
ec6d33fbb6
rearrange code sections
...
Move services to the top, operator account setup to the bottom.
2020-04-08 17:35:13 +02:00
Erik Arvstedt
e16ddc9c77
extract 'mkHiddenService'
...
toPort equals port by default.
2020-04-08 17:35:13 +02:00
Erik Arvstedt
89d3d58850
use mkIf
2020-04-08 17:35:13 +02:00
Erik Arvstedt
85e52a06cb
improve grouping of suboptions
2020-04-08 17:35:12 +02:00
Erik Arvstedt
1a63f0ca6a
remove option 'services.nix-bitcoin.enable'
...
Users can enable the node config just by importing secure-node.nix
2020-04-08 17:35:12 +02:00
Erik Arvstedt
0f8b2e91fd
add nix-bitcoin.nix for backwards compatibility
2020-04-08 17:35:12 +02:00
Erik Arvstedt
28792f79dc
rename nix-bitcoin.nix -> presets/secure-node.nix
2020-04-08 17:35:12 +02:00
Erik Arvstedt
041ec55794
nixops: build with pinned nixpkgs
2020-04-08 17:29:50 +02:00
Jonas Nick
0c4ba43ee8
Merge #149 : docs: update nix installation instructions
...
0ac7b1660b
2020-04-08 15:11:45 +00:00
Jonas Nick
0ac7b1660b
docs: update nix installation instructions
2020-04-08 15:10:34 +00:00
Jonas Nick
9239268ab6
Merge #136 : Change the nix-bitcoin deployment from forking this repo to importing the module
...
b2e15c17b85ed0284db9c303cd47e4705d187a3565039be656455c5664c98aa47149799df22a2764548ced199444ccbb91d0abcee651d35dadea310c0c74c365def3121892ef0c0978c00787d0286498
2020-04-08 15:03:08 +00:00
Jonas Nick
b2e15c17b8
docs: Update to new deployment method (import instead of fork)
...
Now you clone nix-bitcoin and start out from the examples.
2020-04-08 07:01:39 +00:00
Jonas Nick
5ed0284db9
Add fetch-release script
...
This allows getting the hash of the latest (or some other) release
using github releases and gpg verification.
2020-04-08 07:01:35 +00:00
Jonas Nick
b9fbb144ca
Merge #151 : readme: add travis badge
...
334e30a291334e30a291
2020-04-06 20:03:12 +00:00
William Casarin
334e30a291
readme: add travis badge
...
Signed-off-by: William Casarin <jb55@jb55.com>
2020-04-04 15:00:11 -07:00
Jonas Nick
6ec8b1d2a3
Merge #148 : Misc. fixes
...
e398674964b07c77f4a4e398674964
2020-03-30 20:33:12 +00:00
Jonas Nick
83e2437399
Merge #147 : remove custom no-upnp bitcoind builds
...
3a606608fb3a606608fb
2020-03-30 20:28:46 +00:00
Jonas Nick
c303cd47e4
Add push-release.sh helper
...
Prepares, signs and pushes a release to github.
2020-03-30 11:01:31 +02:00
Erik Arvstedt
705d187a35
examples/shell.nix: don't run shellHook on subsequent nix-shells
...
This avoids an extra delay and the unexpected creation of secrets when
run in another dir.
Needed for the 'fetch-release' script introduced in a later commit.
2020-03-30 11:00:31 +02:00
Jonas Nick
65039be656
docs: Remove duplicate instructions
2020-03-30 10:57:01 +02:00
Jonas Nick
455c5664c9
docs: Replace tabs with spaces
2020-03-30 10:57:01 +02:00
Jonas Nick
8aa4714979
docs: Update NixOS version
2020-03-30 10:57:00 +02:00
Erik Arvstedt
9df22a2764
add deploy-qemu-vm.sh example
2020-03-30 10:56:57 +02:00
Jonas Nick
548ced1994
README: Add Example section
2020-03-30 10:55:50 +02:00
Jonas Nick
44ccbb91d0
Clean up development shell.nix
2020-03-30 10:49:15 +02:00
Erik Arvstedt
abcee651d3
add deploy-container.sh
2020-03-30 10:49:15 +02:00
Erik Arvstedt
e398674964
run-tests.sh: fix leaking tmp files outside TMPDIR
...
- Move vm image (NIX_DISK_IMAGE) from $TMP to $TMPDIR
- Set $PWD
Also:
- Simplify mktemp command
- USE_TMPDIR=1: Don't create extra dir inside $TMPDIR
2020-03-29 18:51:35 +02:00
Erik Arvstedt
b07c77f4a4
secrets.nix: remove obsolete comment
2020-03-29 18:51:34 +02:00
Erik Arvstedt
3a606608fb
remove custom no-upnp bitcoind builds
...
Disabling upnp via compilation brings no substantial security benefits.
There's no way to inadvertently enable upnp, it must be set explicitly
via bitcoind.extraConfig.
But it's a huge hassle for new users who have to recompile bitcoind
before being able to use nix-bitcoin.
Also, elementsd is currently built with upnp support by default.
2020-03-26 10:14:03 +01:00
Erik Arvstedt
5dadea310c
add deploy-nixops.sh
2020-03-24 21:43:22 +00:00
Erik Arvstedt
0c74c365de
mention performance loss with hardened kernel profile
2020-03-24 21:43:22 +00:00
Erik Arvstedt
f3121892ef
move main module import to configuration.nix
2020-03-24 21:43:21 +00:00
Erik Arvstedt
0c0978c007
extract module 'deployment/nixops.nix', add option 'deployment.secretsDir'
2020-03-24 21:43:21 +00:00
Jonas Nick
87d0286498
Change the nix-bitcoin deployment from forking this repo to importing the module
...
Instead of forking this repo, it is now recommended that users simply import the
nix-bitcoin module. This commit adds an example directory that contains the
network/ examples and a shell.nix for deployment with nixops.
2020-03-24 21:43:17 +00:00
Jonas Nick
2d51c722cc
Merge #146 : lnd: add package option
...
106dcacb61
2020-03-09 09:04:17 +00:00
Jonas Nick
106dcacb61
lnd: add package option
2020-03-09 08:22:00 +00:00
Jonas Nick
3158e39009
Merge #137 : Add nixops19_09 to default pkgs.
...
28cf7ebe74
2020-03-08 14:07:04 +00:00
Jonas Nick
28cf7ebe74
Add nixops19_09 to default pkgs.
...
It's helpful to be able to use this packages when importing nix-bitcoin.
2020-03-08 14:00:23 +00:00
Jonas Nick
d62dac450a
Merge #144 : Electrs fixes
...
5596bcf4fbc4cf323873e731d712321e62456ed10be67c325e48be5a79fab75b2a1626fa3455d01ff30aadbef25c6571654e47481b26428fb33d109945ba1f1fb388080a58bf301bb91ae593fd2329b8acde24ce43148327326bcce9932b625596bcf4fb
2020-03-04 21:03:48 +00:00
Erik Arvstedt
5596bcf4fb
bitcoind: set default rpcuser
...
We're already setting a default rpcpassword, so we should set an
accompanying rpcuser so that rpc clients like electrs work out of the box.
2020-03-04 18:09:52 +01:00
