Commit Graph

146 Commits

Author SHA1 Message Date
nixbitcoin
d0701f518c
joinmarket: automatically generate wallet 2020-09-22 13:50:49 +00:00
nixbitcoin
173891fa5b
joinmarket: add module 2020-09-22 13:50:37 +00:00
nixbitcoin
f00d1d24c5
joinmarket: add pkg and local dependencies 2020-09-22 13:43:08 +00:00
nixbitcoin
15b574faa7
nbxplorer/btcpayserver: add module 2020-09-15 12:09:12 +00:00
Calvin Kim
99295328b4
temp: mirror erikarvstedt btcpayserver 2020-09-15 12:08:51 +00:00
Jonas Nick
4bddeb13b1
Update nixpkgs
Includes update lnd 0.10.3 -> 0.11.0
2020-09-08 08:21:26 +00:00
nixbitcoin
e56d5365cb
loop: update 0.7.0 -> 0.8.1 2020-08-30 07:59:01 +00:00
Jonas Nick
1c31208078
Merge #229: Improve bitcoind RPC user config
9b6a3ec835 generate-secrets: extract fn 'makeHMAC' (Erik Arvstedt)
ca18ffb90a generate-secrets: fetch rpcauth.py from github (Erik Arvstedt)
4d6127bb76 bitcoind: clarify RPC whitelist test (Erik Arvstedt)
9d610991be bitcoind: remove custom rpc user names (Erik Arvstedt)
1408403dec bitcoind: clarify how bitcoin-cli RPC access is enabled (Erik Arvstedt)
4790c601a1 bitcoind: move rpc user config to bitcoind (Erik Arvstedt)
876cfadf1a bitcoind: add rpc user option 'passwordHMACFromFile' (Erik Arvstedt)
59434e79f0 bitcoind: simplify default rpc user name config (Erik Arvstedt)
205829b91f bitcoind: remove whitespace (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 9b6a3ec835
  jonasnick:
    concept ACK 9b6a3ec835

Tree-SHA512: ccb9a8d2dc1f360cc1f0bd77535fa8edfd9afec0a519719103fd059d5912a1ed4960c22ef14df616a731f6a88861fecb8d1653fb71c2288b851e4a02f9f49cb2
2020-08-29 20:06:53 +00:00
Erik Arvstedt
9b6a3ec835
generate-secrets: extract fn 'makeHMAC' 2020-08-27 12:20:06 +02:00
Erik Arvstedt
ca18ffb90a
generate-secrets: fetch rpcauth.py from github
No need to vendor this.
2020-08-27 12:20:06 +02:00
Jonas Nick
4d19fb7bf7
Merge #228: Update nixpkgs
52978b87fb Update nixpkgs (Jonas Nick)
6a2efccdf3 spark-wallet: 0.2.14 -> 0.2.16 (Jonas Nick)
438dde84fe Replace sks-keyservers.net with keyserver.ubuntu.com (Jonas Nick)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 52978b87fb

Tree-SHA512: b3f68865e2606760682e8fc1f6e637bfb38b382ea25cc67eff6402585b0f7118f132a5d9d7531c650d29d69c0b4eb8e277ad172038be73c4d34a9de678140844
2020-08-26 09:52:47 +00:00
Erik Arvstedt
ed73627e02
netns-exec: minor style fixes
- Use inline variable declarations
- Improve messages
- Fix naming: available -> allowed
- Simplify intro comment
2020-08-25 14:53:12 +02:00
Erik Arvstedt
91ebc2d517
netns-exec: simplify installation 2020-08-25 14:53:12 +02:00
Jonas Nick
52978b87fb
Update nixpkgs
Includes clightning 0.9.0
2020-08-25 12:41:29 +00:00
Jonas Nick
6a2efccdf3
spark-wallet: 0.2.14 -> 0.2.16
This will be required for clightning 0.9.0
2020-08-25 12:40:47 +00:00
Jonas Nick
438dde84fe
Replace sks-keyservers.net with keyserver.ubuntu.com
sks-keyservers fail most of the time.
2020-08-25 12:39:54 +00:00
Jonas Nick
322ba5bfff
Add nix-bitcoin.lib for utility functions and types 2020-08-20 21:31:24 +00:00
nixbitcoin
e4fb7a52de
backups: add module 2020-08-04 15:25:37 +00:00
Jonas Nick
0baeb2acce
Merge #209: Lightning loop
e9204946d4 lightning-loop: add tests (nixbitcoin)
491d83a658 lightning-loop: add module (nixbitcoin)
8f3588b13f lnd: higher attempt limit for less-powerful machines (nixbitcoin)
1bb801ad7b lightning-loop: add pkg (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e9204946d4

Tree-SHA512: cc8bb85978350dd530c3c8d2c9aca5ddc4ab1f72cdd27d031bb303eca1d9473f18e45bc119c62bb2991faa32b3e1d42e4439f02a56ab3a6b975b0bd491195604
2020-07-28 20:02:12 +00:00
nixbitcoin
1bb801ad7b
lightning-loop: add pkg 2020-07-28 15:55:48 +00:00
nixbitcoin
5a978a2836
bitcoind: switch from rpcpassword to rpcauth
Includes bitcoind's `share/rpcauth` to convert apg generated passwords
into salted HMAC-SHA-256 hashed passwords.
2020-07-28 14:32:47 +00:00
nixbitcoin
4dbc348921
electrs: remove TLSProxy
https://github.com/spesmilo/electrum/issues/5278 was resolved
2020-07-21 13:41:03 +00:00
nixbitcoin
c55296433d
lnd: add netns
- Adds lnd to netns-isolation.services
- Specifies listen option (defaults to localhost) as target of
  hiddenService.
- Amends hardcoded lnd ip to lnd-cert

WARNING: Breaking changes for lnd cert. lnd-key and lnd-cert will have
to be deleted and redeployed.
2020-07-21 09:38:35 +00:00
Jonas Nick
4a7199a3da
netns-exec: add c program to execute commands in netns
c program allows executing commands in nb-bitcoind, nb-lnd, nb-liquidd
(the netns's needed for operator cli scripts).
2020-07-21 09:38:16 +00:00
nixbitcoin
ae364a68ad
hwi: 1.0.3 -> 1.1.2
hidapi needed to be added as a custom dependency to be able to build
from unstable.
2020-07-19 13:52:46 +00:00
nixbitcoin
fe6e118bb3
elementsd: 0.18.1.3 -> 0.18.1.8
Also includes `get-sha256.sh` to easily determine verified sha256's
2020-07-19 12:15:39 +00:00
nixbitcoin
5ca58a2a26
nixpkgs: update stable and unstable
Includes bitcoin 0.20.0 and lnd 0.10.3
2020-07-19 12:15:33 +00:00
nixbitcoin
e81ccb6596
electrs: 0.8.3 -> 0.8.5 2020-07-07 10:54:40 +00:00
nixbitcoin
5d01ea7101
nodeinfo: Convert to module and allow alternative operator username
currently, nodeinfo has presets/secure-node.nix as a strict
dependency as it requires onion-chef and the 'operatorName' option.
and nix-bitcoin-webindex.nix has nodeinfo as a dependecy.

so don't add nodeinfo and webindex to modules.nix because they will fail on standalone use.
2020-05-19 11:13:24 +00:00
nixbitcoin
e67a818297
lightning-charge: 0.4.14 -> 0.4.19 2020-05-19 11:13:13 +00:00
Jonas Nick
041af87ec1
Update nixpkgs (lnd 0.10, clightning 0.8.2) 2020-05-14 22:16:41 +00:00
nixbitcoin
8b2ae9c1b7
spark-wallet: update 0.2.13 -> 0.2.14
Download shesek's github spark-npm.tgz, verify signature, unpack
spark-npm.tgz, patch package.json to include qrcode-terminal in
dependencies, run node2nix with tmpdir as local source, replace tmpdir
spark-wallet source with shesek's github spark-npm.tgz in
node-packages.nix.

spark-wallet: erikarvstedt fixups
2020-05-10 17:12:45 +02:00
Erik Arvstedt
2d3a1e839e
electrs: fix conditional cargoSha256 2020-05-03 18:32:56 +00:00
Jonas Nick
f5dbac318d
nixops: fix format exception from upstream nixops
Without this our nixops doesn't build
2020-05-03 18:32:56 +00:00
Jonas Nick
c03ad1ccfa
Update nixpkgs (stable 19.09 -> 20.03) 2020-05-03 18:32:56 +00:00
Jonas Nick
b7047c7286
HWI: allow building with unstable nixpkgs 2020-05-03 18:32:49 +00:00
nixbitcoin
1acb22a872
Get electrs source tarball with gpg verified sha256 and corresponding helper script
move script to pkg dir, add hint to script in pkg def

remove unneeded script deps

add extended bash error checking

rename DIR -> TMPDIR

remove TMPDIR on exit

strip whitespace, simplify comments

gpg2 -> gpg

latesttagelectrs -> latest

tmpdir: don't use XDG_RUNTIME_DIR

XDG_RUNTIME_DIR is often in RAM and shouldn't be used for larger
workloads like repo downlaods

verify fingerprint of the imported key

remove trailing '-' in output

simplify output

Hide --fetch-key output

Output is not relevant to user, looks better without it

More accurately describe ./get-sha256 function

User might think that ./get-sha256 automatically updates sha256 in default.nix

Fetch key from sks keyservers instead of keybase.io

Using --recv-key simplifies getting the right key, and only the
right key, greatly. I try to refrain from using sks keyservers,
but the certificate spamming attack shouldn't be an issue in this
case because we create a temporary keychain just for the
verificaiton.

remove unneeded cargoDepsHook

Make clang nativeBuildInput instead of buildInput
2020-04-26 17:02:14 +02:00
nixbitcoin
707b06aed1
Update pinned nixpkgs 2020-04-26 16:59:41 +02:00
Jonas Nick
aee39d6549
Merge #165: Electrs fixes
e95f5981aa Remove KN countrycode (nixbitcoin)
742aef1e0f Only set dataDirReadableByGroup if cfg.high-memory is enabled (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e95f5981aa

Tree-SHA512: e8253b934211e6fc6be11917f8acb05a05e390caafdf86f90670f9299d9c0d98596758ff021c65aae199c9a5a3f86f87854e1b8f50a53bab8ad28d9a7003d98e
2020-04-25 18:58:53 +00:00
William Casarin
47b2b110cc pinned: make it easy to use pinned packages
It appears the pinned attrset is a bit adhoc. This generalizes
pinned.nix so that you can do:

  $ nix build -f . pinned.stable.hwi
  $ nix build -f . pinned.unstable.hwi

etc

Signed-off-by: William Casarin <jb55@jb55.com>
2020-04-24 16:58:00 -07:00
nixbitcoin
e95f5981aa
Remove KN countrycode 2020-04-24 16:27:48 +02:00
nixbitcoin
89dc836f94
Update spark-wallet 0.2.12 -> 0.2.13 2020-04-17 14:13:04 +02:00
Erik Arvstedt
041ec55794
nixops: build with pinned nixpkgs 2020-04-08 17:29:50 +02:00
Jonas Nick
9239268ab6
Merge #136: Change the nix-bitcoin deployment from forking this repo to importing the module
b2e15c17b8 docs: Update to new deployment method (import instead of fork) (Jonas Nick)
5ed0284db9 Add fetch-release script (Jonas Nick)
c303cd47e4 Add push-release.sh helper (Jonas Nick)
705d187a35 examples/shell.nix: don't run shellHook on subsequent nix-shells (Erik Arvstedt)
65039be656 docs: Remove duplicate instructions (Jonas Nick)
455c5664c9 docs: Replace tabs with spaces (Jonas Nick)
8aa4714979 docs: Update NixOS version (Jonas Nick)
9df22a2764 add deploy-qemu-vm.sh example (Erik Arvstedt)
548ced1994 README: Add Example section (Jonas Nick)
44ccbb91d0 Clean up development shell.nix (Jonas Nick)
abcee651d3 add deploy-container.sh (Erik Arvstedt)
5dadea310c add deploy-nixops.sh (Erik Arvstedt)
0c74c365de mention performance loss with hardened kernel profile (Erik Arvstedt)
f3121892ef move main module import to configuration.nix (Erik Arvstedt)
0c0978c007 extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' (Erik Arvstedt)
87d0286498 Change the nix-bitcoin deployment from forking this repo to importing the module (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 18e8b71f42715c5e82e2dafde9dcc965594d76aacc6be7ee2ec746a9510065749cc65331687a57d7140f45779c3b7867f6260ec224d361fb5a477062a27d6e4c
2020-04-08 15:03:08 +00:00
Erik Arvstedt
3a606608fb
remove custom no-upnp bitcoind builds
Disabling upnp via compilation brings no substantial security benefits.
There's no way to inadvertently enable upnp, it must be set explicitly
via bitcoind.extraConfig.

But it's a huge hassle for new users who have to recompile bitcoind
before being able to use nix-bitcoin.

Also, elementsd is currently built with upnp support by default.
2020-03-26 10:14:03 +01:00
Erik Arvstedt
5dadea310c
add deploy-nixops.sh 2020-03-24 21:43:22 +00:00
Jonas Nick
28cf7ebe74
Add nixops19_09 to default pkgs.
It's helpful to be able to use this packages when importing nix-bitcoin.
2020-03-08 14:00:23 +00:00
Erik Arvstedt
f30aadbef2
electrs: enable unstable build, pin pkg to unstable
stable's buildRustPackage is painfully slow when evaluating (adds >1 sec
even on a fast machine).

This is fixed (https://github.com/NixOS/nixpkgs/pull/69274) in unstable.
2020-03-04 18:09:50 +01:00
Erik Arvstedt
5c6571654e
electrs: 0.7.1 -> 0.8.3
Use buildRustPackage instead of buildRustCrate (via crate2nix).

buildRustPackage builds the whole executable and its libraries in a
single `cargo build` process.

With the create2nix approach each library is built in a separate derivation,
directly using rustc instead of the cargo wrapper.

Benefits of buildRustPackage:
- Much simpler to maintain
- Package derivation evaluates much faster

Benefits of crate2nix:
- Build can be distributed over multiple build hosts
- Better sharing of common dependencies between different builds
- More fine-grained rebuilding on build failures

In nixpkgs buildRustPackage is used for almost all Rust pkgs, it's
also a better fit for our use case.
2020-03-04 18:09:50 +01:00
Erik Arvstedt
cce9932b62
make pinned pkgs accessible through pkgs/default.nix
Useful for developing and for importing pinned pkgs via config.nix.
2020-03-04 18:09:48 +01:00