08c8f70ebe
a2454975a58ce3d3773f4ec5b2c0cd50738cbcac doas: fix recursive calls to doas (Erik Arvstedt)
7c876664b1cc40ab4046c37cbd726744b2b3d8df netns test: update matching of 'capsh' output (Erik Arvstedt)
308a11f22b0f544457afd9e04d18bf79ccc033ee tests: avoid postgresql timeout failures on CI nodes (Erik Arvstedt)
01804e6dfb1ec3a18ee281390866262ea351be46 tests: improve test script formatting (Erik Arvstedt)
1be924529d24c86d8b2b7f0d00e116ee6f3b093e tests: adapt to new linter (Erik Arvstedt)
c1c663d0a90270618bcd36bb092d24773a63e8d6 tests: fix formatting (Erik Arvstedt)
c4c2b03e190c7e672c56fe7d9c43c73038992cb6 extra-container: 0.6 -> 0.7 (Erik Arvstedt)
161baa7e68dac7ce5129d30de9ecd9fc85c3219b joinmarket-ob-watcher: allow required 'mbind' system call (Erik Arvstedt)
ca64a4a64f9fba2cddde9fb40f7040e65f5045d7 clightning-plugins.prometheus: use current nixpkgs version of prometheus-client (Erik Arvstedt)
3aab1fc26736d6c711aae642fd2175296d14f5ac spark-wallet: update to new node-env (Erik Arvstedt)
a0e5894f1f2f6514cfda5c8fa434efccada4254b backups: remove illegal option definition (Erik Arvstedt)
35fe939cf8698da725af77a3b21078f42041c8a2 security: update /proc restriction mechanism (Erik Arvstedt)
178a0dcf8f0849a774ff4f08cac282151aa5fb33 services: use new 'tor' options (Erik Arvstedt)
e44f78ebb81af1dd97e212bd24799e59bf46006b services: set isSystemUser for service users (Erik Arvstedt)
0ef66c920b91ab850ce3163a275c74c453f1662d treewide: use services.getty option (Erik Arvstedt)
a25ceecca5b65fcd57dabc66ca2c858c19512d47 update to NixOS 21.05 (Erik Arvstedt)
b758150c9e53330134efef535bcbc5b85e9910a6 pinned: expose nixpkgsStable, nixpkgsUnstable (Erik Arvstedt)
Pull request description:
ACKs for top commit:
jonasnick:
ACK a2454975a58ce3d3773f4ec5b2c0cd50738cbcac
Tree-SHA512: a8a25c25d835662ec63c3a042eb237d29b857b2030d9023a8b4ead94e03a4f9dffe2d6616e2a286800e40288985e5db3a55056d6b45d8984161b9a19aba28a60
nix-bitcoin is a collection of Nix packages and NixOS modules for easily installing full-featured Bitcoin nodes with an emphasis on security.
Overview
A Bitcoin node verifies the Bitcoin protocol and provides ways of interacting with the Bitcoin network. nix-bitcoin nodes are used for a variety of purposes and can serve as personal or merchant wallets, second layer public infrastructure and as backends for Bitcoin applications. In all cases, the aim is to provide security and privacy by default. However, while nix-bitcoin is used in production today, it is still considered experimental.
A full installation of nix-bitcoin is usually deployed either on a dedicated (virtual) machine or runs in a container and is online 24/7. Alternatively, the Nix packages, NixOS modules and configurations can be used independently and combined freely.
nix-bitcoin is built on top of Nix and NixOS which provide powerful abstractions to keep it highly customizable and maintainable. Testament to this are nix-bitcoin's robust security features and its potent test framework. However, running nix-bitcoin does not require any previous experience with the Nix ecosystem.
Examples
See here for examples.
Features
A configuration preset for setting up a secure node
- All applications use Tor for outbound connections and support accepting inbound connections via onion services.
NixOS modules
- Application services
- bitcoind, with a default banlist against spy nodes
- clightning with support for announcing an onion service
Available plugins:- clboss: automated C-Lightning Node Manager
- helpme: walks you through setting up a fresh c-lightning node
- monitor: helps you analyze the health of your peers and channels
- prometheus: lightning node exporter for the prometheus timeseries server
- rebalance: keeps your channels balanced
- summary: print a nice summary of the node status
- zmq: publishes notifications via ZeroMQ to configured endpoints
- lnd with support for announcing an onion service
- Lightning Loop
- Lightning Pool
- charge-lnd: policy-based channel fee manager
- lndconnect via a REST onion service
- spark-wallet
- electrs
- btcpayserver
- liquid
- JoinMarket
- recurring-donations: for periodic lightning payments
- bitcoin-core-hwi
- Helper
- netns-isolation: isolates applications on the network-level via network namespaces
- nodeinfo: script which prints info about the node's services
- backups: duplicity backups of all your node's important files
- operator: adds non-root user
operatorwho has access to client tools (e.g.bitcoin-cli,lightning-cli)
Security
- Simplicity: Only services you select in
configuration.nixand their dependencies are installed, packages and dependencies are pinned, support for doas (sudo alternative), most packages are built from the NixOS stable channel, with a few exceptions that are built from the nixpkgs unstable channel, builds happen in a sandboxed environment, code is continuously reviewed and refined. - Integrity: Nix package manager, NixOS and packages can be built from source to reduce reliance on binary caches, nix-bitcoin merge commits are signed, all commits are approved by multiple nix-bitcoin developers, upstream packages are cryptographically verified where possible, we use this software ourselves.
- Principle of Least Privilege: Services operate with least privileges; they each have their own user and are restricted further with systemd options, RPC whitelisting, and netns-isolation. There's a non-root user operator to interact with the various services.
- Defense-in-depth: nix-bitcoin is built with a hardened kernel by default, services are confined through discretionary access control, Linux namespaces, dbus firewall and seccomp-bpf with continuous improvements.
Note that if the machine you're deploying from is insecure, there is nothing nix-bitcoin can do to protect itself.
Docs
Troubleshooting
If you are having problems with nix-bitcoin check the FAQ or submit an issue.
There's also a #nix-bitcoin IRC channel on libera.
We are always happy to help.