Merge remote-tracking branch 'nixbitcoin/documentation'

This commit is contained in:
Jonas Nick 2019-05-15 22:04:26 +00:00
commit bff6dc9e44
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
4 changed files with 81 additions and 10 deletions

View File

@ -25,8 +25,7 @@ It should be a reproducible and extensible platform for applications building on
Available modules Available modules
--- ---
By default the `configuration.nix` provides: By default the `configuration.nix` provides:
* bitcoind (pruned) with outbound connections through Tor and inbound connections through a hidden * bitcoind with outbound connections through Tor and inbound connections through a hidden service. By default loaded with banlist of spy nodes.
service. By default loaded with banlist of spy nodes.
* [clightning](https://github.com/ElementsProject/lightning) with outbound connections through Tor, not listening * [clightning](https://github.com/ElementsProject/lightning) with outbound connections through Tor, not listening
* includes "nodeinfo" script which prints basic info about the node * includes "nodeinfo" script which prints basic info about the node
* adds non-root user "operator" which has access to bitcoin-cli and lightning-cli * adds non-root user "operator" which has access to bitcoin-cli and lightning-cli
@ -40,6 +39,8 @@ In `configuration.nix` the user can enable:
* [spark-wallet](https://github.com/shesek/spark-wallet) * [spark-wallet](https://github.com/shesek/spark-wallet)
* [electrs](https://github.com/romanz/electrs) * [electrs](https://github.com/romanz/electrs)
* recurring-donations, a module to repeatedly send lightning payments to recipients specified in the configuration. * recurring-donations, a module to repeatedly send lightning payments to recipients specified in the configuration.
* [bitcoin-core-hwi](https://github.com/bitcoin-core/HWI).
* You no longer need extra software to connect your hardware wallet to Bitcoin Core. Use Bitcoin Core's own **H**ardware **W**allet **I**nterface with one `configuration.nix` setting.
The data directories of the services can be found in `/var/lib` on the deployed machines. The data directories of the services can be found in `/var/lib` on the deployed machines.

View File

@ -38,7 +38,8 @@
### ELECTRS ### ELECTRS
# Enable this module to use electrs, an efficient re-implementation of # Enable this module to use electrs, an efficient re-implementation of
# Electrum Server in Rust. # Electrum Server in Rust. Only enable this if hardware wallets are
# disabled.
# services.electrs.enable = true; # services.electrs.enable = true;
### LIQUIDD ### LIQUIDD
@ -80,11 +81,12 @@
### Hardware wallets ### Hardware wallets
# Enable this module to allow using hardware wallets. See https://github.com/bitcoin-core/HWI # Enable this module to allow using hardware wallets. See https://github.com/bitcoin-core/HWI
# for more information. # for more information. Only enable this if electrs is disabled.
# Ledger must be initialized through the official ledger live app and the Bitcoin app must # Ledger must be initialized through the official ledger live app and the Bitcoin app must
# be installed and running on the device. # be installed and running on the device.
# services.hardware-wallets.ledger = true; # services.hardware-wallets.ledger = true;
# Trezor can be initialized with the trezorctl command in nix-bitcoin. # Trezor can be initialized with the trezorctl command in nix-bitcoin. More information in
# `docs/usage.md`.
# services.hardware-wallets.trezor = true; # services.hardware-wallets.trezor = true;
# FIXME: Define your hostname. # FIXME: Define your hostname.

View File

@ -132,14 +132,14 @@ This is borrowed from the [NixOS manual](https://nixos.org/nixos/manual/index.ht
1. Obtain latest NixOS. For example: 1. Obtain latest NixOS. For example:
``` ```
wget https://releases.nixos.org/nixos/18.09/nixos-18.09.2257.235487585ed/nixos-graphical-18.09.2257.235487585ed-x86_64-linux.iso wget https://releases.nixos.org/nixos/19.03/nixos-19.03.172538.7bb74e65365/nixos-minimal-19.03.172538.7bb74e65365-x86_64-linux.iso
``` ```
Alternatively you can build NixOS from source by following the instructions at https://nixos.org/nixos/manual/index.html#sec-building-cd. Alternatively you can build NixOS from source by following the instructions at https://nixos.org/nixos/manual/index.html#sec-building-cd.
2. Write NixOS iso to install media (USB/CD). For example: 2. Write NixOS iso to install media (USB/CD). For example:
``` ```
dd if=nixos-graphical-18.09.2257.235487585ed-x86_64-linux.iso of=/dev/sdX dd if=nixos-minimal-19.03.172538.7bb74e65365-x86_64-linux.iso of=/dev/sdX
``` ```
Replace /dev/sdX with the correct device name. You can find this using `sudo fdisk -l` Replace /dev/sdX with the correct device name. You can find this using `sudo fdisk -l`
@ -309,7 +309,7 @@ You can also build Nix from source by following the instructions at https://nixo
{ {
bitcoin-node = bitcoin-node =
{ config, pkgs, ... }: { config, pkgs, ... }:
{ deployment.targetHost = 1.2.3.4; { deployment.targetHost = "1.2.3.4";
}; };
} }
``` ```
@ -329,7 +329,7 @@ You can also build Nix from source by following the instructions at https://nixo
``` ```
nano hardware-configuration.nix nano hardware-configuration.nix
``` ```
Copy contents of NixOS machine's `hardware-configuration.nix` to file. Copy contents of NixOS machine's `/etc/nixos/hardware-configuration.nix` to file.
8. Add boot option to `hardware-configuration.nix` 8. Add boot option to `hardware-configuration.nix`
@ -339,7 +339,8 @@ You can also build Nix from source by following the instructions at https://nixo
``` ```
Option 2: Set grub device for Legacy Boot (MBR) Option 2: Set grub device for Legacy Boot (MBR)
``` ```
boot.loader.grub.device = "/dev/sda": ```
boot.loader.grub.device = "/dev/sda";
``` ```
9. Setup environment 9. Setup environment

View File

@ -148,3 +148,70 @@ Connect to nix-bitcoin node through ssh Tor Hidden Service
``` ```
6. Now you can run `nixops deploy -d bitcoin-node` and it will connect through the ssh tunnel you established in step iv. This also allows you to do more complex ssh setups that `nixops ssh` doesn't support. An example would be authenticating with [Trezor's ssh agent](https://github.com/romanz/trezor-agent), which provides extra security. 6. Now you can run `nixops deploy -d bitcoin-node` and it will connect through the ssh tunnel you established in step iv. This also allows you to do more complex ssh setups that `nixops ssh` doesn't support. An example would be authenticating with [Trezor's ssh agent](https://github.com/romanz/trezor-agent), which provides extra security.
Initialize a Trezor for Bitcoin Core's Hardware Wallet Interface
---
1. Enable Trezor in `configuration.nix`
Change
```
# services.hardware-wallets.trezor = true;
```
to
```
services.hardware-wallets.trezor = true;
```
2. Deploy new `configuration.nix`
```
nixops deploy -d bitcoin-node
```
3. Check that your nix-bitcoin node recognizes your Trezor
```
nixops ssh operator@bitcoin-node
lsusb
```
Should show something relating to your Trezor
4. If your Trezor has outdated firmware or is not yet initialized: Start your Trezor in bootloader mode
Trezor v1
```
Plug in your Trezor with both buttons depressed
```
Trezor v2
```
Start swiping your finger across your Trezor's touchscreen and plug in the USB cable when your finger is halfway through
```
5. If your Trezor's firmware is outdated: Update your Trezor's firmware
```
trezorctl firmware-update
```
Follow the on-screen instructions
**Caution: This command _will_ wipe your Trezor. If you already store Bitcoin on it, only do this with the recovery seed nearby.**
6. If your Trezor is not yet initialized: Set up your Trezor
```
trezorctl reset-device -p
```
Follow the on-screen instructions
7. Find your Trezor
```
hwi enumerate
hwi -t trezor -d <path from previous command> promptpin
hwi -t trezor -d <path> sendpin <number positions for the PIN as displayed on your device's screen>
hwi enumerate
```
8. Follow Bitcoin Core's instructions on [Using Bitcoin Core with Hardware Wallets](https://github.com/bitcoin-core/HWI/blob/master/docs/bitcoin-core-usage.md) to use your Trezor with `bitcoin-cli` on your nix-bitcoin node