Merge fort-nix/nix-bitcoin#511: Minor improvements
84b69dfb46
versioning: improve description wording (Erik Arvstedt)9d20837b90
flake: remove `rec` (Erik Arvstedt)c82e0ee294
clightning/plugins: format plugin defs, order alphabetically (Erik Arvstedt)9ac3d93b27
improve comments, descriptions (Erik Arvstedt)97b1a1d353
operator: improve descriptions (Erik Arvstedt)27dd31ead5
clightning/feeadjuster: fix typo (Erik Arvstedt)df5abd5eab
lnd: move `wallet-unlock-password-file` setting to config (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACK84b69dfb46
Tree-SHA512: e326ea37c4c4e766a634e90a069a441933dfac5a91e85c136e49dd17c16ee6e5e3fbfb15399f97321e412ab1624f1040116e2516e2635188f7e25454d5e9fe34
This commit is contained in:
commit
d3664b09b4
@ -280,6 +280,6 @@
|
|||||||
|
|
||||||
# The nix-bitcoin release version that your config is compatible with.
|
# The nix-bitcoin release version that your config is compatible with.
|
||||||
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an
|
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an
|
||||||
# an error and provide hints for migrating your config to the new release.
|
# an error and provide instructions for migrating your config to the new release.
|
||||||
nix-bitcoin.configVersion = "0.0.70";
|
nix-bitcoin.configVersion = "0.0.70";
|
||||||
}
|
}
|
||||||
|
@ -13,8 +13,7 @@
|
|||||||
outputs = { self, nixpkgs, nixpkgsUnstable, flake-utils }:
|
outputs = { self, nixpkgs, nixpkgsUnstable, flake-utils }:
|
||||||
let
|
let
|
||||||
supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" ];
|
supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" ];
|
||||||
in
|
in {
|
||||||
rec {
|
|
||||||
lib = {
|
lib = {
|
||||||
mkNbPkgs = {
|
mkNbPkgs = {
|
||||||
system
|
system
|
||||||
@ -25,7 +24,7 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
overlays.default = final: prev: let
|
overlays.default = final: prev: let
|
||||||
nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; };
|
nbPkgs = self.lib.mkNbPkgs { inherit (final) system; pkgs = final; };
|
||||||
in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ];
|
in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ];
|
||||||
|
|
||||||
nixosModules.default = { config, pkgs, lib, ... }: {
|
nixosModules.default = { config, pkgs, lib, ... }: {
|
||||||
|
@ -10,7 +10,7 @@ let
|
|||||||
Enable feeaduster (clightning plugin).
|
Enable feeaduster (clightning plugin).
|
||||||
This plugin auto-updates channel fees to keep channels balanced.
|
This plugin auto-updates channel fees to keep channels balanced.
|
||||||
|
|
||||||
See here for for all available options:
|
See here for all available options:
|
||||||
https://github.com/lightningd/plugins/blob/master/feeadjuster/feeadjuster.py
|
https://github.com/lightningd/plugins/blob/master/feeadjuster/feeadjuster.py
|
||||||
Extra options can be set via `services.clightning.extraConfig`.
|
Extra options can be set via `services.clightning.extraConfig`.
|
||||||
'';
|
'';
|
||||||
|
@ -178,6 +178,8 @@ let
|
|||||||
bitcoind.zmqpubrawblock=${bitcoind.zmqpubrawblock}
|
bitcoind.zmqpubrawblock=${bitcoind.zmqpubrawblock}
|
||||||
bitcoind.zmqpubrawtx=${bitcoind.zmqpubrawtx}
|
bitcoind.zmqpubrawtx=${bitcoind.zmqpubrawtx}
|
||||||
|
|
||||||
|
wallet-unlock-password-file=${secretsDir}/lnd-wallet-password
|
||||||
|
|
||||||
${cfg.extraConfig}
|
${cfg.extraConfig}
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
@ -249,11 +251,7 @@ in {
|
|||||||
Type = "notify";
|
Type = "notify";
|
||||||
RuntimeDirectory = "lnd"; # Only used to store custom macaroons
|
RuntimeDirectory = "lnd"; # Only used to store custom macaroons
|
||||||
RuntimeDirectoryMode = "711";
|
RuntimeDirectoryMode = "711";
|
||||||
ExecStart = ''
|
ExecStart = "${cfg.package}/bin/lnd --configfile='${cfg.dataDir}/lnd.conf'";
|
||||||
${cfg.package}/bin/lnd \
|
|
||||||
--configfile="${cfg.dataDir}/lnd.conf" \
|
|
||||||
--wallet-unlock-password-file="${secretsDir}/lnd-wallet-password"
|
|
||||||
'';
|
|
||||||
User = cfg.user;
|
User = cfg.user;
|
||||||
TimeoutSec = "15min";
|
TimeoutSec = "15min";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
|
@ -1,24 +1,29 @@
|
|||||||
# Define an operator user for convenient interactive access to nix-bitcoin
|
|
||||||
# features and services.
|
|
||||||
#
|
|
||||||
# When using nix-bitcoin as part of a larger system config, set
|
|
||||||
# `nix-bitcoin.operator.name` to your main user name.
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
options.nix-bitcoin.operator = {
|
options.nix-bitcoin.operator = {
|
||||||
enable = mkEnableOption "operator user";
|
enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = ''
|
||||||
|
Whether to define a user named `operator` for convenient interactive access
|
||||||
|
to nix-bitcoin features (like `bitcoin-cli`).
|
||||||
|
|
||||||
|
When using nix-bitcoin as part of a larger system config, it makes sense
|
||||||
|
to set your main system user as the operator, by setting option
|
||||||
|
`nix-bitcoin.operator.name = "<main user name>";`.
|
||||||
|
'';
|
||||||
|
};
|
||||||
name = mkOption {
|
name = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "operator";
|
default = "operator";
|
||||||
description = "User name.";
|
description = "Name of the operator user.";
|
||||||
};
|
};
|
||||||
groups = mkOption {
|
groups = mkOption {
|
||||||
type = with types; listOf str;
|
type = with types; listOf str;
|
||||||
default = [];
|
default = [];
|
||||||
description = "Extra groups.";
|
description = "Extra groups of the operatur user.";
|
||||||
};
|
};
|
||||||
allowRunAsUsers = mkOption {
|
allowRunAsUsers = mkOption {
|
||||||
type = with types; listOf str;
|
type = with types; listOf str;
|
||||||
|
@ -30,7 +30,7 @@ in {
|
|||||||
jq
|
jq
|
||||||
];
|
];
|
||||||
|
|
||||||
# sshd
|
# Add a SSH onion service
|
||||||
services.tor.relay.onionServices.sshd = nbLib.mkOnionService { port = 22; };
|
services.tor.relay.onionServices.sshd = nbLib.mkOnionService { port = 22; };
|
||||||
nix-bitcoin.onionAddresses.access.${operatorName} = [ "sshd" ];
|
nix-bitcoin.onionAddresses.access.${operatorName} = [ "sshd" ];
|
||||||
|
|
||||||
|
@ -16,8 +16,8 @@ let
|
|||||||
compatible with.
|
compatible with.
|
||||||
|
|
||||||
When upgrading to a backwards-incompatible release, nix-bitcoin will throw an
|
When upgrading to a backwards-incompatible release, nix-bitcoin will throw an
|
||||||
error during evaluation and provide hints for migrating your config to the
|
error during evaluation and provide instructions for migrating your config to
|
||||||
new release.
|
the new release.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -13,7 +13,16 @@ let
|
|||||||
version = builtins.substring 0 7 src.rev;
|
version = builtins.substring 0 7 src.rev;
|
||||||
|
|
||||||
plugins = with nbPython3Packages; {
|
plugins = with nbPython3Packages; {
|
||||||
helpme = { description = "Walks you through setting up a c-lightning node, offering advice for common problems"; };
|
commando = {
|
||||||
|
description = "Enable RPC over lightning";
|
||||||
|
extraPkgs = [ nbPython3Packages.runes ];
|
||||||
|
};
|
||||||
|
feeadjuster = {
|
||||||
|
description = "Dynamically changes channel fees to keep your channels more balanced";
|
||||||
|
};
|
||||||
|
helpme = {
|
||||||
|
description = "Walks you through setting up a c-lightning node, offering advice for common problems";
|
||||||
|
};
|
||||||
monitor = {
|
monitor = {
|
||||||
description = "Helps you analyze the health of your peers and channels";
|
description = "Helps you analyze the health of your peers and channels";
|
||||||
extraPkgs = [ packaging ];
|
extraPkgs = [ packaging ];
|
||||||
@ -25,10 +34,8 @@ let
|
|||||||
"--replace prometheus-client==0.6.0 prometheus-client==0.13.1"
|
"--replace prometheus-client==0.6.0 prometheus-client==0.13.1"
|
||||||
+ " --replace pyln-client~=0.9.3 pyln-client~=0.10.1";
|
+ " --replace pyln-client~=0.9.3 pyln-client~=0.10.1";
|
||||||
};
|
};
|
||||||
rebalance = { description = "Keeps your channels balanced"; };
|
rebalance = {
|
||||||
commando = {
|
description = "Keeps your channels balanced";
|
||||||
description = "Enable RPC over lightning";
|
|
||||||
extraPkgs = [ nbPython3Packages.runes ];
|
|
||||||
};
|
};
|
||||||
summary = {
|
summary = {
|
||||||
description = "Prints a summary of the node status";
|
description = "Prints a summary of the node status";
|
||||||
@ -39,9 +46,6 @@ let
|
|||||||
scriptName = "cl-zmq";
|
scriptName = "cl-zmq";
|
||||||
extraPkgs = [ twisted txzmq ];
|
extraPkgs = [ twisted txzmq ];
|
||||||
};
|
};
|
||||||
feeadjuster = {
|
|
||||||
description = "Dynamically changes channel fees to keep your channels more balanced";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
basePkgs = [ nbPython3Packages.pyln-client ];
|
basePkgs = [ nbPython3Packages.pyln-client ];
|
||||||
|
@ -41,7 +41,7 @@ let self = {
|
|||||||
RestrictAddressFamilies = self.defaultHardening.RestrictAddressFamilies + " AF_NETLINK";
|
RestrictAddressFamilies = self.defaultHardening.RestrictAddressFamilies + " AF_NETLINK";
|
||||||
};
|
};
|
||||||
|
|
||||||
# nodejs applications apparently rely on memory write execute
|
# nodejs applications require memory write execute for JIT compilation
|
||||||
nodejs = { MemoryDenyWriteExecute = "false"; };
|
nodejs = { MemoryDenyWriteExecute = "false"; };
|
||||||
|
|
||||||
# Allow takes precedence over Deny.
|
# Allow takes precedence over Deny.
|
||||||
@ -69,7 +69,7 @@ let self = {
|
|||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
description = ''
|
description = ''
|
||||||
Whether to enforce Tor on a service by only allowing connections
|
Whether to enforce Tor on this service by only allowing connections
|
||||||
from and to localhost and link-local addresses.
|
from and to localhost and link-local addresses.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user