Merge fort-nix/nix-bitcoin#511: Minor improvements
84b69dfb46
versioning: improve description wording (Erik Arvstedt)9d20837b90
flake: remove `rec` (Erik Arvstedt)c82e0ee294
clightning/plugins: format plugin defs, order alphabetically (Erik Arvstedt)9ac3d93b27
improve comments, descriptions (Erik Arvstedt)97b1a1d353
operator: improve descriptions (Erik Arvstedt)27dd31ead5
clightning/feeadjuster: fix typo (Erik Arvstedt)df5abd5eab
lnd: move `wallet-unlock-password-file` setting to config (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACK84b69dfb46
Tree-SHA512: e326ea37c4c4e766a634e90a069a441933dfac5a91e85c136e49dd17c16ee6e5e3fbfb15399f97321e412ab1624f1040116e2516e2635188f7e25454d5e9fe34
This commit is contained in:
commit
d3664b09b4
@ -280,6 +280,6 @@
|
||||
|
||||
# The nix-bitcoin release version that your config is compatible with.
|
||||
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an
|
||||
# an error and provide hints for migrating your config to the new release.
|
||||
# an error and provide instructions for migrating your config to the new release.
|
||||
nix-bitcoin.configVersion = "0.0.70";
|
||||
}
|
||||
|
@ -13,8 +13,7 @@
|
||||
outputs = { self, nixpkgs, nixpkgsUnstable, flake-utils }:
|
||||
let
|
||||
supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" ];
|
||||
in
|
||||
rec {
|
||||
in {
|
||||
lib = {
|
||||
mkNbPkgs = {
|
||||
system
|
||||
@ -25,7 +24,7 @@
|
||||
};
|
||||
|
||||
overlays.default = final: prev: let
|
||||
nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; };
|
||||
nbPkgs = self.lib.mkNbPkgs { inherit (final) system; pkgs = final; };
|
||||
in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ];
|
||||
|
||||
nixosModules.default = { config, pkgs, lib, ... }: {
|
||||
|
@ -10,7 +10,7 @@ let
|
||||
Enable feeaduster (clightning plugin).
|
||||
This plugin auto-updates channel fees to keep channels balanced.
|
||||
|
||||
See here for for all available options:
|
||||
See here for all available options:
|
||||
https://github.com/lightningd/plugins/blob/master/feeadjuster/feeadjuster.py
|
||||
Extra options can be set via `services.clightning.extraConfig`.
|
||||
'';
|
||||
|
@ -178,6 +178,8 @@ let
|
||||
bitcoind.zmqpubrawblock=${bitcoind.zmqpubrawblock}
|
||||
bitcoind.zmqpubrawtx=${bitcoind.zmqpubrawtx}
|
||||
|
||||
wallet-unlock-password-file=${secretsDir}/lnd-wallet-password
|
||||
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
in {
|
||||
@ -249,11 +251,7 @@ in {
|
||||
Type = "notify";
|
||||
RuntimeDirectory = "lnd"; # Only used to store custom macaroons
|
||||
RuntimeDirectoryMode = "711";
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/lnd \
|
||||
--configfile="${cfg.dataDir}/lnd.conf" \
|
||||
--wallet-unlock-password-file="${secretsDir}/lnd-wallet-password"
|
||||
'';
|
||||
ExecStart = "${cfg.package}/bin/lnd --configfile='${cfg.dataDir}/lnd.conf'";
|
||||
User = cfg.user;
|
||||
TimeoutSec = "15min";
|
||||
Restart = "on-failure";
|
||||
|
@ -1,24 +1,29 @@
|
||||
# Define an operator user for convenient interactive access to nix-bitcoin
|
||||
# features and services.
|
||||
#
|
||||
# When using nix-bitcoin as part of a larger system config, set
|
||||
# `nix-bitcoin.operator.name` to your main user name.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
options.nix-bitcoin.operator = {
|
||||
enable = mkEnableOption "operator user";
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to define a user named `operator` for convenient interactive access
|
||||
to nix-bitcoin features (like `bitcoin-cli`).
|
||||
|
||||
When using nix-bitcoin as part of a larger system config, it makes sense
|
||||
to set your main system user as the operator, by setting option
|
||||
`nix-bitcoin.operator.name = "<main user name>";`.
|
||||
'';
|
||||
};
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
default = "operator";
|
||||
description = "User name.";
|
||||
description = "Name of the operator user.";
|
||||
};
|
||||
groups = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
description = "Extra groups.";
|
||||
description = "Extra groups of the operatur user.";
|
||||
};
|
||||
allowRunAsUsers = mkOption {
|
||||
type = with types; listOf str;
|
||||
|
@ -30,7 +30,7 @@ in {
|
||||
jq
|
||||
];
|
||||
|
||||
# sshd
|
||||
# Add a SSH onion service
|
||||
services.tor.relay.onionServices.sshd = nbLib.mkOnionService { port = 22; };
|
||||
nix-bitcoin.onionAddresses.access.${operatorName} = [ "sshd" ];
|
||||
|
||||
|
@ -16,8 +16,8 @@ let
|
||||
compatible with.
|
||||
|
||||
When upgrading to a backwards-incompatible release, nix-bitcoin will throw an
|
||||
error during evaluation and provide hints for migrating your config to the
|
||||
new release.
|
||||
error during evaluation and provide instructions for migrating your config to
|
||||
the new release.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -13,7 +13,16 @@ let
|
||||
version = builtins.substring 0 7 src.rev;
|
||||
|
||||
plugins = with nbPython3Packages; {
|
||||
helpme = { description = "Walks you through setting up a c-lightning node, offering advice for common problems"; };
|
||||
commando = {
|
||||
description = "Enable RPC over lightning";
|
||||
extraPkgs = [ nbPython3Packages.runes ];
|
||||
};
|
||||
feeadjuster = {
|
||||
description = "Dynamically changes channel fees to keep your channels more balanced";
|
||||
};
|
||||
helpme = {
|
||||
description = "Walks you through setting up a c-lightning node, offering advice for common problems";
|
||||
};
|
||||
monitor = {
|
||||
description = "Helps you analyze the health of your peers and channels";
|
||||
extraPkgs = [ packaging ];
|
||||
@ -25,10 +34,8 @@ let
|
||||
"--replace prometheus-client==0.6.0 prometheus-client==0.13.1"
|
||||
+ " --replace pyln-client~=0.9.3 pyln-client~=0.10.1";
|
||||
};
|
||||
rebalance = { description = "Keeps your channels balanced"; };
|
||||
commando = {
|
||||
description = "Enable RPC over lightning";
|
||||
extraPkgs = [ nbPython3Packages.runes ];
|
||||
rebalance = {
|
||||
description = "Keeps your channels balanced";
|
||||
};
|
||||
summary = {
|
||||
description = "Prints a summary of the node status";
|
||||
@ -39,9 +46,6 @@ let
|
||||
scriptName = "cl-zmq";
|
||||
extraPkgs = [ twisted txzmq ];
|
||||
};
|
||||
feeadjuster = {
|
||||
description = "Dynamically changes channel fees to keep your channels more balanced";
|
||||
};
|
||||
};
|
||||
|
||||
basePkgs = [ nbPython3Packages.pyln-client ];
|
||||
|
@ -41,7 +41,7 @@ let self = {
|
||||
RestrictAddressFamilies = self.defaultHardening.RestrictAddressFamilies + " AF_NETLINK";
|
||||
};
|
||||
|
||||
# nodejs applications apparently rely on memory write execute
|
||||
# nodejs applications require memory write execute for JIT compilation
|
||||
nodejs = { MemoryDenyWriteExecute = "false"; };
|
||||
|
||||
# Allow takes precedence over Deny.
|
||||
@ -69,7 +69,7 @@ let self = {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enforce Tor on a service by only allowing connections
|
||||
Whether to enforce Tor on this service by only allowing connections
|
||||
from and to localhost and link-local addresses.
|
||||
'';
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user