9715134f06
netns: don't repeat cli definitions
...
1. Saves some code.
2. Guarantees that the netns and no-netns cli defs are always in sync.
2020-08-25 11:40:27 +02:00
e385c73256
netns: separate implementation and service configs
...
This greatly improves clarity.
Especially the bitcoind-import-banlist.serviceConfig definition was out
of place.
2020-08-25 11:40:27 +02:00
d0b8d77de2
netns: remove conditionals for service settings
...
Going without the conditionals (like in secure-node.nix) adds
readability and doesn't reduce evaluation performance (in fact, it
even slightly improves performance due to implementation details
of mkIf).
To avoid errors, remove use of disabled services in secure-node.nix and
nix-bitcoin-webindex.nix.
2020-08-25 11:40:27 +02:00
0f0f6ddbb9
netns: add comment about undesirable algorithmic complexity
...
We don't want to be Accidentally Quadratic™
2020-08-25 11:40:26 +02:00
a3ae8668e6
netns: use map instead of concatMap
2020-08-25 11:40:26 +02:00
b7fc819be5
netns: consistent var naming
...
n is used elsewhere in similar contexts.
2020-08-25 11:40:26 +02:00
5a81693ef3
netns: add range check for netns ids
2020-08-25 11:40:26 +02:00
74f1610668
netns: clarify addressblock description
2020-08-25 11:40:26 +02:00
4eb92df08c
netns: remove redundant filter
...
The 'availableNetns' connection matrix only consists of enabled entries,
so no extra filtering is needed.
Reason: availableNetns starts with the filtered 'base' and is then symmetrised.
2020-08-25 11:40:26 +02:00
50de54aef1
netns: remove empty connections defs
...
Like in the netns defintion for bitcoind.
2020-08-25 11:40:26 +02:00
0f1f105948
Merge #225 : Fix process info restriction
...
44de5064cda36789b468588a0b240596ea2e671c343e026030736744676144de5064cd
2020-08-24 14:56:05 +00:00
b00e9b6aa3
Merge #222 : Add nix-bitcoin.lib for utility functions and types
...
322ba5bfff322ba5bfff
2020-08-23 20:53:45 +00:00
bfc73f2176
Merge #227 : Install.md docs updates
...
9e6b280fdd9e6b280fdd
2020-08-22 07:50:45 +00:00
9e6b280fdd
docs updates
2020-08-21 21:43:46 +00:00
322ba5bfff
Add nix-bitcoin.lib for utility functions and types
2020-08-20 21:31:24 +00:00
44de5064cd
security: don't restrict process info by default for module users
2020-08-20 13:12:07 +02:00
a36789b468
test: move security tests to separate function
2020-08-20 13:12:06 +02:00
588a0b2405
security: enable full systemd-status for group 'proc'
...
Previously, systemd-status was broken for all users except root.
Use a 'default' deny policy, which is overridden for group 'proc'.
Add operator to group 'proc'.
Also, remove redundant XML boilerplate.
2020-08-20 13:12:06 +02:00
96ea2e671c
security: simplify and fix dbus configuration
...
Previously, due to the dependency on a helper service, this dbus config
was initially inactive after system boot, allowing for unrestricted use
of the problematic dbus call.
This also broke the accompanying VM test on faster systems.
Remove 'allow' policy for root because it's a no-op:
1. It's overridden by the 'mandatory' deny policy.
2. Root can use all dbus calls anyways, regardless of policy settings.
Also, add some comments.
2020-08-20 13:12:06 +02:00
343e026030
rename dbus.nix -> security.nix
...
This file has a broader scope than just configuring dbus.
2020-08-20 13:12:06 +02:00
7367446761
test: rename assert_matches_exactly -> assert_full_match
...
More precise, needed in a later commit.
2020-08-20 13:12:05 +02:00
dd78d2b2a1
Add --dry-run option to push-release script
2020-08-18 08:36:19 +00:00
72000b4a99
Merge #200 : backups: add module
...
22c3fd52e1e4fb7a52de22c3fd52e1
2020-08-04 15:38:44 +00:00
22c3fd52e1
backups: add feature test
2020-08-04 15:25:39 +00:00
e4fb7a52de
backups: add module
2020-08-04 15:25:37 +00:00
62f83a71b8
Merge #218 : Fix typos
...
df89ceed39df89ceed39
2020-08-04 15:13:09 +00:00
3f53d7da40
Merge #217 : Concurrent LN
...
e650df30d546e15ee9ccac96fd59db3ed564ea06716e98789c43da15557dd99ccc8445e650df30d5
2020-08-04 15:10:07 +00:00
e650df30d5
bitcoind: bump rpcthread count
2020-08-04 14:46:57 +00:00
46e15ee9cc
tests: make lnd & clightning tests run concurrently
2020-08-04 14:07:12 +00:00
ac96fd59db
assertions: make lnd.enable depend on !clightning.enable or port != 9735
2020-08-04 14:07:10 +00:00
3ed564ea06
lnd: make listen IP address only
2020-08-04 14:07:08 +00:00
716e98789c
lnd: add listenPort option
2020-08-04 14:07:06 +00:00
43da15557d
clightning: refactor bind-addr to be IP address only
...
With typecheck
2020-08-04 14:07:02 +00:00
df89ceed39
Fix typos
2020-08-04 13:32:06 +00:00
d99ccc8445
clightning: add bindport option
2020-08-04 12:42:57 +00:00
b6179639fe
Merge #215 : Improve abstraction in test scenarios
...
4ece2da8db5c0170c6b85fa0602a186f9349b0a43d2b366156e13c532dbf4ece2da8db
2020-08-04 12:42:16 +00:00
4ece2da8db
tests: move nginx check in scenarios lib
2020-08-04 12:17:47 +00:00
5c0170c6b8
tests: add post-clightning extra tests to scenarios
2020-08-04 12:17:47 +00:00
5fa0602a18
tests: add extra_tests argument to scenario lib run_tests()
2020-08-04 12:17:47 +00:00
6f9349b0a4
tests: create run_tests() function in the scenario lib
2020-08-02 21:20:51 +00:00
3d2b366156
tests: move common code in tests to lib
2020-08-02 21:12:45 +00:00
e13c532dbf
tests: move common code of scenarios python scripts to the top
2020-08-02 20:59:11 +00:00
0baeb2acce
Merge #209 : Lightning loop
...
e9204946d4491d83a6588f3588b13f1bb801ad7be9204946d4
2020-07-28 20:02:12 +00:00
9e453bab86
Merge #202 : RPC Whitelist
...
5086fc323421c0fb440d1bf45a95475a978a28365086fc3234
2020-07-28 17:38:07 +00:00
e9204946d4
lightning-loop: add tests
2020-07-28 15:55:54 +00:00
491d83a658
lightning-loop: add module
2020-07-28 15:55:52 +00:00
8f3588b13f
lnd: higher attempt limit for less-powerful machines
...
Opening main database sometimes takes longer than 50 ExecStartPost
restPort connection attempts.
2020-07-28 15:55:50 +00:00
1bb801ad7b
lightning-loop: add pkg
2020-07-28 15:55:48 +00:00
5086fc3234
bitcoin: drive-by prune fix
2020-07-28 14:32:54 +00:00
21c0fb440d
rpcwhitelist: add feature test
2020-07-28 14:32:52 +00:00
Erik Arvstedt
Jonas Nick
jurraca
nixbitcoin
practicalswift