Commit Graph

1796 Commits

Author SHA1 Message Date
Erik Arvstedt
53a9f136b9
lib: allow syscall get_mempolicy in default seccomp filter
This syscall is required by an upcoming version of btcpayserver.
Because it is generally safe, we can allow it for all services.
2022-01-01 20:13:42 +00:00
Jonas Nick
a2c01e5a56
update-flake: fix attribute path of pinned
This was missed in d69524143b.
2022-01-01 20:12:47 +00:00
nixbitcoin
bb9f0b54ca
spark-wallet: use HTTPS instead of SSH for Github 2022-01-01 19:12:20 +01:00
nixbitcoin
906b7f83ff
rtl: 0.11.2 -> 0.12.0 2021-12-30 14:29:29 +00:00
nixbitcoin
2a7630e6f4
cl-rest: 0.6.0 -> 0.6.1 2021-12-30 14:29:22 +00:00
Jonas Nick
6d4178f935
Merge fort-nix/nix-bitcoin#432: Improve flake
6be3fb3e77 flake: provide a single NixOS module (Erik Arvstedt)
d69524143b flake: remove nonstandard top-level flake attrs (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 6be3fb3e77

Tree-SHA512: 78a41366407fc696156322600f596d4dfb12899c089503d330847ae175cfb7825689bb3888632ec80baff8a50efe037f4a5c33ded3220bcafa54b87b4f311528
2021-12-27 20:15:35 +00:00
Erik Arvstedt
6be3fb3e77
flake: provide a single NixOS module
Instead of providing two NixOS modules (one for using system pkgs,
one for using locked pkgs), provide a single module with option
`useVersionLockedPkgs`.

This fixes that all nix-bitcoin options are displayed twice
on search.nixos.org:
https://search.nixos.org/flakes?type=options&query=clightning
2021-12-27 16:59:14 +01:00
Erik Arvstedt
d69524143b
flake: remove nonstandard top-level flake attrs
Silences warnings in `nix flake check`.

- Define `mkNbPkgs` under attr `lib`.
  `lib` still triggers a warning, but it is expected to be a standard
  flake attr in a future Nix release.

- Define `nbPkgs` under attr `legacyPackages`.
  This also has the advantage to make its contents more easily
  accessible via the nix CLI. Example:
  nix eval nix-bitcoin#nbPkgs.modulesPkgs.clightning.version
2021-12-27 16:59:14 +01:00
Jonas Nick
dc382b8b67
Merge fort-nix/nix-bitcoin#431: Improve Pkgs
a31d07d8bf ci: update container image for modules tests (Erik Arvstedt)
bc7d3a2ed7 fetch-release: check that only one key is imported (Erik Arvstedt)
5ab85cb2a5 pkgs: add `meta` attr (Erik Arvstedt)
602281b132 rtl, cl-rest: add /bin to pkg output (Erik Arvstedt)
f4872f3334 spark-wallet: use node package lockfile (Erik Arvstedt)
3091b0a4fb cl-rest: use node package lockfile (Erik Arvstedt)
fbfb61210a rtl: use node package lockfile (Erik Arvstedt)
d296b2d1fb charge-lnd: remove unneeded use of `literalExample` (Erik Arvstedt)
f13ffe0146 run-tests: make `nixosSearch` compatible with `--copy-src` (Erik Arvstedt)
2069f62abc krops: -> 1.26.2 (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    reACK a31d07d8bf

Tree-SHA512: 9fcc031b2bc8a56181fa0eae84c4809d896070bca5782f6b15a79e7d3545c77b8d436f512f709a203bcead81afe3293167dd8757635d6aeb5e5c320f106b6a83
2021-12-19 19:14:19 +00:00
Erik Arvstedt
a31d07d8bf
ci: update container image for modules tests
nixos/nix:latest has switched to Nix 2.5, but we should track
2.3.x, the default on NixOS stable.
2021-12-15 15:44:56 +01:00
Erik Arvstedt
bc7d3a2ed7
fetch-release: check that only one key is imported
Co-authored-by: nixbitcoin <nixbitcoin@i2pmail.org>
2021-12-15 15:44:55 +01:00
Erik Arvstedt
5ab85cb2a5
pkgs: add meta attr
Also add more detailed `enable` option descriptions.
2021-12-15 14:39:31 +01:00
Erik Arvstedt
602281b132
rtl, cl-rest: add /bin to pkg output 2021-12-15 10:58:04 +01:00
Erik Arvstedt
f4872f3334
spark-wallet: use node package lockfile 2021-12-15 10:58:04 +01:00
Erik Arvstedt
3091b0a4fb
cl-rest: use node package lockfile 2021-12-15 10:58:04 +01:00
Erik Arvstedt
fbfb61210a
rtl: use node package lockfile 2021-12-15 10:58:04 +01:00
Erik Arvstedt
d296b2d1fb
charge-lnd: remove unneeded use of literalExample 2021-12-15 10:58:04 +01:00
Erik Arvstedt
f13ffe0146
run-tests: make nixosSearch compatible with --copy-src 2021-12-15 10:58:04 +01:00
Erik Arvstedt
2069f62abc
krops: -> 1.26.2
Includes 9fc8cbf8e8

Add krops/fetch-release.sh
2021-12-14 19:52:17 +01:00
Jonas Nick
2aeee22251
Merge fort-nix/nix-bitcoin#429: Add nixos-search support
5e59c784ed flake: remove internal pkg `netns-exec` from packages (Erik Arvstedt)
1ef40ac230 ci: add flake test (Erik Arvstedt)
d3c8d7bd6f .cirrus.yml: refactor (Erik Arvstedt)
26a53f0d59 ci: simplify test (Erik Arvstedt)
0fd3be5343 move ci/ to test/ (Erik Arvstedt)
eaf98f92db test: add test `nixosSearch` (Erik Arvstedt)
77d8c00c53 run-tests.sh: extract `checkFlakeSupport` (Erik Arvstedt)
96df81a4d0 run-tests: move `flake` next to other tests (Erik Arvstedt)
bbebd0b383 treewide: remove invalid docbook XML from option descriptions (Erik Arvstedt)
3681f118f7 nix-bitcoin.nix: add `defaultText` (automatic) (Erik Arvstedt)
d24c029435 treewide: add `defaultText` (manual) (Erik Arvstedt)
f0096371bf btcpayserver: expand `nbPkgs` in option defaults (Erik Arvstedt)
349f904e79 secrets: use assertion instead of error in default value (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    reACK 5e59c784ed

Tree-SHA512: affecb3acd0cc5191c8225fd61a3c0869620c307fbdf02683637d1aa6ef4ea889b420496639046391e23ae2506a9cb2d9d2e6cfc0cb281e8c20f00d5508fc644
2021-12-13 21:19:47 +00:00
Erik Arvstedt
5e59c784ed
flake: remove internal pkg netns-exec from packages 2021-12-12 16:21:12 +01:00
Erik Arvstedt
1ef40ac230
ci: add flake test
- Check flake
- Check nixos-search doc generation
2021-12-12 16:21:12 +01:00
Erik Arvstedt
d3c8d7bd6f
.cirrus.yml: refactor
Required by the following commit.
2021-12-12 16:21:12 +01:00
Erik Arvstedt
26a53f0d59
ci: simplify test
Remove obsolete features that were required for pkgsUnstable.
2021-12-12 16:21:11 +01:00
Erik Arvstedt
0fd3be5343
move ci/ to test/ 2021-12-12 16:21:11 +01:00
Erik Arvstedt
eaf98f92db
test: add test nixosSearch
This checks that creating module docs for search.nixos.org succceeds.
Errors can happen when complex `default` values can't be evaluated
or on malformed Docbook XML in descriptions.
2021-12-12 16:21:02 +01:00
Erik Arvstedt
77d8c00c53
run-tests.sh: extract checkFlakeSupport
Required by the following commit.
2021-12-12 16:20:40 +01:00
Erik Arvstedt
96df81a4d0
run-tests: move flake next to other tests 2021-12-12 16:20:40 +01:00
Erik Arvstedt
bbebd0b383
treewide: remove invalid docbook XML from option descriptions
NixOS will soon use CommonMark Markdown for option descriptions.
We can then switch back the old, slightly clearer bracket syntax.
2021-12-12 16:20:40 +01:00
Erik Arvstedt
3681f118f7
nix-bitcoin.nix: add defaultText (automatic)
This enables generating module option documentation.

This commit was genereated by running the following script inside the
repo root dir:

def add_default_text(file)
  src = File.read(file)
  src2 = src.gsub(/( = mkOption\s+\{[^{]*?)(\n\s+default = )(.*?);$(.*?\})/m) do |str|
    pre, defaultVar, default, post = Regexp.last_match.captures
    replacement =
      if !post.include?('defaultText =')
        if default =~ /\bpkgs\b/
          defaultText = default.lines.length == 1 ? default : "(See source)"
          "#{pre}#{defaultVar}#{default};#{defaultVar.sub('default', 'defaultText')}#{defaultText.inspect};#{post}"
        end
      end
    replacement or str
  end
  File.write(file, src2) if src2 != src
end

Dir["modules/**/*.nix"].each do |f|
  next if File.basename(f) == "nix-bitcoin.nix"
  add_default_text f
end
2021-12-12 16:20:39 +01:00
Erik Arvstedt
d24c029435
treewide: add defaultText (manual)
This enables generating module option documentation.

Add `defaultText` to options where the default value can't be
evaluated during metadata generation.
2021-12-12 16:18:14 +01:00
Erik Arvstedt
f0096371bf
btcpayserver: expand nbPkgs in option defaults
Required by commit `nix-bitcoin.nix: add `defaultText` (automatic)`.
2021-12-11 13:27:51 +01:00
Erik Arvstedt
349f904e79
secrets: use assertion instead of error in default value
This enables generating module option documentation.
2021-12-11 13:27:48 +01:00
Jonas Nick
1b3d3620fb
Merge fort-nix/nix-bitcoin#430: NixOS 21.11
2f0f1ec15a hardened-extended: define kernelParams as separate strings (Erik Arvstedt)
71e9864060 netns-isolation: add compatibility with 21.11 (Erik Arvstedt)
8f641756ce tests: add TODO-EXTERNAL (Erik Arvstedt)
b2f7a80f9f tests: add compatibility with 21.11 (Erik Arvstedt)
88fa33479f clightning-plugins: update prometheus-client version pin (nixbitcoin)
c9c2104009 klein: use from upstream, update jmclient version pin (nixbitcoin)
048b49edae pyln-proto: add copy of base58 2.1.0 (nixbitcoin)
b5984a603c joinmarket: 0.9.3 -> 0.9.4 (nixbitcoin)
8433933251 node2nix composition: add writeShellScript (nixbitcoin)
6b725157e1 clboss: sslSupport -> opensslSupport (nixbitcoin)
1a8e7d6348 clightning: re-enable seccomp filtering (nixbitcoin)
16f5aa0561 update to NixOS 21.11 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 2f0f1ec15a
  jonasnick:
    ACK 2f0f1ec15a

Tree-SHA512: 0685f94f0bc2ab64faa8679e2b579e6f2f1e96809ff00b61083b89bd7367ac990ddc1221698ee0e6729303c2a9a120cd460f32aba4f16ac5beeada8b70b6ea5b
2021-12-10 22:15:36 +00:00
Erik Arvstedt
2f0f1ec15a
hardened-extended: define kernelParams as separate strings
This is now checked by the modules.
2021-12-10 12:16:31 +00:00
Erik Arvstedt
71e9864060
netns-isolation: add compatibility with 21.11
`security.wrappers` now requires `group` be defined.
2021-12-10 12:16:09 +00:00
Erik Arvstedt
8f641756ce
tests: add TODO-EXTERNAL 2021-12-10 12:15:36 +00:00
Erik Arvstedt
b2f7a80f9f
tests: add compatibility with 21.11
Adapt to the new test driver and systemd versions.
2021-12-10 12:15:20 +00:00
nixbitcoin
88fa33479f
clightning-plugins: update prometheus-client version pin 2021-12-10 12:15:16 +00:00
nixbitcoin
c9c2104009
klein: use from upstream, update jmclient version pin
klein 20.6.0 was failing Twisted 21.7.0 tests.
2021-12-10 12:14:47 +00:00
nixbitcoin
048b49edae
pyln-proto: add copy of base58 2.1.0 2021-12-08 12:38:35 +00:00
nixbitcoin
b5984a603c
joinmarket: 0.9.3 -> 0.9.4
Ilita IRC server & use upstream twisted again
2021-12-08 12:38:28 +00:00
nixbitcoin
8433933251
node2nix composition: add writeShellScript 2021-12-08 12:38:22 +00:00
nixbitcoin
6b725157e1
clboss: sslSupport -> opensslSupport 2021-12-08 12:38:15 +00:00
nixbitcoin
1a8e7d6348
clightning: re-enable seccomp filtering 2021-12-08 12:38:10 +00:00
nixbitcoin
16f5aa0561
update to NixOS 21.11 2021-12-08 12:38:00 +00:00
Jonas Nick
729888c62a
Merge fort-nix/nix-bitcoin#428: Add presets/bitcoind-remote.nix
6b539627ee add presets/bitcoind-remote.nix (Erik Arvstedt)
5915a34891 configuration.md: fixes (Erik Arvstedt)
1596b3a5d2 minor fixes (Erik Arvstedt)
627b11d21b makeShell: use old nix tooling (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    utACK 6b539627ee

Tree-SHA512: 2abdeaef03773631aae54dccdb95c671a0140dfbec28ff554b52400b1656612fb23fd482154716601c1476599a915d6a06af28744d0ee8b61a94ffad3fa68468
2021-12-07 19:40:15 +00:00
Erik Arvstedt
6b539627ee
add presets/bitcoind-remote.nix
This simplifies integrating a remote bitcoind instance and
makes `bitcoin-cli` work with the remote node.

Add note regarding `whitelistedPort` to docs.
2021-12-07 15:35:33 +01:00
Erik Arvstedt
5915a34891
configuration.md: fixes
- Fix firewall.allowedTCPPorts settings

- Section `Allow bitcoind RPC connections`:
  Set catch-all listen for `rpc.address` instead of `address`.

- rpc.allowip: Set subnet zero to fix allowing all addresses
2021-12-07 15:35:33 +01:00
Erik Arvstedt
1596b3a5d2
minor fixes
- README: fix uppercase

- bitcoind: add whitespace

- hardware-wallets: remove unused variables
2021-12-07 15:35:33 +01:00