DynamicUser simplifies services that don't need a persistent uid/gid,
like joinmarket-ob-watcher.
For existing installations the data dir migration to dynamic users
is automatically handled by systemd.
- Fix jm-wallet-seed being globally readable.
- Handle seed extraction failures.
If seed extraction fails, remove the newly created wallet.
This guarantees that wallets always have an accompanying seed.
Systemd's `Description` option is a misnomer (as confessed by `man systemd.unit`):
Its value is used by user-facing tools in place of the unit file name, so this option
could have been more aptly named `label` or `name`.
`Description` should only be set if the unit file name is not sufficient for naming a unit.
This is not the case for our services, except for `systemd.services.nb-netns-bridge`
whose description has been kept.
As an example how this affects users, weird journal lines like
```
nb-test systemd[1]: Starting Run clightningd...
```
are now replaced by
```
nb-test systemd[1]: Starting clightning.service...
```
- Simplify examples link text.
That the examples README is located in a subdirectory is not relevant here.
- The backup frequency is freely configurable.
It's set to 'daily' only by secure-node.nix.
86d7db9940 bitcoind: add uptime to the public api whitelist (Martin Milata)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 86d7db9940
Tree-SHA512: cba7427e99998dee9f83bee2c1793b17518401b4505bebdb8dfc144429c9861fd8358a4633176fc11860a8377071fbbd56e7feefa0171e37525cb7002e296f27
Previously, onionAddresses definitions in onionServices were of the form
onionAddresses.access.<service> = [<service>];
This caused failures for configurations where a service user name was
overridden or for bitcoind whose default user is 'bitcoin' instead of 'bitcoind'.
Now set the equivalent of:
onionAddresses.access.<actualServiceUser> = [<service>];
Implement this via a new option `onionAddresses.services` to make things more
readable and to work around an infinite recursion error in onionServices.
- bitcoind 0.20.1 -> 0.21.0
Manually create a wallet in the backup test because bitcoind
does not create a default wallet anymore
- disable the failing elementsd build on unstable
Only check enabled services. This allows running the backup test with a custom subset of other
tests.
Also, show a meaningful error on test failure.
Previously, just an AssertionError without a message was shown.
Because the test code is evaluated from a string and not a file, there
was also no backtrace to the tests file.
- Don't fail on `kill $cachixPid` when cachix has already exited.
This fixes some failing CI builds.
- Stop the cachix background worker before the final `cachix push`.
This can avoid unneeded reuploads.
Use the coreutils version of tail on cirrus which supports
argument --pid.
