greg
/
nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
631 Commits 8 Branches 0 Tags 4.1 MiB
Commit Graph

631 Commits

Author SHA1 Message Date
Erik Arvstedt bceaa361ca
operator: allow reading systemd journal 2020-04-09 11:02:06 +02:00
Erik Arvstedt 145961c2de
fix operator authorized keys setup 
This fixes these flaws in `copy-root-authorized-keys`:
- When `.vbox-nixops-client-key` is missing, operator's authorized_keys
  file is always appended to, growing the file indefinitely.
- Service is always added and not restricted to nixops-vbox deployments.
 2020-04-09 11:02:06 +02:00
Jonas Nick d7d7070e8c
Merge #155: nixops: build with pinned nixpkgs 
041ec55794 nixops: build with pinned nixpkgs (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 041ec55794

Tree-SHA512: dfe01993b2f8d6f135069dc59dc03e5902f5a36a7f9f63f3299453314cb2cec5da3be9ef66f0186f03c132d0828d30b53d2760aaf91b77f3e2b95555304c4269
 2020-04-08 18:48:06 +00:00
Erik Arvstedt 37b2faf63c
move systemPackages definitions to services 
These are generally useful and shouldn't be limited to secure-node.nix.

Also, only add the hardware-wallets group when hardware wallets are enabled.
 2020-04-08 17:35:14 +02:00
Erik Arvstedt 6c22e13b7f
copy-root-authorized-keys: use inline script definition 2020-04-08 17:35:14 +02:00
Erik Arvstedt 63c6fe3213
fixup! use '' for multi-line string 2020-04-08 17:35:14 +02:00
Erik Arvstedt ab617946a9
extract variable 'cfg' 2020-04-08 17:35:13 +02:00
Erik Arvstedt 36c84d8360
add option clightning.onionport 
Analogous to electrs.onionport
 2020-04-08 17:35:13 +02:00
Erik Arvstedt 681dbaf328
move electrs.onionport option 
Only used in secure-node.nix
 2020-04-08 17:35:13 +02:00
Erik Arvstedt 74fbfa3a5d
use lib.optionals 2020-04-08 17:35:13 +02:00
Erik Arvstedt ec6d33fbb6
rearrange code sections 
Move services to the top, operator account setup to the bottom.
 2020-04-08 17:35:13 +02:00
Erik Arvstedt e16ddc9c77
extract 'mkHiddenService' 
toPort equals port by default.
 2020-04-08 17:35:13 +02:00
Erik Arvstedt 89d3d58850
use mkIf 2020-04-08 17:35:13 +02:00
Erik Arvstedt 85e52a06cb
improve grouping of suboptions 2020-04-08 17:35:12 +02:00
Erik Arvstedt 1a63f0ca6a
remove option 'services.nix-bitcoin.enable' 
Users can enable the node config just by importing secure-node.nix
 2020-04-08 17:35:12 +02:00
Erik Arvstedt 0f8b2e91fd
add nix-bitcoin.nix for backwards compatibility 2020-04-08 17:35:12 +02:00
Erik Arvstedt 28792f79dc
rename nix-bitcoin.nix -> presets/secure-node.nix 2020-04-08 17:35:12 +02:00
Erik Arvstedt 041ec55794
nixops: build with pinned nixpkgs 2020-04-08 17:29:50 +02:00
Jonas Nick 0c4ba43ee8
Merge #149: docs: update nix installation instructions 
0ac7b1660b docs: update nix installation instructions (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 34c4ef923d3893d1fb1245f6140bca844e44c1733edd781e88e848542360993658c70ae24519c9a49f7ffb64765c5353da5056f59d9d25a2b8d13fd02f9fe97a
 2020-04-08 15:11:45 +00:00
Jonas Nick 0ac7b1660b
docs: update nix installation instructions 2020-04-08 15:10:34 +00:00
Jonas Nick 9239268ab6
Merge #136: Change the nix-bitcoin deployment from forking this repo to importing the module 
b2e15c17b8 docs: Update to new deployment method (import instead of fork) (Jonas Nick)
5ed0284db9 Add fetch-release script (Jonas Nick)
c303cd47e4 Add push-release.sh helper (Jonas Nick)
705d187a35 examples/shell.nix: don't run shellHook on subsequent nix-shells (Erik Arvstedt)
65039be656 docs: Remove duplicate instructions (Jonas Nick)
455c5664c9 docs: Replace tabs with spaces (Jonas Nick)
8aa4714979 docs: Update NixOS version (Jonas Nick)
9df22a2764 add deploy-qemu-vm.sh example (Erik Arvstedt)
548ced1994 README: Add Example section (Jonas Nick)
44ccbb91d0 Clean up development shell.nix (Jonas Nick)
abcee651d3 add deploy-container.sh (Erik Arvstedt)
5dadea310c add deploy-nixops.sh (Erik Arvstedt)
0c74c365de mention performance loss with hardened kernel profile (Erik Arvstedt)
f3121892ef move main module import to configuration.nix (Erik Arvstedt)
0c0978c007 extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' (Erik Arvstedt)
87d0286498 Change the nix-bitcoin deployment from forking this repo to importing the module (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 18e8b71f42715c5e82e2dafde9dcc965594d76aacc6be7ee2ec746a9510065749cc65331687a57d7140f45779c3b7867f6260ec224d361fb5a477062a27d6e4c
 2020-04-08 15:03:08 +00:00
Jonas Nick b2e15c17b8
docs: Update to new deployment method (import instead of fork) 
Now you clone nix-bitcoin and start out from the examples.
 2020-04-08 07:01:39 +00:00
Jonas Nick 5ed0284db9
Add fetch-release script 
This allows getting the hash of the latest (or some other) release
using github releases and gpg verification.
 2020-04-08 07:01:35 +00:00
Jonas Nick b9fbb144ca
Merge #151: readme: add travis badge 
334e30a291 readme: add travis badge (William Casarin)

Pull request description:

ACKs for top commit:
  jonasnick:
    Neat, thanks. ACK 334e30a291

Tree-SHA512: 1cad880c4a147f9f2c68c377a872e48fc5ce01db8cfd3d3d78e23ee3e6336fdb69f0cff9f9e1fe9d4efb079675ead7a05a975ebf5d963403c78be3e6f9e5ed76
 2020-04-06 20:03:12 +00:00
William Casarin 334e30a291 readme: add travis badge 
Signed-off-by: William Casarin <jb55@jb55.com>
 2020-04-04 15:00:11 -07:00
Jonas Nick 6ec8b1d2a3
Merge #148: Misc. fixes 
e398674964 run-tests.sh: fix leaking tmp files outside TMPDIR (Erik Arvstedt)
b07c77f4a4 secrets.nix: remove obsolete comment (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e398674964

Tree-SHA512: 08b61e40fc80d5d1af1d736dd5f27ff3785b07e481f179e525fec4d78d89795c6d572a3a4b9b5ad9afd47656530cbfb8cdc1da9204571eff41767cad7ae1276e
 2020-03-30 20:33:12 +00:00
Jonas Nick 83e2437399
Merge #147: remove custom no-upnp bitcoind builds 
3a606608fb remove custom no-upnp bitcoind builds (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 3a606608fb

Tree-SHA512: 4a3c1baadd6a8c6e31c0b7bf492548e4af4de753dc677d61f27f7bc35de53fd7013ae0c041a4b32ed015b9b91ece5664491356251e8792ab804724e9ca71bd81
 2020-03-30 20:28:46 +00:00
Jonas Nick c303cd47e4
Add push-release.sh helper 
Prepares, signs and pushes a release to github.
 2020-03-30 11:01:31 +02:00
Erik Arvstedt 705d187a35
examples/shell.nix: don't run shellHook on subsequent nix-shells 
This avoids an extra delay and the unexpected creation of secrets when
run in another dir.

Needed for the 'fetch-release' script introduced in a later commit.
 2020-03-30 11:00:31 +02:00
Jonas Nick 65039be656
docs: Remove duplicate instructions 2020-03-30 10:57:01 +02:00
Jonas Nick 455c5664c9
docs: Replace tabs with spaces 2020-03-30 10:57:01 +02:00
Jonas Nick 8aa4714979
docs: Update NixOS version 2020-03-30 10:57:00 +02:00
Erik Arvstedt 9df22a2764
add deploy-qemu-vm.sh example 2020-03-30 10:56:57 +02:00
Jonas Nick 548ced1994
README: Add Example section 2020-03-30 10:55:50 +02:00
Jonas Nick 44ccbb91d0
Clean up development shell.nix 2020-03-30 10:49:15 +02:00
Erik Arvstedt abcee651d3
add deploy-container.sh 2020-03-30 10:49:15 +02:00
Erik Arvstedt e398674964
run-tests.sh: fix leaking tmp files outside TMPDIR 
- Move vm image (NIX_DISK_IMAGE) from $TMP to $TMPDIR
- Set $PWD

Also:
- Simplify mktemp command
- USE_TMPDIR=1: Don't create extra dir inside $TMPDIR
 2020-03-29 18:51:35 +02:00
Erik Arvstedt b07c77f4a4
secrets.nix: remove obsolete comment 2020-03-29 18:51:34 +02:00
Erik Arvstedt 3a606608fb
remove custom no-upnp bitcoind builds 
Disabling upnp via compilation brings no substantial security benefits.
There's no way to inadvertently enable upnp, it must be set explicitly
via bitcoind.extraConfig.

But it's a huge hassle for new users who have to recompile bitcoind
before being able to use nix-bitcoin.

Also, elementsd is currently built with upnp support by default.
 2020-03-26 10:14:03 +01:00
Erik Arvstedt 5dadea310c
add deploy-nixops.sh 2020-03-24 21:43:22 +00:00
Erik Arvstedt 0c74c365de
mention performance loss with hardened kernel profile 2020-03-24 21:43:22 +00:00
Erik Arvstedt f3121892ef
move main module import to configuration.nix 2020-03-24 21:43:21 +00:00
Erik Arvstedt 0c0978c007
extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' 2020-03-24 21:43:21 +00:00
Jonas Nick 87d0286498
Change the nix-bitcoin deployment from forking this repo to importing the module 
Instead of forking this repo, it is now recommended that users simply import the
nix-bitcoin module. This commit adds an example directory that contains the
network/ examples and a shell.nix for deployment with nixops.
 2020-03-24 21:43:17 +00:00
Jonas Nick 2d51c722cc
Merge #146: lnd: add package option 
106dcacb61 lnd: add package option (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 95f4fa40c34421872ca8940c6ad87775a8c7e75e8b3d5df2ed3a348c1f6212ae7b090b889831bc9ee6ddbcb26e9e237bfbd08542a0a5b7f92b06f2591182710f
 2020-03-09 09:04:17 +00:00
Jonas Nick 106dcacb61
lnd: add package option 2020-03-09 08:22:00 +00:00
Jonas Nick 3158e39009
Merge #137: Add nixops19_09 to default pkgs. 
28cf7ebe74 Add nixops19_09 to default pkgs. (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: e10f7d8d94df506cc5848477956da6cd3cc1c7ee87950df8c09da27e2fcac87b97c7dff1facafde5b114a9d7f6076f492956c2b684a7776b2566e86ba78a9d1d
 2020-03-08 14:07:04 +00:00
Jonas Nick 28cf7ebe74
Add nixops19_09 to default pkgs. 
It's helpful to be able to use this packages when importing nix-bitcoin.
 2020-03-08 14:00:23 +00:00
Jonas Nick d62dac450a
Merge #144: Electrs fixes 
5596bcf4fb bitcoind: set default rpcuser (Erik Arvstedt)
c4cf323873 electrs: add option 'extraArgs' (Erik Arvstedt)
e731d71232 electrs: add option 'address' (Erik Arvstedt)
1e62456ed1 electrs: test RPC connection to bitcoind (Erik Arvstedt)
0be67c325e electrs: use cfg.user, cfg.group (Erik Arvstedt)
48be5a79fa electrs.enable: use mkEnableOption (Erik Arvstedt)
b75b2a1626 electrs: improve description (Erik Arvstedt)
fa3455d01f electrs: don't leak bitcoinrpc secret through process ARGV (Erik Arvstedt)
f30aadbef2 electrs: enable unstable build, pin pkg to unstable (Erik Arvstedt)
5c6571654e electrs: 0.7.1 -> 0.8.3 (Erik Arvstedt)
47481b2642 electrs: quote dataDir in shell cmd (Erik Arvstedt)
8fb33d1099 electrs: use bitcoind.dataDir option (Erik Arvstedt)
45ba1f1fb3 electrs: don't print timestamps to log (Erik Arvstedt)
88080a58bf electrs: wrap long lines in preStart (Erik Arvstedt)
301bb91ae5 simplify setting high-memory options (Erik Arvstedt)
93fd2329b8 electrs: make nginx TLS proxy optional (Erik Arvstedt)
acde24ce43 electrs: move user/group definitions to bottom (Erik Arvstedt)
148327326b electrs: formatting (Erik Arvstedt)
cce9932b62 make pinned pkgs accessible through pkgs/default.nix (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 5596bcf4fb

Tree-SHA512: 2064b352839a1787ccb05930ac2cf1f0d3596aaea81135086e8a91b9eebf319868087a27cdf9f2fd0152ab652d338680cdf9e866185e86777fcdd87931651b39
 2020-03-04 21:03:48 +00:00
Erik Arvstedt 5596bcf4fb
bitcoind: set default rpcuser 
We're already setting a default rpcpassword, so we should set an
accompanying rpcuser so that rpc clients like electrs work out of the box.
 2020-03-04 18:09:52 +01:00