Not polluting the main pkgs namespace with internal pkgs makes it
easier to integrate the nix-bitcoin modules into a larger config.
Also, by overriding the nix-bitcoin namespace, users can now easily set the
packages used by services that offer no explicit `package` option, like `clightning`.
Remove use of nixops-specific 'keys' group and key services.
Instead:
- Add nix-bitcoin-secrets.target, which should be required by all
units that depend on secrets. (To keep it simple, it's okay to meet
the secrets dependency indirectly by e.g. depending on bitcoind.)
Various secret deployment methods can use this target by
setting up the secrets before activating the target.
In case of nixops we just specify that nixops' keys.target comes
before nix-bitcoin-secrets.target.
If the target is left undefined in the case of manual secrets
deployment, systemd will simply ignore unit dependencies on
the target.
- Allow all users to access the secrets dir.
The access protection for the individual secret files is unchanged.
This allows us to drop the unit dependency on the nixops 'keys' group.
c36c496507 banlist: fail on unexpected errors (Erik Arvstedt)
e0276503ed fixup! ignore banlist errors (like in master) (Erik Arvstedt)
d64156e485 banlist: don't wait in preStart until bitcoind is ready (Erik Arvstedt)
d87c50a305 banlist: simplify unit, bind to bitcoind, fix wantedBy (Erik Arvstedt)
39885d37c1 banlist: simplify script, remove package (Erik Arvstedt)
55e73f32e3 bitcoind: add cli option (Erik Arvstedt)
8807b9f6b2 bitcoind: remove 'StateDirectory' (Erik Arvstedt)
Pull request description:
Please see the individual commit messages for more infos.
This time I've used commit msg titles starting with lower-case letters.
I think this style is the simplest and cleanest, especially with
`topic:` prefixes. Let me know if I should reformat this.
Regarding commit `banlist: simplify script, remove package`:
I've added the current version of Greg's banlist, but it has 5600 entries instead of the previous 739. Is this ok?
Rationale for commit `bitcoind: add cli option`:
For some cases it can be useful when bitcoin-cli is an executable instead of a shell alias.
- non-interactive ssh commands like `ssh mynode 'bitcoin-cli getnetworkinfo'`.
This can also be achieved with shell aliases in `environment.shellInit`, but it's good
practice to avoid aliases in noninteractive shells.
- Scripts that call `bitcoin-cli`. The banlist importer which uses this is a good example.
ACKs for top commit:
jonasnick:
ACK c36c496507
Tree-SHA512: 31dacf5e5b051ada24151c9884a97cfd83883c2b48e3d25e16f228fb575cb915e1093d12d171a44d25064fda7d7b98a27c897cc4bdace527c52fdf652033a160
Type = "simple" is the default unit type.
Being wanted by bitcoind instead of a system target is more appropriate.
By binding to bitcoind, the service is automatically stopped when
bitcoind exits. This eliminates the bitcoind liveness check in preStart.
We're now directly using Greg's unmodified banlist which
simplifies the update process.
The banlist package with its dependency on the bitcoin datadir path is only
relevant for internal use within nix-bitcoin, so we can safely remove
it.
We're now using the bitcoin-cli from `services.bitcoind.package`.
Fixes#129
46edb39d2f Add content hashes for pinned channels (Erik Arvstedt)
961e8217a9 Rename contrib/ to helper/ (Erik Arvstedt)
Pull request description:
Unhashed external content is bad for security and performance (due to
re-fetches when the cache times out).
Use this simple fix until https://github.com/fort-nix/nix-bitcoin/pull/78 is fleshed out.
For testing, run this in the repo root dir:
```bash
nix eval '(import ./pkgs/nixpkgs-pinned.nix)'
```
ACKs for top commit:
jonasnick:
ACK 46edb39d2f
Tree-SHA512: cb098a4714aecf00e8d0f9fe6d388b6322416c1d2f8d55b54dc16328145331a87a71fbf68e2faa85105727cbd6370542799f1c2d84ac2bee90a6710b96eba9bd
6ba4a43193 Fix release.nix.patch for our nixops (Jonas Nick)
Pull request description:
Otherwise nix-shell doesn't start up:
```
building '/nix/store/c03b0sb0b822m7n1j0rhg8bfbmqv2vv2-src.drv'...
patching file release.nix
Hunk #3 FAILED at 83.
1 out of 3 hunks FAILED -- saving rejects to file release.nix.rej
builder for '/nix/store/c03b0sb0b822m7n1j0rhg8bfbmqv2vv2-src.drv' failed with exit code 1
error: build of '/nix/store/c03b0sb0b822m7n1j0rhg8bfbmqv2vv2-src.drv' failed
(use '--show-trace' to show detailed location information)
```
CC @erikarvstedt
Top commit has no ACKs.
Tree-SHA512: fd92325f9cf6f44592a0733131efc147669140402fb87a9efb6e407520048b8e84a58ccbf12c9c3a637a24f3d381cfaa54a34e2341e6542eb1e3769447de0f8f
cfafcb5d32 Fix virtualbox deployment for 19.09 (Erik Arvstedt)
Pull request description:
Without this, starting the virtualbox guest service fails during machine activation.
This is due to an incompatible NixOS machine base image.
Fix this by using an updated version of nixops.
I've already reported [this issue](https://github.com/NixOS/nixops/issues/1207) upstream.
@jonasnick, could you check if this new nixops version works
correctly for your non-virtualbox deployments?
Top commit has no ACKs.
Tree-SHA512: ac8a86ec11739c4bd527c45438bbbd92cb8a5b94509d45a56a22c3294419a78e01cdfa9a9cac17be84b9a1dd79eee35150eb182904265c3fbf387be59d8d85d3
Without this, starting the virtualbox guest service fails during machine activation.
This is due to an incompatible NixOS machine base image.
Fix this by using an updated version of nixops.
6e26453689 Set default size of the virtualbox machine disk (Erik Arvstedt)
Pull request description:
This eliminates the manual resize step in vbox deployment
ACKs for top commit:
jonasnick:
ACK 6e26453689
Tree-SHA512: 31521de732ad891af94c007bf6a9947131b476c904c84c8cad35786e95b08a26b29eacc58041877f4ef80ebebd1bf1c2e863694022c72e56130c02d7417332b4
0c22af03b7 Allow AnyProtocol for bitcoin if zmq options are set (and not if lnd is enabled) (Jonas Nick)
cf39d88c63 Move zmq options from nix-bitcoin.nix to bitcoind module (Jonas Nick)
Pull request description:
... which is a better place for this. CC @cypherpunk2140
Top commit has no ACKs.
Tree-SHA512: 47d1b95fef78ee31711b5ad5a59000adfb0fcd3bbfe82c7321d87f5a6d7c998646d3428a1c86ff9b0103b167501c8cf3b16e00d4e2b5c09425ab09f732f75a57
664c5c6762 Switch from python 3.5 to python 3.x for trezor (Jonas Nick)
8dd27b6334 Use types.str instead of types.string to avoid warning (Jonas Nick)
09d2df1a81 Use stable tor module instead of unstable which we had to use because stable didn't support v3 onion services (Jonas Nick)
b2fb83c910 Use our own bitcoind module instead of nixpkgs' (Jonas Nick)
26d2e11a6b Update to NixOS 19.09 (Jonas Nick)
1d022f2017 Remove PyQt dependency from liquid-swap tool because it doesn't work with NixOs 19.09 and we don't need it anyway (Jonas Nick)
Pull request description:
ACKs for top commit:
erikarvstedt:
Tested ACK 664c5c6762
Tree-SHA512: eecbb15011ce8849b8c54788e296109a7f0529286b5a38cd2dd90268cbd03ca396555296ac2018e7e82d88cace18d97ab69201a252b30b3b87db0ae136c410c5
a152c19945 spark-wallet: 0.2.8 -> 0.2.9 (William Casarin)
Pull request description:
needed to fix issues with deprecated apis such as `listpayments`
ACKs for top commit:
jonasnick:
ACK a152c19945
Tree-SHA512: 875a07aa2e3ddd944d41bb01471cdaa837dfa513de88b990d78a2986fad913c13268847de1f0eca82fb87f413ca6f4c56b6adc710c1bad0ef81324c8679631d0
c5024d0f15 Add liquid-swap tool to CI (Jonas Nick)
29e612d3bd Remove spark-wallet with unstable from nixpkgs because it doesn't work (Jonas Nick)
c1d67c4cee Update nixpkgs (Jonas Nick)
Pull request description:
Top commit has no ACKs.
Tree-SHA512: 64de79713b656a7535c0a89f8cead5be0168b067d2e79d9b9dfa7152635d09cea677494ad04f8a0b5f9c5278860ff8f75813561ddafb5ca8024f1f66b4fd4f34
8e69e42c12 Update elementsd to 0.18.1.1 (Jonas Nick)
Pull request description:
Because `LC_ALL` must be set to make the tests work (https://github.com/bitcoin/bitcoin/issues/14948#issuecomment-447049325) I also copied the rest from the current nixpkgs bitcoind package.
Top commit has no ACKs.
Tree-SHA512: 6380c0bbb5b35cf49e7553d561d46546701c260c25771b35e3d4ce5c5c5078eed2062f85fa505ae99daa9975beff8ec5d1f33483c0d335a11d275679a968f799
ae15205689 Mention another way to get nixops to pick up the correct IP address of a virtualbox (Jonas Nick)
4df0c9fcfd Fix nodeinfo for clightning (Jonas Nick)
Pull request description:
ACKs for top commit:
cypherpunk2140:
ACK ae15205689
Tree-SHA512: 56fff8c687e0070c0dcd1d7c44cd1b82f6d86103e8634a06fc823dea4bf9d1d986bcfb19caa6c72836c4cbcb636cd5360b3326ae71ee05ecf0942c02566b61b9
aabf4a4730 travis: remove cachix push (William Casarin)
8e751c5f3c travis: disable unstable electrs, it is broken (William Casarin)
1e3afa54c5 travis: add travis yml (William Casarin)
d7d35b875a nixpkgs-pinned: fetch a tarball instead (William Casarin)
Pull request description:
This builds everything to make sure everything works on either the latest release or unstable branch. In the future we could do more interesting nixops builds to test modules, but for now we just nix-build everything and make sure it compiles.
We test the build with two different versions of nixpkgs:
- nixpkgs-channels/nixos-19.03
- nixpkgs-channels/nixos-unstable
ACKs for top commit:
jonasnick:
ACK aabf4a4730
Tree-SHA512: 7241552e65fe2e5325f23e271eeb1f87bdf59c85e5dbd8263326d14340bbbee17163d5cb9df3f562c86182b0585ab766fefddea627ee45f0cf8258b85ece6404
