4f6ff408ef
treewide: remove unneeded string literals
2021-02-07 22:41:29 +01:00
e6a6c721c1
treewide: streamline 'extraConfig' descriptions
2021-02-07 22:40:11 +01:00
e774c045de
treewide: fix formatting
2021-02-07 22:40:10 +01:00
c246bbb36e
bitcoind, clightning, lnd: improve descriptions
...
bitcoind: The previous description of 'prune' didn't match the int-only
values supported by our option.
2021-02-07 22:39:05 +01:00
7533f12ef1
bitcoind, clightning, run-tests: minor refactoring
...
bitcoind: use builtins.toFile
clightning: use boolToString
run-tests: remove leftover var
2021-02-07 22:39:05 +01:00
a26ed03d77
rename nix-bitcoin-services.nix -> lib.nix
2021-02-04 12:39:48 +00:00
b114d0c3b1
bitcoind: use systemd startup notification
2021-01-31 22:26:49 +01:00
332d0e70c8
bitcoind: support onion address announcing
2021-01-31 22:26:49 +01:00
5c09845e6f
bitcoind: tag incoming connections as onion on enforceTor
2021-01-31 22:26:49 +01:00
dd4a0238f9
bitcoind: group rpc options under parent option 'rpc'
2021-01-14 13:25:03 +01:00
5b7e0d09b2
bitcoind: add consistent address options
2021-01-14 13:25:03 +01:00
f1681f5b45
add option nix-bitcoin.pkgs, remove overlay
...
This works around a nixpkgs bug where overlays are ignored in containers.
2020-11-09 22:10:07 +01:00
8b053326cc
bitcoind: use type str for rpcbind
...
Extra RPC bind addresses can still be added via extraConfig.
2020-10-29 21:21:28 +01:00
58d24e735d
netns-bitcoind: allow RPC access from main netns
2020-10-29 21:21:27 +01:00
e0675cb256
move enforceTor logic to service modules
...
This enables tor support for services without using secure-node.nix
2020-10-29 21:21:27 +01:00
9e928e2097
bitcoind: add regtest support
...
Remove unsupported option 'testnet'.
2020-10-16 18:01:49 +02:00
9aa19c3fdd
extract operator module
2020-10-16 16:46:55 +02:00
9d610991be
bitcoind: remove custom rpc user names
...
Simpler.
We've just removed option 'bitcoind.rpcuser', so we can also remove the
old name 'bitcoinrpc'.
2020-08-27 11:39:26 +02:00
1408403dec
bitcoind: clarify how bitcoin-cli RPC access is enabled
...
It's not immediately clear why rpcuser/rpcpassword are needed in addition to the rpcauth
config entries.
2020-08-26 22:52:47 +02:00
4790c601a1
bitcoind: move rpc user config to bitcoind
...
This enables modules-only usage.
The privileged user is needed by bitcoind (cli), the public user is
needed by other services.
2020-08-26 22:52:47 +02:00
876cfadf1a
bitcoind: add rpc user option 'passwordHMACFromFile'
...
This allows adding additional rpc users without the need for
user-specific code in preStart.
2020-08-26 22:52:47 +02:00
59434e79f0
bitcoind: simplify default rpc user name config
2020-08-26 21:16:32 +02:00
205829b91f
bitcoind: remove whitespace
2020-08-26 21:16:32 +02:00
9715134f06
netns: don't repeat cli definitions
...
1. Saves some code.
2. Guarantees that the netns and no-netns cli defs are always in sync.
2020-08-25 11:40:27 +02:00
62f83a71b8
Merge #218 : Fix typos
...
df89ceed39df89ceed39
2020-08-04 15:13:09 +00:00
e650df30d5
bitcoind: bump rpcthread count
2020-08-04 14:46:57 +00:00
df89ceed39
Fix typos
2020-08-04 13:32:06 +00:00
5086fc3234
bitcoin: drive-by prune fix
2020-07-28 14:32:54 +00:00
1bf45a9547
bitcoind: add rpcwhitelist feature
...
Default behavior for rpc whitelisting is set to 0, which means that
rpcwhitelisting is only enforced for rpc users for whom an `rpcwhitelist`
exists.
2020-07-28 14:32:50 +00:00
5a978a2836
bitcoind: switch from rpcpassword to rpcauth
...
Includes bitcoind's `share/rpcauth` to convert apg generated passwords
into salted HMAC-SHA-256 hashed passwords.
2020-07-28 14:32:47 +00:00
02853067a1
bitcoind: postStart wait until bitcoind can receive rpc calls
2020-07-21 13:23:07 +00:00
515aae2825
bitcoind: add netns and nonetns cli scripts
...
nonetns script needed for bitcoind-import-banlist
2020-07-21 09:38:24 +00:00
75ca6f186c
bitcoind: add netns
...
- Adds bitcoind to netns-isolation.services
- Adds rpcbind and rpcallowip options to allow using bitcoind with
network namespaces
- Adds bind option (defaults to localhost), used as target of hidden service
- Makes bitcoind-import-banlist run in netns
2020-07-21 09:38:22 +00:00
0fd99c4cc0
bitcoind: simplify pruning
...
Remove the possible null value for bitcoind.prune and set prune = 0 in
bitcoind as a default. Remove prune = 0 in secure-node.nix and the
mkForce in configuration.nix (bitcoind.prune = lib.mkForce ).
2020-06-15 10:55:57 +00:00
16e602e2b5
Merge #190 : services: use 'port' option type
...
db48ab9b69db48ab9b69
2020-06-05 20:40:57 +00:00
db48ab9b69
services: use 'port' option type
2020-06-02 17:31:28 +02:00
a040e52854
All modules: ProtectSystem = strict
...
Add ReadWritePaths in all modules, except lnd which has ProtectSystem =
full.
2020-05-22 15:47:01 +00:00
adc71b892e
Remove PermissionStartOnly where possible and replace with bitcoinrpc
...
Remove PermissionsStartOnly for bitcoind and spark-wallet (it was never
needed there)
Give reason for PermissionsStartOnly in lightning-charge
Replace PermissionsStartOnly in clightning, electrs and liquid
2020-05-22 15:04:49 +00:00
91b6b2c370
All modules with preStart: Use systemd.tmpfiles.rules
...
This is NixOS' recommended way to setup service dirs
https://github.com/NixOS/nixpkgs/pull/56265 . This commit hands off the
initial data directory creation to systemd.tmpfiles.rules. All other
preStart scripts are left intact to limit this changes' scope.
2020-05-22 14:54:39 +00:00
7c70dd43ac
All modules: Give service config precedence over defaultHardening
...
With '//' the latter takes precedence over the former in case of
equally named attributes.
2020-05-22 08:08:27 +00:00
95d230d1d6
Remove bitcoinrpc group remnants
2020-05-19 11:13:22 +00:00
205fca3576
bitcoind: only make blocksdir group-readable when dataDirReadableByGroup
2020-05-19 11:13:18 +00:00
159f551b93
Remove bitcoin, clightning, electrs, liquid user home directory
2020-04-26 14:08:08 +02:00
4dc6c3ba5d
add option 'dataDirReadableByGroup'
...
These settings are now more accessible for users that don't use
nix-bitcoin's default node config.
Additionally, remove 'other' permissions via umask.
2020-04-16 15:55:34 +02:00
3e188238d0
only update bitcoin.conf when changed
2020-04-12 22:32:37 +02:00
08322eed9b
use [[ test
2020-04-12 22:32:37 +02:00
201fc33782
move line to relevant code section (blocks dir setup)
2020-04-12 22:32:37 +02:00
1f8fe310d0
remove option 'configFileOption'
...
It doesn't make sense for bitcoind users to completely redefine their
config file. Also, it's poorly named and the description is faulty.
This is a breaking change, but this option has probably no actual users.
2020-04-12 22:32:37 +02:00
4e5c1d7551
disable redundant logfile
2020-04-12 22:32:37 +02:00
a05551fd1c
improve config file formatting
2020-04-12 22:32:37 +02:00
Erik Arvstedt
Jonas Nick
nixbitcoin
practicalswift