Commit Graph

184 Commits

Author SHA1 Message Date
Jonas Nick
7b32a78de2
Merge #284: Fix containers
2bfb4efbd8 make-container: fix usage comment (Erik Arvstedt)
3403795c86 tests: add example scripts (Erik Arvstedt)
ff94985b8b tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66 generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274 make-container: fix renamed variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 2bfb4efbd8
  jonasnick:
    utACK 2bfb4efbd8

Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00
Erik Arvstedt
44b06aea5a
extra-container: 0.5-pre -> 0.5 2020-12-18 19:56:56 +01:00
Erik Arvstedt
a359cdfb66
generate-secrets: use pwgen
Password length and alphabet is unchanged, but the restriction to
include at least one numeric and one capital char has been removed.
This restriction is not needed by client applications,
adds code complexity, and even (insignificantly) reduces entropy.

Reason for switching to pwgen:
apg uses /dev/random instead of /dev/urandom which brings no security
benefits but can stall the generate-secrets script on low-entropy
devices due to blocking.

Since `security.rngd` has been disabled in NixOS 20.09, blocking
in generate-secrets can also appear on regular NixOS desktop systems.
2020-12-18 19:56:56 +01:00
nixbitcoin
fdfafb2f40
joinmarket: 0.7.4 -> 0.8.0-bcfa7eb
Update to 0.8.0 with hotfix for genwallet script
Includes module versioning error with migration instructions
2020-12-17 11:12:58 +00:00
nixbitcoin
c9657305e7
temp: modify get-sha256 for hotfix commit 2020-12-14 16:55:03 +00:00
nixbitcoin
522b0000e6
lightning-loop: 0.11.1-beta -> 0.11.2-beta 2020-12-09 16:13:24 +00:00
Jonas Nick
fabe4df478
Update nixpkgs
Includes clightning: 0.9.1 -> 0.9.2 and btcpayserver: 1.0.5.5 -> 1.0.5.9
2020-12-07 12:30:11 +00:00
Jonas Nick
8e268c5ced
Fetch from the nixpkgs repo instead of nixpkgs-channels
nixpkgs-channels is deprecated.
2020-12-06 21:42:20 +00:00
Erik Arvstedt
1c0233c0a8
use Cirrus CI
- Make more economic use of the free CI resources by removing redundant build tasks:
  - Build unstable pkgs in a single separate task ("pkgs_unstable").
  - All stable pkgs are implicitly built by the modules tests.
- The build script (ci/build.sh) can now be executed locally for easier
  debugging.
- Use an explicit 'cachix push' command instead of helper/wait-for-network-idle.rb.
  This is simpler and more reliable.
2020-12-06 19:07:54 +01:00
Erik Arvstedt
a6346c2561
electrs: 0.8.5 -> 0.8.6 2020-12-01 12:51:36 +01:00
Ian Shipman
1d44b99340 add curated clightning plugins 2020-11-18 20:21:34 -06:00
Erik Arvstedt
5399f73b20 add txzmq python pkg 2020-11-18 20:21:34 -06:00
Erik Arvstedt
e62e163177 add clightning python pkgs 2020-11-18 20:21:34 -06:00
Erik Arvstedt
1a16e55237 move python packages to pkgs/python-packages
Remove obsolete passthru from joinmarket because joinmarket packages are
now accessible via pkgs/python-packages.
2020-11-18 20:21:34 -06:00
nixbitcoin
50372c9f2f
lightning-loop: 0.11.0-beta -> 0.11.1-beta 2020-11-18 15:36:38 +00:00
Erik Arvstedt
f1681f5b45
add option nix-bitcoin.pkgs, remove overlay
This works around a nixpkgs bug where overlays are ignored in containers.
2020-11-09 22:10:07 +01:00
Jonas Nick
a36957203c
Update nixpkgs (stable 20.03 -> 20.09) 2020-11-08 20:37:16 +00:00
nixbitcoin
546053511b
lightning-loop: 0.10.0-beta -> 0.11.0-beta 2020-11-06 08:51:30 +00:00
nixbitcoin
d4c0653c64
joinmarket: 0.7.0 -> 0.7.2 2020-11-06 08:51:15 +00:00
Jonas Nick
dbad828851
Merge #255: Improve netns-isolation and Tor config
b4b607dfa5 netns: simplify firewall setup (Erik Arvstedt)
25639cec42 netns: fix error msg when starting netns (Erik Arvstedt)
67068afd6b netns: fix error when stopping netns (Erik Arvstedt)
4ff88efc50 netns: add address binding test (Erik Arvstedt)
8da01fe8a6 lightning-loop: allow RPC access from main netns (Erik Arvstedt)
d76b080b74 lightning-loop: add RPC and REST server options (Erik Arvstedt)
9ddf7864a4 lightning-loop regtest: fix incorrectly succeeding test (Erik Arvstedt)
e66636ef0e liquidd: use type str for rpcbind (Erik Arvstedt)
de23fdd377 lnd: use type str for rpclisten, restlisten (Erik Arvstedt)
8b053326cc bitcoind: use type str for rpcbind (Erik Arvstedt)
6903e8afcc netns-liquidd: allow RPC access from main netns (Erik Arvstedt)
82f4901880 netns-lnd: allow RPC access from main netns (Erik Arvstedt)
58d24e735d netns-bitcoind: allow RPC access from main netns (Erik Arvstedt)
0e2ff948d3 test: add scenario 'netnsRegtest' (Erik Arvstedt)
e0675cb256 move enforceTor logic to service modules (Erik Arvstedt)
0cc8caa737 lnd: only set tor.active on enforceTor (Erik Arvstedt)
9a931483b9 netns test: remove strict dependency on clightning, electrs (Erik Arvstedt)
bae1b7f413 netns test: improve ping test (Erik Arvstedt)
5e0e16529c netns: fix default addressblock value type (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b4b607dfa5
  nixbitcoin:
    ACK b4b607dfa5

Tree-SHA512: b290831d9a3fa4de56b0f19cf84a1998e830aa844532d7cba8cd8227c785a23bfa1514123a974652e8e61060e1297b6bfbcff9640580206a04c5292309b1daef
2020-11-02 16:11:34 +00:00
Erik Arvstedt
8da01fe8a6
lightning-loop: allow RPC access from main netns
Note that this also exposes the REST server, which is secured by
macaroon auth like the RPC server.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
6903e8afcc
netns-liquidd: allow RPC access from main netns 2020-10-29 21:21:28 +01:00
Erik Arvstedt
82f4901880
netns-lnd: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
58d24e735d
netns-bitcoind: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
2a9b918f72
generate-secrets: always run with Bash, stop on errors 2020-10-23 10:54:15 +02:00
nixbitcoin
486f385fdd
lightning-loop: 0.9.0 -> 0.10.0
Includes macaroon authentication
2020-10-19 08:59:14 +00:00
nixbitcoin
480df0dd65
elementsd: 0.18.1.8 -> 0.18.1.9 2020-10-18 16:00:08 +00:00
nixbitcoin
1f2f910774
spark-wallet: 0.2.16 -> 0.2.17 2020-10-18 16:00:06 +00:00
Erik Arvstedt
572967d3ad
extra-container: pre-release -> 0.5-pre 2020-10-16 15:53:32 +02:00
Erik Arvstedt
ac6cee5c12
pkgs: add extra-container 2020-10-11 19:40:26 +02:00
Jonas Nick
c051544d46
Merge #234: loop: v0.8.1 -> v0.9.0
a89a3e934f test: increase diskSize (nixbitcoin)
24b506ff8a tests: simplify lightning-loop test (nixbitcoin)
e7c5f956ea lightning-loop: update module (nixbitcoin)
4a503f57bd lightning-loop: v0.8.1 -> v0.9.0 (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    reACK a89a3e934f
  erikarvstedt:
    I think it's okay if you would just merge 24b506ff8a, which is the direct parent of the ACK'd a89a3e934f, and removing a89a3e934f itself is totally uncontroversial.

Tree-SHA512: cee2a2714c714a22c35cea0fa829b42a371540983609cda6609f4d063d849f2e725643bd77cfe78eb71665725164d63f83b6c2589be9e72ba30aaecd7c8dee6c
2020-09-29 17:53:09 +00:00
Jonas Nick
d4f9bbac3f
Update nixpkgs
Includes clightning: 0.9.0-1 -> 0.9.1
2020-09-28 18:22:08 +00:00
Jonas Nick
00b413b5ce
Merge #237: BTCPayServer from upstream & postgresqlBackup
73f4275d2a backups: add btcpayserver database (nixbitcoin)
0784e2d479 Revert "temp: mirror erikarvstedt btcpayserver" (nixbitcoin)
7764f36405 pkgs: update pinned nixpkgs (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 73f4275d2a

Tree-SHA512: 6cd9ed61139918c762cfd66cfdc6f92d3d4d173fa29f8a7244b5f613a7982c5d48e10f0f0bce374cb40a51a84b4765ef8afb1b74fde5166967709d973107aa52
2020-09-25 17:57:21 +00:00
nixbitcoin
e7c5f956ea
lightning-loop: update module
* commandlineArgs -> configFile
* introduce tls certs
* loop dataDir
* fix formatting and descriptions

Warning: Manual migration of existing loop data directory necessary
2020-09-24 16:40:11 +00:00
nixbitcoin
4a503f57bd
lightning-loop: v0.8.1 -> v0.9.0 2020-09-24 16:39:36 +00:00
Erik Arvstedt
774da9d4e0
generate-secrets: fix python version for rpcauth
I accidentally included the minor version number.
Version 3.5 has been removed from nixpkgs unstable.
2020-09-24 16:32:38 +02:00
nixbitcoin
0784e2d479
Revert "temp: mirror erikarvstedt btcpayserver"
This reverts commit 99295328b4.
Removes nbxplorer/btcpayserver from travis
Adds nbxplorer/btcpayserver to pinned.nix
2020-09-24 09:33:46 +00:00
nixbitcoin
7764f36405
pkgs: update pinned nixpkgs 2020-09-24 09:33:44 +00:00
nixbitcoin
d0701f518c
joinmarket: automatically generate wallet 2020-09-22 13:50:49 +00:00
nixbitcoin
173891fa5b
joinmarket: add module 2020-09-22 13:50:37 +00:00
nixbitcoin
f00d1d24c5
joinmarket: add pkg and local dependencies 2020-09-22 13:43:08 +00:00
nixbitcoin
15b574faa7
nbxplorer/btcpayserver: add module 2020-09-15 12:09:12 +00:00
Calvin Kim
99295328b4
temp: mirror erikarvstedt btcpayserver 2020-09-15 12:08:51 +00:00
Jonas Nick
4bddeb13b1
Update nixpkgs
Includes update lnd 0.10.3 -> 0.11.0
2020-09-08 08:21:26 +00:00
nixbitcoin
e56d5365cb
loop: update 0.7.0 -> 0.8.1 2020-08-30 07:59:01 +00:00
Jonas Nick
1c31208078
Merge #229: Improve bitcoind RPC user config
9b6a3ec835 generate-secrets: extract fn 'makeHMAC' (Erik Arvstedt)
ca18ffb90a generate-secrets: fetch rpcauth.py from github (Erik Arvstedt)
4d6127bb76 bitcoind: clarify RPC whitelist test (Erik Arvstedt)
9d610991be bitcoind: remove custom rpc user names (Erik Arvstedt)
1408403dec bitcoind: clarify how bitcoin-cli RPC access is enabled (Erik Arvstedt)
4790c601a1 bitcoind: move rpc user config to bitcoind (Erik Arvstedt)
876cfadf1a bitcoind: add rpc user option 'passwordHMACFromFile' (Erik Arvstedt)
59434e79f0 bitcoind: simplify default rpc user name config (Erik Arvstedt)
205829b91f bitcoind: remove whitespace (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 9b6a3ec835
  jonasnick:
    concept ACK 9b6a3ec835

Tree-SHA512: ccb9a8d2dc1f360cc1f0bd77535fa8edfd9afec0a519719103fd059d5912a1ed4960c22ef14df616a731f6a88861fecb8d1653fb71c2288b851e4a02f9f49cb2
2020-08-29 20:06:53 +00:00
Erik Arvstedt
9b6a3ec835
generate-secrets: extract fn 'makeHMAC' 2020-08-27 12:20:06 +02:00
Erik Arvstedt
ca18ffb90a
generate-secrets: fetch rpcauth.py from github
No need to vendor this.
2020-08-27 12:20:06 +02:00
Jonas Nick
4d19fb7bf7
Merge #228: Update nixpkgs
52978b87fb Update nixpkgs (Jonas Nick)
6a2efccdf3 spark-wallet: 0.2.14 -> 0.2.16 (Jonas Nick)
438dde84fe Replace sks-keyservers.net with keyserver.ubuntu.com (Jonas Nick)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 52978b87fb

Tree-SHA512: b3f68865e2606760682e8fc1f6e637bfb38b382ea25cc67eff6402585b0f7118f132a5d9d7531c650d29d69c0b4eb8e277ad172038be73c4d34a9de678140844
2020-08-26 09:52:47 +00:00
Erik Arvstedt
ed73627e02
netns-exec: minor style fixes
- Use inline variable declarations
- Improve messages
- Fix naming: available -> allowed
- Simplify intro comment
2020-08-25 14:53:12 +02:00