Commit Graph

1714 Commits

Author SHA1 Message Date
Erik Arvstedt
349f904e79
secrets: use assertion instead of error in default value
This enables generating module option documentation.
2021-12-11 13:27:48 +01:00
Jonas Nick
1b3d3620fb
Merge fort-nix/nix-bitcoin#430: NixOS 21.11
2f0f1ec15a hardened-extended: define kernelParams as separate strings (Erik Arvstedt)
71e9864060 netns-isolation: add compatibility with 21.11 (Erik Arvstedt)
8f641756ce tests: add TODO-EXTERNAL (Erik Arvstedt)
b2f7a80f9f tests: add compatibility with 21.11 (Erik Arvstedt)
88fa33479f clightning-plugins: update prometheus-client version pin (nixbitcoin)
c9c2104009 klein: use from upstream, update jmclient version pin (nixbitcoin)
048b49edae pyln-proto: add copy of base58 2.1.0 (nixbitcoin)
b5984a603c joinmarket: 0.9.3 -> 0.9.4 (nixbitcoin)
8433933251 node2nix composition: add writeShellScript (nixbitcoin)
6b725157e1 clboss: sslSupport -> opensslSupport (nixbitcoin)
1a8e7d6348 clightning: re-enable seccomp filtering (nixbitcoin)
16f5aa0561 update to NixOS 21.11 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 2f0f1ec15a
  jonasnick:
    ACK 2f0f1ec15a

Tree-SHA512: 0685f94f0bc2ab64faa8679e2b579e6f2f1e96809ff00b61083b89bd7367ac990ddc1221698ee0e6729303c2a9a120cd460f32aba4f16ac5beeada8b70b6ea5b
2021-12-10 22:15:36 +00:00
Erik Arvstedt
2f0f1ec15a
hardened-extended: define kernelParams as separate strings
This is now checked by the modules.
2021-12-10 12:16:31 +00:00
Erik Arvstedt
71e9864060
netns-isolation: add compatibility with 21.11
`security.wrappers` now requires `group` be defined.
2021-12-10 12:16:09 +00:00
Erik Arvstedt
8f641756ce
tests: add TODO-EXTERNAL 2021-12-10 12:15:36 +00:00
Erik Arvstedt
b2f7a80f9f
tests: add compatibility with 21.11
Adapt to the new test driver and systemd versions.
2021-12-10 12:15:20 +00:00
nixbitcoin
88fa33479f
clightning-plugins: update prometheus-client version pin 2021-12-10 12:15:16 +00:00
nixbitcoin
c9c2104009
klein: use from upstream, update jmclient version pin
klein 20.6.0 was failing Twisted 21.7.0 tests.
2021-12-10 12:14:47 +00:00
nixbitcoin
048b49edae
pyln-proto: add copy of base58 2.1.0 2021-12-08 12:38:35 +00:00
nixbitcoin
b5984a603c
joinmarket: 0.9.3 -> 0.9.4
Ilita IRC server & use upstream twisted again
2021-12-08 12:38:28 +00:00
nixbitcoin
8433933251
node2nix composition: add writeShellScript 2021-12-08 12:38:22 +00:00
nixbitcoin
6b725157e1
clboss: sslSupport -> opensslSupport 2021-12-08 12:38:15 +00:00
nixbitcoin
1a8e7d6348
clightning: re-enable seccomp filtering 2021-12-08 12:38:10 +00:00
nixbitcoin
16f5aa0561
update to NixOS 21.11 2021-12-08 12:38:00 +00:00
Jonas Nick
729888c62a
Merge fort-nix/nix-bitcoin#428: Add presets/bitcoind-remote.nix
6b539627ee add presets/bitcoind-remote.nix (Erik Arvstedt)
5915a34891 configuration.md: fixes (Erik Arvstedt)
1596b3a5d2 minor fixes (Erik Arvstedt)
627b11d21b makeShell: use old nix tooling (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    utACK 6b539627ee

Tree-SHA512: 2abdeaef03773631aae54dccdb95c671a0140dfbec28ff554b52400b1656612fb23fd482154716601c1476599a915d6a06af28744d0ee8b61a94ffad3fa68468
2021-12-07 19:40:15 +00:00
Erik Arvstedt
6b539627ee
add presets/bitcoind-remote.nix
This simplifies integrating a remote bitcoind instance and
makes `bitcoin-cli` work with the remote node.

Add note regarding `whitelistedPort` to docs.
2021-12-07 15:35:33 +01:00
Erik Arvstedt
5915a34891
configuration.md: fixes
- Fix firewall.allowedTCPPorts settings

- Section `Allow bitcoind RPC connections`:
  Set catch-all listen for `rpc.address` instead of `address`.

- rpc.allowip: Set subnet zero to fix allowing all addresses
2021-12-07 15:35:33 +01:00
Erik Arvstedt
1596b3a5d2
minor fixes
- README: fix uppercase

- bitcoind: add whitespace

- hardware-wallets: remove unused variables
2021-12-07 15:35:33 +01:00
Erik Arvstedt
627b11d21b
makeShell: use old nix tooling
The `nix` command is an experimental feature and should be avoided in
user-facing code.

I recently saw `nix eval` failing for a user who was asking for help
via Matrix.
2021-12-07 15:35:33 +01:00
Jonas Nick
8a7ec27e6d
Merge fort-nix/nix-bitcoin#427: cl-rest: 0.5.2 -> 0.6.0
d3788e141d cl-rest: 0.5.2 -> 0.6.0 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK d3788e141d

Tree-SHA512: 48acb8c7dbabf15c6b0c595a9a5e6210ebd0314c219eb5e229045d794e01eb0fa4f0f5882b9d4a7c2170b6adb85463fa66fbfe828a39dcca0cc6c73ecd894ccf
2021-11-29 18:08:01 +00:00
Jonas Nick
747019a9e9
Merge fort-nix/nix-bitcoin#425: Misc. improvements
def64a73b8 treewide: use TODO-EXTERNAL (Erik Arvstedt)
6f37bef2a3 netns-isolation: simplify firewall setup (Erik Arvstedt)
f52059ce3c docs: add doc 'Configuration and maintenance' (Erik Arvstedt)
94aee8174d usage.md: add section `Managing services` (Erik Arvstedt)
8cc7b83da1 usage.md: convert to '#' heading syntax (Erik Arvstedt)
91fbcfcc77 faq.md: reformat (Erik Arvstedt)
9e4f4d6b0f bitcoind: add option `txindex` (Erik Arvstedt)
10a744a598 rtl: add option `extraCurrency` (Erik Arvstedt)
62a2602e78 electrs: use dataDir for storing extra config (Erik Arvstedt)
9bda7305fd services: add `tor.*` options (Erik Arvstedt)
ff24e73ad7 onion-addresses: fix files not being copied (Erik Arvstedt)
c6fe017aeb netns-isolation: avoid creating service files for disabled services (Erik Arvstedt)
017e08ca10 btcpayserver: move nbxplorer options to bottom (Erik Arvstedt)
e1d869d76c modules.nix: move rtl to fix topological sorting (Erik Arvstedt)
e44cd7ecdc rtl: improve descriptions (Erik Arvstedt)
bd275d3a9a minor improvements (Erik Arvstedt)
8aa28da110 remove `recurring-donations` module (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK def64a73b8
  jonasnick:
    ACK def64a73b8

Tree-SHA512: 13acd2a3dd73c07f9c31874c8e961f12f39accb48847cbad08479b9a8154b79a6f186819272072dfb5c4768264b81f6e058e9afa57a729db2096784e48352dfd
2021-11-29 18:05:19 +00:00
Erik Arvstedt
def64a73b8
treewide: use TODO-EXTERNAL
Use TODO-EXTERNAL for TODOs that depend on external factors like
upstream fixes.
2021-11-29 13:47:48 +01:00
Erik Arvstedt
6f37bef2a3
netns-isolation: simplify firewall setup
Set all allowed INPUT/OUTPUT addresses in a single `iptables` command.
2021-11-29 13:47:48 +01:00
Erik Arvstedt
f52059ce3c
docs: add doc 'Configuration and maintenance'
- Move section `updating` from `usage.md` to `configuration.md` and
  rename `usage.md` -> `services.md`.
  `services.md` documents how enable and interact with node services.

- README: Move `docs` below `Get started`. The `docs` section is short and
  should be easily accessible.
2021-11-29 13:47:47 +01:00
Erik Arvstedt
94aee8174d
usage.md: add section Managing services 2021-11-29 13:22:44 +01:00
Erik Arvstedt
8cc7b83da1
usage.md: convert to '#' heading syntax
Like in other docs.
2021-11-29 13:22:44 +01:00
Erik Arvstedt
91fbcfcc77
faq.md: reformat
Improves readability in both the rendered and raw formats.

Also, mention that `doas` is enabled only via the `secure-node.nix` template.
2021-11-29 13:22:44 +01:00
Erik Arvstedt
9e4f4d6b0f
bitcoind: add option txindex 2021-11-29 13:22:44 +01:00
Erik Arvstedt
10a744a598
rtl: add option extraCurrency 2021-11-29 13:22:44 +01:00
Erik Arvstedt
62a2602e78
electrs: use dataDir for storing extra config
This is simpler and more memory-efficient.
We've also changed other services to use this appraoch.

Also remove unneded `wait_for_unit` in the electrs regtest test.
2021-11-29 13:22:44 +01:00
Erik Arvstedt
9bda7305fd
services: add tor.* options
Split `enforceTor` into `tor.proxy` and `tor.enforce`.
By enabling `tor.proxy` without `tor.enforce`, a service can accept
incoming clearnet connections.
E.g., this allows setting up a Tor-proxied bitcoind node that accepts
RPC connections from LAN.
2021-11-29 13:22:43 +01:00
Erik Arvstedt
ff24e73ad7
onion-addresses: fix files not being copied
When NixOS is already running and Tor is restarted due to config
changes, `/var/lib/tor/state` may be present even when Tor has not
yet finished setting up onion services.
This caused the previous version of `onion-addresses` to not wait for
Tor and to skip not yet present onion service files.

`onion-addresses` now waits until each required onion service file
has appeared.
2021-11-29 13:22:43 +01:00
Erik Arvstedt
c6fe017aeb
netns-isolation: avoid creating service files for disabled services
Only set the `serviceConfig` option when the service is enabled.
Otherwise a service file is created.
2021-11-29 13:22:43 +01:00
nixbitcoin
d3788e141d
cl-rest: 0.5.2 -> 0.6.0 2021-11-29 11:39:47 +00:00
Jonas Nick
2a5d98c4fc
Merge fort-nix/nix-bitcoin#426: update nixpkgs
daeea4012e tests: remove pkgsUnstable (Jonas Nick)
76737ead9f update nixpkgs (Jonas Nick)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK daeea4012e

Tree-SHA512: b8b6e7397de413dd1137207cc1e614c7fca53d477e2484c73781abb824691ab7eee5ad849cd5af5666437cf0753aed4c38f02b6e3502f6a04f7efd401faddf55
2021-11-28 20:44:49 +00:00
Erik Arvstedt
017e08ca10
btcpayserver: move nbxplorer options to bottom
These are largely irrelevant to end users.
2021-11-28 21:18:49 +01:00
Erik Arvstedt
e1d869d76c
modules.nix: move rtl to fix topological sorting
rtl depends on lnd and lightning-loop.
2021-11-28 21:18:47 +01:00
Erik Arvstedt
e44cd7ecdc
rtl: improve descriptions
Also move cl-rest to the bottom.
2021-11-28 21:18:44 +01:00
Erik Arvstedt
bd275d3a9a
minor improvements
- README:
  - Add RTL

- examples/configuration.nix:
  - Fix comment

- btcpayserver.nix:
  - Use nbLib.addressWithPort
  - Embed optionalString like the other optionalStrings

- clboss.nix:
  - Improve description

- clightning.nix:
  - Option `extraConfig`: Add example, improve description.
  - Disable `log-timestamps`. Timestamps are already logged via journald.
  - Simplify `preStart` script

- electrs.nix:
  - Use `port` description wording like in other services.
2021-11-28 21:18:40 +01:00
Erik Arvstedt
8aa28da110
remove recurring-donations module
This module has failed to evaluate for quite some time.
We might bring it back someday with bolt12 and LNURL support.
2021-11-28 21:18:39 +01:00
Jonas Nick
daeea4012e
tests: remove pkgsUnstable
The latest nixpkgs-unstable update would require node-based packages to
distinguish between stable and unstable when building. Instead of dealing with
that complexity, we will only guarantee compatability of our packages with
stable.
2021-11-28 19:16:21 +00:00
Jonas Nick
76737ead9f
update nixpkgs
btcpayserver: 1.3.3 -> 1.3.6
electrs: 0.9.2 -> 0.9.3
lnd: 0.13.3-beta -> 0.14.1-beta
nbxplorer: 2.2.16 -> 2.2.18

electrs does not accept command line argument -vv anymore, so we have to use
--log-filter instead.
2021-11-28 17:34:10 +00:00
Jonas Nick
9a31cc7d5a
Merge fort-nix/nix-bitcoin#424: spark-wallet: 0.2.17 -> 0.3.1
f739bc5174 spark-wallet: 0.2.17 -> 0.3.1 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK f739bc5174

Tree-SHA512: bfcc5bc076f90037d76757a23f26936f5a1c7331695a0ad31f5e4f69ee3b2cf8f46c984aa8a79926cafc6f195d81e6bd457e88768bd0e657e7300c2614ec556f
2021-11-10 21:58:40 +00:00
Jonas Nick
6673c8245c
Merge fort-nix/nix-bitcoin#423: Misc. improvements
4a74b7de08 clightning: work around unsupported seccomp syscall (Erik Arvstedt)
38a843d005 clightning: update python pkgs to new version (Erik Arvstedt)
6ad7107ddb update nixpkgs (Erik Arvstedt)
f58d67677e netns-isolation: separate host and netns setup (Erik Arvstedt)
cb6e5ef702 netns-isolation: fix routing issues due to netns restarting (Erik Arvstedt)
7f77147b60 makeShell: minor improvements (Erik Arvstedt)
a5730eb736 makeShell: make the help msg a shell derivation variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 4a74b7de08

Tree-SHA512: 75454b51db6d7ab41590d8579e0a5136e5ac1be78d5c2f547c6ef1982c0de679968879bb9bac57dd66413f59a4659236601ab75414486b0137c7c43d73d22759
2021-11-10 21:57:16 +00:00
Erik Arvstedt
4a74b7de08
clightning: work around unsupported seccomp syscall 2021-11-10 21:26:56 +01:00
Erik Arvstedt
38a843d005
clightning: update python pkgs to new version 2021-11-10 21:26:11 +01:00
Erik Arvstedt
6ad7107ddb
update nixpkgs
btcpayserver: 1.3.1 -> 1.3.3
clightning: 0.10.1 -> 0.10.2
2021-11-10 21:26:10 +01:00
Jonas Nick
d5d64ace29
Merge fort-nix/nix-bitcoin#419: Add RTL
030f649009 docs: remove obsolete nixops deploy instructions (nixbitcoin)
0a6324e9de docs: add usage instructions for connecting to RTL (nixbitcoin)
41c4dd041e test: add rtl & cl-rest (nixbitcoin)
f569227410 rtl: add module (nixbitcoin)
0e1e2a1b3c cl-rest: init at 0.5.2 (nixbitcoin)
83196f5545 rtl: init at 0.11.2 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 030f649009

Tree-SHA512: a6c7694ec945d44f0adfa2e651987301e895d4947dfdd6967cea188c967667f7d97849579189c1043ed9ef6d524c688202ca54a6ce7c2c7ee46b8a59c1c9903d
2021-11-09 15:51:30 +00:00
nixbitcoin
f739bc5174
spark-wallet: 0.2.17 -> 0.3.1 2021-11-09 15:19:14 +00:00
nixbitcoin
030f649009
docs: remove obsolete nixops deploy instructions 2021-11-09 14:15:27 +00:00