15b574faa7
nbxplorer/btcpayserver: add module
2020-09-15 12:09:12 +00:00
46d681a17e
lnd: generate custom macaroons
...
Create new `macaroon` option that allows any module to place its own
custom macaroon in the lnd RuntimeDirectory `/run/lnd`.
2020-09-15 12:09:02 +00:00
6f032e3c40
lnd: fix mnemonic file access vulnerability
...
Previously, the file was readable by 'other' for a short time after
creation.
2020-09-15 12:09:00 +00:00
b97584f5cb
netns: allow return traffic to outgoing connections
2020-09-15 12:08:58 +00:00
99295328b4
temp: mirror erikarvstedt btcpayserver
2020-09-15 12:08:51 +00:00
adae7da3f2
Merge #231 : Update nixpkgs
...
4bddeb13b14bddeb13b1
2020-09-08 15:44:25 +00:00
4bddeb13b1
Update nixpkgs
...
Includes update lnd 0.10.3 -> 0.11.0
2020-09-08 08:21:26 +00:00
94874c3090
Merge #230 : loop: update 0.7.0 -> 0.8.1
...
fc15d507ffe56d5365cbfc15d507ff
2020-08-30 19:50:29 +00:00
fc15d507ff
loop: adjust test to new message
2020-08-30 08:07:02 +00:00
e56d5365cb
loop: update 0.7.0 -> 0.8.1
2020-08-30 07:59:01 +00:00
1c31208078
Merge #229 : Improve bitcoind RPC user config
...
9b6a3ec835ca18ffb90a4d6127bb769d610991be1408403dec4790c601a1876cfadf1a59434e79f0205829b91f9b6a3ec8359b6a3ec835
2020-08-29 20:06:53 +00:00
9b6a3ec835
generate-secrets: extract fn 'makeHMAC'
2020-08-27 12:20:06 +02:00
ca18ffb90a
generate-secrets: fetch rpcauth.py from github
...
No need to vendor this.
2020-08-27 12:20:06 +02:00
4d6127bb76
bitcoind: clarify RPC whitelist test
...
- Remove redundant comment
- Test with obviously unsafe RPC call 'stop'
- No need to test privileged user who has no whitelist
2020-08-27 12:19:49 +02:00
9d610991be
bitcoind: remove custom rpc user names
...
Simpler.
We've just removed option 'bitcoind.rpcuser', so we can also remove the
old name 'bitcoinrpc'.
2020-08-27 11:39:26 +02:00
1408403dec
bitcoind: clarify how bitcoin-cli RPC access is enabled
...
It's not immediately clear why rpcuser/rpcpassword are needed in addition to the rpcauth
config entries.
2020-08-26 22:52:47 +02:00
4790c601a1
bitcoind: move rpc user config to bitcoind
...
This enables modules-only usage.
The privileged user is needed by bitcoind (cli), the public user is
needed by other services.
2020-08-26 22:52:47 +02:00
876cfadf1a
bitcoind: add rpc user option 'passwordHMACFromFile'
...
This allows adding additional rpc users without the need for
user-specific code in preStart.
2020-08-26 22:52:47 +02:00
59434e79f0
bitcoind: simplify default rpc user name config
2020-08-26 21:16:32 +02:00
205829b91f
bitcoind: remove whitespace
2020-08-26 21:16:32 +02:00
4d19fb7bf7
Merge #228 : Update nixpkgs
...
52978b87fb6a2efccdf3438dde84fe52978b87fb
2020-08-26 09:52:47 +00:00
5c99656cce
Merge #226 : Improve netns-isolation and tests
...
e5fb3f6a7fdf790f676691697b142728236691aa80da0a41bc9b4cd7bd1c0f56ea6ad19237e5dc3ded73627e0291ebc2d517809e754851b7450877a08bfb7bb2f832e70a7516121301337b9715134f06e385c73256d0b8d77de20f0f6ddbb9a3ae8668e6b7fc819be55a81693ef374f16106684eb92df08c50de54aef1e5fb3f6a7fe5fb3f6a7f
2020-08-25 13:29:33 +00:00
e5fb3f6a7f
run-tests: document how to pass extra build args
2020-08-25 14:58:04 +02:00
df790f6766
run-tests: allow linking test build results for all scenarios
2020-08-25 14:58:04 +02:00
91697b1427
test: allow for testing all scenarios
...
Test all scenarios by default when running 'build' (which happens
when the script is called without arguments).
Default to scenario 'default' in other test commands like 'debug'.
2020-08-25 14:53:13 +02:00
28236691aa
test: rename scenarios/lib.py -> base.py
...
This file isn't a scenario, it's also not a lib because it contains
the main share of actual tests.
2020-08-25 14:53:13 +02:00
80da0a41bc
test: load complete test environment in debug mode
...
Stop just before executing actual tests.
This makes all test functions accessible in debug mode.
2020-08-25 14:53:12 +02:00
9b4cd7bd1c
test: simplify scenario handling
...
We can switch to a more sophisticated scheme later when adding more scenarios
2020-08-25 14:53:12 +02:00
0f56ea6ad1
test: include scenario in test name
2020-08-25 14:53:12 +02:00
9237e5dc3d
test: use pydoc docstring
2020-08-25 14:53:12 +02:00
ed73627e02
netns-exec: minor style fixes
...
- Use inline variable declarations
- Improve messages
- Fix naming: available -> allowed
- Simplify intro comment
2020-08-25 14:53:12 +02:00
91ebc2d517
netns-exec: simplify installation
2020-08-25 14:53:12 +02:00
809e754851
netns: improve bridge setup
...
- Explain why we don't use option `networking.bridges`
- Make the bridge setup service part of NixOS' network-setup.service.
This yields no noticable functional changes for now, but it's
conceptually cleaner to finish the network setup before network.target
becomes active.
- Add 'nb-' prefix to service name
2020-08-25 14:53:12 +02:00
b7450877a0
netns: rename bridge peer devices br-nb-veth* -> nb-veth-br*
...
This ensures a consistent 'nb-' namespace and simplifies the
dhcpcd.denyInterfaces rules.
Also rename vethName -> veth.
2020-08-25 14:53:12 +02:00
8bfb7bb2f8
netns: rename bridge br0 -> nb-br
...
br0 has a high risk of name clashes when nix-bitcoin used as part of a
larger config.
Use a more specific name.
2020-08-25 14:53:08 +02:00
52978b87fb
Update nixpkgs
...
Includes clightning 0.9.0
2020-08-25 12:41:29 +00:00
6a2efccdf3
spark-wallet: 0.2.14 -> 0.2.16
...
This will be required for clightning 0.9.0
2020-08-25 12:40:47 +00:00
438dde84fe
Replace sks-keyservers.net with keyserver.ubuntu.com
...
sks-keyservers fail most of the time.
2020-08-25 12:39:54 +00:00
32e70a7516
netns: move webindex config for modules-only usage
...
webindex is only available in secure-node.
2020-08-25 11:40:27 +02:00
121301337b
netns: add option 'allowedUser' for modules-only usage
...
The dependency on secure-node.nix prevented using nix-bitcoin by just
importing modules.nix.
2020-08-25 11:40:27 +02:00
9715134f06
netns: don't repeat cli definitions
...
1. Saves some code.
2. Guarantees that the netns and no-netns cli defs are always in sync.
2020-08-25 11:40:27 +02:00
e385c73256
netns: separate implementation and service configs
...
This greatly improves clarity.
Especially the bitcoind-import-banlist.serviceConfig definition was out
of place.
2020-08-25 11:40:27 +02:00
d0b8d77de2
netns: remove conditionals for service settings
...
Going without the conditionals (like in secure-node.nix) adds
readability and doesn't reduce evaluation performance (in fact, it
even slightly improves performance due to implementation details
of mkIf).
To avoid errors, remove use of disabled services in secure-node.nix and
nix-bitcoin-webindex.nix.
2020-08-25 11:40:27 +02:00
0f0f6ddbb9
netns: add comment about undesirable algorithmic complexity
...
We don't want to be Accidentally Quadratic™
2020-08-25 11:40:26 +02:00
a3ae8668e6
netns: use map instead of concatMap
2020-08-25 11:40:26 +02:00
b7fc819be5
netns: consistent var naming
...
n is used elsewhere in similar contexts.
2020-08-25 11:40:26 +02:00
5a81693ef3
netns: add range check for netns ids
2020-08-25 11:40:26 +02:00
74f1610668
netns: clarify addressblock description
2020-08-25 11:40:26 +02:00
4eb92df08c
netns: remove redundant filter
...
The 'availableNetns' connection matrix only consists of enabled entries,
so no extra filtering is needed.
Reason: availableNetns starts with the filtered 'base' and is then symmetrised.
2020-08-25 11:40:26 +02:00
50de54aef1
netns: remove empty connections defs
...
Like in the netns defintion for bitcoind.
2020-08-25 11:40:26 +02:00
nixbitcoin
Erik Arvstedt
Calvin Kim
Jonas Nick