Commit Graph

71 Commits

Author SHA1 Message Date
Erik Arvstedt
c9b1e59f20
update to NixOS 22.11
This includes no pkg version updates.
2022-12-18 20:01:52 +01:00
Jonas Nick
34c4b61402
Merge fort-nix/nix-bitcoin#504: Add fulcrum module
7d7f2df006 fulcrum: add module (Erik Arvstedt)
edd8bd311c bitcoind-rpc-public-whitelist: add `ping`, `help` (Erik Arvstedt)
f946a7cd9b examples: use `mkDefault` for setting `system.stateVersion` (Erik Arvstedt)
79994d0bd2 tests: increase postgresql startup timeout (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 7d7f2df006

Tree-SHA512: 866f0a40bb81ceb2008e6efbd415eeee201b9e56aa5ebc60fd1bb4b6eda300155faaa2e6492d8145b3c6084b1e8ef5ec7d4e0ff694beb328d2e5ed755c9d04b4
2022-07-22 13:11:40 +00:00
Erik Arvstedt
84b69dfb46
versioning: improve description wording 2022-07-17 12:46:01 +02:00
Erik Arvstedt
7d7f2df006
fulcrum: add module 2022-07-09 11:07:09 +02:00
Erik Arvstedt
7261813051
examples/configuration.nix: use system.stateVersion comment from NixOS 22.05 2022-07-05 10:13:55 +02:00
Erik Arvstedt
3102c99275
configuration.nix: update system.stateVersion 2022-06-28 00:09:25 +02:00
Jonas Nick
ebaa9a3f2e
Merge fort-nix/nix-bitcoin#484: Update RTL
3755b3ebea rtl: add option `extraConfig` for nodes (Erik Arvstedt)
ff228a604d rtl: change `nodes` options (Erik Arvstedt)
beae9f8df7 clightning-rest: 0.7.0 -> 0.7.2 (Erik Arvstedt)
4c2d908a38 rtl: 0.12.2-beta -> 0.12.3-beta (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 3755b3ebea

Tree-SHA512: 21b413473792802a49694427dd488d7ba0575bb79297b8cd3d3e09707f0389fa4a65ed18eea11af167e1f42154f43685a7afc0829b769dea4b8d64007dcd7be5
2022-05-25 19:48:42 +00:00
Erik Arvstedt
e2721a9039
examples/configuration.nix: update system.stateVersion 2022-05-20 13:28:42 +02:00
Erik Arvstedt
ff228a604d
rtl: change nodes options
- Move option `rtl.nodes.{lnd,clightning}` -> `rtl.nodes.{lnd,clightning}.enable`
  This is required by the next commit.

- Move option `rtl.loop` -> `rtl.nodes.lnd.loop`

- Only enable loop when `nodes.lnd` is enabled
2022-05-15 21:25:32 +02:00
Erik Arvstedt
e2fee4bf1a
lnd-rest-onion-service.nix: move to lndconnect-onion.nix, add clightning support
Option `services.lnd.restOnionService.package` has been removed.
There's not much use in overriding the [lndconnect pkg](https://github.com/LN-Zap/lndconnect).
2022-05-06 16:26:40 +02:00
Erik Arvstedt
7de56b019f
nbxplorer: use postgresql
The former DBTrie backend has been deprecated.
2022-05-06 13:35:27 +00:00
nixbitcoin
b8524720a5
lnd: point out SCB functionality more clearly 2022-02-14 14:04:11 +00:00
Erik Arvstedt
d959d5b558
secure-node: don't set nix-bitcoin.secretsDir
This simplifies the docs and the secure-node module.

This change doesn't affect users that deploy via krops.
2022-02-05 21:35:50 +01:00
Erik Arvstedt
7b0c3d48c9
docs/services.md: link to clightning plugin list
The old list was incomplete.

Also update configuration.nix.
2022-02-05 21:34:10 +01:00
Erik Arvstedt
7402212263
examples/configuration.nix: disable passwordAuthentication
This is a sensible default.

Also clarify the pubkey setup.
2022-02-05 21:34:09 +01:00
Erik Arvstedt
e093bb64d9
examples/configuration.nix: fix links to docs/services.md 2022-02-05 21:34:09 +01:00
Erik Arvstedt
bd275d3a9a
minor improvements
- README:
  - Add RTL

- examples/configuration.nix:
  - Fix comment

- btcpayserver.nix:
  - Use nbLib.addressWithPort
  - Embed optionalString like the other optionalStrings

- clboss.nix:
  - Improve description

- clightning.nix:
  - Option `extraConfig`: Add example, improve description.
  - Disable `log-timestamps`. Timestamps are already logged via journald.
  - Simplify `preStart` script

- electrs.nix:
  - Use `port` description wording like in other services.
2021-11-28 21:18:40 +01:00
Erik Arvstedt
8aa28da110
remove recurring-donations module
This module has failed to evaluate for quite some time.
We might bring it back someday with bolt12 and LNURL support.
2021-11-28 21:18:39 +01:00
nixbitcoin
f569227410
rtl: add module 2021-11-09 14:13:42 +00:00
Jonas Nick
bac8518e7c
secure-node: stop pruning liquidd
There is no security reason why pruning should be enabled and therefore it
surprises users. Turning on pruning in the first place was simply a mistake.
2021-10-31 14:37:56 +00:00
Erik Arvstedt
aada35fc7b
minor improvements
- README: add matrix room

- examples/configuration.nix: explain why bitcoind is enabled by default

- btcpayserver: group lnd service settings

- clightning:
  Use public onion port only when the onion service is public

  This allows users to enable the onion service while announcing a
  non-onion public address.

- netns-isolation: move `readOnly` attr to the top

- tests: use mkDefault to allow for easier overriding

- tests/btcpayserver: test web server response
2021-10-30 15:34:48 +02:00
Erik Arvstedt
75b89f3957
electrs: adapt to version 0.9.0
- `waitfornewblock` was previously not included in the public RPC
  whitelist because it's reserved for testing and marked as hidden
  in bitcoind.

- electrs changed its verbosity settings. `-vv` is now the best choice
  for normal usage.

- bitcoind option `dataDirReadableByGroup` is now unused.
  Because it can be valuable for other use cases and implementing
  it is intricate, we're keeping it for now.

- test: keep `nc` connection open because otherwise the electrs
  RPC server would now close the connection before sending a response.
2021-10-06 15:34:24 +02:00
Erik Arvstedt
3c6a664b7b
examples/configuration: show how to enable sudo/doas for operator
This was brought up by a user on IRC.
2021-10-04 00:33:27 +02:00
nixbitcoin
c483f1694d
examples: correct localBackups scp command 2021-09-24 11:51:33 +00:00
Erik Arvstedt
179b86d19c
joinmarket: allow recreating wallet from seed
This allows users to easily upgrade their wallets to use Fidelity Bonds.
2021-08-30 13:37:05 +02:00
Erik Arvstedt
c041079ae1
configuration.nix: reorder sections
Move backups and netns-isolation to the end.
2021-08-15 11:29:33 +02:00
Erik Arvstedt
3734ab38a6
configuration.nix: improve wording and formatting 2021-08-15 11:29:33 +02:00
Erik Arvstedt
a25ceecca5
update to NixOS 21.05 2021-08-12 11:18:26 +02:00
nixbitcoin
e2c6eb6681
joinmarket: create bitcoind wallet
Starting with 0.21.0, bitcoin no longer automatically creates and loads
a default wallet.
This was being ignored because of a JoinMarket issue [1] in CI builds prior
to this version. Now a watch-only Bitcoin Core wallet is created in ExecStartPost.

[1] https://github.com/JoinMarket-Org/joinmarket-clientserver/issues/812
2021-08-10 10:12:37 +00:00
Martin Milata
b666bb2903 charge-lnd: add module 2021-07-12 17:36:31 +02:00
nixbitcoin
1ff5f8f01b
hardening: use generic hostname by default
Minimize identifying information
2021-04-02 10:59:21 +00:00
nixbitcoin
3b938a909f
add hardened-extended preset 2021-04-02 10:59:09 +00:00
Erik Arvstedt
03db1a61b1
lnd, joinmarket: don't write to secrets dir
Keeping the secrets dir read-only is more simple and robust.

- lnd seed mnemonic creation and joinmarket wallet creation can be
  run as the regular service user instead of root.

- It is easier to switch to a third-party secrets deployment
  method in the future.

Don't create a seed mnemonic for lnd when a wallet exists.
This avoids creating unused mnemonics and helps simplifying
the migration command in `versioning.nix`.
2021-03-15 18:50:15 +01:00
Jonas Nick
a4dabc7390
Remove nixops examples and documentation 2021-03-15 12:42:47 +00:00
kon
eb21012745 pool: add pkg, module & tests 2021-03-01 10:59:35 +01:00
nixbitcoin
ebd478fd0d
lnd: add option 'restOnionService' 2021-02-05 09:17:14 +01:00
Erik Arvstedt
332d0e70c8
bitcoind: support onion address announcing 2021-01-31 22:26:49 +01:00
nixbitcoin
8c125ec48c
joinmarket-obwatcher: add pkg & module 2021-01-17 17:40:12 +00:00
Erik Arvstedt
f6b883a9ac
remove webindex
This module is outdated and incomplete. We can readd an improved version in
the future.

Move nanopos nginx proxy tests to the nanopos test.
2021-01-14 13:25:10 +01:00
Erik Arvstedt
2a240d6f4a
enable-tor: disable default onion services for clightning, lnd, btcpayserver
In case of btcpayserver the default onion service is a security risk
because any visitor can register an admin account on a freshly setup node.
2021-01-14 13:25:09 +01:00
Erik Arvstedt
bed00fe937
lnd: use onionServices for address announcing 2021-01-14 13:25:09 +01:00
Erik Arvstedt
3980cd5a41
clightning: use onionServices for address announcing 2021-01-14 13:25:08 +01:00
Erik Arvstedt
e78a609687
clightning: add consistent address options
Also remove option 'autolisten'. This option has no effect because
option 'bind-addr' is always set.
2021-01-14 13:25:04 +01:00
Erik Arvstedt
b41a720c28
lnd: add consistent address options
Also fix btcpayserver by connecting to the lnd restAddress instead of the p2p address.
2021-01-14 13:25:03 +01:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module 2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module 2021-01-01 17:37:30 +00:00
Jonas Nick
7b32a78de2
Merge #284: Fix containers
2bfb4efbd8 make-container: fix usage comment (Erik Arvstedt)
3403795c86 tests: add example scripts (Erik Arvstedt)
ff94985b8b tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66 generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274 make-container: fix renamed variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 2bfb4efbd8
  jonasnick:
    utACK 2bfb4efbd8

Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00
Erik Arvstedt
c8e73c959e
fix 'hardened' profile for NixOS 20.09
The 'scudo' memory allocator set by the 'hardened' profile breaks some
services on 20.09.
The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052)
is ineffective on 20.09.

As a workaround, add a custom 'hardened' preset that uses the default allocator.
2020-12-18 19:56:56 +01:00
nixbitcoin
fdfafb2f40
joinmarket: 0.7.4 -> 0.8.0-bcfa7eb
Update to 0.8.0 with hotfix for genwallet script
Includes module versioning error with migration instructions
2020-12-17 11:12:58 +00:00
Ian Shipman
1d44b99340 add curated clightning plugins 2020-11-18 20:21:34 -06:00