greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,079 Commits 8 Branches 0 Tags
Commit Graph

503 Commits

Author SHA1 Message Date
Martin Milata
86d7db9940 bitcoind: add uptime to the public api whitelist 
It is needed by lnd to check bitcoind health status since lnd-0.12.0.
 2021-02-02 22:32:20 +01:00
Erik Arvstedt
b114d0c3b1
bitcoind: use systemd startup notification 2021-01-31 22:26:49 +01:00
Erik Arvstedt
332d0e70c8
bitcoind: support onion address announcing 2021-01-31 22:26:49 +01:00
Erik Arvstedt
9662c19ab1
onionServices: use actual user name of services 
Previously, onionAddresses definitions in onionServices were of the form
onionAddresses.access.<service> = [<service>];

This caused failures for configurations where a service user name was
overridden or for bitcoind whose default user is 'bitcoin' instead of 'bitcoind'.

Now set the equivalent of:
onionAddresses.access.<actualServiceUser> = [<service>];

Implement this via a new option `onionAddresses.services` to make things more
readable and to work around an infinite recursion error in onionServices.
 2021-01-31 22:26:49 +01:00
Erik Arvstedt
5c09845e6f
bitcoind: tag incoming connections as onion on enforceTor 2021-01-31 22:26:49 +01:00
Jonas Nick
035438d427
Merge #290: JoinMarket Orderbook Watcher 
8c125ec48c3f3caabab65acd2d7c9f2dffe1a2d3 joinmarket-obwatcher: add pkg & module (nixbitcoin)
915df059f43b2e3ec872094630d15e46c5386864 joinmarket: 0.8.0-bcfa7eb -> 0.8.0-a5e8879 (Erik Arvstedt)
254246cf39e88c843a75ce7ef8dd0c7de2d0100e joinmarket: use installPhase (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 8c125ec48c3f3caabab65acd2d7c9f2dffe1a2d3

Tree-SHA512: 5e4ba14a2a90c505b7cd7e09c33548d06ec466502c48f8d551a4437c5542dab427ec7f9cb7a15c849cc7ce11685c493b9773ec08591e1980ebe2a84abef17141
 2021-01-17 20:00:13 +00:00
nixbitcoin
8c125ec48c
joinmarket-obwatcher: add pkg & module 2021-01-17 17:40:12 +00:00
kon
9480ada135 nodeinfo fix lnd 2021-01-17 17:13:09 +01:00
Jonas Nick
c6c14889eb
Merge #293: Module refactorings, onionServices 
e2922eb4ce6b820fd1bf698c6aadce5d5f4d27c6 move rpc thread count setting to lightning modules (Erik Arvstedt)
352fc4e8fe6c24ff856464d9c53997b96197130b liquid: remove insecure and redundant option 'rpcpassword' (Erik Arvstedt)
757a66b9bd1784d9a20fce8cf04414f31f2c762d liquid: move rpcuser definition to module (Erik Arvstedt)
0e00c39d4784bc64e30b1fc37c684e75e08bdaa6 secure-node: improve layout (Erik Arvstedt)
5f7a7962f77057dba76954bb44813006b98cecde backups: remove redundant option 'program' (Erik Arvstedt)
04d8560f86e94fc9d2f9df1c8334e11442b75373 secure-node: remove qrencode, tor from systemPackages (Erik Arvstedt)
323a431abade32e3c5f0f98acfaada6a80edc1d0 improve nodeinfo (Erik Arvstedt)
f6b883a9acd92e3d94062b21615db14c8383f3b7 remove webindex (Erik Arvstedt)
2a240d6f4a2bc624772b2065f07b1f1a55bf4eb0 enable-tor: disable default onion services for clightning, lnd, btcpayserver (Erik Arvstedt)
18c7842e1affa87df63809cd2f7a6b068468918e modules: show warnings for obsolete options (Erik Arvstedt)
45c40c4eb94b1176216ca2b466442b8029ca8b51 versioning: simplify assertion evaluation (Erik Arvstedt)
bed00fe937a1e7e6a2496ac29ee904e4440b073e lnd: use onionServices for address announcing (Erik Arvstedt)
3980cd5a4191e96d8cf1a942b89149a8c034b31c clightning: use onionServices for address announcing (Erik Arvstedt)
bd2a46cb73de511b763d87593aadf6d0d9eefe11 spark-wallet: use onionServices (Erik Arvstedt)
87fb9f246bd448d890e3958c4be786d81f264b27 add 'enable-tor' preset (Erik Arvstedt)
05b5402bb152543ee21aec583436d35425bcc3b9 add nix-bitcoin.onionServices (Erik Arvstedt)
fffe988248fcb48fe0a58214aa96b2900c92309b onionAddresses: add readonly option 'dataDir' (Erik Arvstedt)
5f34b094d3c13978e1689e73d679190a8f0cdcbb onionAddresses: improve script (Erik Arvstedt)
b266f232515ce64354d22271ffba9dca8496a67f onionAddresses: use service 'script' option (Erik Arvstedt)
6d13b26d0a5d42821028ce999653cff3771a3cc9 onionAddresses: add more precise type for option 'access' (Erik Arvstedt)
93562f76dd0da0ccc77e71e522fb75332ed674ed onionAddresses: remove redundant option 'enable' (Erik Arvstedt)
43c247e3fe3b2a8f635373a4278ba990694b330a onionAddresses: use StateDirectory instead of tmpfiles (Erik Arvstedt)
5c6977b006d492ac7030373129ddb989e0691847 rename onion-chef -> nix-bitcoin.onionAddresses (Erik Arvstedt)
55073eee70056b2850656cb3db1b62068b726267 remove nix-bitcoin.pkgs.lib (Erik Arvstedt)
09e0042aa84b5effa746d9cf76fd06b3a97ad06c spark-wallet: add consistent address options (Erik Arvstedt)
39f16c0b4aab844b183ee4c97acebf95eb2fe1c0 liquidd: add consistent address options (Erik Arvstedt)
b5d76ba1b3cb3c0683a4b0e2feac8aa722966193 electrs: add consistent address options (Erik Arvstedt)
8fa32b7f91523ac6c499c036931d03f98b39be05 btcpayserver: add consistent address options (Erik Arvstedt)
e78a6096871ad88421f7673f24139d0c3f51d867 clightning: add consistent address options (Erik Arvstedt)
b41a720c28a426b1576a063ab74e295b70a5b13e lnd: add consistent address options (Erik Arvstedt)
dd4a0238f9bcc4148eb718933d5ab95ca211e4b9 bitcoind: group rpc options under parent option 'rpc' (Erik Arvstedt)
5b7e0d09b2e85386c16d40ad624e824f88f3c015 bitcoind: add consistent address options (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK e2922eb4ce6b820fd1bf698c6aadce5d5f4d27c6
  jonasnick:
    ACK e2922eb4ce6b820fd1bf698c6aadce5d5f4d27c6

Tree-SHA512: a85b33efe66048f06699b3997f83c9427f70f278fa66d30ee9a29c91f50723ff8bd1ffb9d968d7f08818742c8c6afb0b40dbfc14b95a4b8c3302caf9bede4198
 2021-01-14 20:42:23 +00:00
Erik Arvstedt
e2922eb4ce
move rpc thread count setting to lightning modules 2021-01-14 13:25:12 +01:00
Erik Arvstedt
352fc4e8fe
liquid: remove insecure and redundant option 'rpcpassword' 2021-01-14 13:25:11 +01:00
Erik Arvstedt
757a66b9bd
liquid: move rpcuser definition to module 2021-01-14 13:25:11 +01:00
Erik Arvstedt
0e00c39d47
secure-node: improve layout 2021-01-14 13:25:11 +01:00
Erik Arvstedt
5f7a7962f7
backups: remove redundant option 'program' 
Not needed until we support other backup backends.
 2021-01-14 13:25:11 +01:00
Erik Arvstedt
04d8560f86
secure-node: remove qrencode, tor from systemPackages 
Keep jq which is useful for analyzing service cli output.
 2021-01-14 13:25:10 +01:00
Erik Arvstedt
323a431aba
improve nodeinfo 
- enable usage outside of secure-node.nix
- use json as the output format
- show ports
- also show local addresses, which is particularly useful when
  netns-isolation is enabled
- only show enabled services
 2021-01-14 13:25:10 +01:00
Erik Arvstedt
f6b883a9ac
remove webindex 
This module is outdated and incomplete. We can readd an improved version in
the future.

Move nanopos nginx proxy tests to the nanopos test.
 2021-01-14 13:25:10 +01:00
Erik Arvstedt
2a240d6f4a
enable-tor: disable default onion services for clightning, lnd, btcpayserver 
In case of btcpayserver the default onion service is a security risk
because any visitor can register an admin account on a freshly setup node.
 2021-01-14 13:25:09 +01:00
Erik Arvstedt
18c7842e1a
modules: show warnings for obsolete options 2021-01-14 13:25:09 +01:00
Erik Arvstedt
45c40c4eb9
versioning: simplify assertion evaluation 2021-01-14 13:25:09 +01:00
Erik Arvstedt
bed00fe937
lnd: use onionServices for address announcing 2021-01-14 13:25:09 +01:00
Erik Arvstedt
3980cd5a41
clightning: use onionServices for address announcing 2021-01-14 13:25:08 +01:00
Erik Arvstedt
bd2a46cb73
spark-wallet: use onionServices 
Also remove the unneeded definition of ReadWritePaths because the
service doesn't need write access to onion files.
 2021-01-14 13:25:08 +01:00
Erik Arvstedt
87fb9f246b
add 'enable-tor' preset 
Move 'enforceTor' and onion-service definitions from secure-node.nix.
Use the onionServices module to define onion services.

Onion services now automatically work for services that bind to an INADDR_ANY (`0.0.0.0`) address.
 2021-01-14 13:25:08 +01:00
Erik Arvstedt
05b5402bb1
add nix-bitcoin.onionServices 2021-01-14 13:25:07 +01:00
Erik Arvstedt
fffe988248
onionAddresses: add readonly option 'dataDir' 
Used by 'onionServices' in a later commit for services that announce
their onion address.
 2021-01-14 13:25:07 +01:00
Erik Arvstedt
5f34b094d3
onionAddresses: improve script 
- use -e to check for existence of /var/lib/tor/state, use shorter
  polling interval
- clear existing dataDir contents to avoid accumulating obsolete data
- use concatMapStrings instead of foldl'
 2021-01-14 13:25:07 +01:00
Erik Arvstedt
b266f23251
onionAddresses: use service 'script' option 
This also makes the script stop on errors.
 2021-01-14 13:25:07 +01:00
Erik Arvstedt
6d13b26d0a
onionAddresses: add more precise type for option 'access' 2021-01-14 13:25:06 +01:00
Erik Arvstedt
93562f76dd
onionAddresses: remove redundant option 'enable' 
The service can be disabled via `onion-addresses.access = mkForce {};`

Also remove redundant description.
 2021-01-14 13:25:06 +01:00
Erik Arvstedt
43c247e3fe
onionAddresses: use StateDirectory instead of tmpfiles 
Simplifies the dataDir setup.
 2021-01-14 13:25:06 +01:00
Erik Arvstedt
5c6977b006
rename onion-chef -> nix-bitcoin.onionAddresses 
This clarifies its function.
 2021-01-14 13:25:05 +01:00
Erik Arvstedt
09e0042aa8
spark-wallet: add consistent address options 2021-01-14 13:25:05 +01:00
Erik Arvstedt
39f16c0b4a
liquidd: add consistent address options 2021-01-14 13:25:05 +01:00
Erik Arvstedt
b5d76ba1b3
electrs: add consistent address options 2021-01-14 13:25:04 +01:00
Erik Arvstedt
8fa32b7f91
btcpayserver: add consistent address options 2021-01-14 13:25:04 +01:00
Erik Arvstedt
e78a609687
clightning: add consistent address options 
Also remove option 'autolisten'. This option has no effect because
option 'bind-addr' is always set.
 2021-01-14 13:25:04 +01:00
Erik Arvstedt
b41a720c28
lnd: add consistent address options 
Also fix btcpayserver by connecting to the lnd restAddress instead of the p2p address.
 2021-01-14 13:25:03 +01:00
Erik Arvstedt
dd4a0238f9
bitcoind: group rpc options under parent option 'rpc' 2021-01-14 13:25:03 +01:00
Erik Arvstedt
5b7e0d09b2
bitcoind: add consistent address options 2021-01-14 13:25:03 +01:00
Jonas Nick
41a6be6552
Merge #297: joinmarket: add enforceTor to firewall scripts on netns-level 
71ee16d76715d6b20c967d38e012e582f687b768 joinmarket: add enforceTor to firewall scripts on netns-level (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 71ee16d76715d6b20c967d38e012e582f687b768

Tree-SHA512: cef089012807c90034d4b1f259bf6d81bfb83a36e7d2aadd85e817728f646948c12c25d199525d578d44366ee10389cb5081c4d86842b19b06b1066ff8feec19
 2021-01-10 23:11:08 +00:00
Jonas Nick
e3a45fcc0c
joinmarket: add rpcWalletFile option 
The joinmarket docs recommend using a separate wallet to avoid mixing up jm and
default wallet.
 2021-01-10 21:52:27 +00:00
nixbitcoin
71ee16d767
joinmarket: add enforceTor to firewall scripts on netns-level 2021-01-04 16:09:20 +00:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module 2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module 2021-01-01 17:37:30 +00:00
Jonas Nick
da674d1ccf
Merge #292: joinmarket: always synchronize secrets.jm-wallet-password 
ed636dd070cfa5f2df26d9bd2301c3aa049b0431 joinmarket: always synchronize secrets.jm-wallet-password (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK ed636dd070cfa5f2df26d9bd2301c3aa049b0431

Tree-SHA512: 8024f29f98a87991701dcdb7576c4b3b72c859373153b9281b8a4bba179a33aa39a7496ecd373c0251c8d9c36e1fc7c768a2dcc228aa006bab461f8cbc5d7b0d
 2020-12-30 19:18:56 +00:00
nixbitcoin
ed636dd070
joinmarket: always synchronize secrets.jm-wallet-password 
secrets.jm-wallet-password is always needed by joinmarket, not just when
joinmarket.yieldgenerator.enable
 2020-12-30 16:49:50 +00:00
nixbitcoin
edc657d138
btcpayserver: add rootpath option 2020-12-30 16:47:50 +00:00
nixbitcoin
f89498d4fc
clboss: add module 2020-12-22 09:40:00 +00:00
Jonas Nick
7b32a78de2
Merge #284: Fix containers 
2bfb4efbd8d313725f659983193e26170c2b4881 make-container: fix usage comment (Erik Arvstedt)
3403795c8600bc63a6e36011aed30fd391f7c96e tests: add example scripts (Erik Arvstedt)
ff94985b8bf11481e315980e499965443abd7d58 tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e09f8ca47e33392b6e37a5a683b4591 fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a2c3ff186279774781f03c70b8fa964 extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66bc55a64828375280b98eda12e8d0b3 generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc72747319291b5bb5ecc69d491d1a17c294 make-container: fix renamed variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 2bfb4efbd8d313725f659983193e26170c2b4881
  jonasnick:
    utACK 2bfb4efbd8d313725f659983193e26170c2b4881

Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
 2020-12-21 12:24:14 +00:00