Commit Graph

990 Commits

Author SHA1 Message Date
Erik Arvstedt
0972af55f1
netns: fix setup service restarts 2020-11-03 21:55:13 +01:00
Erik Arvstedt
63a464431b
netns: fail when netns already exists
Under normal circumstances, service-specific netns should never exist
before the netns setup service starts.
An existing netns is a genuine error that should not be silently ignored.
2020-11-03 21:55:13 +01:00
Jonas Nick
dbad828851
Merge #255: Improve netns-isolation and Tor config
b4b607dfa5 netns: simplify firewall setup (Erik Arvstedt)
25639cec42 netns: fix error msg when starting netns (Erik Arvstedt)
67068afd6b netns: fix error when stopping netns (Erik Arvstedt)
4ff88efc50 netns: add address binding test (Erik Arvstedt)
8da01fe8a6 lightning-loop: allow RPC access from main netns (Erik Arvstedt)
d76b080b74 lightning-loop: add RPC and REST server options (Erik Arvstedt)
9ddf7864a4 lightning-loop regtest: fix incorrectly succeeding test (Erik Arvstedt)
e66636ef0e liquidd: use type str for rpcbind (Erik Arvstedt)
de23fdd377 lnd: use type str for rpclisten, restlisten (Erik Arvstedt)
8b053326cc bitcoind: use type str for rpcbind (Erik Arvstedt)
6903e8afcc netns-liquidd: allow RPC access from main netns (Erik Arvstedt)
82f4901880 netns-lnd: allow RPC access from main netns (Erik Arvstedt)
58d24e735d netns-bitcoind: allow RPC access from main netns (Erik Arvstedt)
0e2ff948d3 test: add scenario 'netnsRegtest' (Erik Arvstedt)
e0675cb256 move enforceTor logic to service modules (Erik Arvstedt)
0cc8caa737 lnd: only set tor.active on enforceTor (Erik Arvstedt)
9a931483b9 netns test: remove strict dependency on clightning, electrs (Erik Arvstedt)
bae1b7f413 netns test: improve ping test (Erik Arvstedt)
5e0e16529c netns: fix default addressblock value type (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b4b607dfa5
  nixbitcoin:
    ACK b4b607dfa5

Tree-SHA512: b290831d9a3fa4de56b0f19cf84a1998e830aa844532d7cba8cd8227c785a23bfa1514123a974652e8e61060e1297b6bfbcff9640580206a04c5292309b1daef
2020-11-02 16:11:34 +00:00
Erik Arvstedt
b4b607dfa5
netns: simplify firewall setup 2020-10-29 22:36:20 +01:00
Erik Arvstedt
25639cec42
netns: fix error msg when starting netns
Previously, the failing initial `netns delete` resulted in a
"Cannot remove namespace file ..." error visible in the journal
and status output.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
67068afd6b
netns: fix error when stopping netns
A short time after `netns delete` finishes, the peer link in the main
netns is automatically removed.
When `link del` is run before that, it fails with
`Cannot find device "nb-veth-br-*"` and the netns service enters a failed state.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
4ff88efc50
netns: add address binding test
Proposed by Jonas Nick.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
8da01fe8a6
lightning-loop: allow RPC access from main netns
Note that this also exposes the REST server, which is secured by
macaroon auth like the RPC server.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
d76b080b74
lightning-loop: add RPC and REST server options 2020-10-29 21:21:29 +01:00
Erik Arvstedt
9ddf7864a4
lightning-loop regtest: fix incorrectly succeeding test
When 'loop getparams' fails, jq gets no stdin and exits with code 0.
Because -o pipefail is not enabled in the testing shell, the whole test
command succeeds, although it should fail.

Just test "loop getparams" instead and ignore its output.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
e66636ef0e
liquidd: use type str for rpcbind 2020-10-29 21:21:29 +01:00
Erik Arvstedt
de23fdd377
lnd: use type str for rpclisten, restlisten 2020-10-29 21:21:28 +01:00
Erik Arvstedt
8b053326cc
bitcoind: use type str for rpcbind
Extra RPC bind addresses can still be added via extraConfig.
2020-10-29 21:21:28 +01:00
Erik Arvstedt
6903e8afcc
netns-liquidd: allow RPC access from main netns 2020-10-29 21:21:28 +01:00
Erik Arvstedt
82f4901880
netns-lnd: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
58d24e735d
netns-bitcoind: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
0e2ff948d3
test: add scenario 'netnsRegtest'
The 'basic' test command now cover regtest mode and using nix-bitcoin without
the secure-node preset.
2020-10-29 21:21:27 +01:00
Erik Arvstedt
e0675cb256
move enforceTor logic to service modules
This enables tor support for services without using secure-node.nix
2020-10-29 21:21:27 +01:00
Erik Arvstedt
0cc8caa737
lnd: only set tor.active on enforceTor
This also enables the test scenario 'netnsRegtest' introduced in a
later commit by fixing the following bug:
For unknown reasons, when tor.active=true and tor is not running, lnd
fails with a tor connection error on netns-isolation, but runs fine
without netns-isolation.
2020-10-29 21:21:26 +01:00
Erik Arvstedt
9a931483b9
netns test: remove strict dependency on clightning, electrs
This allows the netns test to be run with a reduced service set for debugging.
2020-10-29 21:21:26 +01:00
Erik Arvstedt
bae1b7f413
netns test: improve ping test
- Use fping for pinging multiple hosts in parallel.
  Significantly improves test runtime:
  >13 s -> ~200 ms for the negative ping tests.
- Only test network namespaces that are enabled.
  This allows running the netns test with a reduced service set for debugging.
- Remove deprecated services, instead add btcpayserver, spark-wallet
2020-10-29 21:21:26 +01:00
Jonas Nick
c0d04b9081
Merge #257: generate-secrets: always run with Bash, stop on errors
2a9b918f72 generate-secrets: always run with Bash, stop on errors (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 2a9b918f72

Tree-SHA512: 9993f6b1880dabfed60f6ef9e4827c8d1a465572571e353bc81936ebd40f99c8e554a7c7f1b821d16f3dda31aa229d71e3307cad42b0a79d142ff6acc8d4959c
2020-10-24 15:03:07 +00:00
Erik Arvstedt
2a9b918f72
generate-secrets: always run with Bash, stop on errors 2020-10-23 10:54:15 +02:00
Erik Arvstedt
5e0e16529c
netns: fix default addressblock value type
Also remove redundant definition in secure-node.nix
2020-10-20 18:21:37 +02:00
Jonas Nick
5ec9ea1f6d
Merge #250: Improve examples
b574cb097f examples: add deploy-container-minimal.sh (Erik Arvstedt)
e6340426c1 deploy-container.sh: fix sudo (Erik Arvstedt)
c19f7ebb01 examples: add option --interactive|-i (Erik Arvstedt)
33ff8d82be examples: fix running outside of examples dir (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK b574cb097f

Tree-SHA512: 1cf73206af950b157c87476a205e035311416ebb801f90f573868a8c0b8437f900e8b5b85e45e3bacbd3235972b4d3d311de394c63dd93fe4c222919d3364851
2020-10-20 11:18:43 +00:00
Jonas Nick
6933b0ef47
Merge #251: Services: Auto-enable dependencies
67e49fe415 services: auto-enable dependencies (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 67e49fe415

Tree-SHA512: 6e0f2e2ca4acdb7c5edd41eb3b56a9e95fc6d2ea9cfd08c1142429f88455c9d771f2f2be6339336448a289632f9768c4ae8f6c307038c5aa69c48b303043dda0
2020-10-20 11:17:10 +00:00
Erik Arvstedt
b574cb097f
examples: add deploy-container-minimal.sh 2020-10-20 12:35:23 +02:00
Jonas Nick
d4256f79b7
Merge #252: nix-bitcoin pkg updates
e61d7b1d46 test: improve lightning-loop regtest (Erik Arvstedt)
486f385fdd lightning-loop: 0.9.0 -> 0.10.0 (nixbitcoin)
480df0dd65 elementsd: 0.18.1.8 -> 0.18.1.9 (nixbitcoin)
1f2f910774 spark-wallet: 0.2.16 -> 0.2.17 (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK e61d7b1d46

Tree-SHA512: 6af29a4f77c096a2628cfd69cdf26f02f37650ce37fb210ab36fc9884fa7b77972816550be99140fba8dd161a38ac53270d986c4f9870b4172047854c69c1e13
2020-10-20 09:43:55 +00:00
Jonas Nick
36935291ff
Merge #254: shell.nix: fix failing generate-secrets
d2dbad256f shell.nix: fix failing generate-secrets (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK d2dbad256f

Tree-SHA512: 7cf29fa9a658d12ad3aec00cc8f38660623e00950eebad92cef8ec4a28180eebfd0dfb1a56cdcd15389f31c4ce15302c241ac9aaba11267b8da0cd842a5701e2
2020-10-20 07:41:39 +00:00
Erik Arvstedt
67e49fe415
services: auto-enable dependencies 2020-10-19 14:55:59 +02:00
Erik Arvstedt
d2dbad256f
shell.nix: fix failing generate-secrets
generate-secrets failed due to the `PYTHONPATH` env var that was set
through the nixops19_09 buildInput.

Fixes:
- Don't pull in the build environments of binaries that should be
  available in PATH. Only extend PATH instead.
- Run generate-secrets in an empty environment
2020-10-19 11:35:32 +02:00
Erik Arvstedt
e61d7b1d46
test: improve lightning-loop regtest 2020-10-19 08:59:26 +00:00
nixbitcoin
486f385fdd
lightning-loop: 0.9.0 -> 0.10.0
Includes macaroon authentication
2020-10-19 08:59:14 +00:00
nixbitcoin
480df0dd65
elementsd: 0.18.1.8 -> 0.18.1.9 2020-10-18 16:00:08 +00:00
nixbitcoin
1f2f910774
spark-wallet: 0.2.16 -> 0.2.17 2020-10-18 16:00:06 +00:00
Erik Arvstedt
e6340426c1
deploy-container.sh: fix sudo
The 'echo sudo' approach used previously failed when PATH or
NIX_PATH contains spaces. Exec the script with sudo instead.
2020-10-18 13:42:58 +02:00
Erik Arvstedt
c19f7ebb01
examples: add option --interactive|-i 2020-10-18 13:42:58 +02:00
Erik Arvstedt
33ff8d82be
examples: fix running outside of examples dir 2020-10-18 13:42:54 +02:00
Jonas Nick
06cba7b519
Merge #249: Add regtest support
9951f10e74 test: add scenario 'regtest' (Erik Arvstedt)
1f96ca67c5 electrs test: make service shutdown optional (Erik Arvstedt)
eb42fc8e06 test: extract test 'joinmarket-yieldgenerator' (Erik Arvstedt)
06b2ec5b02 joinmarket: add regtest support (Erik Arvstedt)
975b30c90e joinmarket: don't hardcode bitcoind rpc port (Erik Arvstedt)
031df4231f joinmarket: move comment out of config file (Erik Arvstedt)
848c4c6eda joinmarket: add variable 'bitcoind' (Erik Arvstedt)
96b08f5d60 btcpayserver: add regtest support (Erik Arvstedt)
bd2145dc77 btcpayserver: add 'port' option (Erik Arvstedt)
001f8fe8d3 btcpayserver: use option bitcoind.rpc.port (Erik Arvstedt)
6f4715ac2a electrs: add regtest support (Erik Arvstedt)
46efd141a1 lightning-loop: add regtest support (Erik Arvstedt)
75ec85bea2 lnd: add regtest support (Erik Arvstedt)
1935c252ec lnd: remove redundant option 'bitcoind-host' (Erik Arvstedt)
b1a8629223 lnd: add variable 'bitcoind' (Erik Arvstedt)
937aee0062 spark-wallet: add regtest support (Erik Arvstedt)
47d611b5ef spark-wallet: use tor rate provider only when enforceTor (Erik Arvstedt)
127b186c3c spark-wallet: simplify start script (Erik Arvstedt)
0f32f3c99e clightning: add regtest support (Erik Arvstedt)
c24ac5d363 clightning: remove redundant option 'bitcoin-rpcconnect' (Erik Arvstedt)
abd32cde30 clightning: enable config file read access for group (Erik Arvstedt)
ddadaed3da clightning: always use bind-addr in config (Erik Arvstedt)
9e928e2097 bitcoind: add regtest support (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 9951f10e74

Tree-SHA512: 42e2d95755a16b59044e400bc4c9d891bfc22eb73b920fdcf29e607f7df88de599bec99677cf49be7c275c0113a2224a45b1f47f40c029878421eae1a44f3254
2020-10-17 13:04:27 +00:00
Jonas Nick
ee2a37dbf4
Merge #247: Add module 'versioning'
d3ece59919 add module 'versioning' (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK d3ece59919

Tree-SHA512: 3f367a3917bbd72e2d17b8b14c3a9f70ecb371e576c89e1bea87784bae780999cd3c615472387268531edb07cb5edcbddf5874fdb09a79afb4380e665567871c
2020-10-17 09:33:12 +00:00
Erik Arvstedt
9951f10e74
test: add scenario 'regtest' 2020-10-16 23:55:13 +02:00
Erik Arvstedt
d3ece59919
add module 'versioning' 2020-10-16 23:23:00 +02:00
Erik Arvstedt
1f96ca67c5
electrs test: make service shutdown optional
Needed for regtest scenario.
2020-10-16 18:01:52 +02:00
Erik Arvstedt
eb42fc8e06
test: extract test 'joinmarket-yieldgenerator'
Needed for regtest scenario.
2020-10-16 18:01:52 +02:00
Erik Arvstedt
06b2ec5b02
joinmarket: add regtest support 2020-10-16 18:01:52 +02:00
Erik Arvstedt
975b30c90e
joinmarket: don't hardcode bitcoind rpc port 2020-10-16 18:01:52 +02:00
Erik Arvstedt
031df4231f
joinmarket: move comment out of config file 2020-10-16 18:01:52 +02:00
Erik Arvstedt
848c4c6eda
joinmarket: add variable 'bitcoind' 2020-10-16 18:01:52 +02:00
Erik Arvstedt
96b08f5d60
btcpayserver: add regtest support 2020-10-16 18:01:52 +02:00
Erik Arvstedt
bd2145dc77
btcpayserver: add 'port' option 2020-10-16 18:01:51 +02:00