Erik Arvstedt
45c40c4eb9
versioning: simplify assertion evaluation
2021-01-14 13:25:09 +01:00
Erik Arvstedt
bed00fe937
lnd: use onionServices for address announcing
2021-01-14 13:25:09 +01:00
Erik Arvstedt
3980cd5a41
clightning: use onionServices for address announcing
2021-01-14 13:25:08 +01:00
Erik Arvstedt
bd2a46cb73
spark-wallet: use onionServices
...
Also remove the unneeded definition of ReadWritePaths because the
service doesn't need write access to onion files.
2021-01-14 13:25:08 +01:00
Erik Arvstedt
87fb9f246b
add 'enable-tor' preset
...
Move 'enforceTor' and onion-service definitions from secure-node.nix.
Use the onionServices module to define onion services.
Onion services now automatically work for services that bind to an INADDR_ANY (`0.0.0.0`) address.
2021-01-14 13:25:08 +01:00
Erik Arvstedt
05b5402bb1
add nix-bitcoin.onionServices
2021-01-14 13:25:07 +01:00
Erik Arvstedt
fffe988248
onionAddresses: add readonly option 'dataDir'
...
Used by 'onionServices' in a later commit for services that announce
their onion address.
2021-01-14 13:25:07 +01:00
Erik Arvstedt
5f34b094d3
onionAddresses: improve script
...
- use -e to check for existence of /var/lib/tor/state, use shorter
polling interval
- clear existing dataDir contents to avoid accumulating obsolete data
- use concatMapStrings instead of foldl'
2021-01-14 13:25:07 +01:00
Erik Arvstedt
b266f23251
onionAddresses: use service 'script' option
...
This also makes the script stop on errors.
2021-01-14 13:25:07 +01:00
Erik Arvstedt
6d13b26d0a
onionAddresses: add more precise type for option 'access'
2021-01-14 13:25:06 +01:00
Erik Arvstedt
93562f76dd
onionAddresses: remove redundant option 'enable'
...
The service can be disabled via `onion-addresses.access = mkForce {};`
Also remove redundant description.
2021-01-14 13:25:06 +01:00
Erik Arvstedt
43c247e3fe
onionAddresses: use StateDirectory instead of tmpfiles
...
Simplifies the dataDir setup.
2021-01-14 13:25:06 +01:00
Erik Arvstedt
5c6977b006
rename onion-chef -> nix-bitcoin.onionAddresses
...
This clarifies its function.
2021-01-14 13:25:05 +01:00
Erik Arvstedt
09e0042aa8
spark-wallet: add consistent address options
2021-01-14 13:25:05 +01:00
Erik Arvstedt
39f16c0b4a
liquidd: add consistent address options
2021-01-14 13:25:05 +01:00
Erik Arvstedt
b5d76ba1b3
electrs: add consistent address options
2021-01-14 13:25:04 +01:00
Erik Arvstedt
8fa32b7f91
btcpayserver: add consistent address options
2021-01-14 13:25:04 +01:00
Erik Arvstedt
e78a609687
clightning: add consistent address options
...
Also remove option 'autolisten'. This option has no effect because
option 'bind-addr' is always set.
2021-01-14 13:25:04 +01:00
Erik Arvstedt
b41a720c28
lnd: add consistent address options
...
Also fix btcpayserver by connecting to the lnd restAddress instead of the p2p address.
2021-01-14 13:25:03 +01:00
Erik Arvstedt
dd4a0238f9
bitcoind: group rpc options under parent option 'rpc'
2021-01-14 13:25:03 +01:00
Erik Arvstedt
5b7e0d09b2
bitcoind: add consistent address options
2021-01-14 13:25:03 +01:00
Jonas Nick
41a6be6552
Merge #297 : joinmarket: add enforceTor to firewall scripts on netns-level
...
71ee16d767
joinmarket: add enforceTor to firewall scripts on netns-level (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 71ee16d767
Tree-SHA512: cef089012807c90034d4b1f259bf6d81bfb83a36e7d2aadd85e817728f646948c12c25d199525d578d44366ee10389cb5081c4d86842b19b06b1066ff8feec19
2021-01-10 23:11:08 +00:00
Jonas Nick
e3a45fcc0c
joinmarket: add rpcWalletFile option
...
The joinmarket docs recommend using a separate wallet to avoid mixing up jm and
default wallet.
2021-01-10 21:52:27 +00:00
nixbitcoin
71ee16d767
joinmarket: add enforceTor to firewall scripts on netns-level
2021-01-04 16:09:20 +00:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module
2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module
2021-01-01 17:37:30 +00:00
Jonas Nick
da674d1ccf
Merge #292 : joinmarket: always synchronize secrets.jm-wallet-password
...
ed636dd070
joinmarket: always synchronize secrets.jm-wallet-password (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK ed636dd070
Tree-SHA512: 8024f29f98a87991701dcdb7576c4b3b72c859373153b9281b8a4bba179a33aa39a7496ecd373c0251c8d9c36e1fc7c768a2dcc228aa006bab461f8cbc5d7b0d
2020-12-30 19:18:56 +00:00
nixbitcoin
ed636dd070
joinmarket: always synchronize secrets.jm-wallet-password
...
secrets.jm-wallet-password is always needed by joinmarket, not just when
joinmarket.yieldgenerator.enable
2020-12-30 16:49:50 +00:00
nixbitcoin
edc657d138
btcpayserver: add rootpath option
2020-12-30 16:47:50 +00:00
nixbitcoin
f89498d4fc
clboss: add module
2020-12-22 09:40:00 +00:00
Jonas Nick
7b32a78de2
Merge #284 : Fix containers
...
2bfb4efbd8
make-container: fix usage comment (Erik Arvstedt)
3403795c86
tests: add example scripts (Erik Arvstedt)
ff94985b8b
tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e
fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a
extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66
generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274
make-container: fix renamed variable (Erik Arvstedt)
Pull request description:
ACKs for top commit:
nixbitcoin:
ACK 2bfb4efbd8
jonasnick:
utACK 2bfb4efbd8
Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00
Erik Arvstedt
c8e73c959e
fix 'hardened' profile for NixOS 20.09
...
The 'scudo' memory allocator set by the 'hardened' profile breaks some
services on 20.09.
The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052 )
is ineffective on 20.09.
As a workaround, add a custom 'hardened' preset that uses the default allocator.
2020-12-18 19:56:56 +01:00
nixbitcoin
fdfafb2f40
joinmarket: 0.7.4 -> 0.8.0-bcfa7eb
...
Update to 0.8.0 with hotfix for genwallet script
Includes module versioning error with migration instructions
2020-12-17 11:12:58 +00:00
Martin Milata
5feb9e3eae
lnd: fix rpc/rest port configuration
2020-12-07 14:38:36 +01:00
Ian Shipman
1d44b99340
add curated clightning plugins
2020-11-18 20:21:34 -06:00
Erik Arvstedt
f1681f5b45
add option nix-bitcoin.pkgs, remove overlay
...
This works around a nixpkgs bug where overlays are ignored in containers.
2020-11-09 22:10:07 +01:00
Erik Arvstedt
b1a5f5e7b9
don't add service-only pkgs to systemPackages
...
These packages are not useful in shell environemnts.
2020-11-09 22:10:07 +01:00
Erik Arvstedt
e39ad358a4
lnd: remove unused bitcoind from PATH
2020-11-09 22:10:07 +01:00
nixbitcoin
59e128a994
joinmarket: add payjoin configuration
2020-11-06 08:51:25 +00:00
nixbitcoin
f29f04c0c4
secure-node: LND no longer requires ControlPort
...
Onion service is now generated through mkHiddenService function.
2020-11-06 08:51:23 +00:00
Erik Arvstedt
0972af55f1
netns: fix setup service restarts
2020-11-03 21:55:13 +01:00
Erik Arvstedt
63a464431b
netns: fail when netns already exists
...
Under normal circumstances, service-specific netns should never exist
before the netns setup service starts.
An existing netns is a genuine error that should not be silently ignored.
2020-11-03 21:55:13 +01:00
Erik Arvstedt
b4b607dfa5
netns: simplify firewall setup
2020-10-29 22:36:20 +01:00
Erik Arvstedt
25639cec42
netns: fix error msg when starting netns
...
Previously, the failing initial `netns delete` resulted in a
"Cannot remove namespace file ..." error visible in the journal
and status output.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
67068afd6b
netns: fix error when stopping netns
...
A short time after `netns delete` finishes, the peer link in the main
netns is automatically removed.
When `link del` is run before that, it fails with
`Cannot find device "nb-veth-br-*"` and the netns service enters a failed state.
2020-10-29 21:21:30 +01:00
Erik Arvstedt
8da01fe8a6
lightning-loop: allow RPC access from main netns
...
Note that this also exposes the REST server, which is secured by
macaroon auth like the RPC server.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
d76b080b74
lightning-loop: add RPC and REST server options
2020-10-29 21:21:29 +01:00
Erik Arvstedt
e66636ef0e
liquidd: use type str for rpcbind
2020-10-29 21:21:29 +01:00
Erik Arvstedt
de23fdd377
lnd: use type str for rpclisten, restlisten
2020-10-29 21:21:28 +01:00
Erik Arvstedt
8b053326cc
bitcoind: use type str for rpcbind
...
Extra RPC bind addresses can still be added via extraConfig.
2020-10-29 21:21:28 +01:00
Erik Arvstedt
6903e8afcc
netns-liquidd: allow RPC access from main netns
2020-10-29 21:21:28 +01:00
Erik Arvstedt
82f4901880
netns-lnd: allow RPC access from main netns
2020-10-29 21:21:27 +01:00
Erik Arvstedt
58d24e735d
netns-bitcoind: allow RPC access from main netns
2020-10-29 21:21:27 +01:00
Erik Arvstedt
e0675cb256
move enforceTor logic to service modules
...
This enables tor support for services without using secure-node.nix
2020-10-29 21:21:27 +01:00
Erik Arvstedt
0cc8caa737
lnd: only set tor.active on enforceTor
...
This also enables the test scenario 'netnsRegtest' introduced in a
later commit by fixing the following bug:
For unknown reasons, when tor.active=true and tor is not running, lnd
fails with a tor connection error on netns-isolation, but runs fine
without netns-isolation.
2020-10-29 21:21:26 +01:00
Erik Arvstedt
5e0e16529c
netns: fix default addressblock value type
...
Also remove redundant definition in secure-node.nix
2020-10-20 18:21:37 +02:00
Jonas Nick
6933b0ef47
Merge #251 : Services: Auto-enable dependencies
...
67e49fe415
services: auto-enable dependencies (Erik Arvstedt)
Pull request description:
ACKs for top commit:
nixbitcoin:
ACK 67e49fe415
Tree-SHA512: 6e0f2e2ca4acdb7c5edd41eb3b56a9e95fc6d2ea9cfd08c1142429f88455c9d771f2f2be6339336448a289632f9768c4ae8f6c307038c5aa69c48b303043dda0
2020-10-20 11:17:10 +00:00
Erik Arvstedt
67e49fe415
services: auto-enable dependencies
2020-10-19 14:55:59 +02:00
nixbitcoin
486f385fdd
lightning-loop: 0.9.0 -> 0.10.0
...
Includes macaroon authentication
2020-10-19 08:59:14 +00:00
Jonas Nick
06cba7b519
Merge #249 : Add regtest support
...
9951f10e74
test: add scenario 'regtest' (Erik Arvstedt)
1f96ca67c5
electrs test: make service shutdown optional (Erik Arvstedt)
eb42fc8e06
test: extract test 'joinmarket-yieldgenerator' (Erik Arvstedt)
06b2ec5b02
joinmarket: add regtest support (Erik Arvstedt)
975b30c90e
joinmarket: don't hardcode bitcoind rpc port (Erik Arvstedt)
031df4231f
joinmarket: move comment out of config file (Erik Arvstedt)
848c4c6eda
joinmarket: add variable 'bitcoind' (Erik Arvstedt)
96b08f5d60
btcpayserver: add regtest support (Erik Arvstedt)
bd2145dc77
btcpayserver: add 'port' option (Erik Arvstedt)
001f8fe8d3
btcpayserver: use option bitcoind.rpc.port (Erik Arvstedt)
6f4715ac2a
electrs: add regtest support (Erik Arvstedt)
46efd141a1
lightning-loop: add regtest support (Erik Arvstedt)
75ec85bea2
lnd: add regtest support (Erik Arvstedt)
1935c252ec
lnd: remove redundant option 'bitcoind-host' (Erik Arvstedt)
b1a8629223
lnd: add variable 'bitcoind' (Erik Arvstedt)
937aee0062
spark-wallet: add regtest support (Erik Arvstedt)
47d611b5ef
spark-wallet: use tor rate provider only when enforceTor (Erik Arvstedt)
127b186c3c
spark-wallet: simplify start script (Erik Arvstedt)
0f32f3c99e
clightning: add regtest support (Erik Arvstedt)
c24ac5d363
clightning: remove redundant option 'bitcoin-rpcconnect' (Erik Arvstedt)
abd32cde30
clightning: enable config file read access for group (Erik Arvstedt)
ddadaed3da
clightning: always use bind-addr in config (Erik Arvstedt)
9e928e2097
bitcoind: add regtest support (Erik Arvstedt)
Pull request description:
ACKs for top commit:
jonasnick:
ACK 9951f10e74
Tree-SHA512: 42e2d95755a16b59044e400bc4c9d891bfc22eb73b920fdcf29e607f7df88de599bec99677cf49be7c275c0113a2224a45b1f47f40c029878421eae1a44f3254
2020-10-17 13:04:27 +00:00
Erik Arvstedt
d3ece59919
add module 'versioning'
2020-10-16 23:23:00 +02:00
Erik Arvstedt
06b2ec5b02
joinmarket: add regtest support
2020-10-16 18:01:52 +02:00
Erik Arvstedt
975b30c90e
joinmarket: don't hardcode bitcoind rpc port
2020-10-16 18:01:52 +02:00
Erik Arvstedt
031df4231f
joinmarket: move comment out of config file
2020-10-16 18:01:52 +02:00
Erik Arvstedt
848c4c6eda
joinmarket: add variable 'bitcoind'
2020-10-16 18:01:52 +02:00
Erik Arvstedt
96b08f5d60
btcpayserver: add regtest support
2020-10-16 18:01:52 +02:00
Erik Arvstedt
bd2145dc77
btcpayserver: add 'port' option
2020-10-16 18:01:51 +02:00
Erik Arvstedt
001f8fe8d3
btcpayserver: use option bitcoind.rpc.port
2020-10-16 18:01:51 +02:00
Erik Arvstedt
6f4715ac2a
electrs: add regtest support
2020-10-16 18:01:51 +02:00
Erik Arvstedt
46efd141a1
lightning-loop: add regtest support
2020-10-16 18:01:51 +02:00
Erik Arvstedt
75ec85bea2
lnd: add regtest support
2020-10-16 18:01:51 +02:00
Erik Arvstedt
1935c252ec
lnd: remove redundant option 'bitcoind-host'
...
Also set bitcoind rpc port.
2020-10-16 18:01:51 +02:00
Erik Arvstedt
b1a8629223
lnd: add variable 'bitcoind'
2020-10-16 18:01:51 +02:00
Erik Arvstedt
937aee0062
spark-wallet: add regtest support
2020-10-16 18:01:50 +02:00
Erik Arvstedt
47d611b5ef
spark-wallet: use tor rate provider only when enforceTor
2020-10-16 18:01:50 +02:00
Erik Arvstedt
127b186c3c
spark-wallet: simplify start script
...
Also:
- quote paths
- use long form args
2020-10-16 18:01:50 +02:00
Erik Arvstedt
0f32f3c99e
clightning: add regtest support
2020-10-16 18:01:50 +02:00
Erik Arvstedt
c24ac5d363
clightning: remove redundant option 'bitcoin-rpcconnect'
2020-10-16 18:01:50 +02:00
Erik Arvstedt
abd32cde30
clightning: enable config file read access for group
...
Enables lightning-cli group access when nonstandard config options are set.
2020-10-16 18:01:50 +02:00
Erik Arvstedt
ddadaed3da
clightning: always use bind-addr in config
...
bind-addr can't be null.
2020-10-16 18:01:50 +02:00
Erik Arvstedt
9e928e2097
bitcoind: add regtest support
...
Remove unsupported option 'testnet'.
2020-10-16 18:01:49 +02:00
Erik Arvstedt
7d1797cec7
clightning: add option 'extraConfig'
2020-10-16 16:46:56 +02:00
Erik Arvstedt
e0117d56d1
spark-wallet: fix always-on onion-chef setting
...
Previously, the service failed when onion-service was disabled.
2020-10-16 16:46:55 +02:00
Erik Arvstedt
480d0d3959
liquid: fix bitcoin rpc settings
...
- Remove redundant option mainchainrpchost.
This option is already provided by bitcoind.
- Set a working default for rpcport and rpcuser.
Enables use without secure-node.
2020-10-16 16:46:55 +02:00
Erik Arvstedt
9aa19c3fdd
extract operator module
2020-10-16 16:46:55 +02:00
Erik Arvstedt
2dd1a741f7
modules: group imports
2020-10-16 16:46:55 +02:00
Erik Arvstedt
36358066e4
spark-wallet: don't disable tor when onion-service is disabled
...
This fixes modules-only usage.
We can leave enabling tor and tor.client to secure-node.nix, on which
spark-wallet has a strict dependency.
2020-10-16 15:53:33 +02:00
Erik Arvstedt
24069aa2c6
electrs: add option 'monitoringPort'
2020-09-30 11:26:41 +02:00
Erik Arvstedt
611cfe5a28
electrs: remove redundant daemonrpc option
2020-09-30 11:26:41 +02:00
Erik Arvstedt
a19d3b07c2
electrs: add variable 'bitcoind'
2020-09-30 11:26:41 +02:00
Erik Arvstedt
a6dde36b87
electrs: use consistent args formatting
...
One line per arg.
2020-09-30 11:26:40 +02:00
Jonas Nick
c051544d46
Merge #234 : loop: v0.8.1 -> v0.9.0
...
a89a3e934f
test: increase diskSize (nixbitcoin)
24b506ff8a
tests: simplify lightning-loop test (nixbitcoin)
e7c5f956ea
lightning-loop: update module (nixbitcoin)
4a503f57bd
lightning-loop: v0.8.1 -> v0.9.0 (nixbitcoin)
Pull request description:
ACKs for top commit:
jonasnick:
reACK a89a3e934f
erikarvstedt:
I think it's okay if you would just merge 24b506ff8a
, which is the direct parent of the ACK'd a89a3e934f
, and removing a89a3e934f
itself is totally uncontroversial.
Tree-SHA512: cee2a2714c714a22c35cea0fa829b42a371540983609cda6609f4d063d849f2e725643bd77cfe78eb71665725164d63f83b6c2589be9e72ba30aaecd7c8dee6c
2020-09-29 17:53:09 +00:00
nixbitcoin
73f4275d2a
backups: add btcpayserver database
2020-09-24 17:12:08 +00:00
nixbitcoin
e7c5f956ea
lightning-loop: update module
...
* commandlineArgs -> configFile
* introduce tls certs
* loop dataDir
* fix formatting and descriptions
Warning: Manual migration of existing loop data directory necessary
2020-09-24 16:40:11 +00:00
Jonas Nick
4cf31f8612
Merge #164 : Add JoinMarket Clientserver
...
dd882753e6
joinmarket: add usage documentation (nixbitcoin)
d0701f518c
joinmarket: automatically generate wallet (nixbitcoin)
d6d3e8ff62
joinmarket: add tests (nixbitcoin)
cce27da2ec
backups: add joinmarket datadir to includelist (nixbitcoin)
173891fa5b
joinmarket: add module (nixbitcoin)
263525d724
nix-bitcoin-services: add nb-services.privileged helper (nixbitcoin)
f00d1d24c5
joinmarket: add pkg and local dependencies (nixbitcoin)
Pull request description:
ACKs for top commit:
jonasnick:
ACK dd882753e6
Tree-SHA512: ad7bf56314877045bc8dc6037f966535dc3607d9e941cd03d19b610ee789307eac07447df7f93569dfa3e7553e8fc6d9757bdf8542fb123c5a2e2adec8f907a2
2020-09-22 17:16:08 +00:00
Jonas Nick
36c9c39d80
Deprecate lightning-charge and nanopos
...
Because we have btcpayserver now, nanopos is not really needed any more. Nanopos
was meant to be just a PoC. Lightning charge can be removed because nanopos is
the only module that depends on it.
2020-09-22 14:05:51 +00:00
nixbitcoin
d0701f518c
joinmarket: automatically generate wallet
2020-09-22 13:50:49 +00:00
nixbitcoin
cce27da2ec
backups: add joinmarket datadir to includelist
2020-09-22 13:50:43 +00:00
nixbitcoin
173891fa5b
joinmarket: add module
2020-09-22 13:50:37 +00:00
nixbitcoin
263525d724
nix-bitcoin-services: add nb-services.privileged helper
2020-09-22 13:43:15 +00:00