Commit Graph

312 Commits

Author SHA1 Message Date
nixbitcoin
47e5442910
Update nixpkgs
Includes CVE-2019-25016 patch
2021-02-12 09:59:55 +00:00
nixbitcoin
b6f6b5e372
lightning-loop: 0.11.2-beta -> 0.11.3-beta 2021-02-10 15:37:29 +00:00
Jonas Nick
f9683889d9
Merge #312: Refactorings, cleanups
0a2c8e4864 run-tests: add option --copy-src (Erik Arvstedt)
803584a288 backups: don't use hardcoded secrets dir (Erik Arvstedt)
c29d44b49a ci: use 'cachix watch-exec' (Erik Arvstedt)
6a32812412 services: add names for systemd helper scripts (Erik Arvstedt)
6982699613 services: use consistent layout (Erik Arvstedt)
a43534dda0 services: improve config file setup (Erik Arvstedt)
18f2002cf0 joinmarket-yieldgenerator: improve systemd journal output (Erik Arvstedt)
9d0b8c8f6f joinmarket-ob-watcher: use DynamicUser (Erik Arvstedt)
e9c98f415c joinmarket: explain need for tor control socket (Erik Arvstedt)
d9c87b6a8f joinmarket: fix wallet creation (Erik Arvstedt)
7458350108 treewide: remove deprecated types.loaOf (Erik Arvstedt)
9cf038939c treewide: use mkEnableOption (Erik Arvstedt)
7a97304f13 treewide: remove unit descriptions (Erik Arvstedt)
a942177ecf treewide: remove user descriptions (Erik Arvstedt)
4f6ff408ef treewide: remove unneeded string literals (Erik Arvstedt)
e6a6c721c1 treewide: streamline 'extraConfig' descriptions (Erik Arvstedt)
e774c045de treewide: fix formatting (Erik Arvstedt)
0b5b29a2a3 netns-isolation: simplify permission definition for netns-exec (Erik Arvstedt)
a587a2b02a defaultHardening: explain where @system-service is defined (Erik Arvstedt)
bb3a69797e README: minor improvements (Erik Arvstedt)
13fc9dfabf examples: improve introductory comments (Erik Arvstedt)
af2040f4c4 netns-isolation: use 'true' for systemd option (Erik Arvstedt)
c246bbb36e bitcoind, clightning, lnd: improve descriptions (Erik Arvstedt)
7533f12ef1 bitcoind, clightning, run-tests: minor refactoring (Erik Arvstedt)
41fe9b0c1d elementsd: minor refactoring (Erik Arvstedt)
f0850d3f23 btcpayserver: reorder config settings (Erik Arvstedt)
d1c0ea9f85 btcpayserver: add missing systemd postgresql dependency (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 0a2c8e4864

Tree-SHA512: 5c81b36042fbb2f016c8e58ba9e05ef3389d5376b8df713d3258d2cd0b6a9239904531171aca8e49bea7039341d5fa91aa9474c6d98de849c25ede52deccc5a3
2021-02-08 20:32:03 +00:00
Erik Arvstedt
6a32812412
services: add names for systemd helper scripts
The systemd journal now shows a specific script name instead of
the generic name "script" before script output.
2021-02-07 22:45:36 +01:00
Jonas Nick
2ebd1129a5
Merge #317: Pkg updates
a0f48c9de9 examples: fix deploy-container interactive flag (nixbitcoin)
a2f265cd35 secp256k1: move to top-level packages (Erik Arvstedt)
d41a843167 jmbitcoin: remove secp256k1 from propagatedBuildInputs (Erik Arvstedt)
c22adb03af extra-container: 0.5 -> 0.6 (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK a0f48c9de9
  jonasnick:
    ACK a0f48c9de9

Tree-SHA512: 29fa58a960673df407831dd41594c66b26dad1de1e792f4fcc8e35641f39dd873d77b725651be5e01c875bf42284fa78903bab0ea677ec5a0e7eccf98816845d
2021-02-07 21:44:10 +00:00
Erik Arvstedt
4f6ff408ef
treewide: remove unneeded string literals 2021-02-07 22:41:29 +01:00
Erik Arvstedt
e774c045de
treewide: fix formatting 2021-02-07 22:40:10 +01:00
Erik Arvstedt
a587a2b02a
defaultHardening: explain where @system-service is defined 2021-02-07 22:39:06 +01:00
Erik Arvstedt
41fe9b0c1d
elementsd: minor refactoring
- Use pname
- urls -> url
2021-02-07 22:39:05 +01:00
Erik Arvstedt
a2f265cd35
secp256k1: move to top-level packages
Reason: secp256k1 is not a Python package.
2021-02-06 11:43:36 +01:00
Erik Arvstedt
d41a843167
jmbitcoin: remove secp256k1 from propagatedBuildInputs
Adding this input has no effect. jmbitcoin accesses secp256k1 via bitcointx.
2021-02-06 11:43:36 +01:00
Erik Arvstedt
c22adb03af
extra-container: 0.5 -> 0.6 2021-02-06 11:43:36 +01:00
nixbitcoin
ebd478fd0d
lnd: add option 'restOnionService' 2021-02-05 09:17:14 +01:00
Erik Arvstedt
a344ae95c9
move mkHiddenService to lib 2021-02-04 12:39:54 +00:00
Erik Arvstedt
a26ed03d77
rename nix-bitcoin-services.nix -> lib.nix 2021-02-04 12:39:48 +00:00
nixbitcoin
a33c678d3b
update nixpkgs-unstable
Includes c-lightning 0.9.3 and lnd 0.12.0-beta
2021-02-01 10:11:30 +00:00
Erik Arvstedt
8f9ea61d6e
update nixpkgs-unstable
- bitcoind 0.20.1 -> 0.21.0
  Manually create a wallet in the backup test because bitcoind
  does not create a default wallet anymore

- disable the failing elementsd build on unstable
2021-01-31 22:26:30 +01:00
Erik Arvstedt
05e5ec99ec
modules packages: build electrs, lightning-loop with nixpkgs stable
Building with nixBitcoinPkgsUnstable was only a temporary measure to
fix build errors on stable.
2021-01-30 11:38:47 +01:00
Jonas Nick
58a88619ae
Merge #306: Update nixpkgs
f96591c030 Update nixpkgs (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f96591c030

Tree-SHA512: 41e79c1660108a7f6d879a11eecdcfd01135079f664794c198eef08c542dd0e829a6033cfc0851d3d9d5fb0f154db7933efa11a3e3d808dd40ef6d89dee0c58a
2021-01-27 16:17:11 +00:00
nixbitcoin
f96591c030
Update nixpkgs
Includes CVE-2021-3156 patch
2021-01-27 15:15:47 +00:00
nixbitcoin
69da6f94f1
electrs: v0.8.6 -> v0.8.7 2021-01-20 13:20:18 +00:00
nixbitcoin
8c125ec48c
joinmarket-obwatcher: add pkg & module 2021-01-17 17:40:12 +00:00
Erik Arvstedt
915df059f4
joinmarket: 0.8.0-bcfa7eb -> 0.8.0-a5e8879 2021-01-17 17:40:01 +00:00
Erik Arvstedt
254246cf39
joinmarket: use installPhase
This simplifies the build.
2021-01-17 14:17:14 +01:00
Erik Arvstedt
55073eee70
remove nix-bitcoin.pkgs.lib
Type ipv4Address is not needed anymore because all services have
separate 'port' and 'address' options.
2021-01-14 13:25:05 +01:00
Jonas Nick
79f4723cda
lightning-charge: remove package and module 2021-01-01 19:16:46 +00:00
Jonas Nick
58de79d401
nanopos: remove package and module 2021-01-01 17:37:30 +00:00
nixbitcoin
9423eadcee
clboss: add pkg 2020-12-22 09:39:37 +00:00
Jonas Nick
7b32a78de2
Merge #284: Fix containers
2bfb4efbd8 make-container: fix usage comment (Erik Arvstedt)
3403795c86 tests: add example scripts (Erik Arvstedt)
ff94985b8b tests: add test 'hardened' (Erik Arvstedt)
c8e73c959e fix 'hardened' profile for NixOS 20.09 (Erik Arvstedt)
44b06aea5a extra-container: 0.5-pre -> 0.5 (Erik Arvstedt)
a359cdfb66 generate-secrets: use pwgen (Erik Arvstedt)
a5a2fc7274 make-container: fix renamed variable (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 2bfb4efbd8
  jonasnick:
    utACK 2bfb4efbd8

Tree-SHA512: 421b1fc5bf695d6815f060d129855ae0fecc06f7946ed8ac2bfe53895d7dc9529aad40099fc16844547791010232252f74b1ce32cbc9c6458e6d77f327450e94
2020-12-21 12:24:14 +00:00
Erik Arvstedt
44b06aea5a
extra-container: 0.5-pre -> 0.5 2020-12-18 19:56:56 +01:00
Erik Arvstedt
a359cdfb66
generate-secrets: use pwgen
Password length and alphabet is unchanged, but the restriction to
include at least one numeric and one capital char has been removed.
This restriction is not needed by client applications,
adds code complexity, and even (insignificantly) reduces entropy.

Reason for switching to pwgen:
apg uses /dev/random instead of /dev/urandom which brings no security
benefits but can stall the generate-secrets script on low-entropy
devices due to blocking.

Since `security.rngd` has been disabled in NixOS 20.09, blocking
in generate-secrets can also appear on regular NixOS desktop systems.
2020-12-18 19:56:56 +01:00
nixbitcoin
fdfafb2f40
joinmarket: 0.7.4 -> 0.8.0-bcfa7eb
Update to 0.8.0 with hotfix for genwallet script
Includes module versioning error with migration instructions
2020-12-17 11:12:58 +00:00
nixbitcoin
c9657305e7
temp: modify get-sha256 for hotfix commit 2020-12-14 16:55:03 +00:00
nixbitcoin
522b0000e6
lightning-loop: 0.11.1-beta -> 0.11.2-beta 2020-12-09 16:13:24 +00:00
Jonas Nick
fabe4df478
Update nixpkgs
Includes clightning: 0.9.1 -> 0.9.2 and btcpayserver: 1.0.5.5 -> 1.0.5.9
2020-12-07 12:30:11 +00:00
Jonas Nick
8e268c5ced
Fetch from the nixpkgs repo instead of nixpkgs-channels
nixpkgs-channels is deprecated.
2020-12-06 21:42:20 +00:00
Erik Arvstedt
1c0233c0a8
use Cirrus CI
- Make more economic use of the free CI resources by removing redundant build tasks:
  - Build unstable pkgs in a single separate task ("pkgs_unstable").
  - All stable pkgs are implicitly built by the modules tests.
- The build script (ci/build.sh) can now be executed locally for easier
  debugging.
- Use an explicit 'cachix push' command instead of helper/wait-for-network-idle.rb.
  This is simpler and more reliable.
2020-12-06 19:07:54 +01:00
Erik Arvstedt
a6346c2561
electrs: 0.8.5 -> 0.8.6 2020-12-01 12:51:36 +01:00
Ian Shipman
1d44b99340 add curated clightning plugins 2020-11-18 20:21:34 -06:00
Erik Arvstedt
5399f73b20 add txzmq python pkg 2020-11-18 20:21:34 -06:00
Erik Arvstedt
e62e163177 add clightning python pkgs 2020-11-18 20:21:34 -06:00
Erik Arvstedt
1a16e55237 move python packages to pkgs/python-packages
Remove obsolete passthru from joinmarket because joinmarket packages are
now accessible via pkgs/python-packages.
2020-11-18 20:21:34 -06:00
nixbitcoin
50372c9f2f
lightning-loop: 0.11.0-beta -> 0.11.1-beta 2020-11-18 15:36:38 +00:00
Erik Arvstedt
f1681f5b45
add option nix-bitcoin.pkgs, remove overlay
This works around a nixpkgs bug where overlays are ignored in containers.
2020-11-09 22:10:07 +01:00
Jonas Nick
a36957203c
Update nixpkgs (stable 20.03 -> 20.09) 2020-11-08 20:37:16 +00:00
nixbitcoin
546053511b
lightning-loop: 0.10.0-beta -> 0.11.0-beta 2020-11-06 08:51:30 +00:00
nixbitcoin
d4c0653c64
joinmarket: 0.7.0 -> 0.7.2 2020-11-06 08:51:15 +00:00
Jonas Nick
dbad828851
Merge #255: Improve netns-isolation and Tor config
b4b607dfa5 netns: simplify firewall setup (Erik Arvstedt)
25639cec42 netns: fix error msg when starting netns (Erik Arvstedt)
67068afd6b netns: fix error when stopping netns (Erik Arvstedt)
4ff88efc50 netns: add address binding test (Erik Arvstedt)
8da01fe8a6 lightning-loop: allow RPC access from main netns (Erik Arvstedt)
d76b080b74 lightning-loop: add RPC and REST server options (Erik Arvstedt)
9ddf7864a4 lightning-loop regtest: fix incorrectly succeeding test (Erik Arvstedt)
e66636ef0e liquidd: use type str for rpcbind (Erik Arvstedt)
de23fdd377 lnd: use type str for rpclisten, restlisten (Erik Arvstedt)
8b053326cc bitcoind: use type str for rpcbind (Erik Arvstedt)
6903e8afcc netns-liquidd: allow RPC access from main netns (Erik Arvstedt)
82f4901880 netns-lnd: allow RPC access from main netns (Erik Arvstedt)
58d24e735d netns-bitcoind: allow RPC access from main netns (Erik Arvstedt)
0e2ff948d3 test: add scenario 'netnsRegtest' (Erik Arvstedt)
e0675cb256 move enforceTor logic to service modules (Erik Arvstedt)
0cc8caa737 lnd: only set tor.active on enforceTor (Erik Arvstedt)
9a931483b9 netns test: remove strict dependency on clightning, electrs (Erik Arvstedt)
bae1b7f413 netns test: improve ping test (Erik Arvstedt)
5e0e16529c netns: fix default addressblock value type (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b4b607dfa5
  nixbitcoin:
    ACK b4b607dfa5

Tree-SHA512: b290831d9a3fa4de56b0f19cf84a1998e830aa844532d7cba8cd8227c785a23bfa1514123a974652e8e61060e1297b6bfbcff9640580206a04c5292309b1daef
2020-11-02 16:11:34 +00:00
Erik Arvstedt
8da01fe8a6
lightning-loop: allow RPC access from main netns
Note that this also exposes the REST server, which is secured by
macaroon auth like the RPC server.
2020-10-29 21:21:29 +01:00
Erik Arvstedt
6903e8afcc
netns-liquidd: allow RPC access from main netns 2020-10-29 21:21:28 +01:00
Erik Arvstedt
82f4901880
netns-lnd: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
58d24e735d
netns-bitcoind: allow RPC access from main netns 2020-10-29 21:21:27 +01:00
Erik Arvstedt
2a9b918f72
generate-secrets: always run with Bash, stop on errors 2020-10-23 10:54:15 +02:00
nixbitcoin
486f385fdd
lightning-loop: 0.9.0 -> 0.10.0
Includes macaroon authentication
2020-10-19 08:59:14 +00:00
nixbitcoin
480df0dd65
elementsd: 0.18.1.8 -> 0.18.1.9 2020-10-18 16:00:08 +00:00
nixbitcoin
1f2f910774
spark-wallet: 0.2.16 -> 0.2.17 2020-10-18 16:00:06 +00:00
Erik Arvstedt
572967d3ad
extra-container: pre-release -> 0.5-pre 2020-10-16 15:53:32 +02:00
Erik Arvstedt
ac6cee5c12
pkgs: add extra-container 2020-10-11 19:40:26 +02:00
Jonas Nick
c051544d46
Merge #234: loop: v0.8.1 -> v0.9.0
a89a3e934f test: increase diskSize (nixbitcoin)
24b506ff8a tests: simplify lightning-loop test (nixbitcoin)
e7c5f956ea lightning-loop: update module (nixbitcoin)
4a503f57bd lightning-loop: v0.8.1 -> v0.9.0 (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    reACK a89a3e934f
  erikarvstedt:
    I think it's okay if you would just merge 24b506ff8a, which is the direct parent of the ACK'd a89a3e934f, and removing a89a3e934f itself is totally uncontroversial.

Tree-SHA512: cee2a2714c714a22c35cea0fa829b42a371540983609cda6609f4d063d849f2e725643bd77cfe78eb71665725164d63f83b6c2589be9e72ba30aaecd7c8dee6c
2020-09-29 17:53:09 +00:00
Jonas Nick
d4f9bbac3f
Update nixpkgs
Includes clightning: 0.9.0-1 -> 0.9.1
2020-09-28 18:22:08 +00:00
Jonas Nick
00b413b5ce
Merge #237: BTCPayServer from upstream & postgresqlBackup
73f4275d2a backups: add btcpayserver database (nixbitcoin)
0784e2d479 Revert "temp: mirror erikarvstedt btcpayserver" (nixbitcoin)
7764f36405 pkgs: update pinned nixpkgs (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 73f4275d2a

Tree-SHA512: 6cd9ed61139918c762cfd66cfdc6f92d3d4d173fa29f8a7244b5f613a7982c5d48e10f0f0bce374cb40a51a84b4765ef8afb1b74fde5166967709d973107aa52
2020-09-25 17:57:21 +00:00
nixbitcoin
e7c5f956ea
lightning-loop: update module
* commandlineArgs -> configFile
* introduce tls certs
* loop dataDir
* fix formatting and descriptions

Warning: Manual migration of existing loop data directory necessary
2020-09-24 16:40:11 +00:00
nixbitcoin
4a503f57bd
lightning-loop: v0.8.1 -> v0.9.0 2020-09-24 16:39:36 +00:00
Erik Arvstedt
774da9d4e0
generate-secrets: fix python version for rpcauth
I accidentally included the minor version number.
Version 3.5 has been removed from nixpkgs unstable.
2020-09-24 16:32:38 +02:00
nixbitcoin
0784e2d479
Revert "temp: mirror erikarvstedt btcpayserver"
This reverts commit 99295328b4.
Removes nbxplorer/btcpayserver from travis
Adds nbxplorer/btcpayserver to pinned.nix
2020-09-24 09:33:46 +00:00
nixbitcoin
7764f36405
pkgs: update pinned nixpkgs 2020-09-24 09:33:44 +00:00
nixbitcoin
d0701f518c
joinmarket: automatically generate wallet 2020-09-22 13:50:49 +00:00
nixbitcoin
173891fa5b
joinmarket: add module 2020-09-22 13:50:37 +00:00
nixbitcoin
f00d1d24c5
joinmarket: add pkg and local dependencies 2020-09-22 13:43:08 +00:00
nixbitcoin
15b574faa7
nbxplorer/btcpayserver: add module 2020-09-15 12:09:12 +00:00
Calvin Kim
99295328b4
temp: mirror erikarvstedt btcpayserver 2020-09-15 12:08:51 +00:00
Jonas Nick
4bddeb13b1
Update nixpkgs
Includes update lnd 0.10.3 -> 0.11.0
2020-09-08 08:21:26 +00:00
nixbitcoin
e56d5365cb
loop: update 0.7.0 -> 0.8.1 2020-08-30 07:59:01 +00:00
Jonas Nick
1c31208078
Merge #229: Improve bitcoind RPC user config
9b6a3ec835 generate-secrets: extract fn 'makeHMAC' (Erik Arvstedt)
ca18ffb90a generate-secrets: fetch rpcauth.py from github (Erik Arvstedt)
4d6127bb76 bitcoind: clarify RPC whitelist test (Erik Arvstedt)
9d610991be bitcoind: remove custom rpc user names (Erik Arvstedt)
1408403dec bitcoind: clarify how bitcoin-cli RPC access is enabled (Erik Arvstedt)
4790c601a1 bitcoind: move rpc user config to bitcoind (Erik Arvstedt)
876cfadf1a bitcoind: add rpc user option 'passwordHMACFromFile' (Erik Arvstedt)
59434e79f0 bitcoind: simplify default rpc user name config (Erik Arvstedt)
205829b91f bitcoind: remove whitespace (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 9b6a3ec835
  jonasnick:
    concept ACK 9b6a3ec835

Tree-SHA512: ccb9a8d2dc1f360cc1f0bd77535fa8edfd9afec0a519719103fd059d5912a1ed4960c22ef14df616a731f6a88861fecb8d1653fb71c2288b851e4a02f9f49cb2
2020-08-29 20:06:53 +00:00
Erik Arvstedt
9b6a3ec835
generate-secrets: extract fn 'makeHMAC' 2020-08-27 12:20:06 +02:00
Erik Arvstedt
ca18ffb90a
generate-secrets: fetch rpcauth.py from github
No need to vendor this.
2020-08-27 12:20:06 +02:00
Jonas Nick
4d19fb7bf7
Merge #228: Update nixpkgs
52978b87fb Update nixpkgs (Jonas Nick)
6a2efccdf3 spark-wallet: 0.2.14 -> 0.2.16 (Jonas Nick)
438dde84fe Replace sks-keyservers.net with keyserver.ubuntu.com (Jonas Nick)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 52978b87fb

Tree-SHA512: b3f68865e2606760682e8fc1f6e637bfb38b382ea25cc67eff6402585b0f7118f132a5d9d7531c650d29d69c0b4eb8e277ad172038be73c4d34a9de678140844
2020-08-26 09:52:47 +00:00
Erik Arvstedt
ed73627e02
netns-exec: minor style fixes
- Use inline variable declarations
- Improve messages
- Fix naming: available -> allowed
- Simplify intro comment
2020-08-25 14:53:12 +02:00
Erik Arvstedt
91ebc2d517
netns-exec: simplify installation 2020-08-25 14:53:12 +02:00
Jonas Nick
52978b87fb
Update nixpkgs
Includes clightning 0.9.0
2020-08-25 12:41:29 +00:00
Jonas Nick
6a2efccdf3
spark-wallet: 0.2.14 -> 0.2.16
This will be required for clightning 0.9.0
2020-08-25 12:40:47 +00:00
Jonas Nick
438dde84fe
Replace sks-keyservers.net with keyserver.ubuntu.com
sks-keyservers fail most of the time.
2020-08-25 12:39:54 +00:00
Jonas Nick
322ba5bfff
Add nix-bitcoin.lib for utility functions and types 2020-08-20 21:31:24 +00:00
nixbitcoin
e4fb7a52de
backups: add module 2020-08-04 15:25:37 +00:00
Jonas Nick
0baeb2acce
Merge #209: Lightning loop
e9204946d4 lightning-loop: add tests (nixbitcoin)
491d83a658 lightning-loop: add module (nixbitcoin)
8f3588b13f lnd: higher attempt limit for less-powerful machines (nixbitcoin)
1bb801ad7b lightning-loop: add pkg (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e9204946d4

Tree-SHA512: cc8bb85978350dd530c3c8d2c9aca5ddc4ab1f72cdd27d031bb303eca1d9473f18e45bc119c62bb2991faa32b3e1d42e4439f02a56ab3a6b975b0bd491195604
2020-07-28 20:02:12 +00:00
nixbitcoin
1bb801ad7b
lightning-loop: add pkg 2020-07-28 15:55:48 +00:00
nixbitcoin
5a978a2836
bitcoind: switch from rpcpassword to rpcauth
Includes bitcoind's `share/rpcauth` to convert apg generated passwords
into salted HMAC-SHA-256 hashed passwords.
2020-07-28 14:32:47 +00:00
nixbitcoin
4dbc348921
electrs: remove TLSProxy
https://github.com/spesmilo/electrum/issues/5278 was resolved
2020-07-21 13:41:03 +00:00
nixbitcoin
c55296433d
lnd: add netns
- Adds lnd to netns-isolation.services
- Specifies listen option (defaults to localhost) as target of
  hiddenService.
- Amends hardcoded lnd ip to lnd-cert

WARNING: Breaking changes for lnd cert. lnd-key and lnd-cert will have
to be deleted and redeployed.
2020-07-21 09:38:35 +00:00
Jonas Nick
4a7199a3da
netns-exec: add c program to execute commands in netns
c program allows executing commands in nb-bitcoind, nb-lnd, nb-liquidd
(the netns's needed for operator cli scripts).
2020-07-21 09:38:16 +00:00
nixbitcoin
ae364a68ad
hwi: 1.0.3 -> 1.1.2
hidapi needed to be added as a custom dependency to be able to build
from unstable.
2020-07-19 13:52:46 +00:00
nixbitcoin
fe6e118bb3
elementsd: 0.18.1.3 -> 0.18.1.8
Also includes `get-sha256.sh` to easily determine verified sha256's
2020-07-19 12:15:39 +00:00
nixbitcoin
5ca58a2a26
nixpkgs: update stable and unstable
Includes bitcoin 0.20.0 and lnd 0.10.3
2020-07-19 12:15:33 +00:00
nixbitcoin
e81ccb6596
electrs: 0.8.3 -> 0.8.5 2020-07-07 10:54:40 +00:00
nixbitcoin
5d01ea7101
nodeinfo: Convert to module and allow alternative operator username
currently, nodeinfo has presets/secure-node.nix as a strict
dependency as it requires onion-chef and the 'operatorName' option.
and nix-bitcoin-webindex.nix has nodeinfo as a dependecy.

so don't add nodeinfo and webindex to modules.nix because they will fail on standalone use.
2020-05-19 11:13:24 +00:00
nixbitcoin
e67a818297
lightning-charge: 0.4.14 -> 0.4.19 2020-05-19 11:13:13 +00:00
Jonas Nick
041af87ec1
Update nixpkgs (lnd 0.10, clightning 0.8.2) 2020-05-14 22:16:41 +00:00
nixbitcoin
8b2ae9c1b7
spark-wallet: update 0.2.13 -> 0.2.14
Download shesek's github spark-npm.tgz, verify signature, unpack
spark-npm.tgz, patch package.json to include qrcode-terminal in
dependencies, run node2nix with tmpdir as local source, replace tmpdir
spark-wallet source with shesek's github spark-npm.tgz in
node-packages.nix.

spark-wallet: erikarvstedt fixups
2020-05-10 17:12:45 +02:00
Erik Arvstedt
2d3a1e839e
electrs: fix conditional cargoSha256 2020-05-03 18:32:56 +00:00
Jonas Nick
f5dbac318d
nixops: fix format exception from upstream nixops
Without this our nixops doesn't build
2020-05-03 18:32:56 +00:00
Jonas Nick
c03ad1ccfa
Update nixpkgs (stable 19.09 -> 20.03) 2020-05-03 18:32:56 +00:00
Jonas Nick
b7047c7286
HWI: allow building with unstable nixpkgs 2020-05-03 18:32:49 +00:00
nixbitcoin
1acb22a872
Get electrs source tarball with gpg verified sha256 and corresponding helper script
move script to pkg dir, add hint to script in pkg def

remove unneeded script deps

add extended bash error checking

rename DIR -> TMPDIR

remove TMPDIR on exit

strip whitespace, simplify comments

gpg2 -> gpg

latesttagelectrs -> latest

tmpdir: don't use XDG_RUNTIME_DIR

XDG_RUNTIME_DIR is often in RAM and shouldn't be used for larger
workloads like repo downlaods

verify fingerprint of the imported key

remove trailing '-' in output

simplify output

Hide --fetch-key output

Output is not relevant to user, looks better without it

More accurately describe ./get-sha256 function

User might think that ./get-sha256 automatically updates sha256 in default.nix

Fetch key from sks keyservers instead of keybase.io

Using --recv-key simplifies getting the right key, and only the
right key, greatly. I try to refrain from using sks keyservers,
but the certificate spamming attack shouldn't be an issue in this
case because we create a temporary keychain just for the
verificaiton.

remove unneeded cargoDepsHook

Make clang nativeBuildInput instead of buildInput
2020-04-26 17:02:14 +02:00
nixbitcoin
707b06aed1
Update pinned nixpkgs 2020-04-26 16:59:41 +02:00
Jonas Nick
aee39d6549
Merge #165: Electrs fixes
e95f5981aa Remove KN countrycode (nixbitcoin)
742aef1e0f Only set dataDirReadableByGroup if cfg.high-memory is enabled (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e95f5981aa

Tree-SHA512: e8253b934211e6fc6be11917f8acb05a05e390caafdf86f90670f9299d9c0d98596758ff021c65aae199c9a5a3f86f87854e1b8f50a53bab8ad28d9a7003d98e
2020-04-25 18:58:53 +00:00
William Casarin
47b2b110cc pinned: make it easy to use pinned packages
It appears the pinned attrset is a bit adhoc. This generalizes
pinned.nix so that you can do:

  $ nix build -f . pinned.stable.hwi
  $ nix build -f . pinned.unstable.hwi

etc

Signed-off-by: William Casarin <jb55@jb55.com>
2020-04-24 16:58:00 -07:00
nixbitcoin
e95f5981aa
Remove KN countrycode 2020-04-24 16:27:48 +02:00
nixbitcoin
89dc836f94
Update spark-wallet 0.2.12 -> 0.2.13 2020-04-17 14:13:04 +02:00
Erik Arvstedt
041ec55794
nixops: build with pinned nixpkgs 2020-04-08 17:29:50 +02:00
Jonas Nick
9239268ab6
Merge #136: Change the nix-bitcoin deployment from forking this repo to importing the module
b2e15c17b8 docs: Update to new deployment method (import instead of fork) (Jonas Nick)
5ed0284db9 Add fetch-release script (Jonas Nick)
c303cd47e4 Add push-release.sh helper (Jonas Nick)
705d187a35 examples/shell.nix: don't run shellHook on subsequent nix-shells (Erik Arvstedt)
65039be656 docs: Remove duplicate instructions (Jonas Nick)
455c5664c9 docs: Replace tabs with spaces (Jonas Nick)
8aa4714979 docs: Update NixOS version (Jonas Nick)
9df22a2764 add deploy-qemu-vm.sh example (Erik Arvstedt)
548ced1994 README: Add Example section (Jonas Nick)
44ccbb91d0 Clean up development shell.nix (Jonas Nick)
abcee651d3 add deploy-container.sh (Erik Arvstedt)
5dadea310c add deploy-nixops.sh (Erik Arvstedt)
0c74c365de mention performance loss with hardened kernel profile (Erik Arvstedt)
f3121892ef move main module import to configuration.nix (Erik Arvstedt)
0c0978c007 extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' (Erik Arvstedt)
87d0286498 Change the nix-bitcoin deployment from forking this repo to importing the module (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 18e8b71f42715c5e82e2dafde9dcc965594d76aacc6be7ee2ec746a9510065749cc65331687a57d7140f45779c3b7867f6260ec224d361fb5a477062a27d6e4c
2020-04-08 15:03:08 +00:00
Erik Arvstedt
3a606608fb
remove custom no-upnp bitcoind builds
Disabling upnp via compilation brings no substantial security benefits.
There's no way to inadvertently enable upnp, it must be set explicitly
via bitcoind.extraConfig.

But it's a huge hassle for new users who have to recompile bitcoind
before being able to use nix-bitcoin.

Also, elementsd is currently built with upnp support by default.
2020-03-26 10:14:03 +01:00
Erik Arvstedt
5dadea310c
add deploy-nixops.sh 2020-03-24 21:43:22 +00:00
Jonas Nick
28cf7ebe74
Add nixops19_09 to default pkgs.
It's helpful to be able to use this packages when importing nix-bitcoin.
2020-03-08 14:00:23 +00:00
Erik Arvstedt
f30aadbef2
electrs: enable unstable build, pin pkg to unstable
stable's buildRustPackage is painfully slow when evaluating (adds >1 sec
even on a fast machine).

This is fixed (https://github.com/NixOS/nixpkgs/pull/69274) in unstable.
2020-03-04 18:09:50 +01:00
Erik Arvstedt
5c6571654e
electrs: 0.7.1 -> 0.8.3
Use buildRustPackage instead of buildRustCrate (via crate2nix).

buildRustPackage builds the whole executable and its libraries in a
single `cargo build` process.

With the create2nix approach each library is built in a separate derivation,
directly using rustc instead of the cargo wrapper.

Benefits of buildRustPackage:
- Much simpler to maintain
- Package derivation evaluates much faster

Benefits of crate2nix:
- Build can be distributed over multiple build hosts
- Better sharing of common dependencies between different builds
- More fine-grained rebuilding on build failures

In nixpkgs buildRustPackage is used for almost all Rust pkgs, it's
also a better fit for our use case.
2020-03-04 18:09:50 +01:00
Erik Arvstedt
cce9932b62
make pinned pkgs accessible through pkgs/default.nix
Useful for developing and for importing pinned pkgs via config.nix.
2020-03-04 18:09:48 +01:00
Jonas Nick
b6d7e81c31
Update nixpkgs (lnd 0.8.1 -> lnd 0.9.0, clightning 0.8.0 -> 0.8.1) 2020-02-23 18:30:39 +00:00
Erik Arvstedt
7dd5f01527
lightning-charge: 0.4.7 -> 0.4.14 2020-01-15 23:09:08 +00:00
Jonas Nick
8eb2346358
elementsd 0.18.1.1 -> 0.18.1.3 2020-01-13 08:23:19 +00:00
Jonas Nick
d68b77c0ca
spark-wallet 0.2.9 -> 0.2.12 2020-01-13 08:23:19 +00:00
Jonas Nick
4e7b67d5e7
Update nixpkgs 2020-01-13 08:23:11 +00:00
Erik Arvstedt
b1e13e9415
simplify secrets file format
Each secret file to be deployed is now backed by one local file.
This simplifies 'setup-secrets' and the secret definitions.
Also, with the old format it was not possible to add new secrets
to secrets.nix in a simple way.

Old secrets are automatically converted to the new format when running
nix-shell.

Using the new option 'nix-bitcoin.secrets', secrets are now directly
defined by the services that use them.
2020-01-13 00:25:11 +01:00
Erik Arvstedt
10d6b04ac8
support enabling clightning and lnd simultaneously
Needed for testing.
2020-01-12 20:02:04 +01:00
Erik Arvstedt
cd5ed39b9c
lnd: add cli option 2020-01-12 20:02:02 +01:00
Erik Arvstedt
1833b15888
clightning: add cli option
An executable is more robust to use than shell aliases.

This is also a preparation for commit 'add module test' because the
NixOS testing framework makes interactive aliases hard to use: It
unsets 'PS1' which is used by programs/bash/bash.nix to detect
interactive shells.
2020-01-12 20:02:02 +01:00
Erik Arvstedt
6447694214
add generate-secrets pkg
generate-secrets.sh will also be used in generate-secrets.nix, so DRY
its dependency definitions.
2020-01-12 20:02:01 +01:00
Erik Arvstedt
cd0fd6926b
don't copy secret files to store during nixops deployment 2020-01-12 20:02:00 +01:00
Erik Arvstedt
7e021a2629
simplify overlay.nix
Move pkg definitions to pkgs/default.nix.
This allows us to just import the pkgs in overlay.nix and get rid of
the filtering to exclude the modules.
2020-01-09 10:43:29 +01:00
Jonas Nick
5575878aad
Update nixpkgs 2019-11-18 23:25:32 +00:00
Jonas Nick
ab35dc29eb
Update hwi 1.0.1 -> 1.0.3
Also remove unstable hwi build from travis because hwi requires mnemonic
<0.19.0 but nixpkgs unstable has 0.19.0.
2019-11-17 14:20:47 +00:00
Jonas Nick
44372e764f
Update nixpkgs 2019-11-16 21:47:06 +00:00
Erik Arvstedt
39885d37c1
banlist: simplify script, remove package
We're now directly using Greg's unmodified banlist which
simplifies the update process.

The banlist package with its dependency on the bitcoin datadir path is only
relevant for internal use within nix-bitcoin, so we can safely remove
it.

We're now using the bitcoin-cli from `services.bitcoind.package`.

Fixes #129
2019-11-12 19:42:33 +01:00
Erik Arvstedt
46edb39d2f
Add content hashes for pinned channels 2019-11-11 18:45:17 +01:00
Jonas Nick
6ba4a43193
Fix release.nix.patch for our nixops 2019-11-10 21:33:26 +00:00
Erik Arvstedt
cfafcb5d32
Fix virtualbox deployment for 19.09
Without this, starting the virtualbox guest service fails during machine activation.
This is due to an incompatible NixOS machine base image.
Fix this by using an updated version of nixops.
2019-11-10 21:06:17 +01:00
Jonas Nick
26d2e11a6b
Update to NixOS 19.09 2019-10-28 20:58:57 +00:00
Jonas Nick
1d022f2017
Remove PyQt dependency from liquid-swap tool because it doesn't work with NixOs 19.09 and we don't need it anyway 2019-10-27 16:48:26 +00:00
William Casarin
a152c19945 spark-wallet: 0.2.8 -> 0.2.9 2019-10-18 00:34:39 +02:00
Jonas Nick
c8448b8c4a
Merge #120: Update nixpkgs
c5024d0f15 Add liquid-swap tool to CI (Jonas Nick)
29e612d3bd Remove spark-wallet with unstable from nixpkgs because it doesn't work (Jonas Nick)
c1d67c4cee Update nixpkgs (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 64de79713b656a7535c0a89f8cead5be0168b067d2e79d9b9dfa7152635d09cea677494ad04f8a0b5f9c5278860ff8f75813561ddafb5ca8024f1f66b4fd4f34
2019-10-14 08:31:20 +00:00
Jonas Nick
c1d67c4cee
Update nixpkgs 2019-10-07 11:53:05 +00:00
Jonas Nick
8e69e42c12
Update elementsd to 0.18.1.1 2019-10-02 09:23:06 +00:00
Jonas Nick
491dcf9568
Merge #117: Fix nodeinfo for clightning
ae15205689 Mention another way to get nixops to pick up the correct IP address of a virtualbox (Jonas Nick)
4df0c9fcfd Fix nodeinfo for clightning (Jonas Nick)

Pull request description:

ACKs for top commit:
  cypherpunk2140:
    ACK ae15205689

Tree-SHA512: 56fff8c687e0070c0dcd1d7c44cd1b82f6d86103e8634a06fc823dea4bf9d1d986bcfb19caa6c72836c4cbcb636cd5360b3326ae71ee05ecf0942c02566b61b9
2019-09-24 08:15:19 +00:00
William Casarin
d7d35b875a nixpkgs-pinned: fetch a tarball instead
it's much faster
2019-09-15 18:33:02 -07:00
Jonas Nick
4df0c9fcfd
Fix nodeinfo for clightning 2019-08-31 15:23:58 +00:00
Jonas Nick
e4d2aab561
Merge #107: Add LND support
9d029fd1af Remove lnd explicit tor onion service config (Ștefan D. Mihăilă)
1f407ef22c Remove lnd user from onion-chef (Ștefan D. Mihăilă)
5880023158 Increase xxd column size (Ștefan D. Mihăilă)
101ae3c370 Instruct user to backup channel.backup (Ștefan D. Mihăilă)
fccd91972a Fix "value is a list [...]" error when lnd is not enabled (Ștefan D. Mihăilă)
700fdf6feb Add logdir and tor.privatekeypath to lnd.conf (Ștefan D. Mihăilă)
5a2517b926 Check for existing secrets and create them  more granularly (Ștefan D. Mihăilă)
d6f961db89 Reuse lnd seed (Ștefan D. Mihăilă)
9b0753135c Add LND support (Ștefan D. Mihăilă)
4acf5cd32c Remove unused nginx.csr file (Ștefan D. Mihăilă)
19b971f21f Rename nginx certificate files (Ștefan D. Mihăilă)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 9d029fd1af

Tree-SHA512: 58ee80bcab6c3a1c4642a5d40b94e10d28311557ae7c69539fee90d6f252a6afc70b8066cc7d7ddc0a45e2675978718a369b0341c518f8ce7590cbde1403eaeb
2019-08-31 15:21:38 +00:00
Jonas Nick
820abe213d
Update nixpkgs 2019-08-24 16:02:47 +00:00
Ștefan D. Mihăilă
9b0753135c
Add LND support 2019-08-20 23:54:47 +02:00
Jonas Nick
b9f51e3f70
Add liquid-swap tool 2019-08-07 14:51:15 +00:00
Jonas Nick
46aa88c71c
Merge branch 'update-liquid-2' 2019-08-06 09:32:37 +00:00
Jonas Nick
68d25f0c9f
Merge remote-tracking branch 'upstream-pull/101/head' 2019-08-05 07:50:58 +00:00