nix-bitcoin

Fork of https://github.com/fort-nix/nix-bitcoin

Go to file

Jonas Nick f9683889d9 Merge #312 : Refactorings, cleanups `0a2c8e4864` run-tests: add option --copy-src (Erik Arvstedt) `803584a288` backups: don't use hardcoded secrets dir (Erik Arvstedt) `c29d44b49a` ci: use 'cachix watch-exec' (Erik Arvstedt) `6a32812412` services: add names for systemd helper scripts (Erik Arvstedt) `6982699613` services: use consistent layout (Erik Arvstedt) `a43534dda0` services: improve config file setup (Erik Arvstedt) `18f2002cf0` joinmarket-yieldgenerator: improve systemd journal output (Erik Arvstedt) `9d0b8c8f6f` joinmarket-ob-watcher: use DynamicUser (Erik Arvstedt) `e9c98f415c` joinmarket: explain need for tor control socket (Erik Arvstedt) `d9c87b6a8f` joinmarket: fix wallet creation (Erik Arvstedt) `7458350108` treewide: remove deprecated types.loaOf (Erik Arvstedt) `9cf038939c` treewide: use mkEnableOption (Erik Arvstedt) `7a97304f13` treewide: remove unit descriptions (Erik Arvstedt) `a942177ecf` treewide: remove user descriptions (Erik Arvstedt) `4f6ff408ef` treewide: remove unneeded string literals (Erik Arvstedt) `e6a6c721c1` treewide: streamline 'extraConfig' descriptions (Erik Arvstedt) `e774c045de` treewide: fix formatting (Erik Arvstedt) `0b5b29a2a3` netns-isolation: simplify permission definition for netns-exec (Erik Arvstedt) `a587a2b02a` defaultHardening: explain where @system-service is defined (Erik Arvstedt) `bb3a69797e` README: minor improvements (Erik Arvstedt) `13fc9dfabf` examples: improve introductory comments (Erik Arvstedt) `af2040f4c4` netns-isolation: use 'true' for systemd option (Erik Arvstedt) `c246bbb36e` bitcoind, clightning, lnd: improve descriptions (Erik Arvstedt) `7533f12ef1` bitcoind, clightning, run-tests: minor refactoring (Erik Arvstedt) `41fe9b0c1d` elementsd: minor refactoring (Erik Arvstedt) `f0850d3f23` btcpayserver: reorder config settings (Erik Arvstedt) `d1c0ea9f85` btcpayserver: add missing systemd postgresql dependency (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACK `0a2c8e4864` Tree-SHA512: 5c81b36042fbb2f016c8e58ba9e05ef3389d5376b8df713d3258d2cd0b6a9239904531171aca8e49bea7039341d5fa91aa9474c6d98de849c25ede52deccc5a3		2021-02-08 20:32:03 +00:00
ci	ci: use 'cachix watch-exec'	2021-02-07 22:45:37 +01:00
docs	docs: add zeus usage instructions	2021-02-05 09:17:15 +01:00
examples	Merge #312 : Refactorings, cleanups	2021-02-08 20:32:03 +00:00
helper	Fetch from the nixpkgs repo instead of nixpkgs-channels	2020-12-06 21:42:20 +00:00
modules	backups: don't use hardcoded secrets dir	2021-02-07 22:45:38 +01:00
pkgs	Merge #312 : Refactorings, cleanups	2021-02-08 20:32:03 +00:00
test	Merge #312 : Refactorings, cleanups	2021-02-08 20:32:03 +00:00
.cirrus.yml	fix build-to-cachix	2021-01-30 11:38:47 +01:00
.gitignore	Fix typo in gitignore	2020-11-24 18:25:12 +01:00
LICENSE	Add license	2019-01-02 14:03:52 +00:00
README.md	README: minor improvements	2021-02-07 22:39:06 +01:00
default.nix	simplify overlay.nix	2020-01-09 10:43:29 +01:00
overlay.nix	simplify overlay.nix	2020-01-09 10:43:29 +01:00
shell.nix	Clean up development shell.nix	2020-03-30 10:49:15 +02:00

README.md

nix-bitcoin is a collection of Nix packages and NixOS modules for easily installing full-featured Bitcoin nodes with an emphasis on security.

Overview

A Bitcoin node verifies the Bitcoin protocol and provides ways of interacting with the Bitcoin network. nix-bitcoin nodes are used for a variety of purposes and can serve as personal or merchant wallets, second layer public infrastructure and as backends for Bitcoin applications. In all cases, the aim is to provide security and privacy by default. However, while nix-bitcoin is used in production today, it is still considered experimental.

A full installation of nix-bitcoin is usually deployed either on a dedicated (virtual) machine or runs in a container and is online 24/7. Alternatively, the Nix packages, NixOS modules and configurations can be used independently and combined freely.

nix-bitcoin is built on top of Nix and NixOS which provide powerful abstractions to keep it highly customizable and maintainable. Testament to this are nix-bitcoin's robust security features and its potent test framework. However, running nix-bitcoin does not require any previous experience with the Nix ecosystem.

Examples

See here for examples.

Features

A configuration preset for setting up a secure node

All applications use Tor for outbound connections and support accepting inbound connections via onion services.

NixOS modules

Application services
- bitcoind, with a default banlist against spy nodes
- clightning with support for announcing an onion service
  Available plugins:
  - clboss: automated C-Lightning Node Manager
  - helpme: walks you through setting up a fresh c-lightning node
  - monitor: helps you analyze the health of your peers and channels
  - prometheus: lightning node exporter for the prometheus timeseries server
  - rebalance: keeps your channels balanced
  - summary: print a nice summary of the node status
  - zmq: publishes notifications via ZeroMQ to configured endpoints
- lnd with support for announcing an onion service
  - lndconnect via a REST onion service
- spark-wallet
- electrs
- btcpayserver
- liquid
- Lightning Loop
- JoinMarket
  - JoinMarket Orderbook Watcher
- recurring-donations: for periodic lightning payments
- bitcoin-core-hwi
Helper
- netns-isolation: isolates applications on the network-level via network namespaces
- nodeinfo: script which prints info about the node's services
- backups: duplicity backups of all your node's important files
- operator: adds non-root user operator who has access to client tools (e.g. bitcoin-cli, lightning-cli)

Security

Simplicity: Only services you select in configuration.nix and their dependencies are installed, packages and dependencies are pinned, most packages are built from the NixOS stable channel, with a few exceptions that are built from the nixpkgs unstable channel, builds happen in a sandboxed environment, code is continuously reviewed and refined.
Integrity: Nix package manager, NixOS and packages can be built from source to reduce reliance on binary caches, nix-bitcoin merge commits are signed, all commits are approved by multiple nix-bitcoin developers, upstream packages are cryptographically verified where possible, we use this software ourselves.
Principle of Least Privilege: Services operate with least privileges; they each have their own user and are restricted further with systemd options, RPC whitelisting, and netns-isolation. There's a non-root user operator to interact with the various services.
Defense-in-depth: nix-bitcoin is built with a hardened kernel by default, services are confined through discretionary access control, Linux namespaces, dbus firewall and seccomp-bpf with continuous improvements.

Note that if the machine you're deploying from is insecure, there is nothing nix-bitcoin can do to protect itself.

Docs

Troubleshooting

If you are having problems with nix-bitcoin check the FAQ or submit an issue. There's also a #nix-bitcoin IRC channel on freenode. We are always happy to help.