jacobpascual/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
513 Commits 1 Branch 0 Tags
199b9bf315c09f4ab3e0de2a599fdff7fa4ae2ab
Commit Graph

229 Commits

Author SHA1 Message Date
nixbitcoin
159f551b93 Remove bitcoin, clightning, electrs, liquid user home directory 2020-04-26 14:08:08 +02:00
nixbitcoin
742aef1e0f Only set dataDirReadableByGroup if cfg.high-memory is enabled 2020-04-24 16:21:12 +02:00
Erik Arvstedt
4dc6c3ba5d add option 'dataDirReadableByGroup' 
These settings are now more accessible for users that don't use
nix-bitcoin's default node config.
Additionally, remove 'other' permissions via umask.
 2020-04-16 15:55:34 +02:00
Erik Arvstedt
3e188238d0 only update bitcoin.conf when changed 2020-04-12 22:32:37 +02:00
Erik Arvstedt
08322eed9b use [[ test 2020-04-12 22:32:37 +02:00
Erik Arvstedt
201fc33782 move line to relevant code section (blocks dir setup) 2020-04-12 22:32:37 +02:00
Erik Arvstedt
1f8fe310d0 remove option 'configFileOption' 
It doesn't make sense for bitcoind users to completely redefine their
config file. Also, it's poorly named and the description is faulty.

This is a breaking change, but this option has probably no actual users.
 2020-04-12 22:32:37 +02:00
Erik Arvstedt
4e5c1d7551 disable redundant logfile 2020-04-12 22:32:37 +02:00
Erik Arvstedt
a05551fd1c improve config file formatting 2020-04-12 22:32:37 +02:00
Erik Arvstedt
5e81d60d63 improve formatting 2020-04-12 22:32:37 +02:00
Erik Arvstedt
d60a5aa4db define rpc.users submodule inline 
Improves readability.
 2020-04-12 22:32:37 +02:00
Erik Arvstedt
1a2271fb14 remove unused variable 'hexStr' 2020-04-12 22:32:36 +02:00
Erik Arvstedt
4e92b1c818 remove redundant hardening options 
These are already defined in nix-bitcoin-services.defaultHardening.
 2020-04-12 22:32:36 +02:00
Erik Arvstedt
47fd6cd0f3 simplify ExecStart 2020-04-12 22:32:36 +02:00
Erik Arvstedt
64fc63cc40 remove pidFile 
- service type "simple" is the default
- pidFile is not needed for service type "simple"
 2020-04-12 22:32:36 +02:00
Erik Arvstedt
bceaa361ca operator: allow reading systemd journal 2020-04-09 11:02:06 +02:00
Erik Arvstedt
145961c2de fix operator authorized keys setup 
This fixes these flaws in `copy-root-authorized-keys`:
- When `.vbox-nixops-client-key` is missing, operator's authorized_keys
  file is always appended to, growing the file indefinitely.
- Service is always added and not restricted to nixops-vbox deployments.
 2020-04-09 11:02:06 +02:00
Erik Arvstedt
37b2faf63c move systemPackages definitions to services 
These are generally useful and shouldn't be limited to secure-node.nix.

Also, only add the hardware-wallets group when hardware wallets are enabled.
 2020-04-08 17:35:14 +02:00
Erik Arvstedt
6c22e13b7f copy-root-authorized-keys: use inline script definition 2020-04-08 17:35:14 +02:00
Erik Arvstedt
63c6fe3213 fixup! use '' for multi-line string 2020-04-08 17:35:14 +02:00
Erik Arvstedt
ab617946a9 extract variable 'cfg' 2020-04-08 17:35:13 +02:00
Erik Arvstedt
36c84d8360 add option clightning.onionport 
Analogous to electrs.onionport
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
681dbaf328 move electrs.onionport option 
Only used in secure-node.nix
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
74fbfa3a5d use lib.optionals 2020-04-08 17:35:13 +02:00
Erik Arvstedt
ec6d33fbb6 rearrange code sections 
Move services to the top, operator account setup to the bottom.
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
e16ddc9c77 extract 'mkHiddenService' 
toPort equals port by default.
 2020-04-08 17:35:13 +02:00
Erik Arvstedt
89d3d58850 use mkIf 2020-04-08 17:35:13 +02:00
Erik Arvstedt
85e52a06cb improve grouping of suboptions 2020-04-08 17:35:12 +02:00
Erik Arvstedt
1a63f0ca6a remove option 'services.nix-bitcoin.enable' 
Users can enable the node config just by importing secure-node.nix
 2020-04-08 17:35:12 +02:00
Erik Arvstedt
0f8b2e91fd add nix-bitcoin.nix for backwards compatibility 2020-04-08 17:35:12 +02:00
Erik Arvstedt
28792f79dc rename nix-bitcoin.nix -> presets/secure-node.nix 2020-04-08 17:35:12 +02:00
Jonas Nick
9239268ab6 Merge #136: Change the nix-bitcoin deployment from forking this repo to importing the module 
b2e15c17b8 docs: Update to new deployment method (import instead of fork) (Jonas Nick)
5ed0284db9 Add fetch-release script (Jonas Nick)
c303cd47e4 Add push-release.sh helper (Jonas Nick)
705d187a35 examples/shell.nix: don't run shellHook on subsequent nix-shells (Erik Arvstedt)
65039be656 docs: Remove duplicate instructions (Jonas Nick)
455c5664c9 docs: Replace tabs with spaces (Jonas Nick)
8aa4714979 docs: Update NixOS version (Jonas Nick)
9df22a2764 add deploy-qemu-vm.sh example (Erik Arvstedt)
548ced1994 README: Add Example section (Jonas Nick)
44ccbb91d0 Clean up development shell.nix (Jonas Nick)
abcee651d3 add deploy-container.sh (Erik Arvstedt)
5dadea310c add deploy-nixops.sh (Erik Arvstedt)
0c74c365de mention performance loss with hardened kernel profile (Erik Arvstedt)
f3121892ef move main module import to configuration.nix (Erik Arvstedt)
0c0978c007 extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' (Erik Arvstedt)
87d0286498 Change the nix-bitcoin deployment from forking this repo to importing the module (Jonas Nick)

Pull request description:

Top commit has no ACKs.

Tree-SHA512: 18e8b71f42715c5e82e2dafde9dcc965594d76aacc6be7ee2ec746a9510065749cc65331687a57d7140f45779c3b7867f6260ec224d361fb5a477062a27d6e4c
 2020-04-08 15:03:08 +00:00
Erik Arvstedt
b07c77f4a4 secrets.nix: remove obsolete comment 2020-03-29 18:51:34 +02:00
Erik Arvstedt
0c0978c007 extract module 'deployment/nixops.nix', add option 'deployment.secretsDir' 2020-03-24 21:43:21 +00:00
Jonas Nick
106dcacb61 lnd: add package option 2020-03-09 08:22:00 +00:00
Erik Arvstedt
5596bcf4fb bitcoind: set default rpcuser 
We're already setting a default rpcpassword, so we should set an
accompanying rpcuser so that rpc clients like electrs work out of the box.
 2020-03-04 18:09:52 +01:00
Erik Arvstedt
c4cf323873 electrs: add option 'extraArgs' 
Electrs allows defining settings multiple times via cmdline args, but
not via config files.
So 'extraArgs' is the only way to implement overridable settings,
'extraOptions' wouldn't work.
 2020-03-04 18:09:52 +01:00
Erik Arvstedt
e731d71232 electrs: add option 'address' 2020-03-04 18:09:52 +01:00
Erik Arvstedt
0be67c325e electrs: use cfg.user, cfg.group 2020-03-04 18:09:51 +01:00
Erik Arvstedt
48be5a79fa electrs.enable: use mkEnableOption 2020-03-04 18:09:51 +01:00
Erik Arvstedt
b75b2a1626 electrs: improve description 2020-03-04 18:09:51 +01:00
Erik Arvstedt
fa3455d01f electrs: don't leak bitcoinrpc secret through process ARGV 
Supply secret via private config file instead.
 2020-03-04 18:09:51 +01:00
Erik Arvstedt
47481b2642 electrs: quote dataDir in shell cmd 2020-03-04 18:09:50 +01:00
Erik Arvstedt
8fb33d1099 electrs: use bitcoind.dataDir option 2020-03-04 18:09:50 +01:00
Erik Arvstedt
45ba1f1fb3 electrs: don't print timestamps to log 
Already provided by journald.
 2020-03-04 18:09:49 +01:00
Erik Arvstedt
88080a58bf electrs: wrap long lines in preStart 2020-03-04 18:09:49 +01:00
Erik Arvstedt
301bb91ae5 simplify setting high-memory options 2020-03-04 18:09:49 +01:00
Erik Arvstedt
93fd2329b8 electrs: make nginx TLS proxy optional 
Electrs users shouldn't be forced to run a TLS proxy.
 2020-03-04 18:09:48 +01:00
Erik Arvstedt
acde24ce43 electrs: move user/group definitions to bottom 
Consistent with other service defs.
 2020-03-04 18:09:48 +01:00
Erik Arvstedt
148327326b electrs: formatting 2020-03-04 18:09:48 +01:00