Upstream lamassu-server doesn't support DATABASE_URL, so peer auth
via Unix socket isn't currently possible. Document the required
upstream changes and module updates for future implementation.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace password-based TCP auth with Unix socket peer authentication:
- Remove lamassu-db-password secret (no password needed)
- Remove lamassu-postgres-setup service entirely
- Use DATABASE_URL with Unix socket: postgresql://user@/db?host=/run/postgresql
- Remove POSTGRES_HOST, POSTGRES_PORT, POSTGRES_PASSWORD env vars
This follows the same pattern as btcpayserver and simplifies the module
significantly. Peer auth uses OS-level user authentication via Unix socket.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace hardcoded database password with nix-bitcoin secrets pattern:
- Add lamassu-db-password secret (readable by lamassu user and postgres)
- Generate random 20-char password using makePasswordSecret
- Read password at runtime in service wrapper scripts
- Update lamassu-postgres-setup to read password from secrets
- Update helper scripts to read password at runtime
The password is now automatically generated on first deploy and stored
in ${secretsDir}/lamassu-db-password.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The hostname is embedded in the pairing QR code and tells ATMs where to
connect. Added a TODO to consider auto-populating certificate.extraIPs
from hostname when it's an IP address.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Current state:
- Admin UI runs on port 443 (hardcoded in upstream)
- devMode and nginx options commented out (would conflict with port 443)
- adminPort option removed (not configurable in upstream)
Future implementation documented in docs/lamassu-future-nginx.md:
- Add --ui-port flag to upstream lamassu-server
- Re-enable devMode, adminPort, and nginx options
- Allow nginx as reverse proxy on 443 with admin UI on internal port
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The serverPort option was not being passed to lamassu-server,
so the port was always defaulting to 3000 regardless of config.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Clarify adminPort is only used in dev mode (port 8070)
- Production mode always uses port 443 (hardcoded upstream)
- Remove unused ADMIN_SERVER_PORT env var (not read by upstream)
- Fix status script to show correct port and use https
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace runtime SSL generation with nix-bitcoin secrets integration
- Add certificate.extraIPs and certificate.extraDomains options (same pattern as LND)
- Certificates auto-regenerate when SAN configuration changes
- Add certPath and keyPath read-only options
- Update nginx and services to use secrets from secretsDir
- Add nix-bitcoin-secrets.target dependency
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Neutrino doesn't have access to mempool data, so LND requires an
external fee estimation URL when running on mainnet. Add feeUrl
option with Lightning Labs endpoint as default.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When using neutrino backend with no getPublicAddressCmd, the bash
block was empty causing a syntax error. Use individual appends instead.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add option to use neutrino instead of bitcoind for fetching blockchain
data. This allows running LND as a lightweight client that connects to
remote Bitcoin full nodes via P2P protocol.
New options:
- services.lnd.backend: choose between "bitcoind" (default) or "neutrino"
- services.lnd.neutrino.addpeers: list of Bitcoin node peers to connect to
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update NixOS ISO version from 24.05 to 25.11
- Fix version mismatch between download and copy commands
- Update Nix installer to use current official method
- Fix deprecated permitRootLogin -> settings.PermitRootLogin
- Update download URL to nixos.org/download/
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
bitcoind 29.x is required for joinmarket.
nixos-25.05 is at 29.0, which is a regression from 29.1.
nixos-unstable is at 30.0, which is incompatible.
Adapted from nixpkgs `96ff46705a694219cefa5155ba52203d9d32e65e`, with
minor modifications to make it compatible with nixos 25.05.
6bc5747951 run-tests: fix `tmpDir` being deleted before it's used (Erik Arvstedt)
Pull request description:
ACKs for top commit:
jonasnick:
ACK 6bc5747951
Tree-SHA512: 7767634bc098faac5cfeb14d1800f24df89a1ea5d56fe894338ae2d2871c3293a8bafc62ee61b5cb7f9f658b02c2a52bc7f82b86f69d20d1dae86cc6bfe004b3
In `buildTests`, `nixInstantiate` is called in a subshell.
When `tmpDir` is unset before the call, the tmpdir is created in the
subshell and gets deleted before subshell exit (via `trap`).
But subsequent code accesses the tmpdir, which has now been deleted,
leading to an error.
This bug has been undetected for a long time because bash 5.2 has a
bug [1] where `trap` is not always executed, causing the tmpdir to never be deleted.
Bash 5.3 (introduced in NixOS 25.05) now works correctly and exposes the bug.
Fix it by creating the tmpdir before the subshell call.
[1] https://mail.gnu.org/archive/html/help-bash/2024-07/msg00007.html
