Merge #188: lnd: add option for configuring REST port

03a627a06f lnd: add option for configuring REST port (Martin Milata)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK 03a627a06f

Tree-SHA512: b184d5ee825382d1f104e17a091ff49fa170230e4e690323cdfd570a0c7f0bf11e57da84f39fda9169fcbead75f0c0597268f728665135e743fa7fee73a1b66c
This commit is contained in:
Jonas Nick 2020-06-07 14:40:13 +00:00
commit 94672e8f34
No known key found for this signature in database
GPG Key ID: 4861DBF262123605

View File

@ -14,6 +14,7 @@ let
tlskeypath=${secretsDir}/lnd-key tlskeypath=${secretsDir}/lnd-key
rpclisten=localhost:${toString cfg.rpcPort} rpclisten=localhost:${toString cfg.rpcPort}
restlisten=localhost:${toString cfg.restPort}
bitcoin.active=1 bitcoin.active=1
bitcoin.node=bitcoind bitcoin.node=bitcoind
@ -49,6 +50,11 @@ in {
default = 10009; default = 10009;
description = "Port on which to listen for gRPC connections."; description = "Port on which to listen for gRPC connections.";
}; };
restPort = mkOption {
type = types.port;
default = 8080;
description = "Port on which to listen for REST connections.";
};
extraConfig = mkOption { extraConfig = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
@ -104,11 +110,13 @@ in {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "10s"; RestartSec = "10s";
ReadWritePaths = "${cfg.dataDir}"; ReadWritePaths = "${cfg.dataDir}";
ExecStartPost = [ ExecStartPost = let
restPort = toString cfg.restPort;
in [
# Run fully privileged for secrets dir write access # Run fully privileged for secrets dir write access
"+${nix-bitcoin-services.script '' "+${nix-bitcoin-services.script ''
attempts=50 attempts=50
while ! { exec 3>/dev/tcp/127.0.0.1/8080 && exec 3>&-; } &>/dev/null; do while ! { exec 3>/dev/tcp/127.0.0.1/${restPort} && exec 3>&-; } &>/dev/null; do
((attempts-- == 0)) && { echo "lnd REST service unreachable"; exit 1; } ((attempts-- == 0)) && { echo "lnd REST service unreachable"; exit 1; }
sleep 0.1 sleep 0.1
done done
@ -119,7 +127,7 @@ in {
${pkgs.curl}/bin/curl -s \ ${pkgs.curl}/bin/curl -s \
--cacert ${secretsDir}/lnd-cert \ --cacert ${secretsDir}/lnd-cert \
-X GET https://127.0.0.1:8080/v1/genseed | ${pkgs.jq}/bin/jq -c '.cipher_seed_mnemonic' > "$mnemonic" -X GET https://127.0.0.1:${restPort}/v1/genseed | ${pkgs.jq}/bin/jq -c '.cipher_seed_mnemonic' > "$mnemonic"
fi fi
chown lnd: "$mnemonic" chown lnd: "$mnemonic"
chmod 400 "$mnemonic" chmod 400 "$mnemonic"
@ -134,7 +142,7 @@ in {
--cacert ${secretsDir}/lnd-cert \ --cacert ${secretsDir}/lnd-cert \
-X POST -d "{\"wallet_password\": \"$(cat ${secretsDir}/lnd-wallet-password | tr -d '\n' | base64 -w0)\", \ -X POST -d "{\"wallet_password\": \"$(cat ${secretsDir}/lnd-wallet-password | tr -d '\n' | base64 -w0)\", \
\"cipher_seed_mnemonic\": $(cat ${secretsDir}/lnd-seed-mnemonic | tr -d '\n')}" \ \"cipher_seed_mnemonic\": $(cat ${secretsDir}/lnd-seed-mnemonic | tr -d '\n')}" \
https://127.0.0.1:8080/v1/initwallet https://127.0.0.1:${restPort}/v1/initwallet
# Guarantees that RPC calls with cfg.cli succeed after the service is started # Guarantees that RPC calls with cfg.cli succeed after the service is started
echo Wait until wallet is created echo Wait until wallet is created
@ -149,7 +157,7 @@ in {
--cacert ${secretsDir}/lnd-cert \ --cacert ${secretsDir}/lnd-cert \
-X POST \ -X POST \
-d "{\"wallet_password\": \"$(cat ${secretsDir}/lnd-wallet-password | tr -d '\n' | base64 -w0)\"}" \ -d "{\"wallet_password\": \"$(cat ${secretsDir}/lnd-wallet-password | tr -d '\n' | base64 -w0)\"}" \
https://127.0.0.1:8080/v1/unlockwallet https://127.0.0.1:${restPort}/v1/unlockwallet
fi fi
# Wait until the RPC port is open # Wait until the RPC port is open