lnd-rest-onion-service.nix: move to lndconnect-onion.nix, add clightning support
Option `services.lnd.restOnionService.package` has been removed. There's not much use in overriding the [lndconnect pkg](https://github.com/LN-Zap/lndconnect).
This commit is contained in:
parent
acf5fe69ad
commit
e2fee4bf1a
@ -78,7 +78,7 @@ NixOS modules ([src](modules/modules.nix))
|
|||||||
* [Lightning Loop](https://github.com/lightninglabs/loop)
|
* [Lightning Loop](https://github.com/lightninglabs/loop)
|
||||||
* [Lightning Pool](https://github.com/lightninglabs/pool)
|
* [Lightning Pool](https://github.com/lightninglabs/pool)
|
||||||
* [charge-lnd](https://github.com/accumulator/charge-lnd): policy-based channel fee manager
|
* [charge-lnd](https://github.com/accumulator/charge-lnd): policy-based channel fee manager
|
||||||
* [lndconnect](https://github.com/LN-Zap/lndconnect) via a REST onion service
|
* [lndconnect](https://github.com/LN-Zap/lndconnect): connect your wallet to lnd or clightning via a REST onion service
|
||||||
* [Ride The Lightning](https://github.com/Ride-The-Lightning/RTL): web interface for `lnd` and `clightning`
|
* [Ride The Lightning](https://github.com/Ride-The-Lightning/RTL): web interface for `lnd` and `clightning`
|
||||||
* [spark-wallet](https://github.com/shesek/spark-wallet)
|
* [spark-wallet](https://github.com/shesek/spark-wallet)
|
||||||
* [electrs](https://github.com/romanz/electrs)
|
* [electrs](https://github.com/romanz/electrs)
|
||||||
|
@ -53,6 +53,17 @@
|
|||||||
# == Plugins
|
# == Plugins
|
||||||
# See ../README.md (Features → clightning) for the list of available plugins.
|
# See ../README.md (Features → clightning) for the list of available plugins.
|
||||||
# services.clightning.plugins.prometheus.enable = true;
|
# services.clightning.plugins.prometheus.enable = true;
|
||||||
|
#
|
||||||
|
# == REST server
|
||||||
|
# Set this to create a clightning REST onion service.
|
||||||
|
# This also adds binary `lndconnect-onion-clightning` to the system environment.
|
||||||
|
# This binary creates QR codes or URLs for connecting applications to clightning
|
||||||
|
# via the REST onion service (see ../docs/services.md).
|
||||||
|
#
|
||||||
|
# services.clightning-rest = {
|
||||||
|
# enable = true;
|
||||||
|
# lndconnectOnion.enable = true;
|
||||||
|
# };
|
||||||
|
|
||||||
### LND
|
### LND
|
||||||
# Set this to enable lnd, a lightning implementation written in Go.
|
# Set this to enable lnd, a lightning implementation written in Go.
|
||||||
@ -68,10 +79,10 @@
|
|||||||
# nix-bitcoin.onionServices.lnd.public = true;
|
# nix-bitcoin.onionServices.lnd.public = true;
|
||||||
#
|
#
|
||||||
# Set this to create an lnd REST onion service.
|
# Set this to create an lnd REST onion service.
|
||||||
# Adds binary `lndconnect-rest-onion` to the system environment.
|
# This also adds binary `lndconnect-onion` to the system environment.
|
||||||
# This binary generates QR codes or URIs for connecting applications to lnd via the
|
# This binary generates QR codes or URLs for connecting applications to lnd via the
|
||||||
# REST onion service.
|
# REST onion service (see ../docs/services.md).
|
||||||
# services.lnd.restOnionService.enable = true;
|
# services.lnd.lndconnectOnion.enable = true;
|
||||||
#
|
#
|
||||||
## WARNING
|
## WARNING
|
||||||
# If you use lnd, you should manually backup your wallet mnemonic
|
# If you use lnd, you should manually backup your wallet mnemonic
|
||||||
|
@ -1,54 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
options.services.lnd.restOnionService = {
|
|
||||||
enable = mkOption {
|
|
||||||
default = false;
|
|
||||||
type = types.bool;
|
|
||||||
description = ''
|
|
||||||
Create an onion service for the lnd REST service.
|
|
||||||
Add a `lndconnect-rest-onion` binary (https://github.com/LN-Zap/lndconnect) to the system environment.
|
|
||||||
This binary generates QR codes or URIs for connecting applications to lnd via the REST onion service.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
package = mkOption {
|
|
||||||
type = types.package;
|
|
||||||
default = config.nix-bitcoin.pkgs.lndconnect;
|
|
||||||
defaultText = "config.nix-bitcoin.pkgs.lndconnect";
|
|
||||||
description = "The package providing lndconnect binaries.";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
cfg = config.services.lnd.restOnionService;
|
|
||||||
nbLib = config.nix-bitcoin.lib;
|
|
||||||
runAsUser = config.nix-bitcoin.runAsUserCmd;
|
|
||||||
|
|
||||||
lnd = config.services.lnd;
|
|
||||||
|
|
||||||
bin = pkgs.writeScriptBin "lndconnect-rest-onion" ''
|
|
||||||
#!/usr/bin/env -S ${runAsUser} ${lnd.user} ${pkgs.bash}/bin/bash
|
|
||||||
|
|
||||||
exec ${cfg.package}/bin/lndconnect \
|
|
||||||
--host=$(cat ${config.nix-bitcoin.onionAddresses.dataDir}/lnd/lnd-rest) \
|
|
||||||
--port=${toString lnd.restPort} \
|
|
||||||
--lnddir=${lnd.dataDir} \
|
|
||||||
--tlscertpath=${lnd.certPath} "$@"
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
inherit options;
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
services.tor = {
|
|
||||||
enable = true;
|
|
||||||
relay.onionServices.lnd-rest = nbLib.mkOnionService {
|
|
||||||
target.addr = nbLib.address lnd.restAddress;
|
|
||||||
target.port = lnd.restPort;
|
|
||||||
port = lnd.restPort;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
nix-bitcoin.onionAddresses.access.lnd = [ "lnd-rest" ];
|
|
||||||
|
|
||||||
environment.systemPackages = [ bin ];
|
|
||||||
};
|
|
||||||
}
|
|
124
modules/lndconnect-onion.nix
Normal file
124
modules/lndconnect-onion.nix
Normal file
@ -0,0 +1,124 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
options = {
|
||||||
|
services.lnd.lndconnectOnion.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = ''
|
||||||
|
Create an onion service for the lnd REST server.
|
||||||
|
Add a `lndconnect-onion` binary to the system environment.
|
||||||
|
See: https://github.com/LN-Zap/lndconnect
|
||||||
|
|
||||||
|
Usage:
|
||||||
|
```
|
||||||
|
# Print QR code
|
||||||
|
lndconnect-onion
|
||||||
|
|
||||||
|
# Print URL
|
||||||
|
lndconnect-onion --url
|
||||||
|
```
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
services.clightning-rest.lndconnectOnion.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = ''
|
||||||
|
Create an onion service for clightning-rest.
|
||||||
|
Add a `lndconnect-onion-clightning` binary to the system environment.
|
||||||
|
See: https://github.com/LN-Zap/lndconnect
|
||||||
|
|
||||||
|
Usage:
|
||||||
|
```
|
||||||
|
# Print QR code
|
||||||
|
lndconnect-onion-clightning
|
||||||
|
|
||||||
|
# Print URL
|
||||||
|
lndconnect-onion-clightning --url
|
||||||
|
```
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
nbLib = config.nix-bitcoin.lib;
|
||||||
|
runAsUser = config.nix-bitcoin.runAsUserCmd;
|
||||||
|
|
||||||
|
inherit (config.services)
|
||||||
|
lnd
|
||||||
|
clightning
|
||||||
|
clightning-rest;
|
||||||
|
|
||||||
|
mkLndconnect = {
|
||||||
|
name,
|
||||||
|
shebang ? "#!${pkgs.stdenv.shell} -e",
|
||||||
|
onionService,
|
||||||
|
port,
|
||||||
|
certPath,
|
||||||
|
macaroonPath
|
||||||
|
}:
|
||||||
|
# TODO-EXTERNAL:
|
||||||
|
# lndconnect requires a --configfile argument, although it's unused
|
||||||
|
# https://github.com/LN-Zap/lndconnect/issues/25
|
||||||
|
pkgs.writeScriptBin name ''
|
||||||
|
${shebang}
|
||||||
|
exec ${config.nix-bitcoin.pkgs.lndconnect}/bin/lndconnect \
|
||||||
|
--host=$(cat ${config.nix-bitcoin.onionAddresses.dataDir}/${onionService}) \
|
||||||
|
--port=${toString port} \
|
||||||
|
--tlscertpath='${certPath}' \
|
||||||
|
--adminmacaroonpath='${macaroonPath}' \
|
||||||
|
--configfile=/dev/null "$@"
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
inherit options;
|
||||||
|
|
||||||
|
config = mkMerge [
|
||||||
|
(mkIf (lnd.enable && lnd.lndconnectOnion.enable) {
|
||||||
|
services.tor = {
|
||||||
|
enable = true;
|
||||||
|
relay.onionServices.lnd-rest = nbLib.mkOnionService {
|
||||||
|
target.addr = nbLib.address lnd.restAddress;
|
||||||
|
target.port = lnd.restPort;
|
||||||
|
port = lnd.restPort;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
nix-bitcoin.onionAddresses.access.${lnd.user} = [ "lnd-rest" ];
|
||||||
|
|
||||||
|
environment.systemPackages = [(
|
||||||
|
mkLndconnect {
|
||||||
|
name = "lndconnect-onion";
|
||||||
|
# Run as lnd user because the macaroon and cert are not group-readable
|
||||||
|
shebang = "#!/usr/bin/env -S ${runAsUser} ${lnd.user} ${pkgs.bash}/bin/bash";
|
||||||
|
onionService = "${lnd.user}/lnd-rest";
|
||||||
|
port = lnd.restPort;
|
||||||
|
certPath = lnd.certPath;
|
||||||
|
macaroonPath = "${lnd.networkDir}/admin.macaroon";
|
||||||
|
}
|
||||||
|
)];
|
||||||
|
})
|
||||||
|
|
||||||
|
(mkIf (clightning-rest.enable && clightning-rest.lndconnectOnion.enable) {
|
||||||
|
services.tor = {
|
||||||
|
enable = true;
|
||||||
|
relay.onionServices.clightning-rest = nbLib.mkOnionService {
|
||||||
|
target.addr = nbLib.address clightning-rest.address;
|
||||||
|
target.port = clightning-rest.port;
|
||||||
|
port = clightning-rest.port;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
# This also allows nodeinfo to show the clightning-rest onion address
|
||||||
|
nix-bitcoin.onionAddresses.access.operator = [ "clightning-rest" ];
|
||||||
|
|
||||||
|
environment.systemPackages = [(
|
||||||
|
mkLndconnect {
|
||||||
|
name = "lndconnect-onion-clightning";
|
||||||
|
onionService = "operator/clightning-rest";
|
||||||
|
port = clightning-rest.port;
|
||||||
|
certPath = "${clightning-rest.dataDir}/certs/certificate.pem";
|
||||||
|
macaroonPath = "${clightning-rest.dataDir}/certs/access.macaroon";
|
||||||
|
}
|
||||||
|
)];
|
||||||
|
})
|
||||||
|
];
|
||||||
|
}
|
@ -15,10 +15,10 @@
|
|||||||
./clightning-rest.nix
|
./clightning-rest.nix
|
||||||
./spark-wallet.nix
|
./spark-wallet.nix
|
||||||
./lnd.nix
|
./lnd.nix
|
||||||
./lnd-rest-onion-service.nix # Requires onion-addresses.nix
|
|
||||||
./lightning-loop.nix
|
./lightning-loop.nix
|
||||||
./lightning-pool.nix
|
./lightning-pool.nix
|
||||||
./charge-lnd.nix
|
./charge-lnd.nix
|
||||||
|
./lndconnect-onion.nix # Requires onion-addresses.nix
|
||||||
./rtl.nix
|
./rtl.nix
|
||||||
./electrs.nix
|
./electrs.nix
|
||||||
./liquid.nix
|
./liquid.nix
|
||||||
|
@ -33,6 +33,7 @@ in {
|
|||||||
(mkRenamedOptionModule [ "services" "liquidd" "rpcbind" ] [ "services" "liquidd" "rpc" "address" ])
|
(mkRenamedOptionModule [ "services" "liquidd" "rpcbind" ] [ "services" "liquidd" "rpc" "address" ])
|
||||||
# 0.0.70
|
# 0.0.70
|
||||||
(mkRenamedOptionModule [ "services" "rtl" "cl-rest" ] [ "services" "clightning-rest" ])
|
(mkRenamedOptionModule [ "services" "rtl" "cl-rest" ] [ "services" "clightning-rest" ])
|
||||||
|
(mkRenamedOptionModule [ "services" "lnd" "restOnionService" "enable" ] [ "services" "lnd" "lndconnectOnion" "enable" ])
|
||||||
|
|
||||||
(mkRenamedOptionModule [ "nix-bitcoin" "setup-secrets" ] [ "nix-bitcoin" "setupSecrets" ])
|
(mkRenamedOptionModule [ "nix-bitcoin" "setup-secrets" ] [ "nix-bitcoin" "setupSecrets" ])
|
||||||
|
|
||||||
|
@ -224,6 +224,13 @@ let
|
|||||||
The data dir migration happens automatically after deploying.
|
The data dir migration happens automatically after deploying.
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
version = "0.0.70";
|
||||||
|
condition = config.services.lnd.lndconnectOnion.enable;
|
||||||
|
message = ''
|
||||||
|
The `lndconnect-rest-onion` binary has been renamed to `lndconnect-onion`.
|
||||||
|
'';
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
mkOnionServiceChange = service: {
|
mkOnionServiceChange = service: {
|
||||||
|
@ -76,7 +76,8 @@ let
|
|||||||
tests.lnd = cfg.lnd.enable;
|
tests.lnd = cfg.lnd.enable;
|
||||||
services.lnd.port = 9736;
|
services.lnd.port = 9736;
|
||||||
|
|
||||||
tests.lnd-rest-onion-service = cfg.lnd.restOnionService.enable;
|
tests.lndconnect-onion-lnd = cfg.lnd.lndconnectOnion.enable;
|
||||||
|
tests.lndconnect-onion-clightning = cfg.clightning-rest.lndconnectOnion.enable;
|
||||||
|
|
||||||
tests.lightning-loop = cfg.lightning-loop.enable;
|
tests.lightning-loop = cfg.lightning-loop.enable;
|
||||||
|
|
||||||
@ -166,8 +167,9 @@ let
|
|||||||
services.rtl.enable = true;
|
services.rtl.enable = true;
|
||||||
services.spark-wallet.enable = true;
|
services.spark-wallet.enable = true;
|
||||||
services.clightning-rest.enable = true;
|
services.clightning-rest.enable = true;
|
||||||
|
services.clightning-rest.lndconnectOnion.enable = true;
|
||||||
services.lnd.enable = true;
|
services.lnd.enable = true;
|
||||||
services.lnd.restOnionService.enable = true;
|
services.lnd.lndconnectOnion.enable = true;
|
||||||
services.lightning-loop.enable = true;
|
services.lightning-loop.enable = true;
|
||||||
services.lightning-pool.enable = true;
|
services.lightning-pool.enable = true;
|
||||||
services.charge-lnd.enable = true;
|
services.charge-lnd.enable = true;
|
||||||
|
@ -148,9 +148,15 @@ def _():
|
|||||||
assert_matches("runuser -u operator -- lncli getinfo | jq", '"version"')
|
assert_matches("runuser -u operator -- lncli getinfo | jq", '"version"')
|
||||||
assert_no_failure("lnd")
|
assert_no_failure("lnd")
|
||||||
|
|
||||||
@test("lnd-rest-onion-service")
|
@test("lndconnect-onion-lnd")
|
||||||
def _():
|
def _():
|
||||||
assert_matches("runuser -u operator -- lndconnect-rest-onion -j", ".onion")
|
assert_running("lnd")
|
||||||
|
assert_matches("runuser -u operator -- lndconnect-onion --url", ".onion")
|
||||||
|
|
||||||
|
@test("lndconnect-onion-clightning")
|
||||||
|
def _():
|
||||||
|
assert_running("clightning-rest")
|
||||||
|
assert_matches("runuser -u operator -- lndconnect-onion-clightning --url", ".onion")
|
||||||
|
|
||||||
@test("lightning-loop")
|
@test("lightning-loop")
|
||||||
def _():
|
def _():
|
||||||
|
Loading…
Reference in New Issue
Block a user