podman compatibility

docs: first chain sync

See merge request lightning-signer/vls-container!32

.env

@@ -1,18 +1,21 @@
 # bitcoin version 26.0
 BITCOIN_VERSION=26.0
 BITCOIN_SHA256SUMS_HASH=63487c308a6655f939efd700bfca8e0285fa2f869283aaa7192bdd4b8799a747
-# core lightning version v24.02.2
+# core lightning version v24.05
 CORE_LIGHTNING_REPO=https://github.com/ElementsProject/lightning.git
-CORE_LIGHTNING_GIT_HASH=a2a136fe3ebef1d028d1e20ebf1f987b8c05bbf8
-# clboss version v0.13.0
-CLBOSS_REPO=https://github.com/ZmnSCPxj/clboss.git
-CLBOSS_GIT_HASH=0673c50e7374ea8f5cb7e302f72b7978c6bd1794
-# cln plugins
+CORE_LIGHTNING_GIT_HASH=11586abf79cad33727c03dfa810ae8bcdd3762bf
+# clboss version v0.14.0-rc1
+CLBOSS_REPO=https://github.com/vincenzopalazzo/clboss
+CLBOSS_GIT_HASH=37d493cdf8360c83621d20ac54543b045ae0ef21
+# cln plugins (2024-07-27)
 CLN_PLUGINS_REPO=https://github.com/lightningd/plugins.git
-CLN_PLUGINS_GIT_HASH=a525e6c42033a6270c81065a559301ceb2a761fa
-# txoo version 0.6.4
+CLN_PLUGINS_GIT_HASH=5e449468bd57db7d0f33178fe0dc867e0da94133
+# txoo version 0.8.1
 TXOO_REPO=https://gitlab.com/lightning-signer/txoo.git
-TXOO_GIT_HASH=6f0718e3f2b9406df5e3cd73306f473199141da0
-# vls version v0.11.0
+TXOO_GIT_HASH=d2f698c1434a91d5d53be4fd96ff01d3c5dfa22a
+# vls version v0.12.0
 VLS_REPO=https://gitlab.com/lightning-signer/validating-lightning-signer.git
-VLS_GIT_HASH=395b604964d5a0b4e9ee32c1b6e440dfbf4874f0
+VLS_GIT_HASH=c17067773b0bc57b27a6a0c7127c48867563e280
+# lss version v0.1.0
+LSS_REPO=https://gitlab.com/lightning-signer/validating-lightning-signer.git
+LSS_GIT_HASH=d2590ba34a388a016bb91307864e993fb3cc3d84

.gitlab-ci.yml

@@ -3,13 +3,13 @@ stages:
   - test
 
 default:
-  image: docker:24.0.7
+  image: docker:26.0.1
   services:
-    - docker:24.0.7-dind
+    - docker:26.0.1-dind
   before_script:
-  - docker version
-  - docker compose version
-  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker version
+    - docker compose version
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 
 variables:
   VLS_CONTAINER_REGISTRY: $CI_REGISTRY/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME
@@ -18,35 +18,36 @@ variables:
   IMAGE_TAG: $CI_COMMIT_SHA
 
 build_bitcoin:
-  tags: [ saas-linux-large-amd64 ]
+  tags: [saas-linux-large-amd64]
   stage: build
   script:
     - ./scripts/build_image_cache.sh bitcoind
 build_core_lightning:
-  tags: [ saas-linux-large-amd64 ]
+  tags: [saas-linux-large-amd64]
   stage: build
   script:
     - ./scripts/build_image_cache.sh lightningd
 build_txoo:
-  tags: [ saas-linux-medium-amd64 ]
+  tags: [saas-linux-medium-amd64]
   stage: build
   script:
     - ./scripts/build_image_cache.sh txood
-build_vls:
+build_lss:
   tags: [ saas-linux-large-amd64 ]
   stage: build
+  script:
+    - ./scripts/build_image_cache.sh lss
+build_vls:
+  tags: [saas-linux-large-amd64]
+  stage: build
   script:
     - ./scripts/build_image_cache.sh vlsd
 compose:
-  tags: [ saas-linux-medium-amd64 ]
+  tags: [saas-linux-medium-amd64]
   stage: test
   variables:
     BUILDER: compose_builder
   before_script:
-    - docker volume create bitcoin_data
-    - docker volume create lightning_data
-    - docker volume create txoo_data
-    - docker volume create vls_data
     - docker buildx create --name=$BUILDER --use
   script:
     - export IMAGE_TAG=${IMAGE_TAG}
@@ -55,3 +56,4 @@ compose:
     - ./scripts/build_from_cache.sh txood
     - ./scripts/build_from_cache.sh vlsd
     - docker compose --profile vls -f docker-compose.yml -f docker-compose.regtest.yml up -d --wait --wait-timeout 120 --build
+    - docker exec vlsd-regtest vls-cli --rpc-user rpcuser --rpc-password VLSsigner2 info | grep -q 101

README.md

@@ -9,26 +9,7 @@ Docker Engine is available on a variety of Linux distros, macOS, and Windows 10
 - [Ubuntu](https://docs.docker.com/engine/install/ubuntu/)
 - [Fedora](https://docs.docker.com/engine/install/fedora/)
 
-### Distro Packages
-
-Debian/Ubuntu:
-```
-sudo apt install docker.io docker-doc docker-compose containerd runc
-sudo systemctl enable --now docker
-```
-
-Fedora/RHEL:
-```
-sudo dnf install docker docker-compose containerd runc
-sudo systemctl enable --now docker
-```
-
-### Docker v1/v2 Compatibility
-
-- Currently available `docker-compose` packages in different linux distributions (debian, ubuntu, fedora, etc) are not up to date, they are still at version `1` which has been deprecated by `docker` with release of version `2`.
-- `docker-compose` version `2` is available through official docker repositories not the distribution ones.
-- Docker Compose files in this repository work with version 2 and are also __backward compatible__ with version 1.
-- If you are using the distribution installation the `docker compose` command used below has to be changed to `docker-compose` instead.
+**Note**: The compose files present within this repository make use of docker compose v2 the minimum supported version is `v2.26.0`.
 
 ## VLS standalone Setup
 
@@ -65,19 +46,28 @@ Required command arguments:
 
 For information on all possible arguments to `vlsd` see [documentation](https://gitlab.com/lightning-signer/validating-lightning-signer/-/blob/main/vls-proxy/src/config.rs?ref_type=heads).
 
+### Build Arguments
+
+For building the container its required to provide following build arguments:
+- `VLS_REPO` url for git repo to use for building binaries.
+- `VLS_GIT_HASH` commit sha/tag/branch to use from git repo.
+- `TXOO_PUBLIC_KEY` public key for trusted TXOO.
+
 ### Running container
 
 There is a `docker-compose.yml` in the `vlsd` folder which can be used to run a standalone `vlsd` service with `network_mode` set to host.
 
 ```bash
 cd vlsd
+export VLS_REPO=$VLS_REPO
 export VLS_GIT_HASH=$VLS_GIT_HASH
+export TXOO_PUBLIC_KEY=$TXOO_PUBLIC_KEY
 docker compose up
 ```
 
-**_Note_**: Make sure to set `BITCOIND_RPC_URL`, `VLS_GIT_HASH` and `CLN_RMEOTE_HSMD_URL` as either environment variables or in the `docker-compose.yml` file before running the above command. You can take `VLS_GIT_HASH` from [.env](./.env) or from the main [repo](https://gitlab.com/lightning-signer/validating-lightning-signer)
+**_Note_**: Make sure to set `BITCOIND_RPC_URL` and `CLN_REMOTE_HSMD_URL` as either environment variables or in the `docker-compose.yml` file before running the above command.
 
-If you wish to run it as a standalone container without using `docker-compose` you can use the following command:
+If you wish to run it as a standalone container without using `docker compose` you can use the following command:
 
 ```bash
 docker run \
@@ -86,6 +76,8 @@ docker run \
   --name vlsd \
   --network host \
   --build_arg VLS_GIT_HASH=$VLS_GIT_HASH
+  --build_arg VLS_REPO=$VLS_REPO
+  --build_arg TXOO_PUBLIC_KEY=$TXOO_PUBLIC_KEY
   -e VLS_NETWORK=testnet \
   -e BITCOIND_RPC_URL=$BITCOIND_RPC_URL \
   --mount 'type=volume,src=vls_data,dst=/home/vls/.lightning-signer' \
@@ -143,6 +135,31 @@ docker compose -f docker-compose.yml -f $DOCKER_COMPOSE_OVERRIDE up --build
 
 Above command will run `bitcoind`, `lightningd` and `txood` services on a single node.
 
+### First Time Chain Sync
+
+It's quite possible that while syncing for the first time `bitcoind` would be unresponsive to rpc calls made by `core-lightning`, `vls`, etc. To remedy such scenario where other containers would fail to start we can instead start with just `bitcoind` and `txood`
+```bash
+docker compose --profile vls stop
+docker compose -f docker-compose.yml -f docker-compose.testnet.yml up bitcoin-core txoo -d
+```
+
+Let the chain sync you can check its progress using `bitcoin-cli` or by checking status of docker container's health
+```bash
+docker container exec bitcoind-test bitcoin-cli getblockchaininfo
+docker ps
+```
+
+Also, given there is a dependency of `core-lightning` on `txoo` it is a good idea to wait sometime so that all attestations are available for it to retrieve and `txoo` is healthy. `txoo` container health can be checked using `docker`
+```bash
+docker ps
+```
+
+After the chain sync has completed we can stop the containers and restart the whole system again
+```bash
+docker compose --profile vls stop
+docker compose --profile vls -f docker-compose.yml -f docker-compose.testnet.yml up -d
+```
+
 ## Interacting with Containers
 
 We can use the `docker container exec <CONTAINER_NAME> <COMMAND>` command to interact with containers and interact with setup using command line tools like `bitcoin-cli`, `lightning-cli`, `vls-cli`, etc.
@@ -189,7 +206,7 @@ docker ps
 Getting logs from container
 ```bash
 # CONTAINER_NAME=lightningd-test
-docker container logs $CONTAINER_NAME
+docker container logs $CONTAINER_NAME > $CONTAINER_NAME.log
 ```
 
 Restarting containers
@@ -200,19 +217,34 @@ docker compose --profile vls stop
 docker compose --profile vls up
 ```
 
+Generating Backtrace from CLN core dump
+```bash
+# attach to the lightningd container
+docker container exec -u root -it lightningd-test sh
+
+# install gdb
+apk add gdb
+gdb /usr/libexec/c-lightning/plugins/pay /home/lightning/.lightning/testnet/core
+
+# get backtrace
+bt
+```
+
 Delete containers
 ```bash
 cd vls-container
 docker compose --profile vls down
 ```
 
+**NOTE**: If you want to start fresh make sure to delete the created docker volumes as well.
+
 ## Choosing Versions
 
 The currently set default versions for services is as follows in the [.env](.env) file:
 - **Bitcoin Core**: v26.0
-- **Core Lightning**: v24.02
-- **TXOO**: v0.6.4
-- **VLS**: v0.11.0
+- **Core Lightning**: v24.02.2
+- **TXOO**: v0.8.1
+- **VLS**: v0.12.0
 
 You just can switch to a particular version/commit for a service by updating the git hash and then rebuilding the service:
 ```bash
@@ -236,7 +268,7 @@ Note: For `bitcoind` its also important to update the `BITCOIN_SHA256SUMS_HASH`.
 - [x] Profile configuration to run `vls`
 - [x] Healthcheck for `txoo`
 - [x] Healthcheck for `vls`
-- [ ] Lightning Storage Server Dockerfile and Compose Service
+- [x] Lightning Storage Server Dockerfile and Compose Service
 - [ ] Postgres Service for Lightning Storage Server
 
 ## References

bitcoind/Dockerfile

@@ -103,7 +103,8 @@ RUN apk --no-cache add \
   boost-thread \
   sqlite-dev \
   libevent \
-  libzmq
+  libzmq \
+  tini
 
 ARG BITCOIN_VERSION
 ARG BITCOIN_PREFIX=/opt/bitcoin-${BITCOIN_VERSION}
@@ -129,7 +130,7 @@ VOLUME ["${BITCOIN_DATA}"]
 
 USER bitcoin
 
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
 
 RUN bitcoind -version | grep "Bitcoin Core version v${BITCOIN_VERSION}"
 

docker-compose.regtest.yml

@@ -31,6 +31,8 @@ services:
 
   txoo:
     container_name: txood-regtest
+    command:
+      - --no-checkpoint
     volumes:
       - txoo_regtest:/root/.txoo/
       - bitcoin_regtest:/root/.bitcoin/
@@ -38,6 +40,15 @@ services:
       - BITCOIN_NETWORK=regtest
       - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
 
+  txoo-server:
+    container_name: txoo-server-regtest
+    volumes:
+      - type: volume
+        source: txoo_regtest
+        target: /usr/share/nginx/html
+        volume:
+          subpath: regtest/public
+
   vls:
     container_name: vlsd-regtest
     volumes:
@@ -46,8 +57,14 @@ services:
       - VLS_NETWORK=regtest
       - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
 
+  lss:
+    container_name: lss-regtest
+    volumes:
+      - lss_regtest:/home/lss/.lss
+
 volumes:
   bitcoin_regtest:
   lightning_regtest:
   txoo_regtest:
   vls_regtest:
+  lss_regtest:

docker-compose.yml

@@ -4,8 +4,8 @@ services:
     build:
       context: ./bitcoind
       args:
-        - BITCOIN_VERSION
-        - BITCOIN_SHA256SUMS_HASH
+        - BITCOIN_VERSION=$BITCOIN_VERSION
+        - BITCOIN_SHA256SUMS_HASH=$BITCOIN_SHA256SUMS_HASH
     image: bitcoind:${IMAGE_TAG:-latest}
     container_name: bitcoind-test
     volumes:
@@ -23,14 +23,14 @@ services:
     build:
       context: ./lightningd
       args:
-        - CORE_LIGHTNING_REPO
-        - CORE_LIGHTNING_GIT_HASH
-        - CLBOSS_REPO
-        - CLBOSS_GIT_HASH
-        - CLN_PLUGINS_REPO
-        - CLN_PLUGINS_GIT_HASH
-        - VLS_REPO
-        - VLS_GIT_HASH
+        - CORE_LIGHTNING_REPO=$CORE_LIGHTNING_REPO
+        - CORE_LIGHTNING_GIT_HASH=$CORE_LIGHTNING_GIT_HASH
+        - CLBOSS_REPO=$CLBOSS_REPO
+        - CLBOSS_GIT_HASH=$CLBOSS_GIT_HASH
+        - CLN_PLUGINS_REPO=$CLN_PLUGINS_REPO
+        - CLN_PLUGINS_GIT_HASH=$CLN_PLUGINS_GIT_HASH
+        - VLS_REPO=$VLS_REPO
+        - VLS_GIT_HASH=$VLS_GIT_HASH
     image: lightningd:${IMAGE_TAG:-latest}
     container_name: lightningd-test
     command:
@@ -43,13 +43,20 @@ services:
     expose:
       - 19735
       - 7701
+    ports:
+      - 3010:3010
     networks:
       - lightning
     depends_on:
       bitcoin-core:
         condition: service_healthy
+      txoo-server:
+        condition: service_started
+      txoo:
+        condition: service_healthy
     environment:
       - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
+      - TXOO_SOURCE_URL=http://txoo-server:80
       - RUST_LOG=info
       - VLS_NETWORK=testnet
       - VLS_BIND=0.0.0.0
@@ -59,8 +66,8 @@ services:
     build:
       context: ./txood
       args:
-        - TXOO_REPO
-        - TXOO_GIT_HASH
+        - TXOO_REPO=$TXOO_REPO
+        - TXOO_GIT_HASH=$TXOO_GIT_HASH
     image: txood:${IMAGE_TAG:-latest}
     container_name: txood-test
     restart: unless-stopped
@@ -76,24 +83,77 @@ services:
       - BITCOIN_NETWORK=testnet
       - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
 
+  txoo-server:
+    image: nginx:1.27-alpine3.20
+    container_name: txoo-server-test
+    networks:
+      - lightning
+    depends_on:
+      txoo:
+        condition: service_started
+    volumes:
+      - type: volume
+        source: txoo_data
+        target: /usr/share/nginx/html
+        volume:
+          subpath: testnet/public
+    ports:
+      - "8080:80"
+
+  lss:
+    build:
+      context: ./lss
+      args:
+        - LSS_REPO=$LSS_REPO
+        - LSS_GIT_HASH=$LSS_GIT_HASH
+    image: lss:${IMAGE_TAG:-latest}
+    container_name: lss-test
+    ports:
+      - 55551:55551
+    expose:
+      - 55551
+    profiles:
+      - lss
+    networks:
+      - lightning
+    volumes:
+      - lss_data:/home/lss/.lss
+    environment:
+      - LSS_DATABASE=${LSS_DATABASE:-sled}
+      - PG_HOST=$PG_HOST
+      - PG_USER=$PG_USER
+      - PG_PASS=$PG_PASS
+      - PG_DB=$PG_DB
+
   vls:
     build:
       context: ./vlsd
       args:
-        - VLS_REPO
-        - VLS_GIT_HASH
+        - VLS_REPO=$VLS_REPO
+        - VLS_GIT_HASH=$VLS_GIT_HASH
+        - TXOO_PUBLIC_KEY=$TXOO_PUBLIC_KEY
     image: vlsd:${IMAGE_TAG:-latest}
     container_name: vlsd-test
     profiles:
       - vls
     command:
-      - --log-level=info
-      - --connect=http://core-lightning:7701
+      --log-level=info
+      --connect=http://core-lightning:7701
+      ${LSS_REMOTE_URL:+--lss=$LSS_REMOTE_URL}
     networks:
       - lightning
     volumes:
       - vls_data:/home/vls/.lightning-signer
+    depends_on:
+      txoo-server:
+        condition: service_started
+      lss:
+        condition: service_started
+        required: false
+      txoo:
+        condition: service_healthy
     environment:
+      - LSS_REMOTE_URL
       - VLS_NETWORK=testnet
       - VLS_PERMISSIVE=1
       - RUST_LOG=info
@@ -109,6 +169,9 @@ volumes:
   txoo_data:
     name: txoo_data
     external: true
+  lss_data:
+    name: lss_data
+    external: true
   vls_data:
     name: vls_data
     external: true

lightningd/Dockerfile

@@ -15,6 +15,7 @@ RUN apk update && \
       gettext \
       git \
       gmp-dev \
+      jq \
       libsodium \
       libtool \
       net-tools \
@@ -26,7 +27,8 @@ RUN apk update && \
       sqlite-dev \
       sqlite-static \
       zlib-dev \
-      zlib-static
+      zlib-static \
+      linux-headers
 
 RUN pip3 install grpcio-tools
 
@@ -43,7 +45,13 @@ ARG CLN_PLUGINS_GIT_HASH \
     CLN_PLUGINS_REPO
 RUN git clone $CLN_PLUGINS_REPO
 RUN cd plugins && \
-    git checkout $CLN_PLUGINS_GIT_HASH
+    git checkout $CLN_PLUGINS_GIT_HASH && \
+    git submodule update --init --recursive
+
+# Build summars plugin
+RUN cd plugins/summars && \
+    cargo install --locked --path . --bin summars --profile release --root /usr/local/ && \
+    cargo clean
 
 FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as clboss_builder
 
@@ -113,7 +121,10 @@ RUN apk update && \
       bind-tools \
       libev-dev \
       curl-dev \
-      sqlite-dev
+      sqlite-dev \
+      tini \
+      python3-dev \
+      libffi-dev
 
 ARG LIGHTNINGD_UID=101 \
     LIGHTNINGD_USER=lightning
@@ -130,12 +141,14 @@ COPY --from=builder /usr/libexec/c-lightning /usr/libexec/c-lightning
 COPY --from=builder /usr/share/man/man8 /usr/share/man/man8
 COPY --from=builder /usr/share/doc/c-lightning /usr/share/doc/c-lightning
 COPY --from=clboss_builder /usr/bin/clboss /usr/bin/clboss
-COPY --from=builder /build/plugins/archived/summary /usr/local/src/plugins/summary
+COPY --from=builder /build/plugins/monitor/monitor.py /usr/local/src/plugins/monitor.py
+COPY --from=builder /usr/local/bin/summars /usr/local/src/plugins/summars
 COPY --from=vls_builder /usr/local/bin/remote_hsmd_socket /usr/libexec/c-lightning/remote_hsmd_socket
+COPY --from=builder /build/core-lightning/plugins/clnrest/requirements.txt /usr/local/src/plugins/clnrest_requirements.txt
 
-RUN addgroup -S lightning && adduser -S lightning -G lightning && \
+RUN addgroup -S ${LIGHTNINGD_USER} && adduser -S ${LIGHTNINGD_USER} -G ${LIGHTNINGD_USER} && \
     mkdir -p ${LIGHTNINGD_DATA} && \
-    chown -R lightning:lightning ${LIGHTNINGD_DATA}
+    chown -R ${LIGHTNINGD_USER}:${LIGHTNINGD_USER} ${LIGHTNINGD_DATA}
 
 COPY bitcoin.conf ${BITCOIND_HOME}/bitcoin.conf
 
@@ -148,21 +161,23 @@ RUN chmod +x /healthcheck.sh
 VOLUME ["${LIGHTNINGD_DATA}"]
 
 RUN mkdir -p ${BITCOIND_HOME} && \
-    chown -R lightning:lightning ${BITCOIND_HOME}
+    chown -R ${LIGHTNINGD_USER}:${LIGHTNINGD_USER} ${BITCOIND_HOME}
 
 COPY bitcoin.conf ${BITCOIND_HOME}/bitcoin.conf
 COPY testnet-config /testnet-config
 COPY regtest-config /regtest-config
 
-USER lightning
+USER ${LIGHTNINGD_USER}
 
 RUN pip3 install \
       pyln-client \
       requests \
       packaging
 
+RUN pip3 install -r /usr/local/src/plugins/clnrest_requirements.txt
+
 HEALTHCHECK --interval=5s --timeout=10s --start-period=5s \
     CMD ["/healthcheck.sh"]
 
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
 CMD ["lightningd"]

lightningd/entrypoint.sh

@@ -4,6 +4,7 @@ set -e
 cp -u /testnet-config ${LIGHTNINGD_DATA}/testnet-config
 cp -u /regtest-config ${LIGHTNINGD_DATA}/regtest-config
 
+# this is kept for backward compatibility purposes
 export GREENLIGHT_VERSION=$(lightningd --version)
 export VLS_CLN_VERSION=$(lightningd --version)
 

lightningd/healthcheck.sh

@@ -2,4 +2,4 @@
 
 set -ex
 
-lightning-cli --network $VLS_NETWORK summary
+lightning-cli --network $VLS_NETWORK getinfo

lightningd/regtest-config

@@ -3,10 +3,11 @@ bitcoin-rpcuser=rpcuser
 bitcoin-rpcpassword=VLSsigner1
 bitcoin-rpcport=38332
 log-level=info
-max-locktime-blocks=288
 important-plugin=/usr/bin/clboss
 clboss-auto-close=true
 bind-addr=0.0.0.0:19846
-plugin=/usr/local/src/plugins/summary/summary.py
+plugin=/usr/local/src/plugins/summars
+plugin=/usr/local/src/plugins/monitor.py
 subdaemon=hsmd:remote_hsmd_socket
 experimental-anchors
+clnrest-port=3010

lightningd/testnet-config

@@ -3,10 +3,11 @@ bitcoin-rpcuser=rpcuser
 bitcoin-rpcpassword=VLSsigner1
 bitcoin-rpcport=18332
 log-level=info
-max-locktime-blocks=288
 important-plugin=/usr/bin/clboss
 clboss-auto-close=true
 bind-addr=0.0.0.0:19735
-plugin=/usr/local/src/plugins/summary/summary.py
+plugin=/usr/local/src/plugins/summars
+plugin=/usr/local/src/plugins/monitor.py
 subdaemon=hsmd:remote_hsmd_socket
 experimental-anchors
+clnrest-port=3010

lss/Dockerfile

@@ -0,0 +1,62 @@
+# build lss
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as builder
+
+WORKDIR /build
+
+RUN apk update && \
+    apk add \
+    build-base \
+    cargo \
+    git \
+    grpc \
+    protobuf \
+    protobuf-dev \
+    rust
+
+ARG LSS_GIT_HASH \
+    LSS_REPO 
+RUN echo "building lss from hash: $LSS_GIT_HASH"
+RUN git clone $LSS_REPO lss
+
+RUN cd lss && \
+    git checkout $LSS_GIT_HASH && \
+    cargo install --locked --path ./lightning-storage-server --bin lssd --profile release --root /usr/local/ && \
+    cargo clean
+
+# lss runner
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
+
+ARG LSS_DATA=/root/.lssd
+
+RUN apk update && \
+  apk add \
+  build-base \
+  curl-dev \
+  protobuf \
+  bind-tools \
+  tini
+
+COPY --from=builder /usr/local/bin/lssd /usr/local/bin/lssd
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+VOLUME ["${LSS_DATA}"]
+
+
+
+# Environment variables with default fallbacks
+ENV LSS_PORT=${LSS_PORT:-55551}
+ENV LSS_INTERFACE=${LSS_INTERFACE:-0.0.0.0}
+ENV LSS_CLEARDB=${LSS_CLEARDB:-false}
+ENV LSS_DATADIR=${LSS_DATADIR:-datadir}
+ENV LSS_DATABASE=${LSS_DATABASE:-sled}
+ENV PG_HOST=${PG_HOST:-}
+ENV PG_USER=${PG_USER:-dev}
+ENV PG_PASSWORD=${PG_PASSWORD:-}
+ENV PG_DB=${PG_DB:-dev}
+
+# Expose LSS port
+EXPOSE ${LSS_PORT}
+
+# Run lssd with the build arguments passed at runtime
+ENTRYPOINT ["/entrypoint.sh"]

lss/README.md

@@ -0,0 +1,24 @@
+# LSS Setup
+
+## Building the docker image
+
+### Ubuntu/Linux
+```bash
+sudo docker build \
+  --build-arg LSS_REPO=https://gitlab.com/lightning-signer/validating-lightning-signer.git \
+  --build-arg LSS_GIT_HASH=d2590ba34a388a016bb91307864e993fb3cc3d84 \
+  -t lss .
+```
+
+### Windows
+```bash
+docker build --build-arg LSS_REPO=https://gitlab.com/lightning-signer/validating-lightning-signer.git --build-arg LSS_GIT_HASH=d2590ba34a388a016bb91307864e993fb3cc3d84 -t lss .
+```
+
+## Running the container
+```bash
+docker compose --profile lss -f docker-compose.yml up lss
+```
+
+## Postgres Setup
+To use LSS with postgres, change the environment variable LSS_DATABASE to postgres, you also need to supply the arguments PG_HOST, PG_USER, PG_PASS, PG_DB to a real postgres database

lss/docker-compose.yml

@@ -0,0 +1,58 @@
+version: "3.8"
+services:
+  lss:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      args:
+        - LSS_REPO
+        - LSS_GIT_HASH
+    image: lss:${IMAGE_TAG:-latest}
+    container_name: lss-test
+    ports:
+      - 55551:55551
+    expose:
+      - 55551
+    networks:
+      - lightning
+    volumes:
+      - lss_data:/home/lss/.lss
+    environment:
+      - LSS_DATABASE=${LSS_DATABASE:-sled}
+      - PG_HOST
+      - PG_USER
+      - PG_PASS
+      - PG_DB
+  vls:
+    build:
+      context: ../vlsd
+      dockerfile: Dockerfile
+      args:
+        - VLS_GIT_HASH
+    image: vlsd
+    container_name: vlsd-standalone
+    command: 
+      --connect=http://core-lightning:7701
+      --lss=http://lss:55551
+    networks:
+      - lightning
+    volumes:
+      - vls_data:/home/vls/.lightning-signer
+    environment:
+      - BITCOIND_RPC_URL=$BITCOIND_RPC_URL
+      - VLS_NETWORK=testnet
+    depends_on:
+      lss:
+        condition: service_healthy
+        required: false
+
+networks:
+  lightning:
+
+volumes:
+  vls_data:
+    name: vls_data
+    external: true
+  lss_data:
+    name: lss_data
+    external: true

lss/entrypoint.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+/usr/local/bin/lssd --port "$LSS_PORT" --interface "$LSS_INTERFACE" --database "$LSS_DATABASE"

scripts/cleanup_regtest.sh

@@ -7,3 +7,4 @@ docker volume rm vls-container_bitcoin_regtest
 docker volume rm vls-container_lightning_regtest
 docker volume rm vls-container_vls_regtest
 docker volume rm vls-container_txoo_regtest
+docker volume ls | grep -q "vls-container_lss_regtest" && docker volume rm vls-container_lss_regtest

txood/Dockerfile

@@ -1,5 +1,5 @@
 # build txoo
-FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as builder
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.20 as builder
 
 WORKDIR /build
 
@@ -18,7 +18,7 @@ RUN cd txoo && \
     cargo clean
 
 # txoo runner
-FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.20 as runner
 
 LABEL maintainer.0="Lakshya Singh (@king-11)" \
   maintainer.1="Dev Random (@devrandom01)"
@@ -32,7 +32,8 @@ RUN apk update && \
       libev-dev \
       curl-dev \
       curl \
-      jq
+      jq \
+      tini
 
 COPY --from=builder /usr/local/bin/txood /usr/bin/txood
 
@@ -47,5 +48,5 @@ VOLUME ["${TXOO_DATA}"]
 HEALTHCHECK --interval=5s --timeout=10s --start-period=5s \
     CMD ["/healthcheck.sh"]
 
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
 CMD ["txood"]

vlsd/Dockerfile

@@ -24,21 +24,27 @@ RUN cd vls && \
 
 FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
 
-ARG UID=100
-ARG GID=101
+ARG VLSD_UID=100 \
+    VLSD_GID=101 \
+    VLSD_USER=vls
+ARG VLSD_HOME=/home/${VLSD_USER}
+ARG TXOO_PUBLIC_KEY
+ENV TXOO_PUBLIC_KEY=${TXOO_PUBLIC_KEY}
 
 LABEL maintainer.0="Lakshya Singh (@king-11)" \
   maintainer.1="Dev Random (@devrandom01)"
 
-RUN addgroup vls --gid ${GID} --system
-RUN adduser --uid ${UID} --system vls --ingroup vls
+RUN addgroup ${VLSD_USER} --gid ${VLSD_GID} --system
+RUN adduser --uid ${VLSD_UID} --system ${VLSD_USER} --ingroup ${VLSD_USER}
 
 RUN apk update && \
   apk add \
   build-base \
   curl-dev \
+  curl \
   protobuf \
-  bind-tools
+  bind-tools \
+  tini
 
 COPY --from=builder /usr/local/bin/vlsd2 /usr/local/bin/vlsd2
 COPY --from=builder /usr/local/bin/vls-cli /usr/local/bin/vls-cli
@@ -51,21 +57,23 @@ RUN chmod +x /healthcheck.sh
 
 COPY vlsd2.toml /vlsd2.toml
 
-ENV VLS_DATA=/home/vls/.lightning-signer
-RUN mkdir ${VLS_DATA}
-RUN chown vls:vls ${VLS_DATA}
+ENV VLSD_DATA=/home/vls/.lightning-signer
+RUN mkdir -p ${VLSD_DATA} && \
+    chown ${VLSD_USER}:${VLSD_USER} ${VLSD_DATA}
 
-ENV REMOTE_SIGNER_ALLOWLIST=${VLS_DATA}/ALLOWLIST
+RUN mkdir -p ${VLSD_HOME}/.txoo
+
+ENV REMOTE_SIGNER_ALLOWLIST=${VLSD_DATA}/ALLOWLIST
 RUN touch ${REMOTE_SIGNER_ALLOWLIST}
 
-VOLUME ["${VLS_DATA}"]
+VOLUME ["${VLSD_DATA}"]
 
-USER vls
+USER ${VLSD_USER}
 
 HEALTHCHECK --interval=10s --timeout=10s --start-period=10s \
     CMD ["/healthcheck.sh"]
 
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
 
 RUN vlsd2 --git-desc
 

vlsd/docker-compose.yml

@@ -5,7 +5,9 @@ services:
       context: .
       dockerfile: Dockerfile
       args:
+        - VLS_REPO
         - VLS_GIT_HASH
+        - TXOO_PUBLIC_KEY
     image: vlsd
     container_name: vlsd-standalone
     command:

vlsd/entrypoint.sh

@@ -1,8 +1,12 @@
 #!/bin/sh
 set -e
 
-cp /vlsd2.toml $VLS_DATA/
-sed -i "1s/^/network = \"$VLS_NETWORK\"\n/" $VLS_DATA/vlsd2.toml
+cp /vlsd2.toml $VLSD_DATA/
+sed -i "1s/^/network = \"$VLS_NETWORK\"\n/" $VLSD_DATA/vlsd2.toml
+
+TXOO_PUBLIC_KEY=${TXOO_PUBLIC_KEY:=$(curl -s --retry 5 --retry-all-errors --fail http://txoo-server:80/config | grep public_key | cut -d ' ' -f 2)}
+
+test -n "$TXOO_PUBLIC_KEY" || (echo "TXOO_PUBLIC_KEY build arg not set" && false)
 
 if [ $(echo "$1" | cut -c1) = "-" ]; then
   echo "$0: assuming arguments for vlsd2"
@@ -11,9 +15,10 @@ if [ $(echo "$1" | cut -c1) = "-" ]; then
 fi
 
 if [ $(echo "$1" | cut -c1) = "-" ] || [ "$1" = "vlsd2" ]; then
-  echo "$0: setting config to $VLS_DATA/vlsd2.toml"
+  echo "$0: setting config to $VLSD_DATA/vlsd2.toml"
 
-  set -- "$@" --config=$VLS_DATA/vlsd2.toml
+  echo "$0: using $TXOO_PUBLIC_KEY as trusted oracle pubkey"
+  set -- "$@" --config=$VLSD_DATA/vlsd2.toml -t=$TXOO_PUBLIC_KEY
 fi
 
 echo

vlsd/healthcheck.sh

@@ -2,4 +2,4 @@
 
 set -ex
 
-vls-cli info
+vls-cli --rpc-user rpcuser --rpc-password VLSsigner2 info

vlsd/vlsd2.toml

@@ -1 +1,3 @@
 datadir = "/home/vls/.lightning-signer"
+rpc-user = "rpcuser"
+rpc-pass = "VLSsigner2"