From 2ca576468ed13cb8482d4b779ea7e703987d4626 Mon Sep 17 00:00:00 2001
From: Sebastian Kippe <sebastian@kip.pe>
Date: Wed, 30 Jun 2021 17:09:31 +0200
Subject: [PATCH] Auto-unlock LND wallet/node

The latest release added a new config option for auto-unlocking the
wallet/node using a password file. This changeset adds support for just
that to the lnd recipe, so that nobody has to manually unlock it after
reboots or service restarts.
---
 site-cookbooks/kosmos-bitcoin/attributes/default.rb |  5 +++--
 site-cookbooks/kosmos-bitcoin/recipes/lnd.rb        | 13 +++++++++++++
 .../kosmos-bitcoin/templates/lnd.conf.erb           |  1 +
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb
index 8111a5e..054639a 100644
--- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb
+++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb
@@ -45,8 +45,9 @@ node.default['lnd']['public_ip'] = '148.251.237.111'
 node.default['lnd']['public_port'] = '9735'
 node.default['lnd']['port'] = '9736'
 node.default['lnd']['minchansize'] = '1000000'
-node.default['lnd']['basefee'] = '500'
-node.default['lnd']['feerate'] = '1'
+node.default['lnd']['basefee'] = '1000'
+node.default['lnd']['feerate'] = '50'
+node.default['lnd']['auto_unlock'] = true # requires credentials/lnd data bag item
 
 node.default['rtl']['repo'] = 'https://github.com/Ride-The-Lightning/RTL.git'
 node.default['rtl']['revision'] = 'v0.11.0'
diff --git a/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb b/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
index 4e2464a..6f36bb7 100644
--- a/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
+++ b/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
@@ -36,6 +36,17 @@ directory lnd_dir do
   action :create
 end
 
+if node['lnd']['auto_unlock']
+  lnd_credentials = Chef::EncryptedDataBagItem.load('credentials', 'lnd')
+
+  file "#{lnd_dir}/.unlock.txt" do
+    content lnd_credentials['password']
+    mode '0600'
+    owner bitcoin_user
+    group bitcoin_group
+  end
+end
+
 template "#{lnd_dir}/lnd.conf" do
   source "lnd.conf.erb"
   owner bitcoin_user
@@ -49,6 +60,8 @@ template "#{lnd_dir}/lnd.conf" do
             lnd_minchansize: node['lnd']['minchansize'],
             lnd_basefee: node['lnd']['basefee'],
             lnd_feerate: node['lnd']['feerate'],
+            lnd_dir: lnd_dir,
+            auto_unlock: node['lnd']['auto_unlock'],
             bitcoin_datadir: node['bitcoin']['datadir'],
             bitcoin_rpc_user: node['bitcoin']['conf']['rpcuser'],
             bitcoin_rpc_password: bitcoin_credentials["rpcpassword"],
diff --git a/site-cookbooks/kosmos-bitcoin/templates/lnd.conf.erb b/site-cookbooks/kosmos-bitcoin/templates/lnd.conf.erb
index b96f7d8..57c7caf 100644
--- a/site-cookbooks/kosmos-bitcoin/templates/lnd.conf.erb
+++ b/site-cookbooks/kosmos-bitcoin/templates/lnd.conf.erb
@@ -6,6 +6,7 @@ alias=<%= @lnd_alias %>
 color=<%= @lnd_color %>
 maxpendingchannels=2
 minchansize=<%= @lnd_minchansize %>
+<% if @auto_unlock %>wallet-unlock-password-file=<%= @lnd_dir %>/.unlock.txt<% end %>
 
 [autopilot]
 autopilot.active=0