Merge pull request 'Configure/install boltzd for Lightning/on-chain swaps' (#378) from feature/boltz-lnd into master

Reviewed-on: #378

nodes/bitcoin-2.json

@@ -24,6 +24,7 @@
       "kosmos-bitcoin::c-lightning",
       "kosmos-bitcoin::lnd",
       "kosmos-bitcoin::lnd-scb-s3",
+      "kosmos-bitcoin::boltz",
       "kosmos-bitcoin::rtl",
       "kosmos-bitcoin::lndhub",
       "kosmos_postgresql::hostsfile",
@@ -48,6 +49,7 @@
       "kosmos-bitcoin::firewall",
       "git::default",
       "git::package",
+      "kosmos-bitcoin::golang",
       "golang::default",
       "backup::default",
       "logrotate::default",
@@ -97,6 +99,7 @@
     "recipe[kosmos-bitcoin::c-lightning]",
     "recipe[kosmos-bitcoin::lnd]",
     "recipe[kosmos-bitcoin::lnd-scb-s3]",
+    "recipe[kosmos-bitcoin::boltz]",
     "recipe[kosmos-bitcoin::rtl]",
     "recipe[kosmos-bitcoin::lndhub]",
     "role[btcpay]"

site-cookbooks/kosmos-bitcoin/attributes/default.rb

@@ -52,6 +52,17 @@ node.default['lnd']['basefee'] = '1000'
 node.default['lnd']['feerate'] = '50'
 node.default['lnd']['auto_unlock'] = true # requires credentials/lnd data bag item
 
+node.default['boltz']['repo'] = 'https://github.com/BoltzExchange/boltz-lnd.git'
+node.default['boltz']['revision'] = 'v1.2.6'
+node.default['boltz']['source_dir'] = '/opt/boltz'
+node.default['boltz']['boltz_dir'] = "/home/#{node['bitcoin']['username']}/.boltz-lnd"
+node.default['boltz']['grpc_host'] = '127.0.0.1'
+node.default['boltz']['grpc_port'] = '9002'
+node.default['boltz']['rest_disabled'] = 'false'
+node.default['boltz']['rest_host'] = '127.0.0.1'
+node.default['boltz']['rest_port'] = '9003'
+node.default['boltz']['no_macaroons'] = 'false'
+
 node.default['rtl']['repo'] = 'https://github.com/Ride-The-Lightning/RTL.git'
 node.default['rtl']['revision'] = 'v0.11.0'
 node.default['rtl']['host'] = '10.1.1.163'
@@ -66,7 +77,7 @@ node.default['dotnet']['ms_packages_src_url'] = "https://packages.microsoft.com/
 node.default['dotnet']['ms_packages_src_checksum'] = "4df5811c41fdded83eb9e2da9336a8dfa5594a79dc8a80133bd815f4f85b9991"
 
 node.default['nbxplorer']['repo'] = 'https://github.com/dgarage/NBXplorer'
-node.default['nbxplorer']['revision'] = 'v2.2.18'
+node.default['nbxplorer']['revision'] = 'v2.2.20'
 node.default['nbxplorer']['source_dir'] = '/opt/nbxplorer'
 node.default['nbxplorer']['config_path'] = "/home/#{node['bitcoin']['username']}/.nbxplorer/Main/settings.config"
 node.default['nbxplorer']['port'] = '24445'

site-cookbooks/kosmos-bitcoin/recipes/boltz.rb

@@ -0,0 +1,87 @@
+#
+# Cookbook:: kosmos-bitcoin
+# Recipe:: boltz
+#
+
+include_recipe "git"
+include_recipe "kosmos-bitcoin::golang"
+
+git node['boltz']['source_dir'] do
+  repository node['boltz']['repo']
+  revision node['boltz']['revision']
+  action :sync
+  notifies :run, 'bash[compile_and_install_boltz]', :immediately
+end
+
+bash "compile_and_install_boltz" do
+  cwd node['boltz']['source_dir']
+  code <<-EOH
+go mod vendor && \
+make build && \
+make install
+  EOH
+  action :nothing
+  notifies :restart, "systemd_unit[boltzd.service]", :delayed
+end
+
+bitcoin_user  = node['bitcoin']['username']
+bitcoin_group = node['bitcoin']['usergroup']
+boltz_dir     = node['boltz']['boltz_dir']
+lnd_dir       = node['lnd']['lnd_dir']
+
+directory boltz_dir do
+  owner bitcoin_user
+  group bitcoin_group
+  mode '0750'
+  action :create
+end
+
+template "#{boltz_dir}/boltz.toml" do
+  source "boltz.toml.erb"
+  owner bitcoin_user
+  group bitcoin_group
+  mode '0640'
+  variables lnd_grpc_host: '127.0.0.1',
+            lnd_grpc_port: '10009',
+            lnd_macaroon_path: "#{lnd_dir}/data/chain/bitcoin/mainnet/admin.macaroon",
+            lnd_tlscert_path: "#{lnd_dir}/tls.cert",
+            boltz_config: node['boltz']
+  notifies :restart, "systemd_unit[boltzd.service]", :delayed
+end
+
+systemd_unit 'boltzd.service' do
+  content({
+    Unit: {
+      Description: 'Boltz Daemon',
+      Documentation: ['https://lnd.docs.boltz.exchange'],
+      Requires: 'lnd.service',
+      After: 'lnd.service'
+    },
+    Service: {
+      User: bitcoin_user,
+      Group: bitcoin_group,
+      Type: 'simple',
+      ExecStart: "/opt/boltz/boltzd",
+      Restart: 'always',
+      RestartSec: '30',
+      TimeoutSec: '240',
+      LimitNOFILE: '128000',
+      PrivateTmp: true,
+      ProtectSystem: 'full',
+      NoNewPrivileges: true,
+      PrivateDevices: true,
+      MemoryDenyWriteExecute: true
+    },
+    Install: {
+      WantedBy: 'multi-user.target'
+    }
+  })
+  verify false
+  triggers_reload true
+  action [:create, :enable, :start]
+end
+
+unless node.chef_environment == 'development'
+  node.override['backup']['archives']['boltz'] = [node['boltz']['boltz_dir']]
+  include_recipe 'backup'
+end

site-cookbooks/kosmos-bitcoin/recipes/dotnet.rb

@@ -30,4 +30,4 @@ execute 'apt_update' do
   action :nothing
 end
 
-apt_package 'dotnet-sdk-3.1'
+apt_package 'dotnet-sdk-6.0'

site-cookbooks/kosmos-bitcoin/recipes/golang.rb

@@ -0,0 +1,13 @@
+#
+# Cookbook:: kosmos-bitcoin
+# Recipe:: boltz
+#
+# Internal recipe for managing the Go installation in one place
+#
+
+node.override['golang']['version'] = "1.17.4"
+include_recipe "golang"
+
+link '/usr/local/bin/go' do
+  to '/usr/local/go/bin/go'
+end

site-cookbooks/kosmos-bitcoin/recipes/lnd.rb

@@ -4,9 +4,7 @@
 #
 
 include_recipe "git"
-
-node.override['golang']['version'] = "1.17.4"
-include_recipe "golang"
+include_recipe "kosmos-bitcoin::golang"
 
 git node['lnd']['source_dir'] do
   repository node['lnd']['repo']
@@ -19,7 +17,7 @@ bash "compile_lnd" do
   cwd node['lnd']['source_dir']
   code <<-EOH
     source /etc/profile.d/golang.sh
-    make clean && make && make install tags="signrpc walletrpc chainrpc invoicesrpc"
+    make clean && make && make install tags="signrpc walletrpc chainrpc invoicesrpc routerrpc"
   EOH
   action :nothing
   notifies :restart, "systemd_unit[lnd.service]", :delayed

site-cookbooks/kosmos-bitcoin/recipes/rtl.rb

@@ -43,7 +43,13 @@ rtl_config = {
     }
   ],
   multiPassHashed: credentials["multiPassHashed"]
-}.to_json
+}
+
+if node['boltz']
+  # TODO adapt for multi-node usage
+  rtl_config[:nodes][0][:Authentication][:boltzMacaroonPath] = "#{node['boltz']['boltz_dir']}/macaroons"
+  rtl_config[:nodes][0][:Settings][:boltzServerUrl] = "https://#{node['boltz']['rest_host']}:#{node['boltz']['rest_port']}"
+end
 
 application rtl_dir do
   owner bitcoin_user
@@ -65,7 +71,7 @@ application rtl_dir do
     owner bitcoin_user
     group bitcoin_group
     mode '0640'
-    content rtl_config
+    content rtl_config.to_json
     notifies :restart, "systemd_unit[rtl.service]", :delayed
   end
 

site-cookbooks/kosmos-bitcoin/templates/boltz.toml.erb

@@ -0,0 +1,32 @@
+[LND]
+# Host of the gRPC interface of LND
+host = "<%= @lnd_grpc_host %>"
+
+# Port of the gRPC interface of LND
+port = <%= @lnd_grpc_port %>
+
+# Path to a macaroon file of LND
+# The daemon needs to have permission to read various endpoints, generate addresses and pay invoices 
+macaroon = "<%= @lnd_macaroon_path %>"
+
+# Path to the TLS certificate of LND
+certificate = "<%= @lnd_tlscert_path %>"
+
+[RPC]
+# Host of the gRPC interface
+host = "<%= @boltz_config['grpc_host'] %>"
+
+# Port of the gRPC interface
+port = <%= @boltz_config['grpc_port'] %>
+
+# Whether the REST proxy for the gRPC interface should be disabled
+restDisabled = <%= @boltz_config['rest_disabled'] %>
+
+# Host of the REST proxy
+restHost = "<%= @boltz_config['rest_host'] %>"
+
+# Port of the REST proxy
+restPort = <%= @boltz_config['rest_port'] %>
+
+# Whether the macaroon authentication for the gRPC and REST interface should be disabled
+noMacaroons = <%= @boltz_config['no_macaroons'] %>