Merge pull request 'Upgrade all bitcoin software to latest versions' (#328) from chore/upgrade_bitcoin_software into master
Reviewed-on: #328
This commit is contained in:
commit
7fc0a65a22
|
@ -0,0 +1,10 @@
|
|||
{
|
||||
"id": "lnd",
|
||||
"password": {
|
||||
"encrypted_data": "etEgstimoXqyD8HhZZ7rKW0+LW3rnYAR3f++AOv6SA==\n",
|
||||
"iv": "g9LA7GpA6eV1ZAJu\n",
|
||||
"auth_tag": "wv67Nliq0HGqAhVeyhNO/g==\n",
|
||||
"version": 3,
|
||||
"cipher": "aes-256-gcm"
|
||||
}
|
||||
}
|
|
@ -8,7 +8,7 @@
|
|||
"automatic": {
|
||||
"fqdn": "bitcoin-2",
|
||||
"os": "linux",
|
||||
"os_version": "5.4.0-58-generic",
|
||||
"os_version": "5.4.0-77-generic",
|
||||
"hostname": "bitcoin-2",
|
||||
"ipaddress": "192.168.122.148",
|
||||
"roles": [
|
||||
|
@ -26,6 +26,8 @@
|
|||
"kosmos-bitcoin::dotnet",
|
||||
"kosmos-bitcoin::nbxplorer",
|
||||
"kosmos-bitcoin::btcpay",
|
||||
"tor-full",
|
||||
"tor-full::default",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
|
@ -82,6 +84,7 @@
|
|||
"recipe[kosmos-bitcoin::c-lightning]",
|
||||
"recipe[kosmos-bitcoin::lnd]",
|
||||
"recipe[kosmos-bitcoin::rtl]",
|
||||
"role[btcpay]"
|
||||
"role[btcpay]",
|
||||
"recipe[tor-full]"
|
||||
]
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
node.default['bitcoin']['version'] = '0.21.0'
|
||||
node.default['bitcoin']['checksum'] = '1a91202c62ee49fb64d57a52b8d6d01cd392fffcbef257b573800f9289655f37'
|
||||
node.default['bitcoin']['version'] = '0.21.1'
|
||||
node.default['bitcoin']['checksum'] = 'caff23449220cf45753f312cefede53a9eac64000bb300797916526236b6a1e0'
|
||||
node.default['bitcoin']['username'] = 'satoshi'
|
||||
node.default['bitcoin']['usergroup'] = 'bitcoin'
|
||||
node.default['bitcoin']['network'] = 'mainnet'
|
||||
|
@ -25,8 +25,11 @@ node.default['bitcoin']['conf'] = {
|
|||
zmqpubrawtx: 'tcp://127.0.0.1:8338'
|
||||
}
|
||||
|
||||
# Also enables Tor for LND
|
||||
node.default['bitcoin']['tor_enabled'] = true
|
||||
|
||||
node.default['c-lightning']['repo'] = 'https://github.com/ElementsProject/lightning'
|
||||
node.default['c-lightning']['revision'] = 'v0.9.3'
|
||||
node.default['c-lightning']['revision'] = 'v0.10.0'
|
||||
node.default['c-lightning']['source_dir'] = '/opt/c-lightning'
|
||||
node.default['c-lightning']['lightning_dir'] = "/home/#{node['bitcoin']['username']}/.lightning"
|
||||
node.default['c-lightning']['alias'] = 'ln3.kosmos.org'
|
||||
|
@ -35,7 +38,7 @@ node.default['c-lightning']['log_level'] = 'info'
|
|||
node.default['c-lightning']['public_ip'] = '148.251.237.73'
|
||||
|
||||
node.default['lnd']['repo'] = 'https://github.com/lightningnetwork/lnd'
|
||||
node.default['lnd']['revision'] = 'v0.12.0-beta'
|
||||
node.default['lnd']['revision'] = 'v0.13.0-beta'
|
||||
node.default['lnd']['source_dir'] = '/opt/lnd'
|
||||
node.default['lnd']['lnd_dir'] = "/home/#{node['bitcoin']['username']}/.lnd"
|
||||
node.default['lnd']['alias'] = 'ln2.kosmos.org'
|
||||
|
@ -45,11 +48,12 @@ node.default['lnd']['public_ip'] = '148.251.237.111'
|
|||
node.default['lnd']['public_port'] = '9735'
|
||||
node.default['lnd']['port'] = '9736'
|
||||
node.default['lnd']['minchansize'] = '1000000'
|
||||
node.default['lnd']['basefee'] = '500'
|
||||
node.default['lnd']['feerate'] = '1'
|
||||
node.default['lnd']['basefee'] = '1000'
|
||||
node.default['lnd']['feerate'] = '50'
|
||||
node.default['lnd']['auto_unlock'] = true # requires credentials/lnd data bag item
|
||||
|
||||
node.default['rtl']['repo'] = 'https://github.com/Ride-The-Lightning/RTL.git'
|
||||
node.default['rtl']['revision'] = 'v0.10.0'
|
||||
node.default['rtl']['revision'] = 'v0.11.0'
|
||||
node.default['rtl']['host'] = '10.1.1.163'
|
||||
node.default['rtl']['port'] = '3000'
|
||||
|
||||
|
@ -57,13 +61,13 @@ node.default['dotnet']['ms_packages_src_url'] = "https://packages.microsoft.com/
|
|||
node.default['dotnet']['ms_packages_src_checksum'] = "4df5811c41fdded83eb9e2da9336a8dfa5594a79dc8a80133bd815f4f85b9991"
|
||||
|
||||
node.default['nbxplorer']['repo'] = 'https://github.com/dgarage/NBXplorer'
|
||||
node.default['nbxplorer']['revision'] = 'latest'
|
||||
node.default['nbxplorer']['revision'] = 'v2.1.52'
|
||||
node.default['nbxplorer']['source_dir'] = '/opt/nbxplorer'
|
||||
node.default['nbxplorer']['config_path'] = "/home/#{node['bitcoin']['username']}/.nbxplorer/Main/settings.config"
|
||||
node.default['nbxplorer']['port'] = '24445'
|
||||
|
||||
node.default['btcpay']['repo'] = 'https://github.com/btcpayserver/btcpayserver'
|
||||
node.default['btcpay']['revision'] = 'latest'
|
||||
node.default['btcpay']['revision'] = 'v1.1.2'
|
||||
node.default['btcpay']['source_dir'] = '/opt/btcpay'
|
||||
node.default['btcpay']['config_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/Main/settings.config"
|
||||
node.default['btcpay']['log_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/debug.log"
|
||||
|
|
|
@ -26,3 +26,4 @@ depends 'kosmos-nginx'
|
|||
depends 'kosmos-nodejs'
|
||||
depends 'firewall'
|
||||
depends 'application_javascript'
|
||||
depends 'tor-full'
|
||||
|
|
|
@ -11,6 +11,7 @@ git node['btcpay']['source_dir'] do
|
|||
repository node['btcpay']['repo']
|
||||
revision node['btcpay']['revision']
|
||||
action :sync
|
||||
notifies :stop, "systemd_unit[btcpayserver.service]", :immediately
|
||||
notifies :run, 'bash[build_btcpay]', :immediately
|
||||
end
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@ bash "compile_lnd" do
|
|||
cwd node['lnd']['source_dir']
|
||||
code <<-EOH
|
||||
source /etc/profile.d/golang.sh
|
||||
make clean && make && make install
|
||||
make clean && make && make install tags="signrpc walletrpc chainrpc invoicesrpc"
|
||||
EOH
|
||||
action :nothing
|
||||
notifies :restart, "systemd_unit[lnd.service]", :delayed
|
||||
|
@ -36,6 +36,17 @@ directory lnd_dir do
|
|||
action :create
|
||||
end
|
||||
|
||||
if node['lnd']['auto_unlock']
|
||||
lnd_credentials = Chef::EncryptedDataBagItem.load('credentials', 'lnd')
|
||||
|
||||
file "#{lnd_dir}/.unlock.txt" do
|
||||
content lnd_credentials['password']
|
||||
mode '0600'
|
||||
owner bitcoin_user
|
||||
group bitcoin_group
|
||||
end
|
||||
end
|
||||
|
||||
template "#{lnd_dir}/lnd.conf" do
|
||||
source "lnd.conf.erb"
|
||||
owner bitcoin_user
|
||||
|
@ -49,6 +60,8 @@ template "#{lnd_dir}/lnd.conf" do
|
|||
lnd_minchansize: node['lnd']['minchansize'],
|
||||
lnd_basefee: node['lnd']['basefee'],
|
||||
lnd_feerate: node['lnd']['feerate'],
|
||||
lnd_dir: lnd_dir,
|
||||
auto_unlock: node['lnd']['auto_unlock'],
|
||||
bitcoin_datadir: node['bitcoin']['datadir'],
|
||||
bitcoin_rpc_user: node['bitcoin']['conf']['rpcuser'],
|
||||
bitcoin_rpc_password: bitcoin_credentials["rpcpassword"],
|
||||
|
@ -58,6 +71,9 @@ template "#{lnd_dir}/lnd.conf" do
|
|||
notifies :restart, "systemd_unit[lnd.service]", :delayed
|
||||
end
|
||||
|
||||
exec_flags = ""
|
||||
exec_flags += "--tor.active --tor.v3" if node['bitcoin']['tor_enabled']
|
||||
|
||||
systemd_unit 'lnd.service' do
|
||||
content({
|
||||
Unit: {
|
||||
|
@ -70,7 +86,7 @@ systemd_unit 'lnd.service' do
|
|||
User: bitcoin_user,
|
||||
Group: bitcoin_group,
|
||||
Type: 'simple',
|
||||
ExecStart: '/opt/go/bin/lnd',
|
||||
ExecStart: "/opt/go/bin/lnd #{exec_flags}",
|
||||
Restart: 'always',
|
||||
RestartSec: '30',
|
||||
TimeoutSec: '240',
|
||||
|
@ -95,3 +111,8 @@ firewall_rule 'lnd' do
|
|||
protocol :tcp
|
||||
command :allow
|
||||
end
|
||||
|
||||
if node['bitcoin']['tor_enabled']
|
||||
node.override['tor']['ControlPort'] = 9051
|
||||
node.override['tor']['CookieAuthentication'] = true
|
||||
end
|
||||
|
|
|
@ -11,6 +11,7 @@ git node['nbxplorer']['source_dir'] do
|
|||
repository node['nbxplorer']['repo']
|
||||
revision node['nbxplorer']['revision']
|
||||
action :sync
|
||||
notifies :stop, "systemd_unit[nbxplorer.service]", :immediately
|
||||
notifies :run, 'bash[build_nbxplorer]', :immediately
|
||||
end
|
||||
|
||||
|
|
|
@ -27,7 +27,6 @@ end
|
|||
build_essential
|
||||
include_recipe 'ark'
|
||||
|
||||
|
||||
%w{ libtool autotools-dev make automake cmake curl g++-multilib libtool
|
||||
binutils-gold bsdmainutils pkg-config python3 patch }.each do |pkg|
|
||||
apt_package pkg
|
||||
|
@ -82,6 +81,14 @@ user bitcoin_user do
|
|||
shell "/bin/bash"
|
||||
end
|
||||
|
||||
if node['bitcoin']['tor_enabled']
|
||||
group 'debian-tor' do
|
||||
action :modify
|
||||
members bitcoin_user
|
||||
append true
|
||||
end
|
||||
end
|
||||
|
||||
[bitcoin_datadir, bitcoin_walletdir].each do |path|
|
||||
directory path do
|
||||
owner bitcoin_user
|
||||
|
|
|
@ -6,6 +6,7 @@ alias=<%= @lnd_alias %>
|
|||
color=<%= @lnd_color %>
|
||||
maxpendingchannels=2
|
||||
minchansize=<%= @lnd_minchansize %>
|
||||
<% if @auto_unlock %>wallet-unlock-password-file=<%= @lnd_dir %>/.unlock.txt<% end %>
|
||||
|
||||
[autopilot]
|
||||
autopilot.active=0
|
||||
|
|
|
@ -32,6 +32,8 @@ The following platform families are supported:
|
|||
* `node['tor']['MinLogLevel']` - The minimum log level to log. Possible values include debug, info, notice, warn, and err.
|
||||
* `node['tor']['LogDestination']` - Where logs should be written. Valid values include a path to a file or "syslog"
|
||||
* `node['tor']['SocksPorts']` - List of 'address:port' to open tor socks proxy on. Defaults to disabled
|
||||
* `node['tor']['ControlPort']` - The port on which Tor will listen for local connections from Tor controller applications
|
||||
* `node['tor']['CookieAuthentication']` - Enable this (`true`) when using ControlPort
|
||||
|
||||
### Hidden Services config section
|
||||
|
||||
|
|
|
@ -65,11 +65,11 @@ DataDirectory <%= node['tor']['DataDirectory'] %>
|
|||
|
||||
## The port on which Tor will listen for local connections from Tor
|
||||
## controller applications, as documented in control-spec.txt.
|
||||
#ControlPort 9051
|
||||
<% if node['tor']['ControlPort'] %>ControlPort <%= node['tor']['ControlPort'] %><% else %>#ControlPort 9051<% end %>
|
||||
## If you enable the controlport, be sure to enable one of these
|
||||
## authentication methods, to prevent attackers from accessing it.
|
||||
#HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
|
||||
#CookieAuthentication 1
|
||||
<% if node['tor']['CookieAuthentication'] %>CookieAuthentication 1<% else %>#CookieAuthentication 1<% end %>
|
||||
|
||||
############### This section is just for location-hidden services ###
|
||||
|
||||
|
|
Loading…
Reference in New Issue