diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index 5998b20..3f90c20 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -52,6 +52,17 @@ node.default['lnd']['basefee'] = '1000' node.default['lnd']['feerate'] = '50' node.default['lnd']['auto_unlock'] = true # requires credentials/lnd data bag item +node.default['boltz']['repo'] = 'https://github.com/BoltzExchange/boltz-lnd.git' +node.default['boltz']['revision'] = 'v1.2.6' +node.default['boltz']['source_dir'] = '/opt/boltz' +node.default['boltz']['boltz_dir'] = "/home/#{node['bitcoin']['username']}/.boltz-lnd" +node.default['boltz']['grpc_host'] = '127.0.0.1' +node.default['boltz']['grpc_port'] = '9002' +node.default['boltz']['rest_disabled'] = 'false' +node.default['boltz']['rest_host'] = '127.0.0.1' +node.default['boltz']['rest_port'] = '9003' +node.default['boltz']['no_macaroons'] = 'false' + node.default['rtl']['repo'] = 'https://github.com/Ride-The-Lightning/RTL.git' node.default['rtl']['revision'] = 'v0.11.0' node.default['rtl']['host'] = '10.1.1.163' diff --git a/site-cookbooks/kosmos-bitcoin/recipes/boltz.rb b/site-cookbooks/kosmos-bitcoin/recipes/boltz.rb new file mode 100644 index 0000000..e090703 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/recipes/boltz.rb @@ -0,0 +1,87 @@ +# +# Cookbook:: kosmos-bitcoin +# Recipe:: boltz +# + +include_recipe "git" +include_recipe "kosmos-bitcoin::golang" + +git node['boltz']['source_dir'] do + repository node['boltz']['repo'] + revision node['boltz']['revision'] + action :sync + notifies :run, 'bash[compile_and_install_boltz]', :immediately +end + +bash "compile_and_install_boltz" do + cwd node['boltz']['source_dir'] + code <<-EOH +go mod vendor && \ +make build && \ +make install + EOH + action :nothing + notifies :restart, "systemd_unit[boltzd.service]", :delayed +end + +bitcoin_user = node['bitcoin']['username'] +bitcoin_group = node['bitcoin']['usergroup'] +boltz_dir = node['boltz']['boltz_dir'] +lnd_dir = node['lnd']['lnd_dir'] + +directory boltz_dir do + owner bitcoin_user + group bitcoin_group + mode '0750' + action :create +end + +template "#{boltz_dir}/boltz.toml" do + source "boltz.toml.erb" + owner bitcoin_user + group bitcoin_group + mode '0640' + variables lnd_grpc_host: '127.0.0.1', + lnd_grpc_port: '10009', + lnd_macaroon_path: "#{lnd_dir}/data/chain/bitcoin/mainnet/admin.macaroon", + lnd_tlscert_path: "#{lnd_dir}/tls.cert", + boltz_config: node['boltz'] + notifies :restart, "systemd_unit[boltzd.service]", :delayed +end + +systemd_unit 'boltzd.service' do + content({ + Unit: { + Description: 'Boltz Daemon', + Documentation: ['https://lnd.docs.boltz.exchange'], + Requires: 'lnd.service', + After: 'lnd.service' + }, + Service: { + User: bitcoin_user, + Group: bitcoin_group, + Type: 'simple', + ExecStart: "/opt/boltz/boltzd", + Restart: 'always', + RestartSec: '30', + TimeoutSec: '240', + LimitNOFILE: '128000', + PrivateTmp: true, + ProtectSystem: 'full', + NoNewPrivileges: true, + PrivateDevices: true, + MemoryDenyWriteExecute: true + }, + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :enable, :start] +end + +unless node.chef_environment == 'development' + node.override['backup']['archives']['boltz'] = [node['boltz']['boltz_dir']] + include_recipe 'backup' +end diff --git a/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb b/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb index fd6549d..b3776bc 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb @@ -17,7 +17,7 @@ bash "compile_lnd" do cwd node['lnd']['source_dir'] code <<-EOH source /etc/profile.d/golang.sh - make clean && make && make install tags="signrpc walletrpc chainrpc invoicesrpc" + make clean && make && make install tags="signrpc walletrpc chainrpc invoicesrpc routerrpc" EOH action :nothing notifies :restart, "systemd_unit[lnd.service]", :delayed diff --git a/site-cookbooks/kosmos-bitcoin/templates/boltz.toml.erb b/site-cookbooks/kosmos-bitcoin/templates/boltz.toml.erb new file mode 100644 index 0000000..33a8fa7 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/templates/boltz.toml.erb @@ -0,0 +1,32 @@ +[LND] +# Host of the gRPC interface of LND +host = "<%= @lnd_grpc_host %>" + +# Port of the gRPC interface of LND +port = <%= @lnd_grpc_port %> + +# Path to a macaroon file of LND +# The daemon needs to have permission to read various endpoints, generate addresses and pay invoices +macaroon = "<%= @lnd_macaroon_path %>" + +# Path to the TLS certificate of LND +certificate = "<%= @lnd_tlscert_path %>" + +[RPC] +# Host of the gRPC interface +host = "<%= @boltz_config['grpc_host'] %>" + +# Port of the gRPC interface +port = <%= @boltz_config['grpc_port'] %> + +# Whether the REST proxy for the gRPC interface should be disabled +restDisabled = <%= @boltz_config['rest_disabled'] %> + +# Host of the REST proxy +restHost = "<%= @boltz_config['rest_host'] %>" + +# Port of the REST proxy +restPort = <%= @boltz_config['rest_port'] %> + +# Whether the macaroon authentication for the gRPC and REST interface should be disabled +noMacaroons = <%= @boltz_config['no_macaroons'] %>