kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 26 Pull Requests 2 Projects 2 Activity

Support Tor connections for LND

Browse Source 
Adds basics for general Tor support in bitcoin recipes, and specific
support for Tor to the lnd recipe.
This commit is contained in:
Basti 2021-07-01 15:34:06 +02:00
parent 9f0b5f0e64
commit b7af04e8be
Signed by untrusted user: basti
GPG Key ID: 9F88009D31D99C72
5 changed files with 25 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nodes/bitcoin-2.json
View File

@ -26,6 +26,8 @@
"kosmos-bitcoin::dotnet", "kosmos-bitcoin::dotnet",
"kosmos-bitcoin::nbxplorer", "kosmos-bitcoin::nbxplorer",
"kosmos-bitcoin::btcpay", "kosmos-bitcoin::btcpay",
"tor-full",
"tor-full::default",
"apt::default", "apt::default",
"timezone_iii::default", "timezone_iii::default",
"timezone_iii::debian", "timezone_iii::debian",
@ -82,6 +84,7 @@
"recipe[kosmos-bitcoin::c-lightning]", "recipe[kosmos-bitcoin::c-lightning]",
"recipe[kosmos-bitcoin::lnd]", "recipe[kosmos-bitcoin::lnd]",
"recipe[kosmos-bitcoin::rtl]", "recipe[kosmos-bitcoin::rtl]",
"role[btcpay]" "role[btcpay]",
"recipe[tor-full]"
] ]
} }

3
site-cookbooks/kosmos-bitcoin/attributes/default.rb
View File

@ -25,6 +25,9 @@ node.default['bitcoin']['conf'] = {
zmqpubrawtx: 'tcp://127.0.0.1:8338' zmqpubrawtx: 'tcp://127.0.0.1:8338'
} }
# Also enables Tor for LND
node.default['bitcoin']['tor_enabled'] = true
node.default['c-lightning']['repo'] = 'https://github.com/ElementsProject/lightning' node.default['c-lightning']['repo'] = 'https://github.com/ElementsProject/lightning'
node.default['c-lightning']['revision'] = 'v0.10.0' node.default['c-lightning']['revision'] = 'v0.10.0'
node.default['c-lightning']['source_dir'] = '/opt/c-lightning' node.default['c-lightning']['source_dir'] = '/opt/c-lightning'

1
site-cookbooks/kosmos-bitcoin/metadata.rb
View File

@ -26,3 +26,4 @@ depends 'kosmos-nginx'
depends 'kosmos-nodejs' depends 'kosmos-nodejs'
depends 'firewall' depends 'firewall'
depends 'application_javascript' depends 'application_javascript'
depends 'tor-full'

10
site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
View File

@ -71,6 +71,9 @@ template "#{lnd_dir}/lnd.conf" do
notifies :restart, "systemd_unit[lnd.service]", :delayed notifies :restart, "systemd_unit[lnd.service]", :delayed
end end
exec_flags = ""
exec_flags += "--tor.active --tor.v3" if node['bitcoin']['tor_enabled']
systemd_unit 'lnd.service' do systemd_unit 'lnd.service' do
content({ content({
Unit: { Unit: {
@ -83,7 +86,7 @@ systemd_unit 'lnd.service' do
User: bitcoin_user, User: bitcoin_user,
Group: bitcoin_group, Group: bitcoin_group,
Type: 'simple', Type: 'simple',
ExecStart: '/opt/go/bin/lnd', ExecStart: "/opt/go/bin/lnd #{exec_flags}",
Restart: 'always', Restart: 'always',
RestartSec: '30', RestartSec: '30',
TimeoutSec: '240', TimeoutSec: '240',
@ -108,3 +111,8 @@ firewall_rule 'lnd' do
protocol :tcp protocol :tcp
command :allow command :allow
end end
if node['bitcoin']['tor_enabled']
node.override['tor']['ControlPort'] = 9051
node.override['tor']['CookieAuthentication'] = true
end

8
site-cookbooks/kosmos-bitcoin/recipes/source.rb
View File

@ -81,6 +81,14 @@ user bitcoin_user do
shell "/bin/bash" shell "/bin/bash"
end end
if node['bitcoin']['tor_enabled']
group 'debian-tor' do
action :modify
members bitcoin_user
append true
end
end
[bitcoin_datadir, bitcoin_walletdir].each do |path| [bitcoin_datadir, bitcoin_walletdir].each do |path|
directory path do directory path do
owner bitcoin_user owner bitcoin_user