# # Cookbook:: kosmos-bitcoin # Recipe:: lndhub # include_recipe 'redisio::default' include_recipe 'redisio::enable' app_name = "lndhub" app_dir = "/opt/#{app_name}" lnd_dir = node['lnd']['lnd_dir'] bitcoin_user = node['bitcoin']['username'] bitcoin_group = node['bitcoin']['usergroup'] application app_dir do owner bitcoin_user group bitcoin_group git do user bitcoin_user group bitcoin_group repository node['lndhub']['repo'] revision node['lndhub']['revision'] notifies :restart, "systemd_unit[lndhub.service]", :delayed end npm_install do user bitcoin_user end link "#{app_dir}/admin.macaroon" do to "#{lnd_dir}/data/chain/bitcoin/mainnet/admin.macaroon" owner bitcoin_user group bitcoin_group end link "#{app_dir}/tls.cert" do to "#{lnd_dir}/tls.cert" owner bitcoin_user group bitcoin_group end template "#{app_dir}/config.js" do source "lndhub.config.js.erb" owner bitcoin_user group bitcoin_group mode '0600' variables lnd_rpc_host: '127.0.0.1:10009' notifies :restart, "systemd_unit[lndhub.service]", :delayed end systemd_unit 'lndhub.service' do content({ Unit: { Description: 'LND Hub', Documentation: ['https://github.com/BlueWallet/LndHub'], Requires: 'lnd.service', After: 'lnd.service' }, Service: { User: bitcoin_user, Group: bitcoin_group, Type: 'simple', Environment: "PORT=#{node['lndhub']['port']}", WorkingDirectory: app_dir, ExecStart: "/usr/bin/npm start", Restart: 'always', RestartSec: '30', TimeoutSec: '120', PrivateTmp: true, ProtectSystem: 'full', NoNewPrivileges: true, PrivateDevices: true, }, Install: { WantedBy: 'multi-user.target' } }) verify false triggers_reload true action [:create, :enable, :start] end end include_recipe 'firewall' firewall_rule 'lndhub_private' do port node['lndhub']['port'].to_i source "10.1.1.0/24" protocol :tcp command :allow end return if node.chef_environment == "development" node.override["backup"]["archives"]["lndhub"] = ["/var/lib/redis/dump-6379.rdb"] include_recipe "backup"