98 lines
		
	
	
		
			2.6 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			98 lines
		
	
	
		
			2.6 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| #
 | |
| # Cookbook:: kosmos-bitcoin
 | |
| # Recipe:: lnd
 | |
| #
 | |
| 
 | |
| include_recipe "git"
 | |
| include_recipe "golang"
 | |
| 
 | |
| git node['lnd']['source_dir'] do
 | |
|   repository node['lnd']['repo']
 | |
|   revision node['lnd']['revision']
 | |
|   action :sync
 | |
|   notifies :run, 'bash[compile_lnd]', :immediately
 | |
| end
 | |
| 
 | |
| bash "compile_lnd" do
 | |
|   cwd node['lnd']['source_dir']
 | |
|   code <<-EOH
 | |
|     source /etc/profile.d/golang.sh
 | |
|     make clean && make && make install
 | |
|   EOH
 | |
|   action :nothing
 | |
|   notifies :restart, "systemd_unit[lnd.service]", :delayed
 | |
| end
 | |
| 
 | |
| bitcoin_user  = node['bitcoin']['username']
 | |
| bitcoin_group = node['bitcoin']['usergroup']
 | |
| lnd_dir       = node['lnd']['lnd_dir']
 | |
| 
 | |
| bitcoin_credentials = Chef::EncryptedDataBagItem.load('credentials', 'bitcoin')
 | |
| 
 | |
| directory lnd_dir do
 | |
|   owner bitcoin_user
 | |
|   group bitcoin_group
 | |
|   mode '0750'
 | |
|   action :create
 | |
| end
 | |
| 
 | |
| template "#{lnd_dir}/lnd.conf" do
 | |
|   source "lnd.conf.erb"
 | |
|   owner bitcoin_user
 | |
|   group bitcoin_group
 | |
|   mode '0640'
 | |
|   variables lnd_alias: node['lnd']['alias'],
 | |
|             lnd_color: node['lnd']['color'],
 | |
|             lnd_log_level: node['lnd']['log_level'],
 | |
|             lnd_externalip: "#{node['lnd']['public_ip']}:#{node['lnd']['public_port']}",
 | |
|             lnd_port: node['lnd']['port'],
 | |
|             lnd_minchansize: node['lnd']['minchansize'],
 | |
|             lnd_basefee: node['lnd']['basefee'],
 | |
|             lnd_feerate: node['lnd']['feerate'],
 | |
|             bitcoin_datadir: node['bitcoin']['datadir'],
 | |
|             bitcoin_rpc_user: node['bitcoin']['conf']['rpcuser'],
 | |
|             bitcoin_rpc_password: bitcoin_credentials["rpcpassword"],
 | |
|             bitcoin_rpc_host: node['bitcoin']['conf']['rpcbind'],
 | |
|             bitcoin_zmqpubrawblock: node['bitcoin']['conf']['zmqpubrawblock'],
 | |
|             bitcoin_zmqpubrawtx: node['bitcoin']['conf']['zmqpubrawtx']
 | |
|   notifies :restart, "systemd_unit[lnd.service]", :delayed
 | |
| end
 | |
| 
 | |
| systemd_unit 'lnd.service' do
 | |
|   content({
 | |
|     Unit: {
 | |
|       Description: 'Lightning Network Daemon',
 | |
|       Documentation: ['https://github.com/lightningnetwork/lnd/tree/master/docs'],
 | |
|       Requires: 'bitcoind.service',
 | |
|       After: 'bitcoind.service'
 | |
|     },
 | |
|     Service: {
 | |
|       User: bitcoin_user,
 | |
|       Group: bitcoin_group,
 | |
|       Type: 'simple',
 | |
|       ExecStart: '/opt/go/bin/lnd',
 | |
|       Restart: 'always',
 | |
|       RestartSec: '30',
 | |
|       TimeoutSec: '240',
 | |
|       LimitNOFILE: '128000',
 | |
|       PrivateTmp: true,
 | |
|       ProtectSystem: 'full',
 | |
|       NoNewPrivileges: true,
 | |
|       PrivateDevices: true,
 | |
|       MemoryDenyWriteExecute: true
 | |
|     },
 | |
|     Install: {
 | |
|       WantedBy: 'multi-user.target'
 | |
|     }
 | |
|   })
 | |
|   verify false
 | |
|   triggers_reload true
 | |
|   action [:create, :enable, :start]
 | |
| end
 | |
| 
 | |
| firewall_rule 'lnd' do
 | |
|   port     [node['lnd']['port']]
 | |
|   protocol :tcp
 | |
|   command  :allow
 | |
| end
 |