-
Notifications
You must be signed in to change notification settings - Fork 0
/
LND2
148 lines (116 loc) · 4.08 KB
/
LND2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/usr/bin/env python3
import os
import subprocess
import wget
import tarfile
import random
import string
import time
import requests
import shutil
def create_lnd_config_file():
# Predefined values
rpcusername = "rpc_username"
rpcpassword = "rpc_password"
ubuntuusername = "humble"
nameoflightningnode = "name_of_lightning_node"
# Define the configuration text
config_text = f"""\
listen=0.0.0.0:9735
tlsextraip=0.0.0.0
tlsextradomain=0.0.0.0
wallet-unlock-password-file=/home/{ubuntuusername}/.lnd/password.txt
wallet-unlock-allow-create=true
alias={nameoflightningnode}
rpclisten=localhost:10009
restlisten=0.0.0.0:8080
bitcoin.active=true
bitcoin.mainnet=true
bitcoin.node=bitcoind
bitcoind.dir=~/.bitcoin
bitcoind.config=~/.bitcoin/bitcoin.conf
bitcoind.rpcuser={rpcusername}
bitcoind.rpcpass={rpcpassword}
bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332
bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333
; tor.active=true
; tor.streamisolation=true
; tor.v3=true
"""
# Define the path to the ~/.lnd directory
lnd_directory = os.path.join(os.path.expanduser('~'), '.lnd')
# Create the directory if it doesn't exist
if not os.path.exists(lnd_directory):
os.makedirs(lnd_directory)
# Define the path to the configuration file
config_file_path = os.path.join(lnd_directory, 'lnd.conf')
# Write the configuration text to the file
with open(config_file_path, 'w') as config_file:
config_file.write(config_text)
print(f'Created config file {config_file_path}')
if __name__ == "__main__":
create_lnd_config_file()
def create_lnd_service(system_username):
file_path = "/etc/systemd/system/lnd.service"
content = f'''\
# A sample systemd service file for lnd running with a bitcoind service.
[Unit]
Description=Lightning Network Daemon
# Make sure lnd starts after bitcoind is ready
Requires=bitcoind.service
After=bitcoind.service
[Service]
ExecStart=/usr/local/bin/lnd
ExecStop=/usr/local/bin/lncli stop
# Replace these with the user:group that will run lnd
User={system_username}
Group={system_username}
# Try restarting lnd if it stops due to a failure
Restart=on-failure
RestartSec=60
# Type=notify is required for lnd to notify systemd when it is ready
Type=notify
# An extended timeout period is needed to allow for database compaction
# and other time-intensive operations during startup. We also extend the
# stop timeout to ensure graceful shutdowns of lnd.
TimeoutStartSec=1200
TimeoutStopSec=3600
# Hardening Measures
####################
# Mount /usr, /boot/ and /etc read-only for the process.
ProtectSystem=full
# Disallow the process and all of its children to gain
# new privileges through execve().
NoNewPrivileges=true
# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero, and /dev/random.
PrivateDevices=true
# Deny the creation of writable and executable memory mappings.
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target
'''
# Write the content to a temporary file
temp_file_path = "/tmp/lnd.service"
with open(temp_file_path, 'w') as file:
file.write(content)
# Use sudo to move the temporary file to the target directory
move_command = ["sudo", "mv", temp_file_path, file_path]
subprocess.run(move_command, check=True)
# Set the correct ownership and permissions for the service file
chown_command = ["sudo", "chown", "root:root", file_path]
subprocess.run(chown_command, check=True)
chmod_command = ["sudo", "chmod", "644", file_path]
subprocess.run(chmod_command, check=True)
# Reload systemd configuration
reload_command = ["sudo", "systemctl", "daemon-reload"]
subprocess.run(reload_command, check=True)
# Enable the lnd service
enable_command = ["sudo", "systemctl", "enable", "lnd.service"]
subprocess.run(enable_command, check=True)
# Start the lnd service
start_command = ["sudo", "systemctl", "start", "lnd.service"]
subprocess.run(start_command, check=True)
if __name__ == "__main__":
system_username = "humble" # Replace with the desired username
create_lnd_service(system_username)