Use lightning payments to facilitate a Wireguard tunnel between client and server
This repository contains two components: the ln-over-wg-client and the ln-over-wg-server.
Server - The server is an ExpressJS app. The root app.js defines server endpoints and their routes. Boltwall is Express middleware, which intercepts any calls to the endpoints defined after its own definition and responds according to the L402 standard. This includes a "protected" router, which contains an endpoint to set wireguard configurations on the server. This endpoint is only accessible upon complettion of an invoice.
Client - The client can create a wireguard tunnel with the server by running the start.js script. This sets the interface, then triggers the L402 control flow to add the server as a peer and pay for its session.
- Create a regtest lightning network with at least 2 nodes with channels and liquidity between them. The easiest way to do this is with Polar
- Create a .env for both the client and server which defines the LND_TLS_CERT_PATH, LND_MACAROON_PATH, and LND_SOCKET of their respective lightning nodes
- Update the run scripts with the proper network configurations (network name and IPs)
- From inside the
ln-over-wg-clientdocker container, runnode start.jsto establish a payment authorized session with the server. - Use the
rebuild.shandrun.shto make changes to the client and server
*For quicker startups in the future, update the start-all.sh script with a reference to your lightning network docker compose file. Example: $HOME/.polar/networks/1/docker-compose.yml