move lnd tor config to lnd.check.sh prestart

home.admin/_provision_.sh

@@ -288,13 +288,20 @@ else
   echo "Provisioning LND interims update - keep default" >> ${logFile}
 fi
 
-# TESTNET
+# LND Testnet
-if [ "${chain}" = "test" ]; then
+if [ "${tlnd}" == "on" ]; then
-    echo "Provisioning TESTNET - run config script" >> ${logFile}
+    echo "Provisioning LND Testnet - run config script" >> ${logFile}
-    sudo sed -i "s/^message=.*/message='Provisioning Testnet'/g" ${infoFile}
+    sudo /home/admin/config.scripts/lnd.chain.sh testnet >> ${logFile} 2>&1
-    sudo /home/admin/config.scripts/network.chain.sh testnet >> ${logFile} 2>&1
 else
-    echo "Provisioning TESTNET - keep default" >> ${logFile}
+    echo "Provisioning LND Testnet - not activ" >> ${logFile}
+fi
+
+# LND Signet
+if [ "${slnd}" == "on" ]; then
+    echo "Provisioning LND Signet - run config script" >> ${logFile}
+    sudo /home/admin/config.scripts/lnd.chain.sh signet >> ${logFile} 2>&1
+else
+    echo "Provisioning LND Signet - not activ" >> ${logFile}
 fi
 
 # TOR

home.admin/assets/lnd.service

@@ -9,9 +9,8 @@ After=bitcoind.service
 #OnFailure=systemd-sendmail@%n
 
 [Service]
-EnvironmentFile=/mnt/hdd/raspiblitz.conf
 ExecStartPre=-/home/admin/config.scripts/lnd.check.sh prestart mainnet
-ExecStart=/usr/local/bin/lnd --externalip=${publicIP}:${lndPort} ${lndExtraParameter}
+ExecStart=/usr/local/bin/lnd --configfile=/home/bitcoin/.lnd/lnd.conf
 PIDFile=/home/bitcoin/.lnd/lnd.pid
 User=bitcoin
 Group=bitcoin

home.admin/config.scripts/internet.tor.sh

@@ -76,10 +76,6 @@ activateLndOverTOR()
   lndExists=$(sudo ls /etc/systemd/system/lnd.service | grep -c "lnd.service")
   if [ ${lndExists} -gt 0 ]; then
 
-    # deprecate 'torpassword='
-    sudo sed -i '/\[Tor\]*/d' /mnt/hdd/lnd/lnd.conf
-    sudo sed -i '/^tor.password=*/d' /mnt/hdd/lnd/lnd.conf
-
     # lnd-tor instance
     # https://www.torservers.net/wiki/setup/server#multiple_tor_processes
     NODENAME="lnd"
@@ -154,17 +150,7 @@ EOF
     sudo systemctl enable tor@$NODENAME
     sudo systemctl start tor@$NODENAME
     
-    # modify LND service
-    echo "# Make sure LND is disabled"
-    sudo systemctl disable lnd 2>/dev/null
 
-    echo "# Editing /etc/systemd/system/lnd.service"
-    sudo sed -i "s/^ExecStart=\/usr\/local\/bin\/lnd.*\
-/ExecStart=\/usr\/local\/bin\/lnd --tor\.active --tor\.streamisolation --tor\.v3 --tor\.socks=$SOCKSPORT --tor\.control=$CONTROLPORT --listen=127\.0\.0\.1\:9735 \${lndExtraParameter}/g" \
-    /etc/systemd/system/lnd.service
-
-    echo "# Enable LND again"
-    sudo systemctl enable lnd
     echo "# OK"
     echo 
 
@@ -445,14 +431,29 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
   deactivateBitcoinOverTOR
   echo ""
 
-  echo "# *** Removing Tor from LND ***"
-  sudo systemctl disable lnd
-  echo "# editing /etc/systemd/system/lnd.service"
-  sudo sed -i "s/^ExecStart=\/usr\/local\/bin\/lnd.*/ExecStart=\/usr\/local\/bin\/lnd --externalip=\${publicIP}:\${lndPort} \${lndExtraParameter}/g" /etc/systemd/system/lnd.service
-
   sudo /home/admin/config.scripts/internet.sh update-publicip
+  
+  if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ] || [ "${lnd}" == "1" ]; then
+    echo "# *** Removing Tor from LND Mainnet ***"
+    sudo sed -i '/^\[[Tt]or\].*/d' /mnt/hdd/lnd/lnd.conf
+    sudo sed -i '/^tor\..*/d' /mnt/hdd/lnd/lnd.conf
+    sudo systemctl restart lnd
+  fi
+
+  if [ "${tlnd}" == "on" ] || [ "${tlnd}" == "1" ]; then
+    echo "# *** Removing Tor from LND Testnet ***"
+    sudo sed -i '/^\[[Tt]or\].*/d' /mnt/hdd/lnd/tlnd.conf
+    sudo sed -i '/^tor\..*/d' /mnt/hdd/lnd/tlnd.conf
+    sudo systemctl restart tlnd
+  fi
+
+  if [ "${slnd}" == "on" ] || [ "${slnd}" == "1" ]; then
+    echo "# *** Removing Tor from LND Signet ***"
+    sudo sed -i '/^\[[Tt]or\].*/d' /mnt/hdd/lnd/slnd.conf
+    sudo sed -i '/^tor\..*/d' /mnt/hdd/lnd/slnd.conf
+    sudo systemctl restart slnd
+  fi
 
-  sudo systemctl enable lnd
   echo "# OK"
   echo ""
 
@@ -495,7 +496,9 @@ if [ "$1" = "update" ]; then
   echo "# Installed $(tor --version)"
   if [ $(systemctl status lnd | grep -c "active (running)") -gt 0 ];then
     echo "# LND needs to restart"
-    sudo systemctl restart lnd
+    sudo systemctl restart lnd 
+    sudo systemctl restart tlnd 2>/dev/null
+    sudo systemctl restart slnd 2>/dev/null
     sleep 10
     lncli unlock
   fi

home.admin/config.scripts/lnd.chain.sh

@@ -62,6 +62,10 @@ source /mnt/hdd/raspiblitz.conf
 # switch on
 if [ "$1" = "1" ] || [ "$1" = "on" ]; then
 
+  sudo ufw allow ${portprefix}9735 comment '${netprefix}lnd'
+  sudo ufw allow ${portprefix}8080 comment '${netprefix}lnd REST'
+  sudo ufw allow 1${rpcportmod}009 comment '${netprefix}lnd RPC'
+
   echo "# Create /home/bitcoin/.lnd/${netprefix}lnd.conf"
   if [ ! -f /home/bitcoin/.lnd/${netprefix}lnd.conf ];then
     echo "
@@ -90,11 +94,7 @@ tlskeypath=/home/bitcoin/.lnd/tls.key
 bitcoin.active=1
 bitcoin.node=bitcoind
 
-[Tor]
+
-tor.active=true
-tor.streamisolation=true
-tor.v3=true
-tor.privatekeypath=/mnt/hdd/lnd/${netprefix}v3_onion_private_key
 " | sudo -u bitcoin tee /home/bitcoin/.lnd/${netprefix}lnd.conf
   else
     echo "# The file /home/bitcoin/.lnd/${netprefix}lnd.conf is already present"
@@ -113,7 +113,7 @@ Group=bitcoin
 Type=simple
 EnvironmentFile=/mnt/hdd/raspiblitz.conf
 ExecStartPre=-/home/admin/config.scripts/lnd.check.sh prestart ${CHAIN}
-ExecStart=/usr/local/bin/lnd --configfile=/home/bitcoin/.lnd/${netprefix}lnd.conf --externalip=${publicIP}:${portprefix}${lndPort} ${lndExtraParameter}
+ExecStart=/usr/local/bin/lnd --configfile=/home/bitcoin/.lnd/${netprefix}lnd.conf
 Restart=always
 TimeoutSec=120
 RestartSec=30

home.admin/config.scripts/lnd.check.sh

@@ -81,7 +81,9 @@ if [ "$1" == "prestart" ]; then
   lndConfFile="/mnt/hdd/lnd/${netprefix}lnd.conf"
   echo "# lndConfFile(${lndConfFile})"
 
-  # [bitcoind] Section ..
+  ##### BITCOIND OPTIONS SECTION #####
+
+  # [bitcoind]
   sectionName="[Bb]itcoind"
   if [ "${network}" != "bitcoin" ]; then
     sectionName="${network}d"
@@ -128,7 +130,7 @@ if [ "$1" == "prestart" ]; then
   # SET/UPDATE rpchost
   setting ${lndConfFile} ${insertLine} "${network}d\.rpchost" "127\.0\.0\.1\:${portprefix}8332"
 
-  # Application Options
+  ##### APPLICATION OPTIONS SECTION #####
   
   sectionLine=$(cat ${lndConfFile} | grep -n "^\[Application Options\]" | cut -d ":" -f1)
   echo "# sectionLine(${sectionLine})"
@@ -138,11 +140,65 @@ if [ "$1" == "prestart" ]; then
   setting ${lndConfFile} ${insertLine} "rpclisten" "0\.0\.0\.0\:1${rpcportmod}009"
   setting ${lndConfFile} ${insertLine} "restlisten" "0\.0\.0\.0\:${portprefix}8080"
 
-  # enforce keysend if 'lndKeysend=on' in raspiblitz.conf
+  # enforce LND port is set correctly (if set in raspiblitz.conf)
+  if [ "${lndPort}" != "" ]; then
+    setting ${lndConfFile} ${insertLine} "listen" "0\.0\.0\.0\:${portprefix}${lndPort}"
+  else
+    lndPort=9735
+  fi
+
+  # enforce PublicIP if (if not running Tor)
+  if [ "${runBehindTor}" != "on" ]; then
+    setting ${lndConfFile} ${insertLine} "externalip" "${publicIP}:${lndPort}"
+  fi
+
+  # enforce LND keysend (if set in raspiblitz.conf)
   if [ "${lndKeysend}" == "on" ]; then
     setting ${lndConfFile} ${insertLine} "accept-keysend" "true"
   fi
 
+  ##### TOR SECTION #####
+
+  if [ "${runBehindTor}" == "on" ]; then
+
+    # make sure lnd config has a [tor] section
+    echo "# [tor] config ..."
+    sectionExists=$(cat ${lndConfFile} | grep -c "^\[[Tt]or\]")
+    echo "# sectionExists(${sectionExists})"
+    if [ "${sectionExists}" == "0" ]; then
+      echo "# adding section [tor]"
+      echo "
+[tor]
+" | tee -a ${lndConfFile}
+    fi
+
+    # get line number of [tor] section
+    sectionLine=$(cat ${lndConfFile} | grep -n "^\[[Tt]or\]" | cut -d ":" -f1)
+    echo "# sectionLine(${sectionLine})"
+    insertLine=$(expr $sectionLine + 1)
+    echo "# insertLine(${insertLine})"
+    fileLines=$(wc -l ${lndConfFile} | cut -d " " -f1)
+    echo "# fileLines(${fileLines})"
+    if [ ${fileLines} -lt ${insertLine} ]; then
+      echo "# adding new line for inserts"
+      echo "
+" | tee -a ${lndConfFile}
+    fi
+
+--tor\.socks=$SOCKSPORT --tor\.control=$CONTROLPORT
+    setting ${lndConfFile} ${insertLine} "tor.control" "9071"
+    setting ${lndConfFile} ${insertLine} "tor.socks" "9070"
+    setting ${lndConfFile} ${insertLine} "tor.privatekeypath" "/mnt/hdd/lnd/${netprefix}v3_onion_private_key"
+    setting ${lndConfFile} ${insertLine} "tor.streamisolation" "true"
+    setting ${lndConfFile} ${insertLine} "tor.v3" "true"
+    setting ${lndConfFile} ${insertLine} "tor.active" "true"
+
+    # deprecate Tor password (remove if in lnd.conf)
+    sed -i '/^tor.password=*/d' ${lndConfFile}
+
+  fi
+
+
   echo "# OK PRESTART DONE"
 
 ######################################################################

home.admin/config.scripts/lnd.setport.sh

@@ -37,32 +37,6 @@ if [ "${runBehindTor}" = "on" ]; then
   exit 1
 fi
 
-# check lnd.conf exits 
-lndConfExists=$(sudo ls /mnt/hdd/lnd/lnd.conf | grep -c 'lnd.conf')
-if [ ${lndConfExists} -eq 0 ]; then
-  echo "FAIL - /mnt/hdd/lnd/lnd.conf not found"
-  exit 1
-fi
-
-# check if "listen=" exists in lnd config
-valueExists=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep -c 'listen=')
-if [ ${valueExists} -lt 3 ]; then
-  echo "Adding listen config defaults to /mnt/hdd/lnd/lnd.conf"
-  sudo sed -i "9i listen=0.0.0.0:9735" /mnt/hdd/lnd/lnd.conf
-fi
-
-# stop services
-echo "making sure LND is not running"
-sudo systemctl stop lnd 2>/dev/null
-
-# disable services
-echo "making sure LND is disabled"
-sudo systemctl disable lnd
-
-# change port in lnd config
-echo "change port in lnd config"
-sudo sed -i "s/^listen=.*/listen=0.0.0.0:${portnumber}/g" /mnt/hdd/lnd/lnd.conf
-
 # add to raspiblitz.config (so it can survive update)
 valueExists=$(sudo cat /mnt/hdd/raspiblitz.conf | grep -c 'lndPort=')
 if [ ${valueExists} -eq 0 ]; then
@@ -75,7 +49,7 @@ fi
 
 # enable service again
 echo "enable service again"
-sudo systemctl enable lnd
+sudo systemctl restart lnd
 
 # make sure port is open on firewall
 sudo ufw allow ${portnumber} comment 'LND Port'