Difference between revisions of "Charge-lnd BTCPayServer Setup"

From PlebNet Wiki
Jump to navigation Jump to search
(Created page with "Use the following systemd service definitions ### /etc/systemd/system/charge-lnd.service <nowiki> [Unit] Documentation=https://github.com/accumulator/charge-lnd/blob/master/...")
 
Line 1: Line 1:
Use the following systemd service definitions
== Use the following systemd service definitions ==


### /etc/systemd/system/charge-lnd.service
=== /etc/systemd/system/charge-lnd.service ===
<nowiki>
 
<nowiki>


[Unit]
[Unit]
Line 50: Line 51:
IPAddressAllow=127.0.0.1/32 ::1/128
IPAddressAllow=127.0.0.1/32 ::1/128
IPAddressDeny=any
IPAddressDeny=any
 
</nowiki>
</nowiki>


=== /etc/systemd/system/charge-lnd.timer ===


### /etc/systemd/system/charge-lnd.timer
<nowiki>
 
<nowiki>


[Unit]
[Unit]
Line 74: Line 74:




Place your charge-lnd configuration in `/etc/lnd-charge.config`
Place your charge-lnd configuration in /etc/lnd-charge.config


You will need to expose port 10009 locally on LND to the host via a custom docker fragment.
You will need to expose port 10009 locally on LND to the host via a custom docker fragment.

Revision as of 19:54, 9 November 2021

Use the following systemd service definitions

/etc/systemd/system/charge-lnd.service


[Unit]
Documentation=https://github.com/accumulator/charge-lnd/blob/master/README.md
#Requires=lnd.service
#After=lnd.service

[Service]
Type=oneshot

# change /usr/local/bin and /var/lib/lnd to a path where you installed lnd
# and a path to its datadir respectively
ExecStart=/usr/local/bin/charge-lnd \
    --lnddir /var/lib/docker/volumes/generated_lnd_bitcoin_datadir/_data \
    --grpc localhost:10009 \
    --config /etc/lnd-charge.config

User=root
Group=root

# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Sandboxing
CapabilityBoundingSet=
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
ProtectClock=true
ProtectControlGroups=true
ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
RemoveIPC=true
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallFilter=@system-service
SystemCallFilter=~add_key clone3 get_mempolicy kcmp keyctl mbind move_pages name_to_handle_at personality process_vm_readv process_vm_writev request_key set_mempolicy setns unshare userfaultfd

# may have to be modified if your lnd or electrum server is somewhere else than localhost
IPAddressAllow=127.0.0.1/32 ::1/128
IPAddressDeny=any
 

/etc/systemd/system/charge-lnd.timer


[Unit]
Documentation=https://github.com/accumulator/charge-lnd/blob/master/README.md

[Timer]
# https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Events
OnCalendar=*-*-* *:00:00 
RandomizedDelaySec=10s
Unit=charge-lnd.service
OnBootSec=1 m

[Install]
WantedBy=multi-user.target



Place your charge-lnd configuration in /etc/lnd-charge.config

You will need to expose port 10009 locally on LND to the host via a custom docker fragment.