Difference between revisions of "Charge-lnd BTCPayServer Setup"

From PlebNet Wiki
Jump to navigation Jump to search
 
Line 85: Line 85:
     ports:
     ports:
       - "10009:10009"
       - "10009:10009"
    expose:
      - "10009"


</nowiki>
</nowiki>

Latest revision as of 19:57, 9 November 2021

Use the following systemd service definitions

/etc/systemd/system/charge-lnd.service


[Unit]
Documentation=https://github.com/accumulator/charge-lnd/blob/master/README.md
#Requires=lnd.service
#After=lnd.service

[Service]
Type=oneshot

# change /usr/local/bin and /var/lib/lnd to a path where you installed lnd
# and a path to its datadir respectively
ExecStart=/usr/local/bin/charge-lnd \
    --lnddir /var/lib/docker/volumes/generated_lnd_bitcoin_datadir/_data \
    --grpc localhost:10009 \
    --config /etc/lnd-charge.config

User=root
Group=root

# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Sandboxing
CapabilityBoundingSet=
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
ProtectClock=true
ProtectControlGroups=true
ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
RemoveIPC=true
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallFilter=@system-service
SystemCallFilter=~add_key clone3 get_mempolicy kcmp keyctl mbind move_pages name_to_handle_at personality process_vm_readv process_vm_writev request_key set_mempolicy setns unshare userfaultfd

# may have to be modified if your lnd or electrum server is somewhere else than localhost
IPAddressAllow=127.0.0.1/32 ::1/128
IPAddressDeny=any
 

/etc/systemd/system/charge-lnd.timer


[Unit]
Documentation=https://github.com/accumulator/charge-lnd/blob/master/README.md

[Timer]
# https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Events
OnCalendar=*-*-* *:00:00 
RandomizedDelaySec=10s
Unit=charge-lnd.service
OnBootSec=1 m

[Install]
WantedBy=multi-user.target



Place your charge-lnd configuration in /etc/lnd-charge.config

You will need to expose port 10009 locally on LND to the host via a custom docker fragment.

Sample fragment to do this

version: "3"

services:
  lnd_bitcoin:
    ports:
      - "10009:10009"