lnd: use postStart option for script
- set -e is implicit - coreutils are in PATH and don't have to be explicitly referenced (echo is a shell builtin anyways) - exit 0 is unneeded ('if' statements never fail)
This commit is contained in:
parent
86167c6e6d
commit
6e58beae8a
|
@ -26,45 +26,6 @@ let
|
|||
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
init-lnd-wallet-script = pkgs.writeScript "init-lnd-wallet.sh" ''
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
umask 377
|
||||
|
||||
${pkgs.coreutils}/bin/sleep 5
|
||||
|
||||
if [ ! -f /secrets/lnd-seed-mnemonic ]
|
||||
then
|
||||
${pkgs.coreutils}/bin/echo Creating lnd seed
|
||||
|
||||
${pkgs.curl}/bin/curl -s \
|
||||
--cacert /secrets/lnd_cert \
|
||||
-X GET https://127.0.0.1:8080/v1/genseed | ${pkgs.jq}/bin/jq -c '.cipher_seed_mnemonic' > /secrets/lnd-seed-mnemonic
|
||||
fi
|
||||
|
||||
if [ ! -f ${cfg.dataDir}/chain/bitcoin/mainnet/wallet.db ]
|
||||
then
|
||||
${pkgs.coreutils}/bin/echo Creating lnd wallet
|
||||
|
||||
${pkgs.curl}/bin/curl -s \
|
||||
--cacert /secrets/lnd_cert \
|
||||
-X POST -d "{\"wallet_password\": \"$(${pkgs.coreutils}/bin/cat /secrets/lnd-wallet-password | ${pkgs.coreutils}/bin/tr -d '\n' | ${pkgs.coreutils}/bin/base64 -w0)\", \
|
||||
\"cipher_seed_mnemonic\": $(${pkgs.coreutils}/bin/cat /secrets/lnd-seed-mnemonic | ${pkgs.coreutils}/bin/tr -d '\n')}" \
|
||||
https://127.0.0.1:8080/v1/initwallet
|
||||
else
|
||||
${pkgs.coreutils}/bin/echo Unlocking lnd wallet
|
||||
|
||||
${pkgs.curl}/bin/curl -s \
|
||||
-H "Grpc-Metadata-macaroon: $(${pkgs.xxd}/bin/xxd -ps -u -c 99999 ${cfg.dataDir}/chain/bitcoin/mainnet/admin.macaroon)" \
|
||||
--cacert /secrets/lnd_cert \
|
||||
-X POST \
|
||||
-d "{\"wallet_password\": \"$(${pkgs.coreutils}/bin/cat /secrets/lnd-wallet-password | ${pkgs.coreutils}/bin/tr -d '\n' | ${pkgs.coreutils}/bin/base64 -w0)\"}" \
|
||||
https://127.0.0.1:8080/v1/unlockwallet
|
||||
fi
|
||||
|
||||
exit 0
|
||||
'';
|
||||
in {
|
||||
|
||||
options.services.lnd = {
|
||||
|
@ -126,7 +87,6 @@ in {
|
|||
serviceConfig = {
|
||||
PermissionsStartOnly = "true";
|
||||
ExecStart = "${pkgs.nix-bitcoin.lnd}/bin/lnd --configfile=${cfg.dataDir}/lnd.conf";
|
||||
ExecStartPost = "${pkgs.bash}/bin/bash ${init-lnd-wallet-script}";
|
||||
User = "lnd";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "10s";
|
||||
|
@ -135,6 +95,40 @@ in {
|
|||
then nix-bitcoin-services.allowTor
|
||||
else nix-bitcoin-services.allowAnyIP
|
||||
) // nix-bitcoin-services.allowAnyProtocol; # For ZMQ
|
||||
postStart = ''
|
||||
umask 377
|
||||
|
||||
sleep 5
|
||||
|
||||
if [ ! -f /secrets/lnd-seed-mnemonic ]
|
||||
then
|
||||
echo Creating lnd seed
|
||||
|
||||
${pkgs.curl}/bin/curl -s \
|
||||
--cacert /secrets/lnd_cert \
|
||||
-X GET https://127.0.0.1:8080/v1/genseed | ${pkgs.jq}/bin/jq -c '.cipher_seed_mnemonic' > /secrets/lnd-seed-mnemonic
|
||||
fi
|
||||
|
||||
if [ ! -f ${cfg.dataDir}/chain/bitcoin/mainnet/wallet.db ]
|
||||
then
|
||||
echo Creating lnd wallet
|
||||
|
||||
${pkgs.curl}/bin/curl -s \
|
||||
--cacert /secrets/lnd_cert \
|
||||
-X POST -d "{\"wallet_password\": \"$(cat /secrets/lnd-wallet-password | tr -d '\n' |base64 -w0)\", \
|
||||
\"cipher_seed_mnemonic\": $(cat /secrets/lnd-seed-mnemonic | tr -d '\n')}" \
|
||||
https://127.0.0.1:8080/v1/initwallet
|
||||
else
|
||||
echo Unlocking lnd wallet
|
||||
|
||||
${pkgs.curl}/bin/curl -s \
|
||||
-H "Grpc-Metadata-macaroon: $(${pkgs.xxd}/bin/xxd -ps -u -c 99999 ${cfg.dataDir}/chain/bitcoin/mainnet/admin.macaroon)" \
|
||||
--cacert /secrets/lnd_cert \
|
||||
-X POST \
|
||||
-d "{\"wallet_password\": \"$(cat /secrets/lnd-wallet-password | tr -d '\n' | base64 -w0)\"}" \
|
||||
https://127.0.0.1:8080/v1/unlockwallet
|
||||
fi
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user