diff --git a/README.md b/README.md index 1b9dd56..88826d2 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ ## Abstract -This is a basic framework for orchestration of the box services for running a full lightning and bitcoin node. +This is a basic framework for orchestration of the services required to run an Umbrel bitcoin and lightning node. ## How to use @@ -57,9 +57,6 @@ wget -qO- "https://raw.githubusercontent.com/getumbrel/umbrel-compose/master/con docker-compose up -d --build # verify the containers docker ps -a - -# Additional node: You should have a way of creating a wallet. Currently this container does not have a create wallet container. -# For the unlock script to work, put the unlock password in secrets/lnd-password.txt ``` diff --git a/build/lnd-unlock/Dockerfile b/build/lnd-unlock/Dockerfile deleted file mode 100644 index 33936c2..0000000 --- a/build/lnd-unlock/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM alpine:3.10 - -RUN apk add --no-cache curl jq - -RUN mkdir /lnd/ - -COPY unlock.sh /bin/unlock - -RUN chmod +x /bin/unlock - -ENTRYPOINT ["unlock"] diff --git a/build/lnd-unlock/unlock.sh b/build/lnd-unlock/unlock.sh deleted file mode 100755 index 4ae00a2..0000000 --- a/build/lnd-unlock/unlock.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/sh - -HOST=localhost:8080 -TLS_CERT=/lnd/tls.cert -LNDPASSWORD_PATH=/secrets/lnd-password.txt -MACAROON_PATH=/lnd/data/chain/bitcoin/mainnet/admin.macaroon - -lncurl() { - MACAROON="$(xxd -p /lnd/data/chain/bitcoin/mainnet/admin.macaroon | tr -d '\n')" - url_path=$1 - data=$2 - - curl --fail --silent --show-error \ - --cacert "${TLS_CERT}" \ - --header "Grpc-Metadata-macaroon: ${MACAROON}" \ - --data "${data}" \ - "https://${HOST}/v1/${url_path}" -} - -while true; do - # First make sure that port is open - while ! nc -z localhost 8080; do - >&2 echo "Waiting for ${HOST} port to open…" - sleep 3 - done - >&2 echo "Port ${HOST} is open" - - # Wait a bit more in case the port was just opened - sleep 1 - if [[ -f $LNDPASSWORD_PATH ]]; then - if [[ -f $MACAROON_PATH ]]; then - >&2 echo "Password and macaroon file file exists" - PASS="$(cat /secrets/lnd-password.txt | tr -d '\n' | base64 | tr -d '\n')" - UNLOCK_PAYLOAD="$(jq -nc --arg wallet_password ${PASS} '{$wallet_password}')" - # Try getinfo then unlock - >&2 echo "Trying ${HOST}/getinfo…" - INFO=$(lncurl getinfo) - if [ "$?" = "0" ]; then - >&2 echo "Response: ${INFO}" - alias="$(echo "${INFO}" | jq '.alias')" - >&2 echo "Wallet for ${alias} unlocked!" - exit 0 - fi - >&2 echo "${HOST}/getinfo FAILED, out=${INFO}" - - >&2 echo "Trying ${HOST}/unlockwallet…" - RESULT=$(lncurl unlockwallet "${UNLOCK_PAYLOAD}") - >&2 echo "${HOST}/unlockwallet completed with: exit-code=$?, out=${RESULT}" - else - >&2 echo "macaroon file doesn't exist" - fi - else - >&2 echo "password file doesn't exist" - fi - - sleep 30 -done diff --git a/db/jwt-private-key/.gitkeep b/db/jwt-private-key/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/db/jwt-public-key/.gitkeep b/db/jwt-public-key/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose.yml b/docker-compose.yml index 7f58666..dd91401 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,7 @@ x-utility: &default-utility network_mode: host services: - web: + nginx: image: nginx:1.17.8 logging: *default-logging volumes: @@ -37,30 +37,42 @@ services: - /var/lib/tor:/var/lib/tor - /run/tor:/run/tor/ restart: on-failure - depends_on: [ bitcoin, web ] network_mode: host stop_grace_period: 1m30s + dashboard: + image: getumbrel/dashboard:v0.2.0 + logging: *default-logging + restart: always + network_mode: host + manager: + image: getumbrel/manager:v0.1.0 + logging: *default-logging + restart: unless-stopped + network_mode: host + volumes: + - "${HOME}/db:/db" + environment: + PORT: "3006" + USER_PASSWORD_FILE: "/db/user.json" + JWT_PUBLIC_KEY_FILE: "/db/jwt-public-key/jwt.pem" + JWT_PRIVATE_KEY_FILE: "/db/jwt-private-key/jwt.key" + JWT_EXPIRATION: "3600" middleware: - image: getumbrel/middleware:v0.0.5 - depends_on: [ bitcoin, lnd ] + image: getumbrel/middleware:v0.1.0 + command: ["./wait-for-node-manager.sh", "localhost", "npm", "start"] logging: *default-logging - restart: on-failure + restart: unless-stopped network_mode: host + depends_on: [ manager ] volumes: - - "${HOME}/lnd:/lnd" + - "${HOME}/lnd:/lnd" + - "${HOME}/db/jwt-public-key:/jwt-public-key" environment: + PORT: "3005" BITCOIN_HOST: "0.0.0.0" RPC_PORT: "8332" RPC_USER: "" RPC_PASSWORD: "" LND_NETWORK: "mainnet" LND_HOST: "127.0.0.1" - lnd-unlock: - build: ${HOME}/build/lnd-unlock/ - depends_on: [ lnd ] - logging: *default-logging - restart: always - volumes: - - "${HOME}/lnd:/lnd" - - "${HOME}/secrets:/secrets" - network_mode: host + JWT_PUBLIC_KEY_FILE: "/jwt-public-key/jwt.pem" diff --git a/nginx/conf.d/default.conf b/nginx/conf.d/default.conf index ec7cbd3..6f8beb9 100644 --- a/nginx/conf.d/default.conf +++ b/nginx/conf.d/default.conf @@ -1,17 +1,20 @@ server { - listen 80 default_server; - listen [::]:80 default_server; - server_name _; - root /etc/nginx/www; - index index.html; - - location / { - index index.html; - try_files $uri $uri/ /index.html; - } + listen 80 default_server; + listen [::]:80 default_server; + server_name _; - location /api/ { - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + location /api/ { + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE'; proxy_pass http://localhost:3005/; } -} + + location /manager-api/ { + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE'; + proxy_pass http://localhost:3006/; + } + + location / { + add_header Access-Control-Allow-Origin *; + proxy_pass http://localhost:3004/; + } +} \ No newline at end of file