refactor env/confs

compose/README.md

@@ -70,19 +70,21 @@ git clone git@github.com:RoboSats/robosats-deploy.git
 cd robosats-deploy/compose
 ```
 
-Create or restore the environmental configuration files in new folder `/compose/env/` directory. You can use the `env-sample` files as a guide for your configuration, be exhaustive and make sure every setting is right. 
+Create or restore the environmental configuration files in new folder `/compose/env/` directory. You can use the `env-sample` files as a guide for your configuration, be exhaustive and make sure every setting is right. The file `compose.env` contains all the high level configuration for your orchestration.
+
 ```
 cp -r env-sample env
 ```
 Then edit and make sure the paths and configurations are right.
 ```
-nano env/stack...env
-nano env/robosats...env
+nano env/{namespace}/compose...env
+nano env/{namespace}/crobosats...env
+nano env/{namespace}/lnd.conf
 ...
 ```
 If you were already running `robosats-deploy/compose` in another machine and need to recover, simply bring your existing environmental files from your backup. 
 
-In `/compose/env/stack...env` there is a variable named `SUFFIX` . This one is used to suffix all of your containers and configuration files. For example if you use `-tn` (for testnet), your bitcoind service will be called `btc-tn`, this is an effective way of creating namespaces. The example configuration in `/compose/env-sample/` uses the prefix `-lndtn`, for a LND testnet coordinator. This way, it is easy to run several coordinator orchestration in the same machine. For example, you can use the `-lndmn` prefix for a LND mainnet coordinator configuration or `-clntn` for a CLN Testnet configuration. You can also create alias shortcuts for each of your orchestration.
+In `/compose/env/compose...env` there is a variable named `SUFFIX` . This one is used to suffix all of your containers and configuration files. For example if you use `-tn` (for testnet), your bitcoind service will be called `btc-tn`, this is an effective way of creating namespaces. The example configuration in `/compose/env-sample/` uses the prefix `-lndtn`, for a LND testnet coordinator. This way, it is easy to run several coordinator orchestration in the same machine. For example, you can use the `-lndmn` prefix for a LND mainnet coordinator configuration or `-clntn` for a CLN Testnet configuration. You can also create alias shortcuts for each of your orchestration.
 
 ## Use aliases
 Docker commands are lengthy. You can use aliases to make your task of operating a docker compose based robosats coordinator easier. Take a look at `/compose/aliases.sh` for some useful aliases and shortcuts.

compose/aliases.sh

@@ -6,7 +6,7 @@
 ## Edit the /home/user path directory and orchestration suffix (-lndmn) as needed
 
 ## ROBOMAIN Docker-Compose (lndmn)
-alias mn="docker compose -p lndmain --env-file  /home/$(whoami)/robosats-deploy/compose/env/stack-lndmn.env -f /home/$(whoami)/robosats-deploy/compose/compose.lnd.yml -f /home/$(whoami)/robosats-deploy/compose/docker-compose.override-lnd.yml"
+alias mn="docker compose -p lndmain --env-file  /home/$(whoami)/robosats-deploy/compose/env/lndmn/compose.env -f /home/$(whoami)/robosats-deploy/compose/compose.lnd.yml -f /home/$(whoami)/robosats-deploy/compose/docker-compose.override-lnd.yml"
 
 ## Example usage:
 ## Start orchestration
@@ -25,7 +25,6 @@ alias mn="docker compose -p lndmain --env-file  /home/$(whoami)/robosats-deploy/
 alias mn-lncli="docker exec -it lnd-lndmn lncli"
 
 # DJANGO MANAGE
-
 alias mn-manage="docker exec -it rs-lndmn python3 manage.py"
 
 # POSTGRESS
@@ -36,7 +35,7 @@ alias mn-pg-restore='docker exec -i sql-lndmn /bin/bash -c "PGPASSWORD=robosats
 #################################################################################################################
 ## ROBOTEST Docker-Compose (same aliases as above, but for a testnet `lndtn` orchestration`)
 
-alias tn="docker compose -p lndtest --env-file  /home/$(whoami)/robosats-deploy/compose/env/stack-lndtn.env -f /home/$(whoami)/robosats-deploy/compose/docker-compose.yml -f /home/$(whoami)/robosats-deploy/compose/docker-compose.override-lnd.yml"
+alias tn="docker compose -p lndtest --env-file  /home/$(whoami)/robosats-deploy/compose/env/lndtn/compose.env -f /home/$(whoami)/robosats-deploy/compose/docker-compose.yml -f /home/$(whoami)/robosats-deploy/compose/docker-compose.override-lnd.yml"
 
 ## Example uses:
 ## > robotest up -d

compose/cln/Dockerfile

@@ -25,7 +25,6 @@ RUN cd /tmp/cln-grpc-hold \
 FROM elementsproject/lightningd:v23.08 as final
 
 COPY --from=builder /tmp/cln-grpc-hold/target/release/cln-grpc-hold /tmp/cln-grpc-hold
-COPY config /tmp/config
 COPY entrypoint.sh entrypoint.sh
 RUN chmod +x entrypoint.sh
 

compose/cln/entrypoint.sh

@@ -20,8 +20,5 @@ else
     # Always copy the cln-grpc-hodl plugin into the plugins directory on start up
     mkdir -p /root/.lightning/plugins
     cp /tmp/cln-grpc-hold /root/.lightning/plugins/cln-grpc-hold
-    if [ ! -f /root/.lightning/config ]; then
-        cp /tmp/config /root/.lightning/config
-    fi
     exec "$@"
 fi

compose/docker-compose.override-cln.yml

@@ -12,6 +12,7 @@ services:
       - ${TOR_DATA:?}:${GUEST_TOR_DATA:?}:ro
       - ${TOR_CONFIG:?}:${GUEST_TOR_CONFIG:?}:ro
       - ${CLN_DATA:?}:/root/.lightning
+      - ${CLN_CONFIG:?}:/root/.lightning/config
       - ${BITCOIN_DATA}:/root/.bitcoin
     command: lightningd
 

compose/docker-compose.override-lnd.yml

@@ -1,7 +1,7 @@
 version: '3.9'
 services:
   lnd:
-    build: ./lnd/${LND_VERSION}
+    image: lightninglabs/lnd:${LND_VERSION}
     restart: always
     network_mode: service:tor
     container_name: lnd${SUFFIX}
@@ -11,19 +11,17 @@ services:
     volumes:
       - ${TOR_DATA:?}:${GUEST_TOR_DATA:?}:ro
       - ${TOR_CONFIG:?}:${GUEST_TOR_CONFIG:?}:ro
-      - ${LND_DATA:?}:${GUEST_LND:?}
       - ${LND_DATA:?}:/root/.lnd
+      - ${LND_CONF:?}:/root/.lnd/lnd.conf
+      - ${LND_AUTOUNLOCK_PWD:?}:/tmp/pwd:ro
     command: lnd
     environment:
-      LOCAL_USER_ID: ${LOCAL_USER_ID}
-      LOCAL_GROUP_ID: ${LOCAL_GROUP_ID}
       SUFFIX: ${SUFFIX}
       LND_RPC_PORT: ${GUEST_LND_RPC_PORT:?}
       LND_REST_PORT: ${GUEST_LND_REST_PORT:?}
-      AUTO_UNLOCK_PWD: ${AUTO_UNLOCK_PWD}
 
   thub:
-    build: ./thunderhub
+    image: apotdevin/thunderhub:v0.13.18
     restart: always
     network_mode: service:tor
     container_name: thub${SUFFIX}
@@ -34,6 +32,7 @@ services:
       - lnd
     volumes:
       - ${LND_DATA:?}:/lnd/:ro
+      - ${THUB_ACCOUNTS:?}:${THUB_ACCOUNTS_CONFIG_PATH:?}
 
   lit:
     image: lightninglabs/lightning-terminal:v0.10.5-alpha

compose/docker-compose.yml

@@ -5,8 +5,6 @@ services:
     container_name: tor${SUFFIX}
     restart: always
     environment:
-      LOCAL_USER_ID: ${LOCAL_USER_ID}
-      LOCAL_GROUP_ID: ${LOCAL_GROUP_ID}
       SUFFIX: ${SUFFIX}
     volumes:
       - ${TOR_DATA:?}:${GUEST_TOR_DATA:?}
@@ -20,10 +18,6 @@ services:
     image: ruimarinho/bitcoin-core:${BITCOIND_VERSION}
     container_name: btc${SUFFIX}
     restart: always
-    environment:
-      LOCAL_USER_ID: ${LOCAL_USER_ID}
-      LOCAL_GROUP_ID: ${LOCAL_GROUP_ID}
-      SUFFIX: ${SUFFIX}
     depends_on:
       - tor
     network_mode: service:tor

compose/env-sample/README.md

@@ -0,0 +1,3 @@
+## Example environment and configuration files
+You can think of these as "Namespaces" for your orchestration.
+You can find a LND Testnet example (lndtn) in `/compose/env-sample/lndtn` that will create containers suffixed with `-lndtn` and a CLN Testnet example in `/compose/env-sample/clntn` using the suffix `-clntn` .

compose/env-sample/clntn/compose.env

@@ -0,0 +1,68 @@
+ROBOSATS_DOCKER_TAG=latest
+
+LOCAL_USER_ID=1000
+LOCAL_GROUP_ID=1000
+
+STATIC='/custom_path/testnet/static'
+DATABASE='/custom_path/testnet/database'
+
+# You can create a cronjob to create PG backups
+PG_BACKUP='/custom_path/testnet/pg_backup'
+ROBOSATS_ENVS_FILE='env/clntn/robosats.env'
+THUB_ENVS_FILE='env/clntn/thunderhub.env'
+SUFFIX='-clntn'
+NETWORK='testnet'
+
+# Postgresql Database (Should match with those in robosats-tn.env)
+POSTGRES_NAME='postgres'
+POSTGRES_USER='postgres'
+POSTGRES_PASSWORD='example'
+
+BITCOIND_VERSION='24.0.1-alpine'
+
+NGINX_CONFD='./nginx/tn.conf.d'
+WELLKNOWN='./nginx/tn.well-known'
+
+# Port and number of HTTP server workers for the robosats backend
+WEB_LOCAL_PORT=8001
+GUNICORN_WORKERS=2
+
+BU_DIR1='/backup'
+BU_DIR2='/custom_path/backup'
+BU_DIR3='/custom_path/backup2'
+
+BITCOIN_DATA='/custom_path/testnet/bitcoin'
+BITCOIN_CONF='./env/clntn/bitcoin.conf'
+CLN_DATA='/custom_path/testnet/cln'
+CLN_CONF='./env/clntn/cln_config'
+LIT_DATA='/custom_path/testnet/lit'
+TOR_DATA='/custom_path/testnet/tor/data'
+TOR_CONFIG='/custom_path/testnet/tor/config'
+
+GUEST_BITCOIN=/home/bitcoin/.bitcoin
+# GUEST_LND=/home/lnd/.lnd
+GUEST_TOR_DATA='/var/lib/tor'
+GUEST_TOR_CONFIG='/etc/tor'
+
+GUEST_LND_RPC_PORT=10009
+GUEST_LND_REST_PORT=8080
+
+HOST_LND_RPC_PORT=10009
+HOST_LND_REST_PORT=8080
+
+THUB_LOCAL_PORT=3001
+THUB_ACCOUNTS='./env/clntn/thunderhub-accounts.yml'
+# THUB_ACCOUNTS_CONFIG_PATH must match thub...env
+THUB_ACCOUNTS_CONFIG_PATH='/config/accounts.yml'
+
+
+
+
+LIT_LOCAL_PORT=4001
+LIT_PASSWORD=999999999
+
+LND_BACKUP_PATH='/custom_path/testnet/lnd-backup'
+NODE_ALIAS='🤖RoboSats⚡(Testnet)'
+NODE_COLOR='#4126a7'
+
+LND_AUTOUNLOCK_PWD='./env/clntn/lnd_autounlock_pwd'

compose/env-sample/clntn/robosats.env

@@ -0,0 +1,147 @@
+# # LND directory to read TLS cert and macaroon
+# CLN_DIR='/cln/'
+# MACAROON_PATH='data/chain/bitcoin/testnet/admin.macaroon'
+
+# # If LND directory is not specified, cert and macaroon can be provided as base64 strings
+# # base64 ~/.lnd/tls.cert | tr -d '\n'
+# LND_CERT_BASE64='LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNLVENDQWRDZ0F3SUJBZ0lRQ0VoeGpPZXY1bGQyVFNPTXhKalFvekFLQmdncWhrak9QUVFEQWpBNE1SOHcKSFFZRFZRUUtFeFpzYm1RZ1lYVjBiMmRsYm1WeVlYUmxaQ0JqWlhKME1SVXdFd1lEVlFRREV3d3dNakJtTVRnMQpZelkwTnpVd0hoY05Nakl3TWpBNE1UWXhOalV3V2hjTk1qTXdOREExTVRZeE5qVXdXakE0TVI4d0hRWURWUVFLCkV4WnNibVFnWVhWMGIyZGxibVZ5WVhSbFpDQmpaWEowTVJVd0V3WURWUVFERXd3d01qQm1NVGcxWXpZME56VXcKV1RBVEJnY3Foa2pPUFFJQkJnZ3Foa2pPUFFNQkJ3TkNBQVNJVWdkcVMrWFZKL3EzY0JZeWd6ZDc2endaanlmdQpLK3BzcWNYVkFyeGZjU2NXQ25jbXliNGRaMy9Lc3lLWlRaamlySDE3aEY0OGtIMlp5clRZSW9hZG80RzdNSUc0Ck1BNEdBMVVkRHdFQi93UUVBd0lDcERBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFUQVBCZ05WSFJNQkFmOEUKQlRBREFRSC9NQjBHQTFVZERnUVdCQlEwWUJjZXdsd1BqYTJPRXFyTGxzZnJscEswUFRCaEJnTlZIUkVFV2pCWQpnZ3d3TWpCbU1UZzFZelkwTnpXQ0NXeHZZMkZzYUc5emRJSUVkVzVwZUlJS2RXNXBlSEJoWTJ0bGRJSUhZblZtClkyOXVib2NFZndBQUFZY1FBQUFBQUFBQUFBQUFBQUFBQUFBQUFZY0V3S2dRQW9jRUFBQUFBREFLQmdncWhrak8KUFFRREFnTkhBREJFQWlBd0dMY05qNXVZSkVwanhYR05OUnNFSzAwWmlSUUh2Qm50NHp6M0htWHBiZ0lnSWtvUQo3cHFvNGdWNGhiczdrSmt1bnk2bkxlNVg0ZzgxYjJQOW52ZnZ2bkk9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K'
+# # base64 ~/.lnd/data/chain/bitcoin/testnet/admin.macaroon | tr -d '\n'
+# LND_MACAROON_BASE64='AgEDbG5kAvgBAwoQsyI+PK+fyb7F2UyTeZ4seRIBMBoWCgdhZGRyZXNzEgRyZWFkEgV3cml0ZRoTCgRpbmZvEgRyZWFkEgV3cml0ZRoXCghpbnZvaWNlcxIEcmVhZBIFd3JpdGUaIQoIbWFjYXJvb24SCGdlbmVyYXRlEgRyZWFkEgV3cml0ZRoWCgdtZXNzYWdlEgRyZWFkEgV3cml0ZRoXCghvZmZjaGFpbhIEcmVhZBIFd3JpdGUaFgoHb25jaGFpbhIEcmVhZBIFd3JpdGUaFAoFcGVlcnMSBHJlYWQSBXdyaXRlGhgKBnNpZ25lchIIZ2VuZXJhdGUSBHJlYWQAAAYgMt90uD6v4truTadWCjlppoeJ4hZrL1SBb09Y+4WOiI0='
+
+# CLN directory
+CLN_DIR='/cln/testnet/'
+CLN_GRPC_HOST='localhost:9999'
+CLN_GRPC_HOLD_HOST='localhost:9998'
+
+# Auto unlock LND password. Only used in development docker-compose environment.
+# It will fail starting up the node without it. 
+# To disable auto unlock, comment out 'wallet-unlock-password-file=/tmp/pwd' from 'docker/lnd/lnd.conf'
+
+# Bitcoin Core Daemon RPC, used to validate addresses
+BITCOIND_RPCURL = 'http://127.0.0.1:18332'
+BITCOIND_RPCUSER = 'robodev'
+BITCOIND_RPCPASSWORD = 'robodev'
+
+LND_GRPC_HOST='localhost:10009'
+
+REDIS_URL='redis://localhost:6379/1'
+
+# Postgresql Database (These are fed from STACK-XX.env)
+# Deprecated
+POSTGRES_NAME='postgres'
+# New
+POSTGRES_DB='postgres'
+POSTGRES_USER='postgres'
+POSTGRES_PASSWORD='example'
+POSTGRES_HOST='127.0.0.1'
+POSTGRES_PORT='5432'
+
+# Tor proxy for remote calls (e.g. fetching prices or sending Telegram messages)
+TOR_PROXY='127.0.0.1:9050'
+
+
+# List of market price public APIs. If the currency is available in more than 1 API, will use median price.
+MARKET_PRICE_APIS = 'https://blockchain.info/ticker, https://api.yadio.io/exrates/BTC'
+
+# Host e.g. 'robotesta15gf7845r4rgksb4nmmr43fh77bzn2ia2eucduyeafnyd.onion'
+HOST_NAME = 'robotestagw3dcxmd66r4rgksb4nmmr43fh77bzn2ia2eucduyeafnyd.onion'
+HOST_NAME2 = 'robosats6tkf3eva7x2voqso3a5wcorsnw34jveyxfqi2fu7oyheasid.onion'
+I2P_ALIAS = ''
+I2P_LONG = ''
+LOCAL_ALIAS = 'c240'
+ONION_LOCATION = 'robotestagw3dcxmd66r4rgksb4nmmr43fh77bzn2ia2eucduyeafnyd.onion'
+
+SECRET_KEY= 'n098eafh82390fu9283uyt9yf023uf'
+
+# Link to robosats mainnet/testnet (shown on frontend in statsfornerds so users can switch mainnet/testnet)
+THE_OTHER_ROBOSATS = 'robosats6tkf3eva7x2voqso3a5wcorsnw34jveyxfqi2fu7oyheasid.onion'
+
+# Lightning node open info, url to amboss and 1ML
+AMBOSS = ''
+ONEML = ''
+
+# Telegram bot token
+TELEGRAM_TOKEN = ''
+TELEGRAM_BOT_NAME = ''
+
+# Total trade fee as fraction
+FEE = 0.002
+# Maker/taker fee split. As seen in https://bisq.wiki/Trading_fees . It is implicit that TAKER_FEE_SPLIT = (1 - MAKER_FEE_SPLIT)
+# Shall incentivize order making
+MAKER_FEE_SPLIT=0.125
+
+# Bond size as percentage (%)
+DEFAULT_BOND_SIZE = 1
+MIN_BOND_SIZE = 1
+MAX_BOND_SIZE = 15
+
+# Time out penalty for canceling takers in SECONDS
+PENALTY_TIMEOUT = 60
+# Time between routing attempts of buyer invoice in MINUTES
+RETRY_TIME = 5
+
+# Trade limits in satoshis
+MIN_TRADE = 10000 
+MAX_TRADE = 2200000
+MAX_TRADE_BONDLESS_TAKER = 50000
+
+# For CLTV_expiry calculation 
+# Assume 8 min/block assumed
+BLOCK_TIME = 8
+# Safety multiplier in case of mining speed up (CLTV expiry will be times X larger than real time needs for locked bonds/escrow)
+MAX_MINING_NETWORK_SPEEDUP_EXPECTED = 1.7
+
+# Expiration time for locking collateral in SECONDS
+EXP_MAKER_BOND_INVOICE = 600 
+EXP_TAKER_BOND_INVOICE = 180
+
+# Time a order is public in the book HOURS
+DEFAULT_PUBLIC_ORDER_DURATION = 24
+MAX_PUBLIC_ORDER_DURATION = 24
+MIN_PUBLIC_ORDER_DURATION = 0.166
+
+# Time to provide a valid invoice and the trade escrow MINUTES
+INVOICE_AND_ESCROW_DURATION = 30
+# Time to confim chat and confirm fiat (time to Fiat Sent confirmation) HOURS
+FIAT_EXCHANGE_DURATION = 4
+
+# ROUTING
+# Proportional routing fee limit (fraction of total payout: % / 100)
+PROPORTIONAL_ROUTING_FEE_LIMIT = 0.001
+# Base flat limit fee for routing in Sats (used only when proportional is lower than this)
+MIN_FLAT_ROUTING_FEE_LIMIT = 10
+MIN_FLAT_ROUTING_FEE_LIMIT_REWARD = 2
+# Routing timeouts
+REWARDS_TIMEOUT_SECONDS = 60
+PAYOUT_TIMEOUT_SECONDS = 90
+
+# REVERSE SUBMARINE SWAP PAYOUTS
+# Disable on-the-fly swaps feature
+DISABLE_ONCHAIN = False
+# Shape of fee to available liquidity curve. Either "linear" or "exponential"
+SWAP_FEE_SHAPE = 'exponential'
+# EXPONENTIAL. fee (%) = MIN_SWAP_FEE + (MAX_SWAP_FEE - MIN_SWAP_FEE) * e ^ (-LAMBDA * onchain_liquidity_fraction)
+SWAP_LAMBDA = 8.8
+# LINEAR. 4 parameters needed: min/max fees and min/max balance points. E.g. If 25% or more of liquidity 
+# is onchain the fee for swap is 2% (minimum), if it is 12% fee is 6%, and for 0% fee is 10%.
+# Minimum swap fee as fraction (1%)
+MIN_SWAP_FEE = 0.01
+# Liquidity split point (LN/onchain) at which we use MIN_SWAP_FEE
+MIN_SWAP_POINT = 0.35
+# Maximum swap fee as fraction (~10%)
+MAX_SWAP_FEE = 0.1
+# Liquidity split point (LN/onchain) at which we use MAX_SWAP_FEE
+MAX_SWAP_POINT = 0
+# Min amount allowed for Swap 
+MIN_SWAP_AMOUNT = 50000
+
+
+# Reward tip. Reward for every finished trade in the referral program (Satoshis)
+REWARD_TIP = 100
+# Fraction rewarded to user from the slashed bond of a counterpart.
+# It should not be close to 1, or could be exploited by an attacker trading with himself to DDOS the LN node.
+SLASHED_BOND_REWARD_SPLIT = 0.5
+
+
+# Username for HTLCs escrows
+ESCROW_USERNAME = 'admin'

compose/env-sample/lndmn/lnd.conf

@@ -1,22 +1,45 @@
 # Reference: https://github.com/lightningnetwork/lnd/blob/master/sample-lnd.conf
 
 debuglevel=info
-alias=🤖RoboSats⚡
+alias=🤖RoboSats⚡ COORDINATOR_NAME | LND
 color=#4126a7
 maxpendingchannels=6
 bitcoin.active=1
 bitcoin.mainnet=1
 bitcoin.node=bitcoind
-bitcoind.rpcuser=bitcoindrobosatsc240firstgo
-bitcoind.rpcpass=bitcoindrobosatsc240firstgo
+bitcoind.rpcuser=robosats_mainnet_bitcoind
+bitcoind.rpcpass=robosats_mainnet_bitcoind
 bitcoind.zmqpubrawblock=tcp://127.0.0.1:18501
 bitcoind.zmqpubrawtx=tcp://127.0.0.1:18502
+bitcoin.feerate=2000
+bitcoin.basefee=100000
+minchansize=1000000
+bitcoin.minhtlc=75000
+routerrpc.minrtprob=0.05
 
+# /robosats-deploy/compose/env/{namespace}/lnd_autounlock_pwd is mounted to /tmp/pwd
 wallet-unlock-password-file=/tmp/pwd
 
+minchansize=1000000
+accept-amp=true
+accept-keysend=true
+protocol.wumbo-channels=true
+
+routerrpc.estimator=bimodal
+routerrpc.bimodal.scale=300000000
+routerrpc.bimodal.nodeweight=0.2
+routerrpc.bimodal.decaytime=100h  
+
+# Compaction
+db.prune-revocation=true
+#db.bolt.auto-compact=true
+
 # Neutrino
 neutrino.connect=faucet.lightning.community
 
+# needed for lit > 0.9.0
+rpcmiddleware.enable=true
+
 # Configuring Tor docs:
 # https://github.com/lightningnetwork/lnd/blob/master/docs/configuring_tor.md
 tor.active=1

compose/env-sample/lndtn/bitcoin.conf

@@ -0,0 +1,38 @@
+# Reference: https://en.bitcoin.it/wiki/Running_Bitcoin
+# https://github.com/bitcoin/bitcoin/blob/master/share/examples/bitcoin.conf
+
+server=1
+txindex=1
+onion=127.0.0.1:9050
+torcontrol=127.0.0.1:9051
+rpcuser=robosats_testnet_bitcoind
+rpcpassword=robosats_testnet_bitcoind
+zmqpubrawblock=tcp://127.0.0.1:18501
+zmqpubrawtx=tcp://127.0.0.1:18502
+
+# limit upload bandwith (in MB per day)
+maxuploadtarget=10
+# Allow RPC connections from outside of container localhost
+rpcbind=0.0.0.0
+# Only connect to typical docker IP addresses (Usually from docker host computer)
+rpcallowip=172.0.0.0/255.0.0.0
+# Allow access from any IP address (Usually from another computer on LAN)
+#rpcallowip=0.0.0.0/0
+
+# Run on the test network instead of the real bitcoin network.
+testnet=1
+
+mempoolfullrbf=1
+
+[main]
+# Only run on Tor
+onlynet=onion
+
+# Add Tor seed nodes
+addnode=i4x66albngo3sg3w.onion:8333
+
+# Some testnet settings needed for 0.19, if using testnet
+[test]
+# Allow RPC connections from outside of container localhost
+onlynet=onion
+rpcbind=0.0.0.0

compose/env-sample/lndtn/compose.env

@@ -1,15 +1,12 @@
 ROBOSATS_DOCKER_TAG=latest
 
-LOCAL_USER_ID=1000
-LOCAL_GROUP_ID=1000
-
 STATIC='/custom_path/testnet/static'
 DATABASE='/custom_path/testnet/database'
 
-# PG backup is generated by robo-backup as a cronjob
+# You can create a cronjob to create PG backups
 PG_BACKUP='/custom_path/testnet/pg_backup'
-ROBOSATS_ENVS_FILE='env/robosats-lndtn.env'
-THUB_ENVS_FILE='env/thub-lndtn.env'
+ROBOSATS_ENVS_FILE='env/lndtn/robosats.env'
+THUB_ENVS_FILE='env/lndtn/thunderhub.env'
 SUFFIX='-lndtn'
 NETWORK='testnet'
 
@@ -21,13 +18,10 @@ POSTGRES_PASSWORD='example'
 BITCOIND_VERSION='24.0.1-alpine'
 LND_VERSION='v0.16.4-beta'
 
-# LND healthcheck will "lookup invoice EXISTING_INVOICE_HASH" to restart the container if the RPC is unresponsive
-# EXISTING_INVOICE_HASH must be an existing invoice created with "addinvoice"
-EXISTING_INVOICE_HASH=09252cbbd241d5a8e25573d1d00b22d959abcf8f394a3e4c6ac12be0c5e000cf
-
 NGINX_CONFD='./nginx/tn.conf.d'
 WELLKNOWN='./nginx/tn.well-known'
 
+# Port and number of HTTP server workers for the robosats backend
 WEB_LOCAL_PORT=8001
 GUNICORN_WORKERS=2
 
@@ -36,14 +30,15 @@ BU_DIR2='/custom_path/backup'
 BU_DIR3='/custom_path/backup2'
 
 BITCOIN_DATA='/custom_path/testnet/bitcoin'
-BITCOIN_CONF='./env/bitcoin-tn.conf'
+BITCOIN_CONF='./env/lndtn/bitcoin.conf'
 LND_DATA='/custom_path/testnet/lnd'
+LND_CONF='./env/lndtn/lnd.conf'
 LIT_DATA='/custom_path/testnet/lit'
 TOR_DATA='/custom_path/testnet/tor/data'
 TOR_CONFIG='/custom_path/testnet/tor/config'
 
 GUEST_BITCOIN=/home/bitcoin/.bitcoin
-GUEST_LND=/home/lnd/.lnd
+# GUEST_LND=/home/lnd/.lnd
 GUEST_TOR_DATA='/var/lib/tor'
 GUEST_TOR_CONFIG='/etc/tor'
 
@@ -54,6 +49,13 @@ HOST_LND_RPC_PORT=10009
 HOST_LND_REST_PORT=8080
 
 THUB_LOCAL_PORT=3001
+THUB_ACCOUNTS='./env/lndtn/thunderhub-accounts.yml'
+# THUB_ACCOUNTS_CONFIG_PATH must match thub...env
+THUB_ACCOUNTS_CONFIG_PATH='/config/accounts.yml'
+
+
+
+
 LIT_LOCAL_PORT=4001
 LIT_PASSWORD=999999999
 
@@ -61,4 +63,4 @@ LND_BACKUP_PATH='/custom_path/testnet/lnd-backup'
 NODE_ALIAS='🤖RoboSats⚡(Testnet)'
 NODE_COLOR='#4126a7'
 
-AUTO_UNLOCK_PWD=12345678
+LND_AUTOUNLOCK_PWD='./env/lndtn/lnd_autounlock_pwd'

compose/env-sample/lndtn/lnd.conf

@@ -1,7 +1,7 @@
 # Reference: https://github.com/lightningnetwork/lnd/blob/master/sample-lnd.conf
 
 debuglevel=info
-alias=🤖RoboSats⚡ COORDINATOR_NAME | LND (Testnet)
+alias=🤖RoboSats⚡ COORDINATOR_NAME
 color=#4126a7
 maxpendingchannels=6
 bitcoin.active=1
@@ -12,6 +12,7 @@ bitcoind.rpcpass=robosats_testnetnet_bitcoind
 bitcoind.zmqpubrawblock=tcp://127.0.0.1:18501
 bitcoind.zmqpubrawtx=tcp://127.0.0.1:18502
 
+# /robosats-deploy/compose/env/{namespace}/lnd_autounlock_pwd is mounted to /tmp/pwd
 wallet-unlock-password-file=/tmp/pwd
 
 

compose/env-sample/lndtn/lnd_autounlock_pwd

@@ -0,0 +1 @@
+12345678

compose/env-sample/lndtn/thunderhub.env

@@ -39,7 +39,7 @@ NO_VERSION_CHECK=true
 # -----------
 # Account Configs
 # -----------
-ACCOUNT_CONFIG_PATH='/config/accounts-tn.yml'
+ACCOUNT_CONFIG_PATH='/config/accounts.yml'
 # MASTER_PASSWORD_OVERRIDE='secretPasswordForAllAccounts'
 # YML_ENV_1=''
 # YML_ENV_2=''

compose/lnd/v0.16.4-beta/Dockerfile

@@ -1,18 +0,0 @@
-FROM lightninglabs/lnd:v0.16.4-beta
-
-ARG LOCAL_USER_ID=9999
-ARG LOCAL_GROUP_ID=9999
-
-USER root
-
-RUN adduser --disabled-password lnd
-# Set the expected local user id
-# for shared group to access tor cookie
-RUN apk --no-cache --no-progress add shadow=~4 sudo=~1 gettext=~0.21 && \
-    usermod -u "$LOCAL_USER_ID" lnd && \
-    groupmod -g "$LOCAL_GROUP_ID" lnd
-
-USER root
-COPY entrypoint.sh /root/entrypoint.sh
-COPY config/ /tmp/
-ENTRYPOINT [ "/root/entrypoint.sh" ]

compose/lnd/v0.16.4-beta/entrypoint.sh

@@ -1,18 +0,0 @@
-#!/bin/sh
-set -e
-
-# Create lnd.conf if it doesn't exist
-if [ ! -f "/home/lnd/.lnd/lnd.conf" ]; then
-    envsubst < /tmp/lnd${SUFFIX:?}.conf > /home/lnd/.lnd/lnd.conf
-fi
-
-# Change local user id and group
-usermod -u "${LOCAL_USER_ID:?}" lnd
-groupmod -g "${LOCAL_GROUP_ID:?}" lnd
-
-# Fix ownership
-chown -R lnd /home/lnd
-echo ${AUTO_UNLOCK_PWD} > /tmp/pwd
-
-# Start lnd
-exec sudo -u lnd "$@"

compose/thunderhub/Dockerfile

@@ -1,3 +0,0 @@
-FROM apotdevin/thunderhub:v0.13.18
-
-COPY config /config

compose/tor/Dockerfile

@@ -4,17 +4,6 @@ RUN apk --no-cache --no-progress add tor
 
 EXPOSE 9001 9050
 
-# hadolint ignore=DL3002
-USER root
-ARG LOCAL_USER_ID=9999
-ENV TOR_DATA=/var/lib/tor
-
-# Add useradd and usermod
-# Create user account (UID will be changed in entrypoint script)
-RUN apk --no-cache --no-progress add shadow=~4 sudo=~1 && \
-  useradd -u $LOCAL_USER_ID --shell /bin/sh -m alice && \
-  usermod -g alice tor
-
 COPY entrypoint.sh /root/entrypoint.sh
 COPY torrc /tmp/torrc
 

compose/tor/entrypoint.sh

@@ -6,13 +6,4 @@ if [ ! -f "/etc/tor/torrc" ]; then
     cp /tmp/torrc /etc/tor/torrc
 fi
 
-# Change local user id and group
-usermod -u "${LOCAL_USER_ID:?}" alice
-groupmod -g "${LOCAL_GROUP_ID:?}" alice
-
-# Set correct owners on volumes
-chown -R tor:alice "${TOR_DATA}"
-chown -R :alice /etc/tor
-chown -R alice:alice /home/alice
-
 exec sudo -u tor /usr/bin/tor