btcpayserver/lnd
btcpayserver/lnd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
lnd/docker-initunlocklnd.sh
rockstardev e888c2a317 Adding BtcPayServer related files and resources
2024-10-15 18:38:30 -05:00

128 lines
6.3 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
set -e
echo "[initunlocklnd] Waiting 2 seconds for lnd..."
sleep 2
# ensure that lnd is up and running before proceeding
while
CA_CERT="$LND_DATA/tls.cert"
LND_WALLET_DIR="$LND_DATA/data/chain/$1/$2/"
MACAROON_FILE="$LND_DATA/admin.macaroon"
MACAROON_HEADER="r0ckstar:dev"
if [ -f "$MACAROON_FILE" ]; then
MACAROON_HEADER="Grpc-Metadata-macaroon:$(xxd -p -c 10000 "$MACAROON_FILE" | tr -d ' ')"
fi
STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER -o /dev/null -w "%{http_code}" $LND_REST_LISTEN_HOST/v1/getinfo)
# if lnd is running it'll either return 200 if unlocked (noseedbackup=1) or 404 if it needs initialization/unlock
if [ "$STATUS_CODE" == "200" ] || [ "$STATUS_CODE" == "404" ] ; then
break
# or 500 from version 0.13.1 onwards because it breaks with `wallet not created, create one to enable full RPC access` error
elif [ "$STATUS_CODE" == "500" ] ; then
STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/state)
if [ "$STATUS_CODE" == "{\"state\":\"NON_EXISTING\"}" ] || [ "$STATUS_CODE" == "{\"state\":\"LOCKED\"}" ] ; then
break # wallet ready to be either created or unlocked
fi
# for {\"state\":\"UNLOCKED\"}" we will depend on that previous condition with STATUS_CODE 200 or 404
# because even though wallet is unlocked, /v1/getinfo will still keep returning 500 until it's ready
echo "[initunlocklnd] Still waiting on LND, got response for wallet status: $STATUS_CODE ... waiting another 2 seconds..."
sleep 2
else
echo "[initunlocklnd] LND still didn't start, got $STATUS_CODE status code back... waiting another 2 seconds..."
sleep 2
fi
do true; done
# read variables after we ensured that lnd is up
CA_CERT="$LND_DATA/tls.cert"
LND_WALLET_DIR="$LND_DATA/data/chain/$1/$2/"
MACAROON_FILE="$LND_DATA/admin.macaroon"
MACAROON_HEADER="r0ckstar:dev"
if [ -f "$MACAROON_FILE" ]; then
MACAROON_HEADER="Grpc-Metadata-macaroon:$(xxd -p -c 10000 "$MACAROON_FILE" | tr -d ' ')"
fi
WALLET_FILE="$LND_WALLET_DIR/wallet.db"
LNDUNLOCK_FILE=${WALLET_FILE/wallet.db/walletunlock.json}
if [ -f "$WALLET_FILE" ]; then
if [ ! -f "$LNDUNLOCK_FILE" ]; then
echo "[initunlocklnd] WARNING: UNLOCK FILE DOESN'T EXIST! MIGRATE LEGACY INSTALLATION TO NEW VERSION ASAP"
else
echo "[initunlocklnd] Wallet and Unlock files are present... parsing wallet password and unlocking lnd"
# parse wallet password from unlock file
WALLETPASS=$(jq -c -r '.wallet_password' $LNDUNLOCK_FILE)
# Nicolas deleted default password in some wallet unlock files, so we initializing default if password is empty
[ "$WALLETPASS" == "" ] && WALLETPASS="hellorockstar"
# Corrected password (removing newlines before encoding).
# previous versions will have a default wallet password including a line feed at the end "hellorockstar\n"
# line feed hex code 0x0A. So we first try the password without the line feed if it fails we try it with
# the older version.
WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64)
response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \
-d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet)
# Check for failure (e.g., incorrect password)
if [[ "$response" == *"invalid"* ]]; then
# If it fails, try the original password with linefeed
WALLETPASS_BASE64_CURRENT=$(echo $WALLETPASS | base64)
# Now we change the password so that the line feed is removed.
# The correct password is already written to the unlock file so we don't need
# to change that. Moreover the changepassword call will change + unlock the wallet
# there is no need to call unlockwallet after this call.
change_password_response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \
-d '{ "current_password":"'$WALLETPASS_BASE64_CURRENT'", "new_password":"'$WALLETPASS_BASE64'" }' \
$LND_REST_LISTEN_HOST/v1/changepassword)
# make sure the log end with a newline.
echo -n "[initunlocklnd] Changed wallet password removing the \"line feed\" character at the end. "
echo "The password can be found in $LNDUNLOCK_FILE"
else
echo "[initunlocklnd] Wallet unlocking failed, lnd returned: $response"
exit 1
fi
fi
else
echo "[initunlocklnd] Wallet file doesn't exist. Initializing LND instance with new autogenerated password and seed"
# generate seed mnemonic
GENSEED_RESP=$(curl -s --cacert "$CA_CERT" -X GET -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/genseed)
CIPHER_ARRAY_EXTRACTED=$(echo $GENSEED_RESP | jq -c -r '.cipher_seed_mnemonic')
# using static default password per feedback, randomly generated password would still be stored in cleartext
WALLETPASS="hellorockstar"
# save all the the data to unlock file we'll use for future unlocks
RESULTJSON='{"wallet_password":"'$WALLETPASS'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}'
mkdir -p $LND_WALLET_DIR
echo $RESULTJSON > $LNDUNLOCK_FILE
# previous versions will have a default wallet password including a line feed at the end "hellorockstar\n"
# line feed hex code 0x0A.
WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64)
INITWALLET_REQ='{"wallet_password":"'$WALLETPASS_BASE64'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}'
# execute initwallet call
curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d "$INITWALLET_REQ" $LND_REST_LISTEN_HOST/v1/initwallet
fi
# LND unlocked, now run Loop
if [ ! -z "$LND_HOST_FOR_LOOP" ]; then
echo "[initunlocklnd] Preparing to start Loop"
if [ $LND_ENVIRONMENT == "regtest" ] || [ $LND_ENVIRONMENT == "signet" ]; then
echo "[initunlocklnd] Loop can't be started for regtest and signet"
elif [ -f "$MACAROON_FILE" ]; then
sleep 10
echo "[initunlocklnd] Starting Loop"
./bin/loopd --network=$2 --lnd.macaroonpath=$MACAROON_FILE --lnd.host=$LND_HOST_FOR_LOOP --restlisten=0.0.0.0:8081 &
else
echo "[initunlocklnd] Loop can't be started without MACAROON"
fi
fi
Reference in New Issue View Git Blame Copy Permalink