add recreate macaroon action (#99)

* add macaroon action * fix race condition --------- Co-authored-by: islandbitcoin <dread@start9.com> Co-authored-by: Aiden McClelland <me@drbonez.dev>
Start9Labs · Apr 14, 2023 · fcc6c9d · fcc6c9d
1 parent 4eeaadd
commit fcc6c9d
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 2 deletions.
diff --git a/actions/recreate-macaroons.sh b/actions/recreate-macaroons.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -e
+
+rm /root/.lnd/data/chain/bitcoin/mainnet/*.macaroon
+action_result_running="    {
+    \"version\": \"0\",
+    \"message\": \"Restarting LND to recreate macaroons.\",
+    \"value\": null,
+    \"copyable\": false,
+    \"qr\": false
+}"
+action_result_stopped="    {
+    \"version\": \"0\",
+    \"message\": \"LND macaroons will be recreated the next time the service is started\",
+    \"value\": null,
+    \"copyable\": false,
+    \"qr\": false
+}"
+lncli --rpcserver=lnd.embassy stop >/dev/null 2>/dev/null && echo $action_result_running || echo $action_result_stopped
diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh
@@ -20,6 +20,13 @@ mkdir -p /root/.lnd/start9/ && mkdir -p /root/.lnd/public
 echo $PEER_TOR_ADDRESS > /root/.lnd/start9/peerTorAddress
 echo $CONTROL_TOR_ADDRESS > /root/.lnd/start9/controlTorAddress
 
+while ! openssl x509 -text -noout -in /mnt/cert/control.cert.pem -ext subjectAltName \
+  -certopt no_subject,no_header,no_version,no_serial,no_signame,no_validity,no_issuer,no_pubkey,no_sigdump,no_aux \
+  | grep "IP Address:$(ip -4 -o addr show eth0 | awk '{print $4}' | sed -e 's/\/[0-9]\+//g')"; do
+  >&2 echo Cert is not yet signed for current IP...
+  sleep 1;
+done
+
 # copy system cert
 openssl x509 -outform der -in /mnt/cert/control.cert.pem -out /root/.lnd/start9/control.cert.der
 cat /root/.lnd/start9/control.cert.der | basenc --base64url -w0 > /root/.lnd/start9/control.cert.pem.base64url

diff --git a/manifest.yaml b/manifest.yaml
@@ -1,9 +1,10 @@
 id: lnd
 title: LND
-version: 0.16.0
+version: 0.16.0.1
 release-notes: |-
   * LND v0.16.0 [Release Notes](https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.16.0.md)
   * Start9 packaging performance updates and bugfixes
+  * Added action to recreate LND macaroons
 license: mit
 wrapper-repo: "https://github.com/Start9Labs/lnd-wrapper"
 upstream-repo: "https://github.com/lightningnetwork/lnd"
@@ -269,3 +270,19 @@ actions:
       mounts:
         main: /root/.lnd
       io-format: json
+  recreate-macaroons:
+    name: "Recreate Macaroons"
+    description: "Deletes current macaroons, and restarts LND to recreate all macaroons."
+    warning: ~
+    allowed-statuses:
+      - running
+      - stopped
+    implementation:
+      type: docker
+      image: main
+      system: false
+      entrypoint: recreate-macaroons.sh
+      args: []
+      mounts:
+        main: /root/.lnd
+      io-format: json
diff --git a/scripts/services/migrations.ts b/scripts/services/migrations.ts
@@ -134,5 +134,5 @@ export const migration: T.ExpectedExports.migration = compat.migrations
         down: () => { throw new Error('Cannot downgrade') },
       },
     },
-    "0.16.0",
+    "0.16.0.1",
   );