diff --git a/modules/clightning.nix b/modules/clightning.nix index 07457b5..fb513b9 100644 --- a/modules/clightning.nix +++ b/modules/clightning.nix @@ -57,6 +57,16 @@ in { default = "/var/lib/clightning"; description = "The data directory for clightning."; }; + cli = mkOption { + readOnly = true; + default = pkgs.writeScriptBin "lightning-cli" + # Switch user because c-lightning doesn't allow setting the permissions of the rpc socket + # https://github.com/ElementsProject/lightning/issues/1366 + '' + exec sudo -u clightning ${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@" + ''; + description = "Binary to connect with the clightning instance."; + }; enforceTor = nix-bitcoin-services.enforceTor; }; diff --git a/modules/nix-bitcoin-webindex.nix b/modules/nix-bitcoin-webindex.nix index 1f2815b..b4d9621 100644 --- a/modules/nix-bitcoin-webindex.nix +++ b/modules/nix-bitcoin-webindex.nix @@ -74,7 +74,12 @@ in { description = "Get node info"; wantedBy = [ "multi-user.target" ]; after = [ "nodeinfo.service" ]; - path = with pkgs; [ nix-bitcoin.nodeinfo nix-bitcoin.clightning jq sudo ]; + path = with pkgs; [ + nix-bitcoin.nodeinfo + config.services.clightning.cli + jq + sudo + ]; serviceConfig = { ExecStart="${pkgs.bash}/bin/bash ${createWebIndex}"; User = "root"; diff --git a/modules/nix-bitcoin.nix b/modules/nix-bitcoin.nix index 9013726..5aee387 100644 --- a/modules/nix-bitcoin.nix +++ b/modules/nix-bitcoin.nix @@ -102,9 +102,6 @@ in { services.onion-chef.access.operator = [ "bitcoind" "clightning" "nginx" "liquidd" "spark-wallet" "electrs" "sshd" ]; environment.interactiveShellInit = '' - ${optionalString (config.services.clightning.enable) '' - alias lightning-cli='sudo -u clightning lightning-cli --lightning-dir=${config.services.clightning.dataDir}' - ''} ${optionalString (config.services.lnd.enable) '' alias lncli='sudo -u lnd lncli --tlscertpath /secrets/lnd_cert --macaroonpath ${config.services.lnd.dataDir}/chain/bitcoin/mainnet/admin.macaroon' ''} @@ -175,7 +172,7 @@ in { jq qrencode ] - ++ optionals config.services.clightning.enable [clightning] + ++ optionals config.services.clightning.enable [clightning (hiPrio config.services.clightning.cli)] ++ optionals config.services.lnd.enable [lnd] ++ optionals config.services.lightning-charge.enable [lightning-charge] ++ optionals config.services.nanopos.enable [nanopos] diff --git a/modules/recurring-donations.nix b/modules/recurring-donations.nix index f1ef5f9..03896ee 100644 --- a/modules/recurring-donations.nix +++ b/modules/recurring-donations.nix @@ -6,7 +6,7 @@ let cfg = config.services.recurring-donations; inherit (config) nix-bitcoin-services; recurring-donations-script = pkgs.writeScript "recurring-donations.sh" '' - LNCLI="lightning-cli --lightning-dir=${config.services.clightning.dataDir}" + LNCLI="${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}" pay_tallycoin() { NAME=$1 AMOUNT=$2 diff --git a/pkgs/nodeinfo/nodeinfo.sh b/pkgs/nodeinfo/nodeinfo.sh index 6b62ff0..7ab1649 100644 --- a/pkgs/nodeinfo/nodeinfo.sh +++ b/pkgs/nodeinfo/nodeinfo.sh @@ -5,7 +5,7 @@ BITCOIND_ONION="$(cat /var/lib/onion-chef/operator/bitcoind)" echo BITCOIND_ONION="$BITCOIND_ONION" if [ -x "$(command -v lightning-cli)" ]; then - CLIGHTNING_NODEID=$(sudo -u clightning lightning-cli --lightning-dir=/var/lib/clightning getinfo | jq -r '.id') + CLIGHTNING_NODEID=$(lightning-cli getinfo | jq -r '.id') CLIGHTNING_ONION="$(cat /var/lib/onion-chef/operator/clightning)" CLIGHTNING_ID="$CLIGHTNING_NODEID@$CLIGHTNING_ONION:9735" echo CLIGHTNING_NODEID="$CLIGHTNING_NODEID"