docs: update path to where macaroons are stored
Co-Authored-By: Karl Ranna <karl@karlranna.com>
This commit is contained in:
parent
856500dc43
commit
dc3db4bf62
@ -306,10 +306,12 @@ Github](https://github.com/lightningnetwork/lnd/issues/20).
|
||||
|
||||
Running `lnd` for the first time will by default generate the `admin.macaroon`,
|
||||
`read_only.macaroon`, and `macaroons.db` files that are used to authenticate
|
||||
into `lnd`. They will be stored in the default `lnd` data directory. Note that
|
||||
if you specified an alternative data directory (via the `--datadir` argument),
|
||||
you will have to additionally pass the updated location of the `admin.macaroon`
|
||||
file into `lncli` using the `--macaroonpath` argument.
|
||||
into `lnd`. They will be stored in the network directory (default:
|
||||
`lnddir/data/chain/bitcoin/mainnet`) so that it's possible to use a distinct
|
||||
password for mainnet, testnet, simnet, etc. Note that if you specified an
|
||||
alternative data directory (via the `--datadir` argument), you will have to
|
||||
additionally pass the updated location of the `admin.macaroon` file into `lncli`
|
||||
using the `--macaroonpath` argument.
|
||||
|
||||
To disable macaroons for testing, pass the `--no-macaroons` flag into *both*
|
||||
`lnd` and `lncli`.
|
||||
|
@ -158,7 +158,7 @@ public class Main {
|
||||
}
|
||||
|
||||
private static final String CERT_PATH = "/Users/user/Library/Application Support/Lnd/tls.cert";
|
||||
private static final String MACAROON_PATH = "/Users/user/Library/Application Support/Lnd/admin.macaroon";
|
||||
private static final String MACAROON_PATH = "/Users/user/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon";
|
||||
private static final String HOST = "localhost";
|
||||
private static final int PORT = 10009;
|
||||
|
||||
|
@ -174,9 +174,9 @@ var grpc = require('grpc');
|
||||
|
||||
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA'
|
||||
|
||||
// Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and
|
||||
// ~/Library/Application Support/Lnd/admin.macaroon on Mac
|
||||
var m = fs.readFileSync('~/.lnd/admin.macaroon');
|
||||
// Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
|
||||
// ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
|
||||
var m = fs.readFileSync('~/.lnd/data/chain/bitcoin/simnet/admin.macaroon');
|
||||
var macaroon = m.toString('hex');
|
||||
var meta = new grpc.Metadata().add('macaroon', macaroon);
|
||||
|
||||
@ -195,9 +195,9 @@ var grpc = require('grpc');
|
||||
|
||||
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA'
|
||||
|
||||
// Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and
|
||||
// ~/Library/Application Support/Lnd/admin.macaroon on Mac
|
||||
var m = fs.readFileSync('~/.lnd/admin.macaroon');
|
||||
// Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
|
||||
// ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
|
||||
var m = fs.readFileSync('~/.lnd/data/chain/bitcoin/simnet/admin.macaroon');
|
||||
var macaroon = m.toString('hex');
|
||||
|
||||
// build meta data credentials
|
||||
|
@ -140,9 +140,9 @@ To authenticate using macaroons you need to include the macaroon in the metadata
|
||||
```python
|
||||
import codecs
|
||||
|
||||
# Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and
|
||||
# ~/Library/Application Support/Lnd/admin.macaroon on Mac
|
||||
with open(os.path.expanduser('~/.lnd/admin.macaroon'), 'rb') as f:
|
||||
# Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
|
||||
# ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
|
||||
with open(os.path.expanduser('~/.lnd/data/chain/bitcoin/simnet/admin.macaroon'), 'rb') as f:
|
||||
macaroon_bytes = f.read()
|
||||
macaroon = codecs.encode(macaroon_bytes, 'hex')
|
||||
```
|
||||
|
@ -119,9 +119,9 @@ You should now see the details of the settled invoice appear.
|
||||
To authenticate using macaroons you need to include the macaroon in the metadata of the request.
|
||||
|
||||
```ruby
|
||||
# Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and
|
||||
# ~/Library/Application Support/Lnd/admin.macaroon on Mac
|
||||
macaroon_binary = File.read(File.expand_path("~/.lnd/admin.macaroon"))
|
||||
# Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
|
||||
# ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
|
||||
macaroon_binary = File.read(File.expand_path("~/.lnd/data/chain/bitcoin/simnet/admin.macaroon"))
|
||||
macaroon = macaroon_binary.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join
|
||||
```
|
||||
|
||||
@ -154,7 +154,7 @@ And then we would include it when we create our stub like so.
|
||||
```ruby
|
||||
certificate = File.read(File.expand_path("~/.lnd/tls.cert"))
|
||||
credentials = GRPC::Core::ChannelCredentials.new(certificate)
|
||||
macaroon_binary = File.read(File.expand_path("~/.lnd/admin.macaroon"))
|
||||
macaroon_binary = File.read(File.expand_path("~/.lnd/data/chain/bitcoin/simnet/admin.macaroon"))
|
||||
macaroon = macaroon_binary.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join
|
||||
|
||||
stub = Lnrpc::Lightning::Stub.new(
|
||||
|
@ -86,11 +86,12 @@ it won't be checked for validity.
|
||||
Since `lnd` requires macaroons by default in order to call RPC methods, `lncli`
|
||||
now reads a macaroon and provides it in the RPC call. Unless the path is
|
||||
changed by the `--macaroonpath` option, `lncli` tries to read the macaroon from
|
||||
`~/.lnd/admin.macaroon` by default and will error if that file doesn't exist
|
||||
unless provided the `--no-macaroons` option. Keep this in mind when running
|
||||
`lnd` with `--no-macaroons`, as `lncli` will error out unless called the same
|
||||
way **or** `lnd` has generated a macaroon on a previous run without this
|
||||
option.
|
||||
the network directory of `lnd`'s currently active network (e.g. for simnet
|
||||
`lnddir/data/chain/bitcoin/simnet/admin.macaroon`) by default and will error if
|
||||
that file doesn't exist unless provided the `--no-macaroons` option. Keep this
|
||||
in mind when running `lnd` with `--no-macaroons`, as `lncli` will error out
|
||||
unless called the same way **or** `lnd` has generated a macaroon on a previous
|
||||
run without this option.
|
||||
|
||||
`lncli` also adds a caveat which makes it valid for only 60 seconds by default
|
||||
to help prevent replay in case the macaroon is somehow intercepted in
|
||||
@ -114,7 +115,7 @@ Where `<macaroon>` is the hex encoded binary data from the macaroon file itself.
|
||||
|
||||
A very simple example using `curl` may look something like this:
|
||||
|
||||
curl --insecure --header "Grpc-Metadata-macaroon: $(xxd -ps -u -c 1000 $HOME/.lnd/admin.macaroon)" https://localhost:8080/v1/getinfo
|
||||
curl --insecure --header "Grpc-Metadata-macaroon: $(xxd -ps -u -c 1000 $HOME/.lnd/data/chain/bitcoin/simnet/admin.macaroon)" https://localhost:8080/v1/getinfo
|
||||
|
||||
Have a look at the [Java GRPC example](/docs/grpc/java.md) for programmatic usage details.
|
||||
|
||||
|
@ -39,15 +39,23 @@
|
||||
|
||||
; Path to write the admin macaroon for lnd's RPC and REST services if it
|
||||
; doesn't exist. This can be set if one wishes to store the admin macaroon in a
|
||||
; distinct location. By default, it is stored within lnd's main home directory.
|
||||
; Applications that are able to read this file, gains admin macaroon access
|
||||
; adminmacaroonpath=~/.lnd/admin.macaroon
|
||||
; distinct location. By default, it is stored within lnd's network directory.
|
||||
; Applications that are able to read this file, gain admin macaroon access.
|
||||
; adminmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/admin.macaroon
|
||||
|
||||
; Path to write the read-only macaroon for lnd's RPC and REST services if it
|
||||
; doesn't exist. This can be set if one wishes to store the read-only macaroon
|
||||
; in a distinct location. The read only macaroon allows users which can read
|
||||
; the file to access RPCs which don't modify the state of the daemon.
|
||||
; readonlymacaroonpath=~/.lnd/readonly.macaroon
|
||||
; the file to access RPCs which don't modify the state of the daemon. By
|
||||
; default, it is stored within lnd's network directory.
|
||||
; readonlymacaroonpath=~/.lnd/data/chain/bitcoin/simnet/readonly.macaroon
|
||||
|
||||
; Path to write the invoice macaroon for lnd's RPC and REST services if it
|
||||
; doesn't exist. This can be set if one wishes to store the invoice macaroon in
|
||||
; a distinct location. By default, it is stored within lnd's network directory.
|
||||
; The invoice macaroon allows users which can read the file to gain read and
|
||||
; write access to all invoice related RPCs.
|
||||
; invoicemacaroonpath=~/.lnd/data/chain/bitcoin/simnet/invoice.macaroon
|
||||
|
||||
|
||||
; Specify the interfaces to listen on for p2p connections. One listen
|
||||
|
Loading…
Reference in New Issue
Block a user