docs: update path to where macaroons are stored

Co-Authored-By: Karl Ranna <karl@karlranna.com>
This commit is contained in:
Wilmer Paulino 2018-08-22 16:11:20 -04:00 committed by Olaoluwa Osuntokun
parent 856500dc43
commit dc3db4bf62
7 changed files with 40 additions and 29 deletions

@ -306,10 +306,12 @@ Github](https://github.com/lightningnetwork/lnd/issues/20).
Running `lnd` for the first time will by default generate the `admin.macaroon`, Running `lnd` for the first time will by default generate the `admin.macaroon`,
`read_only.macaroon`, and `macaroons.db` files that are used to authenticate `read_only.macaroon`, and `macaroons.db` files that are used to authenticate
into `lnd`. They will be stored in the default `lnd` data directory. Note that into `lnd`. They will be stored in the network directory (default:
if you specified an alternative data directory (via the `--datadir` argument), `lnddir/data/chain/bitcoin/mainnet`) so that it's possible to use a distinct
you will have to additionally pass the updated location of the `admin.macaroon` password for mainnet, testnet, simnet, etc. Note that if you specified an
file into `lncli` using the `--macaroonpath` argument. alternative data directory (via the `--datadir` argument), you will have to
additionally pass the updated location of the `admin.macaroon` file into `lncli`
using the `--macaroonpath` argument.
To disable macaroons for testing, pass the `--no-macaroons` flag into *both* To disable macaroons for testing, pass the `--no-macaroons` flag into *both*
`lnd` and `lncli`. `lnd` and `lncli`.

@ -158,7 +158,7 @@ public class Main {
} }
private static final String CERT_PATH = "/Users/user/Library/Application Support/Lnd/tls.cert"; private static final String CERT_PATH = "/Users/user/Library/Application Support/Lnd/tls.cert";
private static final String MACAROON_PATH = "/Users/user/Library/Application Support/Lnd/admin.macaroon"; private static final String MACAROON_PATH = "/Users/user/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon";
private static final String HOST = "localhost"; private static final String HOST = "localhost";
private static final int PORT = 10009; private static final int PORT = 10009;

@ -174,9 +174,9 @@ var grpc = require('grpc');
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA' process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA'
// Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and // Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
// ~/Library/Application Support/Lnd/admin.macaroon on Mac // ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
var m = fs.readFileSync('~/.lnd/admin.macaroon'); var m = fs.readFileSync('~/.lnd/data/chain/bitcoin/simnet/admin.macaroon');
var macaroon = m.toString('hex'); var macaroon = m.toString('hex');
var meta = new grpc.Metadata().add('macaroon', macaroon); var meta = new grpc.Metadata().add('macaroon', macaroon);
@ -195,9 +195,9 @@ var grpc = require('grpc');
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA' process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA'
// Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and // Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
// ~/Library/Application Support/Lnd/admin.macaroon on Mac // ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
var m = fs.readFileSync('~/.lnd/admin.macaroon'); var m = fs.readFileSync('~/.lnd/data/chain/bitcoin/simnet/admin.macaroon');
var macaroon = m.toString('hex'); var macaroon = m.toString('hex');
// build meta data credentials // build meta data credentials

@ -140,9 +140,9 @@ To authenticate using macaroons you need to include the macaroon in the metadata
```python ```python
import codecs import codecs
# Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and # Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
# ~/Library/Application Support/Lnd/admin.macaroon on Mac # ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
with open(os.path.expanduser('~/.lnd/admin.macaroon'), 'rb') as f: with open(os.path.expanduser('~/.lnd/data/chain/bitcoin/simnet/admin.macaroon'), 'rb') as f:
macaroon_bytes = f.read() macaroon_bytes = f.read()
macaroon = codecs.encode(macaroon_bytes, 'hex') macaroon = codecs.encode(macaroon_bytes, 'hex')
``` ```

@ -119,9 +119,9 @@ You should now see the details of the settled invoice appear.
To authenticate using macaroons you need to include the macaroon in the metadata of the request. To authenticate using macaroons you need to include the macaroon in the metadata of the request.
```ruby ```ruby
# Lnd admin macaroon is at ~/.lnd/admin.macaroon on Linux and # Lnd admin macaroon is at ~/.lnd/data/chain/bitcoin/simnet/admin.macaroon on Linux and
# ~/Library/Application Support/Lnd/admin.macaroon on Mac # ~/Library/Application Support/Lnd/data/chain/bitcoin/simnet/admin.macaroon on Mac
macaroon_binary = File.read(File.expand_path("~/.lnd/admin.macaroon")) macaroon_binary = File.read(File.expand_path("~/.lnd/data/chain/bitcoin/simnet/admin.macaroon"))
macaroon = macaroon_binary.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join macaroon = macaroon_binary.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join
``` ```
@ -154,7 +154,7 @@ And then we would include it when we create our stub like so.
```ruby ```ruby
certificate = File.read(File.expand_path("~/.lnd/tls.cert")) certificate = File.read(File.expand_path("~/.lnd/tls.cert"))
credentials = GRPC::Core::ChannelCredentials.new(certificate) credentials = GRPC::Core::ChannelCredentials.new(certificate)
macaroon_binary = File.read(File.expand_path("~/.lnd/admin.macaroon")) macaroon_binary = File.read(File.expand_path("~/.lnd/data/chain/bitcoin/simnet/admin.macaroon"))
macaroon = macaroon_binary.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join macaroon = macaroon_binary.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join
stub = Lnrpc::Lightning::Stub.new( stub = Lnrpc::Lightning::Stub.new(

@ -86,11 +86,12 @@ it won't be checked for validity.
Since `lnd` requires macaroons by default in order to call RPC methods, `lncli` Since `lnd` requires macaroons by default in order to call RPC methods, `lncli`
now reads a macaroon and provides it in the RPC call. Unless the path is now reads a macaroon and provides it in the RPC call. Unless the path is
changed by the `--macaroonpath` option, `lncli` tries to read the macaroon from changed by the `--macaroonpath` option, `lncli` tries to read the macaroon from
`~/.lnd/admin.macaroon` by default and will error if that file doesn't exist the network directory of `lnd`'s currently active network (e.g. for simnet
unless provided the `--no-macaroons` option. Keep this in mind when running `lnddir/data/chain/bitcoin/simnet/admin.macaroon`) by default and will error if
`lnd` with `--no-macaroons`, as `lncli` will error out unless called the same that file doesn't exist unless provided the `--no-macaroons` option. Keep this
way **or** `lnd` has generated a macaroon on a previous run without this in mind when running `lnd` with `--no-macaroons`, as `lncli` will error out
option. unless called the same way **or** `lnd` has generated a macaroon on a previous
run without this option.
`lncli` also adds a caveat which makes it valid for only 60 seconds by default `lncli` also adds a caveat which makes it valid for only 60 seconds by default
to help prevent replay in case the macaroon is somehow intercepted in to help prevent replay in case the macaroon is somehow intercepted in
@ -114,7 +115,7 @@ Where `<macaroon>` is the hex encoded binary data from the macaroon file itself.
A very simple example using `curl` may look something like this: A very simple example using `curl` may look something like this:
curl --insecure --header "Grpc-Metadata-macaroon: $(xxd -ps -u -c 1000 $HOME/.lnd/admin.macaroon)" https://localhost:8080/v1/getinfo curl --insecure --header "Grpc-Metadata-macaroon: $(xxd -ps -u -c 1000 $HOME/.lnd/data/chain/bitcoin/simnet/admin.macaroon)" https://localhost:8080/v1/getinfo
Have a look at the [Java GRPC example](/docs/grpc/java.md) for programmatic usage details. Have a look at the [Java GRPC example](/docs/grpc/java.md) for programmatic usage details.

@ -39,15 +39,23 @@
; Path to write the admin macaroon for lnd's RPC and REST services if it ; Path to write the admin macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the admin macaroon in a ; doesn't exist. This can be set if one wishes to store the admin macaroon in a
; distinct location. By default, it is stored within lnd's main home directory. ; distinct location. By default, it is stored within lnd's network directory.
; Applications that are able to read this file, gains admin macaroon access ; Applications that are able to read this file, gain admin macaroon access.
; adminmacaroonpath=~/.lnd/admin.macaroon ; adminmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/admin.macaroon
; Path to write the read-only macaroon for lnd's RPC and REST services if it ; Path to write the read-only macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the read-only macaroon ; doesn't exist. This can be set if one wishes to store the read-only macaroon
; in a distinct location. The read only macaroon allows users which can read ; in a distinct location. The read only macaroon allows users which can read
; the file to access RPCs which don't modify the state of the daemon. ; the file to access RPCs which don't modify the state of the daemon. By
; readonlymacaroonpath=~/.lnd/readonly.macaroon ; default, it is stored within lnd's network directory.
; readonlymacaroonpath=~/.lnd/data/chain/bitcoin/simnet/readonly.macaroon
; Path to write the invoice macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the invoice macaroon in
; a distinct location. By default, it is stored within lnd's network directory.
; The invoice macaroon allows users which can read the file to gain read and
; write access to all invoice related RPCs.
; invoicemacaroonpath=~/.lnd/data/chain/bitcoin/simnet/invoice.macaroon
; Specify the interfaces to listen on for p2p connections. One listen ; Specify the interfaces to listen on for p2p connections. One listen