From f1fd5e86c073e7060a381529937de448823a4d3d Mon Sep 17 00:00:00 2001
From: nsa <elzeigel@gmail.com>
Date: Tue, 17 Mar 2020 10:53:17 -0400
Subject: [PATCH] config: add WatchtowerKeyPath Tor option

Co-authored-by: Turtle <orbitalturtle@protonmail.com>
---
 config.go | 35 +++++++++++++++++++++++++----------
 1 file changed, 25 insertions(+), 10 deletions(-)

diff --git a/config.go b/config.go
index 040f68e2..773c5d00 100644
--- a/config.go
+++ b/config.go
@@ -221,16 +221,17 @@ type autoPilotConfig struct {
 }
 
 type torConfig struct {
-	Active          bool   `long:"active" description:"Allow outbound and inbound connections to be routed through Tor"`
-	SOCKS           string `long:"socks" description:"The host:port that Tor's exposed SOCKS5 proxy is listening on"`
-	DNS             string `long:"dns" description:"The DNS server as host:port that Tor will use for SRV queries - NOTE must have TCP resolution enabled"`
-	StreamIsolation bool   `long:"streamisolation" description:"Enable Tor stream isolation by randomizing user credentials for each connection."`
-	Control         string `long:"control" description:"The host:port that Tor is listening on for Tor control connections"`
-	TargetIPAddress string `long:"targetipaddress" description:"IP address that Tor should use as the target of the hidden service"`
-	Password        string `long:"password" description:"The password used to arrive at the HashedControlPassword for the control port. If provided, the HASHEDPASSWORD authentication method will be used instead of the SAFECOOKIE one."`
-	V2              bool   `long:"v2" description:"Automatically set up a v2 onion service to listen for inbound connections"`
-	V3              bool   `long:"v3" description:"Automatically set up a v3 onion service to listen for inbound connections"`
-	PrivateKeyPath  string `long:"privatekeypath" description:"The path to the private key of the onion service being created"`
+	Active            bool   `long:"active" description:"Allow outbound and inbound connections to be routed through Tor"`
+	SOCKS             string `long:"socks" description:"The host:port that Tor's exposed SOCKS5 proxy is listening on"`
+	DNS               string `long:"dns" description:"The DNS server as host:port that Tor will use for SRV queries - NOTE must have TCP resolution enabled"`
+	StreamIsolation   bool   `long:"streamisolation" description:"Enable Tor stream isolation by randomizing user credentials for each connection."`
+	Control           string `long:"control" description:"The host:port that Tor is listening on for Tor control connections"`
+	TargetIPAddress   string `long:"targetipaddress" description:"IP address that Tor should use as the target of the hidden service"`
+	Password          string `long:"password" description:"The password used to arrive at the HashedControlPassword for the control port. If provided, the HASHEDPASSWORD authentication method will be used instead of the SAFECOOKIE one."`
+	V2                bool   `long:"v2" description:"Automatically set up a v2 onion service to listen for inbound connections"`
+	V3                bool   `long:"v3" description:"Automatically set up a v3 onion service to listen for inbound connections"`
+	PrivateKeyPath    string `long:"privatekeypath" description:"The path to the private key of the onion service being created"`
+	WatchtowerKeyPath string `long:"watchtowerkeypath" description:"The path to the private key of the watchtower onion service being created"`
 }
 
 // config defines the configuration options for lnd.
@@ -567,6 +568,7 @@ func loadConfig() (*config, error) {
 	cfg.BitcoindMode.Dir = cleanAndExpandPath(cfg.BitcoindMode.Dir)
 	cfg.LitecoindMode.Dir = cleanAndExpandPath(cfg.LitecoindMode.Dir)
 	cfg.Tor.PrivateKeyPath = cleanAndExpandPath(cfg.Tor.PrivateKeyPath)
+	cfg.Tor.WatchtowerKeyPath = cleanAndExpandPath(cfg.Tor.WatchtowerKeyPath)
 	cfg.Watchtower.TowerDir = cleanAndExpandPath(cfg.Watchtower.TowerDir)
 
 	// Ensure that the user didn't attempt to specify negative values for
@@ -682,6 +684,19 @@ func loadConfig() (*config, error) {
 		}
 	}
 
+	if cfg.Tor.WatchtowerKeyPath == "" {
+		switch {
+		case cfg.Tor.V2:
+			cfg.Tor.WatchtowerKeyPath = filepath.Join(
+				cfg.Watchtower.TowerDir, defaultTorV2PrivateKeyFilename,
+			)
+		case cfg.Tor.V3:
+			cfg.Tor.WatchtowerKeyPath = filepath.Join(
+				cfg.Watchtower.TowerDir, defaultTorV3PrivateKeyFilename,
+			)
+		}
+	}
+
 	// Set up the network-related functions that will be used throughout
 	// the daemon. We use the standard Go "net" package functions by
 	// default. If we should be proxying all traffic through Tor, then