lnd.xprv/sample-lnd.conf
Marty Jones c04773963b
healthcheck: add healthcheck to shutdown if cert is expired (#4792)
In certain container set ups, it's useful to optionally have lnd just shutdown if it detects that its certs are expired, as assuming there's a hypervisor to restart the container/pod, then upon restart, lnd will have fully up to date certs.
2020-12-01 18:34:19 -08:00

994 lines
37 KiB
Plaintext

; Example configuration for lnd.
;
; The default location for this file is in ~/.lnd/lnd.conf on POSIX OSes,
; $LOCALAPPDATA/Lnd/lnd.conf on Windows,
; ~/Library/Application Support/Lnd/lnd.conf on Mac OS and $home/lnd/lnd.conf on
; Plan9.
; The default location of this file can be overwritten by specifying the
; --configfile= flag when starting lnd.
;
; Boolean values can be specified as true/false or 1/0.
[Application Options]
; The directory that lnd stores all wallet, chain, and channel related data
; within The default is ~/.lnd/data on POSIX OSes, $LOCALAPPDATA/Lnd/data on
; Windows, ~/Library/Application Support/Lnd/data on Mac OS, and $home/lnd/data
; on Plan9. Environment variables are expanded so they may be used. NOTE:
; Windows environment variables are typically %VARIABLE%, but they must be
; accessed with $VARIABLE here. Also, ~ is expanded to $LOCALAPPDATA on Windows.
; datadir=~/.lnd/data
; The directory that logs are stored in. The logs are auto-rotated by default.
; Rotated logs are compressed in place.
; logdir=~/.lnd/logs
; Number of logfiles that the log rotation should keep. Setting it to 0 disables deletion of old log files.
; maxlogfiles=3
;
; Max log file size in MB before it is rotated.
; maxlogfilesize=10
; Time after which an RPCAcceptor will time out and return false if
; it hasn't yet received a response.
; acceptortimeout=15s
; Path to TLS certificate for lnd's RPC and REST services.
; tlscertpath=~/.lnd/tls.cert
; Path to TLS private key for lnd's RPC and REST services.
; tlskeypath=~/.lnd/tls.key
; Adds an extra ip to the generated certificate. Setting multiple tlsextraip= entries is allowed.
; (old tls files must be deleted if changed)
; tlsextraip=
; Adds an extra domain to the generate certificate. Setting multiple tlsextradomain= entries is allowed.
; (old tls files must be deleted if changed)
; tlsextradomain=
; If set, then all certs will automatically be refreshed if they're close to
; expiring, or if any parameters related to extra IPs or domains in the cert
; change.
; tlsautorefresh=true
; Do not include the interface IPs or the system hostname in TLS certificate,
; use first --tlsextradomain as Common Name instead, if set.
; tlsdisableautofill=true
; A list of domains for lnd to periodically resolve, and advertise the resolved
; IPs for the backing node. This is useful for users that only have a dynamic IP,
; or want to expose the node at a domain.
; externalhosts=my-node-domain.com
; Sets the directory to store Let's Encrypt certificates within
; letsencryptdir=~/.lnd/letsencrypt
; The IP:port on which lnd will listen for Let's Encrypt challenges. Let's
; Encrypt will always try to contact on port 80. Often non-root processes are
; not allowed to bind to ports lower than 1024. This configuration option allows
; a different port to be used, but must be used in combination with port
; forwarding from port 80. This configuration can also be used to specify
; another IP address to listen on, for example an IPv6 address.
; letsencryptlisten=localhost:8080
; Request a Let's Encrypt certificate for this domain. Note that the certicate
; is only requested and stored when the first rpc connection comes in.
; letsencryptdomain=example.com
; Disable macaroon authentication. Macaroons are used are bearer credentials to
; authenticate all RPC access. If one wishes to opt out of macaroons, uncomment
; the line below.
; no-macaroons=true
; Enable free list syncing for the default bbolt database. This will decrease
; start up time, but can result in performance degradation for very large
; databases, and also result in higher memory usage. If "free list corruption"
; is detected, then this flag may resolve things.
; sync-freelist=true
; Path to write the admin macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the admin macaroon in a
; distinct location. By default, it is stored within lnd's network directory.
; Applications that are able to read this file, gain admin macaroon access.
; adminmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/admin.macaroon
; Path to write the read-only macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the read-only macaroon
; in a distinct location. The read only macaroon allows users which can read
; the file to access RPCs which don't modify the state of the daemon. By
; default, it is stored within lnd's network directory.
; readonlymacaroonpath=~/.lnd/data/chain/bitcoin/simnet/readonly.macaroon
; Path to write the invoice macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the invoice macaroon in
; a distinct location. By default, it is stored within lnd's network directory.
; The invoice macaroon allows users which can read the file to gain read and
; write access to all invoice related RPCs.
; invoicemacaroonpath=~/.lnd/data/chain/bitcoin/simnet/invoice.macaroon
; A period to wait before for closing channels with outgoing htlcs that have
; timed out and are a result of this nodes instead payment. In addition to our
; current block based deadline, is specified this grace period will also be taken
; into account.
; payments-expiration-grace-period=30
; Specify the interfaces to listen on for p2p connections. One listen
; address per line.
; All ipv4 on port 9735:
; listen=0.0.0.0:9735
; On all ipv4 interfaces on port 9735 and ipv6 localhost port 9736:
; listen=0.0.0.0:9735
; listen=[::1]:9736
; Disable listening for incoming p2p connections. This will override all
; listeners.
; nolisten=true
; Specify the interfaces to listen on for gRPC connections. One listen
; address per line.
; Only ipv4 localhost on port 10009:
; rpclisten=localhost:10009
; On ipv4 localhost port 10009 and ipv6 port 10010:
; rpclisten=localhost:10009
; rpclisten=[::1]:10010
; On an Unix socket:
; rpclisten=unix:///var/run/lnd/lnd-rpclistener.sock
; Specify the interfaces to listen on for REST connections. One listen
; address per line.
; All ipv4 interfaces on port 8080:
; restlisten=0.0.0.0:8080
; On ipv4 localhost port 80 and 443:
; restlisten=localhost:80
; restlisten=localhost:443
; On an Unix socket:
; restlisten=unix:///var/run/lnd-restlistener.sock
; A series of domains to allow cross origin access from. This controls the CORs
; policy of the REST RPC proxy.
; restcors=https://my-special-site.com
; Adding an external IP will advertise your node to the network. This signals
; that your node is available to accept incoming channels. If you don't wish to
; advertise your node, this value doesn't need to be set. Unless specified
; (with host:port notation), the default port (9735) will be added to the
; address.
; externalip=
;
; Instead of explicitly stating your external IP address, you can also enable
; UPnP or NAT-PMP support on the daemon. Both techniques will be tried and
; require proper hardware support. In order to detect this hardware support,
; `lnd` uses a dependency that retrieves the router's gateway address by using
; different built-in binaries in each platform. Therefore, it is possible that
; we are unable to detect the hardware and `lnd` will exit with an error
; indicating this. This option will automatically retrieve your external IP
; address, even after it has changed in the case of dynamic IPs, and advertise
; it to the network using the ports the daemon is listening on. This does not
; support devices behind multiple NATs.
; nat=true
; Disable listening for incoming peer connections.
; nolisten=true
; Disable REST API.
; norest=true
; Disable TLS for the REST API.
; no-rest-tls=true
; Shortest backoff when reconnecting to persistent peers. Valid time units are
; {s, m, h}.
; minbackoff=1s
; Longest backoff when reconnecting to persistent peers. Valid time units are
; {s, m, h}.
; maxbackoff=1h
; The timeout value for network connections in seconds, default to 120 seconds.
; Valid uints are {ms, s, m, h}.
; connectiontimeout=120s
; Debug logging level.
; Valid levels are {trace, debug, info, warn, error, critical}
; You may also specify <global-level>,<subsystem>=<level>,<subsystem2>=<level>,...
; to set log level for individual subsystems. Use lncli debuglevel --show to
; list available subsystems.
; debuglevel=debug,PEER=info
; Write CPU profile to the specified file.
; cpuprofile=
; Enable HTTP profiling on given port -- NOTE port must be between 1024 and
; 65536. The profile can be access at: http://localhost:<PORT>/debug/pprof/.
; profile=
; DEPRECATED: Allows the rpcserver to intentionally disconnect from peers with
; open channels. THIS FLAG WILL BE REMOVED IN 0.10.0.
; unsafe-disconnect=false
; Causes a link to replay the adds on its commitment txn after starting up, this
; enables testing of the sphinx replay logic.
; unsafe-replay=true
; The maximum number of incoming pending channels permitted per peer.
; maxpendingchannels=1
; The target location of the channel backup file.
; backupfilepath=~/.lnd/data/chain/bitcoin/simnet/channel.backup
; If true, then automatic network bootstrapping will not be attempted. This
; means that your node won't attempt to automatically seek out peers on the
; network.
; nobootstrap=true
; If true, NO SEED WILL BE EXPOSED -- EVER, AND THE WALLET WILL BE ENCRYPTED
; USING THE DEFAULT PASSPHRASE. THIS FLAG IS ONLY FOR TESTING AND SHOULD NEVER
; BE USED ON MAINNET.
; noseedbackup=true
; Removes all transaction history from the on-chain wallet on startup, forcing a
; full chain rescan starting at the wallet's birthday. Implements the same
; functionality as btcwallet's dropwtxmgr command. Should be set to false after
; successful execution to avoid rescanning on every restart of lnd.
; reset-wallet-transactions=true
; The smallest channel size (in satoshis) that we should accept. Incoming
; channels smaller than this will be rejected, default value 20000.
; minchansize=
; The largest channel size (in satoshis) that we should accept. Incoming
; channels larger than this will be rejected. For non-Wumbo channels this
; limit remains 16777215 satoshis by default as specified in BOLT-0002.
; For wumbo channels this limit is 1,000,000,000 satoshis (10 BTC).
; Set this config option explicitly to restrict your maximum channel size
; to better align with your risk tolerance
; maxchansize=
; The default max_htlc applied when opening or accepting channels. This value
; limits the number of concurrent HTLCs that the remote party can add to the
; commitment. The maximum possible value is 483.
; default-remote-max-htlcs=483
; The duration that a peer connection must be stable before attempting to send a
; channel update to reenable or cancel a pending disables of the peer's channels
; on the network. (default: 19m0s)
; chan-enable-timeout=22m
; The duration that must elapse after first detecting that an already active
; channel is actually inactive and sending channel update disabling it to the
; network. The pending disable can be canceled if the peer reconnects and becomes
; stable for chan-enable-timeout before the disable update is sent.
; (default: 20m0s)
; chan-disable-timeout=22m
; The polling interval between attempts to detect if an active channel has become
; inactive due to its peer going offline. (default: 1m0s)
; chan-status-sample-interval=2m
; Disable queries from the height-hint cache to try to recover channels stuck in
; the pending close state. Disabling height hint queries may cause longer chain
; rescans, resulting in a performance hit. Unset this after channels are unstuck
; so you can get better performance again.
; height-hint-cache-query-disable=true
; The polling interval between historical graph sync attempts. Each historical
; graph sync attempt ensures we reconcile with the remote peer's graph from the
; genesis block. (default: 1h0m0s)
; historicalsyncinterval=2h
; If true, will not reply with historical data that matches the range specified
; by a remote peer's gossip_timestamp_filter. Doing so will result in lower
; memory and bandwidth requirements.
; ignore-historical-gossip-filters=true
; If true, lnd will not accept channel opening requests with non-zero push
; amounts. This should prevent accidental pushes to merchant nodes.
; rejectpush=true
; If true, lnd will not forward any HTLCs that are meant as onward payments. This
; option will still allow lnd to send HTLCs and receive HTLCs but lnd won't be
; used as a hop.
; rejecthtlc=true
; If true, will apply a randomized staggering between 0s and 30s when
; reconnecting to persistent peers on startup. The first 10 reconnections will be
; attempted instantly, regardless of the flag's value
; stagger-initial-reconnect=true
; The maximum number of blocks funds could be locked up for when forwarding
; payments. (default: 2016)
; max-cltv-expiry=2016
; The maximum percentage of total funds that can be allocated to a channel's
; commitment fee. This only applies for the initiator of the channel. Valid
; values are within [0.1, 1]. (default: 0.5)
; max-channel-fee-allocation=0.9
; If true, lnd will abort committing a migration if it would otherwise have been
; successful. This leaves the database unmodified, and still compatible with the
; previously active version of lnd.
; dry-run-migration=true
; If true, option upfront shutdown script will be enabled. If peers that we open
; channels with support this feature, we will automatically set the script to
; which cooperative closes should be paid out to on channel open. This offers the
; partial protection of a channel peer disconnecting from us if cooperative
; close is attempted with a different script.
; enable-upfront-shutdown=true
; If true, spontaneous payments through keysend will be accepted. [experimental]
; accept-keysend=true
; If non-zero, keysend payments are accepted but not immediately settled. If the
; payment isn't settled manually after the specified time, it is canceled
; automatically. [experimental]
; keysend-hold-time=true
; If true, we'll attempt to garbage collect canceled invoices upon start.
; gc-canceled-invoices-on-startup=true
; If true, we'll delete newly canceled invoices on the fly.
; gc-canceled-invoices-on-the-fly=true
; If true, our node will allow htlc forwards that arrive and depart on the same
; channel.
; allow-circular-route=true
; Time in milliseconds between each release of announcements to the network
; trickledelay=180000
; The number of peers that we should receive new graph updates from. This option
; can be tuned to save bandwidth for light clients or routing nodes. (default: 3)
; numgraphsyncpeers=9
; The alias your node will use, which can be up to 32 UTF-8 characters in
; length.
; alias=My Lightning ☇
; The color of the node in hex format, used to customize node appearance in
; intelligence services.
; color=#3399FF
[Bitcoin]
; If the Bitcoin chain should be active. Atm, only a single chain can be
; active.
bitcoin.active=true
; The directory to store the chain's data within.
; bitcoin.chaindir=~/.lnd/data/chain/bitcoin
; Use Bitcoin's main network.
; bitcoin.mainnet=true
; Use Bitcoin's test network.
; bitcoin.testnet=true
;
; Use Bitcoin's simulation test network
bitcoin.simnet=true
; Use Bitcoin's regression test network
; bitcoin.regtest=false
; Use the btcd back-end
bitcoin.node=btcd
; Use the bitcoind back-end
; bitcoin.node=bitcoind
; Use the neutrino (light client) back-end
; bitcoin.node=neutrino
; The default number of confirmations a channel must have before it's considered
; open. We'll require any incoming channel requests to wait this many
; confirmations before we consider the channel active.
; bitcoin.defaultchanconfs=3
; The default number of blocks we will require our channel counterparty to wait
; before accessing its funds in case of unilateral close. If this is not set, we
; will scale the value according to the channel size.
; bitcoin.defaultremotedelay=144
; The maximum number of blocks we will limit the wait that our own funds are
; encumbered by in the case when our node unilaterally closes. If a remote peer
; proposes a channel with a delay above this amount, lnd will reject the
; channel.
; bitcoin.maxlocaldelay=2016
; The smallest HTLC we are willing to accept on our channels, in millisatoshi.
; bitcoin.minhtlc=1
; The smallest HTLC we are willing to send out on our channels, in millisatoshi.
; bitcoin.minhtlcout=1000
; The base fee in millisatoshi we will charge for forwarding payments on our
; channels.
; bitcoin.basefee=1000
; The fee rate used when forwarding payments on our channels. The total fee
; charged is basefee + (amount * feerate / 1000000), where amount is the
; forwarded amount.
; bitcoin.feerate=1
; The CLTV delta we will subtract from a forwarded HTLC's timelock value.
; bitcoin.timelockdelta=40
; The seed DNS server(s) to use for initial peer discovery. Must be specified as
; a '<primary_dns>[,<soa_primary_dns>]' tuple where the SOA address is needed
; for DNS resolution through Tor but is optional for clearnet users. Multiple
; tuples can be specified, will overwrite the default seed servers.
; The default seed servers are:
; mainnet:
; bitcoin.dnsseed=nodes.lightning.directory,soa.nodes.lightning.directory
; bitcoin.dnsseed=lseed.bitcoinstats.com
; testnet:
; bitcoin.dnsseed=test.nodes.lightning.directory,soa.nodes.lightning.directory
;
; Example for custom DNS servers:
; bitcoin.dnsseed=seed1.test.lightning
; bitcoin.dnsseed=seed2.test.lightning,soa.seed2.test.lightning
; Used to help identify ourselves to other bitcoin peers (default: neutrino).
; neutrino.useragentname=neutrino
; Used to help identify ourselves to other bitcoin peers (default: 0.11.0-beta).
; neutrino.useragentversion=0.11.0-beta
; Skip checking channel spentness and existence during graph validation for
; neutrino. Enabling this option means that neutrino nodes will not need to
; perform long rescans which block initial usage of the daemon, but comes at
; the cost of not validating channels in your routing graph. Skipping this
; validation means that your node may have an incorrect view of the network
; if it receives updates for closed or non-existent channels. This could affect
; routing, but funds are safu.
; --routing.assumechanvalid=true
[Btcd]
; The base directory that contains the node's data, logs, configuration file,
; etc.
; btcd.dir=~/.btcd
; The host that your local btcd daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; btcd.rpchost=localhost
; Username for RPC connections to btcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; btcd.rpcuser=kek
; Password for RPC connections to btcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; btcd.rpcpass=kek
; File containing the daemon's certificate file. This only needs to be set if
; the node isn't on the same host as lnd.
; btcd.rpccert=~/.btcd/rpc.cert
; The raw bytes of the daemon's PEM-encoded certificate chain which will be used
; to authenticate the RPC connection. This only needs to be set if the btcd
; node is on a remote host.
; btcd.rawrpccert=
[Bitcoind]
; The base directory that contains the node's data, logs, configuration file,
; etc.
; bitcoind.dir=~/.bitcoin
; The host that your local bitcoind daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; bitcoind.rpchost=localhost
; Username for RPC connections to bitcoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote bitcoind instance).
; bitcoind.rpcuser=kek
; Password for RPC connections to bitcoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote bitcoind instance).
; bitcoind.rpcpass=kek
; ZMQ socket which sends rawblock and rawtx notifications from bitcoind. By
; default, lnd will attempt to automatically obtain this information, so this
; likely won't need to be set (other than for a remote bitcoind instance).
; bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332
; bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333
; Fee estimate mode for bitcoind. It must be either "ECONOMICAL" or "CONSERVATIVE".
; If unset, the default value is "CONSERVATIVE".
; bitcoind.estimatemode=CONSERVATIVE
[neutrino]
; Connect only to the specified peers at startup. This creates a persistent
; connection to a target peer. This is recommended as there aren't many
; neutrino compliant full nodes on the test network yet.
; neutrino.connect=
; Max number of inbound and outbound peers.
;
; NOTE: This value is currently unused.
; neutrino.maxpeers=
; Add a peer to connect with at startup.
; neutrino.addpeer=
; How long to ban misbehaving peers. Valid time units are {s, m, h}. Minimum 1
; second.
;
; NOTE: This value is currently unused.
; neutrino.banduration=
; Maximum allowed ban score before disconnecting and banning misbehaving peers.
;
; NOTE: This value is currently unused.
; neutrino.banthreshold=
; Set a URL source for fee estimates.
; neutrino.feeurl=
; Optional filter header in height:hash format to assert the state of neutrino's
; filter header chain on startup. If the assertion does not hold, then the
; filter header chain will be re-synced from the genesis block.
; neutrino.assertfilterheader=
[Litecoin]
; If the Litecoin chain should be active. Atm, only a single chain can be
; active.
; litecoin.active=true
; The directory to store the chain's data within.
; litecoin.chaindir=~/.lnd/data/chain/litecoin
; Use Litecoin's main network.
; litecoin.mainnet=true
; Use Litecoin's test network.
; litecoin.testnet=true
;
; Use Litecoin's simulation test network
; litecoin.simnet=true
; Use Litecoin's regression test network
; litecoin.regtest=false
; Use the ltcd back-end.
litecoin.node=ltcd
; Use the litecoind back-end.
; litecoin.node=litecoind
; The default number of confirmations a channel must have before it's considered
; open. We'll require any incoming channel requests to wait this many
; confirmations before we consider the channel active.
; litecoin.defaultchanconfs=3
; The default number of blocks we will require our channel counterparty to wait
; before accessing its funds in case of unilateral close. If this is not set, we
; will scale the value according to the channel size.
; litecoin.defaultremotedelay=144
; The maximum number of blocks we will limit the wait that our own funds are
; encumbered by in the case when our node unilaterally closes. If a remote peer
; proposes a channel with a delay above this amount, lnd will reject the
; channel.
; litecoin.maxlocaldelay=2016
; The smallest HTLC we are willing to accept on our channels, in millisatoshi.
; litecoin.minhtlc=1
; The smallest HTLC we are willing to send out on our channels, in millisatoshi.
; litecoin.minhtlcout=1000
; The base fee in millisatoshi we will charge for forwarding payments on our
; channels.
; litecoin.basefee=1000
; The fee rate used when forwarding payments on our channels. The total fee
; charged is basefee + (amount * feerate / 1000000), where amount is the
; forwarded amount.
; litecoin.feerate=1
; The CLTV delta we will subtract from a forwarded HTLC's timelock value.
; litecoin.timelockdelta=576
; The seed DNS server(s) to use for initial peer discovery. Must be specified as
; a '<primary_dns>[,<soa_primary_dns>]' tuple where the SOA address is needed
; for DNS resolution through Tor but is optional for clearnet users. Multiple
; tuples can be specified, will overwrite the default seed servers.
; The default seed servers are:
; mainnet:
; litecoin.dnsseed=ltc.nodes.lightning.directory,soa.nodes.lightning.directory
;
; Example for custom DNS servers:
; litecoin.dnsseed=seed1.test-ltc.lightning
; litecoin.dnsseed=seed2.test-ltc.lightning,soa.seed2.test-ltc.lightning
[Ltcd]
; The base directory that contains the node's data, logs, configuration file,
; etc.
; ltcd.dir=~/.ltcd
; The host that your local ltcd daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; ltcd.rpchost=localhost
; Username for RPC connections to ltcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; ltcd.rpcuser=kek
; Password for RPC connections to ltcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; ltcd.rpcpass=kek
; File containing the daemon's certificate file. This only needs to be set if
; the node isn't on the same host as lnd.
; ltcd.rpccert=~/.ltcd/rpc.cert
; The raw bytes of the daemon's PEM-encoded certificate chain which will be used
; to authenticate the RPC connection. This only needs to be set if the ltcd
; node is on a remote host.
; ltcd.rawrpccert=
[Litecoind]
; The base directory that contains the node's data, logs, configuration file,
; etc.
; litecoind.dir=~/.litecoin
; The host that your local litecoind daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; litecoind.rpchost=localhost
; Username for RPC connections to litecoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote litecoind instance).
; litecoind.rpcuser=kek
; Password for RPC connections to litecoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote litecoind instance).
; litecoind.rpcpass=kek
; ZMQ socket which sends rawblock and rawtx notifications from litecoind. By
; default, lnd will attempt to automatically obtain this information, so this
; likely won't need to be set (other than for a remote litecoind instance).
; litecoind.zmqpubrawblock=tcp://127.0.0.1:28332
; litecoind.zmqpubrawtx=tcp://127.0.0.1:28333
; Fee estimate mode for litecoind. It must be either "ECONOMICAL" or "CONSERVATIVE".
; If unset, the default value is "CONSERVATIVE".
; litecoind.estimatemode=CONSERVATIVE
[autopilot]
; If the autopilot agent should be active or not. The autopilot agent will
; attempt to automatically open up channels to put your node in an advantageous
; position within the network graph.
; autopilot.active=true
; The maximum number of channels that should be created.
; autopilot.maxchannels=5
; The fraction of total funds that should be committed to automatic channel
; establishment. For example 0.6 means that 60% of the total funds available
; within the wallet should be used to automatically establish channels. The total
; amount of attempted channels will still respect the maxchannels param.
; autopilot.allocation=0.6
; Heuristic to activate, and the weight to give it during scoring. (default:
; top_centrality:1)
; autopilot.heuristic=preferential:1
; The smallest channel that the autopilot agent should create (default: 20000)
; autopilot.minchansize=20000
; The largest channel that the autopilot agent should create (default: 16777215)
; autopilot.maxchansize=20000
; Whether the channels created by the autopilot agent should be private or not.
; Private channels won't be announced to the network.
; autopilot.private=true
; The minimum number of confirmations each of your inputs in funding transactions
; created by the autopilot agent must have. (default: 1)
; autopilot.minconfs=2
; The confirmation target (in blocks) for channels opened by autopilot. (default:
; 3)
; autopilot.conftarget=2
[tor]
; Allow outbound and inbound connections to be routed through Tor
; tor.active=true
; The port that Tor's exposed SOCKS5 proxy is listening on. Using Tor allows
; outbound-only connections (listening will be disabled) -- NOTE port must be
; between 1024 and 65535
; tor.socks=9050
; The DNS server as IP:PORT that Tor will use for SRV queries - NOTE must have
; TCP resolution enabled. The current active DNS server for Testnet listening is
; nodes.lightning.directory
; tor.dns=nodes.lightning.directory
; Enable Tor stream isolation by randomizing user credentials for each
; connection. With this mode active, each connection will use a new circuit.
; This means that multiple applications (other than lnd) using Tor won't be mixed
; in with lnd's traffic.
; tor.streamisolation=true
; The host:port that Tor is listening on for Tor control connections (default:
; localhost:9051)
; tor.control=localhost:9091
; IP address that Tor should use as the target of the hidden service
; tor.targetipaddress=
; The password used to arrive at the HashedControlPassword for the control port.
; If provided, the HASHEDPASSWORD authentication method will be used instead of
; the SAFECOOKIE one.
; tor.password=plsdonthackme
; Automatically set up a v2 onion service to listen for inbound connections
; tor.v2=true
; Automatically set up a v3 onion service to listen for inbound connections
; tor.v3=true
; The path to the private key of the onion service being created
; tor.privatekeypath=/path/to/torkey
;The path to the private key of the watchtower onion service being created
; tor.watchtowerkeypath=/other/path/
[watchtower]
; Enable integrated watchtower listening on :9911 by default.
; watchtower.active=true
; Specify the interfaces to listen on for watchtower client connections. One
; listen address per line. If no port is specified the default port of 9911 will
; be added implicitly.
; All ipv4 on port 9911:
; watchtower.listen=0.0.0.0:9911
; On all ipv4 interfaces on port 9911 and ipv6 localhost port 9912:
; watchtower.listen=0.0.0.0:9911
; watchtower.listen=[::1]:9912
; Configure the external IP address of your watchtower. Setting this field does
; not have any behavioral changes to the tower or enable any sort of discovery,
; however it will make the full URI (pubkey@host:port) available via
; WatchtowerRPC.GetInfo and `lncli tower info`.
; watchtower.externalip=1.2.3.4
; Configure the default watchtower data directory. The default directory is
; data/watchtower relative to the chosen lnddir. This can be useful if one needs
; to move the database to a separate volume with more storage. In the example
; below, the database will be stored at:
; /path/to/towerdir/bitcoin/<network>/watchtower.db.
; watchtower.towerdir=/path/to/towerdir
; Duration the watchtower server will wait for messages to be received before
; hanging up on client connections.
; watchtower.readtimeout=15s
; Duration the watchtower server will wait for messages to be written before
; hanging up on client connections
; watchtower.writetimeout=15s
[wtclient]
; Activate Watchtower Client. To get more information or configure watchtowers
; run `lncli wtclient -h`.
; wtclient.active=true
; Specify the fee rate with which justice transactions will be signed. This fee
; rate should be chosen as a maximum fee rate one is willing to pay in order to
; sweep funds if a breach occurs while being offline. The fee rate should be
; specified in sat/byte, the default is 10 sat/byte.
; wtclient.sweep-fee-rate=10
; (Deprecated) Specifies the URIs of private watchtowers to use in backing up
; revoked states. URIs must be of the form <pubkey>@<addr>. Only 1 URI is
; supported at this time, if none are provided the tower will not be enabled.
; wtclient.private-tower-uris=
[healthcheck]
; The number of times we should attempt to query our chain backend before
; gracefully shutting down. Set this value to 0 to disable this health check.
; healthcheck.chainbackend.attempts=3
; The amount of time we allow a call to our chain backend to take before we fail
; the attempt. This value must be >= 1s.
; healthcheck.chainbackend.timeout=10s
; The amount of time we should backoff between failed attempts to query chain
; backend. This value must be >= 1s.
; healthcheck.chainbackend.backoff=30s
; The amount of time we should wait between chain backend health checks. This
; value must be >= 1m.
; healthcheck.chainbackend.interval=1m
; The minimum ratio of free disk space to total capacity that we require.
; healthcheck.diskspace.diskrequired=0.1
; The number of times we should attempt to query our available disk space before
; gracefully shutting down. Set this value to 0 to disable this health check.
; healthcheck.diskspace.attempts=2
; The amount of time we allow a query for our available disk space to take
; before we fail the attempt. This value must be >= 1s.
; healthcheck.diskspace.timeout=5s
; The amount of time we should backoff between failed attempts to query
; available disk space. This value must be >= 1s.
; healthcheck.diskspace.backoff=1m
; The amount of time we should wait between disk space health checks. This
; value must be >= 1m.
; healthcheck.diskspace.interval=6h
; The number of times we should attempt to check for certificate expiration before
; gracefully shutting down. Set this value to 0 to disable this health check.
; healthcheck.tls.attempts=2
; The amount of time we allow a query for certificate expiration to take
; before we fail the attempt. This value must be >= 1s.
; healthcheck.tls.timeout=5s
; The amount of time we should backoff between failed attempts to query
; certificate expiration. This value must be >= 1s.
; healthcheck.tls.backoff=1m
; The amount of time we should wait between certificate expiration health checks.
; This value must be >= 1m.
; healthcheck.tls.interval=1m
[signrpc]
; Path to the signer macaroon.
; signrpc.signermacaroonpath=~/.lnd/data/chain/bitcoin/simnet/signer.macaroon
[walletrpc]
; Path to the wallet kit macaroon.
; walletrpc.walletkitmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/walletkit.macaroon
[chainrpc]
; Path to the chain notifier macaroon.
; chainrpc.notifiermacaroonpath=~/.lnd/data/chain/bitcoin/simnet/chainnotifier.macaroon
[routerrpc]
; Minimum required route success probability to attempt the payment (default:
; 0.01)
; routerrpc.minrtprob=1
; Assumed success probability of a hop in a route when no other information is
; available. (default: 0.6)
; routerrpc.apriorihopprob=0.2
; Weight of the a priori probability in success probability estimation. Valid
; values are in [0, 1]. (default: 0.5)
; routerrpc.aprioriweight=0.3
; Defines the duration after which a penalized node or channel is back at 50%
; probability (default: 1h0m0s)
; routerrpc.penaltyhalflife=2h
; The (virtual) fixed cost in sats of a failed payment attempt (default: 100)
; routerrpc.attemptcost=90
; The (virtual) proportional cost in ppm of the total amount of a failed payment
; attempt (default: 1000)
; routerrpc.attemptcostppm=900
; The maximum number of payment results that are held on disk by mission control
; (default: 1000)
; routerrpc.maxmchistory=900
; Path to the router macaroon
; routerrpc.routermacaroonpath=~/.lnd/data/chain/bitcoin/simnet/router.macaroon
[workers]
; Maximum number of concurrent read pool workers. This number should be
; proportional to the number of peers. (default: 100)
; workers.read=200
; Maximum number of concurrent write pool workers. This number should be
; proportional to the number of CPUs on the host. (default: 8)
; workers.write=8
; Maximum number of concurrent sig pool workers. This number should be
; proportional to the number of CPUs on the host. (default: 8)
; workers.sig=4
[caches]
; Maximum number of entries contained in the reject cache, which is used to speed
; up filtering of new channel announcements and channel updates from peers. Each
; entry requires 25 bytes. (default: 50000)
; caches.reject-cache-size=900000
; Maximum number of entries contained in the channel cache, which is used to
; reduce memory allocations from gossip queries from peers. Each entry requires
; roughly 2Kb. (default: 20000)
; caches.channel-cache-size=9000000
[protocol]
; If set, then lnd will create and accept requests for channels larger than 0.16
; BTC
; protocol.wumbo-channels=true
; Set to enable experimental support for anchor commitments, won't work with watchtowers yet.
; protocol.anchors=true
[db]
; The selected database backend. The current default backend is "bolt". lnd
; also has experimental support for etcd, a replicated backend.
; db.backend=bolt
; The maximum interval the graph database will wait between attempting to flush
; a batch of modifications to disk. Defaults to 500 milliseconds.
; db.batch-commit-interval=500ms
[etcd]
; Etcd database host.
; db.etcd.host=localhost:2379
; Etcd database user.
; db.etcd.user=userscopedforlnd
; Password for the database user.
; db.etcd.pass=longandsekrit
; Path to the TLS certificate for etcd RPC.
; db.etcd.cert_file=/key/path
; Path to the TLS private key for etcd RPC.
; db.etcd.key_file=/a/path
; Whether we intend to skip TLS verification
; db.etcd.insecure_skip_verify=true
; Whether to collect etcd commit stats.
; db.etcd.collect_stats=true
; If set LND will use an embedded etcd instance instead of the external one.
; Useful for testing.
; db.etcd.embedded=false
[bolt]
; If true, prevents the database from syncing its freelist to disk.
; db.bolt.nofreelistsync=1
; Whether the databases used within lnd should automatically be compacted on
; every startup (and if the database has the configured minimum age). This is
; disabled by default because it requires additional disk space to be available
; during the compaction that is freed afterwards. In general compaction leads to
; smaller database files.
; db.bolt.auto-compact=true
; How long ago the last compaction of a database file must be for it to be
; considered for auto compaction again. Can be set to 0 to compact on every
; startup. (default: 168h)
; db.bolt.auto-compact-min-age=0