Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Lnd.conf tweaks for better RTL integration

See original GitHub issue

I’m submitting a …
- feature request

The ‘lnd.conf’ which is generated by node launcher, causes integration failures for the REST APIs.

the following parameter values in the lnd.conf should address the problem: restlisten=0.0.0.0:8080 rpclisten=0.0.0.0:10009 tlsextraip=0.0.0.0

Issue Analytics

State:
Created 4 years ago
Comments:9

Top GitHub Comments

2reactions

saubykcommented, Apr 2, 2019

@PierreRochard @JeffVandrewJr

Tested with these settings. This works and exposes the ports much less. Thanks, as always @JeffVandrewJr 😃

Although this setting will only work if RTL and LND are running on the same machine, which should be the most common use case.

restlisten=127.0.0.1:8080
rpclisten=127.0.0.1:10009
tlsextraip=127.0.0.1

2reactions

JeffVandrewJrcommented, Apr 3, 2019

@saubyk @PierreRochard Listening on 0.0.0.0 could at least potentially be a problem if a user has no firewall. We use 0.0.0.0 for listening with BTCPay, but that’s because Docker container ports aren’t accessible outside of the Docker bridge networks unless the container specifically exposes them. On a local machine, OTOH, it’s a totally different security issue.

For local machine Node Launcher installs, couldn’t this be used instead?

restlisten=127.0.0.1:8080
rpclisten=127.0.0.1:10009
tlsextraip=127.0.0.1

The above should expose all the ports to RTL assuming RTL resides on the machine as lnd, but without listening for outside connections to the REST API. Alternatively instead of tlsextraip=127.0.0.1 above, if you’re only listening on 127.0.0.1 you could instead use notls=1.