
136 lines
5.5 KiB
Raw Normal View History

# clightning is an implementation of Bitcoin's Lightning Network.
# as such, this assumes that `services.bitcoin` is enabled.
2024-01-03 18:29:16 +00:00
# docs:
# - tor clightning config: <>
2024-01-05 22:09:32 +00:00
# - `lightning-cli` and subcommands: <>
2024-01-09 16:13:08 +00:00
# - `man lightningd-config`
2024-01-03 13:56:42 +00:00
# management/setup/use:
# - guide: <>
2024-01-03 18:29:16 +00:00
2024-01-06 18:08:51 +00:00
# debugging:
# - `lightning-cli getlog debug`
# - `lightning-cli listpays` -> show payments this node sent
# - `lightning-cli listinvoices` -> show payments this node received
2024-01-03 18:29:16 +00:00
# first, acquire peers:
# - `lightning-cli connect id@host`
# where `id` is the node's pubkey, and `host` is perhaps an ip:port tuple, or a hash.onion:port tuple.
# for testing, choose any node listed on <>
2024-01-03 18:29:16 +00:00
# - `lightning-cli listpeers`
# should show the new peer, with `connected: true`
# then, fund the clightning wallet
# - `lightning-cli newaddr`
# then, open channels
# - `lightning-cli connect ...`
# - `lightning-cli fundchannel <node_id> <amount_in_satoshis>`
# who to federate with?
# - a lot of the larger nodes allow hands-free channel creation
# - either inbound or outbound, sometimes paid
# - find nodes on:
2024-01-05 22:09:32 +00:00
# - <>
# - <>
2024-01-05 22:09:32 +00:00
# - tor nodes: <>
2024-01-06 18:08:51 +00:00
# - <>
# - <>
# - <>
# - a few tor-capable nodes which allow channel creation:
# - <>
# - <>
# - <>
# - <>
# - more resources: <>
2024-01-05 22:09:32 +00:00
# - node routability:<id>
2024-01-06 18:08:51 +00:00
# - especially, acquire inbound liquidity via's swap feature
# - most of the opportunities are gated behind a minimum connection or capacity requirement
2024-01-05 22:09:32 +00:00
# tune payment parameters
2024-01-06 18:08:51 +00:00
# - `lightning-cli setchannel <id> [feebase] [feeppm] [htlcmin] [htlcmax] [enforcedelay] [ignorefeelimits]`
2024-01-05 22:09:32 +00:00
# - e.g. `lightning-cli setchannel all 0 10`
# - it's suggested that feebase=0 simplifies routing.
# teardown:
# - `lightning-cli withdraw <bc1... dest addr> <amount in satoshis> [feerate]`
2024-01-03 18:29:16 +00:00
# sanity:
2024-01-03 13:56:42 +00:00
# - `lightning-cli listfunds`
# to receive a payment (do as `clightning` user):
# - `lightning-cli invoice <amount in millisatoshi> <label> <description>`
2024-01-06 18:08:51 +00:00
# - specify amount as `any` if undetermined
2024-01-03 13:56:42 +00:00
# - then give the resulting bolt11 URI to the payer
# to send a payment:
# - `lightning-cli pay <bolt11 URI>`
2024-01-05 22:09:32 +00:00
# - or `lightning-cli pay <bolt11 URI> [amount_msat] [label] [riskfactor] [maxfeepercent] ...`
# - amount_msat must be "null" if the bolt11 URI specifies a value
# - riskfactor defaults to 10
# - maxfeepercent defaults to 0.5
# - label is a human-friendly label for my records
{ config, pkgs, ... }:
sane.persist.sys.byStore.ext = [
{ user = "clightning"; group = "clightning"; mode = "0710"; path = "/var/lib/clightning"; }
# `lightning-cli` finds its RPC file via `~/.lightning/bitcoin/lightning-rpc`, to message the daemon
sane.user.fs.".lightning" = "/var/lib/clightning";
# see bitcoin.nix for how to generate this
services.bitcoind.mainnet.rpc.users.clightning.passwordHMAC =
2024-01-03 13:56:42 +00:00 = true;
2024-01-03 18:29:16 +00:00 = ""; # proxy outgoing traffic through tor
# = "statictor:"; = "cat /var/lib/tor/onion/clightning/hostname";
services.tor.relay.onionServices.clightning = {
version = 3;
map = [{
# by default tor will route public tor port P to
# so if this port is the same as clightning would natively use, then no further config is needed here.
# see: <>
port = 9735;
# target.port; target.addr; #< set if tor port != clightning port
# allow "tor" group (i.e. clightning) to read /var/lib/tor/onion/clightning/hostname
settings.HiddenServiceDirGroupReadable = true;
# must be in "tor" group to read /var/lib/tor/onion/*/hostname
users.users.clightning.extraGroups = [ "tor" ]; = [ "tor.service" ];
# lightning-config contains fields from here:
# - <>
# secret config includes:
# - bitcoin-rpcpassword
# - alias=nodename
# - rgb=rrggbb
2024-01-06 18:08:51 +00:00
# - fee-base=<millisatoshi>
# - fee-per-satoshi=<ppm>
# - feature configs (i.e. experimental-xyz options)
2024-01-06 18:08:51 +00:00 = ''
# peerswap:
# - config example: <>
# XXX: peerswap crashes clightning on launch. stacktrace is useless.
# plugin=${pkgs.peerswap}/bin/peerswap
# peerswap-db-path=/var/lib/clightning/peerswap/swaps
# peerswap-policy-path=...
2024-01-06 18:08:51 +00:00
2024-01-03 13:56:42 +00:00 = [ config.sops.secrets."lightning-config".path ];
sops.secrets."lightning-config" = {
mode = "0640";
owner = "clightning";
group = "clightning";
2024-01-03 13:56:42 +00:00
2024-01-04 16:20:28 +00:00
sane.programs.clightning.enableFor.user.colin = true; # for debugging/admin: `lightning-cli`