From 128ec2c45407996598e96224093740d3f969c4d7 Mon Sep 17 00:00:00 2001 From: Daniel McNally Date: Sat, 27 Nov 2021 23:26:34 -0500 Subject: [PATCH] docs: add example systemd service file This is an example systemd service file for lnd designed to run alongside a bitcoind service. This file is loosely based on https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.service, https://gist.github.com/Stadicus/f0c6db4fa6cf787f19d9d3444b91633f, and my own experience managing lnd with systemd. --- contrib/init/README.md | 27 ++++++++++++ contrib/init/lnd.service | 50 ++++++++++++++++++++++ docs/release-notes/release-notes-0.15.0.md | 11 +++++ 3 files changed, 88 insertions(+) create mode 100644 contrib/init/README.md create mode 100644 contrib/init/lnd.service create mode 100644 docs/release-notes/release-notes-0.15.0.md diff --git a/contrib/init/README.md b/contrib/init/README.md new file mode 100644 index 000000000..7e88151b4 --- /dev/null +++ b/contrib/init/README.md @@ -0,0 +1,27 @@ +# Init + +Sample configuration files for: + +``` +systemd: lnd.service +``` + +## systemd + +Add the example `lnd.service` file to `/etc/systemd/system/` and modify it according to your system and user configuration. Use the following commands to interact with the service: + +```bash +# Enable lnd to automatically start on system boot +systemctl enable lnd + +# Start lnd +systemctl start lnd + +# Restart lnd +systemctl restart lnd + +# Stop lnd +systemctl stop lnd +``` + +Systemd will attempt to restart lnd automatically if it crashes or otherwise stops unexpectedly. diff --git a/contrib/init/lnd.service b/contrib/init/lnd.service new file mode 100644 index 000000000..55a6cb6b4 --- /dev/null +++ b/contrib/init/lnd.service @@ -0,0 +1,50 @@ +# A sample systemd service file for lnd running with a bitcoind service. + +[Unit] +Description=Lightning Network Daemon + +# Make sure lnd starts after bitcoind is ready +Requires=bitcoind.service +After=bitcoind.service + +[Service] +ExecStart=/usr/local/bin/lnd +ExecStop=/usr/local/bin/lncli stop +PIDFile=/home/bitcoin/.lnd/lnd.pid + +# Replace these with the user:group that will run lnd +User=bitcoin +Group=bitcoin + +# Try restarting lnd if it stops due to a failure +Restart=on-failure +RestartSec=60 + +# Type=notify is required for lnd to notify systemd when it is ready +Type=notify + +# An extended timeout period is needed to allow for database compaction +# and other time intensive operations during startup. We also extend the +# stop timeout to ensure graceful shutdowns of lnd. +TimeoutStartSec=1200 +TimeoutStopSec=3600 + +# Hardening Measures +#################### + +# Mount /usr, /boot/ and /etc read-only for the process. +ProtectSystem=full + +# Disallow the process and all of its children to gain +# new privileges through execve(). +NoNewPrivileges=true + +# Use a new /dev namespace only populated with API pseudo devices +# such as /dev/null, /dev/zero and /dev/random. +PrivateDevices=true + +# Deny the creation of writable and executable memory mappings. +MemoryDenyWriteExecute=true + +[Install] +WantedBy=multi-user.target diff --git a/docs/release-notes/release-notes-0.15.0.md b/docs/release-notes/release-notes-0.15.0.md new file mode 100644 index 000000000..57807cab8 --- /dev/null +++ b/docs/release-notes/release-notes-0.15.0.md @@ -0,0 +1,11 @@ +# Release Notes + +## Misc + +* [An example systemd service file](https://github.com/lightningnetwork/lnd/pull/6033) + for running lnd alongside a bitcoind service is now provided in + `contrib/init/lnd.service`. + +# Contributors (Alphabetical Order) + +* Daniel McNally