lnd/sample-lnd.conf
Dan Janosik 52c7a1519f
docs: fix "tor.active" item in sample-lnd.conf
When starting up with lnd.conf that contains the sample line
"tor.active", lnd crashes and prints the error:

malformed key=value (tor.active)

Using "tor.active=true" instead works as expected.
2020-09-09 16:27:57 -04:00

695 lines
26 KiB
Plaintext

; Example configuration for lnd.
;
; Boolean values can be specified as true/false or 1/0.
[Application Options]
; The directory that lnd stores all wallet, chain, and channel related data
; within The default is ~/.lnd/data on POSIX OSes, $LOCALAPPDATA/Lnd/data on
; Windows, ~/Library/Application Support/Lnd/data on Mac OS, and $home/lnd/data
; on Plan9. Environment variables are expanded so they may be used. NOTE:
; Windows environment variables are typically %VARIABLE%, but they must be
; accessed with $VARIABLE here. Also, ~ is expanded to $LOCALAPPDATA on Windows.
; datadir=~/.lnd/data
; The directory that logs are stored in. The logs are auto-rotated by default.
; Rotated logs are compressed in place.
; logdir=~/.lnd/logs
; Number of logfiles that the log rotation should keep. Setting it to 0 disables deletion of old log files.
; maxlogfiles=3
;
; Max log file size in MB before it is rotated.
; maxlogfilesize=10
; Time after which an RPCAcceptor will time out and return false if
; it hasn't yet received a response.
; acceptortimeout=15s
; Path to TLS certificate for lnd's RPC and REST services.
; tlscertpath=~/.lnd/tls.cert
; Path to TLS private key for lnd's RPC and REST services.
; tlskeypath=~/.lnd/tls.key
; Adds an extra ip to the generated certificate. Setting multiple tlsextraip= entries is allowed.
; (old tls files must be deleted if changed)
; tlsextraip=
; Adds an extra domain to the generate certificate. Setting multiple tlsextradomain= entries is allowed.
; (old tls files must be deleted if changed)
; tlsextradomain=
; If set, then all certs will automatically be refreshed if they're close to
; expiring, or if any parameters related to extra IPs or domains in the cert
; change.
; tlsautorefresh=true
; A list of domains for lnd to periodically resolve, and advertise the resolved
; IPs for the backing node. This is useful for users that only have a dynamic IP,
; or want to expose the node at a domain.
; externalhosts=my-node-domain.com
; Disable macaroon authentication. Macaroons are used are bearer credentials to
; authenticate all RPC access. If one wishes to opt out of macaroons, uncomment
; the line below.
; no-macaroons=true
; Enable free list syncing for the default bbolt database. This will increase
; start up time, but can result in performance degradation for very large
; databases, and also result in higher memory usage. If "free list corruption"
; is detected, then this flag may resolve things.
; sync-freelist=true
; Path to write the admin macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the admin macaroon in a
; distinct location. By default, it is stored within lnd's network directory.
; Applications that are able to read this file, gain admin macaroon access.
; adminmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/admin.macaroon
; Path to write the read-only macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the read-only macaroon
; in a distinct location. The read only macaroon allows users which can read
; the file to access RPCs which don't modify the state of the daemon. By
; default, it is stored within lnd's network directory.
; readonlymacaroonpath=~/.lnd/data/chain/bitcoin/simnet/readonly.macaroon
; Path to write the invoice macaroon for lnd's RPC and REST services if it
; doesn't exist. This can be set if one wishes to store the invoice macaroon in
; a distinct location. By default, it is stored within lnd's network directory.
; The invoice macaroon allows users which can read the file to gain read and
; write access to all invoice related RPCs.
; invoicemacaroonpath=~/.lnd/data/chain/bitcoin/simnet/invoice.macaroon
; A period to wait before for closing channels with outgoing htlcs that have
; timed out and are a result of this nodes instead payment. In addition to our
; current block based deadline, is specified this grace period will also be taken
; into account.
; payments-expiration-grace-period=30
; Specify the interfaces to listen on for p2p connections. One listen
; address per line.
; All ipv4 on port 9735:
; listen=0.0.0.0:9735
; On all ipv4 interfaces on port 9735 and ipv6 localhost port 9736:
; listen=0.0.0.0:9735
; listen=[::1]:9736
; Disable listening for incoming p2p connections. This will override all
; listeners.
; nolisten=true
; Specify the interfaces to listen on for gRPC connections. One listen
; address per line.
; Only ipv4 localhost on port 10009:
; rpclisten=localhost:10009
; On ipv4 localhost port 10009 and ipv6 port 10010:
; rpclisten=localhost:10009
; rpclisten=[::1]:10010
; On an Unix socket:
; rpclisten=unix:///var/run/lnd/lnd-rpclistener.sock
; Specify the interfaces to listen on for REST connections. One listen
; address per line.
; All ipv4 interfaces on port 8080:
; restlisten=0.0.0.0:8080
; On ipv4 localhost port 80 and 443:
; restlisten=localhost:80
; restlisten=localhost:443
; On an Unix socket:
; restlisten=unix:///var/run/lnd-restlistener.sock
; A series of domains to allow cross origin access from. This controls the CORs
; policy of the REST RPC proxy.
; restcors=https://my-special-site.com
; Adding an external IP will advertise your node to the network. This signals
; that your node is available to accept incoming channels. If you don't wish to
; advertise your node, this value doesn't need to be set. Unless specified
; (with host:port notation), the default port (9735) will be added to the
; address.
; externalip=
;
; Instead of explicitly stating your external IP address, you can also enable
; UPnP or NAT-PMP support on the daemon. Both techniques will be tried and
; require proper hardware support. In order to detect this hardware support,
; `lnd` uses a dependency that retrieves the router's gateway address by using
; different built-in binaries in each platform. Therefore, it is possible that
; we are unable to detect the hardware and `lnd` will exit with an error
; indicating this. This option will automatically retrieve your external IP
; address, even after it has changed in the case of dynamic IPs, and advertise
; it to the network using the ports the daemon is listening on. This does not
; support devices behind multiple NATs.
; nat=true
; Debug logging level.
; Valid levels are {trace, debug, info, warn, error, critical}
; You may also specify <subsystem>=<level>,<subsystem2>=<level>,... to set
; log level for individual subsystems. Use lncli debuglevel --show to list
; available subsystems.
; debuglevel=info
; Write CPU profile to the specified file.
; cpuprofile=
; Enable HTTP profiling on given port -- NOTE port must be between 1024 and
; 65536. The profile can be access at: http://localhost:<PORT>/debug/pprof/.
; profile=
; The maximum number of incoming pending channels permitted per peer.
; maxpendingchannels=1
; If true, then automatic network bootstrapping will not be attempted. This
; means that your node won't attempt to automatically seek out peers on the
; network.
; nobootstrap=true
; The smallest channel size (in satoshis) that we should accept. Incoming
; channels smaller than this will be rejected, default value 20000.
; minchansize=
; The duration that a peer connection must be stable before attempting to send a
; channel update to reenable or cancel a pending disables of the peer's channels
; on the network. (default: 19m0s)
; chan-enable-timeout=22m
; The duration that must elapse after first detecting that an already active
; channel is actually inactive and sending channel update disabling it to the
; network. The pending disable can be canceled if the peer reconnects and becomes
; stable for chan-enable-timeout before the disable update is sent.
; (default: 20m0s)
; chan-disable-timeout=22m
; The polling interval between attempts to detect if an active channel has become
; inactive due to its peer going offline. (default: 1m0s)
; chan-status-sample-interval=2m
; Disable queries from the height-hint cache to try to recover channels stuck in
; the pending close state. Disabling height hint queries may cause longer chain
; rescans, resulting in a performance hit. Unset this after channels are unstuck
; so you can get better performance again.
; height-hint-cache-query-disable=true
; The polling interval between historical graph sync attempts. Each historical
; graph sync attempt ensures we reconcile with the remote peer's graph from the
; genesis block. (default: 1h0m0s)
; historicalsyncinterval=2h
; If true, will not reply with historical data that matches the range specified
; by a remote peer's gossip_timestamp_filter. Doing so will result in lower
; memory and bandwidth requirements.
; ignore-historical-gossip-filters=true
; If true, lnd will not accept channel opening requests with non-zero push
; amounts. This should prevent accidental pushes to merchant nodes.
; rejectpush=true
; If true, lnd will not forward any HTLCs that are meant as onward payments. This
; option will still allow lnd to send HTLCs and receive HTLCs but lnd won't be
; used as a hop.
; rejecthtlc=true
; If true, will apply a randomized staggering between 0s and 30s when
; reconnecting to persistent peers on startup. The first 10 reconnections will be
; attempted instantly, regardless of the flag's value
; stagger-initial-reconnect=true
; The maximum number of blocks funds could be locked up for when forwarding
; payments. (default: 2016)
; max-cltv-expiry=2016
; The maximum percentage of total funds that can be allocated to a channel's
; commitment fee. This only applies for the initiator of the channel. Valid
; values are within [0.1, 1]. (default: 0.5)
; max-channel-fee-allocation=0.9
; If true, lnd will abort committing a migration if it would otherwise have been
; successful. This leaves the database unmodified, and still compatible with the
; previously active version of lnd.
; dry-run-migration=true
; If true, option upfront shutdown script will be enabled. If peers that we open
; channels with support this feature, we will automatically set the script to
; which cooperative closes should be paid out to on channel open. This offers the
; partial protection of a channel peer disconnecting from us if cooperative
; close is attempted with a different script.
; enable-upfront-shutdown=true
; If true, spontaneous payments through keysend will be accepted. [experimental]
; accept-keysend=true
; If non-zero, keysend payments are accepted but not immediately settled. If the
; payment isn't settled manually after the specified time, it is canceled
; automatically. [experimental]
; keysend-hold-time=true
; If true, our node will allow htlc forwards that arrive and depart on the same
; channel.
; allow-circular-route=true
; Time in milliseconds between each release of announcements to the network
; trickledelay=180000
; The number of peers that we should receive new graph updates from. This option
; can be tuned to save bandwidth for light clients or routing nodes. (default: 3)
; numgraphsyncpeers=9
; The alias your node will use, which can be up to 32 UTF-8 characters in
; length.
; alias=My Lightning ☇
; The color of the node in hex format, used to customize node appearance in
; intelligence services.
; color=#3399FF
[Bitcoin]
; If the Bitcoin chain should be active. Atm, only a single chain can be
; active.
bitcoin.active=true
; Use Bitcoin's test network.
; bitcoin.testnet=true
;
; Use Bitcoin's simulation test network
bitcoin.simnet=true
; Use Bitcoin's regression test network
; bitcoin.regtest=false
; Use the btcd back-end
bitcoin.node=btcd
; Use the bitcoind back-end
; bitcoin.node=bitcoind
; Use the neutrino (light client) back-end
; bitcoin.node=neutrino
; The default number of confirmations a channel must have before it's considered
; open. We'll require any incoming channel requests to wait this many
; confirmations before we consider the channel active.
; bitcoin.defaultchanconfs=3
[Btcd]
; The host that your local btcd daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; btcd.rpchost=localhost
; Username for RPC connections to btcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; btcd.rpcuser=kek
; Password for RPC connections to btcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; btcd.rpcpass=kek
; File containing the daemon's certificate file. This only needs to be set if
; the node isn't on the same host as lnd.
; btcd.rpccert=~/.btcd/rpc.cert
; The raw bytes of the daemon's PEM-encoded certificate chain which will be used
; to authenticate the RPC connection. This only needs to be set if the btcd
; node is on a remote host.
; btcd.rawrpccert=
[Bitcoind]
; The host that your local bitcoind daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; bitcoind.rpchost=localhost
; Username for RPC connections to bitcoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote bitcoind instance).
; bitcoind.rpcuser=kek
; Password for RPC connections to bitcoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote bitcoind instance).
; bitcoind.rpcpass=kek
; ZMQ socket which sends rawblock and rawtx notifications from bitcoind. By
; default, lnd will attempt to automatically obtain this information, so this
; likely won't need to be set (other than for a remote bitcoind instance).
; bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332
; bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333
; Fee estimate mode for bitcoind. It must be either "ECONOMICAL" or "CONSERVATIVE".
; If unset, the default value is "CONSERVATIVE".
; bitcoind.estimatemode=CONSERVATIVE
[neutrino]
; Connect only to the specified peers at startup. This creates a persistent
; connection to a target peer. This is recommended as there aren't many
; neutrino compliant full nodes on the test network yet.
; neutrino.connect=
; Add a peer to connect with at startup.
; neutrino.addpeer=
; Set a URL source for fee estimates.
; neutrino.feeurl=
[Litecoin]
; If the Litecoin chain should be active. Atm, only a single chain can be
; active.
; litecoin.active=true
; Use Litecoin's test network.
; litecoin.testnet=true
; Use the ltcd back-end
litecoin.node=ltcd
; Use the litecoind back-end
; litecoin.node=litecoind
[Ltcd]
; The host that your local ltcd daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; ltcd.rpchost=localhost
; Username for RPC connections to ltcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; ltcd.rpcuser=kek
; Password for RPC connections to ltcd. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for simnet mode).
; ltcd.rpcpass=kek
; File containing the daemon's certificate file. This only needs to be set if
; the node isn't on the same host as lnd.
; ltcd.rpccert=~/.ltcd/rpc.cert
; The raw bytes of the daemon's PEM-encoded certificate chain which will be used
; to authenticate the RPC connection. This only needs to be set if the ltcd
; node is on a remote host.
; ltcd.rawrpccert=
[Litecoind]
; The host that your local litecoind daemon is listening on. By default, this
; setting is assumed to be localhost with the default port for the current
; network.
; litecoind.rpchost=localhost
; Username for RPC connections to litecoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote litecoind instance).
; litecoind.rpcuser=kek
; Password for RPC connections to litecoind. By default, lnd will attempt to
; automatically obtain the credentials, so this likely won't need to be set
; (other than for a remote litecoind instance).
; litecoind.rpcpass=kek
; ZMQ socket which sends rawblock and rawtx notifications from litecoind. By
; default, lnd will attempt to automatically obtain this information, so this
; likely won't need to be set (other than for a remote litecoind instance).
; litecoind.zmqpubrawblock=tcp://127.0.0.1:28332
; litecoind.zmqpubrawtx=tcp://127.0.0.1:28333
; Fee estimate mode for litecoind. It must be either "ECONOMICAL" or "CONSERVATIVE".
; If unset, the default value is "CONSERVATIVE".
; litecoind.estimatemode=CONSERVATIVE
[autopilot]
; If the autopilot agent should be active or not. The autopilot agent will
; attempt to automatically open up channels to put your node in an advantageous
; position within the network graph.
; autopilot.active=true
; The maximum number of channels that should be created.
; autopilot.maxchannels=5
; The fraction of total funds that should be committed to automatic channel
; establishment. For example 0.6 means that 60% of the total funds available
; within the wallet should be used to automatically establish channels. The total
; amount of attempted channels will still respect the maxchannels param.
; autopilot.allocation=0.6
; Heuristic to activate, and the weight to give it during scoring. (default:
; {preferential:1})
; autopilot.heuristic={topk_centrality:1}
; The smallest channel that the autopilot agent should create (default: 20000)
; autopilot.minchansize=20000
; The largest channel that the autopilot agent should create (default: 16777215)
; autopilot.maxchansize=20000
; Whether the channels created by the autopilot agent should be private or not.
; Private channels won't be announced to the network.
; autopilot.private=true
; The minimum number of confirmations each of your inputs in funding transactions
; created by the autopilot agent must have. (default: 1)
; autopilot.minconfs=2
; The confirmation target (in blocks) for channels opened by autopilot. (default:
; 3)
; autopilot.conftarget=2
[tor]
; Allow outbound and inbound connections to be routed through Tor
; tor.active=true
; The port that Tor's exposed SOCKS5 proxy is listening on. Using Tor allows
; outbound-only connections (listening will be disabled) -- NOTE port must be
; between 1024 and 65535
; tor.socks=9050
; The DNS server as IP:PORT that Tor will use for SRV queries - NOTE must have
; TCP resolution enabled. The current active DNS server for Testnet listening is
; nodes.lightning.directory
; tor.dns=nodes.lightning.directory
; Enable Tor stream isolation by randomizing user credentials for each
; connection. With this mode active, each connection will use a new circuit.
; This means that multiple applications (other than lnd) using Tor won't be mixed
; in with lnd's traffic.
; tor.streamisolation=true
; Enable Tor stream isolation by randomizing user credentials for each
; connection.
; tor.streamisolation=true
; The host:port that Tor is listening on for Tor control connections (default:
; localhost:9051)
; tor.control=localhost:9091
; IP address that Tor should use as the target of the hidden service
; tor.targetipaddress=
; The password used to arrive at the HashedControlPassword for the control port.
; If provided, the HASHEDPASSWORD authentication method will be used instead of
; the SAFECOOKIE one.
; tor.password=plsdonthackme
; Automatically set up a v2 onion service to listen for inbound connections
; tor.v2=true
; Automatically set up a v3 onion service to listen for inbound connections
; tor.v3=true
; The path to the private key of the onion service being created
; tor.privatekeypath=/path/to/torkey
;The path to the private key of the watchtower onion service being created
; tor.watchtowerkeypath=/other/path/
[watchtower]
; Enable integrated watchtower listening on :9911 by default.
; watchtower.active=true
; Specify the interfaces to listen on for watchtower client connections. One
; listen address per line. If no port is specified the default port of 9911 will
; be added implicitly.
; All ipv4 on port 9911:
; watchtower.listen=0.0.0.0:9911
; On all ipv4 interfaces on port 9911 and ipv6 localhost port 9912:
; watchtower.listen=0.0.0.0:9911
; watchtower.listen=[::1]:9912
; Configure the external IP address of your watchtower. Setting this field does
; not have any behavioral changes to the tower or enable any sort of discovery,
; however it will make the full URI (pubkey@host:port) available via
; WatchtowerRPC.GetInfo and `lncli tower info`.
; watchtower.externalip=1.2.3.4
; Configure the default watchtower data directory. The default directory is
; data/watchtower relative to the chosen lnddir. This can be useful if one needs
; to move the database to a separate volume with more storage. In the example
; below, the database will be stored at:
; /path/to/towerdir/bitcoin/<network>/watchtower.db.
; watchtower.towerdir=/path/to/towerdir
; Duration the watchtower server will wait for messages to be received before
; hanging up on client connections.
; watchtower.readtimeout=15s
; Duration the watchtower server will wait for messages to be written before
; hanging up on client connections
; watchtower.writetimeout=15s
[wtclient]
; Activate Watchtower Client. To get more information or configure watchtowers
; run `lncli wtclient -h`.
; wtclient.active=true
; Specify the fee rate with which justice transactions will be signed. This fee
; rate should be chosen as a maximum fee rate one is willing to pay in order to
; sweep funds if a breach occurs while being offline. The fee rate should be
; specified in sat/byte, the default is 10 sat/byte.
; wtclient.sweep-fee-rate=10
[healthcheck]
; The number of times we should attempt to query our chain backend before
; gracefully shutting down. Set this value to 0 to disable this health check.
; healthcheck.chainbackend.attempts=3
; The amount of time we allow a call to our chain backend to take before we fail
; the attempt. This value must be >= 1s.
; healthcheck.chainbackend.timeout=10s
; The amount of time we should backoff between failed attempts to query chain
; backend. This value must be >= 1s.
; healthcheck.chainbackend.backoff=30s
; The amount of time we should wait between chain backend health checks. This
; value must be >= 1m.
; healthcheck.chainbackend.interval=1m
; The minimum ratio of free disk space to total capacity that we require.
; healthcheck.diskspace.diskrequired=0.1
; The number of times we should attempt to query our available disk space before
; gracefully shutting down. Set this value to 0 to disable this health check.
; healthcheck.diskspace.attempts=2
; The amount of time we allow a query for our available disk space to take
; before we fail the attempt. This value must be >= 1s.
; healthcheck.diskspace.timeout=5s
; The amount of time we should backoff between failed attempts to query
; available disk space. This value must be >= 1s.
; healthcheck.diskspace.backoff=1m
; The amount of time we should wait between disk space health checks. This
; value must be >= 1m.
; healthcheck.diskspace.interval=6h
[routerrpc]
; Minimum required route success probability to attempt the payment (default:
; 0.01)
; routerrpc.minrtprob=1
; Assumed success probability of a hop in a route when no other information is
; available. (default: 0.6)
; routerrpc.apriorihopprob=0.2
; Weight of the a priori probability in success probability estimation. Valid
; values are in [0, 1]. (default: 0.5)
; routerrpc.aprioriweight=0.3
; Defines the duration after which a penalized node or channel is back at 50%
; probability (default: 1h0m0s)
; routerrpc.penaltyhalflife=2h
; The (virtual) cost in sats of a failed payment attempt (default: 100)
; routerrpc.attemptcost=90
; The maximum number of payment results that are held on disk by mission control
; (default: 1000)
; routerrpc.maxmchistory=900
; Path to the router macaroon
; routerrpc.routermacaroonpath=
[workers]
; Maximum number of concurrent read pool workers. This number should be
; proportional to the number of peers. (default: 100)
; workers.read=200
; Maximum number of concurrent write pool workers. This number should be
; proportional to the number of CPUs on the host. (default: 8)
; workers.write=8
; Maximum number of concurrent sig pool workers. This number should be
; proportional to the number of CPUs on the host. (default: 8)
; workers.sig=4
[caches]
; Maximum number of entries contained in the reject cache, which is used to speed
; up filtering of new channel announcements and channel updates from peers. Each
; entry requires 25 bytes. (default: 50000)
; caches.reject-cache-size=900000
; Maximum number of entries contained in the channel cache, which is used to
; reduce memory allocations from gossip queries from peers. Each entry requires
; roughly 2Kb. (default: 20000)
; caches.channel-cache-size=9000000
[protocol]
; If set, then lnd will create and accept requests for channels larger than 0.16
; BTC
; protocol.wumbo-channels=true
; Set to enable experimental support for anchor commitments, won't work with watchtowers yet.
; protocol.anchors=true
[db]
; The selected database backend. The current default backend is "bolt". lnd
; also has experimental support for etcd, a replicated backend.
; db.backend=bolt
[etcd]
; Etcd database host.
; db.etcd.host=localhost:2379
; Etcd database user.
; db.etcd.user=userscopedforlnd
; Password for the database user.
; db.etcd.pass=longandsekrit
; Path to the TLS certificate for etcd RPC.
; db.etcd.cert_file=/key/path
; Path to the TLS private key for etcd RPC.
; db.etcd.key_file=/a/path
; Whether we intend to skip TLS verification
; db.etcd.insecure_skip_verify=true
; Whether to collect etcd commit stats.
; db.etcd.collect_stats=true
[bolt]
; If true, prevents the database from syncing its freelist to disk.
; db.bolt.nofreelistsync=1