mirror of
https://github.com/lightningnetwork/lnd.git
synced 2025-02-24 14:50:40 +01:00
128ec2c454
This is an example systemd service file for lnd designed to run alongside a bitcoind service. This file is loosely based on https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.service, https://gist.github.com/Stadicus/f0c6db4fa6cf787f19d9d3444b91633f, and my own experience managing lnd with systemd.
50 lines
1.3 KiB
Desktop File
50 lines
1.3 KiB
Desktop File
# A sample systemd service file for lnd running with a bitcoind service.
|
|
|
|
[Unit]
|
|
Description=Lightning Network Daemon
|
|
|
|
# Make sure lnd starts after bitcoind is ready
|
|
Requires=bitcoind.service
|
|
After=bitcoind.service
|
|
|
|
[Service]
|
|
ExecStart=/usr/local/bin/lnd
|
|
ExecStop=/usr/local/bin/lncli stop
|
|
PIDFile=/home/bitcoin/.lnd/lnd.pid
|
|
|
|
# Replace these with the user:group that will run lnd
|
|
User=bitcoin
|
|
Group=bitcoin
|
|
|
|
# Try restarting lnd if it stops due to a failure
|
|
Restart=on-failure
|
|
RestartSec=60
|
|
|
|
# Type=notify is required for lnd to notify systemd when it is ready
|
|
Type=notify
|
|
|
|
# An extended timeout period is needed to allow for database compaction
|
|
# and other time intensive operations during startup. We also extend the
|
|
# stop timeout to ensure graceful shutdowns of lnd.
|
|
TimeoutStartSec=1200
|
|
TimeoutStopSec=3600
|
|
|
|
# Hardening Measures
|
|
####################
|
|
|
|
# Mount /usr, /boot/ and /etc read-only for the process.
|
|
ProtectSystem=full
|
|
|
|
# Disallow the process and all of its children to gain
|
|
# new privileges through execve().
|
|
NoNewPrivileges=true
|
|
|
|
# Use a new /dev namespace only populated with API pseudo devices
|
|
# such as /dev/null, /dev/zero and /dev/random.
|
|
PrivateDevices=true
|
|
|
|
# Deny the creation of writable and executable memory mappings.
|
|
MemoryDenyWriteExecute=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|