lightninglabs / lndinit Goto Github PK
View Code? Open in Web Editor NEWcloud infra tooling for lnd provisioning/unlocking
License: MIT License
cloud infra tooling for lnd provisioning/unlocking
License: MIT License
It appears that when using the --k8s.base64
flag, secrets are encoded in base64 twice. This causes issues with decoding.
Kubernetes Verison 1.22 / 1.23
To Reproduce
From a pod within a k8s context (has role to create secrets). Create two secrets, one with base64 flag and one without..
# create secret using base64 flag
$ lndinit gen-password \
| lndinit -v store-secret \
--target=k8s \
--k8s.base64 \
--k8s.namespace="default" \
--k8s.secret-name="lnd-wallet-secret-b64" \
--k8s.secret-key-name=walletpassword
# create secret without base64 flag
$ lndinit gen-password \
| lndinit -v store-secret \
--target=k8s \
--k8s.namespace="default" \
--k8s.secret-name="lnd-wallet-secret" \
--k8s.secret-key-name=walletpassword
Then from your host, decode secrets, you will see the base64 flagged one requires double decoding..
# decode base64 flagged secret
$ k get secret lnd-wallet-secret-b64 -o json | jq -r .data.walletpassword | base64 -d
bWF6ZS1wb3J0aW9uLWlkZWEtc29kYS1uZXN0LXJhaW4tZm9vZC1wb3B1bGFy
# double decode base64 flagged secret
$ k get secret lnd-wallet-secret-b64 -o json | jq -r .data.walletpassword | base64 -d | base64 -d
maze-portion-idea-soda-nest-rain-food-popular
# decode non base64 flagged secret
$ k get secret lnd-wallet-secret -o json | jq -r .data.walletpassword | base64 -d
slice-random-school-energy-cart-proof-notice-nest
Expected behavior
Using --k8s.base64
flag would not require double decoding. This makes unlocking the wallet fail, as you would imagine.
Hello, I love your products, thanks for it and sorry that I have to ask here in lack of other places.
I really like that you seem to support K8s indicated by this:
https://github.com/lightninglabs/lndinit#example-use-case-2-kubernetes
What would be great is a helm chart with which I can deploy an lnd stack on an existing cluster.
Are you planning something like this?
BG
This cmd fetches your key via its fingerprint:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys F4FC70F07310028424EFC20A8E4256593F177720
It's is only slightly longer than the current
curl https://keybase.io/guggero/pgp_keys.asc | gpg --import
... but it removes keybase as a trusted party.
I can generate wallets in an automated flow. There are three files generated - seed, password and wallet.db.
What is the type of database used for wallet.db? Is this something I can decode and see having seed and password?
The asJSON
function is pretty-printing JSON, resulting in multiple log lines. It would be preferable to output JSON in a compact single-line format, then the log consumer can apply formatting if needed.
in this line, I think main
should be used instead of master
as that's the actual branch name and, when I try to build this Dockerfile
"out of the box", I get the error below:
#7 7.310 error: pathspec 'master' did not match any file(s) known to git
It would be really great if this app could allow you to input an aezeed and respond with the node pubkey, as a way of checking a seed on an offline machine and matching to a node.
It's not an issue, but just to get a better understanding.
For some reason I thought lndinit works via running requests to an lnd node but then ran without having a node and it still worked.
So I suppose lndinit just needs some data from me like macaroons and cert and then does everything internally?
Thanks!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.