lnd: suspend service start until clock sync

ndg release v0.6.0 introduced a mechanism in which LND TLS cert is
regenerated if ndg's HTTP client refuses to initialize TLS certs bundle
in https://git.qcode.ch/nakamochi/ndg/commit/b57ebacd

in most cases, it is due to outdated cert's notAfter.
however, because raspberry pi cannot preserve current system time,
it starts from year 1969 and the TLS client init fails.

the latter leads to ndg forcing LND to regenerate the certs to no avail
because the system time isn't syncronized yet.

simple solution: wait to start LND service until the system clock is in
sync.
dev
alex 1 year ago
parent 9861dbebcd
commit 8d6ec7b624
Signed by: x1ddos
GPG Key ID: 540189B756BF5B12

@ -38,7 +38,14 @@ lnd_svc_install() {
cat <<EOF > /$LND_SVDIR/run.new cat <<EOF > /$LND_SVDIR/run.new
#!/bin/sh #!/bin/sh
[ -r conf ] && . ./conf [ -r conf ] && . ./conf
sv start bitcoind || exit 1 exec 2>&1
# wait for OS to acquire a clock sync.
# random date in the past: Oct 22 06:40:00 PM UTC 2023
while [ "$(date +%s)" -lt 1698000000 ]
do
echo "service start suspended until clock sync"
sleep 5
done
exec chpst -u lnd $LND_HOME/$LND_VERSION_DIR_AARCH64/lnd -C /home/lnd/lnd.mainnet.conf 2>&1 exec chpst -u lnd $LND_HOME/$LND_VERSION_DIR_AARCH64/lnd -C /home/lnd/lnd.mainnet.conf 2>&1
EOF EOF
chmod +x /$LND_SVDIR/run.new chmod +x /$LND_SVDIR/run.new

Loading…
Cancel
Save