import { Callout, Steps } from 'nextra/components' import { FAQBox } from '@components'
ThunderHub is an open source LND node manager where you can manage and monitor your node on any device or browser. It allows you to take control of the lightning network with a simple and intuitive UX and the most up-to-date tech stack.
### Install dependencies- Install Node.js using the apk package manager.
These are make dependencies (safe to remove after installation, if you want)
$SU apk add npm
These are runtime dependencies
$SU apk add nodejs-current
$SU addgroup -S thunderhub
$SU adduser \
-S \
-D \
-H \
-h /dev/null \
-s /sbin/nologin \
-G thunderhub \
-g thunderhub \
thunderhub
$SU adduser thunderhub lnd
$SU adduser satoshi thunderhub
In the Security section, we set up Nginx as a reverse proxy. Now we can add the ThunderHub configuration.
- Enable NGINX reverse proxy to route external encrypted HTTPS traffic internally to the ThunderHub.
$SU $EDITOR /etc/nginx/streams-available/thunderhub-reverse-proxy.conf
upstream thunderhub {
server 127.0.0.1:3010;
}
server {
listen 4002 ssl;
proxy_pass thunderhub;
}
$SU ln \
-s \
../streams-available/thunderhub-reverse-proxy.conf \
/etc/nginx/streams-enabled/thunderhub-reverse-proxy.conf
- Test and reload NGINX configuration
$SU nginx -t
$SU rc-service nginx restart
- Configure the firewall to allow incoming HTTPS requests
$SU ufw allow 4002/tcp comment 'allow ThunderHub SSL from anywhere'
ThunderHub provides a lightweight and easy to use web interface to accomplish a great node management.
### Download source codeWe get the latest release of the ThunderHub source code and install it.
- Download the source code for the latest ThunderHub release. You can check the release page to see if a newer release is available. Other releases might not have been properly tested with the rest of the MicroBolt configuration, though.
cd /tmp
VERSION=0.13.30
git clone --branch v$VERSION https://github.com/apotdevin/thunderhub.git && cd thunderhub
- To avoid using bad source code, verify that the release has been properly signed by the main developer Anthony Potdevin.
wget -qO- https://github.com/apotdevin.gpg | gpg --import
git verify-commit v$VERSION
- Patch gh pr
sed 's/5.4.3/5.5.0/' package.json > _
mv -f _ package.json
- Install all dependencies using the Node Package Manager (NPM).
npm install
npm audit fix
Installation can take some time. There might be a lot of confusing output, but if you see something similar to the following, the installation was successful:
[...]
changed 2 packages, and audited 1986 packages in 4s
253 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
- Improve your privacy by opt-out of Next.js telemetry
npx next telemetry disable
- Build it
npm run build
- Reduce the space taken up by ThunderHub
npm prune --production
- Make it a global permanent installation
mkdir ./bin
printf "%s\n" \
"#!/usr/bin/env node" \
"process.env.npm_package_version = '$VERSION';" \
"process.env.NODE_ENV = 'production';" \
"require('../dist/main');" \
> ./bin/cli.js
chmod +x ./bin/cli.js
$SU mkdir /etc/thunderhub
cp -v ./.env ./.env.local
$SU mv -f /tmp/thunderhub /var/lib/
$SU ln -s /var/lib/thunderhub /usr/lib/node_modules/thunderhub
$SU ln -s ../lib/node_modules/thunderhub/bin/cli.js /usr/bin/thunderhub
- Edit the configuration file
$SU $EDITOR /var/lib/thunderhub/.env.local
[...]
LOG_LEVEL='debug'
[...]
TOR_PROXY_SERVER=socks://127.0.0.1:9050
[...]
PORT=3010
[...]
ACCOUNT_CONFIG_PATH='/etc/thunderhub/thubConfig.yaml'
[...]
- Edit the
thubConfig.yaml
file
$SU $EDITOR /etc/thunderhub/thubConfig.yaml
masterPassword: 'PASSWORD' # Default password unless defined in account
accounts:
- name: 'MicroBolt'
serverUrl: '127.0.0.1:10009'
macaroonPath: '/var/lib/lnd/data/chain/bitcoin/mainnet/admin.macaroon'
certificatePath: '/var/lib/lnd/tls.cert'
password: '[E] ThunderHub password'
masterPassword: 'PASSWORD' # Default password unless defined in account
accounts:
- name: 'MicroBolt'
serverUrl: '127.0.0.1:10009'
macaroonPath: '/var/lib/lnd/data/chain/bitcoin/mainnet/admin.macaroon'
certificatePath: '/var/lib/lnd/tls.cert'
password: '[E] ThunderHub password'
backupsEnabled: true
$SU $EDITOR /etc/tor/torrc
# Hidden Service Thunderhub
HiddenServiceDir /var/lib/tor/thunderhub/
HiddenServiceVersion 3
HiddenServicePoWDefensesEnabled 1
HiddenServicePort 80 127.0.0.1:3010
- Reload Tor configuration and get your connection address.
$SU rc-service tor reload
$SU cat /var/lib/tor/thunderhub/hostname
abcdefg..............xyz.onion
- With the Tor browser, you can access this onion address from any device. Please be aware that this access is not password protected and should not be shared widely.
Now we'll make sure our lightning node manager starts as a service on the computer so that it's always running.
- Create the ThunderHub init.d unit and copy/paste the following configuration. Save and exit.
$SU $EDITOR /etc/init.d/thunderhub
#!/sbin/openrc-run
: ${THUNDERHUB_CONFIGFILE:=/etc/thunderhub/thubConfig.yaml}
: ${THUNDERHUB_DATADIR:=/var/lib/thunderhub}
: ${THUNDERHUB_LOGDIR:=/var/log/thunderhub}
: ${THUNDERHUB_USER:=thunderhub}
: ${THUNDERHUB_GROUP:=thunderhub}
: ${THUNDERHUB_BIN:=/usr/bin/thunderhub}
: ${THUNDERHUB_OPTS=${THUNDERHUB_OPTS}}
: ${THUNDERHUB_SIGTERM_TIMEOUT:=600}
: ${THUNDERHUB_ENVFILE:=${THUNDERHUB_DATADIR}/.env.local}
THUNDERHUB_PIDDIR="/run/thunderhub"
name="ThunderHub"
description="Monitor and manage your node from any browser and any device"
directory="${THUNDERHUB_DATADIR}"
required_files="${THUNDERHUB_CONFIGFILE}"
pidfile="${THUNDERHUB_PIDDIR}/${SVCNAME}.pid"
retry="${THUNDERHUB_SIGTERM_TIMEOUT}"
command="${THUNDERHUB_BIN}"
command_args="${THUNDERHUB_OPTS}"
command_user="${THUNDERHUB_USER}:${THUNDERHUB_GROUP}"
command_background="true"
start_stop_daemon_args="--stdout ${THUNDERHUB_LOGDIR}/debug.log
--stderr ${THUNDERHUB_LOGDIR}/debug.log"
depend() {
need lnd
checkdepend TOR_PROXY_SERVER tor
}
checkdepend() {
if grep -qs "^${1}=" "${THUNDERHUB_ENVFILE}"; then
need "${2:-$1}"
fi
}
start_pre() {
checkpath --file --mode 0660 --owner "${command_user}" "${THUNDERHUB_CONFIGFILE}"
checkpath --directory --mode 0750 --owner "${command_user}" "${THUNDERHUB_DATADIR}"
checkpath --directory --mode 0755 --owner "${command_user}" "${THUNDERHUB_LOGDIR}"
checkpath --directory --mode 0755 --owner "${command_user}" "${THUNDERHUB_PIDDIR}"
checkconfig
}
checkconfig() {
if ! grep -qs '^ macaroonPath: ' "${THUNDERHUB_CONFIGFILE}"
then
eerror ""
eerror "ERROR: You must set a macaroonPath path to run ThunderHub"
eerror "The setting must appear in ${THUNDERHUB_CONFIGFILE}"
eerror ""
return 1
fi
}
- Enable execution permission
$SU chmod +x /etc/init.d/thunderhub
- Enter the complete next configuration. Save and exit
$SU $EDITOR /etc/logrotate.d/thunderhub
/var/log/thunderhub/*.log {
weekly
missingok
rotate 104
compress
delaycompress
notifempty
create 0640 thunderhub thunderhub
sharedscripts
postrotate
killall -HUP `cat /run/thunderhub/thunderhub.pid`
endscript
}
- Test
$SU logrotate /etc/logrotate.d/thunderhub --debug
$SU rc-update add thunderhub
$SU rc-service thunderhub start
You can now access ThunderHub from within your local network by browsing to https://nakamoto01:4002, https://nakamoto01.local:4002 (or your equivalent ip address).
* In the "**Home**" screen - "**Quick Actions**" section, click on the Amboss icon "**Login**", wait for the top right corner notification to show you "**Logged in**" and click again on the Amboss icon "**Go to**". This will open a secondary tab in your browser to access your Amboss account node If you can't do "**Login**", maybe the cause is that you don't have a **public** channel opened yet. **You'll need at least one public channel that has been open for a few days.** Planning to open a public small-size channel to be connected with some Lightning Network peers or directly to the [Amboss node](https://amboss.space/es/node/03006fcf3312dae8d068ea297f58e2bd00ec1ffe214b793eda46966b6294a53ce6). More info on [Amboss docs](https://amboss.tech/docs)- Making sure we are connected to the Amboss account, now back to Thunderhub for the next steps
- From the left sidebar, click on "Tools", and go to the "Backups" section -> "Recover Funds from Channels" -> push the "Recover" button.
- Enter the complete string text of your previously downloaded channels backup file in the step before and push the “Recover” button. All of the channels that you had opened in your old node will be forced closed and they will appear in the “Pending” tab in the “Channels” section until closings are confirmed
Follow again Web app page replacing the environment variable
VERSION=x.xx
value for the latest if it has not been already changed in this
guide.
- Update the ThunderHub configuration if necessary (see release notes)
$SU $EDITOR /etc/thunderhub/thubConfig.yaml
- Restart the service to apply the changes
$SU rc-service thunderhub restart