3.3 Web app: ThunderHub
Requirements
Others
Preparations
Check Node + NPM
With the user
admin
, check the Node version
Example of expected output:
Check the NPM version
Example of expected output:
-> If the "node -v"
output is >=18
, you can move to the next section.
Reverse proxy & Firewall
Enable the Nginx reverse proxy to route external encrypted HTTPS traffic internally to ThunderHub. The error_page 497
directive instructs browsers that send HTTP requests to resend them over HTTPS.
With user
admin
, create the reverse proxy configuration
Paste the complete following configuration. Save and exit
Create the symbolic link that points to the directory
sites-enabled
Test Nginx configuration
Expected output:
Reload NGINX configuration to apply changes
Configure the firewall to allow incoming HTTP requests from anywhere to the web server
Installation
Create the thunderhub user & group
We do not want to run Thunderhub code alongside bitcoind
and lnd
because of security reasons. For that, we will create a separate user and run the code as the new user. We will install Thunderhub in the home directory since it doesn't need too much space.
Create a new
thunderhub
user and group
Add
thunderhub
user to thelnd
group to allow to the userthunderhub
reading theadmin.macaroon
andtls.cert
files
Change to the
thunderhub
user
Set a temporary version environment variable to the installation
Import the GPG key of the developer
Download the source code directly from GitHub, select the latest release branch associated, and go to the
thunderhub
folder
Verify the release
Example of expected output:
Install all dependencies and the necessary modules using NPM
Not to run the npm audit fix
command, which could break the original code!!
Expected output:
Build it
Check the correct installation by requesting the version
Example of expected output:
Configuration
Copy the configuration file template
Edit the configuration file
Uncomment and edit the following line to match with the next. Save and exit
Create a new
thubConfig.yaml
file
Copy and paste the next information
Replace the [E] ThunderHub password
to your one, keeping quotes [' ']
(Optional) You can pre-enable automatic healthchecks ping and/or channel backups to Amboss before starting ThunderHub by adding some lines at the end of the file (without indentation)
Enable auto-backups:
Enable-auto healthchecks:
Keep in mind that if you stop ThunderHub, Amboss will interpret that your node is offline because the connection is established between ThunderHub <> Amboss to send healthchecks pings
These features are not available for a testnet node
Exit
thunderhub
user session to return to theadmin
user session
Create systemd service
As user
admin
, create the service file
Paste the following configuration. Save and exit
Enable autoboot (optional)
Prepare "thunderhub" monitoring by the systemd journal and check log logging output. You can exit monitoring at any time with
Ctrl-C
Run
Start the service
Your browser will display a warning because we use a self-signed SSL certificate. We can do nothing about that because we would need a proper domain name (e.g., https://yournode.com) to get an official certificate that browsers recognize. Click on "Advanced" and proceed to the ThunderHub web interface
Now point your browser to
https://minibolt.local:4002
or the IP address (e.g.https://192.168.x.xxx:4002
). You should see the home page of ThunderHub
Ensure the service is working and listening at the default
3000
port and the HTTPS4002
port
Expected output:
Congrats! You now have a LND node manager Web app: Thunderhub up and running
Extras (optional)
Remote access over Tor
With the user
admin
, edit thetorrc
file
Add the following lines in the "location hidden services" section, below "
## This section is just for location-hidden services ##
". Save and exit
Reload Tor to apply changes
Get your Onion address
Expected output:
Access to your Amboss node account
In the "Home" screen - "Quick Actions" section, click on the Amboss icon "Login", wait for the top right corner notification to show you "Logged in" and click again on the Amboss icon "Go to". This will open a secondary tab in your browser to access your Amboss account node
Enable auto backups and healthcheck notifications to the Amboss account
Enable automatic backups to Amboss
In ThunderHub, from the left sidebar, click on 🌍Amboss.
In the Backups section, push on the Push button to test and push the first backup to Amboss. If all is good, you could enable automatic backups to Amboss, by pushing on Enable just above, now the backup file encrypted will be updated automatically on Amboss for every channel opening and closing.
Ensure that the last date of the backup is the same as before.
You could test that the possible recovery process would be available, by clicking on the "Get" button and copying the entire string, then going back to the Thunderhub from the left sidebar, clicking on "Tools", going to the "Backups" section -> "Verify Channels Backup" -> click on "Verify" button, paste the before string copied and click on "Verify" button again. A green banner "Valid backup String" should appear.
Also is recommended to download the backup file from ThunderHub and store locally it in a safe place for future recovery. You can do this "Tools" section in Thunderhub, "Backups" -> "Backup all channels" -> click the "Download" button.
Enable automatic healthcheck pings to Amboss
In ThunderHub, from the left sidebar, click on 🌍Amboss.
Go to the Healthchecks section and push the "Enable" button to enable automatic healthcheck pings to Amboss.
Feel free to link to the Telegram bot notifications, enable different notifications, complete your public node profile in Amboss, and other things in the different sections of your account
Keep in mind that if you stop ThunderHub, Amboss will interpret that your node is offline because the connection is established between ThunderHub <-> Ambos to send healthchecks pings
Recovering channels using the ThunderHub method
After possible data corruption of your LND node, ensure that this old node is completely off before starting the recovery.
Once you have synced the new node, on-chain recovered with seeds, full on-chain re-scan complete, and Thunderhub installed and running, go to the Thunderhub dashboard.
From the left sidebar, click on "Tools", and go to the "Backups" section -> "Recover Funds from Channels" -> push the "Recover" button.
In this box, enter the complete string text that contains your manually downloaded channels backup file in the step before, or use the string using the content of the latest Amboss automatic backup (recommended) and push again the "Recover" button.
All of the channels that you had opened in your old node will be forced closed and they will appear in the "Pending" tab in the "Channels" section until closings are confirmed. Check logs of LND to see how the recovery process is executed and get more information about it
Use this guide as a last resort if you have lost access to your node or are unable to start LND due to a fatal error. This guide will close all your channels. Your funds will become available on-chain at varying speeds
Upgrade
Stay logged in with the user
admin
, stop the service
Change to the
thunderhub
user
Go to the thunderhub folder
Set the environment variable version
Pull the changes from GitHub
Install all the necessary modules
Build it
Check the correct update
Example of expected output:
Exit to go back to the
admin
user
Start the service again
Uninstall
Uninstall service
With user
admin
, stop thunderhub
Disable autoboot (if enabled)
Delete the service
Delete user & group
Delete the "thunderhub" user. Do not worry about the
userdel: thunderhub mail spool (/var/mail/thunderhub) not found
Uninstall Tor hidden service
Comment or remove the ThunderHub hidden service lines in torrc. Save and exit
Reload the tor config to apply changes
Uninstall reverse proxy & FW configuration
Ensure you are logged in with the user
admin
, delete the reverse proxy config file
Delete the simbolic link
Test Nginx configuration
Expected output:
Reload the Nginx configuration to apply changes
Display the UFW firewall rules and note the numbers of the rules for Thunderhub (e.g. "X" below)
Expected output:
Delete the two Thunderhub rules (check that the rule to be deleted is the correct one and type "y" and "Enter" when prompted)
Port reference
Last updated