How to get the default macaroons on LND , on a Start9?

QUESTION!

I need the invoice.macaroon on my Start9 LND hub. Can anyone tell me how I can get the contents of that file? I am able to SSH (over Tor) into my Start9. I can see the Start9 LND setting that lets me “reset the macaroons” but nothing in there lets me view them.

NOTE1: “On startup, lnd checks to see if the admin.macaroon , readonly.macaroon and invoice.macaroon files exist. If they don’t exist, lnd updates its database with a new macaroon ID, generates the three files admin.macaroon , readonly.macaroon and invoice.macaroon , all with the same ID.”

NOTE2: I know how to do it with ThunderHub, but Start9 doesnt’ have Thunderhub (Tools–>Macaroon->Bake)

Sorta looks like I need to take this route: Start9 | Service Containers

First, elevate yourself to root:
sudo -i

Then you can exec into the lnd container with:
docker exec -it lnd.embassy bash

Then navigate to the folder it’s in, /root/.lnd and echo their contents:

cd /root/.lnd/
for macaroon in *.macaroon ; do
 echo $macaroon:
 cat $macaroon
done

Thanks. When I get in there, the macaroons are not raw text printable.

Also, my lncli doesn’t seem to want to connect to itself within the container:

bash-5.1# lncli listmacaroonids
[lncli] rpc error: code = Unavailable desc = connection error: desc = 
"transport: Error while dialing dial tcp 127.0.0.1:10009: 
connect: connection refused"

I tried these, which are not working for me:

lncli listmacaroonids
lncli --macaroonpath=/root/.lnd/public/invoice.macaroon getinfo
lncli getinfo

None of those work due to connectivity issue?

Is there a trick to getting lncli connect to work? It seems like I am being denied from connecting from within the container.

I tried this, same connect error:

lncli connect <pubkey>@lnd.embassy:9735

netstat -l reports that it allows connections from all hosts to 9735… on that connect call to port 9735 WHY is it giving me an error it cant connect to 10009??

RESOLUTION:

Final resolution was into install Thunderhub via Community Marketplace and then Bake the Macaroom from the UI.

Couldn’t figure out why lncli wouldn’t work.

Glad to hear it.

It seems if you need the macaroon you have to transform it like this:
From inside the lnd.embassy container:
xxd -ps -u -c 1000 /root/.lnd/public/admin.macaroon

From embassyOS (as root):
xxd -ps -u -c 1000 /embassy-data/package-data/volumes/lnd/data/main/public/admin.macaroon

New to Start9, my node is a migration from Umbrel and it appears that things are “working” Thuderhub, lndg all seem to work, no obvious errors I’ve found.

Had a channel peer ask why I closed a channel ( I don’t remember closing a channel , nor can I find a record that says I did.)

Tried to hunt things down in lncli but that’s throwing the RPC error above.

But when trying to connect to lncli I get the RPC error mentioned above.

For the sake of understand lets assume I have only the vaguest idea of what a macaroon is and how they are used. Seems like a sort of Permissions list assigned to a key…

Anyways, Not really sure how to troubleshoot, or what logging I can get to work through this issue. lncli connection refused.

Any help is greatly appreciated.

I’m not sure your particular issue has anything to do with macaroons at all, you probably should have starting your own topic, but an example of a lncli command is…

sudo podman exec -ti lnd.embassy lncli --rpcserver=lnd.embassy wtclient stats

or to get into the contain and then execute commands

sudo podman exec -ti lnd.embassy bash

lncli --rpcserver=lnd.embassy wtclient stats

Basically, make sure you add --rpcserver=lnd.embassy each time.

Ah ha! That’s exceedingly helpful and makes quite a bit of sense. I assume with start9 to ignore what I would conventionally use as the network stack. 127.0.0.1 etc and so on.

Well, everything is not exactly running on localhost on different ports, no.