search

btcpayserver / btcpayserver

Accept Bitcoin payments. Free, open-source & self-hosted, Bitcoin payment processor.
https://btcpayserver.org/
MIT License
6.29k stars 1.64k forks source link

[Bug]: Wrong listen ip address for lightning node due to cloudflare deployment #6020

Closed aljazceru closed 2 months ago

aljazceru commented 3 months ago

What is your BTCPay version?

BTCPay Server v1.13.1+ca55e1f30

How did you deploy BTCPay Server?

using btcpayserver-docker repo

What happened?

While deploying a new instance of btcpayserver i've noticed that lightning node was configured with the wrong ip. It resolved the dns name used in BTCPAY_HOST and used that for listen address in cln configuration instead of using the actual outgoing ip of the server it runs on.

Due to cloaking being enabled on cloudflare for this A record it means that the ip was incorrect. I didn't manage to look through the code yet so this is extrapolation based on the info I have at the moment.

Potential solution would be to source the listening address differently. Instead of relaying on dns records for setting the ip automatically outgoing request could be made to a site like https://ifconfig.me/ or https://ipinfo.io which will provide the information.

This particular scenario is tied to cloudflare but there are other potential scenarios where the same outcome would be likely - deploying btcpayserver behind a load balancer for example.

How did you encounter this bug?

BTCPay was deployed with this parameters:

export BTCPAY_HOST="<cloudflare-domain>"
export NBITCOIN_NETWORK="mainnet"
export BTCPAYGEN_CRYPTO1="btc"
export BTCPAYGEN_ADDITIONAL_FRAGMENTS="opt-save-storage-s"
export BTCPAYGEN_REVERSEPROXY="nginx"
export BTCPAYGEN_LIGHTNING="clightning"
export BTCPAY_ENABLE_SSH=true
export LIGHTNING_ALIAS="<cloudflare-domain>"
export LETSENCRYPT_EMAIL="<censored>"
. ./btcpay-setup.sh -i

Relevant log output

No response

What browser do you use?

No response

Additional information

No response

Are you sure this is a bug report?

petzsch commented 3 months ago

might be related: https://github.com/btcpayserver/btcpayserver-docker/issues/716

aljazceru commented 3 months ago

might be related: btcpayserver/btcpayserver-docker#716

briefly skimming over the issue I think its not directly related to it. In my case its just the cln configuration that was wrong since it used the wrong listen ip, the node itself is reachable since its not behind the CF tunnel, just the dns is being cloaked to not expose the origin ip

pavlenex commented 2 months ago

In agreement with D11n, we're closing this one in favour of https://github.com/btcpayserver/btcpayserver-docker/issues/716 to avoid duplication.