Make the WebUI + API optional

[openoms]

Ran some tests with CLN which is still incomplete partly due to the cln-grpc interface being only experimental at it's first v0.1 release and @fusion44 doing most of the pioneering work just himself with the API: https://github.com/fusion44/blitz_api/issues/125 While working suboptimally the API generates a significant load even with minimal services running:

I think after the recovery / initial setup the webUI+API should be optional with a choice in the ssh menu SERVICES to deactivate (even as first thing). For security and hardware load reasons this will be still desirable even when everything will work.

Could be on by default for recovery / initial setup in the release image, but the build_sdcard.sh should have an option to skip building it.

Also for now might just need to be deactivated when the user is choosing CLN in the ssh menu or switches to CLN to be the default LN implementation.

[fusion44]

I've opened an issue for these performance problems in the API repo.

Roughly, how many invoices and payments does this CLN node have?

[openoms]

@fusion44 not many. Under a hundred each, with only 5 public channels currently.

[openoms]

Another tough question is if the api really needs to run as root ?

It should be it's own separate, non-sudo user. To access the LND creds it can be added to the lndadmin group (like bos). To access the lightning-rpc it needs be added to the bitcoin group (like lnbits).

[rootzoll]

Another tough question is if the api really needs to run as root?

Yes - we had it first run as another user. But I needed to move it to root - dont have the detail out of my head. But I think it was also because it must be able to call shell-scripts that need sudo. And basically the API is a root kind of process - its the backend to the Admin-Dashboard - that has full control over the system.

[openoms]

Yes - we had it first run as another user. But I needed to move it to root - dont have the detail out of my head. But I think it was also because it must be able to call shell-scripts that need sudo. And basically the API is a root kind of process - its the backend to the Admin-Dashboard - that has full control over the system.

I see your point, but it is a similar situation to the admin user. blitzapi has passwordless sudo access for the scripts it ials needed, but doesn't run and access everything as root this way. The control can be more fine grained and could even have the ability to turn off the root rights or require another password for it in the future.

[rootzoll]

OK - the sd card can be build without WebUI & API (no fatpack with option: -f 0) and also in the SSH menu under SETTINGS the WebUI & API can be switched off. Closing issue for v1.8.0 release.