I’m building a web app that is using an lnd instance to facilitate payments via the lightning network. When i run my node app on my laptop that is connected to the same network as my rpi4 running umbrel i am able to access my node via umbrel.local:10009. However since my web app is deployed in the cloud i need to access my node from outside via <my-public-ip>:10009. In other words i need to publicly expose my lnd’s gPRC port.
The problem is i am unable to reach my node…
- my router does forward
:10009 to my rpi4’s static ip
telnet <my-public-ip>:10009 DOES yield a response- my deployments domain IS listed as an entry the
tlsextradomain
rpclisten IS configured as 0.0.0.0externalip IS set to <my-public-ip>
im starting to suspect that this issue has to do with dockers default network and it is not letting any traffic outside the default network reach any container.
i provided a little sketch to make it really clear:
i hope i didn’t compromise myself, lol
i think i came a step closer to the issue:
is it possible that umbrel somehow ignores the entries from lnd.conf when generating tls.cert. im trying to add entries for tlsextraip and tlsextradomain in my lnd.conf but when i regenerate the certificates and decode the cert these entries are not reflected in my SAN record. any ideas?
1 Like
I’m dealing with a similar situation here… I’m adding a new tlsextraip to lnd.conf but it doesn’t show as SAN in the tls.cert file (I did delete the old certificates and rebooted the node so that LND regenerates them).
in the stacker.news thread linked above some guy posted a link to a known issue in the umbrel repo. turns out the tls.cert generation ignores the entries in lnd.conf so you will always be blocked by the umbrel lnd. until this is fixed we cant connect to umbrel via gRPC. i’ve settled for a node hosted by voltage and it works great! For production apps this is probably better anyway.
1 Like
Since 3 days i tried to connect, now i finally get stuff work, but with umbrel.local url not with ip(
