use readonly macaroon by default

README.md

@@ -34,7 +34,7 @@ name = "lnd"
 type = "lnd"
 address = "//127.0.0.1:10009"
 cert = "/root/.lnd/tls.cert"
-macaroon = "/root/.lnd/data/chain/bitcoin/mainnet/admin.macaroon"
+macaroon = "/root/.lnd/data/chain/bitcoin/mainnet/readonly.macaroon"
 macaroon_timeout = 60
 max_msg_recv_size = 52428800
 conn_timeout = 1000000

config/default.go

@@ -101,7 +101,7 @@ func NewDefault() *Config {
 			Type:            "lnd",
 			Address:         "//127.0.0.1:10009",
 			Cert:            path.Join(usr.HomeDir, ".lnd/tls.cert"),
-			Macaroon:        path.Join(usr.HomeDir, ".lnd/data/chain/bitcoin/mainnet/admin.macaroon"),
+			Macaroon:        path.Join(usr.HomeDir, ".lnd/data/chain/bitcoin/mainnet/readonly.macaroon"),
 			MacaroonTimeOut: 60,
 			MaxMsgRecvSize:  52428800,
 			ConnTimeout:     1000000,

docker/README.md

@@ -18,7 +18,7 @@ export LND_HOME=~/.lnd
 
 # or alternatively if you have remote lnd node, specify paths to auth files explicitly:
 # export TLS_CERT_FILE=/path/to/tls.cert
-# export ADMIN_MACAROON_FILE=/path/to/admin.macaroon  
+# export MACAROON_FILE=/path/to/readonly.macaroon
 # export LND_GRPC_HOST=//<remoteip>:10009
 
 # look into _settings.sh for more details on container configuration

docker/_settings.sh

@@ -2,9 +2,9 @@
 
 set -e -o pipefail
 
-# you have two possible ways how to specify ADMIN_MACAROON_FILE and TLS_CERT_FILE
+# you have two possible ways how to specify MACAROON_FILE and TLS_CERT_FILE
 # 1. specify LND_HOME if it is located on your local machine, we derive default paths from there
-# 2. specify env variables ADMIN_MACAROON_FILE and TLS_CERT_FILE
+# 2. specify env variables MACAROON_FILE and TLS_CERT_FILE
 
 # also you want to specify LND_GRPC_HOST if your node is remote
 # other config tweaks have to be done by changing lntop/home/initial-config-template.toml before build
@@ -12,14 +12,14 @@ set -e -o pipefail
 
 # note: docker uses network_mode: host
 
-if [[ -z "$ADMIN_MACAROON_FILE" || -z "$TLS_CERT_FILE" ]]; then
+if [[ -z "$MACAROON_FILE" || -z "$TLS_CERT_FILE" ]]; then
   if [[ -z "$LND_HOME" ]]; then
     export LND_HOME="$HOME/.lnd"
     echo "warning: LND_HOME is not set, assuming '$LND_HOME'"
   fi
 fi
 
-export ADMIN_MACAROON_FILE=${ADMIN_MACAROON_FILE:-$LND_HOME/data/chain/bitcoin/mainnet/admin.macaroon}
+export MACAROON_FILE=${MACAROON_FILE:-$LND_HOME/data/chain/bitcoin/mainnet/readonly.macaroon}
 export TLS_CERT_FILE=${TLS_CERT_FILE:-$LND_HOME/tls.cert}
 export LND_GRPC_HOST=${LND_GRPC_HOST:-//127.0.0.1:10009}
 

docker/lntop.sh

@@ -18,9 +18,9 @@ if [[ ! -e "$LNTOP_AUX_DIR" ]]; then
 fi
 LNTOP_AUX_DIR_ABSOLUTE=$(abs_path "$LNTOP_AUX_DIR")
 
-# we use LNTOP_AUX_DIR as ad-hoc volume to pass admin.macaroon and tls.cert into our container
+# we use LNTOP_AUX_DIR as ad-hoc volume to pass readonly.macaroon and tls.cert into our container
 # it is mapped to /root/aux, config-template.toml assumes that
-cp "$ADMIN_MACAROON_FILE" "$LNTOP_AUX_DIR/admin.macaroon"
+cp "$MACAROON_FILE" "$LNTOP_AUX_DIR/readonly.macaroon"
 cp "$TLS_CERT_FILE" "$LNTOP_AUX_DIR/tls.cert"
 
 if [[ -n "$LNTOP_VERBOSE" ]]; then

docker/lntop/home/initial-config-template.toml

@@ -7,7 +7,7 @@ name = "lnd"
 type = "lnd"
 address = "${LND_GRPC_HOST}"
 cert = "/root/aux/tls.cert"
-macaroon = "/root/aux/admin.macaroon"
+macaroon = "/root/aux/readonly.macaroon"
 macaroon_timeout = 60
 max_msg_recv_size = 52428800
 conn_timeout = 1000000