fix: LND Connect — remove nginx cookie gate, rebuild LND UI with credentials

- Nginx cookie check removed for /lnd-connect-info — backend is
  localhost-only so no external access possible. Browsers (especially
  Brave) don't reliably send SameSite=Lax cookies from iframe fetches.
- LND UI source restored from archive with credentials: 'include'
- Discover.vue install banner removed (inline card progress only)
- Server.vue: Connectivity → Tor Status, using tor.list-services

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian
2026-03-19 17:02:17 +00:00
parent 57b5fc7ea5
commit b893fff23c
9 changed files with 3229 additions and 4 deletions

View File

@@ -153,8 +153,8 @@ server {
}
location /lnd-connect-info {
# Requires authenticated session — exposes LND admin macaroon
if ($cookie_session = "") { return 401; }
# Backend is localhost-only (127.0.0.1:5678) — no cookie gate needed
# LND UI iframe fetch can't reliably send cookies in all browsers
proxy_pass http://127.0.0.1:5678/lnd-connect-info;
proxy_http_version 1.1;
proxy_set_header Host $host;
@@ -807,8 +807,8 @@ server {
}
location /lnd-connect-info {
# Requires authenticated session — exposes LND admin macaroon
if ($cookie_session = "") { return 401; }
# Backend is localhost-only (127.0.0.1:5678) — no cookie gate needed
# LND UI iframe fetch can't reliably send cookies in all browsers
proxy_pass http://127.0.0.1:5678/lnd-connect-info;
proxy_http_version 1.1;
proxy_set_header Host $host;