Wires the nsec bunker daemon (Pablo's nsecBunker, forked to
aiolabs/nsecbunkerd) into the dev compose for phase 2 of
aiolabs/lnbits#9. Build context defaults to
\${NSECBUNKER_SRC:-/home/padreug/dev/nsecbunkerd/master} so the
canonical fork checkout is the source of truth — keeps all the
upstream-rot patches (Dockerfile npm→pnpm, ndk 2.8.1 pin,
pingOrDie disable, startKey nip19.decode — issues #1, #2, #3, #4,
#8 on aiolabs/nsecbunkerd) in one tracked tree instead of a local
shallow clone.
Admin npub via NSECBUNKER_ADMIN_NPUBS env (in .env). SQLite + JSON
config persisted under ./data/nsecbunker. Mirrors upstream's
upstream docker-compose memory caps.
.gitignore picks up the legacy ./nsecbunker/ local clone that the
LNBITS_SRC-style override now bypasses; left there to avoid
accidental staging if someone re-clones it for ad-hoc work.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two small fixes that surfaced during the v2-bitspire end-to-end test
on 2026-05-15 against a real Sintra ATM:
1. `NOSTR_TRANSPORT_PRIVATE_KEY` / `NOSTR_TRANSPORT_PUBLIC_KEY` are
now forwarded from the local `.env` into the lnbits container's
environment. Without a pinned key LNbits auto-generates a fresh
server keypair on every container restart, which breaks any ATM
previously provisioned against the old pubkey (encryption target
no longer exists from LNbits' point of view → RPCs land on the
relay but the dispatcher never picks them up → cash-out hangs at
"generating invoice"). The `.env` file is gitignored so the actual
keypair stays out of the repo; rotate by regenerating + re-
provisioning all ATMs.
2. `AUTH_HTTPS_ONLY: "false"` — LNbits' auth cookies default to
requiring HTTPS, which blocks LAN access from a non-localhost
browser (e.g. another machine on 192.168.0.x reaching the dev
instance). Safe to disable for the dev stack; production-shaped
deployments must keep it true.
