diff --git a/modules/faraday.nix b/modules/faraday.nix
index dd4140b0a..5e2677e7a 100644
--- a/modules/faraday.nix
+++ b/modules/faraday.nix
@@ -6,20 +6,32 @@ let
   cfg = config.services.faraday;
   inherit (config) nix-bitcoin-services;
   secretsDir = config.nix-bitcoin.secretsDir;
+  network = config.services.bitcoind.network;
+  rpclisten = "${cfg.rpcAddress}:${toString cfg.rpcPort}";
 in {
 
   options.services.faraday = {
     enable = mkEnableOption "faraday";
     package = mkOption {
       type = types.package;
-      default = pkgs.nix-bitcoin.faraday;
+      default = config.nix-bitcoin.pkgs.faraday;
       defaultText = "pkgs.nix-bitcoin.faraday";
       description = "The package providing faraday binaries.";
     };
-    rpclisten = mkOption {
-      type = types.str;
-      default = "localhost:8465";
-      description = "Address to listen on for gRPC clients.";
+    rpcAddress = mkOption {
+       type = types.str;
+       default = "localhost";
+       description = "Address to listen for gRPC connections.";
+    };
+    rpcPort = mkOption {
+       type = types.port;
+       default = 8465;
+       description = "Port to listen for gRPC connections.";
+    };
+    faradayDir = mkOption {
+      type = types.path;
+      default = "/var/lib/faraday";
+      description = "The data directory for faraday.";
     };
     extraArgs = mkOption {
       type = types.separatedString " ";
@@ -30,7 +42,9 @@ in {
       default = pkgs.writeScriptBin "frcli"
       # Switch user because lnd makes datadir contents readable by user only
       ''
-        exec sudo -u lnd ${cfg.package}/bin/frcli --rpcserver ${cfg.rpclisten} "$@"
+        ${cfg.package}/bin/frcli \
+        --rpcserver ${rpclisten} \
+        --faradaydir ${cfg.faradayDir} "$@"
       '';
       description = "Binary to connect with the lnd instance.";
     };
@@ -52,18 +66,22 @@ in {
       requires = [ "lnd.service" ];
       after = [ "lnd.service" ];
       serviceConfig = nix-bitcoin-services.defaultHardening // {
+        preStart = ''
+        mkdir -p ${cfg.baseDir}
+        chown -R 'lnd:lnd' '${cfg.baseDir}'
+        '';
         ExecStart = ''
           ${cfg.package}/bin/faraday \
-          --rpclisten=${cfg.rpclisten} \
-          --rpcserver=${config.services.lnd.listen}:10009 \
-          --macaroondir=${config.services.lnd.dataDir}/chain/bitcoin/mainnet \
-          --tlscertpath=${secretsDir}/lnd-cert \
-          ${cfg.extraArgs}
+          --faradaydir=${cfg.faradayDir} \
+          --rpclisten=${rpclisten} \
+          --lnd.rpcserver=${config.services.lnd.rpcAddress}:${toString config.services.lnd.rpcPort} \
+          --lnd.macaroondir=${config.services.lnd.networkDir} \
+          --lnd.tlscertpath=${secretsDir}/lnd-cert 
         '';
         User = "lnd";
         Restart = "on-failure";
         RestartSec = "10s";
-        ReadWritePaths = "${config.services.lnd.dataDir}";
+        ReadWritePaths = "${cfg.faradayDir}";
       } // (if cfg.enforceTor
           then nix-bitcoin-services.allowTor
           else nix-bitcoin-services.allowAnyIP);
diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix
index bd21be046..9d7565339 100644
--- a/modules/netns-isolation.nix
+++ b/modules/netns-isolation.nix
@@ -249,6 +249,10 @@ in {
         id = 27;
         connections = [ "lnd" ];
       };
+      faraday = {
+        id = 28;
+        connections = [ "lnd" ];
+      };
     };
 
     services.bitcoind = {
diff --git a/pkgs/default.nix b/pkgs/default.nix
index fcf8bc40c..3ae9a90d5 100644
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@@ -11,6 +11,7 @@ let self = {
   netns-exec = pkgs.callPackage ./netns-exec { };
   lightning-loop = pkgs.callPackage ./lightning-loop { };
   lightning-pool = pkgs.callPackage ./lightning-pool { };
+  faraday = pkgs.callPackage ./faraday { };
   extra-container = pkgs.callPackage ./extra-container { };
   clightning-plugins = import ./clightning-plugins pkgs self.nbPython3Packages;
   clboss = pkgs.callPackage ./clboss { };
@@ -18,7 +19,6 @@ let self = {
   nbPython3Packages = (pkgs.python3.override {
     packageOverrides = pySelf: super: import ./python-packages self pySelf;
   }).pkgs;
-  faraday = pkgs.callPackage ./faraday { };
 
   pinned = import ./pinned.nix;
 
diff --git a/pkgs/faraday/default.nix b/pkgs/faraday/default.nix
index f844a6d12..8928547ea 100644
--- a/pkgs/faraday/default.nix
+++ b/pkgs/faraday/default.nix
@@ -2,17 +2,17 @@
 
 buildGoModule rec {
   pname = "faraday";
-  version = "0.2.0-alpha";
+  version = "0.2.3-alpha";
 
   src = fetchurl {
     url = "https://github.com/lightninglabs/faraday/archive/v${version}.tar.gz";
     # Use ./get-sha256.sh to fetch latest (verified) sha256
-    sha256 = "58cdb977909e2188837ee0d00ec47a520baeb3bb09719ea6e1fe23efb9283d06";
+    sha256 = "c016e2b16160f24abdfce0f71cdb848da3e3d78cff450fb353017d4104bd616e";
   };
 
   subPackages = [ "cmd/faraday" "cmd/frcli" ];
 
-  vendorSha256 = "1vmspdlh018p453rbif5yc2fqjipnz012rlbilwcrkjric24qbsk";
+  vendorSha256 = "1hh99nfprlmhkc36arg3w1kxby59i2l7n258cp40niv7bjn37hrq";
 
   meta = with lib; {
     description = " Faraday: Lightning Channel Management & Optimization Tool";
diff --git a/pkgs/faraday/get-sha256.sh b/pkgs/faraday/get-sha256.sh
old mode 100755
new mode 100644
index 67473cf2e..6f5cf2777
--- a/pkgs/faraday/get-sha256.sh
+++ b/pkgs/faraday/get-sha256.sh
@@ -1,5 +1,6 @@
-# /bin/bash
-
+#! /usr/bin/env nix-shell
+#! nix-shell -i bash -p git gnupg
+set -euo pipefail
 
 TMPDIR="$(mktemp -d -p /tmp)"
 trap "rm -rf $TMPDIR" EXIT