2021-12-21 15:45:01 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
# https://github.com/djbooth007/tallycoin_connect
|
|
|
|
|
|
|
|
|
|
USERNAME=tallycoin
|
|
|
|
|
APP_DATA_DIR=/mnt/hdd/app-data/tallycoin-connect
|
|
|
|
|
HOME_DIR=/home/$USERNAME
|
|
|
|
|
CONFIG_FILE=$APP_DATA_DIR/tallycoin_api.key
|
|
|
|
|
RASPIBLITZ_INFO=/home/admin/raspiblitz.info
|
|
|
|
|
SERVICE_FILE=/etc/systemd/system/tallycoin-connect.service
|
2021-12-23 14:53:56 +01:00
|
|
|
TC_VERSION=1.7.1
|
2021-12-21 15:45:01 +01:00
|
|
|
|
|
|
|
|
# command info
|
|
|
|
|
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
|
|
|
|
|
echo "config script to switch tallycoin_connect on or off"
|
|
|
|
|
echo "bonus.tallycoin-connect.sh [on|off|menu]"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# check and load raspiblitz config to know which network is running
|
|
|
|
|
source $RASPIBLITZ_INFO
|
2022-01-26 02:34:28 +01:00
|
|
|
source /mnt/hdd/raspiblitz.conf
|
2021-12-21 15:45:01 +01:00
|
|
|
|
|
|
|
|
# show info menu
|
|
|
|
|
if [ "$1" = "menu" ]; then
|
|
|
|
|
# get network info
|
|
|
|
|
localip=$(hostname -I | awk '{print $1}')
|
|
|
|
|
toraddress=$(sudo cat /mnt/hdd/tor/tallycoin-connect/hostname 2>/dev/null)
|
|
|
|
|
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
|
|
|
|
|
|
|
|
|
|
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
|
|
|
|
|
# Info with TOR
|
2022-02-13 12:23:34 +00:00
|
|
|
sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
|
2021-12-21 15:45:01 +01:00
|
|
|
whiptail --title " Tallycoin Connect " --msgbox "Open in your local web browser:
|
|
|
|
|
http://${localip}:8123\n
|
|
|
|
|
https://${localip}:8124 with Fingerprint:
|
|
|
|
|
${fingerprint}\n
|
|
|
|
|
Use your Password B to login.\n
|
|
|
|
|
Hidden Service address for TOR Browser (see LCD for QR):\n${toraddress}
|
2021-12-21 15:55:55 +01:00
|
|
|
" 16 72
|
2022-02-13 12:23:34 +00:00
|
|
|
sudo /home/admin/config.scripts/blitz.display.sh hide
|
2021-12-21 15:45:01 +01:00
|
|
|
else
|
|
|
|
|
# Info without TOR
|
|
|
|
|
whiptail --title " Tallycoin Connect " --msgbox "Open in your local web browser & accept self-signed cert:
|
|
|
|
|
http://${localip}:8123\n
|
|
|
|
|
https://${localip}:8124 with Fingerprint:
|
|
|
|
|
${fingerprint}\n
|
|
|
|
|
Use your Password B to login.\n
|
|
|
|
|
Activate TOR to access the web interface from outside your local network.
|
2021-12-21 15:55:55 +01:00
|
|
|
" 15 72
|
2021-12-21 15:45:01 +01:00
|
|
|
fi
|
|
|
|
|
echo "please wait ..."
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# switch on
|
|
|
|
|
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
|
|
|
|
|
isInstalled=$(sudo ls $HOME_DIR 2>/dev/null | grep -c 'tallycoin_connect')
|
|
|
|
|
if [ ${isInstalled} -eq 0 ]; then
|
|
|
|
|
echo "*** INSTALL TALLYCOIN CONNECT ***"
|
|
|
|
|
|
|
|
|
|
# install nodeJS
|
|
|
|
|
/home/admin/config.scripts/bonus.nodejs.sh on
|
|
|
|
|
|
|
|
|
|
# add user
|
|
|
|
|
sudo adduser --disabled-password --gecos "" $USERNAME
|
|
|
|
|
|
|
|
|
|
# install tallycoin_connect
|
|
|
|
|
cd $HOME_DIR
|
|
|
|
|
sudo -u $USERNAME wget https://github.com/djbooth007/tallycoin_connect/archive/refs/tags/v$TC_VERSION.tar.gz
|
|
|
|
|
sudo -u $USERNAME tar -xzf v$TC_VERSION.tar.gz
|
|
|
|
|
sudo -u $USERNAME mv tallycoin_connect{-$TC_VERSION,}
|
|
|
|
|
sudo -u $USERNAME rm v$TC_VERSION.tar.gz
|
|
|
|
|
cd tallycoin_connect
|
2021-12-23 14:53:56 +01:00
|
|
|
sudo -u $USERNAME cat .dockerignore | sudo -u $USERNAME xargs sudo -u $USERNAME rm -rf
|
2021-12-21 15:45:01 +01:00
|
|
|
sudo -u $USERNAME rm .dockerignore
|
|
|
|
|
sudo -u $USERNAME npm install
|
|
|
|
|
if ! [ $? -eq 0 ]; then
|
|
|
|
|
echo "FAIL - npm install did not run correctly, aborting"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# setup config
|
|
|
|
|
sudo mkdir -p $APP_DATA_DIR
|
|
|
|
|
sudo chown $USERNAME:$USERNAME $APP_DATA_DIR
|
|
|
|
|
|
|
|
|
|
if [[ ! -f "$CONFIG_FILE" ]]; then
|
|
|
|
|
configFile=/home/admin/tallycoin_api.key
|
|
|
|
|
touch $configFile
|
|
|
|
|
sudo chmod 600 $configFile || exit 1
|
|
|
|
|
passwordB=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
|
|
|
|
|
passwd=$(printf $passwordB | sha256sum | tr -d ' -')
|
|
|
|
|
tlsCert=$(base64 /mnt/hdd/app-data/lnd/tls.cert | tr -d '=' | tr '/+' '_-' | tr -d '\n')
|
|
|
|
|
macaroon=$(base64 /mnt/hdd/app-data/lnd/data/chain/${network}/${chain}net/admin.macaroon | tr -d '=' | tr '/+' '_-' | tr -d '\n')
|
|
|
|
|
echo "{\"tls_cert\":\"$tlsCert\",\"macaroon\":\"$macaroon\",\"tallycoin_passwd\":\"$passwd\"}" > $configFile
|
|
|
|
|
|
|
|
|
|
sudo mv $configFile $CONFIG_FILE
|
|
|
|
|
sudo chown $USERNAME:$USERNAME $CONFIG_FILE
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
##################
|
|
|
|
|
# NGINX
|
|
|
|
|
##################
|
|
|
|
|
# setup nginx symlinks
|
|
|
|
|
if ! [ -f /etc/nginx/sites-available/tallycoin_connect_ssl.conf ]; then
|
|
|
|
|
sudo cp -f /home/admin/assets/nginx/sites-available/tallycoin_connect_ssl.conf /etc/nginx/sites-available/tallycoin_connect_ssl.conf
|
|
|
|
|
fi
|
|
|
|
|
if ! [ -f /etc/nginx/sites-available/tallycoin_connect_tor.conf ]; then
|
|
|
|
|
sudo cp /home/admin/assets/nginx/sites-available/tallycoin_connect_tor.conf /etc/nginx/sites-available/tallycoin_connect_tor.conf
|
|
|
|
|
fi
|
|
|
|
|
if ! [ -f /etc/nginx/sites-available/tallycoin_connect_tor_ssl.conf ]; then
|
|
|
|
|
sudo cp /home/admin/assets/nginx/sites-available/tallycoin_connect_tor_ssl.conf /etc/nginx/sites-available/tallycoin_connect_tor_ssl.conf
|
|
|
|
|
fi
|
|
|
|
|
sudo ln -sf /etc/nginx/sites-available/tallycoin_connect_ssl.conf /etc/nginx/sites-enabled/
|
|
|
|
|
sudo ln -sf /etc/nginx/sites-available/tallycoin_connect_tor.conf /etc/nginx/sites-enabled/
|
|
|
|
|
sudo ln -sf /etc/nginx/sites-available/tallycoin_connect_tor_ssl.conf /etc/nginx/sites-enabled/
|
|
|
|
|
sudo nginx -t
|
|
|
|
|
sudo systemctl reload nginx
|
|
|
|
|
|
|
|
|
|
# open the firewall
|
|
|
|
|
echo "*** Updating Firewall ***"
|
|
|
|
|
sudo ufw allow from any to any port 8123 comment 'allow Tallycoin Connect HTTP'
|
|
|
|
|
sudo ufw allow from any to any port 8124 comment 'allow Tallycoin Connect HTTPS'
|
|
|
|
|
echo ""
|
|
|
|
|
|
|
|
|
|
##################
|
|
|
|
|
# SYSTEMD SERVICE
|
|
|
|
|
##################
|
|
|
|
|
|
|
|
|
|
echo "# Install Tallycoin Connect systemd for ${network} on ${chain}"
|
|
|
|
|
echo "
|
|
|
|
|
# Systemd unit for Tallycoin Connect
|
|
|
|
|
|
|
|
|
|
[Unit]
|
|
|
|
|
Description=Tallycoin Connect daemon
|
|
|
|
|
Wants=lnd.service
|
|
|
|
|
After=lnd.service
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
WorkingDirectory=$HOME_DIR/tallycoin_connect
|
|
|
|
|
Environment=\"CONFIG_FILE=$CONFIG_FILE\"
|
|
|
|
|
ExecStart=/usr/bin/npm start
|
|
|
|
|
User=tallycoin
|
|
|
|
|
Restart=always
|
|
|
|
|
TimeoutSec=120
|
|
|
|
|
RestartSec=30
|
|
|
|
|
StandardOutput=null
|
|
|
|
|
StandardError=journal
|
|
|
|
|
|
|
|
|
|
# Hardening measures
|
|
|
|
|
PrivateTmp=true
|
|
|
|
|
ProtectSystem=full
|
|
|
|
|
NoNewPrivileges=true
|
|
|
|
|
PrivateDevices=true
|
|
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
|
WantedBy=multi-user.target
|
|
|
|
|
" | sudo tee $SERVICE_FILE
|
|
|
|
|
sudo systemctl enable tallycoin-connect
|
|
|
|
|
|
|
|
|
|
# setting value in raspiblitz config
|
2022-01-26 02:34:28 +01:00
|
|
|
/home/admin/config.scripts/blitz.conf.sh set tallycoinConnect "on"
|
2021-12-21 15:45:01 +01:00
|
|
|
|
|
|
|
|
# Hidden Service for tallycoin-connect if Tor is active
|
|
|
|
|
if [ "${runBehindTor}" = "on" ]; then
|
2022-01-26 00:15:50 +01:00
|
|
|
# make sure to keep in sync with tor.onion-service.sh script
|
|
|
|
|
/home/admin/config.scripts/tor.onion-service.sh tallycoin-connect 80 8125 443 8126
|
2021-12-21 15:45:01 +01:00
|
|
|
fi
|
|
|
|
|
source $RASPIBLITZ_INFO
|
|
|
|
|
if [ "${state}" == "ready" ]; then
|
|
|
|
|
echo "# OK - the tallycoin-connect.service is enabled, system is ready so starting service"
|
|
|
|
|
sudo systemctl start tallycoin-connect
|
|
|
|
|
else
|
|
|
|
|
echo "# OK - the tallycoin-connect.service is enabled, to start manually use: 'sudo systemctl start tallycoin-connect'"
|
|
|
|
|
fi
|
|
|
|
|
else
|
|
|
|
|
echo "*** TALLYCOIN CONNECT ALREADY INSTALLED ***"
|
|
|
|
|
fi
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# switch off
|
|
|
|
|
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
|
|
|
|
isInstalled=$(sudo ls $HOME_DIR 2>/dev/null | grep -c 'tallycoin_connect')
|
|
|
|
|
if [ ${isInstalled} -eq 1 ]; then
|
|
|
|
|
echo "*** UNINSTALL TALLYCOIN CONNECT ***"
|
|
|
|
|
|
|
|
|
|
# remove systemd service
|
|
|
|
|
sudo systemctl stop tallycoin-connect
|
|
|
|
|
sudo systemctl disable tallycoin-connect
|
|
|
|
|
sudo rm -f $SERVICE_FILE
|
|
|
|
|
|
|
|
|
|
# close ports on firewall
|
|
|
|
|
sudo ufw delete allow from any to any port 8123 comment 'allow Tallycoin Connect HTTP'
|
|
|
|
|
sudo ufw delete allow from any to any port 8124 comment 'allow Tallycoin Connect HTTPS'
|
|
|
|
|
|
|
|
|
|
# remove nginx symlinks
|
|
|
|
|
sudo rm -f /etc/nginx/sites-enabled/tallycoin_connect_*
|
|
|
|
|
sudo nginx -t
|
|
|
|
|
sudo systemctl reload nginx
|
|
|
|
|
|
|
|
|
|
# Hidden Service if Tor is active
|
|
|
|
|
if [ "${runBehindTor}" = "on" ]; then
|
2022-02-10 22:29:10 +01:00
|
|
|
/home/admin/config.scripts/tor.onion-service.sh off tallycoin-connect
|
2021-12-21 15:45:01 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# remove config
|
|
|
|
|
sudo rm -rf $APP_DATA_DIR
|
|
|
|
|
|
|
|
|
|
# delete user and home directory
|
|
|
|
|
sudo userdel -rf $USERNAME
|
|
|
|
|
|
|
|
|
|
# setting value in raspi blitz config
|
2022-01-26 02:34:28 +01:00
|
|
|
/home/admin/config.scripts/blitz.conf.sh set tallycoinConnect "off"
|
2021-12-21 15:45:01 +01:00
|
|
|
|
|
|
|
|
echo "OK TALLYCOIN CONNECT removed."
|
|
|
|
|
else
|
|
|
|
|
echo "*** TALLYCOIN CONNECT NOT INSTALLED ***"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
echo "FAIL - Unknown Parameter $1"
|
|
|
|
|
exit 1
|
