diff --git a/CHANGES.md b/CHANGES.md index 694b4e701..c0bf35e2c 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,26 +1,26 @@ -# CHANGES between Releases - ## What's new in Version 1.9.0 of RaspiBlitz? - New: Automated disk image build for amd64 (VM, laptop, desktop, server) and arm64-rpi (Raspberry Pi) [details](https://github.com/rootzoll/raspiblitz/tree/dev/ci/README.md) - New: Fatpack & Minimal sd card builds [details](SECURITY.md#minimal-sd-card-build) - New: I2P support for Bitcoin Core (i2pacceptincoming=1) [details](https://github.com/rootzoll/raspiblitz/issues/2413) - New: CLN Watchtower (The Eye of Satoshi) [details](https://github.com/talaia-labs/rust-teos/tree/master/watchtower-plugin) -- New: LNDg v1.4.0 [details](https://github.com/cryptosharks131/lndg) +- New: LNDg v1.6.0 [details](https://github.com/cryptosharks131/lndg) - New: Support of X708 UPS HAT [details](https://github.com/rootzoll/raspiblitz/pull/3087) - New: BOS Telegram Bot Support (see OPTIONS on LND Balance of Satoshis menu entry) - New: LightningTipBot v0.5 [details](https://github.com/LightningTipBot/LightningTipBot) - New: CLI shortcut for ↬lnproxy [details](https://github.com/rootzoll/raspiblitz/pull/3333) -- New on WebUI: Jam (JoinMarket Web UI) v0.1.4 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.4) +- New: Homebanking Interface FinTS/HBCI (experimental) [details](https://github.com/rootzoll/raspiblitz/issues/1186) +- New on WebUI: Jam (JoinMarket Web UI) v0.1.5 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.5) - Update: Bitcoin Core v24.0.1 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.0.1.md) -- Update: LND v0.15.5 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.5-beta) -- Update: Core Lightning v22.11.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v22.11.1) +- Update: LND v0.16.0-beta [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.16.0-beta) +- Update: Core Lightning v23.02 [details](https://github.com/ElementsProject/lightning/releases/tag/v23.02) +- Update: C-lightningREST v0.10.2 [details](https://github.com/Ride-The-Lightning/c-lightning-REST/releases/tag/v0.10.2) - Update: Electrum Server in Rust (electrs) v0.9.11 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0911-jan-5-2023) -- Update: Lightning Terminal v0.8.4-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.8.4-alpha) -- Update: RTL v0.13.0 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.12.3) +- Update: Lightning Terminal v0.8.6-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.8.6-alpha) +- Update: RTL v0.13.6 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.13.6) - Update: Thunderhub v0.13.16 with balance sharing disabled [details](https://github.com/apotdevin/thunderhub/releases/tag/v0.13.16) -- Update: LNbits 0.9.6 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.6) -- Update: BTCPayServer 1.7.5 (using postgres for new installs) [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5) +- Update: LNbits 0.10.2 [details](https://github.com/lnbits/lnbits/releases/tag/0.10.2) +- Update: BTCPayServer 1.8.2 (using postgres for new installs) [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.8.2) - Update: ItchySats 0.7.0 [details](https://github.com/itchysats/itchysats/releases/tag/0.7.0) - Update: Channel Tools (chantools) v0.10.5 [details](https://github.com/guggero/chantools/releases/tag/v0.10.5) - Update: JoinMarket v0.9.9 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.9) @@ -29,7 +29,7 @@ - Update: lndmanage 0.14.2 [details](https://github.com/bitromortac/lndmanage) - Update: Circuitbreaker with webUI [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md) - Update: Suez - Channel Visualization for LND & CL [details](https://github.com/prusnak/suez) -- Update: Tallycoin Connect v1.7.5 [details](https://github.com/djbooth007/tallycoin_connect/releases/tag/v1.7.5) +- Update: Tallycoin Connect v1.8.0 [details](https://github.com/djbooth007/tallycoin_connect/releases/tag/v1.8.0) - Fixed: SCB/Emergency-Backup to USB drive (now also with CLN emergency.recover file) - Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox) - Info: IP2Tor fix fulmo shop & added new ip2tor.com shop diff --git a/FAQ.cl.md b/FAQ.cl.md index 77fa7bd08..591047728 100644 --- a/FAQ.cl.md +++ b/FAQ.cl.md @@ -34,18 +34,19 @@ - [Backups](#backups) - [Backup strategy](#backup-strategy) - [Seed](#seed) - - [How to display the hsm_secret in a human-readable format?](#how-to-display-the-hsm_secret-in-a-human-readable-format) + - [How to display the hsm\_secret in a human-readable format?](#how-to-display-the-hsm_secret-in-a-human-readable-format) - [How to test the seedwords?](#how-to-test-the-seedwords) - - [How to restore the hsm_secret from text?](#how-to-restore-the-hsm_secret-from-text) + - [How to restore the hsm\_secret from text?](#how-to-restore-the-hsm_secret-from-text) - [Channel database](#channel-database) - - [Recovery](#recovery) - - [Recover from a cl-rescue file](#recover-from-a-cl-rescue-file) - - [Recover from a seed](#recover-from-a-seed) - - [Restore a CLN node from the database backup on the SDcard](#restore-a-cln-node-from-the-database-backup-on-the-sdcard) - - [Rescan the chain after restoring a used CLN wallet](#rescan-the-chain-after-restoring-a-used-cln-wallet) - - [Guesstoremote to recover funds from force-closed channels](#guesstoremote-to-recover-funds-from-force-closed-channels) +- [Recovery](#recovery) + - [Recover from a cl-rescue file](#recover-from-a-cl-rescue-file) + - [Recover from a seed](#recover-from-a-seed) + - [Emergency recovery in case of lost channel states](#emergency-recovery-in-case-of-lost-channel-states) + - [Restore a CLN node from the database backup on the SDcard](#restore-a-cln-node-from-the-database-backup-on-the-sdcard) + - [Rescan the chain after restoring a used CLN wallet](#rescan-the-chain-after-restoring-a-used-cln-wallet) + - [Guesstoremote to recover funds from force-closed channels](#guesstoremote-to-recover-funds-from-force-closed-channels) - [sqlite3 queries](#sqlite3-queries) -- [Extract the private and public key from the hsm_secret file](#extract-the-private-and-public-key-from-the-hsm_secret-file) +- [Extract the private and public key from the hsm\_secret file](#extract-the-private-and-public-key-from-the-hsm_secret-file) - [Update](#update) - [Update to a new CLN release](#update-to-a-new-cln-release) - [Experimental update to the latest master](#experimental-update-to-the-latest-master) @@ -457,7 +458,7 @@ Will need to pay through a peer which supports the onion messages which means yo ``` ## Backups -*<> https://lightning.readthedocs.io/FAQ.html#how-to-backup-my-wallet> +* > * General details: ### Backup strategy @@ -479,7 +480,7 @@ Will need to pay through a peer which supports the onion messages which means yo * If there is no such file and you have not funded the CLN wallet yet can reset the wallet and the next wallet will be created with a seed. ### How to display the hsm_secret in a human-readable format? -* If there is no seed available it is best to save the hsm_secret as a file with `sftp` or note down the alphanumeric characters in the two line displayed with: +* If there is no seed available it is best to save the hsm_secret as a file with `scp` or note down the alphanumeric characters in the two line displayed with: ``` sudo xxd /home/bitcoin/.lightning/bitcoin/hsm_secret ``` @@ -519,20 +520,98 @@ Will need to pay through a peer which supports the onion messages which means yo ### Channel database * Stored on the disk and synchronised to the SDcard with the help of the `backup` plugin. -### Recovery +## Recovery * https://lightning.readthedocs.io/FAQ.html#database-corruption-channel-state-lost * https://lightning.readthedocs.io/FAQ.html#loss -#### Recover from a cl-rescue file +### Recover from a cl-rescue file * use the `REPAIR-CL` - `FILERESTORE` option in the menu for instructions to upload -#### Recover from a seed +### Recover from a seed * use the `REPAIR-CL` - `SEEDRESTORE` option in the menu for instructions to paste the seedwords to restore +* or use the manual commands + ``` + # stop CLN + sudo systemctl stop lightningd -#### Restore a CLN node from the database backup on the SDcard + # change to the bitcoin user + sudo su - bitcoin + + # generate the hsm_secret in temporary directory from your CLN seed words (follow the instructions) + lightning-hsmtool generatehsm /dev/shm/hsm_secret + + # backup your old hsm_secret and channel database + mkdir /home/bitcoin/.lightning/bitcoin/old_node + mv /home/bitcoin/.lightning/bitcoin/** /home/bitcoin/.lightning/bitcoin/old_node/ + + # move the new hsm_secret in place + mv /dev/shm/hsm_secret /home/bitcoin/.lightning/bitcoin/ + + # back to admin + exit + + # start lightningd + sudo systemctl start lightningd + + # show the logs + cllog + ``` + +### Emergency recovery in case of lost channel states + +* blogpost: +* demo video: https://youtu.be/zBmEieZuS8Q +* manpage: + ``` + lightning-cli help emergencyrecover + ``` + +1. [Restore the hsm_secret (onchain wallet keys) from seed](#recover-from-a-seed) (or hex). + * There is no need to wait for the (few hours) rescan to finish, but can follow it any time with: + ``` + cllog + ``` +1. Upload and copy the emergency.recover file in place + + * upload the file with scp: + ``` + scp hsm_secret emergency.recover admin@RASPIBLITZ_IP:~/ + ``` + * copy it from `/home/admin/`: + ``` + sudo cp /home/admin/emergency.recover /home/bitcoin/.lightning/bitcoin/ + sudo chown bitcoin:bitcoin /home/bitcoin/.lightning/bitcoin/emergency.recover + ``` +1. Recover + + * run (as admin or bitcoin user): + ``` + lightning-cli emergencyrecover + ``` + * a list of channelID-s should be returned if it worked: + ``` + { + "stubs": [ + "................", + ] + } + ``` +1. See more data about the recovered funds and channels + ``` + lightning-cli listfunds + lightning-cli listpeers + ``` + * List the funding txid-s: + ``` + lightning-cli listfunds | jq -r '.channels[] | .funding_txid' + ``` + Can check the txid-s in a mempool explorer. If one is spent that channel is already closed. + +### Restore a CLN node from the database backup on the SDcard * https://gist.github.com/openoms/3516cd8f393d69d52f858c3d47c9e469 -#### Rescan the chain after restoring a used CLN wallet - +### Rescan the chain after restoring a used CLN wallet +* automatically done when using `SEEDRESTORE` +* controlled by the entry in the cln config file * can use the `menu` -> `REPAIR` -> `REPAIR-CL` -> `RESCAN` option * or follow the manual process: @@ -554,7 +633,7 @@ Will need to pay through a peer which supports the onion messages which means yo cllog ``` -#### Guesstoremote to recover funds from force-closed channels +### Guesstoremote to recover funds from force-closed channels * ``` $ man lightning-hsmtool @@ -708,9 +787,9 @@ Will need to pay through a peer which supports the onion messages which means yo seed-force will delete any old wallet and will work without dialog cl.hsmtool.sh [unlock] - success: exit 0 - wrong password: exit 2 - fail to unlock after 1 minute + show logs: exit 3 + success: exit 0 + wrong password: exit 2 + fail to unlock after 1 minute + show logs: exit 3 cl.hsmtool.sh [lock] cl.hsmtool.sh [encrypt|decrypt] cl.hsmtool.sh [autounlock-on|autounlock-off] @@ -726,7 +805,7 @@ Will need to pay through a peer which supports the onion messages which means yo + ./cl.install.sh -h Core Lightning install script - The default version is: v0.11.2 + The default version is: v22.11.1 mainnet / testnet / signet instances can run parallel Usage: @@ -807,14 +886,22 @@ Will need to pay through a peer which supports the onion messages which means yo + ./cl-plugin.summary.sh -h - Install and show the output if the summary plugin for Core Lightning + Install and show the output if the summary plugin forCore Lightning Usage: cl-plugin.summary.sh [testnet|mainnet|signet] [runonce] + + ./cl-plugin.watchtower-client.sh -h + + Install the rust-teos watchtower-client plugin for CLN + Usage: + cl-plugin.watchtower-client.sh on + cl-plugin.watchtower-client.sh off + cl-plugin.watchtower-client.sh info + + ./cl.rest.sh -h - Core Lightning-REST install script - The default version is: v0.7.2 + Core-Lightning-REST install script + The default version is: v0.9.0 mainnet | testnet | signet instances can run parallel Usage: @@ -830,7 +917,7 @@ Will need to pay through a peer which supports the onion messages which means yo Install, remove or get info about the Spark Wallet for Core Lightning version: v0.3.1 Usage: - cl.spark.sh [on|off|menu] + cl.spark.sh [on|off|menu] + ./cl.update.sh -h @@ -838,10 +925,10 @@ Will need to pay through a peer which supports the onion messages which means yo cl.update.sh [info|verified|reckless] info -> get actual state and possible actions verified -> only do recommended updates by RaspiBlitz team - binary will be checked by signature and checksum + binary will be checked by signature and checksum reckless -> if you just want to update to the latest release - published on Core Lightning GitHub releases (RC or final) without any - testing or security checks. + published on Core Lightning GitHub releases (RC or final) without any + testing or security checks. ``` ## All possible config options @@ -869,9 +956,10 @@ Will need to pay through a peer which supports the onion messages which means yo --wallet Location of the wallet database. --large-channels|--wumbo Allow channels larger than 0.16777215 BTC --experimental-dual-fund experimental: Advertise dual-funding and allow peers to establish channels via v2 channel open protocol. - --experimental-onion-messages EXPERIMENTAL: enable send, receive and relay of onion messages + --experimental-onion-messages EXPERIMENTAL: enable send, receive and relay of onion messages and blinded payments --experimental-offers EXPERIMENTAL: enable send and receive of offers (also sets experimental-onion-messages) --experimental-shutdown-wrong-funding EXPERIMENTAL: allow shutdown with alternate txids + --announce-addr-dns Use DNS entries in --announce-addr and --addr (not widely supported!) (default: false) --help|-h Print this message. --rgb RRGGBB hex color for node --alias Up to 32-byte alias for node @@ -897,25 +985,36 @@ Will need to pay through a peer which supports the onion messages which means yo --disable-ip-discovery Turn off announcement of discovered public IPs --offline Start in offline-mode (do not automatically reconnect and do not accept incoming connections) --autolisten If true, listen on default port and announce if it seems to be a public interface (default: true) + --dev-allowdustreserve If true, we allow the `fundchannel` RPC command and the `openchannel` plugin hook to set a reserve that is below the dust limit. + (default: false) --proxy Set a socks v5 proxy IP address and port --tor-service-password Set a Tor hidden service password - --experimental-accept-extra-tlv-types Comma separated list of extra TLV types to accept. + --accept-htlc-tlv-types Comma separated list of extra HTLC TLV types to accept. --disable-dns Disable DNS lookups of peers --encrypted-hsm Set the password to encrypt hsm_secret with. If no password is passed through command line, you will be prompted to enter it. --rpc-file-mode Set the file mode (permissions) for the JSON-RPC socket (default: "0600") - --force-feerates Set testnet/regtest feerates in sats perkw, opening/mutual_close/unlateral_close/delayed_to_us/htlc_resolution/penalty: if fewer specified, last number applies to remainder - --subdaemon Arg specified as SUBDAEMON:PATH. Specifies an alternate subdaemon binary. If the supplied path is relative the subdaemon binary is found in the working directory. This option may be - specified multiple times. For example, --subdaemon=hsmd:remote_signer would use a hypothetical remote signing subdaemon. + --force-feerates Set testnet/regtest feerates in sats perkw, opening/mutual_close/unlateral_close/delayed_to_us/htlc_resolution/penalty: if fewer + specified, last number applies to remainder + --subdaemon Arg specified as SUBDAEMON:PATH. Specifies an alternate subdaemon binary. If the supplied path is relative the subdaemon binary is + found in the working directory. This option may be specified multiple times. For example, --subdaemon=hsmd:remote_signer would use + a hypothetical remote signing subdaemon. --experimental-websocket-port experimental: alternate port for peers to connect using WebSockets (RFC6455) + --database-upgrade Set to true to allow database upgrades even on non-final releases (WARNING: you won't be able to downgrade!) --log-level log level (io, debug, info, unusual, broken) [:prefix] (default: info) --log-timestamps prefix log messages with timestamp (default: true) - --log-prefix log prefix (default: lightningd) - --log-file= log to file instead of stdout + --log-prefix log prefix (default: ) + --log-file= Also log to file (- for stdout) --version|-V Print version and exit + --fetchinvoice-noconnect Don't try to connect directly to fetch an invoice. --autocleaninvoice-cycle Perform cleanup of expired invoices every given seconds, or do not autoclean if 0 --autocleaninvoice-expired-by If expired invoice autoclean enabled, invoices that have expired for at least this given seconds are cleaned - --fetchinvoice-noconnect Don't try to connect directly to fetch an invoice. - --disable-mpp Disable multi-part payments. + --autoclean-cycle Perform cleanup every given seconds + --autoclean-succeededforwards-age How old do successful forwards have to be before deletion (0 = never) + --autoclean-failedforwards-age How old do failed forwards have to be before deletion (0 = never) + --autoclean-succeededpays-age How old do successful pays have to be before deletion (0 = never) + --autoclean-failedpays-age How old do failed pays have to be before deletion (0 = never) + --autoclean-paidinvoices-age How old do paid invoices have to be before deletion (0 = never) + --autoclean-expiredinvoices-age How old do expired invoices have to be before deletion (0 = never) --bitcoin-datadir -datadir arg for bitcoin-cli --bitcoin-cli bitcoin-cli pathname --bitcoin-rpcuser bitcoind RPC username @@ -924,6 +1023,7 @@ Will need to pay through a peer which supports the onion messages which means yo --bitcoin-rpcport bitcoind RPC host's port --bitcoin-retry-timeout how long to keep retrying to contact bitcoind before fatally exiting --commit-fee Percentage of fee to request for their commitment + --disable-mpp Disable multi-part payments. --funder-policy Policy to use for dual-funding requests. [match, available, fixed] --funder-policy-mod Percent to apply policy at (match/available); or amount to fund (fixed) --funder-min-their-funding Minimum funding peer must open with to activate our policy @@ -939,5 +1039,8 @@ Will need to pay through a peer which supports the onion messages which means yo --lease-fee-basis Channel lease rates, basis charged for leased funds (per 10,000 satoshi.) --lease-funding-weight Channel lease rates, weight we'll ask opening peer to pay for in funding transaction --channel-fee-max-base-msat Channel lease rates, maximum channel fee base we'll charge for funds routed through a leased channel. - --channel-fee-max-proportional-thousandths Channel lease rates, maximum proportional fee (in thousandths, or ppt) we'll charge for funds routed through a leased channel. Note: 1ppt = 1,000ppm + --channel-fee-max-proportional-thousandths Channel lease rates, maximum proportional fee (in thousandths, or ppt) we'll charge for funds routed through a leased channel. + Note: 1ppt = 1,000ppm + --bookkeeper-dir Location for bookkeeper records. + --bookkeeper-db Location of the bookkeeper database ``` diff --git a/README.md b/README.md index d6ea21649..e02edf762 100644 --- a/README.md +++ b/README.md @@ -132,9 +132,11 @@ _If the above mentioned LCD screen is sold out you can also use these different - Quimat 3,5'' Zoll Inch Touch - ELEGOO Display 3.5" Zoll TFT LCD -- kuman 3.5 Inch Touch Screen TFT Monitor +- kuman 3.5 Inch Touch Screen TFT Monitor - Waveshare 3.5inch Display for Raspberry Pi +With all LCD screen models dont use the ones that have an HDMI port/connector - what you need is a 3.5 inch LCD screen model (resolution of 480×320) that connects only thru the GPIO ports (SPI) and has an XPT2046 touch controller. + _You can even pay for your RaspiBlitz Amazon Shopping with Bitcoin & Lightning through [Bitrefill](https://blog.bitrefill.com/its-here-buy-amazon-vouchers-with-bitcoin-on-bitrefill-bb2a4449724a)._ [What other case options do I have?](FAQ.md#what-other-case-options-do-i-have) @@ -1034,7 +1036,7 @@ To try out the IP2TOR tunnel choose in `MAINMENU` the extra menu point of the Se If you want a web service, like BTCPay Server or LNbits, to be available to the outside internet (like with IP2TOR) people expect you to offer an HTTPS address so that the communication between the client and your RaspiBlitz is encrypted. You could use the self-signed HTTPS certificate that RaspiBlitz is offering you, but this will give users Security Warnings in their browser and is not very user friendly. -That's where you can use a LetsEncrypt Subscription to get a free valid HTTPS certificate that is excepted without warning from almost all common browsers +That's where you can use a LetsEncrypt Subscription to get a free valid HTTPS certificate that is accepted without warning from almost all common browsers Because you also need a domain name for that you will need to open a free account, the following are presently supported, would be good to add more with the help of the community: [DuckDNS.org](https://www.duckdns.org) diff --git a/build_sdcard.sh b/build_sdcard.sh index 5e6397e3e..be7d9956f 100644 --- a/build_sdcard.sh +++ b/build_sdcard.sh @@ -2,8 +2,8 @@ ######################################################################### # Build your SD card image based on: 2022-04-04-raspios-bullseye-arm64.img.xz -# https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2022-09-26/ -# SHA256: c42856ffca096480180b5aff66e1dad2f727fdc33359b24e0d2d49cc7676b576 +# https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2023-02-21/ +# SHA256: 4c963bcd53b9a77fa8235e2dc16785cc7d56372ec83c3090eac9073bd262833f # PGP fingerprint: 8738CD6B956F460C # PGP key: https://www.raspberrypi.org/raspberrypi_downloads.gpg.key # setup fresh SD card with image above - login per SSH and run this script: diff --git a/home.admin/00mainMenu.sh b/home.admin/00mainMenu.sh index 11d469f73..8fe8e7a18 100755 --- a/home.admin/00mainMenu.sh +++ b/home.admin/00mainMenu.sh @@ -132,6 +132,9 @@ fi if [ "${bos}" == "on" ]; then OPTIONS+=(BOS "Balance of Satoshis") fi +if [ "${lnproxy}" == "on" ]; then + OPTIONS+=(LNPROXY "lnproxy server") +fi if [ "${pyblock}" == "on" ]; then OPTIONS+=(PYBLOCK "PyBlock") fi @@ -172,6 +175,9 @@ fi if [ "${lightningtipbot}" == "on" ]; then OPTIONS+=(LIGHTNINGTIPBOT "Show LightningTipBot details") fi +if [ "${fints}" == "on" ]; then + OPTIONS+=(FINTS "Show FinTS/HBCI details") +fi # dont offer to switch to "testnet view for now" - so no wswitch back to mainnet needed #if [ ${chain} != "main" ]; then @@ -307,6 +313,9 @@ case $CHOICE in ;; BOS) sudo /home/admin/config.scripts/bonus.bos.sh menu + ;; + LNPROXY) + sudo /home/admin/config.scripts/bonus.lnproxy.sh menu ;; PYBLOCK) sudo /home/admin/config.scripts/bonus.pyblock.sh menu @@ -341,6 +350,9 @@ case $CHOICE in CIRCUITBREAKER) sudo /home/admin/config.scripts/bonus.circuitbreaker.sh menu ;; + FINTS) + sudo /home/admin/config.scripts/bonus.fints.sh menu + ;; TESTNETS) /home/admin/00parallelChainsMenu.sh ;; diff --git a/home.admin/00settingsMenuBasics.sh b/home.admin/00settingsMenuBasics.sh index a2854060d..1535eba41 100755 --- a/home.admin/00settingsMenuBasics.sh +++ b/home.admin/00settingsMenuBasics.sh @@ -441,6 +441,7 @@ if [ "${clNode}" != "${choice}" ]; then fi # make sure that cln-grpc is on for the WebAPI + echo "# install the cln-grpc plugin" /home/admin/config.scripts/cl-plugin.cln-grpc.sh install /home/admin/config.scripts/cl-plugin.cln-grpc.sh on diff --git a/home.admin/00settingsMenuServices.sh b/home.admin/00settingsMenuServices.sh index 5714506b6..8b469f8e7 100755 --- a/home.admin/00settingsMenuServices.sh +++ b/home.admin/00settingsMenuServices.sh @@ -19,6 +19,7 @@ if [ ${#jam} -eq 0 ]; then jam="off"; fi if [ ${#LNBits} -eq 0 ]; then LNBits="off"; fi if [ ${#mempoolExplorer} -eq 0 ]; then mempoolExplorer="off"; fi if [ ${#bos} -eq 0 ]; then bos="off"; fi +if [ ${#lnproxy} -eq 0 ]; then lnproxy="off"; fi if [ ${#pyblock} -eq 0 ]; then pyblock="off"; fi if [ ${#thunderhub} -eq 0 ]; then thunderhub="off"; fi if [ ${#sphinxrelay} -eq 0 ]; then sphinxrelay="off"; fi @@ -35,6 +36,7 @@ if [ ${#bitcoinminds} -eq 0 ]; then bitcoinminds="off"; fi if [ ${#squeaknode} -eq 0 ]; then squeaknode="off"; fi if [ ${#itchysats} -eq 0 ]; then itchysats="off"; fi if [ ${#lightningtipbot} -eq 0 ]; then lightningtipbot="off"; fi +if [ ${#fints} -eq 0 ]; then fints="off"; fi # show select dialog echo "run dialog ..." @@ -68,6 +70,7 @@ if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then OPTIONS+=(la 'LND LIT (loop, pool, faraday)' ${lit}) OPTIONS+=(gb 'LND LNDg (auto-rebalance, auto-fees)' ${lndg}) OPTIONS+=(oa 'LND Balance of Satoshis' ${bos}) + OPTIONS+=(lp 'LND lnproxy server' ${lnproxy}) OPTIONS+=(ya 'LND PyBLOCK' ${pyblock}) OPTIONS+=(ha 'LND ChannelTools (Fund Rescue)' ${chantools}) OPTIONS+=(xa 'LND Sphinx-Relay' ${sphinxrelay}) @@ -84,6 +87,7 @@ if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then fi OPTIONS+=(ma 'Homer Dashboard' ${homer}) +OPTIONS+=(fn 'FinTS/HBCI Interface (experimental)' ${fints}) CHOICES=$(dialog --title ' Additional Mainnet Services ' \ --checklist ' use spacebar to activate/de-activate ' \ @@ -339,6 +343,21 @@ else echo "Balance of Satoshis setting unchanged." fi +# lnproxy process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "lp") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${lnproxy}" != "${choice}" ]; then + echo "lnproxy setting changed .." + anychange=1 + sudo -u admin /home/admin/config.scripts/bonus.lnproxy.sh ${choice} + source /mnt/hdd/raspiblitz.conf + if [ "${lnproxy}" = "on" ]; then + sudo -u admin /home/admin/config.scripts/bonus.lnproxy.sh menu + fi +else + echo "lnproxy setting unchanged." +fi + # PyBLOCK process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "ya") if [ ${check} -eq 1 ]; then choice="on"; fi @@ -717,6 +736,17 @@ else echo "ItchySats setting unchanged." fi +# fints process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "fn") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${fints}" != "${choice}" ]; then + echo "fints setting changed .." + anychange=1 + sudo -u admin /home/admin/config.scripts/bonus.fints.sh ${choice} +else + echo "fints setting unchanged." +fi + if [ ${anychange} -eq 0 ]; then dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58 exit 0 diff --git a/home.admin/99clMenu.sh b/home.admin/99clMenu.sh index ccbe06404..4769f6c54 100644 --- a/home.admin/99clMenu.sh +++ b/home.admin/99clMenu.sh @@ -94,7 +94,7 @@ case $CHOICE in fi cd /home/bitcoin/suez || exit 1 echo - sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF} + sudo -u bitcoin poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF} echo echo "Press ENTER to return to main menu." read key diff --git a/home.admin/99lndMenu.sh b/home.admin/99lndMenu.sh index 576cdff7a..c98ded23d 100644 --- a/home.admin/99lndMenu.sh +++ b/home.admin/99lndMenu.sh @@ -118,7 +118,7 @@ case $CHOICE in /home/admin/config.scripts/bonus.suez.sh on fi cd /home/bitcoin/suez || exit 1 - sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \ + sudo -u bitcoin poetry run ./suez \ --client-args=-n=${CHAIN} \ --client-args=--rpcserver=localhost:1${L2rpcportmod}009 echo diff --git a/home.admin/BBcashoutWallet.sh b/home.admin/BBcashoutWallet.sh index 9e1a714ca..7b86dddfb 100755 --- a/home.admin/BBcashoutWallet.sh +++ b/home.admin/BBcashoutWallet.sh @@ -97,7 +97,7 @@ echo "******************************" # execute command if [ ${LNTYPE} = "cl" ];then # withdraw destination satoshi [feerate] [minconf] [utxos] - command="$lightningcli_alias withdraw ${address} all slow" + command="$lightningcli_alias withdraw ${address} all" elif [ ${LNTYPE} = "lnd" ];then command="$lncli_alias sendcoins --sweepall --addr=${address} --conf_target=36" fi diff --git a/home.admin/_background.scan.sh b/home.admin/_background.scan.sh index cb18b113d..52176c47d 100755 --- a/home.admin/_background.scan.sh +++ b/home.admin/_background.scan.sh @@ -565,7 +565,7 @@ do fi if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_QUICK} ]; then echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net status" - source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net status) + source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net status) /home/admin/_cache.sh set ln_lnd_${CHAIN}net_activated "1" /home/admin/_cache.sh set ln_lnd_${CHAIN}net_locked "${ln_lnd_locked}" /home/admin/_cache.sh set ln_lnd_${CHAIN}net_version "${ln_lnd_version}" @@ -595,7 +595,7 @@ do if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_LONG} ]; then error="" echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net config" - source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net config) + source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net config) if [ "${error}" == "" ]; then /home/admin/_cache.sh set ln_lnd_${CHAIN}net_alias "${ln_lnd_alias}" if [ "${isDefaultLightning}" == "1" ] && [ "${isDefaultChain}" == "1" ]; then @@ -638,7 +638,7 @@ do if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_MID} ]; then error="" echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net info" - source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net info) + source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net info) if [ "${error}" == "" ]; then /home/admin/_cache.sh set ln_lnd_${CHAIN}net_address "${ln_lnd_address}" /home/admin/_cache.sh set ln_lnd_${CHAIN}net_tor "${ln_lnd_tor}" @@ -688,7 +688,7 @@ do if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_QUICK} ]; then error="" echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net wallet" - source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net wallet) + source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net wallet) if [ "${error}" == "" ]; then /home/admin/_cache.sh set ln_lnd_${CHAIN}net_wallet_onchain_balance "${ln_lnd_wallet_onchain_balance}" /home/admin/_cache.sh set ln_lnd_${CHAIN}net_wallet_onchain_pending "${ln_lnd_wallet_onchain_pending}" @@ -720,7 +720,7 @@ do if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_LONG} ]; then error="" echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net fees" - source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net fees) + source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net fees) if [ "${error}" == "" ]; then /home/admin/_cache.sh set ln_lnd_${CHAIN}net_fees_daily "${ln_lnd_fees_daily}" /home/admin/_cache.sh set ln_lnd_${CHAIN}net_fees_weekly "${ln_lnd_fees_weekly}" @@ -795,7 +795,7 @@ do fi if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_QUICK} ]; then echo "updating: /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net status" - source <(/home/admin/config.scripts/cl.monitor.sh ${CHAIN}net status) + source <(timeout 30s /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net status) /home/admin/_cache.sh set ln_cl_${CHAIN}net_activated "1" /home/admin/_cache.sh set ln_cl_${CHAIN}net_version "${ln_cl_version}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_running "${ln_cl_running}" @@ -850,7 +850,7 @@ do if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_MID} ]; then error="" echo "updating: /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net info" - source <(/home/admin/config.scripts/cl.monitor.sh ${CHAIN}net info) + source <(timeout 30s /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net info) if [ "${error}" == "" ]; then /home/admin/_cache.sh set ln_cl_${CHAIN}net_alias "${ln_cl_alias}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_address "${ln_cl_address}" @@ -904,7 +904,7 @@ do if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_MID} ]; then error="" echo "updating: /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net wallet" - source <(/home/admin/config.scripts/cl.monitor.sh ${CHAIN}net wallet) + source <(timeout 30s /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net wallet) if [ "${error}" == "" ]; then /home/admin/_cache.sh set ln_cl_${CHAIN}net_wallet_onchain_balance "${ln_cl_wallet_onchain_balance}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_wallet_onchain_pending "${ln_cl_wallet_onchain_pending}" diff --git a/home.admin/_commands.sh b/home.admin/_commands.sh index 5c2a67013..7c575f799 100755 --- a/home.admin/_commands.sh +++ b/home.admin/_commands.sh @@ -570,10 +570,10 @@ function suez() { clear echo "# Showing the channels of ${lightning} ${chain}net - consider reducing the font size (press CTRL- or CMD-)" if [ ${lightning} = cl ]; then - sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \ + sudo -u bitcoin poetry run ./suez \ --client=c-lightning --client-args=--conf=${CLCONF} elif [ ${lightning} = lnd ]; then - sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \ + sudo -u bitcoin poetry run ./suez \ --client-args=-n=${CHAIN} \ --client-args=--rpcserver=localhost:1${L2rpcportmod}009 fi diff --git a/home.admin/_provision_.sh b/home.admin/_provision_.sh index c4aff3531..0c272b30c 100755 --- a/home.admin/_provision_.sh +++ b/home.admin/_provision_.sh @@ -643,6 +643,15 @@ else echo "Provisioning Balance of Satoshis - keep default" >> ${logFile} fi +# LNPROXY +if [ "${lnproxy}" = "on" ]; then + echo "Provisioning lnproxy - run config script" >> ${logFile} + /home/admin/_cache.sh set message "Setup lnproxy" + sudo -u admin /home/admin/config.scripts/bonus.lnproxy.sh on >> ${logFile} 2>&1 +else + echo "Provisioning lnproxy - keep default" >> ${logFile} +fi + # thunderhub if [ "${thunderhub}" = "on" ]; then echo "Provisioning ThunderHub - run config script" >> ${logFile} @@ -805,6 +814,15 @@ else echo "Provisioning LightningTipBot - keep default" >> ${logFile} fi +# FinTS +if [ "${fints}" = "on" ]; then + echo "Provisioning FinTS - run config script" >> ${logFile} + /home/admin/_cache.sh set message "Setup FinTS" + sudo -u admin /home/admin/config.scripts/bonus.fints.sh on >> ${logFile} 2>&1 +else + echo "Provisioning FinTS - keep default" >> ${logFile} +fi + # custom install script from user customInstallAvailable=$(ls /mnt/hdd/app-data/custom-installs.sh 2>/dev/null | grep -c "custom-installs.sh") if [ ${customInstallAvailable} -gt 0 ]; then diff --git a/home.admin/_version.info b/home.admin/_version.info index 477181820..1d07fcd9a 100644 --- a/home.admin/_version.info +++ b/home.admin/_version.info @@ -1,3 +1,3 @@ # RaspiBlitz Version - always [major].[main].[sub] (sub can be a string like '2rc1') -codeVersion="1.9.0rc2" +codeVersion="1.9.0rc3" # keep last line with comment \ No newline at end of file diff --git a/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf b/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf index ab7d7009c..18eb359b5 100644 --- a/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf +++ b/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf @@ -14,7 +14,7 @@ server { error_log /var/log/nginx/error_lnproxy.log; location /api/ { - proxy_pass http://127.0.0.1:4747; + proxy_pass http://127.0.0.1:4747/; include /etc/nginx/snippets/ssl-proxy-params.conf; } diff --git a/home.admin/assets/nginx/sites-available/lnproxy_tor.conf b/home.admin/assets/nginx/sites-available/lnproxy_tor.conf index 9bfd1113c..8151e0b1f 100644 --- a/home.admin/assets/nginx/sites-available/lnproxy_tor.conf +++ b/home.admin/assets/nginx/sites-available/lnproxy_tor.conf @@ -13,7 +13,7 @@ server { error_log /var/log/nginx/error_lnproxy.log; location /api/ { - proxy_pass http://127.0.0.1:4747; + proxy_pass http://127.0.0.1:4747/; include /etc/nginx/snippets/ssl-proxy-params.conf; } diff --git a/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf b/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf index 65b998244..87d47840d 100644 --- a/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf +++ b/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf @@ -13,7 +13,7 @@ server { error_log /var/log/nginx/error_lnproxy.log; location /api/ { - proxy_pass http://127.0.0.1:4747; + proxy_pass http://127.0.0.1:4747/; include /etc/nginx/snippets/ssl-proxy-params.conf; } diff --git a/home.admin/config.scripts/blitz.debug.sh b/home.admin/config.scripts/blitz.debug.sh index d02c39cd0..a3743fc5c 100755 --- a/home.admin/config.scripts/blitz.debug.sh +++ b/home.admin/config.scripts/blitz.debug.sh @@ -406,6 +406,17 @@ else echo "- SPHINX is OFF by config" fi +if [ "${fints}" == "on" ]; then + echo + echo "*** LAST 20 FINTS LOGS ***" + echo "sudo journalctl -u fints -b --no-pager -n20" + sudo journalctl -u fints -b --no-pager -n20 + echo "sudo tail -n 30 /home/fints/log/fuelifints.log" + sudo tail -n 30 /home/fints/log/fuelifints.log +else + echo "- FINTS is OFF by config" +fi + echo echo "*** MOUNTED DRIVES ***" echo "df -T -h" diff --git a/home.admin/config.scripts/blitz.git-verify.sh b/home.admin/config.scripts/blitz.git-verify.sh index e3a6d9abd..5a58dcc13 100644 --- a/home.admin/config.scripts/blitz.git-verify.sh +++ b/home.admin/config.scripts/blitz.git-verify.sh @@ -30,10 +30,9 @@ PGPsigner="$1" PGPpubkeyLink="$2" PGPpubkeyFingerprint="$3" - wget -O /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc "${PGPpubkeyLink}" gpg --import --import-options show-only /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc -fingerprint=$(gpg --show-keys /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc 2>/dev/null | grep "${PGPpubkeyFingerprint}" -c) +fingerprint=$(gpg --show-keys --keyid-format LONG /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc 2>/dev/null | grep "${PGPpubkeyFingerprint}" -c) if [ "${fingerprint}" -lt 1 ]; then echo echo "# WARNING --> the PGP fingerprint is not as expected for ${PGPsigner}" >&2 @@ -65,7 +64,7 @@ echo cat "$_temp" echo "# goodSignature(${goodSignature})" -correctKey=$(tr -d " \t\n\r" < "$_temp" | grep "${PGPpubkeyFingerprint}" -c) +correctKey=$(tr -d " \t\n\r" <"$_temp" | grep "${PGPpubkeyFingerprint}" -c) echo "# correctKey(${correctKey})" if [ "${correctKey}" -lt 1 ] || [ "${goodSignature}" -lt 1 ]; then diff --git a/home.admin/config.scripts/blitz.migration.sh b/home.admin/config.scripts/blitz.migration.sh index a66dc3434..99b7556c0 100755 --- a/home.admin/config.scripts/blitz.migration.sh +++ b/home.admin/config.scripts/blitz.migration.sh @@ -26,21 +26,21 @@ defaultUploadPath="/mnt/hdd/temp/migration" # get local ip source <(/home/admin/config.scripts/internet.sh status local) -# SFTP download and upload links -sftpDownloadUnix="sftp -r 'bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz' ./" -sftpDownloadWin="sftp -r bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz ." -sftpUploadUnix="sftp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}" -sftpUploadWin="sftp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}" +# SCP download and upload links +downloadUnix="scp -r 'bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz' ./" +downloadWin="scp -r bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz ." +uploadUnix="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}" +uploadWin="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}" # output status data & exit if [ "$1" = "status" ]; then echo "# RASPIBLITZ Data Import & Export" echo "localip=\"${localip}\"" echo "defaultUploadPath=\"${defaultUploadPath}\"" - echo "sftpDownloadUnix=\"${sftpDownloadUnix}\"" - echo "sftpUploadUnix=\"${sftpUploadUnix}\"" - echo "sftpDownloadWin=\"${sftpDownloadWin}\"" - echo "sftpUploadWin=\"${sftpUploadWin}\"" + echo "downloadUnix=\"${downloadUnix}\"" + echo "uploadUnix=\"${uploadUnix}\"" + echo "downloadWin=\"${downloadWin}\"" + echo "uploadWin=\"${uploadWin}\"" exit 1 fi diff --git a/home.admin/config.scripts/blitz.ssh.sh b/home.admin/config.scripts/blitz.ssh.sh index 7f900a8c5..409d092c9 100755 --- a/home.admin/config.scripts/blitz.ssh.sh +++ b/home.admin/config.scripts/blitz.ssh.sh @@ -32,11 +32,23 @@ fi ################### if [ "$1" = "renew" ]; then echo "# *** $0 $1" - sudo systemctl stop sshd - sudo rm /etc/ssh/ssh_host_* - sudo ssh-keygen -A - sudo dpkg-reconfigure openssh-server - sudo systemctl start sshd + + # stop sshd + systemctl stop sshd + + # remove old keys + rm /etc/ssh/ssh_host_* + + # generate new keys + ssh-keygen -A + dpkg-reconfigure openssh-server + + # clear journalctl logs + journalctl --rotate + journalctl --vacuum-time=1s + + # restart sshd + systemctl start sshd exit 0 fi @@ -70,23 +82,15 @@ if [ "$1" = "checkrepair" ]; then countKeyFiles=$(ls -la /etc/ssh/ssh_host_* 2>/dev/null | grep -c "/etc/ssh/ssh_host") echo "# countKeyFiles(${countKeyFiles})" if [ ${countKeyFiles} -lt 8 ]; then - echo "# DETECTED: MISSING SSHD KEYFILES --> Generating new ones" - systemctl stop ssh - echo "# ssh-keygen1" - cd /etc/ssh - ssh-keygen -A - systemctl start sshd - sleep 3 + /home/admin/config.scripts/blitz.ssh.sh renew + fi - countKeyFiles=$(ls -la /etc/ssh/ssh_host_* 2>/dev/null | grep -c "/etc/ssh/ssh_host") - echo "# countKeyFiles(${countKeyFiles})" - if [ ${countKeyFiles} -lt 8 ]; then - echo "# FAIL: Was not able to generate new sshd host keys" - else - echo "# OK: New sshd host keys generated" - fi - + # check logs for "no hostkeys available" + noHostKeys=$(journalctl -u sshd | grep -c "no hostkeys available") + if [ ${noHostKeys} -gt 0 ]; then + echo "# DETECTED: SSHD LOGS 'no hostkeys available' --> Generating new ones" + /home/admin/config.scripts/blitz.ssh.sh renew fi # check if SSHD service is NOT running & active diff --git a/home.admin/config.scripts/blitz.upload.sh b/home.admin/config.scripts/blitz.upload.sh index 7bc47bb49..f27ab1cd8 100644 --- a/home.admin/config.scripts/blitz.upload.sh +++ b/home.admin/config.scripts/blitz.upload.sh @@ -2,7 +2,7 @@ # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "# use to prepare & check sftp or web file upload to RaspiBlitz" + echo "# use to prepare & check scp or web file upload to RaspiBlitz" echo "# blitz.upload.sh prepare-upload" echo "# blitz.upload.sh check-upload ?[scb|lnd-rescue|migration]" exit 0 diff --git a/home.admin/config.scripts/blitz.web.api.sh b/home.admin/config.scripts/blitz.web.api.sh index ed7f5bc27..ec9831c65 100644 --- a/home.admin/config.scripts/blitz.web.api.sh +++ b/home.admin/config.scripts/blitz.web.api.sh @@ -95,25 +95,26 @@ if [ "$1" = "update-config" ]; then elif [ "${lightning}" == "cl" ]; then echo "# CONFIG Web API Lightning --> CL" - sed -i "s/^ln_node=.*/ln_node=cln_grpc/g" ./.env + sed -i "s/^ln_node=.*/ln_node=cln_jrpc/g" ./.env + sed -i "s/^cln_jrpc_path=.*/cln_jrpc_path="/mnt/hdd/app-data/.lightning/bitcoin/lightning-rpc"/g" ./.env # make sure cln-grpc is on - sudo /home/admin/config.scripts/cl-plugin.cln-grpc.sh on mainnet + # sudo /home/admin/config.scripts/cl-plugin.cln-grpc.sh on mainnet # get hex values of pem files - hexClient=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client.pem) - hexClientKey=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client-key.pem) - hexCa=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/ca.pem) - if [ "${hexClient}" == "" ]; then - echo "# FAIL /home/bitcoin/.lightning/bitcoin/*.pem files maybe missing" - fi + # hexClient=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client.pem) + # hexClientKey=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client-key.pem) + # hexCa=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/ca.pem) + # if [ "${hexClient}" == "" ]; then + # echo "# FAIL /home/bitcoin/.lightning/bitcoin/*.pem files maybe missing" + # fi # update config with hex values - sed -i "s/^cln_grpc_cert=.*/cln_grpc_cert=${hexClient}/g" ./.env - sed -i "s/^cln_grpc_key=.*/cln_grpc_key=${hexClientKey}/g" ./.env - sed -i "s/^cln_grpc_ca=.*/cln_grpc_ca=${hexCa}/g" ./.env - sed -i "s/^cln_grpc_ip=.*/cln_grpc_ip=127.0.0.1/g" ./.env - sed -i "s/^cln_grpc_port=.*/cln_grpc_port=4772/g" ./.env + # sed -i "s/^cln_grpc_cert=.*/cln_grpc_cert=${hexClient}/g" ./.env + # sed -i "s/^cln_grpc_key=.*/cln_grpc_key=${hexClientKey}/g" ./.env + # sed -i "s/^cln_grpc_ca=.*/cln_grpc_ca=${hexCa}/g" ./.env + # sed -i "s/^cln_grpc_ip=.*/cln_grpc_ip=127.0.0.1/g" ./.env + # sed -i "s/^cln_grpc_port=.*/cln_grpc_port=4772/g" ./.env else echo "# CONFIG Web API Lightning --> OFF" diff --git a/home.admin/config.scripts/bonus.btcpayserver.sh b/home.admin/config.scripts/bonus.btcpayserver.sh index 13772ce68..d28bbb26f 100644 --- a/home.admin/config.scripts/bonus.btcpayserver.sh +++ b/home.admin/config.scripts/bonus.btcpayserver.sh @@ -3,9 +3,9 @@ # Based on: https://gist.github.com/normandmickey/3f10fc077d15345fb469034e3697d0d0 # https://github.com/dgarage/NBXplorer/tags -NBXplorerVersion="v2.3.59" +NBXplorerVersion="v2.3.62" # https://github.com/btcpayserver/btcpayserver/releases -BTCPayVersion="v1.7.5" +BTCPayVersion="v1.8.2" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -31,7 +31,7 @@ function NBXplorerConfig() { echo "# nbxplorermainnet database already exists" else echo "# Generate the database for nbxplorer" - sudo -u postgres psql -c "create database nbxplorermainnet;" + sudo -u postgres psql -c "CREATE DATABASE nbxplorermainnet TEMPLATE template0 LC_CTYPE 'C' LC_COLLATE 'C' ENCODING 'UTF8';" sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';" sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;" fi @@ -68,7 +68,7 @@ function BtcPayConfig() { echo "# btcpaymainnet database already exists" else echo "# Generate the database for btcpay" - sudo -u postgres psql -c "create database btcpaymainnet;" + sudo -u postgres psql -c "CREATE DATABASE btcpaymainnet TEMPLATE template0 LC_CTYPE 'C' LC_COLLATE 'C' ENCODING 'UTF8';" sudo -u postgres psql -c "create user btcpay with encrypted password 'raspiblitz';" sudo -u postgres psql -c "grant all privileges on database btcpaymainnet to btcpay;" fi @@ -696,6 +696,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then echo "# deleting data" sudo -u postgres psql -c "drop database nbxplorermainnet;" sudo -u postgres psql -c "drop user nbxplorer;" + sudo -u postgres psql -c "drop database btcpaymainnet;" + sudo -u postgres psql -c "drop user btcpay;" sudo rm -R /mnt/hdd/app-data/.btcpayserver/ else echo "# keeping data" diff --git a/home.admin/config.scripts/bonus.fints.sh b/home.admin/config.scripts/bonus.fints.sh new file mode 100755 index 000000000..e0992948a --- /dev/null +++ b/home.admin/config.scripts/bonus.fints.sh @@ -0,0 +1,430 @@ +#!/bin/bash + +APPID="fints" +VERSION="2.23" + +# the git repo to get the source code from for install +GITHUB_REPO="https://github.com/drmartinberger/FueliFinTS" + +# the github tag of the version of the source code to install +# can also be a commit hash +# if empty it will use the latest source version +GITHUB_TAG="" + +# the github signature to verify the author +# leave GITHUB_SIGN_AUTHOR empty to skip verifying +GITHUB_SIGN_AUTHOR="" #web-flow +GITHUB_SIGN_PUBKEYLINK="https://github.com/web-flow.gpg" +GITHUB_SIGN_FINGERPRINT="4AEE18F83AFDEB23" + +# port numbers the app should run on +# delete if not an web app +PORT_CLEAR="3110" +PORT_SSL="3111" + +# BASIC COMMANDLINE OPTIONS +# you can add more actions or parameters if needed - for example see the bonus.rtl.sh +# to see how you can deal with an app that installs multiple instances depending on +# lightning implementation or testnets - but this should be OK for a start: +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "# Github Repo: ${GITHUB_REPO}" + echo "# Telegram Community Support: https://t.me/LN_FinTS" + echo "# bonus.${APPID}.sh status -> status information (key=value)" + echo "# bonus.${APPID}.sh on -> install the app" + echo "# bonus.${APPID}.sh off -> uninstall the app" + echo "# bonus.${APPID}.sh menu -> SSH menu dialog" + echo "# bonus.${APPID}.sh prestart -> will be called by systemd before start" + exit 1 +fi + +# echoing comments is useful for logs - but start output with # when not a key=value +echo "# Running: 'bonus.${APPID}.sh $*'" + +# check & load raspiblitz config +source /mnt/hdd/raspiblitz.conf + +######################### +# INFO +######################### + +# this section is always executed to gather status information that +# all the following commands can use & execute on + +# check if app is already installed +isInstalled=$(sudo ls /etc/systemd/system/${APPID}.service 2>/dev/null | grep -c "${APPID}.service") + +# check if service is running +isRunning=$(systemctl status ${APPID} 2>/dev/null | grep -c 'active (running)') + +if [ "${isInstalled}" == "1" ]; then + + # gather address info (whats needed to call the app) + localIP=$(hostname -I | awk '{print $1}') + toraddress=$(sudo cat /mnt/hdd/tor/${APPID}/hostname 2>/dev/null) + #fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) + +fi + +# if the action parameter `status` was called - just stop here and output all +# status information as a key=value list +if [ "$1" = "status" ]; then + echo "appID='${APPID}'" + echo "version='${VERSION}'" + echo "githubRepo='${GITHUB_REPO}'" + echo "githubVersion='${GITHUB_TAG}'" + echo "githubSignature='${GITHUB_SIGNATURE}'" + echo "isInstalled=${isInstalled}" + echo "isRunning=${isRunning}" + if [ "${isInstalled}" == "1" ]; then + echo "portCLEAR=${PORT_CLEAR}" + echo "portSSL=${PORT_SSL}" + echo "localIP='${localIP}'" + echo "toraddress='${toraddress}'" + #echo "fingerprint='${fingerprint}'" + echo "toraddress='${toraddress}'" + fi + exit +fi + +########################## +# MENU +######################### + +# The `menu` action should give at least a SSH info dialog - when an webapp show +# URL to call (http & https+fingerprint) otherwise some instruction how to start it. + +# This SSH dialog will be later called by the MAIN MENU to be available to the user +# when app is installed. + +# This menu can also have some more complex structure if you want to make it easy +# to the user to set configurations or maintenance options - example bonus.lnbits.sh + +# show info menu +if [ "$1" = "menu" ]; then + + # get local ip + localIP=$(hostname -I | awk '{print $1}') + + # set the title for the dialog + dialogTitle=" FinTS / HBCI Interface " + + # basic info text - for an web app how to call with http & self-signed https + dialogText="This is an very early experimental feature.\nServer-URL: ${localIP}:${PORT_SSL}\n\nSee GitHub Repo for more Details:\n${GITHUB_REPO}\n\nTelegram Community Chat & Support (say hi):\nhttps://t.me/LN_FinTS\n\nUse OPTIONS to config with LNbits & Debug.\n\n" + + # add tor info (if available) + if [ "${toraddress}" != "" ]; then + dialogText="${dialogText}Hidden Service address for Tor Connection:\n${toraddress}" + fi + + # use whiptail to show SSH dialog & exit + whiptail --title "${dialogTitle}" --yes-button "OK" --no-button "OPTIONS" --yesno "${dialogText}" 19 67 + result=$? + if [ ${result} -eq 0 ]; then + exit 0 + fi + + OPTIONS=() + OPTIONS+=(LNBITS "Edit lnbits.properties") + OPTIONS+=(DEBUG "Print Logs") + + WIDTH=66 + CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) + HEIGHT=$((CHOICE_HEIGHT+7)) + CHOICE=$(dialog --clear \ + --title " ${APPID} - Options" \ + --ok-label "Select" \ + --cancel-label "Back" \ + --menu "Choose one of the following options:" \ + $HEIGHT $WIDTH $CHOICE_HEIGHT \ + "${OPTIONS[@]}" \ + 2>&1 >/dev/tty) + case $CHOICE in + DEBUG) + clear + echo "# sudo tail -n 100 /home/fints/log/fuelifints.log" + sudo tail -n 100 /home/fints/log/fuelifints.log + echo "# PRESS ENTER to continue" + read key + ;; + LNBITS) + edittemp=$(mktemp -p /dev/shm/) + sudo -u fints dialog --title "Editing /home/fints/config/lnbits.properties" --editbox "/home/fints/config/lnbits.properties" 200 200 2> "${edittemp}" + result=$? + clear + if [ "${result}" == "0" ]; then + echo "# saving changes to /home/fints/config/lnbits.properties" + sudo rm /home/fints/config/lnbits.properties + sudo mv ${edittemp} /home/fints/config/lnbits.properties + sudo chown fints:fints /home/fints/config/lnbits.properties + else + echo "# (${result}) no changes - dont save" + fi + echo "# restarting fints service" + sudo systemctl restart fints + sleep 2 + ;; + esac + + echo "please wait ..." + exit 0 +fi + +########################## +# ON / INSTALL +########################## + +# This section takes care of installing the app. +# The template contains some basic steps but also look at other install scripts +# to see how special cases are solved. + +if [ "$1" = "1" ] || [ "$1" = "on" ]; then + + # dont run install if already installed + if [ ${isInstalled} -eq 1 ]; then + echo "# ${APPID}.service is already installed." + exit 1 + fi + + echo "# Installing ${APPID} ..." + + # install java & build tool + sudo apt install -y default-jdk + sudo apt install -y maven + + # make sure mysql/myria db is available + sudo apt-get install -y mariadb-server mariadb-client + + # create a dedicated user for the app + echo "# create user" + sudo adduser --disabled-password --gecos "" ${APPID} || exit 1 + + # add user to special groups with special access rights + # echo "# add use to special groups" + # sudo /usr/sbin/usermod --append --groups lndadmin ${APPID} + + # create a data directory on /mnt/hdd/app-data/ for the app + if ! [ -d /mnt/hdd/app-data/${APPID} ]; then + echo "# create app-data directory" + sudo mkdir /mnt/hdd/app-data/${APPID} 2>/dev/null + sudo chown ${APPID}:${APPID} -R /mnt/hdd/app-data/${APPID} + else + echo "# reuse existing app-directory" + sudo chown ${APPID}:${APPID} -R /mnt/hdd/app-data/${APPID} + fi + + # download source code and verify + # BACKGROUND is that now you download the code from github, reset to a given version tag/commit, + # verify the author. If you app provides its source/binaries in another way, may check + # other install scripts to see how that implement code download & verify. + echo "# download the source code & verify" + sudo -u ${APPID} git clone ${GITHUB_REPO} /home/${APPID}/${APPID} + cd /home/${APPID}/${APPID} + + if [ "${GITHUB_TAG}" != "" ]; then + sudo -u ${APPID} git reset --hard $GITHUB_TAG + fi + if [ "${GITHUB_SIGN_AUTHOR}" != "" ]; then + sudo -u ${APPID} /home/admin/config.scripts/blitz.git-verify.sh \ + "${GITHUB_SIGN_AUTHOR}" "${GITHUB_SIGN_PUBKEYLINK}" "${GITHUB_SIGN_FINGERPRINT}" "${GITHUB_TAG}" || exit 1 + fi + + # compile/install the app + echo "# compile/install the app" + cd /home/${APPID}/${APPID} + # install dependencies from pom.xml + sudo -u fints mvn package + if ! [ $? -eq 0 ]; then + echo "# FAIL - mvn package did not run correctly - deleting code & exit" + sudo rm -r /home/${APPID}/${APPID} + exit 1 + fi + sudo -u fints cp /home/fints/fints/target/LN-FinTS-jar-with-dependencies.jar /home/fints/fints-fat.jar + if ! [ $? -eq 0 ]; then + echo "# FAIL - was not able to copy /home/fints/fints-fat.jar" + sudo rm -r /home/${APPID}/${APPID} + exit 1 + fi + + # init database + sudo mariadb -e "DROP DATABASE IF EXISTS fints;" + sudo mariadb -e "CREATE DATABASE fints;" + sudo mariadb -e "GRANT ALL PRIVILEGES ON fints.* TO 'fintsuser' IDENTIFIED BY 'fints';" + sudo mariadb -e "FLUSH PRIVILEGES;" + if [ -f "dbsetup.sql" ]; then + mariadb -ufintsuser -pfints fints < dbsetup.sql + else + echo "# FAIL - dbsetup.sql not found - deleting code & exit" + sudo rm -r /home/${APPID}/${APPID} + exit 1 + fi + + # open the ports in the firewall + echo "# updating Firewall" + sudo ufw allow ${PORT_CLEAR} comment "${APPID} HTTP" + sudo ufw allow ${PORT_SSL} comment "${APPID} HTTPS" + + # every app has their own systemd service that cares about starting & + # running the app in the background - see the PRESTART section for adhoc config + echo "# create systemd service: ${APPID}.service" + echo " +[Unit] +Description=${APPID} +Wants=bitcoind +After=bitcoind + +[Service] +WorkingDirectory=/home/${APPID} +Environment=\"HOME_PATH=/mnt/hdd/app-data/${APPID}\" +ExecStartPre=-/home/admin/config.scripts/bonus.${APPID}.sh prestart +ExecStart=java -jar /home/${APPID}/fints-fat.jar +User=${APPID} +Restart=always +TimeoutSec=120 +RestartSec=30 +StandardOutput=null +StandardError=journal + +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + +[Install] +WantedBy=multi-user.target +" | sudo tee /etc/systemd/system/${APPID}.service + sudo chown root:root /etc/systemd/system/${APPID}.service + + # when tor is set on also install the hidden service + if [ "${runBehindTor}" = "on" ]; then + # activating tor hidden service + /home/admin/config.scripts/tor.onion-service.sh ${APPID} 80 ${PORT_CLEAR} 443 ${PORT_SSL} + fi + + # create keystore if needed + keystoreExists=$(sudo ls /mnt/hdd/app-data/fints/keystore.jks 2>/dev/null | grep -c 'keystore.jks') + if [ ${keystoreExists} -eq 0 ]; then + echo "# creating keystore" + sudo -u fints keytool -genkey -keyalg RSA -alias fints -keystore /mnt/hdd/app-data/fints/keystore.jks -storepass raspiblitz -noprompt -dname "CN=raspiblitz, OU=IT, O=raspiblitz, L=world, S=world, C=BZ" + else + echo "# keystore already exists" + fi + + # config app basics: lnbits.properties + sudo -u fints mkdir /home/fints/config + sudo -u fints cp /home/fints/fints/config/fuelifints.properties /home/fints/config/fuelifints.properties + sudo sed -i "s/^productinfo.csv.check=.*/productinfo.csv.check=false/g" /home/fints/config/fuelifints.properties + sudo sed -i "s/^rdh_port =.*/rdh_port = ${PORT_CLEAR}/g" /home/fints/config/fuelifints.properties + sudo sed -i "s/^ssl_port =.*/ssl_port = ${PORT_SSL}/g" /home/fints/config/fuelifints.properties + sudo sed -i "s/^keystore_location =.*/keystore_location = \/mnt\/hdd\/app-data\/fints\/keystore.jks/g" /home/fints/config/fuelifints.properties + sudo sed -i "s/^keystore_password =.*/keystore_password = raspiblitz/g" /home/fints/config/fuelifints.properties + + # config app basics: blz.banking2.properties.example + sudo -u fints cp /home/fints/fints/config/blz.banking2.properties.example /home/fints/config/blz.banking2.properties + + # config app basics: lnbits.properties + sudo -u fints cp /home/fints/fints/config/lnbits.properties.example /home/fints/config/lnbits.properties + # in file lnbits.properties replace the line starting with lnbitsUrl with the following line 'lnbitsUrl = http://127.0.0.1:5000' + sudo sed -i "s/lnbitsUrl =.*/lnbitsUrl = http:\/\/127.0.0.1:5000/g" /home/fints/config/lnbits.properties + + # mark app as installed in raspiblitz config + /home/admin/config.scripts/blitz.conf.sh set ${APPID} "on" + + # enable app up thru systemd + sudo systemctl enable ${APPID} + echo "# OK - the ${APPID}.service is now enabled" + + # start app (only when blitz is ready) + source <(/home/admin/_cache.sh get state) + if [ "${state}" == "ready" ]; then + sudo systemctl start ${APPID} + echo "# OK - the ${APPID}.service is now started" + fi + + echo "# Monitor with: sudo journalctl -f -u ${APPID}" + exit 0 + +fi + +########################## +# PRESTART +########################## + +# BACKGROUND is that this script will be called with `prestart` on every start & restart +# of this apps systemd service. This has the benefit that right before the app is started +# config parameters for this app can be updated so that it always starts with the most updated +# values. With such an "adhoc config" it is for example possible to check right before start +# what other apps are installed and configure connections. Even if those configs outdate later +# while the app is running with the next restart they will then automatically update their config +# again. If you dont need such "adhoc" config for your app - just leave it empty as it is, so +# you maybe later on have the option to use it. + +if [ "$1" = "prestart" ]; then + + # needs to be run as the app user - stop if not run as the app user + # keep in mind that in the prestart section you cannot use `sudo` command + if [ "$USER" != "${APPID}" ]; then + echo "# FAIL: run as user ${APPID}" + exit 1 + fi + + echo "## PRESTART CONFIG START for ${APPID} (called by systemd prestart)" + # at the moment no on the fly config is needed + echo "## PRESTART CONFIG DONE for ${APPID}" + exit 0 +fi + +########################################### +# OFF / UNINSTALL +# call with parameter `delete-data` to also +# delete the persistent data directory +########################################### + +# BACKGROUND is that this section removes entries in systemd, nginx, etc and then +# deletes the user with its home directory to nuke all installed code + +# switch off +if [ "$1" = "0" ] || [ "$1" = "off" ]; then + + echo "# stop & remove systemd service" + sudo systemctl stop ${APPID} 2>/dev/null + sudo systemctl disable ${APPID}.service + sudo rm /etc/systemd/system/${APPID}.service + + #echo "# remove nginx symlinks" + #sudo rm -f /etc/nginx/sites-enabled/${APPID}_ssl.conf 2>/dev/null + #sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor.conf 2>/dev/null + #sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor_ssl.conf 2>/dev/null + #sudo rm -f /etc/nginx/sites-available/${APPID}_ssl.conf 2>/dev/null + #sudo rm -f /etc/nginx/sites-available/${APPID}_tor.conf 2>/dev/null + #sudo rm -f /etc/nginx/sites-available/${APPID}_tor_ssl.conf 2>/dev/null + #sudo nginx -t + #sudo systemctl reload nginx + + echo "# close ports on firewall" + sudo ufw deny "${PORT_CLEAR}" + sudo ufw deny "${PORT_SSL}" + + echo "# delete user" + sudo userdel -rf ${APPID} + + echo "# removing Tor hidden service (if active)" + /home/admin/config.scripts/tor.onion-service.sh off ${APPID} + + echo "# mark app as uninstalled in raspiblitz config" + /home/admin/config.scripts/blitz.conf.sh set ${APPID} "off" + + # only if 'delete-data' is an additional parameter then also the data directory gets deleted + if [ "$(echo "$@" | grep -c delete-data)" -gt 0 ]; then + echo "# found 'delete-data' parameter --> also deleting the app-data" + sudo rm -r /mnt/hdd/app-data/${APPID} + fi + + echo "# OK - app should be uninstalled now" + exit 0 + +fi + +# just a basic error message when unknown action parameter was given +echo "# FAIL - Unknown Parameter $1" +exit 1 \ No newline at end of file diff --git a/home.admin/config.scripts/bonus.go.sh b/home.admin/config.scripts/bonus.go.sh index 931e76afb..c1cbc3306 100755 --- a/home.admin/config.scripts/bonus.go.sh +++ b/home.admin/config.scripts/bonus.go.sh @@ -28,7 +28,7 @@ case "$1" in goOSversion=$(dpkg --print-architecture) if [ ${goOSversion} = "armv6l" ]; then checksum=${armv6lChecksum} - elif [ ${goOSversion{} = "arm64" ]; then + elif [ ${goOSversion} = "arm64" ]; then checksum=${arm64Checksum} elif [ ${goOSversion} = "amd64" ]; then checksum=${amd64Checksum} diff --git a/home.admin/config.scripts/bonus.jam.sh b/home.admin/config.scripts/bonus.jam.sh index bede07838..b7466f104 100644 --- a/home.admin/config.scripts/bonus.jam.sh +++ b/home.admin/config.scripts/bonus.jam.sh @@ -2,7 +2,7 @@ # https://github.com/joinmarket-webui/jam -WEBUI_VERSION=0.1.4 +WEBUI_VERSION=0.1.5 REPO=joinmarket-webui/jam USERNAME=jam HOME_DIR=/home/$USERNAME diff --git a/home.admin/config.scripts/bonus.lit.sh b/home.admin/config.scripts/bonus.lit.sh index c9cab54b3..b8b94c51d 100644 --- a/home.admin/config.scripts/bonus.lit.sh +++ b/home.admin/config.scripts/bonus.lit.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/lightninglabs/lightning-terminal/releases -LITVERSION="0.8.4-alpha" +LITVERSION="0.8.6-alpha" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -216,6 +216,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# BUILD FAILED --> LND PGP Verify not OK / signature(${goodSignature}) verify(${correctKey})" exit 1 fi + ########### # install # ########### @@ -231,6 +232,17 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then ########### # config # ########### + + # check if lnd.conf has rpcmiddleware.enable entry under section Application Options + entryExists=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep -c "rpcmiddleware.enable=") + if [ "${entryExists}" == "0" ]; then + echo "# add rpcmiddleware.enable=true to lnd.conf" + sudo sed -i "/^\[Application Options\]$/arpcmiddleware.enable=true" /mnt/hdd/lnd/lnd.conf + fi + + # make sure lnd.conf has rpcmiddleware.enable=true + sudo sed -i "s/^rpcmiddleware.enable=.*/rpcmiddleware.enable=true/g" /mnt/hdd/lnd/lnd.conf + if [ "${runBehindTor}" = "on" ]; then echo "# Connect to the Pool, Loop and Terminal server through Tor" LOOPPROXY="loop.server.proxy=127.0.0.1:9050" @@ -240,7 +252,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then LOOPPROXY="" POOLPROXY="" fi - PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-) + PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-) echo " # Application Options httpslisten=0.0.0.0:8443 @@ -251,7 +263,7 @@ remote.lit-debuglevel=debug # Remote lnd options remote.lnd.rpcserver=127.0.0.1:10009 -remote.lnd.macaroonpath=/home/lit/.lnd/data/chain/${network}/${chain}net/admin.macaroon +remote.lnd.macaroonpath=/home/lit/.lnd/data/chain/bitcoin/${chain}net/admin.macaroon remote.lnd.tlscertpath=/home/lit/.lnd/tls.cert # Loop @@ -347,6 +359,7 @@ alias lit-frcli=\"frcli --rpcserver=localhost:8443 \ source <(/home/admin/_cache.sh get state) if [ "${state}" == "ready" ]; then echo "# OK - the litd.service is enabled, system is ready so starting service" + sudo systemctl restart lnd sudo systemctl start litd else echo "# OK - the litd.service is enabled, to start manually use: 'sudo systemctl start litd'" diff --git a/home.admin/config.scripts/bonus.lnbits.sh b/home.admin/config.scripts/bonus.lnbits.sh index ea0c493fc..a2c7a02dd 100644 --- a/home.admin/config.scripts/bonus.lnbits.sh +++ b/home.admin/config.scripts/bonus.lnbits.sh @@ -1,9 +1,9 @@ #!/bin/bash -# https://github.com/lnbits/lnbits-legend +# https://github.com/lnbits/lnbits -# https://github.com/lnbits/lnbits-legend/releases -tag="0.9.6" +# https://github.com/lnbits/lnbits/releases +tag="0.10.2" VERSION="${tag}" # command info @@ -21,7 +21,7 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "bonus.lnbits.sh repo [githubuser] [branch]" echo "bonus.lnbits.sh sync" echo "bonus.lnbits.sh backup" - echo "bonus.lnbits.sh restore [?FILE]" + echo "bonus.lnbits.sh restore [?FILE]" echo "bonus.lnbits.sh migrate" exit 1 fi @@ -53,7 +53,7 @@ function postgresConfig() { echo "# Setup PostgreSQL successful, new database found: $check" fi - /home/admin/config.scripts/blitz.conf.sh set LNBitsDB "PostgreSQL" + /home/admin/config.scripts/blitz.conf.sh set LNBitsDB "PostgreSQL" } function migrateMsg() { @@ -97,9 +97,9 @@ function revertMigration() { echo "# No backup file found!" fi - # update config + # update config echo "# Configure config .env" - + # clean up sudo sed -i "/^LNBITS_DATABASE_URL=/d" /home/lnbits/lnbits/.env sudo sed -i "/^LNBITS_DATA_FOLDER=/d" /home/lnbits/lnbits/.env @@ -293,25 +293,25 @@ Consider adding a IP2TOR Bridge under OPTIONS." else backup_target="/mnt/hdd/app-data/backup/lnbits_sqlite" backup_file=$(ls -t $backup_target/*.tar | head -n1) - fi + fi if [ "$backup_file" = "" ]; then echo "ABORT - No Backup found to restore from" exit 1 else # build dialog to choose backup file from menu OPTIONS_RESTORE=() - + counter=0 cd $backup_target - for f in `find *.* -maxdepth 1 -type f`; do + for f in `find *.* -maxdepth 1 -type f`; do [[ -f "$f" ]] || continue counter=$(($counter+1)) OPTIONS_RESTORE+=($counter "$f") done - WIDTH_RESTORE=66 + WIDTH_RESTORE=66 CHOICE_HEIGHT_RESTORE=$(("${#OPTIONS_RESTORE[@]}/2+1")) - HEIGHT_RESTORE=$((CHOICE_HEIGHT_RESTORE+7)) + HEIGHT_RESTORE=$((CHOICE_HEIGHT_RESTORE+7)) CHOICE_RESTORE=$(dialog --clear \ --title " LNbits - Backup restore" \ --ok-label "Select" \ @@ -339,19 +339,19 @@ Consider adding a IP2TOR Bridge under OPTIONS." dialog --title "MIGRATE LNBITS" --yesno " Do you want to proceed the migration? -Try to migrate your LNBits SQLite database to PostgreSQL. +Try to migrate your LNBits SQLite database to PostgreSQL. This can fail for unknown circumstances. Revert of this process is possible afterwards, a backup will be saved. " 12 65 if [ $? -eq 0 ]; then - clear + clear /home/admin/config.scripts/bonus.lnbits.sh migrate echo migrateMsg echo echo "OK please test your LNBits installation." echo "PRESS ENTER to continue" - read key + read key fi exit 0 ;; @@ -502,7 +502,6 @@ if [ "$1" = "prestart" ]; then # set tls.cert path (use | as separator to avoid escaping file path slashes) sed -i "s|^LND_REST_CERT=.*|LND_REST_CERT=/mnt/hdd/app-data/lnd/tls.cert|g" /home/lnbits/lnbits/.env - # set macaroon path info in .env - USING HEX IMPORT chmod 600 /home/lnbits/lnbits/.env macaroonAdminHex=$(xxd -ps -u -c 1000 /mnt/hdd/app-data/lnd/data/chain/${LNBitsNetwork}/${LNBitsChain}net/admin.macaroon) @@ -511,7 +510,8 @@ if [ "$1" = "prestart" ]; then sed -i "s/^LND_REST_ADMIN_MACAROON=.*/LND_REST_ADMIN_MACAROON=${macaroonAdminHex}/g" /home/lnbits/lnbits/.env sed -i "s/^LND_REST_INVOICE_MACAROON=.*/LND_REST_INVOICE_MACAROON=${macaroonInvoiceHex}/g" /home/lnbits/lnbits/.env sed -i "s/^LND_REST_READ_MACAROON=.*/LND_REST_READ_MACAROON=${macaroonReadHex}/g" /home/lnbits/lnbits/.env - sed -i "s/^LND_REST_ENDPOINT=.*/LND_REST_ENDPOINT=https://127.0.0.1:${portprefix}8080/g" /home/lnbits/lnbits/.env + # set the REST endpoint (use | as separator to avoid escaping slashes) + sed -i "s|^LND_REST_ENDPOINT=.*|LND_REST_ENDPOINT=https://127.0.0.1:${portprefix}8080|g" /home/lnbits/lnbits/.env elif [ "${LNBitsLightning}" == "cl" ]; then @@ -579,16 +579,11 @@ if [ "$1" = "sync" ] || [ "$1" = "repo" ]; then # pull latest code sudo -u lnbits git pull - # install - sudo -u lnbits python3 -m venv venv - sudo -u lnbits ./venv/bin/pip install -r requirements.txt - sudo -u lnbits ./venv/bin/pip install pylightning - sudo -u lnbits ./venv/bin/pip install secp256k1 - sudo -u lnbits ./venv/bin/pip install pyln-client - sudo -u lnbits ./venv/bin/pip install psycopg2 # conv.py postgres migration dependency + # check if poetry in installed, if not install it + sudo -u lnbits which poetry || sudo -u lnbits curl -sSL https://install.python-poetry.org | sudo -u lnbits python3 - + # do install like this + sudo -u lnbits poetry install - # build - sudo -u lnbits ./venv/bin/python build.py # restart lnbits service sudo systemctl restart lnbits echo "# server is restarting ... maybe takes some seconds until available" @@ -627,7 +622,7 @@ if [ "$1" = "install" ]; then echo "# get the github code user(${githubUser}) branch(${tag})" sudo rm -r /home/lnbits/lnbits 2>/dev/null cd /home/lnbits || exit 1 - sudo -u lnbits git clone https://github.com/${githubUser}/lnbits-legend lnbits + sudo -u lnbits git clone https://github.com/${githubUser}/lnbits lnbits cd /home/lnbits/lnbits || exit 1 sudo -u lnbits git checkout ${tag} || exit 1 @@ -635,16 +630,14 @@ if [ "$1" = "install" ]; then echo "# installing application dependencies" cd /home/lnbits/lnbits || exit 1 + # check if poetry in installed, if not install it + if ! sudo -u lnbits which poetry; then + echo "# install poetry" + sudo pip3 install --upgrade pip + sudo pip3 install poetry + fi # do install like this - sudo -u lnbits python3 -m venv venv - sudo -u lnbits ./venv/bin/pip install -r requirements.txt - sudo -u lnbits ./venv/bin/pip install pylightning - sudo -u lnbits ./venv/bin/pip install secp256k1 - sudo -u lnbits ./venv/bin/pip install pyln-client - sudo -u lnbits ./venv/bin/pip install psycopg2 # conv.py postgres migration dependency - - # build - sudo -u lnbits ./venv/bin/python build.py + sudo -u lnbits poetry install exit 0 fi @@ -739,7 +732,6 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# preparing env file" sudo rm /home/lnbits/lnbits/.env 2>/dev/null sudo -u lnbits touch /home/lnbits/lnbits/.env - sudo bash -c "echo 'LNBITS_FORCE_HTTPS=0' >> /home/lnbits/lnbits/.env" if [ ! -e /mnt/hdd/app-data/LNBits/database.sqlite3 ]; then echo "# install database: PostgreSQL" @@ -752,11 +744,11 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # config update # example: postgres://:@/ sudo bash -c "echo 'LNBITS_DATABASE_URL=postgres://lnbits_user:raspiblitz@localhost:5432/lnbits_db' >> /home/lnbits/lnbits/.env" - sudo bash -c "echo 'LNBITS_DATA_FOLDER=/mnt/hdd/app-data/LNBits/data' >> /home/lnbits/lnbits/.env" + sudo bash -c "echo 'LNBITS_DATA_FOLDER=/mnt/hdd/app-data/LNBits/data' >> /home/lnbits/lnbits/.env" else echo "# install database: SQLite" /home/admin/config.scripts/blitz.conf.sh set LNBitsDB "SQLite" - + # new data directory sudo mkdir -p /mnt/hdd/app-data/LNBits @@ -789,7 +781,7 @@ After=bitcoind.service [Service] WorkingDirectory=/home/lnbits/lnbits ExecStartPre=/home/admin/config.scripts/bonus.lnbits.sh prestart -ExecStart=/home/lnbits/lnbits/venv/bin/uvicorn lnbits.__main__:app --port 5000 +ExecStart=/bin/sh -c 'cd /home/lnbits/lnbits && poetry run lnbits --port 5000' User=lnbits Restart=always TimeoutSec=120 @@ -1081,7 +1073,7 @@ if [ "$1" = "restore" ]; then else echo "# Restore SQLite database" cd $backup_target - + if [ "$2" != "" ]; then if [ -e $2 ]; then backup_file=$2 @@ -1102,7 +1094,7 @@ if [ "$1" = "restore" ]; then # backup current db /home/admin/config.scripts/bonus.lnbits.sh backup - + # apply backup data sudo rm -R /mnt/hdd/app-data/LNBits/ sudo chown -R lnbits:lnbits LNBits/ @@ -1166,7 +1158,7 @@ if [ "$1" = "migrate" ]; then # example: postgres://:@/ # add new postgres config sudo bash -c "echo 'LNBITS_DATABASE_URL=postgres://lnbits_user:raspiblitz@localhost:5432/lnbits_db' >> /home/lnbits/lnbits/.env" - + # clean start on new postgres db prior migration echo "# LNBits first start with clean PostgreSQL" sudo systemctl start lnbits @@ -1192,7 +1184,7 @@ if [ "$1" = "migrate" ]; then sudo systemctl stop lnbits echo "# Start convert old SQLite to new PostgreSQL" - if ! sudo -u lnbits ./venv/bin/python tools/conv.py; then + if ! sudo -u lnbits poetry run python tools/conv.py; then echo "FAIL - Convert failed, revert migration process" revertMigration exit 1 @@ -1224,4 +1216,4 @@ if [ "$1" = "migrate" ]; then fi echo "FAIL - Unknown Parameter $1" -exit 1 \ No newline at end of file +exit 1 diff --git a/home.admin/config.scripts/bonus.lndg.sh b/home.admin/config.scripts/bonus.lndg.sh index 3924aaa3e..122555c13 100644 --- a/home.admin/config.scripts/bonus.lndg.sh +++ b/home.admin/config.scripts/bonus.lndg.sh @@ -1,13 +1,13 @@ #!/bin/bash # https://github.com/cryptosharks131/lndg -VERSION="1.5.0 " +VERSION="1.6.0 " # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "config script to install, update or uninstall LNDG" - echo "bonus.lndg.sh [on|off|menu|update|setpassword|status]" - exit 1 + echo "config script to install, update or uninstall LNDG" + echo "bonus.lndg.sh [on|off|menu|update|setpassword|status]" + exit 1 fi # check and load raspiblitz config @@ -110,7 +110,7 @@ if __name__ == '__main__': sudo chmod 644 /home/lndg/lndg/changepassword.py sudo chown lndg:lndg /home/lndg/lndg/changepassword.py - sudo -u lndg /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/changepassword.py "$2" + sudo -u lndg /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/changepassword.py "$2" fi echo "ok, password changed to $2" exit 0 @@ -152,28 +152,28 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # first check and see if a database exists isDatabase=$(sudo ls /mnt/hdd/app-data/lndg/data/db.sqlite3 2>/dev/null | grep -c 'db.sqlite3') if ! [ ${isDatabase} -eq 0 ]; then - if [ "$2" == "deletedatabase" ]; then - - # deleting old database and moving new database - echo "Deleting existing database and creating new one" + if [ "$2" == "deletedatabase" ]; then + + # deleting old database and moving new database + echo "Deleting existing database and creating new one" sudo rm -rf /mnt/hdd/app-data/lndg/data sudo cp -p -r /home/lndg/lndg/data /mnt/hdd/app-data/lndg/data sudo rm /home/lndg/lndg/data/db.sqlite3 sudo ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3 sudo chown lndg:lndg -R /mnt/hdd/app-data/lndg/ - else - + else + # using existing database, so remove newly created database and link to existing one echo "Database already exists, using existing database" sudo rm /home/lndg/lndg/data/db.sqlite3 - sudo chown -R lndg:lndg /mnt/hdd/app-data/lndg - sudo chmod -R 755 /mnt/hdd/app-data/lndg - sudo chmod 644 /mnt/hdd/app-data/lndg/data/db.sqlite3 + sudo chown -R lndg:lndg /mnt/hdd/app-data/lndg + sudo chmod -R 755 /mnt/hdd/app-data/lndg + sudo chmod 644 /mnt/hdd/app-data/lndg/data/db.sqlite3 sudo -u lndg ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3 - sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate + sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate fi else - + # database doesn't exist, so move to HDD and simlink sudo mkdir -p /mnt/hdd/app-data/lndg sudo cp -p -r /home/lndg/lndg/data /mnt/hdd/app-data/lndg/data @@ -222,15 +222,15 @@ if __name__ == '__main__': ################## # first install and configure whitenoise - sudo /home/lndg/lndg/.venv/bin/pip install whitenoise - sudo rm /home/lndg/lndg/lndg/settings.py + sudo /home/lndg/lndg/.venv/bin/pip install whitenoise + sudo rm /home/lndg/lndg/lndg/settings.py sudo /home/lndg/lndg/.venv/bin/python initialize.py -wn - - # install gunicorn application server + + # install gunicorn application server sudo /home/lndg/lndg/.venv/bin/python -m pip install 'gunicorn==20.1.*' - - # switch back to home directory - cd /home/admin/ + + # switch back to home directory + cd /home/admin/ echo "# Install gunicorn.service file for gunicorn lndg.wsgi application server" echo " @@ -258,13 +258,13 @@ WantedBy=multi-user.target # setup nginx .conf files if ! [ -f /etc/nginx/sites-available/lndg_ssl.conf ]; then - sudo cp -f /home/admin/assets/nginx/sites-available/lndg_ssl.conf /etc/nginx/sites-available/lndg_ssl.conf + sudo cp -f /home/admin/assets/nginx/sites-available/lndg_ssl.conf /etc/nginx/sites-available/lndg_ssl.conf fi if ! [ -f /etc/nginx/sites-available/lndg_tor.conf ]; then - sudo cp -f /home/admin/assets/nginx/sites-available/lndg_tor.conf /etc/nginx/sites-available/lndg_tor.conf + sudo cp -f /home/admin/assets/nginx/sites-available/lndg_tor.conf /etc/nginx/sites-available/lndg_tor.conf fi if ! [ -f /etc/nginx/sites-available/lndg_tor_ssl.conf ]; then - sudo cp -f /home/admin/assets/nginx/sites-available/lndg_tor_ssl.conf /etc/nginx/sites-available/lndg_tor_ssl.conf + sudo cp -f /home/admin/assets/nginx/sites-available/lndg_tor_ssl.conf /etc/nginx/sites-available/lndg_tor_ssl.conf fi # setup nginx symlinks @@ -449,11 +449,13 @@ if [ "$1" = "update" ]; then cd /home/lndg/lndg || exit 1 sudo -u lndg git pull sudo -u lndg .venv/bin/pip install requests + sudo -u lndg .venv/bin/pip install -r requirements.txt sudo -u lndg .venv/bin/python manage.py migrate # reinitialize settings.py in case update requires it sudo rm /home/lndg/lndg/lndg/settings.py - sudo /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/initialize.py -wn + sudo /home/lndg/lndg/.venv/bin/python initialize.py -wn + cd /home/admin # restart services sudo systemctl restart nginx diff --git a/home.admin/config.scripts/bonus.lnproxy.sh b/home.admin/config.scripts/bonus.lnproxy.sh index fb26b2494..3e5e75a81 100644 --- a/home.admin/config.scripts/bonus.lnproxy.sh +++ b/home.admin/config.scripts/bonus.lnproxy.sh @@ -38,7 +38,7 @@ To use the API: curl -k https://${localip}:4749/api/{invoice}?routing_msat={budget}\n The Tor Hidden Service address to share for using the API: ${torAddress}/api -" 19 67 +" 20 70 sudo /home/admin/config.scripts/blitz.display.sh hide else # Info without Tor @@ -204,7 +204,6 @@ EOF sudo nginx -t sudo systemctl reload nginx - sudo ufw allow 4747 comment lnproxy-HTTP sudo ufw allow 4748 comment lnproxy-webui-HTTP sudo ufw allow 4749 comment lnproxy-HTTPS @@ -214,9 +213,11 @@ EOF /home/admin/config.scripts/blitz.conf.sh set lnproxy "on" echo "# API:" - echo "curl http://${localip}:4747/{your_invoice}?routing_msat={routing_budget}" + echo "curl http://127.0.0.1:4747/{your_invoice}?routing_msat={routing_budget}" + echo "curl -k https://${localip}:4749/api/{your_invoice}?routing_msat={routing_budget}" echo "# WebUI:" echo "http://${localip}:4748" + echo "https://${localip}:4749" echo "# More info at:" echo "https://github.com/lnproxy/lnproxy" @@ -231,15 +232,14 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then # remove systemd services sudo systemctl disable --now lnproxy - /etc/systemd/system/lnproxy.service + sudo rm -f /etc/systemd/system/lnproxy.service sudo systemctl disable --now lnproxy-webui - /etc/systemd/system/lnproxy-webui.service + sudo rm -f /etc/systemd/system/lnproxy-webui.service # remove Tor service /home/admin/config.scripts/tor.onion-service.sh off lnproxy # close ports on firewall - sudo ufw delete allow 4747 sudo ufw delete allow 4748 sudo ufw delete allow 4749 diff --git a/home.admin/config.scripts/bonus.rtl.sh b/home.admin/config.scripts/bonus.rtl.sh index a32269ae1..76e7f490c 100755 --- a/home.admin/config.scripts/bonus.rtl.sh +++ b/home.admin/config.scripts/bonus.rtl.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/Ride-The-Lightning/RTL/releases -RTLVERSION="v0.13.0" +RTLVERSION="v0.13.6" # check and load raspiblitz config # to know which network is running @@ -63,10 +63,10 @@ if [ "$1" = "status" ] || [ "$1" = "menu" ]; then localip=$(hostname -I | awk '{print $1}') toraddress=$(sudo cat /mnt/hdd/tor/${netprefix}${typeprefix}RTL/hostname 2>/dev/null) fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) - RTLHTTPS=$((RTLHTTP+1)) + RTLHTTPS=$((RTLHTTP + 1)) if [ "$1" = "status" ]; then - + echo "version='${RTLVERSION}'" echo "installed='${isInstalled}'" echo "localIP='${localip}'" @@ -96,7 +96,7 @@ if [ "$1" = "menu" ]; then sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}" whiptail --title "Ride The Lightning (RTL - $LNTYPE - $CHAIN)" --msgbox "Open in your local web browser: http://${localip}:${RTLHTTP}\n -https://${localip}:$((RTLHTTP+1)) with Fingerprint: +https://${localip}:$((RTLHTTP + 1)) with Fingerprint: ${fingerprint}\n Use your Password B to login.\n Hidden Service address for Tor Browser (QRcode on LCD):\n${toraddress} @@ -107,7 +107,7 @@ Hidden Service address for Tor Browser (QRcode on LCD):\n${toraddress} else whiptail --title "Ride The Lightning (RTL - $LNTYPE - $CHAIN)" --msgbox "Open in your local web browser & accept self-signed cert: http://${localip}:${RTLHTTP}\n -https://${localip}:$((RTLHTTP+1)) with Fingerprint: +https://${localip}:$((RTLHTTP + 1)) with Fingerprint: ${fingerprint}\n Use your Password B to login.\n Activate Tor to access the web interface from outside your local network. @@ -117,7 +117,6 @@ Activate Tor to access the web interface from outside your local network. exit 0 fi - ######################################## # INSTALL (just user, code & compile) ######################################## @@ -125,7 +124,7 @@ fi if [ "$1" = "install" ]; then # check if already installed - if [ -f /home/rtl/RTL/LICENSE ];then + if [ -f /home/rtl/RTL/LICENSE ]; then echo "# RTL already installed - skipping" exit 0 fi @@ -136,7 +135,7 @@ if [ "$1" = "install" ]; then /home/admin/config.scripts/bonus.nodejs.sh on # create rtl user (one for all instances) - if [ $(compgen -u | grep -c rtl) -eq 0 ];then + if [ $(compgen -u | grep -c rtl) -eq 0 ]; then sudo adduser --disabled-password --gecos "" rtl || exit 1 fi @@ -163,7 +162,7 @@ if [ "$1" = "install" ]; then # install echo "# Running npm install ..." export NG_CLI_ANALYTICS=false - sudo -u rtl npm install --omit=dev + sudo -u rtl npm install --omit=dev --legacy-peer-deps if ! [ $? -eq 0 ]; then echo "# FAIL - npm install did not run correctly - deleting code and exit" sudo rm -r /home/rtl/RTL @@ -229,7 +228,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then fi # make sure softwarte is installed - if [ -f /home/rtl/RTL/LICENSE ];then + if [ -f /home/rtl/RTL/LICENSE ]; then echo "# OK - the RTL code is already present" else echo "# install of codebase is needed first" @@ -241,8 +240,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# Make sure symlink to central app-data directory exists" if ! [[ -L "/home/rtl/.lnd" ]]; then - sudo rm -rf "/home/rtl/.lnd" 2>/dev/null # not a symlink.. delete it silently - sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/rtl/.lnd" # and create symlink + sudo rm -rf "/home/rtl/.lnd" 2>/dev/null # not a symlink.. delete it silently + sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/rtl/.lnd" # and create symlink fi if [ "${LNTYPE}" == "lnd" ]; then @@ -252,8 +251,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then fi echo "# Updating Firewall" - sudo ufw allow ${RTLHTTP} comment "${systemdService} HTTP" - sudo ufw allow $((RTLHTTP+1)) comment "${systemdService} HTTPS" + sudo ufw allow "${RTLHTTP}" comment "${systemdService} HTTP" + sudo ufw allow $((RTLHTTP + 1)) comment "${systemdService} HTTPS" echo # make sure config directory exists @@ -314,7 +313,7 @@ WantedBy=multi-user.target # Hidden Service for RTL if Tor is active if [ "${runBehindTor}" = "on" ]; then # make sure to keep in sync with tor.network.sh script - /home/admin/config.scripts/tor.onion-service.sh ${netprefix}${typeprefix}RTL 80 $((RTLHTTP+2)) 443 $((RTLHTTP+3)) + /home/admin/config.scripts/tor.onion-service.sh ${netprefix}${typeprefix}RTL 80 $((RTLHTTP + 2)) 443 $((RTLHTTP + 3)) fi # nginx configuration @@ -323,11 +322,11 @@ WantedBy=multi-user.target sudo cp /home/admin/assets/nginx/sites-available/rtl_tor.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf sudo cp /home/admin/assets/nginx/sites-available/rtl_tor_ssl.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf - sudo sed -i "s/3001/$((RTLHTTP+1))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf + sudo sed -i "s/3001/$((RTLHTTP + 1))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf - sudo sed -i "s/3002/$((RTLHTTP+2))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf + sudo sed -i "s/3002/$((RTLHTTP + 2))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf - sudo sed -i "s/3003/$((RTLHTTP+3))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf + sudo sed -i "s/3003/$((RTLHTTP + 3))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf /etc/nginx/sites-enabled/ sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf /etc/nginx/sites-enabled/ sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf /etc/nginx/sites-enabled/ @@ -345,7 +344,7 @@ WantedBy=multi-user.target echo "# OK - the ${systemdService}.service is now enabled & started" echo "# Monitor with: sudo journalctl -f -u ${systemdService}" - # needed for API/WebUI as signal that install ran thru + # needed for API/WebUI as signal that install ran thru echo "result='OK'" exit 0 fi @@ -379,8 +378,8 @@ if [ "$1" = "connect-services" ]; then echo "# Add the rtl user to the lit group" sudo /usr/sbin/usermod --append --groups lit rtl echo "# Symlink the lit-loop.macaroon" - sudo rm -rf "/home/rtl/.loop" # delete symlink - sudo ln -s "/home/lit/.loop/" "/home/rtl/.loop" # create symlink + sudo rm -rf "/home/rtl/.loop" # delete symlink + sudo ln -s "/home/lit/.loop/" "/home/rtl/.loop" # create symlink echo "# Make the loop macaroon group readable" sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db elif [ "${loop}" = "on" ]; then @@ -388,8 +387,8 @@ if [ "$1" = "connect-services" ]; then echo "# Add the rtl user to the loop group" sudo /usr/sbin/usermod --append --groups loop rtl echo "# Symlink the loop.macaroon" - sudo rm -rf "/home/rtl/.loop" # delete symlink - sudo ln -s "/home/loop/.loop/" "/home/rtl/.loop" # create symlink + sudo rm -rf "/home/rtl/.loop" # delete symlink + sudo ln -s "/home/loop/.loop/" "/home/rtl/.loop" # create symlink echo "# Make the loop macaroon group readable" sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db else @@ -428,14 +427,14 @@ if [ "$1" = "prestart" ]; then # determine correct loop swap server port (lit over loop single) if [ "${lit}" = "on" ]; then - echo "# use lit loop port" - SWAPSERVERPORT=8443 + echo "# use lit loop port" + SWAPSERVERPORT=8443 elif [ "${loop}" = "on" ]; then - echo "# use loop single instance port" - SWAPSERVERPORT=8081 + echo "# use loop single instance port" + SWAPSERVERPORT=8081 else - echo "# No lit or loop single detected" - SWAPSERVERPORT="" + echo "# No lit or loop single detected" + SWAPSERVERPORT="" fi # prepare RTL-Config.json file @@ -455,20 +454,20 @@ if [ "$1" = "prestart" ]; then # LND changes of config if [ "${LNTYPE}" == "lnd" ]; then echo "# LND Config" - cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json | \ - jq ".port = \"${RTLHTTP}\"" | \ - jq ".multiPass = \"${RPCPASSWORD}\"" | \ - jq ".multiPassHashed = \"\"" | \ - jq ".nodes[0].lnNode = \"${hostname}\"" | \ - jq ".nodes[0].lnImplementation = \"LND\"" | \ - jq ".nodes[0].Authentication.macaroonPath = \"/home/rtl/.lnd/data/chain/${network}/${CHAIN}/\"" | \ - jq ".nodes[0].Authentication.configPath = \"/home/rtl/.lnd/${netprefix}lnd.conf\"" | \ - jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | \ - jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | \ - jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | \ - jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}8080\"" | \ - jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" | \ - jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" > /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp + cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json | + jq ".port = \"${RTLHTTP}\"" | + jq ".multiPass = \"${RPCPASSWORD}\"" | + jq ".multiPassHashed = \"\"" | + jq ".nodes[0].lnNode = \"${hostname}\"" | + jq ".nodes[0].lnImplementation = \"LND\"" | + jq ".nodes[0].Authentication.macaroonPath = \"/home/rtl/.lnd/data/chain/${network}/${CHAIN}/\"" | + jq ".nodes[0].Authentication.configPath = \"/home/rtl/.lnd/${netprefix}lnd.conf\"" | + jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | + jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | + jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | + jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}8080\"" | + jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" | + jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" >/mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp mv /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json fi @@ -476,20 +475,20 @@ if [ "$1" = "prestart" ]; then # https://github.com/Ride-The-Lightning/RTL/blob/master/docs/C-Lightning-setup.md if [ "${LNTYPE}" == "cl" ]; then echo "# CL Config" - cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json | \ - jq ".port = \"${RTLHTTP}\"" | \ - jq ".multiPass = \"${RPCPASSWORD}\"" | \ - jq ".multiPassHashed = \"\"" | \ - jq ".nodes[0].lnNode = \"${hostname}\"" | \ - jq ".nodes[0].lnImplementation = \"CLT\"" | \ - jq ".nodes[0].Authentication.macaroonPath = \"/home/bitcoin/c-lightning-REST/${CLNETWORK}/certs\"" | \ - jq ".nodes[0].Authentication.configPath = \"${CLCONF}\"" | \ - jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | \ - jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | \ - jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | \ - jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}6100\"" | \ - jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" | \ - jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" > /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp + cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json | + jq ".port = \"${RTLHTTP}\"" | + jq ".multiPass = \"${RPCPASSWORD}\"" | + jq ".multiPassHashed = \"\"" | + jq ".nodes[0].lnNode = \"${hostname}\"" | + jq ".nodes[0].lnImplementation = \"CLT\"" | + jq ".nodes[0].Authentication.macaroonPath = \"/home/bitcoin/c-lightning-REST/${CLNETWORK}/certs\"" | + jq ".nodes[0].Authentication.configPath = \"${CLCONF}\"" | + jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | + jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | + jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | + jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}6100\"" | + jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" | + jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" >/mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp mv /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json fi @@ -546,25 +545,24 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then fi # only if 'purge' is an additional parameter (other instances/services might need this) - if [ "$(echo "$@" | grep -c purge)" -gt 0 ];then - home/admin/config.scripts/bonus.rtl.sh uninstall - if [ $LNTYPE = cl ];then - /home/admin/config.scripts/cl.rest.sh off ${CHAIN} + if [ "$(echo "$@" | grep -c purge)" -gt 0 ]; then + /home/admin/config.scripts/bonus.rtl.sh uninstall + if [ $LNTYPE = cl ]; then + /home/admin/config.scripts/cl.rest.sh off ${CHAIN} purge fi echo "# Delete all configs" sudo rm -rf /mnt/hdd/app-data/rtl fi # close ports on firewall - sudo ufw deny "${RTLHTTP}" - sudo ufw deny $((RTLHTTP+1)) + sudo ufw delete allow "${RTLHTTP}" + sudo ufw delete allow $((RTLHTTP + 1)) - # needed for API/WebUI as signal that install ran thru + # needed for API/WebUI as signal that install ran thru echo "result='OK'" exit 0 fi - if [ "$1" = "update" ]; then echo "# UPDATING RTL" cd /home/rtl/RTL || exit 1 @@ -591,7 +589,7 @@ if [ "$1" = "update" ]; then # https://github.com/Ride-The-Lightning/RTL#or-update-existing-dependencies echo "# Running npm install ..." export NG_CLI_ANALYTICS=false - sudo -u rtl npm install --omit=dev + sudo -u rtl npm install --omit=dev --legacy-peer-deps if ! [ $? -eq 0 ]; then echo "# FAIL - npm install did not run correctly - deleting code and exit" sudo rm -r /home/rtl/RTL @@ -607,7 +605,7 @@ if [ "$1" = "update" ]; then sudo -u rtl git pull -p echo "# Running npm install ..." export NG_CLI_ANALYTICS=false - sudo -u rtl npm install --only=prod --logLevel warn + sudo -u rtl npm install --omit=dev --legacy-peer-deps if ! [ $? -eq 0 ]; then echo "# FAIL - npm install did not run correctly - deleting code and exit" sudo rm -r /home/rtl/RTL @@ -616,7 +614,10 @@ if [ "$1" = "update" ]; then echo "# OK - RTL install looks good" echo fi - currentRTLcommit=$(cd /home/rtl/RTL; git describe --tags) + currentRTLcommit=$( + cd /home/rtl/RTL || exit 1 + git describe --tags + ) echo "# Updated RTL to $currentRTLcommit" else echo "# Unknown option: $updateOption" diff --git a/home.admin/config.scripts/bonus.sphinxrelay.sh b/home.admin/config.scripts/bonus.sphinxrelay.sh index 6ade00144..5348810b0 100755 --- a/home.admin/config.scripts/bonus.sphinxrelay.sh +++ b/home.admin/config.scripts/bonus.sphinxrelay.sh @@ -107,7 +107,7 @@ iOS support is native, Android needs Orbot" text="${text}\n At the moment your Sphinx Relay Server is just available within the local network - without transport encryption. -Local server for test & debug: ${publicURL}/app"#\n +Local server for test & debug: ${publicURL}/app#\n To enable easy reachability from the outside consider adding a IP2TOR Bridge and reconnect: MAINMENU > SUBSCRIBE > IP2TOR > SPHINX" @@ -132,8 +132,7 @@ MAINMENU > SUBSCRIBE > IP2TOR > SPHINX" BUT TO MAKE THIS WORK:\n It needs an additional Domain with LetsEncrypt certificate for HTTPS: Go MAINMENU > SUBSCRIBE and add LetsEncrypt HTTPS Domain\n (or cancel the IP2Tor & just use sphinx within local network)" - whiptail --title " Warning " \ - --msgbox "${text}" 15 72 + whiptail --title " Warning " --msgbox "${text}" 15 72 exit 0 fi diff --git a/home.admin/config.scripts/bonus.suez.sh b/home.admin/config.scripts/bonus.suez.sh index 61bae1f09..011c68e55 100644 --- a/home.admin/config.scripts/bonus.suez.sh +++ b/home.admin/config.scripts/bonus.suez.sh @@ -33,17 +33,17 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then cd /home/bitcoin || exit 1 - # dependency - sudo -u bitcoin curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/install-poetry.py\ - | sudo -u bitcoin python - + # poetry + sudo pip3 install --upgrade pip + sudo pip3 install poetry # download source code sudo -u bitcoin git clone https://github.com/prusnak/suez.git cd suez || exit 1 sudo -u bitcoin git reset --hard $SUEZVERSION sudo -u bitcoin /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 - sudo -u bitcoin /home/bitcoin/.local/bin/poetry install + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + sudo -u bitcoin poetry install # setting value in raspi blitz config /home/admin/config.scripts/blitz.conf.sh set suez "on" @@ -74,8 +74,8 @@ if [ "$1" = "update" ]; then echo "# UPDATE SUEZ" cd /home/bitcoin || exit 1 # dependency - sudo -u bitcoin curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/install-poetry.py\ - | sudo -u bitcoin python - + sudo pip3 install --upgrade pip + sudo pip3 install poetry # download source code if [ -d suez ]; then sudo -u bitcoin git clone https://github.com/prusnak/suez.git @@ -83,8 +83,8 @@ if [ "$1" = "update" ]; then cd suez || exit 1 sudo -u bitcoin git pull sudo -u bitcoin /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 - sudo -u bitcoin /home/bitcoin/.local/bin/poetry install + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + sudo -u bitcoin poetry install echo "# Updated to the latest in https://github.com/prusnak/suez/commits/master" exit 0 fi diff --git a/home.admin/config.scripts/bonus.tallycoin-connect.sh b/home.admin/config.scripts/bonus.tallycoin-connect.sh index 2632e472a..fdf3c4eeb 100755 --- a/home.admin/config.scripts/bonus.tallycoin-connect.sh +++ b/home.admin/config.scripts/bonus.tallycoin-connect.sh @@ -8,7 +8,7 @@ HOME_DIR=/home/$USERNAME CONFIG_FILE=$APP_DATA_DIR/tallycoin_api.key RASPIBLITZ_INFO=/home/admin/raspiblitz.info SERVICE_FILE=/etc/systemd/system/tallycoin-connect.service -TC_VERSION=1.7.5 +TC_VERSION=1.8.0 # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then diff --git a/home.admin/config.scripts/bonus.telegraf.sh b/home.admin/config.scripts/bonus.telegraf.sh index 2f69092ac..350035fff 100644 --- a/home.admin/config.scripts/bonus.telegraf.sh +++ b/home.admin/config.scripts/bonus.telegraf.sh @@ -68,6 +68,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # # changed according suggestion from @frennkie in #1501 echo "deb https://repos.influxdata.com/debian ${DISTRIB_ID} stable" | sudo tee -a /etc/apt/sources.list.d/influxdb.list >/dev/null + # + # as the key is untrusted, this is a dirty fix + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D8FF8E1F7DF8B07E sudo apt-get update sudo apt-get install -y telegraf @@ -77,6 +80,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # # enable telegraf as admin for lnd sudo usermod telegraf -a -G lndadmin + # + # add telegraf to sudoers (for later application with smartmontools) + sudo usermod telegraf -a -G sudo # stop telegraf service sudo systemctl stop telegraf.service @@ -84,7 +90,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "*** telegraf installation: copying telegraf config templates" # copy custom "telegraf.conf" template to the telegraf target dir # the telegraf inputs part goes into telegraf.d subdir - # this split into "telegraf.conf" and "telegraf.d/teöegraf_inputs.conf" is necessary + # this split into "telegraf.conf" and "telegraf.d/telegraf_inputs.conf" is necessary # as the the [[inputs.***]] part contains lines with the keywords # "urls", "database", "username" "password" # so the sed-replacement-part would get confused diff --git a/home.admin/config.scripts/bonus.template.sh b/home.admin/config.scripts/bonus.template.sh index a8585e403..9d6f0eb7b 100755 --- a/home.admin/config.scripts/bonus.template.sh +++ b/home.admin/config.scripts/bonus.template.sh @@ -202,7 +202,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# download the source code & verify" sudo -u ${APPID} git clone ${GITHUB_REPO} /home/${APPID}/${APPID} cd /home/${APPID}/${APPID} - sudo -u ${APPID} git reset --hard $GITHUB_TAG + if [ "${GITHUB_TAG}" != "" ]; then + sudo -u ${APPID} git reset --hard $GITHUB_TAG + fi if [ "${GITHUB_SIGN_AUTHOR}" != "" ]; then sudo -u ${APPID} /home/admin/config.scripts/blitz.git-verify.sh \ "${GITHUB_SIGN_AUTHOR}" "${GITHUB_SIGN_PUBKEYLINK}" "${GITHUB_SIGN_FINGERPRINT}" "${GITHUB_TAG}" || exit 1 @@ -237,6 +239,7 @@ Wants=bitcoind After=bitcoind [Service] +WorkingDirectory=/home/${APPID} Environment=\"HOME_PATH=/mnt/hdd/app-data/${APPID}\" ExecStartPre=-/home/admin/config.scripts/bonus.${APPID}.sh prestart ExecStart=/usr/bin/node /home/${APPID}/${APPID}/${APPID} @@ -327,10 +330,17 @@ server { # mark app as installed in raspiblitz config /home/admin/config.scripts/blitz.conf.sh set ${APPID} "on" - # start app up thru systemd + # enable app up thru systemd sudo systemctl enable ${APPID} - sudo systemctl start ${APPID} - echo "# OK - the ${APPID}.service is now enabled & started" + echo "# OK - the ${APPID}.service is now enabled" + + # start app (only when blitz is ready) + source <(/home/admin/_cache.sh get state) + if [ "${state}" == "ready" ]; then + sudo systemctl start ${APPID} + echo "# OK - the ${APPID}.service is now started" + fi + echo "# Monitor with: sudo journalctl -f -u ${APPID}" exit 0 @@ -422,6 +432,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo ufw deny "${PORT_CLEAR}" sudo ufw deny "${PORT_SSL}" + echo "# delete user" + sudo userdel -rf ${APPID} + echo "# removing Tor hidden service (if active)" /home/admin/config.scripts/tor.onion-service.sh off ${APPID} diff --git a/home.admin/config.scripts/cl-plugin.backup.sh b/home.admin/config.scripts/cl-plugin.backup.sh index 1c87357aa..5b3f4b1a7 100644 --- a/home.admin/config.scripts/cl-plugin.backup.sh +++ b/home.admin/config.scripts/cl-plugin.backup.sh @@ -1,6 +1,6 @@ #!/bin/bash -function help(){ +function help() { echo echo "Install the backup plugin for Core Lightning" echo "Replicates the lightningd.sqlite3 database on the SDcard" @@ -16,11 +16,10 @@ function help(){ } # https://github.com/lightningd/plugins/commits/master/backup -# use the version beore the migration to poetry -pinnedVersion="4d3560b129b12cba0381fff0b1e30ac32ef84106" +pinnedVersion="30003279e35e5931fc85d7e6211ea4de6f9554d7" # command info -if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then help fi @@ -38,25 +37,32 @@ function install() { sudo -u bitcoin git pull sudo -u bitcoin git reset --hard ${pinnedVersion} || exit 1 - if [ $($lightningcli_alias plugin list 2>/dev/null | grep -c "${plugin}") -eq 0 ];then + if [ $($lightningcli_alias plugin list 2>/dev/null | grep -c "/${plugin}") -eq 0 ]; then echo "# Checking dependencies" - sudo -u bitcoin pip install --user -r ${plugindir}/${plugin}/requirements.txt 1>/dev/null - if [ $(echo $PATH | grep -c "/home/bitcoin/.local/bin") -eq 0 ];then - export PATH=$PATH:/home/bitcoin/.local/bin - echo "PATH=\$PATH:/home/bitcoin/.local/bin" | sudo tee -a /etc/profile - fi + # upgrade pip + sudo pip3 install --upgrade pip + + # pip dependencies + sudo -u bitcoin pip3 install pyln-client tqdm + + # poetry + sudo pip3 install poetry || exit 1 + cd ${plugindir}/backup/ || exit 1 + sudo -u bitcoin poetry install + sudo chmod +x ${plugindir}/${plugin}/${plugin}.py + # symlink to the default plugin dir - if [ ! -L /home/bitcoin/${netprefix}cl-plugins-enabled/backup.py ];then + if [ ! -L /home/bitcoin/${netprefix}cl-plugins-enabled/backup.py ]; then sudo ln -s ${plugindir}/backup/backup.py \ - /home/bitcoin/${netprefix}cl-plugins-enabled/ + /home/bitcoin/${netprefix}cl-plugins-enabled/ fi else echo "# The ${plugin} plugin is already loaded" fi } -if [ "$1" = on ];then +if [ "$1" = on ]; then install @@ -64,27 +70,30 @@ if [ "$1" = on ];then sudo systemctl stop ${netprefix}lightningd # don't overwrite old backup - if [ -f /home/bitcoin/${netprefix}lightningd.sqlite3.backup ];then + if [ -f /home/bitcoin/${netprefix}lightningd.sqlite3.backup ]; then echo "# Backup the existing old backup on the SDcard" now=$(date +"%Y_%m_%d_%H%M%S") sudo mv /home/bitcoin/${netprefix}lightningd.sqlite3.backup \ - /home/bitcoin/${netprefix}lightningd.sqlite3.backup.${now} || exit 1 + /home/bitcoin/${netprefix}lightningd.sqlite3.backup.${now} || exit 1 fi # always re-init plugin - if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/backup.lock; then + if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/backup.lock 2>/dev/null; then sudo rm /home/bitcoin/.lightning/${CLNETWORK}/backup.lock fi # https://github.com/lightningd/plugins/tree/master/backup#setup echo "# Initialize the backup plugin" - sudo -u bitcoin ${plugindir}/backup/backup-cli init\ - --lightning-dir /home/bitcoin/.lightning/${CLNETWORK} \ - file:///home/bitcoin/${netprefix}lightningd.sqlite3.backup + cd ${plugindir}/backup/ || exit 1 + sudo -u bitcoin poetry run ./backup-cli init --lightning-dir /home/bitcoin/.lightning/${CLNETWORK} \ + file:///home/bitcoin/${netprefix}lightningd.sqlite3.backup if [ $(crontab -u admin -l | grep -c "backup-compact $CHAIN") -eq 0 ]; then echo "Add weekly backup-compact as a cronjob" cronjob="@weekly /home/admin/config.scripts/cl-plugin.backup.sh backup-compact $CHAIN" - (crontab -u admin -l; echo "$cronjob" ) | crontab -u admin - + ( + crontab -u admin -l + echo "$cronjob" + ) | crontab -u admin - fi echo "# The crontab for admin now is:" crontab -u admin -l @@ -96,19 +105,21 @@ if [ "$1" = on ];then echo "# Started the ${netprefix}lightningd.service" fi - -elif [ "$1" = off ]; then +elif + [ "$1" = off ] +then echo "# Removing the backup plugin" sudo rm -f /home/bitcoin/${netprefix}cl-plugins-enabled/backup.py echo "# Backup the existing old backup on the SDcard" now=$(date +"%Y_%m_%d_%H%M%S") sudo mv /home/bitcoin/${netprefix}lightningd.sqlite3.backup \ - /home/bitcoin/${netprefix}lightningd.sqlite3.backup.${now} + /home/bitcoin/${netprefix}lightningd.sqlite3.backup.${now} echo "# Removing the backup.lock file" - sudo rm -f /home/bitcoin/.lightning/${CLNETWORK}/backup.lock + sudo rm -f /home/bitcoin/.lightning/${CLNETWORK}/backup.lock - -elif [ "$1" = restore ];then +elif + [ "$1" = restore ] +then install @@ -118,21 +129,22 @@ elif [ "$1" = restore ];then sudo systemctl stop ${netprefix}lightningd # https://github.com/lightningd/plugins/tree/master/backup#restoring-a-backup - # ./backup-cli restore file:///mnt/external/location ~/.lightning/bitcoin/lightningd.sqlite3 + # poetry run ./backup-cli restore file:///mnt/external/location ~/.lightning/bitcoin/lightningd.sqlite3 # make sure to not overwrite old database - if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3;then + if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3; then now=$(date +"%Y_%m_%d_%H%M%S") echo "# Backup the existing old database on the disk" sudo cp /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3 \ - /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3.backup.${now} || exit 1 - if [ "$(echo "$@" | grep -c "force")" -gt 0 ];then + /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3.backup.${now} || exit 1 + if [ "$(echo "$@" | grep -c "force")" -gt 0 ]; then sudo rm /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3 fi fi # restore - sudo -u bitcoin ${plugindir}/backup/backup-cli restore \ + cd ${plugindir}/backup/ || exit 1 + sudo -u bitcoin poetry run ./backup-cli restore \ file:///home/bitcoin/${netprefix}lightningd.sqlite3.backup \ /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3 @@ -143,8 +155,9 @@ elif [ "$1" = restore ];then fi fi - -elif [ "$1" = backup-compact ];then +elif + [ "$1" = backup-compact ] +then # https://github.com/lightningd/plugins/tree/master/backup#performing-backup-compaction dbPath="/home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3" backupPath="/home/bitcoin/${netprefix}lightningd.sqlite3.backup" @@ -154,7 +167,7 @@ elif [ "$1" = backup-compact ];then echo "$dbSize MB $dbPath" backupSize=$(sudo du -m "${backupPath}" | awk '{print $1}') echo "$backupSize MB $backupPath" - if [ "$backupSize" -gt $((dbSize+200)) ] ; then + if [ "$backupSize" -gt $((dbSize + 200)) ]; then echo "# The backup is 200MB+ larger than the db, running '${netprefix}lightning-cli backup-compact' ..." $lightningcli_alias backup-compact else diff --git a/home.admin/config.scripts/cl-plugin.cln-grpc.sh b/home.admin/config.scripts/cl-plugin.cln-grpc.sh index 00dbe4bb4..5c652ea34 100644 --- a/home.admin/config.scripts/cl-plugin.cln-grpc.sh +++ b/home.admin/config.scripts/cl-plugin.cln-grpc.sh @@ -1,7 +1,7 @@ #!/bin/bash # command info -if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo echo "Install the cln-grpc plugin for CLN" echo "Usage:" @@ -31,10 +31,12 @@ function buildGRPCplugin() { echo "# - Build the cln-grpc plugin" if [ ! -f /home/bitcoin/cl-plugins-available/cln-grpc ]; then # check if the source code is present - if [ ! -d /home/bitcoin/lightning/plugins/grpc-plugin ];then + if [ ! -d /home/bitcoin/lightning/plugins/grpc-plugin ]; then echo "# - install Core Lightning ..." /home/admin/config.scripts/cl.install.sh install || exit 1 fi + echo "# install dependencies" + sudo apt-get install protobuf-compiler -y echo "# rust for cln-grpc, includes rustfmt" sudo -u bitcoin curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u bitcoin sh -s -- -y cd /home/bitcoin/lightning/plugins/grpc-plugin || exit 1 @@ -61,7 +63,7 @@ function switchOn() { # symlink to plugin directory echo "# symlink cln-grpc to /home/bitcoin/${netprefix}cl-plugins-enabled/" # delete old symlink - sudo rm /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc + sudo rm -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc sudo ln -s /home/bitcoin/cl-plugins-available/cln-grpc /home/bitcoin/${netprefix}cl-plugins-enabled/ # blitz.conf.sh set [key] [value] [?conffile] @@ -102,7 +104,7 @@ elif [ "$1" = on ]; then elif [ "$1" = off ]; then sed -i "/^grpc-port/d" "${CLCONF}" sudo rm -rf /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc - if [ "$(echo "$@" | grep -c purge)" -gt 0 ];then + if [ "$(echo "$@" | grep -c purge)" -gt 0 ]; then sudo rm -rf /home/bitcoin/cl-plugins-available/cln-grpc fi /home/admin/config.scripts/blitz.conf.sh set "${netprefix}clnGRPCport" "off" @@ -113,7 +115,7 @@ elif [ "$1" = off ]; then exit 0 elif [ "$1" = update ]; then - if [ "$(echo "$@" | grep -c source)" -gt 0 ];then + if [ "$(echo "$@" | grep -c source)" -gt 0 ]; then cd /home/bitcoin/lightning/ || exit 1 sudo -u bitcoin git pull fi diff --git a/home.admin/config.scripts/cl-plugin.standard-python.sh b/home.admin/config.scripts/cl-plugin.standard-python.sh index 4bbf9f48f..0cec55c67 100644 --- a/home.admin/config.scripts/cl-plugin.standard-python.sh +++ b/home.admin/config.scripts/cl-plugin.standard-python.sh @@ -1,7 +1,7 @@ #!/bin/bash # command info -if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo echo "Install and show the output of the chosen plugin for Core Lightning" echo "Usage:" @@ -16,7 +16,7 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then exit 1 fi -if [ "$1" = "on" ];then +if [ "$1" = "on" ]; then source <(/home/admin/config.scripts/network.aliases.sh getvars cl $3) @@ -29,27 +29,27 @@ if [ "$1" = "on" ];then fi # enable - if [ "$(echo "$@" | grep -c "persist")" -gt 0 ];then - if [ ! -L /home/bitcoin/${netprefix}cl-plugins-enabled/${plugin}.py ];then + if [ "$(echo "$@" | grep -c "persist")" -gt 0 ]; then + if [ ! -L /home/bitcoin/${netprefix}cl-plugins-enabled/${plugin}.py ]; then echo "# Symlink to /home/bitcoin/${netprefix}cl-plugins-enabled" sudo ln -s /home/bitcoin/cl-plugins-available/plugins/${plugin}/${plugin}.py \ - /home/bitcoin/${netprefix}cl-plugins-enabled - + /home/bitcoin/${netprefix}cl-plugins-enabled + source <(/home/admin/_cache.sh get state) if [ "${state}" == "ready" ]; then echo "# Restart the ${netprefix}lightningd.service to activate the ${plugin} plugin" sudo systemctl restart ${netprefix}lightningd fi fi - + else - if [ $($lightningcli_alias | grep -c "${plugin}") -eq 0 ];then + if [ $($lightningcli_alias | grep -c "/${plugin}") -eq 0 ]; then echo "# Just start the ${plugin} plugin" sudo -u bitcoin pip install -r /home/bitcoin/cl-plugins-available/plugins/${plugin}/requirements.txt $lightningcli_alias plugin start /home/bitcoin/cl-plugins-available/plugins/${plugin}/${plugin}.py fi fi - + echo echo "Node URI:" ln_getinfo=$($lightningcli_alias -H getinfo 2>/dev/null) @@ -60,12 +60,12 @@ if [ "$1" = "on" ];then echo echo "# Running:" echo "${netprefix}lightning-cli ${plugin}" - echo + echo $lightningcli_alias ${plugin} echo - if [ "$(echo "$@" | grep -c "runonce")" -gt 0 ];then + if [ "$(echo "$@" | grep -c "runonce")" -gt 0 ]; then $lightningcli_alias plugin stop /home/bitcoin/cl-plugins-available/plugins/${plugin}/${plugin}.py fi -fi \ No newline at end of file +fi diff --git a/home.admin/config.scripts/cl.backup.sh b/home.admin/config.scripts/cl.backup.sh index d1debaad9..14b94f9c1 100644 --- a/home.admin/config.scripts/cl.backup.sh +++ b/home.admin/config.scripts/cl.backup.sh @@ -188,9 +188,9 @@ if [ ${mode} = "cl-export-gui" ]; then echo "*******************************************" echo echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:" - echo "sftp '${fileowner}@${localip}:${filename}' ./" + echo "scp '${fileowner}@${localip}:${filename}' ./" echo "ON WINDOWS - RUN IN CMD:" - echo "sftp ${fileowner}@${localip}:${filename} ." + echo "scp ${fileowner}@${localip}:${filename} ." echo echo "Use password A to authenticate file transfer." echo "Check for correct file size after transfer: ${size} byte" @@ -291,7 +291,7 @@ if [ ${mode} = "cl-import-gui" ]; then echo "To make upload open a new terminal on your laptop," echo "change into the directory where your cl-rescue file is and" echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:" - echo "sftp -r ./cl-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/" + echo "scp -r ./cl-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/" echo echo "Use ${passwordInfo} to authenticate file transfer." echo "PRESS ENTER when upload is done" diff --git a/home.admin/config.scripts/cl.install.sh b/home.admin/config.scripts/cl.install.sh index 9df067631..424d576e3 100644 --- a/home.admin/config.scripts/cl.install.sh +++ b/home.admin/config.scripts/cl.install.sh @@ -2,19 +2,23 @@ # https://lightning.readthedocs.io/ # https://github.com/ElementsProject/lightning/releases -CLVERSION=v22.11.1 +CLVERSION=v23.02.2 # install the latest master by using the last commit id # https://github.com/ElementsProject/lightning/commit/master # CLVERSION="063366ed7e3b7cc12a8d1681acc2b639cf07fa23" +# PGPsigner="endothermicdev" +# PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" +# PGPpubkeyFingerprint="8F55EE750D950E3E" + # https://github.com/ElementsProject/lightning/tree/master/contrib/keys -PGPsigner="cdecker" # rustyrussel D9200E6CD1ADB8F1 # cdecker A26D6D9FE088ED58 # niftynei BFF0F67810C1EED1 +PGPsigner="rustyrussell" # rustyrussell D9200E6CD1ADB8F1 # cdecker A26D6D9FE088ED58 # niftynei BFF0F67810C1EED1 # endothermicdev 8F55EE750D950E3E PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/${PGPsigner}.txt" -PGPpubkeyFingerprint="A26D6D9FE088ED58" +PGPpubkeyFingerprint="D9200E6CD1ADB8F1" # help -if [ $# -eq 0 ]||[ "$1" = "-h" ]||[ "$1" = "--help" ];then +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then echo echo "Core Lightning install script" echo "The default version is: ${CLVERSION}" @@ -30,30 +34,28 @@ if [ $# -eq 0 ]||[ "$1" = "-h" ]||[ "$1" = "--help" ];then exit 1 fi -function installDependencies() -{ +function installDependencies() { echo "- installDependencies()" # from https://lightning.readthedocs.io/INSTALL.html#to-build-on-ubuntu sudo apt-get install -y \ - autoconf automake build-essential git libtool libgmp-dev \ - libsqlite3-dev python3 net-tools zlib1g-dev libsodium-dev \ - gettext + autoconf automake build-essential git libtool libgmp-dev \ + libsqlite3-dev python3 net-tools zlib1g-dev libsodium-dev \ + gettext # additional requirements sudo apt-get install -y postgresql libpq-dev # upgrade pip sudo pip3 install --upgrade pip sudo -u bitcoin pip install mako # poetry - sudo -u bitcoin pip3 install --user poetry - if ! grep -Eq '^PATH="$HOME/.local/bin:$PATH"' /mnt/hdd/raspiblitz.conf; then + sudo pip3 install poetry + if ! grep -Eq '^PATH="$HOME/.local/bin:$PATH"' /home/bitcoin/.profile; then echo 'PATH="$HOME/.local/bin:$PATH"' | sudo tee -a /home/bitcoin/.profile fi export PATH="home/bitcoin/.local/bin:$PATH" - sudo -u bitcoin /home/bitcoin/.local/bin/poetry install + sudo -u bitcoin poetry install } -function buildAndInstallCLbinaries() -{ +function buildAndInstallCLbinaries() { echo "- Configuring EXPERIMENTAL_FEATURES enabled" echo sudo -u bitcoin ./configure --enable-experimental-features @@ -74,7 +76,7 @@ echo "# Running: 'cl.install.sh $*'" if [ "$1" = "update" ] && [ $# -gt 1 ]; then CLVERSION=$2 if curl --output /dev/null --silent --head --fail \ - https://github.com/ElementsProject/lightning/releases/tag/${CLVERSION};then + https://github.com/ElementsProject/lightning/releases/tag/${CLVERSION}; then echo "# OK version exists at https://github.com/ElementsProject/lightning/releases/tag/${CLVERSION}" else echo "# ${CLVERSION} does not exist" @@ -86,15 +88,15 @@ fi # check for PR if testPR if [ "$1" = "testPR" ]; then - if [ $# -gt 1 ]; then - PRnumber=$2 - else - echo "# Need PRnumber as the second paramater" - fi - echo "# Using the PR:" - echo "# https://github.com/ElementsProject/lightning/pull/${PRnumber}" + if [ $# -gt 1 ]; then + PRnumber=$2 + else + echo "# Need PRnumber as the second paramater" + fi + echo "# Using the PR:" + echo "# https://github.com/ElementsProject/lightning/pull/${PRnumber}" if curl --output /dev/null --silent --head --fail \ - https://github.com/ElementsProject/lightning/pull/${PRnumber};then + https://github.com/ElementsProject/lightning/pull/${PRnumber}; then echo "# OK the PR exists at https://github.com/ElementsProject/lightning/pull/${PRnumber}" echo "# Press ENTER to proceed to install Core Lightning with the PR ${PRnumber} or CTRL+C to abort." read key @@ -116,68 +118,9 @@ if [ "$1" = "install" ]; then # check if the binary is already installed if [ -f /usr/local/bin/lightningd ]; then echo "Core Lightning binary already installed - done" - exit 1 + exit 0 fi -## Download and verify zip -# # prepare download dir -# sudo rm -rf /home/bitcoin/download -# sudo -u bitcoin mkdir -p /home/bitcoin/download -# cd /home/bitcoin/download || exit 1 -# -# sudo -u bitcoin wget -O "pgp_keys.asc" ${PGPpubkeyLink} -# sudo -u bitcoin gpg --import --import-options show-only ./pgp_keys.asc -# fingerprint=$(gpg "pgp_keys.asc" 2>/dev/null | grep "${PGPpubkeyFingerprint}" -c) -# if [ ${fingerprint} -lt 1 ]; then -# echo -# echo "# WARNING --> the PGP fingerprint is not as expected for ${PGPsigner}" -# echo "Should contain PGP: ${PGPpubkeyFingerprint}" -# echo "PRESS ENTER to TAKE THE RISK if you think all is OK" -# read key -# fi -# sudo -u bitcoin gpg --import ./pgp_keys.asc -# -# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/SHA256SUMS -# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/SHA256SUMS.asc -# -# verifyResult=$(LANG=en_US.utf8; sudo -u bitcoin gpg --verify SHA256SUMS.asc 2>&1) -# -# goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) -# echo "goodSignature(${goodSignature})" -# correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${PGPpubkeyFingerprint}" -c) -# echo "correctKey(${correctKey})" -# if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then -# echo -# echo "# DOWNLOAD FAILED --> PGP verification not OK / signature(${goodSignature}) verify(${correctKey})" -# exit 1 -# else -# echo -# echo "****************************************************************" -# echo "OK --> the PGP signature of the Core Lightning SHA256SUMS is correct" -# echo "****************************************************************" -# echo -# fi -# -# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/clightning-${CLVERSION}.zip -# -# hashCheckResult=$(sha256sum -c SHA256SUMS 2>&1) -# goodHash=$(echo ${hashCheckResult} | grep 'OK' -c) -# echo "goodHash(${goodHash})" -# if [ ${goodHash} -lt 1 ]; then -# echo -# echo "# BUILD FAILED --> Hash check not OK" -# exit 1 -# else -# echo -# echo "********************************************************************" -# echo "OK --> the hash of the downloaded Core Lightning source code is correct" -# echo "********************************************************************" -# echo -# fi -# -# sudo -u bitcoin unzip clightning-${CLVERSION}.zip -# cd clightning-${CLVERSION} || exit 1 - # download and verify the source from github cd /home/bitcoin || exit 1 echo @@ -190,7 +133,7 @@ if [ "$1" = "install" ]; then sudo -u bitcoin git reset --hard ${CLVERSION} sudo -u bitcoin /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${CLVERSION}" || exit 1 + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${CLVERSION}" || exit 1 installDependencies @@ -220,7 +163,7 @@ source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf TORGROUP="debian-tor" -if [ "$1" = update ]||[ "$1" = testPR ];then +if [ "$1" = update ] || [ "$1" = testPR ]; then source <(/home/admin/config.scripts/network.aliases.sh getvars cl mainnet) else source <(/home/admin/config.scripts/network.aliases.sh getvars cl $2) @@ -228,7 +171,7 @@ fi echo "# Using the settings for: ${network} ${CHAIN}" -if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then +if [ "$1" = on ] || [ "$1" = update ] || [ "$1" = testPR ]; then if [ "${CHAIN}" == "testnet" ] && [ "${testnet}" != "on" ]; then echo "# before activating testnet on cl, first activate testnet on bitcoind" @@ -242,14 +185,14 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then exit 1 fi - if [ "$1" = "update" ]||[ "$1" = "testPR" ];then + if [ "$1" = "update" ] || [ "$1" = "testPR" ]; then echo "# apt update" echo sudo apt-get update cd /home/bitcoin || exit 1 - if [ "$1" = "update" ]||[ "$1" = "testPR" ];then + if [ "$1" = "update" ] || [ "$1" = "testPR" ]; then echo echo "# Deleting the old source code" sudo rm -rf lightning @@ -262,7 +205,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then echo if [ "$1" = "update" ]; then - if [ $# -gt 1 ];then + if [ $# -gt 1 ]; then CLVERSION=$2 echo "# Installing the version ${CLVERSION}" sudo -u bitcoin git reset --hard ${CLVERSION} @@ -284,8 +227,10 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then installDependencies - currentCLversion=$(cd /home/bitcoin/lightning 2>/dev/null; \ - git describe --tags 2>/dev/null) + currentCLversion=$( + cd /home/bitcoin/lightning 2>/dev/null + git describe --tags 2>/dev/null + ) echo "# Building from source Core Lightning $currentCLversion" buildAndInstallCLbinaries @@ -296,7 +241,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then ########## # make sure binary is installed (will skip if already done) - /home/admin/config.scripts/cl.install.sh install + /home/admin/config.scripts/cl.install.sh install || exit 1 echo "# Make sure bitcoin is in the ${TORGROUP} group" sudo usermod -a -G ${TORGROUP} bitcoin @@ -313,11 +258,11 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then sudo mkdir -p /mnt/hdd/app-data/.lightning sudo ln -s /mnt/hdd/app-data/.lightning /home/bitcoin/ - if [ ${CLNETWORK} != "bitcoin" ] && [ ! -d /home/bitcoin/.lightning/${CLNETWORK} ] ;then + if [ ${CLNETWORK} != "bitcoin" ] && [ ! -d /home/bitcoin/.lightning/${CLNETWORK} ]; then sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK} fi - if ! sudo ls ${CLCONF};then + if ! sudo ls ${CLCONF}; then echo "# Create ${CLCONF}" echo "# lightningd configuration for ${network} ${CHAIN} @@ -364,7 +309,9 @@ always-use-proxy=true ############# echo echo "# Set logrotate for ${netprefix}lightningd" - sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK}/cl.log_old + if ! sudo ls /home/bitcoin/.lightning/${CLNETWORK}/cl.log_old; then + sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK}/cl.log_old + fi echo "\ /home/bitcoin/.lightning/${CLNETWORK}/cl.log { @@ -376,10 +323,6 @@ always-use-proxy=true notifempty nocompress sharedscripts - # We don't need to kill as we use copytruncate - #postrotate - # kill -HUP \`cat /run/lightningd/lightningd.pid\' - #endscript su bitcoin bitcoin }" | sudo tee /etc/logrotate.d/${netprefix}lightningd # debug: @@ -387,7 +330,7 @@ always-use-proxy=true echo sudo -u admin touch /home/admin/_aliases - if ! grep -Eq "${netprefix}lightning-cli" /home/admin/_aliases; then + if ! grep -Eq "^alias ${netprefix}lightning-cli" /home/admin/_aliases; then echo "# Adding aliases" echo "\ alias ${netprefix}lightning-cli=\"sudo -u bitcoin /usr/local/bin/lightning-cli\ @@ -396,8 +339,7 @@ alias ${netprefix}cl=\"sudo -u bitcoin /usr/local/bin/lightning-cli\ --conf=${CLCONF}\" alias ${netprefix}cllog=\"sudo\ tail -n 30 -f /home/bitcoin/.lightning/${CLNETWORK}/cl.log\" -alias ${netprefix}clconf=\"sudo\ - nano ${CLCONF}\" +alias ${netprefix}clconf=\"sudo nano ${CLCONF}\" " | sudo tee -a /home/admin/_aliases sudo chown admin:admin /home/admin/_aliases fi @@ -418,20 +360,21 @@ alias ${netprefix}clconf=\"sudo\ # setting values in the raspiblitz.conf /home/admin/config.scripts/blitz.conf.sh set ${netprefix}cl on # blitz.conf.sh needs sudo access - cannot be run in cl.check.sh - if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/sparko ];then + if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/sparko ]; then /home/admin/config.scripts/blitz.conf.sh set ${netprefix}sparko "off" fi - if [ ! -f /home/bitcoin/cl-plugins-enabled/c-lightning-http-plugin ];then + if [ ! -f /home/bitcoin/cl-plugins-enabled/c-lightning-http-plugin ]; then /home/admin/config.scripts/blitz.conf.sh set clHTTPplugin "off" fi if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/feeadjuster.py ]; then /home/admin/config.scripts/blitz.conf.sh set ${netprefix}feeadjuster "off" fi - if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc ];then + if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc ]; then /home/admin/config.scripts/blitz.conf.sh set "${netprefix}clnGRPCport" "off" fi # if this is the first lightning mainnet turned on - make default + [ "${lightning}" == "none" ] && lightning="" if [ "${CHAIN}" == "mainnet" ] && [ "${lightning}" == "" ]; then echo "# CL is now the default lightning implementation" /home/admin/config.scripts/blitz.conf.sh set lightning cl @@ -464,10 +407,9 @@ if [ "$1" = "display-seed" ]; then source ${seedwordFile} #echo "# seedwords(${seedwords})" #echo "# seedwords6x4(${seedwords6x4})" - if [ ${#seedwords6x4} -gt 0 ];then + if [ ${#seedwords6x4} -gt 0 ]; then ack=0 - while [ ${ack} -eq 0 ] - do + while [ ${ack} -eq 0 ]; do whiptail --title "Core Lightning ${displayNetwork} Wallet" \ --msgbox "This is your Core Lightning ${displayNetwork} wallet seed. Store these numbered words in a safe location:\n\n${seedwords6x4}" 13 76 whiptail --title "Please Confirm" --yes-button "Show Again" --no-button "CONTINUE" --yesno " Are you sure that you wrote down the word list?" 8 55 @@ -477,9 +419,9 @@ if [ "$1" = "display-seed" ]; then done else dialog \ - --title "Core Lightning ${displayNetwork} Wallet" \ - --exit-label "exit" \ - --textbox "${seedwordFile}" 14 92 + --title "Core Lightning ${displayNetwork} Wallet" \ + --exit-label "exit" \ + --textbox "${seedwordFile}" 14 92 fi else # hsmFile="/home/bitcoin/.lightning/${CLNETWORK}/hsm_secret" @@ -489,14 +431,14 @@ if [ "$1" = "display-seed" ]; then exit 0 fi -if [ "$1" = "off" ];then +if [ "$1" = "off" ]; then echo "# Removing the ${netprefix}lightningd.service" sudo systemctl disable ${netprefix}lightningd sudo systemctl stop ${netprefix}lightningd echo "# Removing the aliases" sudo sed -i "/${netprefix}lightning-cli/d" /home/admin/_aliases sudo sed -i "/${netprefix}cl/d" /home/admin/_aliases - if [ "$(echo "$@" | grep -c purge)" -gt 0 ];then + if [ "$(echo "$@" | grep -c purge)" -gt 0 ]; then echo "# Removing the binaries" sudo rm -f /usr/local/bin/lightningd sudo rm -f /usr/local/bin/lightning-cli diff --git a/home.admin/config.scripts/cl.rest.sh b/home.admin/config.scripts/cl.rest.sh index fda816666..2ce73aaf2 100644 --- a/home.admin/config.scripts/cl.rest.sh +++ b/home.admin/config.scripts/cl.rest.sh @@ -1,18 +1,18 @@ #!/bin/bash # https://github.com/Ride-The-Lightning/c-lightning-REST/releases/ -CLRESTVERSION="v0.9.0" +CLRESTVERSION="v0.10.2" # help -if [ $# -eq 0 ]||[ "$1" = "-h" ]||[ "$1" = "--help" ];then - echo +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then echo "Core-Lightning-REST install script" echo "The default version is: $CLRESTVERSION" echo "mainnet | testnet | signet instances can run parallel" echo echo "Usage:" - echo "cl.rest.sh [on|off|connect] [?key-value]" - echo + echo "cl.rest.sh on " + echo "cl.rest.sh connect [?key-value]" + echo "cl.rest.sh off " exit 1 fi @@ -29,7 +29,7 @@ source <(/home/admin/config.scripts/network.aliases.sh getvars cl $2) echo "# Running 'cl.rest.sh $*'" -if [ "$1" = connect ];then +if [ "$1" = connect ]; then if ! systemctl is-active --quiet ${netprefix}clrest; then /home/admin/config.scripts/cl.rest.sh on ${CHAIN} fi @@ -58,74 +58,74 @@ if [ "$1" = connect ];then # deactivated function showStepByStepQR() { - clear - echo - sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}" - echo "The Tor address is shown as a QRcode below and on the LCD" - echo "Scan it to your phone with a QR scanner app and paste it to: 'Host'" - echo - echo "Host: ${toraddress}" - echo "REST Port: 443" - echo - qrencode -t ANSIUTF8 "${toraddress}" - echo - echo - echo "Alternatively to connect through the LAN the address is:" - echo "https://${localip}" - echo "REST Port: ${portprefix}6100" - echo - echo "# Press enter to continue to show the Macaroon" - read key - sudo /home/admin/config.scripts/blitz.display.sh hide - sudo /home/admin/config.scripts/blitz.display.sh qr "${hex_macaroon}" - clear - echo - echo "The Macaroon is shown as a QRcode below and on the LCD" - echo "Scan it to your phone with a QR scanner app and paste it to: 'Macaroon (Hex format)'" - echo - echo "Macaroon: ${hex_macaroon}" - echo - qrencode -t ANSIUTF8 "${hex_macaroon}" - echo - echo "# Press enter to hide the QRcode from the LCD" - read key - sudo /home/admin/config.scripts/blitz.display.sh hide - exit 0 + clear + echo + sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}" + echo "The Tor address is shown as a QRcode below and on the LCD" + echo "Scan it to your phone with a QR scanner app and paste it to: 'Host'" + echo + echo "Host: ${toraddress}" + echo "REST Port: 443" + echo + qrencode -t ANSIUTF8 "${toraddress}" + echo + echo + echo "Alternatively to connect through the LAN the address is:" + echo "https://${localip}" + echo "REST Port: ${portprefix}6100" + echo + echo "# Press enter to continue to show the Macaroon" + read key + sudo /home/admin/config.scripts/blitz.display.sh hide + sudo /home/admin/config.scripts/blitz.display.sh qr "${hex_macaroon}" + clear + echo + echo "The Macaroon is shown as a QRcode below and on the LCD" + echo "Scan it to your phone with a QR scanner app and paste it to: 'Macaroon (Hex format)'" + echo + echo "Macaroon: ${hex_macaroon}" + echo + qrencode -t ANSIUTF8 "${hex_macaroon}" + echo + echo "# Press enter to hide the QRcode from the LCD" + read key + sudo /home/admin/config.scripts/blitz.display.sh hide + exit 0 } function showClRestQr() { - # c-lightning-rest://http://your_hidden_service.onion:your_port?&macaroon=your_macaroon_file_in_HEX&protocol=http - clear - echo - sudo /home/admin/config.scripts/blitz.display.sh qr "${clresttor}" - echo "The string to connect over Tor is shown as a QRcode below and on the LCD" - echo "Scan it to Zeus using the c-lightning-REST option" - echo - echo "c-lightning-REST connection string:" - echo "${clresttor}" - echo - qrencode -t ANSIUTF8 "${clresttor}" - echo - echo "# Press enter to show the string to connect over LAN" - read key - sudo /home/admin/config.scripts/blitz.display.sh hide - sudo /home/admin/config.scripts/blitz.display.sh qr "${clrestlan}" - clear - echo - echo "The string to connect over the local the network is shown as a QRcode below and on the LCD" - echo "Scan it to Zeus using the c-lightning-REST option" - echo "This will only work if your node si connected to the same network" - echo "To connect reemotely consider using a VPN like ZeroTier or Tailscale" - echo - echo "c-lightning-REST connection string:" - echo "${clrestlan}" - echo - qrencode -t ANSIUTF8 "${clrestlan}" - echo - echo "# Press enter to hide the QRcode from the LCD" - read key - sudo /home/admin/config.scripts/blitz.display.sh hide - exit 0 + # c-lightning-rest://http://your_hidden_service.onion:your_port?&macaroon=your_macaroon_file_in_HEX&protocol=http + clear + echo + sudo /home/admin/config.scripts/blitz.display.sh qr "${clresttor}" + echo "The string to connect over Tor is shown as a QRcode below and on the LCD" + echo "Scan it to Zeus using the c-lightning-REST option" + echo + echo "c-lightning-REST connection string:" + echo "${clresttor}" + echo + qrencode -t ANSIUTF8 "${clresttor}" + echo + echo "# Press enter to show the string to connect over LAN" + read key + sudo /home/admin/config.scripts/blitz.display.sh hide + sudo /home/admin/config.scripts/blitz.display.sh qr "${clrestlan}" + clear + echo + echo "The string to connect over the local the network is shown as a QRcode below and on the LCD" + echo "Scan it to Zeus using the c-lightning-REST option" + echo "This will only work if your node si connected to the same network" + echo "To connect reemotely consider using a VPN like ZeroTier or Tailscale" + echo + echo "c-lightning-REST connection string:" + echo "${clrestlan}" + echo + qrencode -t ANSIUTF8 "${clrestlan}" + echo + echo "# Press enter to hide the QRcode from the LCD" + read key + sudo /home/admin/config.scripts/blitz.display.sh hide + exit 0 } showClRestQr @@ -138,14 +138,14 @@ if [ "$1" = on ]; then sudo systemctl stop ${netprefix}clrest sudo systemctl disable ${netprefix}clrest - if [ ! -f /home/bitcoin/c-lightning-REST/cl-rest.js ];then + if [ ! -f /home/bitcoin/c-lightning-REST/cl-rest.js ]; then cd /home/bitcoin || exit 1 sudo -u bitcoin git clone https://github.com/saubyk/c-lightning-REST cd c-lightning-REST || exit 1 sudo -u bitcoin git reset --hard $CLRESTVERSION sudo -u bitcoin /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${CLRESTVERSION}" || exit 1 + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${CLRESTVERSION}" || exit 1 sudo -u bitcoin npm install fi @@ -163,10 +163,10 @@ if [ "$1" = on ]; then \"RPCCOMMANDS\": [\"*\"] }" | sudo -u bitcoin tee ./${CLNETWORK}/cl-rest-config.json - # copy clrest to a CLNETWORK subdor to make parallel networks possible + # copy clrest to a CLNETWORK subdir to make parallel networks possible sudo -u bitcoin mkdir /home/bitcoin/c-lightning-REST/${CLNETWORK} sudo -u bitcoin cp -r /home/bitcoin/c-lightning-REST/* \ - /home/bitcoin/c-lightning-REST/${CLNETWORK} + /home/bitcoin/c-lightning-REST/${CLNETWORK} echo " # systemd unit for c-lightning-REST for ${CHAIN} @@ -209,7 +209,7 @@ WantedBy=multi-user.target echo fi -if [ "$1" = off ];then +if [ "$1" = off ]; then echo "# Removing c-lightning-REST for ${CHAIN}" sudo systemctl stop ${netprefix}clrest sudo systemctl disable ${netprefix}clrest @@ -217,7 +217,7 @@ if [ "$1" = off ];then echo "# Deny port ${portprefix}6100 through the firewall" sudo ufw deny "${portprefix}6100" /home/admin/config.scripts/tor.onion-service.sh off ${netprefix}clrest - if [ "$(echo "$@" | grep -c purge)" -gt 0 ];then + if [ "$(echo "$@" | grep -c purge)" -gt 0 ]; then echo "# Removing the source code and binaries" sudo rm -rf /home/bitcoin/c-lightning-REST fi diff --git a/home.admin/config.scripts/internet.sh b/home.admin/config.scripts/internet.sh index f70705412..fb0f3d9a8 100755 --- a/home.admin/config.scripts/internet.sh +++ b/home.admin/config.scripts/internet.sh @@ -134,7 +134,7 @@ if [ ${runOnline} -eq 1 ]; then fi if [ ${online} -eq 0 ]; then # test with netcat to avoid firewall issues with ICMP packets - online=$(nc -v -z -w 8.8.8.8 53 &> /dev/null && echo "1" || echo "0") + online=$(nc -v -z -w 3 8.8.8.8 53 &> /dev/null && echo "1" || echo "0") fi if [ ${online} -eq 0 ]; then # re-test with other server diff --git a/home.admin/config.scripts/lnd.backup.sh b/home.admin/config.scripts/lnd.backup.sh index 1eb13d93c..d1dbeb00c 100755 --- a/home.admin/config.scripts/lnd.backup.sh +++ b/home.admin/config.scripts/lnd.backup.sh @@ -198,9 +198,9 @@ if [ ${mode} = "lnd-export-gui" ]; then echo "********************************" echo echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:" - echo "sftp '${fileowner}@${localip}:${filename}' ./" + echo "scp '${fileowner}@${localip}:${filename}' ./" echo "ON WINDOWS - RUN IN CMD:" - echo "sftp ${fileowner}@${localip}:${filename} ." + echo "scp ${fileowner}@${localip}:${filename} ." echo "Use password A to authenticate file transfer." echo echo "Check for correct file size after transfer: ${size} byte" @@ -299,7 +299,7 @@ if [ ${mode} = "lnd-import-gui" ]; then echo "To make upload open a new terminal on your laptop," echo "change into the directory where your lnd-rescue file is and" echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:" - echo "sftp -r ./lnd-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/" + echo "scp -r ./lnd-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/" echo echo "Use ${passwordInfo} to authenticate file transfer." echo "PRESS ENTER when upload is done" @@ -413,7 +413,7 @@ if [ ${mode} = "scb-export-gui" ]; then echo "**************************************" echo echo "RUN THE FOLLOWING COMMAND ON YOUR LAPTOP IN NEW TERMINAL:" - echo "sftp -r ${fileuser}@${localip}:${filename} ./" + echo "scp -r ${fileuser}@${localip}:${filename} ./" echo "" echo "Use password A to authenticate file transfer." echo @@ -492,7 +492,7 @@ if [ ${mode} = "scb-import-gui" ]; then echo "To make upload open a new terminal and change," echo "into the directory where your lnd-rescue file is and" echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:" - echo "sftp ./channel.backup ${defaultUploadUser}@${localip}:${defaultUploadPath}/" + echo "scp ./channel.backup ${defaultUploadUser}@${localip}:${defaultUploadPath}/" echo "" echo "Use ${passwordInfo} to authenticate file transfer." echo "PRESS ENTER when upload is done." diff --git a/home.admin/config.scripts/lnd.export.sh b/home.admin/config.scripts/lnd.export.sh index fa6307898..940bf6821 100755 --- a/home.admin/config.scripts/lnd.export.sh +++ b/home.admin/config.scripts/lnd.export.sh @@ -154,10 +154,10 @@ elif [ "${exportType}" = "sftp" ]; then echo "The password needed during download is your Password A." echo "" echo "Macaroons:" - echo "sftp bitcoin@${local_ip}:/home/bitcoin/.lnd/data/chain/${network}/${chain}net/\*.macaroon ./" + echo "scp bitcoin@${local_ip}:/home/bitcoin/.lnd/data/chain/${network}/${chain}net/\*.macaroon ./" echo "" echo "TLS Certificate:" - echo "sftp bitcoin@${local_ip}:/home/bitcoin/.lnd/tls.cert ./" + echo "scp bitcoin@${local_ip}:/home/bitcoin/.lnd/tls.cert ./" echo "" ########################### diff --git a/home.admin/config.scripts/lnd.install.sh b/home.admin/config.scripts/lnd.install.sh index 378f985a9..c6e946f99 100644 --- a/home.admin/config.scripts/lnd.install.sh +++ b/home.admin/config.scripts/lnd.install.sh @@ -4,17 +4,17 @@ ## based on https://raspibolt.github.io/raspibolt/raspibolt_40_lnd.html#lightning-lnd ## see LND releases: https://github.com/lightningnetwork/lnd/releases ### If you change here - make sure to also change interims version in lnd.update.sh #! -lndVersion="0.15.5-beta" +lndVersion="0.16.0-beta" # olaoluwa -PGPauthor="roasbeef" -PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc" -PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696" +#PGPauthor="roasbeef" +#PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc" +#PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696" # guggero -#PGPauthor="guggero" -#PGPpkeys="https://keybase.io/guggero/pgp_keys.asc" -#PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720" +PGPauthor="guggero" +PGPpkeys="https://keybase.io/guggero/pgp_keys.asc" +PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720" # bitconner #PGPauthor="bitconner" diff --git a/home.admin/config.scripts/lndlibs/README.md b/home.admin/config.scripts/lndlibs/README.md index 94b003d8a..ee11f32d2 100644 --- a/home.admin/config.scripts/lndlibs/README.md +++ b/home.admin/config.scripts/lndlibs/README.md @@ -21,7 +21,7 @@ cp ./*.proto ./protobuffs Now copy the generated RPC libs per SFTP over to your Laptop and add them to the `/home/admin/config.scripts/lndlibs`. -sftp -r admin@192.168.X.X:/home/admin/protobuffs ./protobuffs +scp -r admin@192.168.X.X:/home/admin/protobuffs ./protobuffs Make sure the first lines (ignore comments) of the `lightning_pb2_grpc.py` look like the following for python3 compatibility: ``` diff --git a/home.admin/setup.scripts/dialogMigration.sh b/home.admin/setup.scripts/dialogMigration.sh index 2e7f183da..15bdbb1b3 100755 --- a/home.admin/setup.scripts/dialogMigration.sh +++ b/home.admin/setup.scripts/dialogMigration.sh @@ -55,7 +55,7 @@ if [ "${migrationOS}" == "raspiblitz" ]; then echo "ON YOUR LAPTOP open a new terminal and change into" echo "the directory where your migration file is and" echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:" - echo "sftp -r ./raspiblitz-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/" + echo "scp -r ./raspiblitz-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/" echo "" echo "Use password 'raspiblitz' to authenticate file transfer." echo "PRESS ENTER when upload is done."