mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2025-02-28 16:58:03 +01:00
Code Issues Projects Releases Packages Wiki Activity

v1.9.0rc3 Merge (#3742)

Browse source 
* cln: use default normal feerate to withdraw all

* Bugfix: bad subsititution (#3668)

Fix for error:

/home/admin/config.scripts/bonus.go.sh: line 31: ${goOSversion{}: bad substitution

* whiptail one line

* fix syntax

* lnproxy: fix api access through nginx (#3671)

* lnproxy: fix api access through nginx
* fix tor config and fit the menu
* add to the menu and provision

* merge #3682

* cln update to v23.02, backup-plugin update, add poetry (#3684)

* cln backup-plugin update, add poetry
* fix mkdir error, remove commented code, fmt #3677
* poetry and path fixes
* add terminal feedback, format #3676
* detect the full name of the plugin
* install pyln-client tqdm with pip
* git-verify: add --keyid-format LONG
to recognise if the signing key is not the main key
* cln update to v23.02
* cln-grpc: add protobuf-compiler dep
* rtl update to v0.13.6 and formatting
* C-lightningREST update to v0.10.1

* CLN FAQ update (#3666)

* improve the detection of existing cln aliases
* add the emergencyrecover instructions to  CLN FAQ
* update help entries

* Update Tallycoin to version 1.8.0 (#3693)

* add tallycoin update info to CHANGES

* Fix typo in README.md (#3699)

excepted -> accepted

* #3694 add LCD info

* #3664 att timeout 30s to ln monitor calls (#3665)

* fix setting LND_REST_ENDPOINT (#3689)

* btcpay update v1.8.2, postgres database fix (#3697)

* btcpay update v1.8.0, postgres database fix

* btcpayserver update to v1.8.2

* update lnbits to 0.10.2 and use poetry instead of venv (#3703)

* fix apt update Key error for influx repo (#3711)

Co-authored-by: Patrick Scheich <patrick.scheich@syscovery.de>

* fix missing timeout value for nc cmnd (#3712)

Co-authored-by: Patrick Scheich <patrick.scheich@syscovery.de>

* #3706 Update CLN v23.02.2 (#3716)

* used patched/rolledback 23.02.2 release
* check rusty sig
* fix typo
* fix default lightning setting

* #3683 Update LIT to 0.8.6 (#3717)

* update LIT to 0.8.6
* activate lnd rpcmiddleware
* CHANGES.md

* #3667 change all up/download from sftp tp scp (#3718)

* #3722 add no hostkeys available detection (#3723)

* #1186 FinTS/HBCI interface (#3704)

* #1186 FinTS install script first draft

* only start app when blitz is ready

* improve menu

* improve dit lnbits config

* preserve edit

* improve edit

* improve edit

* fix insertion

* dont use fingerprint

* now use main repo

* add port

* show local ip

* fix typo

* show port SSL

* Update bonus.lndg.sh (#3725)

* Update bonus.lndg.sh

Changes version to v1.6.0.
Fixes update menu bug.
Cleans up code a bit (removes tabs and changes to spaces to match raspiblitz formats).

* Update bonus.lndg.sh

Cleaned up code, added requirements.txt install to updates (needed for this update, may be needed in future).

* #3725 update lndg version in CHANGES

* #3692 update lnd to v0.16.0-beta (#3732)

* update SD CARD base image info

* Clenaup CHANGES info

* RTL install fix (#3739)

* c-lightning-REST update to 0.10.2, fmt
* rtl: npm insatll with --legacy-peer-deps
* purge c-lightning-REST as well with RTL

* jam update to v0.1.5 (#3736)

* 3733 CLN GRPC > JRPC (#3741)

* change exit code

* change to cln_jrpc

* deactivate the cln_grpc settings

* set v1.9.0rc3 version

---------

Co-authored-by: openoms <oms@tuta.io>
Co-authored-by: Metallicc <72348+metallicc@users.noreply.github.com>
Co-authored-by: openoms <43343391+openoms@users.noreply.github.com>
Co-authored-by: DJ Booth <djbooth007@gmail.com>
Co-authored-by: Yuck Fou <115867254+YuckFouBTC@users.noreply.github.com>
Co-authored-by: dni  <office@dnilabs.com>
Co-authored-by: PatrickScheich <50054697+PatrickScheich@users.noreply.github.com>
Co-authored-by: Patrick Scheich <patrick.scheich@syscovery.de>
Co-authored-by: allyourbankarebelongtous <100060902+allyourbankarebelongtous@users.noreply.github.com>
This commit is contained in:
/rootzoll 2023-04-08 23:10:01 +02:00 committed by GitHub
parent 3f7f6b7ced
commit 1a0c4fe09a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
49 changed files with 1147 additions and 551 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
CHANGES.md
View file

@ -1,26 +1,26 @@
# CHANGES between Releases
## What's new in Version 1.9.0 of RaspiBlitz?
- New: Automated disk image build for amd64 (VM, laptop, desktop, server) and arm64-rpi (Raspberry Pi) [details](https://github.com/rootzoll/raspiblitz/tree/dev/ci/README.md)
- New: Fatpack & Minimal sd card builds [details](SECURITY.md#minimal-sd-card-build)
- New: I2P support for Bitcoin Core (i2pacceptincoming=1) [details](https://github.com/rootzoll/raspiblitz/issues/2413)
- New: CLN Watchtower (The Eye of Satoshi) [details](https://github.com/talaia-labs/rust-teos/tree/master/watchtower-plugin)
- New: LNDg v1.4.0 [details](https://github.com/cryptosharks131/lndg)
- New: LNDg v1.6.0 [details](https://github.com/cryptosharks131/lndg)
- New: Support of X708 UPS HAT [details](https://github.com/rootzoll/raspiblitz/pull/3087)
- New: BOS Telegram Bot Support (see OPTIONS on LND Balance of Satoshis menu entry)
- New: LightningTipBot v0.5 [details](https://github.com/LightningTipBot/LightningTipBot)
- New: CLI shortcut for ↬lnproxy [details](https://github.com/rootzoll/raspiblitz/pull/3333)
- New on WebUI: Jam (JoinMarket Web UI) v0.1.4 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.4)
- New: Homebanking Interface FinTS/HBCI (experimental) [details](https://github.com/rootzoll/raspiblitz/issues/1186)
- New on WebUI: Jam (JoinMarket Web UI) v0.1.5 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.5)
- Update: Bitcoin Core v24.0.1 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.0.1.md)
- Update: LND v0.15.5 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.5-beta)
- Update: Core Lightning v22.11.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v22.11.1)
- Update: LND v0.16.0-beta [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.16.0-beta)
- Update: Core Lightning v23.02 [details](https://github.com/ElementsProject/lightning/releases/tag/v23.02)
- Update: C-lightningREST v0.10.2 [details](https://github.com/Ride-The-Lightning/c-lightning-REST/releases/tag/v0.10.2)
- Update: Electrum Server in Rust (electrs) v0.9.11 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0911-jan-5-2023)
- Update: Lightning Terminal v0.8.4-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.8.4-alpha)
- Update: RTL v0.13.0 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.12.3)
- Update: Lightning Terminal v0.8.6-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.8.6-alpha)
- Update: RTL v0.13.6 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.13.6)
- Update: Thunderhub v0.13.16 with balance sharing disabled [details](https://github.com/apotdevin/thunderhub/releases/tag/v0.13.16)
- Update: LNbits 0.9.6 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.6)
- Update: BTCPayServer 1.7.5 (using postgres for new installs) [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5)
- Update: LNbits 0.10.2 [details](https://github.com/lnbits/lnbits/releases/tag/0.10.2)
- Update: BTCPayServer 1.8.2 (using postgres for new installs) [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.8.2)
- Update: ItchySats 0.7.0 [details](https://github.com/itchysats/itchysats/releases/tag/0.7.0)
- Update: Channel Tools (chantools) v0.10.5 [details](https://github.com/guggero/chantools/releases/tag/v0.10.5)
- Update: JoinMarket v0.9.9 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.9)
@ -29,7 +29,7 @@
- Update: lndmanage 0.14.2 [details](https://github.com/bitromortac/lndmanage)
- Update: Circuitbreaker with webUI [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md)
- Update: Suez - Channel Visualization for LND & CL [details](https://github.com/prusnak/suez)
- Update: Tallycoin Connect v1.7.5 [details](https://github.com/djbooth007/tallycoin_connect/releases/tag/v1.7.5)
- Update: Tallycoin Connect v1.8.0 [details](https://github.com/djbooth007/tallycoin_connect/releases/tag/v1.8.0)
- Fixed: SCB/Emergency-Backup to USB drive (now also with CLN emergency.recover file)
- Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox)
- Info: IP2Tor fix fulmo shop & added new ip2tor.com shop

153
FAQ.cl.md
View file

@ -34,18 +34,19 @@
- [Backups](#backups)
- [Backup strategy](#backup-strategy)
- [Seed](#seed)
- [How to display the hsm_secret in a human-readable format?](#how-to-display-the-hsm_secret-in-a-human-readable-format)
- [How to display the hsm\_secret in a human-readable format?](#how-to-display-the-hsm_secret-in-a-human-readable-format)
- [How to test the seedwords?](#how-to-test-the-seedwords)
- [How to restore the hsm_secret from text?](#how-to-restore-the-hsm_secret-from-text)
- [How to restore the hsm\_secret from text?](#how-to-restore-the-hsm_secret-from-text)
- [Channel database](#channel-database)
- [Recovery](#recovery)
- [Recover from a cl-rescue file](#recover-from-a-cl-rescue-file)
- [Recover from a seed](#recover-from-a-seed)
- [Emergency recovery in case of lost channel states](#emergency-recovery-in-case-of-lost-channel-states)
- [Restore a CLN node from the database backup on the SDcard](#restore-a-cln-node-from-the-database-backup-on-the-sdcard)
- [Rescan the chain after restoring a used CLN wallet](#rescan-the-chain-after-restoring-a-used-cln-wallet)
- [Guesstoremote to recover funds from force-closed channels](#guesstoremote-to-recover-funds-from-force-closed-channels)
- [sqlite3 queries](#sqlite3-queries)
- [Extract the private and public key from the hsm_secret file](#extract-the-private-and-public-key-from-the-hsm_secret-file)
- [Extract the private and public key from the hsm\_secret file](#extract-the-private-and-public-key-from-the-hsm_secret-file)
- [Update](#update)
- [Update to a new CLN release](#update-to-a-new-cln-release)
- [Experimental update to the latest master](#experimental-update-to-the-latest-master)
@ -457,7 +458,7 @@ Will need to pay through a peer which supports the onion messages which means yo
```
## Backups
*<> https://lightning.readthedocs.io/FAQ.html#how-to-backup-my-wallet>
* <https://lightning.readthedocs.io/FAQ.html#how-to-backup-my-wallet>>
* General details: <https://lightning.readthedocs.io/BACKUP.html>
### Backup strategy
@ -479,7 +480,7 @@ Will need to pay through a peer which supports the onion messages which means yo
* If there is no such file and you have not funded the CLN wallet yet can reset the wallet and the next wallet will be created with a seed.
### How to display the hsm_secret in a human-readable format?
* If there is no seed available it is best to save the hsm_secret as a file with `sftp` or note down the alphanumeric characters in the two line displayed with:
* If there is no seed available it is best to save the hsm_secret as a file with `scp` or note down the alphanumeric characters in the two line displayed with:
```
sudo xxd /home/bitcoin/.lightning/bitcoin/hsm_secret
```
@ -519,20 +520,98 @@ Will need to pay through a peer which supports the onion messages which means yo
### Channel database
* Stored on the disk and synchronised to the SDcard with the help of the `backup` plugin.
### Recovery
## Recovery
* https://lightning.readthedocs.io/FAQ.html#database-corruption-channel-state-lost
* https://lightning.readthedocs.io/FAQ.html#loss
#### Recover from a cl-rescue file
### Recover from a cl-rescue file
* use the `REPAIR-CL` - `FILERESTORE` option in the menu for instructions to upload
#### Recover from a seed
### Recover from a seed
* use the `REPAIR-CL` - `SEEDRESTORE` option in the menu for instructions to paste the seedwords to restore
* or use the manual commands
```
# stop CLN
sudo systemctl stop lightningd
#### Restore a CLN node from the database backup on the SDcard
# change to the bitcoin user
sudo su - bitcoin
# generate the hsm_secret in temporary directory from your CLN seed words (follow the instructions)
lightning-hsmtool generatehsm /dev/shm/hsm_secret
# backup your old hsm_secret and channel database
mkdir /home/bitcoin/.lightning/bitcoin/old_node
mv /home/bitcoin/.lightning/bitcoin/** /home/bitcoin/.lightning/bitcoin/old_node/
# move the new hsm_secret in place
mv /dev/shm/hsm_secret /home/bitcoin/.lightning/bitcoin/
# back to admin
exit
# start lightningd
sudo systemctl start lightningd
# show the logs
cllog
```
### Emergency recovery in case of lost channel states
* blogpost: <https://blog.blockstream.com/core-lightning-v0-12-0/>
* demo video: https://youtu.be/zBmEieZuS8Q
* manpage: <https://lightning.readthedocs.io/lightning-emergencyrecover.7.html>
```
lightning-cli help emergencyrecover
```
1. [Restore the hsm_secret (onchain wallet keys) from seed](#recover-from-a-seed) (or hex).
* There is no need to wait for the (few hours) rescan to finish, but can follow it any time with:
```
cllog
```
1. Upload and copy the emergency.recover file in place
* upload the file with scp:
```
scp hsm_secret emergency.recover admin@RASPIBLITZ_IP:~/
```
* copy it from `/home/admin/`:
```
sudo cp /home/admin/emergency.recover /home/bitcoin/.lightning/bitcoin/
sudo chown bitcoin:bitcoin /home/bitcoin/.lightning/bitcoin/emergency.recover
```
1. Recover
* run (as admin or bitcoin user):
```
lightning-cli emergencyrecover
```
* a list of channelID-s should be returned if it worked:
```
{
"stubs": [
"................",
]
}
```
1. See more data about the recovered funds and channels
```
lightning-cli listfunds
lightning-cli listpeers
```
* List the funding txid-s:
```
lightning-cli listfunds | jq -r '.channels[] | .funding_txid'
```
Can check the txid-s in a mempool explorer. If one is spent that channel is already closed.
### Restore a CLN node from the database backup on the SDcard
* https://gist.github.com/openoms/3516cd8f393d69d52f858c3d47c9e469
#### Rescan the chain after restoring a used CLN wallet
### Rescan the chain after restoring a used CLN wallet
* automatically done when using `SEEDRESTORE`
* controlled by the entry in the cln config file
* can use the `menu` -> `REPAIR` -> `REPAIR-CL` -> `RESCAN` option
* or follow the manual process:
<https://lightning.readthedocs.io/FAQ.html#rescanning-the-block-chain-for-lost-utxos>
@ -554,7 +633,7 @@ Will need to pay through a peer which supports the onion messages which means yo
cllog
```
#### Guesstoremote to recover funds from force-closed channels
### Guesstoremote to recover funds from force-closed channels
* <https://lightning.readthedocs.io/lightning-hsmtool.8.html>
```
$ man lightning-hsmtool
@ -726,7 +805,7 @@ Will need to pay through a peer which supports the onion messages which means yo
+ ./cl.install.sh -h
Core Lightning install script
The default version is: v0.11.2
The default version is: v22.11.1
mainnet / testnet / signet instances can run parallel
Usage:
@ -811,10 +890,18 @@ Will need to pay through a peer which supports the onion messages which means yo
Usage:
cl-plugin.summary.sh [testnet|mainnet|signet] [runonce]
+ ./cl-plugin.watchtower-client.sh -h
Install the rust-teos watchtower-client plugin for CLN
Usage:
cl-plugin.watchtower-client.sh on <testnet|mainnet|signet>
cl-plugin.watchtower-client.sh off <testnet|mainnet|signet> <purge>
cl-plugin.watchtower-client.sh info
+ ./cl.rest.sh -h
Core Lightning-REST install script
The default version is: v0.7.2
Core-Lightning-REST install script
The default version is: v0.9.0
mainnet | testnet | signet instances can run parallel
Usage:
@ -869,9 +956,10 @@ Will need to pay through a peer which supports the onion messages which means yo
--wallet <arg> Location of the wallet database.
--large-channels|--wumbo Allow channels larger than 0.16777215 BTC
--experimental-dual-fund experimental: Advertise dual-funding and allow peers to establish channels via v2 channel open protocol.
--experimental-onion-messages EXPERIMENTAL: enable send, receive and relay of onion messages
--experimental-onion-messages EXPERIMENTAL: enable send, receive and relay of onion messages and blinded payments
--experimental-offers EXPERIMENTAL: enable send and receive of offers (also sets experimental-onion-messages)
--experimental-shutdown-wrong-funding EXPERIMENTAL: allow shutdown with alternate txids
--announce-addr-dns <arg> Use DNS entries in --announce-addr and --addr (not widely supported!) (default: false)
--help|-h Print this message.
--rgb <arg> RRGGBB hex color for node
--alias <arg> Up to 32-byte alias for node
@ -897,25 +985,36 @@ Will need to pay through a peer which supports the onion messages which means yo
--disable-ip-discovery Turn off announcement of discovered public IPs
--offline Start in offline-mode (do not automatically reconnect and do not accept incoming connections)
--autolisten <arg> If true, listen on default port and announce if it seems to be a public interface (default: true)
--dev-allowdustreserve <arg> If true, we allow the `fundchannel` RPC command and the `openchannel` plugin hook to set a reserve that is below the dust limit.
(default: false)
--proxy <arg> Set a socks v5 proxy IP address and port
--tor-service-password <arg> Set a Tor hidden service password
--experimental-accept-extra-tlv-types <arg> Comma separated list of extra TLV types to accept.
--accept-htlc-tlv-types <arg> Comma separated list of extra HTLC TLV types to accept.
--disable-dns Disable DNS lookups of peers
--encrypted-hsm Set the password to encrypt hsm_secret with. If no password is passed through command line, you will be prompted to enter it.
--rpc-file-mode <arg> Set the file mode (permissions) for the JSON-RPC socket (default: "0600")
--force-feerates <arg> Set testnet/regtest feerates in sats perkw, opening/mutual_close/unlateral_close/delayed_to_us/htlc_resolution/penalty: if fewer specified, last number applies to remainder
--subdaemon <arg> Arg specified as SUBDAEMON:PATH. Specifies an alternate subdaemon binary. If the supplied path is relative the subdaemon binary is found in the working directory. This option may be
specified multiple times. For example, --subdaemon=hsmd:remote_signer would use a hypothetical remote signing subdaemon.
--force-feerates <arg> Set testnet/regtest feerates in sats perkw, opening/mutual_close/unlateral_close/delayed_to_us/htlc_resolution/penalty: if fewer
specified, last number applies to remainder
--subdaemon <arg> Arg specified as SUBDAEMON:PATH. Specifies an alternate subdaemon binary. If the supplied path is relative the subdaemon binary is
found in the working directory. This option may be specified multiple times. For example, --subdaemon=hsmd:remote_signer would use
a hypothetical remote signing subdaemon.
--experimental-websocket-port <arg> experimental: alternate port for peers to connect using WebSockets (RFC6455)
--database-upgrade <arg> Set to true to allow database upgrades even on non-final releases (WARNING: you won't be able to downgrade!)
--log-level <arg> log level (io, debug, info, unusual, broken) [:prefix] (default: info)
--log-timestamps <arg> prefix log messages with timestamp (default: true)
--log-prefix <arg> log prefix (default: lightningd)
--log-file=<file> log to file instead of stdout
--log-prefix <arg> log prefix (default: )
--log-file=<file> Also log to file (- for stdout)
--version|-V Print version and exit
--fetchinvoice-noconnect Don't try to connect directly to fetch an invoice.
--autocleaninvoice-cycle <arg> Perform cleanup of expired invoices every given seconds, or do not autoclean if 0
--autocleaninvoice-expired-by <arg> If expired invoice autoclean enabled, invoices that have expired for at least this given seconds are cleaned
--fetchinvoice-noconnect Don't try to connect directly to fetch an invoice.
--disable-mpp Disable multi-part payments.
--autoclean-cycle <arg> Perform cleanup every given seconds
--autoclean-succeededforwards-age <arg> How old do successful forwards have to be before deletion (0 = never)
--autoclean-failedforwards-age <arg> How old do failed forwards have to be before deletion (0 = never)
--autoclean-succeededpays-age <arg> How old do successful pays have to be before deletion (0 = never)
--autoclean-failedpays-age <arg> How old do failed pays have to be before deletion (0 = never)
--autoclean-paidinvoices-age <arg> How old do paid invoices have to be before deletion (0 = never)
--autoclean-expiredinvoices-age <arg> How old do expired invoices have to be before deletion (0 = never)
--bitcoin-datadir <arg> -datadir arg for bitcoin-cli
--bitcoin-cli <arg> bitcoin-cli pathname
--bitcoin-rpcuser <arg> bitcoind RPC username
@ -924,6 +1023,7 @@ Will need to pay through a peer which supports the onion messages which means yo
--bitcoin-rpcport <arg> bitcoind RPC host's port
--bitcoin-retry-timeout <arg> how long to keep retrying to contact bitcoind before fatally exiting
--commit-fee <arg> Percentage of fee to request for their commitment
--disable-mpp Disable multi-part payments.
--funder-policy <arg> Policy to use for dual-funding requests. [match, available, fixed]
--funder-policy-mod <arg> Percent to apply policy at (match/available); or amount to fund (fixed)
--funder-min-their-funding <arg> Minimum funding peer must open with to activate our policy
@ -939,5 +1039,8 @@ Will need to pay through a peer which supports the onion messages which means yo
--lease-fee-basis <arg> Channel lease rates, basis charged for leased funds (per 10,000 satoshi.)
--lease-funding-weight <arg> Channel lease rates, weight we'll ask opening peer to pay for in funding transaction
--channel-fee-max-base-msat <arg> Channel lease rates, maximum channel fee base we'll charge for funds routed through a leased channel.
--channel-fee-max-proportional-thousandths <arg> Channel lease rates, maximum proportional fee (in thousandths, or ppt) we'll charge for funds routed through a leased channel. Note: 1ppt = 1,000ppm
--channel-fee-max-proportional-thousandths <arg> Channel lease rates, maximum proportional fee (in thousandths, or ppt) we'll charge for funds routed through a leased channel.
Note: 1ppt = 1,000ppm
--bookkeeper-dir <arg> Location for bookkeeper records.
--bookkeeper-db <arg> Location of the bookkeeper database
```

4
README.md
View file

@ -135,6 +135,8 @@ _If the above mentioned LCD screen is sold out you can also use these different
- kuman 3.5 Inch Touch Screen TFT Monitor
- Waveshare 3.5inch Display for Raspberry Pi
With all LCD screen models dont use the ones that have an HDMI port/connector - what you need is a 3.5 inch LCD screen model (resolution of 480×320) that connects only thru the GPIO ports (SPI) and has an XPT2046 touch controller.
_You can even pay for your RaspiBlitz Amazon Shopping with Bitcoin & Lightning through [Bitrefill](https://blog.bitrefill.com/its-here-buy-amazon-vouchers-with-bitcoin-on-bitrefill-bb2a4449724a)._
[What other case options do I have?](FAQ.md#what-other-case-options-do-i-have)
@ -1034,7 +1036,7 @@ To try out the IP2TOR tunnel choose in `MAINMENU` the extra menu point of the Se
If you want a web service, like BTCPay Server or LNbits, to be available to the outside internet (like with IP2TOR) people expect you to offer an HTTPS address so that the communication between the client and your RaspiBlitz is encrypted.
You could use the self-signed HTTPS certificate that RaspiBlitz is offering you, but this will give users Security Warnings in their browser and is not very user friendly.
That's where you can use a LetsEncrypt Subscription to get a free valid HTTPS certificate that is excepted without warning from almost all common browsers
That's where you can use a LetsEncrypt Subscription to get a free valid HTTPS certificate that is accepted without warning from almost all common browsers
Because you also need a domain name for that you will need to open a free account, the following are presently supported, would be good to add more with the help of the community:
[DuckDNS.org](https://www.duckdns.org)

4
build_sdcard.sh
View file

@ -2,8 +2,8 @@
#########################################################################
# Build your SD card image based on: 2022-04-04-raspios-bullseye-arm64.img.xz
# https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2022-09-26/
# SHA256: c42856ffca096480180b5aff66e1dad2f727fdc33359b24e0d2d49cc7676b576
# https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2023-02-21/
# SHA256: 4c963bcd53b9a77fa8235e2dc16785cc7d56372ec83c3090eac9073bd262833f
# PGP fingerprint: 8738CD6B956F460C
# PGP key: https://www.raspberrypi.org/raspberrypi_downloads.gpg.key
# setup fresh SD card with image above - login per SSH and run this script:

12
home.admin/00mainMenu.sh
View file

@ -132,6 +132,9 @@ fi
if [ "${bos}" == "on" ]; then
OPTIONS+=(BOS "Balance of Satoshis")
fi
if [ "${lnproxy}" == "on" ]; then
OPTIONS+=(LNPROXY "lnproxy server")
fi
if [ "${pyblock}" == "on" ]; then
OPTIONS+=(PYBLOCK "PyBlock")
fi
@ -172,6 +175,9 @@ fi
if [ "${lightningtipbot}" == "on" ]; then
OPTIONS+=(LIGHTNINGTIPBOT "Show LightningTipBot details")
fi
if [ "${fints}" == "on" ]; then
OPTIONS+=(FINTS "Show FinTS/HBCI details")
fi
# dont offer to switch to "testnet view for now" - so no wswitch back to mainnet needed
#if [ ${chain} != "main" ]; then
@ -307,6 +313,9 @@ case $CHOICE in
;;
BOS)
sudo /home/admin/config.scripts/bonus.bos.sh menu
;;
LNPROXY)
sudo /home/admin/config.scripts/bonus.lnproxy.sh menu
;;
PYBLOCK)
sudo /home/admin/config.scripts/bonus.pyblock.sh menu
@ -341,6 +350,9 @@ case $CHOICE in
CIRCUITBREAKER)
sudo /home/admin/config.scripts/bonus.circuitbreaker.sh menu
;;
FINTS)
sudo /home/admin/config.scripts/bonus.fints.sh menu
;;
TESTNETS)
/home/admin/00parallelChainsMenu.sh
;;

1
home.admin/00settingsMenuBasics.sh
View file

@ -441,6 +441,7 @@ if [ "${clNode}" != "${choice}" ]; then
fi
# make sure that cln-grpc is on for the WebAPI
echo "# install the cln-grpc plugin"
/home/admin/config.scripts/cl-plugin.cln-grpc.sh install
/home/admin/config.scripts/cl-plugin.cln-grpc.sh on

30
home.admin/00settingsMenuServices.sh
View file

@ -19,6 +19,7 @@ if [ ${#jam} -eq 0 ]; then jam="off"; fi
if [ ${#LNBits} -eq 0 ]; then LNBits="off"; fi
if [ ${#mempoolExplorer} -eq 0 ]; then mempoolExplorer="off"; fi
if [ ${#bos} -eq 0 ]; then bos="off"; fi
if [ ${#lnproxy} -eq 0 ]; then lnproxy="off"; fi
if [ ${#pyblock} -eq 0 ]; then pyblock="off"; fi
if [ ${#thunderhub} -eq 0 ]; then thunderhub="off"; fi
if [ ${#sphinxrelay} -eq 0 ]; then sphinxrelay="off"; fi
@ -35,6 +36,7 @@ if [ ${#bitcoinminds} -eq 0 ]; then bitcoinminds="off"; fi
if [ ${#squeaknode} -eq 0 ]; then squeaknode="off"; fi
if [ ${#itchysats} -eq 0 ]; then itchysats="off"; fi
if [ ${#lightningtipbot} -eq 0 ]; then lightningtipbot="off"; fi
if [ ${#fints} -eq 0 ]; then fints="off"; fi
# show select dialog
echo "run dialog ..."
@ -68,6 +70,7 @@ if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then
OPTIONS+=(la 'LND LIT (loop, pool, faraday)' ${lit})
OPTIONS+=(gb 'LND LNDg (auto-rebalance, auto-fees)' ${lndg})
OPTIONS+=(oa 'LND Balance of Satoshis' ${bos})
OPTIONS+=(lp 'LND lnproxy server' ${lnproxy})
OPTIONS+=(ya 'LND PyBLOCK' ${pyblock})
OPTIONS+=(ha 'LND ChannelTools (Fund Rescue)' ${chantools})
OPTIONS+=(xa 'LND Sphinx-Relay' ${sphinxrelay})
@ -84,6 +87,7 @@ if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then
fi
OPTIONS+=(ma 'Homer Dashboard' ${homer})
OPTIONS+=(fn 'FinTS/HBCI Interface (experimental)' ${fints})
CHOICES=$(dialog --title ' Additional Mainnet Services ' \
--checklist ' use spacebar to activate/de-activate ' \
@ -339,6 +343,21 @@ else
echo "Balance of Satoshis setting unchanged."
fi
# lnproxy process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "lp")
if [ ${check} -eq 1 ]; then choice="on"; fi
if [ "${lnproxy}" != "${choice}" ]; then
echo "lnproxy setting changed .."
anychange=1
sudo -u admin /home/admin/config.scripts/bonus.lnproxy.sh ${choice}
source /mnt/hdd/raspiblitz.conf
if [ "${lnproxy}" = "on" ]; then
sudo -u admin /home/admin/config.scripts/bonus.lnproxy.sh menu
fi
else
echo "lnproxy setting unchanged."
fi
# PyBLOCK process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "ya")
if [ ${check} -eq 1 ]; then choice="on"; fi
@ -717,6 +736,17 @@ else
echo "ItchySats setting unchanged."
fi
# fints process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "fn")
if [ ${check} -eq 1 ]; then choice="on"; fi
if [ "${fints}" != "${choice}" ]; then
echo "fints setting changed .."
anychange=1
sudo -u admin /home/admin/config.scripts/bonus.fints.sh ${choice}
else
echo "fints setting unchanged."
fi
if [ ${anychange} -eq 0 ]; then
dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58
exit 0

2
home.admin/99clMenu.sh
View file

@ -94,7 +94,7 @@ case $CHOICE in
fi
cd /home/bitcoin/suez || exit 1
echo
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF}
sudo -u bitcoin poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF}
echo
echo "Press ENTER to return to main menu."
read key

2
home.admin/99lndMenu.sh
View file

@ -118,7 +118,7 @@ case $CHOICE in
/home/admin/config.scripts/bonus.suez.sh on
fi
cd /home/bitcoin/suez || exit 1
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \
sudo -u bitcoin poetry run ./suez \
--client-args=-n=${CHAIN} \
--client-args=--rpcserver=localhost:1${L2rpcportmod}009
echo

2
home.admin/BBcashoutWallet.sh
View file

@ -97,7 +97,7 @@ echo "******************************"
# execute command
if [ ${LNTYPE} = "cl" ];then
# withdraw destination satoshi [feerate] [minconf] [utxos]
command="$lightningcli_alias withdraw ${address} all slow"
command="$lightningcli_alias withdraw ${address} all"
elif [ ${LNTYPE} = "lnd" ];then
command="$lncli_alias sendcoins --sweepall --addr=${address} --conf_target=36"
fi

16
home.admin/_background.scan.sh
View file

@ -565,7 +565,7 @@ do
fi
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_QUICK} ]; then
echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net status"
source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net status)
source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net status)
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_activated "1"
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_locked "${ln_lnd_locked}"
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_version "${ln_lnd_version}"
@ -595,7 +595,7 @@ do
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_LONG} ]; then
error=""
echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net config"
source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net config)
source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net config)
if [ "${error}" == "" ]; then
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_alias "${ln_lnd_alias}"
if [ "${isDefaultLightning}" == "1" ] && [ "${isDefaultChain}" == "1" ]; then
@ -638,7 +638,7 @@ do
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_MID} ]; then
error=""
echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net info"
source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net info)
source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net info)
if [ "${error}" == "" ]; then
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_address "${ln_lnd_address}"
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_tor "${ln_lnd_tor}"
@ -688,7 +688,7 @@ do
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_QUICK} ]; then
error=""
echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net wallet"
source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net wallet)
source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net wallet)
if [ "${error}" == "" ]; then
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_wallet_onchain_balance "${ln_lnd_wallet_onchain_balance}"
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_wallet_onchain_pending "${ln_lnd_wallet_onchain_pending}"
@ -720,7 +720,7 @@ do
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_LONG} ]; then
error=""
echo "updating: /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net fees"
source <(/home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net fees)
source <(timeout 30s /home/admin/config.scripts/lnd.monitor.sh ${CHAIN}net fees)
if [ "${error}" == "" ]; then
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_fees_daily "${ln_lnd_fees_daily}"
/home/admin/_cache.sh set ln_lnd_${CHAIN}net_fees_weekly "${ln_lnd_fees_weekly}"
@ -795,7 +795,7 @@ do
fi
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_QUICK} ]; then
echo "updating: /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net status"
source <(/home/admin/config.scripts/cl.monitor.sh ${CHAIN}net status)
source <(timeout 30s /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net status)
/home/admin/_cache.sh set ln_cl_${CHAIN}net_activated "1"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_version "${ln_cl_version}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_running "${ln_cl_running}"
@ -850,7 +850,7 @@ do
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_MID} ]; then
error=""
echo "updating: /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net info"
source <(/home/admin/config.scripts/cl.monitor.sh ${CHAIN}net info)
source <(timeout 30s /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net info)
if [ "${error}" == "" ]; then
/home/admin/_cache.sh set ln_cl_${CHAIN}net_alias "${ln_cl_alias}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_address "${ln_cl_address}"
@ -904,7 +904,7 @@ do
if [ "${stillvalid}" == "0" ] || [ ${age} -gt ${CYCLE_MID} ]; then
error=""
echo "updating: /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net wallet"
source <(/home/admin/config.scripts/cl.monitor.sh ${CHAIN}net wallet)
source <(timeout 30s /home/admin/config.scripts/cl.monitor.sh ${CHAIN}net wallet)
if [ "${error}" == "" ]; then
/home/admin/_cache.sh set ln_cl_${CHAIN}net_wallet_onchain_balance "${ln_cl_wallet_onchain_balance}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_wallet_onchain_pending "${ln_cl_wallet_onchain_pending}"

4
home.admin/_commands.sh
View file

@ -570,10 +570,10 @@ function suez() {
clear
echo "# Showing the channels of ${lightning} ${chain}net - consider reducing the font size (press CTRL- or CMD-)"
if [ ${lightning} = cl ]; then
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \
sudo -u bitcoin poetry run ./suez \
--client=c-lightning --client-args=--conf=${CLCONF}
elif [ ${lightning} = lnd ]; then
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \
sudo -u bitcoin poetry run ./suez \
--client-args=-n=${CHAIN} \
--client-args=--rpcserver=localhost:1${L2rpcportmod}009
fi

18
home.admin/_provision_.sh
View file

@ -643,6 +643,15 @@ else
echo "Provisioning Balance of Satoshis - keep default" >> ${logFile}
fi
# LNPROXY
if [ "${lnproxy}" = "on" ]; then
echo "Provisioning lnproxy - run config script" >> ${logFile}
/home/admin/_cache.sh set message "Setup lnproxy"
sudo -u admin /home/admin/config.scripts/bonus.lnproxy.sh on >> ${logFile} 2>&1
else
echo "Provisioning lnproxy - keep default" >> ${logFile}
fi
# thunderhub
if [ "${thunderhub}" = "on" ]; then
echo "Provisioning ThunderHub - run config script" >> ${logFile}
@ -805,6 +814,15 @@ else
echo "Provisioning LightningTipBot - keep default" >> ${logFile}
fi
# FinTS
if [ "${fints}" = "on" ]; then
echo "Provisioning FinTS - run config script" >> ${logFile}
/home/admin/_cache.sh set message "Setup FinTS"
sudo -u admin /home/admin/config.scripts/bonus.fints.sh on >> ${logFile} 2>&1
else
echo "Provisioning FinTS - keep default" >> ${logFile}
fi
# custom install script from user
customInstallAvailable=$(ls /mnt/hdd/app-data/custom-installs.sh 2>/dev/null | grep -c "custom-installs.sh")
if [ ${customInstallAvailable} -gt 0 ]; then

2
home.admin/_version.info
View file

@ -1,3 +1,3 @@
# RaspiBlitz Version - always [major].[main].[sub] (sub can be a string like '2rc1')
codeVersion="1.9.0rc2"
codeVersion="1.9.0rc3"
# keep last line with comment

2
home.admin/assets/nginx/sites-available/lnproxy_ssl.conf
View file

@ -14,7 +14,7 @@ server {
error_log /var/log/nginx/error_lnproxy.log;
location /api/ {
proxy_pass http://127.0.0.1:4747;
proxy_pass http://127.0.0.1:4747/;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}

2
home.admin/assets/nginx/sites-available/lnproxy_tor.conf
View file

@ -13,7 +13,7 @@ server {
error_log /var/log/nginx/error_lnproxy.log;
location /api/ {
proxy_pass http://127.0.0.1:4747;
proxy_pass http://127.0.0.1:4747/;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}

2
home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf
View file

@ -13,7 +13,7 @@ server {
error_log /var/log/nginx/error_lnproxy.log;
location /api/ {
proxy_pass http://127.0.0.1:4747;
proxy_pass http://127.0.0.1:4747/;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}

11
home.admin/config.scripts/blitz.debug.sh
View file

@ -406,6 +406,17 @@ else
echo "- SPHINX is OFF by config"
fi
if [ "${fints}" == "on" ]; then
echo
echo "*** LAST 20 FINTS LOGS ***"
echo "sudo journalctl -u fints -b --no-pager -n20"
sudo journalctl -u fints -b --no-pager -n20
echo "sudo tail -n 30 /home/fints/log/fuelifints.log"
sudo tail -n 30 /home/fints/log/fuelifints.log
else
echo "- FINTS is OFF by config"
fi
echo
echo "*** MOUNTED DRIVES ***"
echo "df -T -h"

3
home.admin/config.scripts/blitz.git-verify.sh
View file

@ -30,10 +30,9 @@ PGPsigner="$1"
PGPpubkeyLink="$2"
PGPpubkeyFingerprint="$3"
wget -O /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc "${PGPpubkeyLink}"
gpg --import --import-options show-only /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc
fingerprint=$(gpg --show-keys /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc 2>/dev/null | grep "${PGPpubkeyFingerprint}" -c)
fingerprint=$(gpg --show-keys --keyid-format LONG /var/cache/raspiblitz/pgp_keys_${PGPsigner}.asc 2>/dev/null | grep "${PGPpubkeyFingerprint}" -c)
if [ "${fingerprint}" -lt 1 ]; then
echo
echo "# WARNING --> the PGP fingerprint is not as expected for ${PGPsigner}" >&2

18
home.admin/config.scripts/blitz.migration.sh
View file

@ -26,21 +26,21 @@ defaultUploadPath="/mnt/hdd/temp/migration"
# get local ip
source <(/home/admin/config.scripts/internet.sh status local)
# SFTP download and upload links
sftpDownloadUnix="sftp -r 'bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz' ./"
sftpDownloadWin="sftp -r bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz ."
sftpUploadUnix="sftp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}"
sftpUploadWin="sftp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}"
# SCP download and upload links
downloadUnix="scp -r 'bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz' ./"
downloadWin="scp -r bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz ."
uploadUnix="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}"
uploadWin="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}"
# output status data & exit
if [ "$1" = "status" ]; then
echo "# RASPIBLITZ Data Import & Export"
echo "localip=\"${localip}\""
echo "defaultUploadPath=\"${defaultUploadPath}\""
echo "sftpDownloadUnix=\"${sftpDownloadUnix}\""
echo "sftpUploadUnix=\"${sftpUploadUnix}\""
echo "sftpDownloadWin=\"${sftpDownloadWin}\""
echo "sftpUploadWin=\"${sftpUploadWin}\""
echo "downloadUnix=\"${downloadUnix}\""
echo "uploadUnix=\"${uploadUnix}\""
echo "downloadWin=\"${downloadWin}\""
echo "uploadWin=\"${uploadWin}\""
exit 1
fi

42
home.admin/config.scripts/blitz.ssh.sh
View file

@ -32,11 +32,23 @@ fi
###################
if [ "$1" = "renew" ]; then
echo "# *** $0 $1"
sudo systemctl stop sshd
sudo rm /etc/ssh/ssh_host_*
sudo ssh-keygen -A
sudo dpkg-reconfigure openssh-server
sudo systemctl start sshd
# stop sshd
systemctl stop sshd
# remove old keys
rm /etc/ssh/ssh_host_*
# generate new keys
ssh-keygen -A
dpkg-reconfigure openssh-server
# clear journalctl logs
journalctl --rotate
journalctl --vacuum-time=1s
# restart sshd
systemctl start sshd
exit 0
fi
@ -70,23 +82,15 @@ if [ "$1" = "checkrepair" ]; then
countKeyFiles=$(ls -la /etc/ssh/ssh_host_* 2>/dev/null | grep -c "/etc/ssh/ssh_host")
echo "# countKeyFiles(${countKeyFiles})"
if [ ${countKeyFiles} -lt 8 ]; then
echo "# DETECTED: MISSING SSHD KEYFILES --> Generating new ones"
systemctl stop ssh
echo "# ssh-keygen1"
cd /etc/ssh
ssh-keygen -A
systemctl start sshd
sleep 3
countKeyFiles=$(ls -la /etc/ssh/ssh_host_* 2>/dev/null | grep -c "/etc/ssh/ssh_host")
echo "# countKeyFiles(${countKeyFiles})"
if [ ${countKeyFiles} -lt 8 ]; then
echo "# FAIL: Was not able to generate new sshd host keys"
else
echo "# OK: New sshd host keys generated"
/home/admin/config.scripts/blitz.ssh.sh renew
fi
# check logs for "no hostkeys available"
noHostKeys=$(journalctl -u sshd | grep -c "no hostkeys available")
if [ ${noHostKeys} -gt 0 ]; then
echo "# DETECTED: SSHD LOGS 'no hostkeys available' --> Generating new ones"
/home/admin/config.scripts/blitz.ssh.sh renew
fi
# check if SSHD service is NOT running & active

2
home.admin/config.scripts/blitz.upload.sh
View file

@ -2,7 +2,7 @@
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "# use to prepare & check sftp or web file upload to RaspiBlitz"
echo "# use to prepare & check scp or web file upload to RaspiBlitz"
echo "# blitz.upload.sh prepare-upload"
echo "# blitz.upload.sh check-upload ?[scb|lnd-rescue|migration]"
exit 0

27
home.admin/config.scripts/blitz.web.api.sh
View file

@ -95,25 +95,26 @@ if [ "$1" = "update-config" ]; then
elif [ "${lightning}" == "cl" ]; then
echo "# CONFIG Web API Lightning --> CL"
sed -i "s/^ln_node=.*/ln_node=cln_grpc/g" ./.env
sed -i "s/^ln_node=.*/ln_node=cln_jrpc/g" ./.env
sed -i "s/^cln_jrpc_path=.*/cln_jrpc_path="/mnt/hdd/app-data/.lightning/bitcoin/lightning-rpc"/g" ./.env
# make sure cln-grpc is on
sudo /home/admin/config.scripts/cl-plugin.cln-grpc.sh on mainnet
# sudo /home/admin/config.scripts/cl-plugin.cln-grpc.sh on mainnet
# get hex values of pem files
hexClient=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client.pem)
hexClientKey=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client-key.pem)
hexCa=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/ca.pem)
if [ "${hexClient}" == "" ]; then
echo "# FAIL /home/bitcoin/.lightning/bitcoin/*.pem files maybe missing"
fi
# hexClient=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client.pem)
# hexClientKey=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client-key.pem)
# hexCa=$(sudo xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/ca.pem)
# if [ "${hexClient}" == "" ]; then
# echo "# FAIL /home/bitcoin/.lightning/bitcoin/*.pem files maybe missing"
# fi
# update config with hex values
sed -i "s/^cln_grpc_cert=.*/cln_grpc_cert=${hexClient}/g" ./.env
sed -i "s/^cln_grpc_key=.*/cln_grpc_key=${hexClientKey}/g" ./.env
sed -i "s/^cln_grpc_ca=.*/cln_grpc_ca=${hexCa}/g" ./.env
sed -i "s/^cln_grpc_ip=.*/cln_grpc_ip=127.0.0.1/g" ./.env
sed -i "s/^cln_grpc_port=.*/cln_grpc_port=4772/g" ./.env
# sed -i "s/^cln_grpc_cert=.*/cln_grpc_cert=${hexClient}/g" ./.env
# sed -i "s/^cln_grpc_key=.*/cln_grpc_key=${hexClientKey}/g" ./.env
# sed -i "s/^cln_grpc_ca=.*/cln_grpc_ca=${hexCa}/g" ./.env
# sed -i "s/^cln_grpc_ip=.*/cln_grpc_ip=127.0.0.1/g" ./.env
# sed -i "s/^cln_grpc_port=.*/cln_grpc_port=4772/g" ./.env
else
echo "# CONFIG Web API Lightning --> OFF"

10
home.admin/config.scripts/bonus.btcpayserver.sh
View file

@ -3,9 +3,9 @@
# Based on: https://gist.github.com/normandmickey/3f10fc077d15345fb469034e3697d0d0
# https://github.com/dgarage/NBXplorer/tags
NBXplorerVersion="v2.3.59"
NBXplorerVersion="v2.3.62"
# https://github.com/btcpayserver/btcpayserver/releases
BTCPayVersion="v1.7.5"
BTCPayVersion="v1.8.2"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -31,7 +31,7 @@ function NBXplorerConfig() {
echo "# nbxplorermainnet database already exists"
else
echo "# Generate the database for nbxplorer"
sudo -u postgres psql -c "create database nbxplorermainnet;"
sudo -u postgres psql -c "CREATE DATABASE nbxplorermainnet TEMPLATE template0 LC_CTYPE 'C' LC_COLLATE 'C' ENCODING 'UTF8';"
sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';"
sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;"
fi
@ -68,7 +68,7 @@ function BtcPayConfig() {
echo "# btcpaymainnet database already exists"
else
echo "# Generate the database for btcpay"
sudo -u postgres psql -c "create database btcpaymainnet;"
sudo -u postgres psql -c "CREATE DATABASE btcpaymainnet TEMPLATE template0 LC_CTYPE 'C' LC_COLLATE 'C' ENCODING 'UTF8';"
sudo -u postgres psql -c "create user btcpay with encrypted password 'raspiblitz';"
sudo -u postgres psql -c "grant all privileges on database btcpaymainnet to btcpay;"
fi
@ -696,6 +696,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# deleting data"
sudo -u postgres psql -c "drop database nbxplorermainnet;"
sudo -u postgres psql -c "drop user nbxplorer;"
sudo -u postgres psql -c "drop database btcpaymainnet;"
sudo -u postgres psql -c "drop user btcpay;"
sudo rm -R /mnt/hdd/app-data/.btcpayserver/
else
echo "# keeping data"

430
home.admin/config.scripts/bonus.fints.sh Executable file
View file

@ -0,0 +1,430 @@
#!/bin/bash
APPID="fints"
VERSION="2.23"
# the git repo to get the source code from for install
GITHUB_REPO="https://github.com/drmartinberger/FueliFinTS"
# the github tag of the version of the source code to install
# can also be a commit hash
# if empty it will use the latest source version
GITHUB_TAG=""
# the github signature to verify the author
# leave GITHUB_SIGN_AUTHOR empty to skip verifying
GITHUB_SIGN_AUTHOR="" #web-flow
GITHUB_SIGN_PUBKEYLINK="https://github.com/web-flow.gpg"
GITHUB_SIGN_FINGERPRINT="4AEE18F83AFDEB23"
# port numbers the app should run on
# delete if not an web app
PORT_CLEAR="3110"
PORT_SSL="3111"
# BASIC COMMANDLINE OPTIONS
# you can add more actions or parameters if needed - for example see the bonus.rtl.sh
# to see how you can deal with an app that installs multiple instances depending on
# lightning implementation or testnets - but this should be OK for a start:
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "# Github Repo: ${GITHUB_REPO}"
echo "# Telegram Community Support: https://t.me/LN_FinTS"
echo "# bonus.${APPID}.sh status -> status information (key=value)"
echo "# bonus.${APPID}.sh on -> install the app"
echo "# bonus.${APPID}.sh off -> uninstall the app"
echo "# bonus.${APPID}.sh menu -> SSH menu dialog"
echo "# bonus.${APPID}.sh prestart -> will be called by systemd before start"
exit 1
fi
# echoing comments is useful for logs - but start output with # when not a key=value
echo "# Running: 'bonus.${APPID}.sh $*'"
# check & load raspiblitz config
source /mnt/hdd/raspiblitz.conf
#########################
# INFO
#########################
# this section is always executed to gather status information that
# all the following commands can use & execute on
# check if app is already installed
isInstalled=$(sudo ls /etc/systemd/system/${APPID}.service 2>/dev/null | grep -c "${APPID}.service")
# check if service is running
isRunning=$(systemctl status ${APPID} 2>/dev/null | grep -c 'active (running)')
if [ "${isInstalled}" == "1" ]; then
# gather address info (whats needed to call the app)
localIP=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/${APPID}/hostname 2>/dev/null)
#fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
fi
# if the action parameter `status` was called - just stop here and output all
# status information as a key=value list
if [ "$1" = "status" ]; then
echo "appID='${APPID}'"
echo "version='${VERSION}'"
echo "githubRepo='${GITHUB_REPO}'"
echo "githubVersion='${GITHUB_TAG}'"
echo "githubSignature='${GITHUB_SIGNATURE}'"
echo "isInstalled=${isInstalled}"
echo "isRunning=${isRunning}"
if [ "${isInstalled}" == "1" ]; then
echo "portCLEAR=${PORT_CLEAR}"
echo "portSSL=${PORT_SSL}"
echo "localIP='${localIP}'"
echo "toraddress='${toraddress}'"
#echo "fingerprint='${fingerprint}'"
echo "toraddress='${toraddress}'"
fi
exit
fi
##########################
# MENU
#########################
# The `menu` action should give at least a SSH info dialog - when an webapp show
# URL to call (http & https+fingerprint) otherwise some instruction how to start it.
# This SSH dialog will be later called by the MAIN MENU to be available to the user
# when app is installed.
# This menu can also have some more complex structure if you want to make it easy
# to the user to set configurations or maintenance options - example bonus.lnbits.sh
# show info menu
if [ "$1" = "menu" ]; then
# get local ip
localIP=$(hostname -I | awk '{print $1}')
# set the title for the dialog
dialogTitle=" FinTS / HBCI Interface "
# basic info text - for an web app how to call with http & self-signed https
dialogText="This is an very early experimental feature.\nServer-URL: ${localIP}:${PORT_SSL}\n\nSee GitHub Repo for more Details:\n${GITHUB_REPO}\n\nTelegram Community Chat & Support (say hi):\nhttps://t.me/LN_FinTS\n\nUse OPTIONS to config with LNbits & Debug.\n\n"
# add tor info (if available)
if [ "${toraddress}" != "" ]; then
dialogText="${dialogText}Hidden Service address for Tor Connection:\n${toraddress}"
fi
# use whiptail to show SSH dialog & exit
whiptail --title "${dialogTitle}" --yes-button "OK" --no-button "OPTIONS" --yesno "${dialogText}" 19 67
result=$?
if [ ${result} -eq 0 ]; then
exit 0
fi
OPTIONS=()
OPTIONS+=(LNBITS "Edit lnbits.properties")
OPTIONS+=(DEBUG "Print Logs")
WIDTH=66
CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1"))
HEIGHT=$((CHOICE_HEIGHT+7))
CHOICE=$(dialog --clear \
--title " ${APPID} - Options" \
--ok-label "Select" \
--cancel-label "Back" \
--menu "Choose one of the following options:" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
case $CHOICE in
DEBUG)
clear
echo "# sudo tail -n 100 /home/fints/log/fuelifints.log"
sudo tail -n 100 /home/fints/log/fuelifints.log
echo "# PRESS ENTER to continue"
read key
;;
LNBITS)
edittemp=$(mktemp -p /dev/shm/)
sudo -u fints dialog --title "Editing /home/fints/config/lnbits.properties" --editbox "/home/fints/config/lnbits.properties" 200 200 2> "${edittemp}"
result=$?
clear
if [ "${result}" == "0" ]; then
echo "# saving changes to /home/fints/config/lnbits.properties"
sudo rm /home/fints/config/lnbits.properties
sudo mv ${edittemp} /home/fints/config/lnbits.properties
sudo chown fints:fints /home/fints/config/lnbits.properties
else
echo "# (${result}) no changes - dont save"
fi
echo "# restarting fints service"
sudo systemctl restart fints
sleep 2
;;
esac
echo "please wait ..."
exit 0
fi
##########################
# ON / INSTALL
##########################
# This section takes care of installing the app.
# The template contains some basic steps but also look at other install scripts
# to see how special cases are solved.
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# dont run install if already installed
if [ ${isInstalled} -eq 1 ]; then
echo "# ${APPID}.service is already installed."
exit 1
fi
echo "# Installing ${APPID} ..."
# install java & build tool
sudo apt install -y default-jdk
sudo apt install -y maven
# make sure mysql/myria db is available
sudo apt-get install -y mariadb-server mariadb-client
# create a dedicated user for the app
echo "# create user"
sudo adduser --disabled-password --gecos "" ${APPID} || exit 1
# add user to special groups with special access rights
# echo "# add use to special groups"
# sudo /usr/sbin/usermod --append --groups lndadmin ${APPID}
# create a data directory on /mnt/hdd/app-data/ for the app
if ! [ -d /mnt/hdd/app-data/${APPID} ]; then
echo "# create app-data directory"
sudo mkdir /mnt/hdd/app-data/${APPID} 2>/dev/null
sudo chown ${APPID}:${APPID} -R /mnt/hdd/app-data/${APPID}
else
echo "# reuse existing app-directory"
sudo chown ${APPID}:${APPID} -R /mnt/hdd/app-data/${APPID}
fi
# download source code and verify
# BACKGROUND is that now you download the code from github, reset to a given version tag/commit,
# verify the author. If you app provides its source/binaries in another way, may check
# other install scripts to see how that implement code download & verify.
echo "# download the source code & verify"
sudo -u ${APPID} git clone ${GITHUB_REPO} /home/${APPID}/${APPID}
cd /home/${APPID}/${APPID}
if [ "${GITHUB_TAG}" != "" ]; then
sudo -u ${APPID} git reset --hard $GITHUB_TAG
fi
if [ "${GITHUB_SIGN_AUTHOR}" != "" ]; then
sudo -u ${APPID} /home/admin/config.scripts/blitz.git-verify.sh \
"${GITHUB_SIGN_AUTHOR}" "${GITHUB_SIGN_PUBKEYLINK}" "${GITHUB_SIGN_FINGERPRINT}" "${GITHUB_TAG}" || exit 1
fi
# compile/install the app
echo "# compile/install the app"
cd /home/${APPID}/${APPID}
# install dependencies from pom.xml
sudo -u fints mvn package
if ! [ $? -eq 0 ]; then
echo "# FAIL - mvn package did not run correctly - deleting code & exit"
sudo rm -r /home/${APPID}/${APPID}
exit 1
fi
sudo -u fints cp /home/fints/fints/target/LN-FinTS-jar-with-dependencies.jar /home/fints/fints-fat.jar
if ! [ $? -eq 0 ]; then
echo "# FAIL - was not able to copy /home/fints/fints-fat.jar"
sudo rm -r /home/${APPID}/${APPID}
exit 1
fi
# init database
sudo mariadb -e "DROP DATABASE IF EXISTS fints;"
sudo mariadb -e "CREATE DATABASE fints;"
sudo mariadb -e "GRANT ALL PRIVILEGES ON fints.* TO 'fintsuser' IDENTIFIED BY 'fints';"
sudo mariadb -e "FLUSH PRIVILEGES;"
if [ -f "dbsetup.sql" ]; then
mariadb -ufintsuser -pfints fints < dbsetup.sql
else
echo "# FAIL - dbsetup.sql not found - deleting code & exit"
sudo rm -r /home/${APPID}/${APPID}
exit 1
fi
# open the ports in the firewall
echo "# updating Firewall"
sudo ufw allow ${PORT_CLEAR} comment "${APPID} HTTP"
sudo ufw allow ${PORT_SSL} comment "${APPID} HTTPS"
# every app has their own systemd service that cares about starting &
# running the app in the background - see the PRESTART section for adhoc config
echo "# create systemd service: ${APPID}.service"
echo "
[Unit]
Description=${APPID}
Wants=bitcoind
After=bitcoind
[Service]
WorkingDirectory=/home/${APPID}
Environment=\"HOME_PATH=/mnt/hdd/app-data/${APPID}\"
ExecStartPre=-/home/admin/config.scripts/bonus.${APPID}.sh prestart
ExecStart=java -jar /home/${APPID}/fints-fat.jar
User=${APPID}
Restart=always
TimeoutSec=120
RestartSec=30
StandardOutput=null
StandardError=journal
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/${APPID}.service
sudo chown root:root /etc/systemd/system/${APPID}.service
# when tor is set on also install the hidden service
if [ "${runBehindTor}" = "on" ]; then
# activating tor hidden service
/home/admin/config.scripts/tor.onion-service.sh ${APPID} 80 ${PORT_CLEAR} 443 ${PORT_SSL}
fi
# create keystore if needed
keystoreExists=$(sudo ls /mnt/hdd/app-data/fints/keystore.jks 2>/dev/null | grep -c 'keystore.jks')
if [ ${keystoreExists} -eq 0 ]; then
echo "# creating keystore"
sudo -u fints keytool -genkey -keyalg RSA -alias fints -keystore /mnt/hdd/app-data/fints/keystore.jks -storepass raspiblitz -noprompt -dname "CN=raspiblitz, OU=IT, O=raspiblitz, L=world, S=world, C=BZ"
else
echo "# keystore already exists"
fi
# config app basics: lnbits.properties
sudo -u fints mkdir /home/fints/config
sudo -u fints cp /home/fints/fints/config/fuelifints.properties /home/fints/config/fuelifints.properties
sudo sed -i "s/^productinfo.csv.check=.*/productinfo.csv.check=false/g" /home/fints/config/fuelifints.properties
sudo sed -i "s/^rdh_port =.*/rdh_port = ${PORT_CLEAR}/g" /home/fints/config/fuelifints.properties
sudo sed -i "s/^ssl_port =.*/ssl_port = ${PORT_SSL}/g" /home/fints/config/fuelifints.properties
sudo sed -i "s/^keystore_location =.*/keystore_location = \/mnt\/hdd\/app-data\/fints\/keystore.jks/g" /home/fints/config/fuelifints.properties
sudo sed -i "s/^keystore_password =.*/keystore_password = raspiblitz/g" /home/fints/config/fuelifints.properties
# config app basics: blz.banking2.properties.example
sudo -u fints cp /home/fints/fints/config/blz.banking2.properties.example /home/fints/config/blz.banking2.properties
# config app basics: lnbits.properties
sudo -u fints cp /home/fints/fints/config/lnbits.properties.example /home/fints/config/lnbits.properties
# in file lnbits.properties replace the line starting with lnbitsUrl with the following line 'lnbitsUrl = http://127.0.0.1:5000'
sudo sed -i "s/lnbitsUrl =.*/lnbitsUrl = http:\/\/127.0.0.1:5000/g" /home/fints/config/lnbits.properties
# mark app as installed in raspiblitz config
/home/admin/config.scripts/blitz.conf.sh set ${APPID} "on"
# enable app up thru systemd
sudo systemctl enable ${APPID}
echo "# OK - the ${APPID}.service is now enabled"
# start app (only when blitz is ready)
source <(/home/admin/_cache.sh get state)
if [ "${state}" == "ready" ]; then
sudo systemctl start ${APPID}
echo "# OK - the ${APPID}.service is now started"
fi
echo "# Monitor with: sudo journalctl -f -u ${APPID}"
exit 0
fi
##########################
# PRESTART
##########################
# BACKGROUND is that this script will be called with `prestart` on every start & restart
# of this apps systemd service. This has the benefit that right before the app is started
# config parameters for this app can be updated so that it always starts with the most updated
# values. With such an "adhoc config" it is for example possible to check right before start
# what other apps are installed and configure connections. Even if those configs outdate later
# while the app is running with the next restart they will then automatically update their config
# again. If you dont need such "adhoc" config for your app - just leave it empty as it is, so
# you maybe later on have the option to use it.
if [ "$1" = "prestart" ]; then
# needs to be run as the app user - stop if not run as the app user
# keep in mind that in the prestart section you cannot use `sudo` command
if [ "$USER" != "${APPID}" ]; then
echo "# FAIL: run as user ${APPID}"
exit 1
fi
echo "## PRESTART CONFIG START for ${APPID} (called by systemd prestart)"
# at the moment no on the fly config is needed
echo "## PRESTART CONFIG DONE for ${APPID}"
exit 0
fi
###########################################
# OFF / UNINSTALL
# call with parameter `delete-data` to also
# delete the persistent data directory
###########################################
# BACKGROUND is that this section removes entries in systemd, nginx, etc and then
# deletes the user with its home directory to nuke all installed code
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# stop & remove systemd service"
sudo systemctl stop ${APPID} 2>/dev/null
sudo systemctl disable ${APPID}.service
sudo rm /etc/systemd/system/${APPID}.service
#echo "# remove nginx symlinks"
#sudo rm -f /etc/nginx/sites-enabled/${APPID}_ssl.conf 2>/dev/null
#sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor.conf 2>/dev/null
#sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor_ssl.conf 2>/dev/null
#sudo rm -f /etc/nginx/sites-available/${APPID}_ssl.conf 2>/dev/null
#sudo rm -f /etc/nginx/sites-available/${APPID}_tor.conf 2>/dev/null
#sudo rm -f /etc/nginx/sites-available/${APPID}_tor_ssl.conf 2>/dev/null
#sudo nginx -t
#sudo systemctl reload nginx
echo "# close ports on firewall"
sudo ufw deny "${PORT_CLEAR}"
sudo ufw deny "${PORT_SSL}"
echo "# delete user"
sudo userdel -rf ${APPID}
echo "# removing Tor hidden service (if active)"
/home/admin/config.scripts/tor.onion-service.sh off ${APPID}
echo "# mark app as uninstalled in raspiblitz config"
/home/admin/config.scripts/blitz.conf.sh set ${APPID} "off"
# only if 'delete-data' is an additional parameter then also the data directory gets deleted
if [ "$(echo "$@" | grep -c delete-data)" -gt 0 ]; then
echo "# found 'delete-data' parameter --> also deleting the app-data"
sudo rm -r /mnt/hdd/app-data/${APPID}
fi
echo "# OK - app should be uninstalled now"
exit 0
fi
# just a basic error message when unknown action parameter was given
echo "# FAIL - Unknown Parameter $1"
exit 1

2
home.admin/config.scripts/bonus.go.sh
View file

@ -28,7 +28,7 @@ case "$1" in
goOSversion=$(dpkg --print-architecture)
if [ ${goOSversion} = "armv6l" ]; then
checksum=${armv6lChecksum}
elif [ ${goOSversion{} = "arm64" ]; then
elif [ ${goOSversion} = "arm64" ]; then
checksum=${arm64Checksum}
elif [ ${goOSversion} = "amd64" ]; then
checksum=${amd64Checksum}

2
home.admin/config.scripts/bonus.jam.sh
View file

@ -2,7 +2,7 @@
# https://github.com/joinmarket-webui/jam
WEBUI_VERSION=0.1.4
WEBUI_VERSION=0.1.5
REPO=joinmarket-webui/jam
USERNAME=jam
HOME_DIR=/home/$USERNAME

19
home.admin/config.scripts/bonus.lit.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/lightninglabs/lightning-terminal/releases
LITVERSION="0.8.4-alpha"
LITVERSION="0.8.6-alpha"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -216,6 +216,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# BUILD FAILED --> LND PGP Verify not OK / signature(${goodSignature}) verify(${correctKey})"
exit 1
fi
###########
# install #
###########
@ -231,6 +232,17 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
###########
# config #
###########
# check if lnd.conf has rpcmiddleware.enable entry under section Application Options
entryExists=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep -c "rpcmiddleware.enable=")
if [ "${entryExists}" == "0" ]; then
echo "# add rpcmiddleware.enable=true to lnd.conf"
sudo sed -i "/^\[Application Options\]$/arpcmiddleware.enable=true" /mnt/hdd/lnd/lnd.conf
fi
# make sure lnd.conf has rpcmiddleware.enable=true
sudo sed -i "s/^rpcmiddleware.enable=.*/rpcmiddleware.enable=true/g" /mnt/hdd/lnd/lnd.conf
if [ "${runBehindTor}" = "on" ]; then
echo "# Connect to the Pool, Loop and Terminal server through Tor"
LOOPPROXY="loop.server.proxy=127.0.0.1:9050"
@ -240,7 +252,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
LOOPPROXY=""
POOLPROXY=""
fi
PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
echo "
# Application Options
httpslisten=0.0.0.0:8443
@ -251,7 +263,7 @@ remote.lit-debuglevel=debug
# Remote lnd options
remote.lnd.rpcserver=127.0.0.1:10009
remote.lnd.macaroonpath=/home/lit/.lnd/data/chain/${network}/${chain}net/admin.macaroon
remote.lnd.macaroonpath=/home/lit/.lnd/data/chain/bitcoin/${chain}net/admin.macaroon
remote.lnd.tlscertpath=/home/lit/.lnd/tls.cert
# Loop
@ -347,6 +359,7 @@ alias lit-frcli=\"frcli --rpcserver=localhost:8443 \
source <(/home/admin/_cache.sh get state)
if [ "${state}" == "ready" ]; then
echo "# OK - the litd.service is enabled, system is ready so starting service"
sudo systemctl restart lnd
sudo systemctl start litd
else
echo "# OK - the litd.service is enabled, to start manually use: 'sudo systemctl start litd'"

46
home.admin/config.scripts/bonus.lnbits.sh
View file

@ -1,9 +1,9 @@
#!/bin/bash
# https://github.com/lnbits/lnbits-legend
# https://github.com/lnbits/lnbits
# https://github.com/lnbits/lnbits-legend/releases
tag="0.9.6"
# https://github.com/lnbits/lnbits/releases
tag="0.10.2"
VERSION="${tag}"
# command info
@ -502,7 +502,6 @@ if [ "$1" = "prestart" ]; then
# set tls.cert path (use | as separator to avoid escaping file path slashes)
sed -i "s|^LND_REST_CERT=.*|LND_REST_CERT=/mnt/hdd/app-data/lnd/tls.cert|g" /home/lnbits/lnbits/.env
# set macaroon path info in .env - USING HEX IMPORT
chmod 600 /home/lnbits/lnbits/.env
macaroonAdminHex=$(xxd -ps -u -c 1000 /mnt/hdd/app-data/lnd/data/chain/${LNBitsNetwork}/${LNBitsChain}net/admin.macaroon)
@ -511,7 +510,8 @@ if [ "$1" = "prestart" ]; then
sed -i "s/^LND_REST_ADMIN_MACAROON=.*/LND_REST_ADMIN_MACAROON=${macaroonAdminHex}/g" /home/lnbits/lnbits/.env
sed -i "s/^LND_REST_INVOICE_MACAROON=.*/LND_REST_INVOICE_MACAROON=${macaroonInvoiceHex}/g" /home/lnbits/lnbits/.env
sed -i "s/^LND_REST_READ_MACAROON=.*/LND_REST_READ_MACAROON=${macaroonReadHex}/g" /home/lnbits/lnbits/.env
sed -i "s/^LND_REST_ENDPOINT=.*/LND_REST_ENDPOINT=https://127.0.0.1:${portprefix}8080/g" /home/lnbits/lnbits/.env
# set the REST endpoint (use | as separator to avoid escaping slashes)
sed -i "s|^LND_REST_ENDPOINT=.*|LND_REST_ENDPOINT=https://127.0.0.1:${portprefix}8080|g" /home/lnbits/lnbits/.env
elif [ "${LNBitsLightning}" == "cl" ]; then
@ -579,16 +579,11 @@ if [ "$1" = "sync" ] || [ "$1" = "repo" ]; then
# pull latest code
sudo -u lnbits git pull
# install
sudo -u lnbits python3 -m venv venv
sudo -u lnbits ./venv/bin/pip install -r requirements.txt
sudo -u lnbits ./venv/bin/pip install pylightning
sudo -u lnbits ./venv/bin/pip install secp256k1
sudo -u lnbits ./venv/bin/pip install pyln-client
sudo -u lnbits ./venv/bin/pip install psycopg2 # conv.py postgres migration dependency
# check if poetry in installed, if not install it
sudo -u lnbits which poetry || sudo -u lnbits curl -sSL https://install.python-poetry.org | sudo -u lnbits python3 -
# do install like this
sudo -u lnbits poetry install
# build
sudo -u lnbits ./venv/bin/python build.py
# restart lnbits service
sudo systemctl restart lnbits
echo "# server is restarting ... maybe takes some seconds until available"
@ -627,7 +622,7 @@ if [ "$1" = "install" ]; then
echo "# get the github code user(${githubUser}) branch(${tag})"
sudo rm -r /home/lnbits/lnbits 2>/dev/null
cd /home/lnbits || exit 1
sudo -u lnbits git clone https://github.com/${githubUser}/lnbits-legend lnbits
sudo -u lnbits git clone https://github.com/${githubUser}/lnbits lnbits
cd /home/lnbits/lnbits || exit 1
sudo -u lnbits git checkout ${tag} || exit 1
@ -635,16 +630,14 @@ if [ "$1" = "install" ]; then
echo "# installing application dependencies"
cd /home/lnbits/lnbits || exit 1
# check if poetry in installed, if not install it
if ! sudo -u lnbits which poetry; then
echo "# install poetry"
sudo pip3 install --upgrade pip
sudo pip3 install poetry
fi
# do install like this
sudo -u lnbits python3 -m venv venv
sudo -u lnbits ./venv/bin/pip install -r requirements.txt
sudo -u lnbits ./venv/bin/pip install pylightning
sudo -u lnbits ./venv/bin/pip install secp256k1
sudo -u lnbits ./venv/bin/pip install pyln-client
sudo -u lnbits ./venv/bin/pip install psycopg2 # conv.py postgres migration dependency
# build
sudo -u lnbits ./venv/bin/python build.py
sudo -u lnbits poetry install
exit 0
fi
@ -739,7 +732,6 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# preparing env file"
sudo rm /home/lnbits/lnbits/.env 2>/dev/null
sudo -u lnbits touch /home/lnbits/lnbits/.env
sudo bash -c "echo 'LNBITS_FORCE_HTTPS=0' >> /home/lnbits/lnbits/.env"
if [ ! -e /mnt/hdd/app-data/LNBits/database.sqlite3 ]; then
echo "# install database: PostgreSQL"
@ -789,7 +781,7 @@ After=bitcoind.service
[Service]
WorkingDirectory=/home/lnbits/lnbits
ExecStartPre=/home/admin/config.scripts/bonus.lnbits.sh prestart
ExecStart=/home/lnbits/lnbits/venv/bin/uvicorn lnbits.__main__:app --port 5000
ExecStart=/bin/sh -c 'cd /home/lnbits/lnbits && poetry run lnbits --port 5000'
User=lnbits
Restart=always
TimeoutSec=120
@ -1192,7 +1184,7 @@ if [ "$1" = "migrate" ]; then
sudo systemctl stop lnbits
echo "# Start convert old SQLite to new PostgreSQL"
if ! sudo -u lnbits ./venv/bin/python tools/conv.py; then
if ! sudo -u lnbits poetry run python tools/conv.py; then
echo "FAIL - Convert failed, revert migration process"
revertMigration
exit 1

6
home.admin/config.scripts/bonus.lndg.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/cryptosharks131/lndg
VERSION="1.5.0 "
VERSION="1.6.0 "
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -449,11 +449,13 @@ if [ "$1" = "update" ]; then
cd /home/lndg/lndg || exit 1
sudo -u lndg git pull
sudo -u lndg .venv/bin/pip install requests
sudo -u lndg .venv/bin/pip install -r requirements.txt
sudo -u lndg .venv/bin/python manage.py migrate
# reinitialize settings.py in case update requires it
sudo rm /home/lndg/lndg/lndg/settings.py
sudo /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/initialize.py -wn
sudo /home/lndg/lndg/.venv/bin/python initialize.py -wn
cd /home/admin
# restart services
sudo systemctl restart nginx

12
home.admin/config.scripts/bonus.lnproxy.sh
View file

@ -38,7 +38,7 @@ To use the API:
curl -k https://${localip}:4749/api/{invoice}?routing_msat={budget}\n
The Tor Hidden Service address to share for using the API:
${torAddress}/api
" 19 67
" 20 70
sudo /home/admin/config.scripts/blitz.display.sh hide
else
# Info without Tor
@ -204,7 +204,6 @@ EOF
sudo nginx -t
sudo systemctl reload nginx
sudo ufw allow 4747 comment lnproxy-HTTP
sudo ufw allow 4748 comment lnproxy-webui-HTTP
sudo ufw allow 4749 comment lnproxy-HTTPS
@ -214,9 +213,11 @@ EOF
/home/admin/config.scripts/blitz.conf.sh set lnproxy "on"
echo "# API:"
echo "curl http://${localip}:4747/{your_invoice}?routing_msat={routing_budget}"
echo "curl http://127.0.0.1:4747/{your_invoice}?routing_msat={routing_budget}"
echo "curl -k https://${localip}:4749/api/{your_invoice}?routing_msat={routing_budget}"
echo "# WebUI:"
echo "http://${localip}:4748"
echo "https://${localip}:4749"
echo "# More info at:"
echo "https://github.com/lnproxy/lnproxy"
@ -231,15 +232,14 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# remove systemd services
sudo systemctl disable --now lnproxy
/etc/systemd/system/lnproxy.service
sudo rm -f /etc/systemd/system/lnproxy.service
sudo systemctl disable --now lnproxy-webui
/etc/systemd/system/lnproxy-webui.service
sudo rm -f /etc/systemd/system/lnproxy-webui.service
# remove Tor service
/home/admin/config.scripts/tor.onion-service.sh off lnproxy
# close ports on firewall
sudo ufw delete allow 4747
sudo ufw delete allow 4748
sudo ufw delete allow 4749

77
home.admin/config.scripts/bonus.rtl.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/Ride-The-Lightning/RTL/releases
RTLVERSION="v0.13.0"
RTLVERSION="v0.13.6"
# check and load raspiblitz config
# to know which network is running
@ -117,7 +117,6 @@ Activate Tor to access the web interface from outside your local network.
exit 0
fi
########################################
# INSTALL (just user, code & compile)
########################################
@ -163,7 +162,7 @@ if [ "$1" = "install" ]; then
# install
echo "# Running npm install ..."
export NG_CLI_ANALYTICS=false
sudo -u rtl npm install --omit=dev
sudo -u rtl npm install --omit=dev --legacy-peer-deps
if ! [ $? -eq 0 ]; then
echo "# FAIL - npm install did not run correctly - deleting code and exit"
sudo rm -r /home/rtl/RTL
@ -252,7 +251,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
fi
echo "# Updating Firewall"
sudo ufw allow ${RTLHTTP} comment "${systemdService} HTTP"
sudo ufw allow "${RTLHTTP}" comment "${systemdService} HTTP"
sudo ufw allow $((RTLHTTP + 1)) comment "${systemdService} HTTPS"
echo
@ -455,19 +454,19 @@ if [ "$1" = "prestart" ]; then
# LND changes of config
if [ "${LNTYPE}" == "lnd" ]; then
echo "# LND Config"
cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json | \
jq ".port = \"${RTLHTTP}\"" | \
jq ".multiPass = \"${RPCPASSWORD}\"" | \
jq ".multiPassHashed = \"\"" | \
jq ".nodes[0].lnNode = \"${hostname}\"" | \
jq ".nodes[0].lnImplementation = \"LND\"" | \
jq ".nodes[0].Authentication.macaroonPath = \"/home/rtl/.lnd/data/chain/${network}/${CHAIN}/\"" | \
jq ".nodes[0].Authentication.configPath = \"/home/rtl/.lnd/${netprefix}lnd.conf\"" | \
jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | \
jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | \
jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | \
jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}8080\"" | \
jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" | \
cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json |
jq ".port = \"${RTLHTTP}\"" |
jq ".multiPass = \"${RPCPASSWORD}\"" |
jq ".multiPassHashed = \"\"" |
jq ".nodes[0].lnNode = \"${hostname}\"" |
jq ".nodes[0].lnImplementation = \"LND\"" |
jq ".nodes[0].Authentication.macaroonPath = \"/home/rtl/.lnd/data/chain/${network}/${CHAIN}/\"" |
jq ".nodes[0].Authentication.configPath = \"/home/rtl/.lnd/${netprefix}lnd.conf\"" |
jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" |
jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" |
jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" |
jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}8080\"" |
jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" |
jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" >/mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp
mv /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json
fi
@ -476,19 +475,19 @@ if [ "$1" = "prestart" ]; then
# https://github.com/Ride-The-Lightning/RTL/blob/master/docs/C-Lightning-setup.md
if [ "${LNTYPE}" == "cl" ]; then
echo "# CL Config"
cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json | \
jq ".port = \"${RTLHTTP}\"" | \
jq ".multiPass = \"${RPCPASSWORD}\"" | \
jq ".multiPassHashed = \"\"" | \
jq ".nodes[0].lnNode = \"${hostname}\"" | \
jq ".nodes[0].lnImplementation = \"CLT\"" | \
jq ".nodes[0].Authentication.macaroonPath = \"/home/bitcoin/c-lightning-REST/${CLNETWORK}/certs\"" | \
jq ".nodes[0].Authentication.configPath = \"${CLCONF}\"" | \
jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | \
jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | \
jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | \
jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}6100\"" | \
jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" | \
cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json |
jq ".port = \"${RTLHTTP}\"" |
jq ".multiPass = \"${RPCPASSWORD}\"" |
jq ".multiPassHashed = \"\"" |
jq ".nodes[0].lnNode = \"${hostname}\"" |
jq ".nodes[0].lnImplementation = \"CLT\"" |
jq ".nodes[0].Authentication.macaroonPath = \"/home/bitcoin/c-lightning-REST/${CLNETWORK}/certs\"" |
jq ".nodes[0].Authentication.configPath = \"${CLCONF}\"" |
jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" |
jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" |
jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" |
jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}6100\"" |
jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" |
jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" >/mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp
mv /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json
fi
@ -547,24 +546,23 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# only if 'purge' is an additional parameter (other instances/services might need this)
if [ "$(echo "$@" | grep -c purge)" -gt 0 ]; then
home/admin/config.scripts/bonus.rtl.sh uninstall
/home/admin/config.scripts/bonus.rtl.sh uninstall
if [ $LNTYPE = cl ]; then
/home/admin/config.scripts/cl.rest.sh off ${CHAIN}
/home/admin/config.scripts/cl.rest.sh off ${CHAIN} purge
fi
echo "# Delete all configs"
sudo rm -rf /mnt/hdd/app-data/rtl
fi
# close ports on firewall
sudo ufw deny "${RTLHTTP}"
sudo ufw deny $((RTLHTTP+1))
sudo ufw delete allow "${RTLHTTP}"
sudo ufw delete allow $((RTLHTTP + 1))
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
if [ "$1" = "update" ]; then
echo "# UPDATING RTL"
cd /home/rtl/RTL || exit 1
@ -591,7 +589,7 @@ if [ "$1" = "update" ]; then
# https://github.com/Ride-The-Lightning/RTL#or-update-existing-dependencies
echo "# Running npm install ..."
export NG_CLI_ANALYTICS=false
sudo -u rtl npm install --omit=dev
sudo -u rtl npm install --omit=dev --legacy-peer-deps
if ! [ $? -eq 0 ]; then
echo "# FAIL - npm install did not run correctly - deleting code and exit"
sudo rm -r /home/rtl/RTL
@ -607,7 +605,7 @@ if [ "$1" = "update" ]; then
sudo -u rtl git pull -p
echo "# Running npm install ..."
export NG_CLI_ANALYTICS=false
sudo -u rtl npm install --only=prod --logLevel warn
sudo -u rtl npm install --omit=dev --legacy-peer-deps
if ! [ $? -eq 0 ]; then
echo "# FAIL - npm install did not run correctly - deleting code and exit"
sudo rm -r /home/rtl/RTL
@ -616,7 +614,10 @@ if [ "$1" = "update" ]; then
echo "# OK - RTL install looks good"
echo
fi
currentRTLcommit=$(cd /home/rtl/RTL; git describe --tags)
currentRTLcommit=$(
cd /home/rtl/RTL || exit 1
git describe --tags
)
echo "# Updated RTL to $currentRTLcommit"
else
echo "# Unknown option: $updateOption"

5
home.admin/config.scripts/bonus.sphinxrelay.sh
View file

@ -107,7 +107,7 @@ iOS support is native, Android needs Orbot"
text="${text}\n
At the moment your Sphinx Relay Server is just available
within the local network - without transport encryption.
Local server for test & debug: ${publicURL}/app"#\n
Local server for test & debug: ${publicURL}/app#\n
To enable easy reachability from the outside consider
adding a IP2TOR Bridge and reconnect:
MAINMENU > SUBSCRIBE > IP2TOR > SPHINX"
@ -132,8 +132,7 @@ MAINMENU > SUBSCRIBE > IP2TOR > SPHINX"
BUT TO MAKE THIS WORK:\n
It needs an additional Domain with LetsEncrypt certificate for HTTPS: Go MAINMENU > SUBSCRIBE and add LetsEncrypt HTTPS Domain\n
(or cancel the IP2Tor & just use sphinx within local network)"
whiptail --title " Warning " \
--msgbox "${text}" 15 72
whiptail --title " Warning " --msgbox "${text}" 15 72
exit 0
fi

14
home.admin/config.scripts/bonus.suez.sh
View file

@ -33,9 +33,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
cd /home/bitcoin || exit 1
# dependency
sudo -u bitcoin curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/install-poetry.py\
| sudo -u bitcoin python -
# poetry
sudo pip3 install --upgrade pip
sudo pip3 install poetry
# download source code
sudo -u bitcoin git clone https://github.com/prusnak/suez.git
@ -43,7 +43,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo -u bitcoin git reset --hard $SUEZVERSION
sudo -u bitcoin /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
sudo -u bitcoin /home/bitcoin/.local/bin/poetry install
sudo -u bitcoin poetry install
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set suez "on"
@ -74,8 +74,8 @@ if [ "$1" = "update" ]; then
echo "# UPDATE SUEZ"
cd /home/bitcoin || exit 1
# dependency
sudo -u bitcoin curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/install-poetry.py\
| sudo -u bitcoin python -
sudo pip3 install --upgrade pip
sudo pip3 install poetry
# download source code
if [ -d suez ]; then
sudo -u bitcoin git clone https://github.com/prusnak/suez.git
@ -84,7 +84,7 @@ if [ "$1" = "update" ]; then
sudo -u bitcoin git pull
sudo -u bitcoin /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
sudo -u bitcoin /home/bitcoin/.local/bin/poetry install
sudo -u bitcoin poetry install
echo "# Updated to the latest in https://github.com/prusnak/suez/commits/master"
exit 0
fi

2
home.admin/config.scripts/bonus.tallycoin-connect.sh
View file

@ -8,7 +8,7 @@ HOME_DIR=/home/$USERNAME
CONFIG_FILE=$APP_DATA_DIR/tallycoin_api.key
RASPIBLITZ_INFO=/home/admin/raspiblitz.info
SERVICE_FILE=/etc/systemd/system/tallycoin-connect.service
TC_VERSION=1.7.5
TC_VERSION=1.8.0
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then

8
home.admin/config.scripts/bonus.telegraf.sh
View file

@ -68,6 +68,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
#
# changed according suggestion from @frennkie in #1501
echo "deb https://repos.influxdata.com/debian ${DISTRIB_ID} stable" | sudo tee -a /etc/apt/sources.list.d/influxdb.list >/dev/null
#
# as the key is untrusted, this is a dirty fix
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D8FF8E1F7DF8B07E
sudo apt-get update
sudo apt-get install -y telegraf
@ -77,6 +80,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
#
# enable telegraf as admin for lnd
sudo usermod telegraf -a -G lndadmin
#
# add telegraf to sudoers (for later application with smartmontools)
sudo usermod telegraf -a -G sudo
# stop telegraf service
sudo systemctl stop telegraf.service
@ -84,7 +90,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "*** telegraf installation: copying telegraf config templates"
# copy custom "telegraf.conf" template to the telegraf target dir
# the telegraf inputs part goes into telegraf.d subdir
# this split into "telegraf.conf" and "telegraf.d/teöegraf_inputs.conf" is necessary
# this split into "telegraf.conf" and "telegraf.d/telegraf_inputs.conf" is necessary
# as the the [[inputs.***]] part contains lines with the keywords
# "urls", "database", "username" "password"
# so the sed-replacement-part would get confused

17
home.admin/config.scripts/bonus.template.sh
View file

@ -202,7 +202,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# download the source code & verify"
sudo -u ${APPID} git clone ${GITHUB_REPO} /home/${APPID}/${APPID}
cd /home/${APPID}/${APPID}
if [ "${GITHUB_TAG}" != "" ]; then
sudo -u ${APPID} git reset --hard $GITHUB_TAG
fi
if [ "${GITHUB_SIGN_AUTHOR}" != "" ]; then
sudo -u ${APPID} /home/admin/config.scripts/blitz.git-verify.sh \
"${GITHUB_SIGN_AUTHOR}" "${GITHUB_SIGN_PUBKEYLINK}" "${GITHUB_SIGN_FINGERPRINT}" "${GITHUB_TAG}" || exit 1
@ -237,6 +239,7 @@ Wants=bitcoind
After=bitcoind
[Service]
WorkingDirectory=/home/${APPID}
Environment=\"HOME_PATH=/mnt/hdd/app-data/${APPID}\"
ExecStartPre=-/home/admin/config.scripts/bonus.${APPID}.sh prestart
ExecStart=/usr/bin/node /home/${APPID}/${APPID}/${APPID}
@ -327,10 +330,17 @@ server {
# mark app as installed in raspiblitz config
/home/admin/config.scripts/blitz.conf.sh set ${APPID} "on"
# start app up thru systemd
# enable app up thru systemd
sudo systemctl enable ${APPID}
echo "# OK - the ${APPID}.service is now enabled"
# start app (only when blitz is ready)
source <(/home/admin/_cache.sh get state)
if [ "${state}" == "ready" ]; then
sudo systemctl start ${APPID}
echo "# OK - the ${APPID}.service is now enabled & started"
echo "# OK - the ${APPID}.service is now started"
fi
echo "# Monitor with: sudo journalctl -f -u ${APPID}"
exit 0
@ -422,6 +432,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
sudo ufw deny "${PORT_CLEAR}"
sudo ufw deny "${PORT_SSL}"
echo "# delete user"
sudo userdel -rf ${APPID}
echo "# removing Tor hidden service (if active)"
/home/admin/config.scripts/tor.onion-service.sh off ${APPID}

53
home.admin/config.scripts/cl-plugin.backup.sh
View file

@ -16,8 +16,7 @@ function help(){
}
# https://github.com/lightningd/plugins/commits/master/backup
# use the version beore the migration to poetry
pinnedVersion="4d3560b129b12cba0381fff0b1e30ac32ef84106"
pinnedVersion="30003279e35e5931fc85d7e6211ea4de6f9554d7"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -38,14 +37,21 @@ function install() {
sudo -u bitcoin git pull
sudo -u bitcoin git reset --hard ${pinnedVersion} || exit 1
if [ $($lightningcli_alias plugin list 2>/dev/null | grep -c "${plugin}") -eq 0 ];then
if [ $($lightningcli_alias plugin list 2>/dev/null | grep -c "/${plugin}") -eq 0 ]; then
echo "# Checking dependencies"
sudo -u bitcoin pip install --user -r ${plugindir}/${plugin}/requirements.txt 1>/dev/null
if [ $(echo $PATH | grep -c "/home/bitcoin/.local/bin") -eq 0 ];then
export PATH=$PATH:/home/bitcoin/.local/bin
echo "PATH=\$PATH:/home/bitcoin/.local/bin" | sudo tee -a /etc/profile
fi
# upgrade pip
sudo pip3 install --upgrade pip
# pip dependencies
sudo -u bitcoin pip3 install pyln-client tqdm
# poetry
sudo pip3 install poetry || exit 1
cd ${plugindir}/backup/ || exit 1
sudo -u bitcoin poetry install
sudo chmod +x ${plugindir}/${plugin}/${plugin}.py
# symlink to the default plugin dir
if [ ! -L /home/bitcoin/${netprefix}cl-plugins-enabled/backup.py ]; then
sudo ln -s ${plugindir}/backup/backup.py \
@ -72,19 +78,22 @@ if [ "$1" = on ];then
fi
# always re-init plugin
if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/backup.lock; then
if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/backup.lock 2>/dev/null; then
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/backup.lock
fi
# https://github.com/lightningd/plugins/tree/master/backup#setup
echo "# Initialize the backup plugin"
sudo -u bitcoin ${plugindir}/backup/backup-cli init\
--lightning-dir /home/bitcoin/.lightning/${CLNETWORK} \
cd ${plugindir}/backup/ || exit 1
sudo -u bitcoin poetry run ./backup-cli init --lightning-dir /home/bitcoin/.lightning/${CLNETWORK} \
file:///home/bitcoin/${netprefix}lightningd.sqlite3.backup
if [ $(crontab -u admin -l | grep -c "backup-compact $CHAIN") -eq 0 ]; then
echo "Add weekly backup-compact as a cronjob"
cronjob="@weekly /home/admin/config.scripts/cl-plugin.backup.sh backup-compact $CHAIN"
(crontab -u admin -l; echo "$cronjob" ) | crontab -u admin -
(
crontab -u admin -l
echo "$cronjob"
) | crontab -u admin -
fi
echo "# The crontab for admin now is:"
crontab -u admin -l
@ -96,8 +105,9 @@ if [ "$1" = on ];then
echo "# Started the ${netprefix}lightningd.service"
fi
elif [ "$1" = off ]; then
elif
[ "$1" = off ]
then
echo "# Removing the backup plugin"
sudo rm -f /home/bitcoin/${netprefix}cl-plugins-enabled/backup.py
echo "# Backup the existing old backup on the SDcard"
@ -107,8 +117,9 @@ elif [ "$1" = off ]; then
echo "# Removing the backup.lock file"
sudo rm -f /home/bitcoin/.lightning/${CLNETWORK}/backup.lock
elif [ "$1" = restore ];then
elif
[ "$1" = restore ]
then
install
@ -118,7 +129,7 @@ elif [ "$1" = restore ];then
sudo systemctl stop ${netprefix}lightningd
# https://github.com/lightningd/plugins/tree/master/backup#restoring-a-backup
# ./backup-cli restore file:///mnt/external/location ~/.lightning/bitcoin/lightningd.sqlite3
# poetry run ./backup-cli restore file:///mnt/external/location ~/.lightning/bitcoin/lightningd.sqlite3
# make sure to not overwrite old database
if sudo ls /home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3; then
@ -132,7 +143,8 @@ elif [ "$1" = restore ];then
fi
# restore
sudo -u bitcoin ${plugindir}/backup/backup-cli restore \
cd ${plugindir}/backup/ || exit 1
sudo -u bitcoin poetry run ./backup-cli restore \
file:///home/bitcoin/${netprefix}lightningd.sqlite3.backup \
/home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3
@ -143,8 +155,9 @@ elif [ "$1" = restore ];then
fi
fi
elif [ "$1" = backup-compact ];then
elif
[ "$1" = backup-compact ]
then
# https://github.com/lightningd/plugins/tree/master/backup#performing-backup-compaction
dbPath="/home/bitcoin/.lightning/${CLNETWORK}/lightningd.sqlite3"
backupPath="/home/bitcoin/${netprefix}lightningd.sqlite3.backup"

4
home.admin/config.scripts/cl-plugin.cln-grpc.sh
View file

@ -35,6 +35,8 @@ function buildGRPCplugin() {
echo "# - install Core Lightning ..."
/home/admin/config.scripts/cl.install.sh install || exit 1
fi
echo "# install dependencies"
sudo apt-get install protobuf-compiler -y
echo "# rust for cln-grpc, includes rustfmt"
sudo -u bitcoin curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u bitcoin sh -s -- -y
cd /home/bitcoin/lightning/plugins/grpc-plugin || exit 1
@ -61,7 +63,7 @@ function switchOn() {
# symlink to plugin directory
echo "# symlink cln-grpc to /home/bitcoin/${netprefix}cl-plugins-enabled/"
# delete old symlink
sudo rm /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc
sudo rm -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc
sudo ln -s /home/bitcoin/cl-plugins-available/cln-grpc /home/bitcoin/${netprefix}cl-plugins-enabled/
# blitz.conf.sh set [key] [value] [?conffile] <noquotes>

2
home.admin/config.scripts/cl-plugin.standard-python.sh
View file

@ -43,7 +43,7 @@ if [ "$1" = "on" ];then
fi
else
if [ $($lightningcli_alias | grep -c "${plugin}") -eq 0 ];then
if [ $($lightningcli_alias | grep -c "/${plugin}") -eq 0 ]; then
echo "# Just start the ${plugin} plugin"
sudo -u bitcoin pip install -r /home/bitcoin/cl-plugins-available/plugins/${plugin}/requirements.txt
$lightningcli_alias plugin start /home/bitcoin/cl-plugins-available/plugins/${plugin}/${plugin}.py

6
home.admin/config.scripts/cl.backup.sh
View file

@ -188,9 +188,9 @@ if [ ${mode} = "cl-export-gui" ]; then
echo "*******************************************"
echo
echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:"
echo "sftp '${fileowner}@${localip}:${filename}' ./"
echo "scp '${fileowner}@${localip}:${filename}' ./"
echo "ON WINDOWS - RUN IN CMD:"
echo "sftp ${fileowner}@${localip}:${filename} ."
echo "scp ${fileowner}@${localip}:${filename} ."
echo
echo "Use password A to authenticate file transfer."
echo "Check for correct file size after transfer: ${size} byte"
@ -291,7 +291,7 @@ if [ ${mode} = "cl-import-gui" ]; then
echo "To make upload open a new terminal on your laptop,"
echo "change into the directory where your cl-rescue file is and"
echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:"
echo "sftp -r ./cl-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo "scp -r ./cl-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo
echo "Use ${passwordInfo} to authenticate file transfer."
echo "PRESS ENTER when upload is done"

106
home.admin/config.scripts/cl.install.sh
View file

@ -2,16 +2,20 @@
# https://lightning.readthedocs.io/
# https://github.com/ElementsProject/lightning/releases
CLVERSION=v22.11.1
CLVERSION=v23.02.2
# install the latest master by using the last commit id
# https://github.com/ElementsProject/lightning/commit/master
# CLVERSION="063366ed7e3b7cc12a8d1681acc2b639cf07fa23"
# PGPsigner="endothermicdev"
# PGPpubkeyLink="https://github.com/${PGPsigner}.gpg"
# PGPpubkeyFingerprint="8F55EE750D950E3E"
# https://github.com/ElementsProject/lightning/tree/master/contrib/keys
PGPsigner="cdecker" # rustyrussel D9200E6CD1ADB8F1 # cdecker A26D6D9FE088ED58 # niftynei BFF0F67810C1EED1
PGPsigner="rustyrussell" # rustyrussell D9200E6CD1ADB8F1 # cdecker A26D6D9FE088ED58 # niftynei BFF0F67810C1EED1 # endothermicdev 8F55EE750D950E3E
PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/${PGPsigner}.txt"
PGPpubkeyFingerprint="A26D6D9FE088ED58"
PGPpubkeyFingerprint="D9200E6CD1ADB8F1"
# help
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
@ -30,8 +34,7 @@ if [ $# -eq 0 ]||[ "$1" = "-h" ]||[ "$1" = "--help" ];then
exit 1
fi
function installDependencies()
{
function installDependencies() {
echo "- installDependencies()"
# from https://lightning.readthedocs.io/INSTALL.html#to-build-on-ubuntu
sudo apt-get install -y \
@ -44,16 +47,15 @@ function installDependencies()
sudo pip3 install --upgrade pip
sudo -u bitcoin pip install mako
# poetry
sudo -u bitcoin pip3 install --user poetry
if ! grep -Eq '^PATH="$HOME/.local/bin:$PATH"' /mnt/hdd/raspiblitz.conf; then
sudo pip3 install poetry
if ! grep -Eq '^PATH="$HOME/.local/bin:$PATH"' /home/bitcoin/.profile; then
echo 'PATH="$HOME/.local/bin:$PATH"' | sudo tee -a /home/bitcoin/.profile
fi
export PATH="home/bitcoin/.local/bin:$PATH"
sudo -u bitcoin /home/bitcoin/.local/bin/poetry install
sudo -u bitcoin poetry install
}
function buildAndInstallCLbinaries()
{
function buildAndInstallCLbinaries() {
echo "- Configuring EXPERIMENTAL_FEATURES enabled"
echo
sudo -u bitcoin ./configure --enable-experimental-features
@ -116,68 +118,9 @@ if [ "$1" = "install" ]; then
# check if the binary is already installed
if [ -f /usr/local/bin/lightningd ]; then
echo "Core Lightning binary already installed - done"
exit 1
exit 0
fi
## Download and verify zip
# # prepare download dir
# sudo rm -rf /home/bitcoin/download
# sudo -u bitcoin mkdir -p /home/bitcoin/download
# cd /home/bitcoin/download || exit 1
#
# sudo -u bitcoin wget -O "pgp_keys.asc" ${PGPpubkeyLink}
# sudo -u bitcoin gpg --import --import-options show-only ./pgp_keys.asc
# fingerprint=$(gpg "pgp_keys.asc" 2>/dev/null | grep "${PGPpubkeyFingerprint}" -c)
# if [ ${fingerprint} -lt 1 ]; then
# echo
# echo "# WARNING --> the PGP fingerprint is not as expected for ${PGPsigner}"
# echo "Should contain PGP: ${PGPpubkeyFingerprint}"
# echo "PRESS ENTER to TAKE THE RISK if you think all is OK"
# read key
# fi
# sudo -u bitcoin gpg --import ./pgp_keys.asc
#
# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/SHA256SUMS
# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/SHA256SUMS.asc
#
# verifyResult=$(LANG=en_US.utf8; sudo -u bitcoin gpg --verify SHA256SUMS.asc 2>&1)
#
# goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c)
# echo "goodSignature(${goodSignature})"
# correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${PGPpubkeyFingerprint}" -c)
# echo "correctKey(${correctKey})"
# if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then
# echo
# echo "# DOWNLOAD FAILED --> PGP verification not OK / signature(${goodSignature}) verify(${correctKey})"
# exit 1
# else
# echo
# echo "****************************************************************"
# echo "OK --> the PGP signature of the Core Lightning SHA256SUMS is correct"
# echo "****************************************************************"
# echo
# fi
#
# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/clightning-${CLVERSION}.zip
#
# hashCheckResult=$(sha256sum -c SHA256SUMS 2>&1)
# goodHash=$(echo ${hashCheckResult} | grep 'OK' -c)
# echo "goodHash(${goodHash})"
# if [ ${goodHash} -lt 1 ]; then
# echo
# echo "# BUILD FAILED --> Hash check not OK"
# exit 1
# else
# echo
# echo "********************************************************************"
# echo "OK --> the hash of the downloaded Core Lightning source code is correct"
# echo "********************************************************************"
# echo
# fi
#
# sudo -u bitcoin unzip clightning-${CLVERSION}.zip
# cd clightning-${CLVERSION} || exit 1
# download and verify the source from github
cd /home/bitcoin || exit 1
echo
@ -284,8 +227,10 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then
installDependencies
currentCLversion=$(cd /home/bitcoin/lightning 2>/dev/null; \
git describe --tags 2>/dev/null)
currentCLversion=$(
cd /home/bitcoin/lightning 2>/dev/null
git describe --tags 2>/dev/null
)
echo "# Building from source Core Lightning $currentCLversion"
buildAndInstallCLbinaries
@ -296,7 +241,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then
##########
# make sure binary is installed (will skip if already done)
/home/admin/config.scripts/cl.install.sh install
/home/admin/config.scripts/cl.install.sh install || exit 1
echo "# Make sure bitcoin is in the ${TORGROUP} group"
sudo usermod -a -G ${TORGROUP} bitcoin
@ -364,7 +309,9 @@ always-use-proxy=true
#############
echo
echo "# Set logrotate for ${netprefix}lightningd"
if ! sudo ls /home/bitcoin/.lightning/${CLNETWORK}/cl.log_old; then
sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK}/cl.log_old
fi
echo "\
/home/bitcoin/.lightning/${CLNETWORK}/cl.log
{
@ -376,10 +323,6 @@ always-use-proxy=true
notifempty
nocompress
sharedscripts
# We don't need to kill as we use copytruncate
#postrotate
# kill -HUP \`cat /run/lightningd/lightningd.pid\'
#endscript
su bitcoin bitcoin
}" | sudo tee /etc/logrotate.d/${netprefix}lightningd
# debug:
@ -387,7 +330,7 @@ always-use-proxy=true
echo
sudo -u admin touch /home/admin/_aliases
if ! grep -Eq "${netprefix}lightning-cli" /home/admin/_aliases; then
if ! grep -Eq "^alias ${netprefix}lightning-cli" /home/admin/_aliases; then
echo "# Adding aliases"
echo "\
alias ${netprefix}lightning-cli=\"sudo -u bitcoin /usr/local/bin/lightning-cli\
@ -396,8 +339,7 @@ alias ${netprefix}cl=\"sudo -u bitcoin /usr/local/bin/lightning-cli\
--conf=${CLCONF}\"
alias ${netprefix}cllog=\"sudo\
tail -n 30 -f /home/bitcoin/.lightning/${CLNETWORK}/cl.log\"
alias ${netprefix}clconf=\"sudo\
nano ${CLCONF}\"
alias ${netprefix}clconf=\"sudo nano ${CLCONF}\"
" | sudo tee -a /home/admin/_aliases
sudo chown admin:admin /home/admin/_aliases
fi
@ -432,6 +374,7 @@ alias ${netprefix}clconf=\"sudo\
fi
# if this is the first lightning mainnet turned on - make default
[ "${lightning}" == "none" ] && lightning=""
if [ "${CHAIN}" == "mainnet" ] && [ "${lightning}" == "" ]; then
echo "# CL is now the default lightning implementation"
/home/admin/config.scripts/blitz.conf.sh set lightning cl
@ -466,8 +409,7 @@ if [ "$1" = "display-seed" ]; then
#echo "# seedwords6x4(${seedwords6x4})"
if [ ${#seedwords6x4} -gt 0 ]; then
ack=0
while [ ${ack} -eq 0 ]
do
while [ ${ack} -eq 0 ]; do
whiptail --title "Core Lightning ${displayNetwork} Wallet" \
--msgbox "This is your Core Lightning ${displayNetwork} wallet seed. Store these numbered words in a safe location:\n\n${seedwords6x4}" 13 76
whiptail --title "Please Confirm" --yes-button "Show Again" --no-button "CONTINUE" --yesno " Are you sure that you wrote down the word list?" 8 55

10
home.admin/config.scripts/cl.rest.sh
View file

@ -1,18 +1,18 @@
#!/bin/bash
# https://github.com/Ride-The-Lightning/c-lightning-REST/releases/
CLRESTVERSION="v0.9.0"
CLRESTVERSION="v0.10.2"
# help
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo
echo "Core-Lightning-REST install script"
echo "The default version is: $CLRESTVERSION"
echo "mainnet | testnet | signet instances can run parallel"
echo
echo "Usage:"
echo "cl.rest.sh [on|off|connect] <mainnet|testnet|signet> [?key-value]"
echo
echo "cl.rest.sh on <mainnet|testnet|signet>"
echo "cl.rest.sh connect <mainnet|testnet|signet> [?key-value]"
echo "cl.rest.sh off <mainnet|testnet|signet> <purge>"
exit 1
fi
@ -163,7 +163,7 @@ if [ "$1" = on ]; then
\"RPCCOMMANDS\": [\"*\"]
}" | sudo -u bitcoin tee ./${CLNETWORK}/cl-rest-config.json
# copy clrest to a CLNETWORK subdor to make parallel networks possible
# copy clrest to a CLNETWORK subdir to make parallel networks possible
sudo -u bitcoin mkdir /home/bitcoin/c-lightning-REST/${CLNETWORK}
sudo -u bitcoin cp -r /home/bitcoin/c-lightning-REST/* \
/home/bitcoin/c-lightning-REST/${CLNETWORK}

2
home.admin/config.scripts/internet.sh
View file

@ -134,7 +134,7 @@ if [ ${runOnline} -eq 1 ]; then
fi
if [ ${online} -eq 0 ]; then
# test with netcat to avoid firewall issues with ICMP packets
online=$(nc -v -z -w 8.8.8.8 53 &> /dev/null && echo "1" || echo "0")
online=$(nc -v -z -w 3 8.8.8.8 53 &> /dev/null && echo "1" || echo "0")
fi
if [ ${online} -eq 0 ]; then
# re-test with other server

10
home.admin/config.scripts/lnd.backup.sh
View file

@ -198,9 +198,9 @@ if [ ${mode} = "lnd-export-gui" ]; then
echo "********************************"
echo
echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:"
echo "sftp '${fileowner}@${localip}:${filename}' ./"
echo "scp '${fileowner}@${localip}:${filename}' ./"
echo "ON WINDOWS - RUN IN CMD:"
echo "sftp ${fileowner}@${localip}:${filename} ."
echo "scp ${fileowner}@${localip}:${filename} ."
echo "Use password A to authenticate file transfer."
echo
echo "Check for correct file size after transfer: ${size} byte"
@ -299,7 +299,7 @@ if [ ${mode} = "lnd-import-gui" ]; then
echo "To make upload open a new terminal on your laptop,"
echo "change into the directory where your lnd-rescue file is and"
echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:"
echo "sftp -r ./lnd-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo "scp -r ./lnd-rescue-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo
echo "Use ${passwordInfo} to authenticate file transfer."
echo "PRESS ENTER when upload is done"
@ -413,7 +413,7 @@ if [ ${mode} = "scb-export-gui" ]; then
echo "**************************************"
echo
echo "RUN THE FOLLOWING COMMAND ON YOUR LAPTOP IN NEW TERMINAL:"
echo "sftp -r ${fileuser}@${localip}:${filename} ./"
echo "scp -r ${fileuser}@${localip}:${filename} ./"
echo ""
echo "Use password A to authenticate file transfer."
echo
@ -492,7 +492,7 @@ if [ ${mode} = "scb-import-gui" ]; then
echo "To make upload open a new terminal and change,"
echo "into the directory where your lnd-rescue file is and"
echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:"
echo "sftp ./channel.backup ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo "scp ./channel.backup ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo ""
echo "Use ${passwordInfo} to authenticate file transfer."
echo "PRESS ENTER when upload is done."

4
home.admin/config.scripts/lnd.export.sh
View file

@ -154,10 +154,10 @@ elif [ "${exportType}" = "sftp" ]; then
echo "The password needed during download is your Password A."
echo ""
echo "Macaroons:"
echo "sftp bitcoin@${local_ip}:/home/bitcoin/.lnd/data/chain/${network}/${chain}net/\*.macaroon ./"
echo "scp bitcoin@${local_ip}:/home/bitcoin/.lnd/data/chain/${network}/${chain}net/\*.macaroon ./"
echo ""
echo "TLS Certificate:"
echo "sftp bitcoin@${local_ip}:/home/bitcoin/.lnd/tls.cert ./"
echo "scp bitcoin@${local_ip}:/home/bitcoin/.lnd/tls.cert ./"
echo ""
###########################

14
home.admin/config.scripts/lnd.install.sh
View file

@ -4,17 +4,17 @@
## based on https://raspibolt.github.io/raspibolt/raspibolt_40_lnd.html#lightning-lnd
## see LND releases: https://github.com/lightningnetwork/lnd/releases
### If you change here - make sure to also change interims version in lnd.update.sh #!
lndVersion="0.15.5-beta"
lndVersion="0.16.0-beta"
# olaoluwa
PGPauthor="roasbeef"
PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696"
#PGPauthor="roasbeef"
#PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
#PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696"
# guggero
#PGPauthor="guggero"
#PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
#PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
PGPauthor="guggero"
PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
# bitconner
#PGPauthor="bitconner"

2
home.admin/config.scripts/lndlibs/README.md
View file

@ -21,7 +21,7 @@ cp ./*.proto ./protobuffs
Now copy the generated RPC libs per SFTP over to your Laptop and add them to the `/home/admin/config.scripts/lndlibs`.
sftp -r admin@192.168.X.X:/home/admin/protobuffs ./protobuffs
scp -r admin@192.168.X.X:/home/admin/protobuffs ./protobuffs
Make sure the first lines (ignore comments) of the `lightning_pb2_grpc.py` look like the following for python3 compatibility:
```

2
home.admin/setup.scripts/dialogMigration.sh
View file

@ -55,7 +55,7 @@ if [ "${migrationOS}" == "raspiblitz" ]; then
echo "ON YOUR LAPTOP open a new terminal and change into"
echo "the directory where your migration file is and"
echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:"
echo "sftp -r ./raspiblitz-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo "scp -r ./raspiblitz-*.tar.gz ${defaultUploadUser}@${localip}:${defaultUploadPath}/"
echo ""
echo "Use password 'raspiblitz' to authenticate file transfer."
echo "PRESS ENTER when upload is done."