mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2025-02-24 14:51:03 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'dev' into updates

Browse source
This commit is contained in:
openoms 2022-05-10 08:43:34 +01:00 committed by GitHub
commit 1c74739a12
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
48 changed files with 898 additions and 578 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
FAQ.md
View file

@ -630,7 +630,7 @@ Work notes for the process of producing a new SD card image release:
* Start [`Ubuntu LIVE`](http://releases.ubuntu.com/18.04.3/ubuntu-18.04.3-desktop-amd64.iso) from USB stick
* Under Settings: best to set correct keyboard language & power settings to prevent monitor turn off
* Connect to a secure WiFi (hardware switch on) or LAN
* Download the latest RaspiOS-64bit (zip & sig file) namend in the [build_sdcard.sh](./build_sdcard.sh) and note the SHA256 checksum
* Download the latest RaspiOS-64bit (zip/xz & sig file) namend in the [build_sdcard.sh](./build_sdcard.sh) and note the SHA256 checksum
* From the browser `Show All Downloads` and from the context menu select `Open Containing Folder`
* On that file manager open context (right click) on the white-space and select `Open in Terminal`
* Compare the checksum with the one you just made note of, using `shasum -a 256 *.zip`
@ -638,12 +638,13 @@ Work notes for the process of producing a new SD card image release:
* Check signature: `curl https://www.raspberrypi.org/raspberrypi_downloads.gpg.key | gpg --import && gpg --verify *.sig`
* The result should say "correct signature" and the fingerprint should end with `8738 CD6B 956F 460C`
* Insert an NTFS formatted USB stick and use the file manager to move all files to the USB
* Use in file manager context on NTFS USB stick `extract here` to unzip
* If image is an ZIP file use in file manager context on NTFS USB stick `extract here` to unzip
* Download script for later with `curl https://raw.githubusercontent.com/Drewsif/PiShrink/master/pishrink.sh > pishrink.sh`
* Connect SD card reader with a SD card (16GB recommended)
* In the file manager open context on the .img-file, select `Open With Disk Image Writer` and write the image to the SD card
* In the file manager open context on `boot` drive free space `open in terminal`
* Run the commands: `touch ssh` and `exit`
* Run the commands `touch ssh`
* Run the command: `echo "pi:\$6\$TE7HmruYY9EaNiKP\$Vz0inJ6gaoJgJvQrC5z/HMDRMTN2jKhiEnG83tc1Jsw7lli5MYdeA83g3NOVCsBaTVW4mUBiT/1ZRWYdofVQX0" > userconf` and `exit`
* Eject the `boot` and the `NTFS` volume
* Connect a RaspiBlitz (without HDD) to network, insert sd card and power up
* Find the IP of the RaspiBlitz (arp -a or check router)

1
README.md
View file

@ -1429,6 +1429,7 @@ But if you want to build that image yourself - here is a quick guide:
* Get a latest RaspiOS 64-bit: [DOWNLOAD](https://downloads.raspberrypi.org/raspios_arm64/images).
* Write the image to an SD card: [TUTORIAL](https://www.raspberrypi.org/documentation/installation/installing-images/README.md).
* Add a file called `ssh` to the root of the SD card when mounted on your laptop to enable SSH login.
* Add a file called `userconf` next to the empty `ssh` file that contains the just the string `pi:$6$p2DNwHsYzR06mVFX$jwZnOo5Jl/6pEMFFowpUBqM7E0Rz8vEtXtupwxuXZA7eqyKxDk8barhYZ24ei/JEP4e8Jr0mOvRThASuUxIAZ0`.
* Start the card on a Raspi and login via SSH with `ssh pi@[IP-OF-YOUR-RASPI]`. Password is `raspberry`.
Now you are ready to start the SD card build script (check the code to see if the installation and config are OK for you).

93
build_sdcard.sh
View file

@ -1,9 +1,9 @@
#!/usr/bin/env bash
#########################################################################
# Build your SD card image based on: 2022-01-28-raspios-bullseye-arm64.zip
# https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2022-01-28/
# SHA256: c6f583fab8ed8d84bdf272d095c821fa70d2a0b434ba78432648f69b661d3783
# Build your SD card image based on: 2022-04-04-raspios-bullseye-arm64.img.xz
# https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2022-04-07/
# SHA256: 5adcab7a063310734856adcdd2041c8d58f65c185a3383132bc758886528a93d
# PGP fingerprint: 8738CD6B956F460C
# PGP key: https://www.raspberrypi.org/raspberrypi_downloads.gpg.key
# setup fresh SD card with image above - login per SSH and run this script:
@ -287,7 +287,7 @@ echo -e "\n*** SOFTWARE UPDATE ***"
# psmisc -> install killall, fuser
# ufw -> firewall
# sqlite3 -> database
general_utils="policykit-1 htop git curl bash-completion vim jq dphys-swapfile bsdmainutils autossh telnet vnstat parted dosfstools btrfs-progs fbi sysbench build-essential dialog bc python3-dialog unzip"
general_utils="policykit-1 htop git curl bash-completion vim jq dphys-swapfile bsdmainutils autossh telnet vnstat parted dosfstools btrfs-progs fbi sysbench build-essential dialog bc python3-dialog unzip whois"
python_dependencies="python3-venv python3-dev python3-wheel python3-jinja2 python3-pip"
server_utils="rsync net-tools xxd netcat openssh-client openssh-sftp-server sshpass psmisc ufw sqlite3"
[ "${baseimage}" = "armbian" ] && armbian_dependencies="armbian-config" # add armbian-config
@ -706,33 +706,6 @@ if [ "${baseimage}" = "raspios_arm64" ] || [ "${baseimage}" = "debian_rpi64" ];
sudo sed -i "s/^dtparam=i2c_arm=.*//g" /boot/config.txt
fi
# *** FATPACK *** (can be activated by parameter - see details at start of script)
if ${fatpack}; then
echo -e "\n*** FATPACK ***"
echo "* Adding nodeJS Framework ..."
sudo /home/admin/config.scripts/bonus.nodejs.sh on
if [ "$?" != "0" ]; then
echo "FATPACK FAILED"
exit 1
fi
echo "* Optional Packages (may be needed for extended features)"
sudo apt install -y qrencode secure-delete fbi ssmtp unclutter xterm python3-pyqt5 xfonts-terminus apache2-utils nginx python3-jinja2 socat libatlas-base-dev hexyl autossh
# *** UPDATE FALLBACK NODE LIST (only as part of fatpack) *** see https://github.com/rootzoll/raspiblitz/issues/1888
echo "*** FALLBACK NODE LIST ***"
sudo -u admin curl -H "Accept: application/json; indent=4" https://bitnodes.io/api/v1/snapshots/latest/ -o /home/admin/fallback.nodes
byteSizeList=$(sudo -u admin stat -c %s /home/admin/fallback.nodes)
if [ ${#byteSizeList} -eq 0 ] || [ ${byteSizeList} -lt 10240 ]; then
echo "WARN: Failed downloading fresh FALLBACK NODE LIST --> https://bitnodes.io/api/v1/snapshots/latest/"
sudo rm /home/admin/fallback.nodes 2>/dev/null
sudo cp /home/admin/assets/fallback.nodes /home/admin/fallback.nodes
fi
sudo chown admin:admin /home/admin/fallback.nodes
else
echo "* skipping FATPACK"
fi
# *** BOOTSTRAP ***
echo -e "\n*** RASPI BOOTSTRAP SERVICE ***"
sudo chmod +x /home/admin/_bootstrap.sh
@ -760,24 +733,54 @@ echo
echo
/home/admin/config.scripts/bitcoin.install.sh install || exit 1
#######
# LND #
#######
echo
if ${fatpack}; then
/home/admin/config.scripts/lnd.install.sh install || exit 1
else
echo -e "\nSkipping LND install - let user install later if needed ..."
fi
# *** BLITZ WEB SERVICE ***
echo "Provisioning BLITZ WEB SERVICE"
/home/admin/config.scripts/blitz.web.sh http-on
###############
# C-LIGHTNING #
###############
echo
# *** FATPACK *** (can be activated by parameter - see details at start of script)
if ${fatpack}; then
echo -e "\n*** FATPACK ***"
echo "* Adding nodeJS Framework ..."
sudo /home/admin/config.scripts/bonus.nodejs.sh on
if [ "$?" != "0" ]; then
echo "FATPACK FAILED"
exit 1
fi
echo "* Optional Packages (may be needed for extended features)"
sudo apt install -y qrencode secure-delete fbi ssmtp unclutter xterm python3-pyqt5 xfonts-terminus apache2-utils nginx python3-jinja2 socat libatlas-base-dev hexyl autossh
echo "* Adding lnd ..."
/home/admin/config.scripts/lnd.install.sh install || exit 1
echo "* Adding c-lightning ..."
/home/admin/config.scripts/cl.install.sh install || exit 1
# *** UPDATE FALLBACK NODE LIST (only as part of fatpack) *** see https://github.com/rootzoll/raspiblitz/issues/1888
echo "*** FALLBACK NODE LIST ***"
sudo -u admin curl -H "Accept: application/json; indent=4" https://bitnodes.io/api/v1/snapshots/latest/ -o /home/admin/fallback.nodes
byteSizeList=$(sudo -u admin stat -c %s /home/admin/fallback.nodes)
if [ ${#byteSizeList} -eq 0 ] || [ ${byteSizeList} -lt 10240 ]; then
echo "WARN: Failed downloading fresh FALLBACK NODE LIST --> https://bitnodes.io/api/v1/snapshots/latest/"
sudo rm /home/admin/fallback.nodes 2>/dev/null
sudo cp /home/admin/assets/fallback.nodes /home/admin/fallback.nodes
fi
sudo chown admin:admin /home/admin/fallback.nodes
echo "* Adding Raspiblitz API ..."
sudo /home/admin/config.scripts/blitz.web.api.sh on
echo "* Adding Raspiblitz WebUI ..."
sudo /home/admin/config.scripts/blitz.web.ui.sh on
# set build code as new default
sudo rm -r /home/admin/assets/nginx/www_public
sudo cp -a /root/blitz_web/build/* /home/admin/assets/nginx/www_public
sudo chown admin:admin /home/admin/assets/nginx/www_public
sudo rm -r /root/blitz_web/build/*
else
echo -e "\nSkipping c-lightning install - let user install later if needed ..."
echo "* skipping FATPACK"
fi
echo

14
home.admin/00infoBlitz.sh
View file

@ -52,7 +52,12 @@ if [ "${PARAMETER_LIGHTNING}" == "none" ]; then
lightning=""
fi
# set colors
color_red='\033[0;31m'
color_green='\033[0;32m'
color_amber='\033[0;33m'
color_yellow='\033[1;93m'
color_gray='\033[0;37m'
# generate netprefix
netprefix=${chain:0:1}
@ -72,13 +77,6 @@ if [ "${system_ups_status}" = "SHUTTING DOWN" ]; then
upsInfo="${color_red}DOWN"
fi
# set colors
color_red='\033[0;31m'
color_green='\033[0;32m'
color_amber='\033[0;33m'
color_yellow='\033[1;93m'
color_gray='\033[0;37m'
# check hostname
if [ ${#hostname} -eq 0 ]; then hostname="raspiblitz"; fi

2
home.admin/00mainMenu.sh
View file

@ -325,7 +325,7 @@ case $CHOICE in
/home/admin/98repairMenu.sh
;;
PASSWORD)
sudo /home/admin/config.scripts/blitz.setpassword.sh
sudo /home/admin/config.scripts/blitz.passwords.sh set
;;
UPDATE)
/home/admin/99updateMenu.sh

2
home.admin/99lndRepairMenu.sh
View file

@ -47,7 +47,7 @@ getpasswordC() # from dialogPasswords.sh
{
# temp file for password results
_temp="/var/cache/raspiblitz/temp/.temp.tmp"
sudo /home/admin/config.scripts/blitz.setpassword.sh x "PASSWORD C - Lightning Wallet Password" $_temp
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD C - Lightning Wallet Password" $_temp
passwordC=$(sudo cat $_temp)
sudo rm $_temp
dialog --backtitle "RaspiBlitz - Setup" --msgbox "\nThanks - Password C accepted.\n\nAlways use this password to \nunlock your Lightning Wallet." 10 34

8
home.admin/_background.scan.sh
View file

@ -996,13 +996,19 @@ do
ln_all_sync_initial_done=""
ln_default_sync_initial_done=""
blitz_sync_initial_done="${btc_all_sync_initial_done}"
blitz_default_sync_initial_done="${btc_default_sync_initial_done}"
else
# only if all btc & ln sync done - the complete blitz has done syncing
# only if ALL btc & ln sync done (multiple can be active) - the complete blitz has done syncing
if [ "${btc_all_sync_initial_done}" == "1" ] && [ "${ln_all_sync_initial_done}" == "1" ]; then
blitz_sync_initial_done="1"
fi
# only if DEFAULT btc & ln sync done - the complete blitz has done syncing
if [ "${btc_default_sync_initial_done}" == "1" ] && [ "${ln_default_sync_initial_done}" == "1" ]; then
blitz_default_sync_initial_done="1"
fi
fi
/home/admin/_cache.sh set blitz_sync_initial_done "${blitz_sync_initial_done}"
/home/admin/_cache.sh set blitz_default_sync_initial_done "${blitz_default_sync_initial_done}"
/home/admin/_cache.sh set btc_default_sync_initial_done "${btc_default_sync_initial_done}"
/home/admin/_cache.sh set btc_all_sync_initial_done "${btc_all_sync_initial_done}"
/home/admin/_cache.sh set ln_default_sync_initial_done "${ln_default_sync_initial_done}"

11
home.admin/_background.sh
View file

@ -55,6 +55,17 @@ do
continue
fi
####################################################
# Trigger Final Setup
####################################################
if [ "${setupPhase}" != "done" ] && [ "${state}" == "donefinal" ]; then
echo "trigger final setup tasks & reboot ..."
/home/admin/_provision.xfinal.sh
sleep 120
exit
fi
####################################################
# SKIP REST OF THE TASKS IF STILL IN SETUP PHASE
####################################################

121
home.admin/_bootstrap.sh
View file

@ -40,6 +40,10 @@ echo "***********************************************" >> $logFile
# make sure SSH server is configured & running
sudo /home/admin/config.scripts/blitz.ssh.sh checkrepair >> ${logFile}
# make sure /var/cache/raspiblitz/temp exists
sudo mkdir -p /var/cache/raspiblitz/temp
sudo chmod 777 /var/cache/raspiblitz/temp
################################
# INIT raspiblitz.info
################################
@ -454,9 +458,21 @@ if [ ${isMounted} -eq 0 ]; then
# determine correct setup phase
infoMessage="Please Login for Setup"
setupPhase="setup"
if [ "${hddGotMigrationData}" != "" ]; then
infoMessage="Please Login for Migration"
setupPhase="migration"
# check if lightning is outdated
migrationMode="normal"
if [ "${hddVersionLND}" != "" ]; then
# get local lnd version & check compatibility
source <(/home/admin/config.scripts/lnd.install.sh info "${hddVersionLND}")
if [ "${compatible}" != "1" ]; then
migrationMode="outdatedLightning"
fi
fi
/home/admin/_cache.sh set migrationMode "${migrationMode}"
elif [ "${hddRaspiData}" == "1" ]; then
# determine if this is a recovery or an update
@ -527,6 +543,109 @@ if [ ${isMounted} -eq 0 ]; then
# mark system on sd card as in setup process
echo "the provision process was started but did not finish yet" > /home/admin/provision.flag
# get fresh data from setup file & data drive
source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
source ${setupFile}
# special setup tasks (triggered by api/webui thru setupfile)
# FORMAT DATA DRIVE
if [ "${formatHDD}" == "1" ]; then
echo "# special setup tasks: FORMAT DATA DRIVE" >> ${logFile}
# check if there is a flag set on sd card boot section to format as btrfs (experimental)
filesystem="ext4"
flagBTRFS=$(sudo ls /boot/btrfs* 2>/dev/null | grep -c btrfs)
if [ "${flagBTRFS}" != "0" ]; then
echo "Found BTRFS flag ---> formatting with experimental BTRFS filesystem" >> ${logFile}
filesystem="btrfs"
fi
# run formatting
error=""
/home/admin/_cache.sh set state "formathdd"
echo "Running Format: (${filesystem}) (${hddCandidate})" >> ${logFile}
source <(sudo /home/admin/config.scripts/blitz.datadrive.sh format ${filesystem} ${hddCandidate})
if [ "${error}" != "" ]; then
echo "FAIL ON FORMATTING THE DRIVE:" >> ${logFile}
echo "${error}" >> ${logFile}
echo "Please report as issue on the raspiblitz github." >> ${logFile}
/home/admin/_cache.sh set state "errorHDD"
/home/admin/_cache.sh set message "Fail Format (${filesystem})"
exit 1
fi
/home/admin/_cache.sh set setupPhase "setup"
fi
# CLEAN DRIVE & KEEP BLOCKCHAIN
if [ "${cleanHDD}" == "1" ]; then
echo "# special setup tasks: CLEAN DRIVE & KEEP BLOCKCHAIN" >> ${logFile}
# when blockchain comes from another node migrate data first
if [ "${hddGotMigrationData}" != "" ]; then
clear
echo "Migrating Blockchain of ${hddGotMigrationData}'" >> ${logFile}
source <(sudo /home/admin/config.scripts/blitz.migration.sh migration-${hddGotMigrationData})
if [ "${err}" != "" ]; then
echo "MIGRATION OF BLOCKHAIN FAILED: ${err}" >> ${logFile}
echo "Format data disk on laptop & recover funds with fresh sd card using seed words + static channel backup." >> ${logFile}
/home/admin/_cache.sh set state "errorHDD"
/home/admin/_cache.sh set message "Fail Migrate Blockchain (${hddGotMigrationData})"
exit 1
fi
fi
# delete everything but blockchain
echo "Deleting everything on HDD/SSD while keeping blockchain ..." >> ${logFile}
sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount 1>/dev/null 2>/dev/null
sudo /home/admin/config.scripts/blitz.datadrive.sh clean all -keepblockchain >> ${logFile}
if [ "${error}" != "" ]; then
echo "CLEANING HDD FAILED:" >> ${logFile}
echo "${error}" >> ${logFile}
echo "Please report as issue on the raspiblitz github." >> ${logFile}
/home/admin/_cache.sh set state "errorHDD"
/home/admin/_cache.sh set message "Fail Cleaning HDD"
exit 1
fi
sudo /home/admin/config.scripts/blitz.datadrive.sh unmount >> ${logFile}
/home/admin/_cache.sh set setupPhase "setup"
sleep 2
fi
source <(/home/admin/_cache.sh get state setupPhase)
if [ "${setupPhase}" == "setup" ]; then
echo "# CREATING raspiblitz.conf from your setup choices" >> ${logFile}
if [ "${network}" == "" ]; then
network="bitcoin"
fi
if [ "${chain}" == "" ]; then
chain="main"
fi
# source the raspiblitz version
source /home/admin/_version.info
# prepare & write basic config file
# will first be created and in cache drive
# and some lines below copied to hdd when mounted
TEMPCONFIGFILE="/var/cache/raspiblitz/temp/raspiblitz.conf"
sudo rm $TEMPCONFIGFILE 2>/dev/null
sudo touch $TEMPCONFIGFILE
sudo chown admin:admin $TEMPCONFIGFILE
sudo chmod 777 $TEMPCONFIGFILE
echo "# RASPIBLITZ CONFIG FILE" > $TEMPCONFIGFILE
echo "raspiBlitzVersion='${codeVersion}'" >> $TEMPCONFIGFILE
echo "lcdrotate='1'" >> $TEMPCONFIGFILE
echo "lightning='${lightning}'" >> $TEMPCONFIGFILE
echo "network='${network}'" >> $TEMPCONFIGFILE
echo "chain='${chain}'" >> $TEMPCONFIGFILE
echo "hostname='${hostname}'" >> $TEMPCONFIGFILE
echo "runBehindTor='on'" >> $TEMPCONFIGFILE
fi
# make sure HDD is mounted (could be freshly formatted by user on last loop)
source <(/home/admin/config.scripts/blitz.datadrive.sh status)
echo "Temp mounting (2) data drive (hddFormat='${hddFormat}')" >> ${logFile}
@ -618,7 +737,7 @@ if [ ${isMounted} -eq 0 ]; then
fi
echo "# setting PASSWORD A" >> ${logFile}
sudo /home/admin/config.scripts/blitz.setpassword.sh a "${passwordA}" >> ${logFile}
sudo /home/admin/config.scripts/blitz.passwords.sh set a "${passwordA}" >> ${logFile}
# if setup - run provision setup first
if [ "${setupPhase}" == "setup" ]; then

3
home.admin/_cache.sh
View file

@ -180,6 +180,9 @@ elif [ "$1" = "set" ]; then
sudo sed -i "s/^${keystr}=.*/${keystr}='${valuestr}'/g" ${infoFile}
fi
# TODO:
# also publish new set values on a redis channel called `system`
# get
elif [ "$1" = "get" ]; then

2
home.admin/_provision.migration.sh
View file

@ -62,7 +62,7 @@ if [ "${setPasswordB}" == "1" ]; then
if [ "${passwordB}" != "" ]; then
# set password B as RPC password
echo "# setting PASSWORD B" >> ${logFile}
/home/admin/config.scripts/blitz.setpassword.sh b "${passwordB}" >> ${logFile}
/home/admin/config.scripts/blitz.passwords.sh set b "${passwordB}" >> ${logFile}
else
/home/admin/config.scripts/blitz.error.sh _provision.migration.sh "missing-passwordb" "FAIL: Password B should be set but was empty! Running with default." "" ${logFile}
exit 4

2
home.admin/_provision.setup.sh
View file

@ -85,7 +85,7 @@ echo "File Exists: /mnt/hdd/${network}/${network}.conf --> ${confExists}" >> ${l
# set password B as RPC password (from setup file)
echo "# setting PASSWORD B" >> ${logFile}
/home/admin/config.scripts/blitz.setpassword.sh b "${passwordB}" >> ${logFile}
/home/admin/config.scripts/blitz.passwords.sh set b "${passwordB}" >> ${logFile}
# optimize RAM for blockchain validation (bitcoin only)
if [ "${network}" == "bitcoin" ]; then

40
home.admin/_provision.xfinal.sh Executable file
View file

@ -0,0 +1,40 @@
#!/bin/bash
########################################
# AFTER FINAL SETUP TASKS
echo "# AFTER FINAL SETUP TASKS" >> /home/admin/raspiblitz.log
# signal that setup phase is over
/home/admin/_cache.sh set setupPhase "done"
# source info fresh
source /home/admin/raspiblitz.info
echo "# source /home/admin/raspiblitz.info" >> /home/admin/raspiblitz.log
cat /home/admin/raspiblitz.info >> /home/admin/raspiblitz.log
# make sure network defaults to bitcoin
if [ "${network}" == "" ]; then
echo "# WARN: default network to bitcoin" >> /home/admin/raspiblitz.log
network="bitcoin"
fi
# make sure for future starts that blockchain service gets started after bootstrap
# so deamon reloas needed ... system will go into reboot after last loop
# needs to be after wait loop because otherwise the "restart" on COPY OVER LAN will not work
echo "# Updating service ${network}d.service ..."
sudo sed -i "s/^Wants=.*/Wants=bootstrap.service/g" /etc/systemd/system/${network}d.service
sudo sed -i "s/^After=.*/After=bootstrap.service/g" /etc/systemd/system/${network}d.service
sudo systemctl daemon-reload 2>/dev/null
# delete setup data from RAM
sudo rm /var/cache/raspiblitz/temp/raspiblitz.setup
########################################
# AFTER SETUP REBOOT
# touchscreen activation, start with configured SWAP, fix LCD text bug
sudo cp /home/admin/raspiblitz.log /home/admin/raspiblitz.setup.log
sudo chmod 640 /home/admin/raspiblitz.setup.log
sudo chown root:sudo /home/admin/raspiblitz.setup.log
timeout 120 /home/admin/config.scripts/blitz.shutdown.sh reboot finalsetup
# if system has not rebooted yet - force reboot directly
sudo shutdown -r now

6
home.admin/_provision_.sh
View file

@ -184,11 +184,11 @@ sed -i "s/^setupStep=.*/setupStep=100/g" /home/admin/raspiblitz.info
##########################
/home/admin/_cache.sh set message "Installing Services"
echo "### RUNNING PROVISIONING SERVICES ###" >> ${logFile}
# BLITZ WEB SERVICE
echo "Provisioning BLITZ WEB SERVICE - run config script" >> ${logFile}
/home/admin/config.scripts/blitz.web.sh on >> ${logFile} 2>&1
/home/admin/config.scripts/blitz.web.sh https-on >> ${logFile} 2>&1
echo "### RUNNING PROVISIONING SERVICES ###" >> ${logFile}
# BITCOIN INTERIMS UPDATE
if [ ${#bitcoinInterimsUpdate} -gt 0 ]; then

2
home.admin/_version.info
View file

@ -1,2 +1,2 @@
# RaspiBlitz Version - always [major].[main].[sub] (sub can be a string like '2rc1')
codeVersion="1.7.2"
codeVersion="1.8.0rc1"

4
home.admin/assets/nginx/snippets/proxy-params.conf
View file

@ -6,6 +6,10 @@ proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_read_timeout 600;
proxy_connect_timeout 600
proxy_send_timeout 600;
# remove if not needed
# proxy_set_header X-Forwarded-Host $server_name;

4
home.admin/assets/nginx/snippets/ssl-proxy-params.conf
View file

@ -6,6 +6,10 @@ proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_read_timeout 600;
proxy_connect_timeout 600
proxy_send_timeout 600;
# remove if not needed
# proxy_set_header X-Forwarded-Host $server_name;

11
home.admin/assets/nginx/www_public/css/style.css
View file

@ -1,11 +0,0 @@
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
.rb_logo {
margin: -64px -64px -64px -64px;
height: 223px;
width: 625px;
}

BIN
home.admin/assets/nginx/www_public/favicon.ico
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.1 KiB

BIN
home.admin/assets/nginx/www_public/img/RaspiBlitz_Logo_Main.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 42 KiB

40
home.admin/assets/nginx/www_public/index.html
View file

@ -3,48 +3,16 @@
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>RaspiBlitz Welcome</title>
<!-- custom css goes into status.css -->
<link rel="stylesheet" type="text/css" href="css/style.css">
<title>RaspiBlitz No WebUI</title>
</head>
<body>
<div>
<img src="img/RaspiBlitz_Logo_Main.png" class="rb_logo" alt="RaspiBlitz Logo"/>
<h2 class="text-center">
Welcome Node Operator
</h2>
<p id="userinfo">Please Wait ...</p>
<script>
document.getElementById("userinfo").innerHTML=window.location.hostname;
if (window.location.hostname.endsWith(".onion")) {
document.getElementById("userinfo").innerHTML="onion domain address TODO: redirect on same address to subfolder of /ui"
}
else if ((window.location.hostname.endsWith(".local")) || (window.location.hostname.split(".").length>2)) {
document.getElementById("userinfo").innerHTML="local domain/IP address TODO: give info on download/use Tor and offer onion address for easy copy & paste"
}
else {
document.getElementById("userinfo").innerHTML="unknown hostname: "+window.location.hostname
}
</script>
<h4>Use one the following link to access your RaspiBlitz</h4>
<h4>RaspiBlitz WebUI not Activated</h4>
<p>
Please be aware about HTTPS Certificate Warning! Here is some useful information on that...
This image of RaspiBlitz was build without WebUI & WebAPI. Use SSH to login into your RaspiBlitz.
</p>
<ul>
<li><a href="https://HOST_SET_BY_NGINX/">INFO</a></li>
</ul>
<br>
</div>
</body>
</html>
</html>

21
home.admin/assets/nginx/www_public/ui/index.html
View file

@ -1,21 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>WebUI</title>
</head>
<body>
<div class="container">
<h2 class="text-center">
Welcome
</h2>
</div>
</body>
</html>

2
home.admin/config.scripts/bitcoin.install.sh
View file

@ -15,7 +15,7 @@ if [ "$1" = "install" ]; then
# set version (change if update is available)
# https://bitcoincore.org/en/download/
bitcoinVersion="22.0"
bitcoinVersion="23.0"
# needed to check code signing
# https://github.com/laanwj

10
home.admin/config.scripts/blitz.datadrive.sh
View file

@ -1326,7 +1326,7 @@ if [ "$1" = "tempmount" ]; then
exit 1
fi
if [ "${hddFormat}" = "ext4" ]; then
if [ "${hddFormat}" == "ext4" ]; then
if [ "${hddDataPartitionExt4}" == "" ]; then
echo "error='parameter is no partition'"
@ -1348,7 +1348,7 @@ if [ "$1" = "tempmount" ]; then
isBTRFS=0
fi
elif [ "${hddFormat}" = "btrfs" ]; then
elif [ "${hddFormat}" == "btrfs" ]; then
# get user and groupid if usr/group bitcoin
bitcoinUID=$(id -u bitcoin)
@ -1630,6 +1630,12 @@ if [ "$1" = "clean" ]; then
delete=1
whenDeleteSchredd=1
# dont delete temp - will be deleted on every boot anyway
# but keep in case during setup a migration file was uploaded there
if [ "${entry}" = "temp" ]; then
delete=0
fi
# deactivate delete if a blockchain directory (if -keepblockchain)
if [ "$3" = "-keepblockchain" ]; then
if [ "${entry}" = "bitcoin" ]; then

8
home.admin/config.scripts/blitz.github.sh
View file

@ -168,9 +168,15 @@ sudo -u admin chmod 755 /home/admin/config.scripts/*.py
echo "# ******************************************"
echo "# Syncing Webcontent .."
if [ -d /var/www/public ]; then
sudo mkdir -p /var/www/public
webuiexists=$(ls /home/admin/blitz_web/build/index.html | grep -c "index.html")
if [ ${webuiexists} -eq 0 ]; then
# copy github compiled webui
echo "- update webui with latest default compiled from github"
sudo cp -a /home/admin/assets/nginx/www_public/* /var/www/public
sudo chown www-data:www-data /var/www/public
else
echo "- found user compiled webui (dont overwrite with compiled webui from github)"
fi
echo "# Checking if the content of BlitzPy changed .."

280
home.admin/config.scripts/blitz.setpassword.sh → home.admin/config.scripts/blitz.passwords.sh
View file

@ -1,27 +1,108 @@
#!/bin/bash
# command info
if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
if [ "$1" == "" ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "small config script to set a passwords A,B,C & D"
echo "blitz.setpassword.sh a [?newpassword] "
echo "blitz.setpassword.sh b [?newpassword] "
echo "blitz.setpassword.sh c [?oldpassword] [?newpassword] "
echo "blitz.passwords.sh set a [?newpassword] "
echo "blitz.passwords.sh set b [?newpassword] "
echo "blitz.passwords.sh set c [?oldpassword] [?newpassword] " # will change lnd & core lightning if installed
echo "blitz.passwords.sh check [a|b|c] [passwordToCheck]"
echo "or just as a password enter dialog (result as file)"
echo "blitz.setpassword.sh [x] [text] [result-file] [?empty-allowed]"
echo "blitz.passworda.sh set [x] [text] [result-file] [?empty-allowed]"
exit 1
fi
# check if sudo
if [ "$EUID" -ne 0 ]
then echo "Please run as root (with sudo)"
exit
# check if started with sudo
echo "runningUser='$EUID'"
if [ "$EUID" -ne 0 ]; then
echo "error='need user root'"
exit 1
fi
# trap to delete on any exit
trap 'rm -f $_temp' EXIT
# prepare hased password storage
hashedPasswordSalt=""
hashedPasswordStoragePath="/mnt/hdd/app-data/passwords"
if [ $(df | grep -c "/mnt/hdd") -gt 0 ]; then
# check if path & salt file exists
if [ $(ls ${hashedPasswordStoragePath}/salt.txt | grep -c "salt.txt") -eq 0 ]; then
echo "# creating salt & hashedPasswordStoragePath ..."
mkdir -p ${hashedPasswordStoragePath}
echo "$RANDOM-$(date +%N)" | shasum -a 512 | cut -d " " -f1 | cut -c 1-16 > ${hashedPasswordStoragePath}/salt.txt
chmod 660 ${hashedPasswordStoragePath}/salt.txt
chown -R admin:admin ${hashedPasswordStoragePath}
else
echo "# salt file exists"
fi
hashedPasswordSalt=$(cat ${hashedPasswordStoragePath}/salt.txt)
else
echo "error='hdd not mounted yet - cannot set/check blitz passwords yet'"
echo "correct=0"
exit 1
fi
# tempfile
_temp=$(mktemp -p /dev/shm/)
############################
# CHECKING PASSWORDS
############################
if [ "$1" == "check" ]; then
# brute force protection
# if there was another try within last minute add another 3 seconds delay protection
source <(/home/admin/_cache.sh meta system_password_bruteforceprotection)
/home/admin/_cache.sh set system_password_bruteforceprotection on 60
if [ "${value}" == "on" ] && [ "${stillvalid}" == "1" ]; then
echo "# multiple tries within last minute - respond slow"
sleep 5 # advanced brute force protection
else
echo "# first try within last minute - respond fast"
sleep 1 # basic brute force protection
fi
typeOfPassword=$2
if [ "${typeOfPassword}" != "a" ] && [ "${typeOfPassword}" != "b" ] && [ "${typeOfPassword}" != "c" ]; then
echo "error='unknown password to check'"
echo "correct=0"
exit 1
fi
passwordToCheck=$3
clearedPassword=$(echo "${passwordToCheck}" | tr -dc '[:alnum:]-.' | tr -d ' ')
if [ ${#clearedPassword} -lt ${#passwordToCheck} ]; then
echo "error='password to check contains unvalid chars'"
echo "correct=0"
exit 1
fi
passwordHashSystem=$(cat ${hashedPasswordStoragePath}/${typeOfPassword}.hash 2>/dev/null)
passwordHashTest=$(mkpasswd -m sha-512 "${passwordToCheck}" -S "${hashedPasswordSalt:0:16}")
#echo "# passwordToCheck(${passwordToCheck})"
#echo "# passwordHashSystem(${passwordHashSystem})"
#echo "# hashedPasswordSalt(${hashedPasswordSalt})"
#echo "# passwordHashTest(${passwordHashTest})"
if [ ${#passwordHashSystem} -eq 0 ]; then
echo "error='password cannot be checked - no hash available'"
echo "correct=0"
exit 1
fi
if [ "${passwordHashSystem}" == "${passwordHashTest}" ]; then
echo "correct=1"
else
echo "correct=0"
fi
exit
fi
############################
# SETTING PASSWORDS
############################
if [ "$1" != "set" ]; then
echo "error='unkown parameter'"
exit 1
fi
# load raspiblitz config (if available)
source /home/admin/raspiblitz.info
@ -34,7 +115,7 @@ if [ ${#chain} -eq 0 ]; then
fi
# 1. parameter [?a|b|c]
abcd=$1
abcd=$2
# run interactive if no further parameters
reboot=0;
@ -84,7 +165,7 @@ fi
# PASSWORD A
if [ "${abcd}" = "a" ]; then
newPassword=$2
newPassword=$3
# if no password given by parameter - ask by dialog
if [ ${#newPassword} -eq 0 ]; then
@ -94,7 +175,7 @@ if [ "${abcd}" = "a" ]; then
password1=$(whiptail --passwordbox "\nSet new Admin/SSH Password A:\n(min 8chars, 1word, chars+number, no specials)" 10 52 "" --title "Password A" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ]; then
if [ ${emptyAllowed} -eq 0 ]; then
echo "CANCEL not possible"
echo "# CANCEL not possible"
sleep 2
else
exit 0
@ -105,7 +186,7 @@ if [ "${abcd}" = "a" ]; then
password2=$(whiptail --passwordbox "\nRe-Enter Password A:\n(This is new password to login per SSH)" 10 52 "" --title "Password A" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ]; then
if [ ${emptyAllowed} -eq 0 ]; then
echo "CANCEL not possible"
echo "# CANCEL not possible"
sleep 2
else
exit 0
@ -115,14 +196,16 @@ if [ "${abcd}" = "a" ]; then
# check if passwords match
if [ "${password1}" != "${password2}" ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Passwords dont Match\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh a
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set a
exit 0
fi
# password zero
if [ ${#password1} -eq 0 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password cannot be empty\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh a
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set a
exit 0
fi
@ -130,14 +213,16 @@ if [ "${abcd}" = "a" ]; then
clearedResult=$(echo "${password1}" | tr -dc '[:alnum:]-.' | tr -d ' ')
if [ ${#clearedResult} != ${#password1} ] || [ ${#clearedResult} -eq 0 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Contains bad characters (spaces, special chars)\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh a
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set a
exit 0
fi
# password longer than 8
if [ ${#password1} -lt 8 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password length under 8\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh a
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set a
exit 0
fi
@ -146,6 +231,11 @@ if [ "${abcd}" = "a" ]; then
fi
# store password hash
mkpasswd -m sha-512 "${newPassword}" -S "${hashedPasswordSalt:0:16}" > ${hashedPasswordStoragePath}/a.hash
chown admin:admin ${hashedPasswordStoragePath}/a.hash
chmod 660 ${hashedPasswordStoragePath}/a.hash
# change user passwords and then change hostname
echo "pi:$newPassword" | sudo chpasswd
echo "root:$newPassword" | sudo chpasswd
@ -153,14 +243,14 @@ if [ "${abcd}" = "a" ]; then
echo "admin:$newPassword" | sudo chpasswd
sleep 1
echo ""
echo "OK - password A changed for user pi, root, admin & bitcoin"
echo "# OK - password A changed for user pi, root, admin & bitcoin"
echo "error=''"
############################
# PASSWORD B
elif [ "${abcd}" = "b" ]; then
newPassword=$2
newPassword=$3
# if no password given by parameter - ask by dialog
if [ ${#newPassword} -eq 0 ]; then
@ -170,7 +260,7 @@ elif [ "${abcd}" = "b" ]; then
password1=$(whiptail --passwordbox "\nPlease enter your new Password B:\n(min 8chars, 1word, chars+number, no specials)" 10 52 "" --title "Password B" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ]; then
if [ "${emptyAllowed}" == "0" ]; then
echo "CANCEL not possible"
echo "# CANCEL not possible"
sleep 2
else
exit 0
@ -181,7 +271,7 @@ elif [ "${abcd}" = "b" ]; then
password2=$(whiptail --passwordbox "\nRe-Enter Password B:\n" 10 52 "" --title "Password B" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ]; then
if [ "${emptyAllowed}" == "0" ]; then
echo "CANCEL not possible"
echo "# CANCEL not possible"
sleep 2
else
exit 0
@ -191,14 +281,16 @@ elif [ "${abcd}" = "b" ]; then
# check if passwords match
if [ "${password1}" != "${password2}" ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Passwords dont Match\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh b
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set b
exit 0
fi
# password zero
if [ ${#password1} -eq 0 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password cannot be empty\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh b
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set b
exit 0
fi
@ -206,14 +298,16 @@ elif [ "${abcd}" = "b" ]; then
clearedResult=$(echo "${password1}" | tr -dc '[:alnum:]-.' | tr -d ' ')
if [ ${#clearedResult} != ${#password1} ] || [ ${#clearedResult} -eq 0 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Contains bad characters (spaces, special chars)\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh b
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set b
exit 0
fi
# password longer than 8
if [ ${#password1} -lt 8 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password length under 8\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh b
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set b
exit 0
fi
@ -221,6 +315,11 @@ elif [ "${abcd}" = "b" ]; then
newPassword="${password1}"
fi
# store password hash
mkpasswd -m sha-512 "${newPassword}" -S "${hashedPasswordSalt:0:16}" > ${hashedPasswordStoragePath}/b.hash
chown admin:admin ${hashedPasswordStoragePath}/b.hash
chmod 660 ${hashedPasswordStoragePath}/b.hash
# change in assets (just in case this is used on setup)
sed -i "s/^rpcpassword=.*/rpcpassword=${newPassword}/g" /home/admin/assets/${network}.conf 2>/dev/null
@ -274,23 +373,26 @@ elif [ "${abcd}" = "b" ]; then
echo "# OK -> RPC Password B changed"
echo "# Reboot is needed (will be triggered if interactive menu was called)"
echo "error=''"
sleep 3
############################
# PASSWORD C
# will change both (lnd & core lightning) if installed
elif [ "${abcd}" = "c" ]; then
oldPassword=$2
newPassword=$3
oldPassword=$3
newPassword=$4
if [ "${oldPassword}" == "" ]; then
# ask user for old password c
clear
oldPassword=$(whiptail --passwordbox "\nEnter old Password C:\n" 10 52 "" --title "Old Password C" --backtitle "RaspiBlitz - Passwords" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ] || [ "${oldPassword}" == "" ]; then
sudo /home/admin/config.scripts/blitz.setpassword.sh c
# calling recursive repeat
sudo /home/admin/config.scripts/blitz.passwords.sh set c
fi
echo "OK ... processing"
echo "# OK ... processing"
fi
if [ "${newPassword}" == "" ]; then
@ -299,76 +401,107 @@ elif [ "${abcd}" = "c" ]; then
# ask user for new password c
newPassword=$(whiptail --passwordbox "\nEnter new Password C:\n" 10 52 "" --title "New Password C" --backtitle "RaspiBlitz - Passwords" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ] || [ "${newPassword}" == "" ]; then
sudo /home/admin/config.scripts/blitz.setpassword.sh c ${oldPassword}
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set c ${oldPassword}
exit 0
fi
# check new password does not contain bad characters
clearedResult=$(echo "${newPassword}" | tr -dc '[:alnum:]-.' | tr -d ' ')
if [ ${#clearedResult} != ${#newPassword} ] || [ ${#clearedResult} -eq 0 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Contains bad characters (spaces, special chars)" 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh c ${oldPassword}
# calling recursive repeat
/home/admin/config.scripts/blitz.password.sh set c ${oldPassword}
exit 0
fi
# check new password longer than 8
if [ ${#newPassword} -lt 8 ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password length under 8" 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh c ${oldPassword}
# calling recursive repeat
/home/admin/config.scripts/blitz.password.sh set c ${oldPassword}
exit 0
fi
# ask user to retype new password c
newPassword2=$(whiptail --passwordbox "\nEnter again new Password C:\n" 10 52 "" --title "New Password C (repeat)" --backtitle "RaspiBlitz - Passwords" 3>&1 1>&2 2>&3)
if [ $? -eq 1 ] || [ "${newPassword}" == "" ]; then
sudo /home/admin/config.scripts/blitz.setpassword.sh c ${oldPassword}
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set c ${oldPassword}
exit 0
fi
echo "OK ... processing"
echo "# OK ... processing"
# check if passwords match
if [ "${newPassword}" != "${newPassword2}" ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Passwords dont Match" 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh c ${oldPassword}
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set c ${oldPassword}
exit 0
fi
echo "OK ... processing"
echo "# OK ... processing"
fi
#echo "oldPassword: ${oldPassword}"
#echo "newPassword: ${newPassword}"
# CHANGE LND WALLET PASSWORD
if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then
echo "# Make sure Auto-Unlocks off"
sudo /home/admin/config.scripts/lnd.autounlock.sh off
echo "# CHANGE LND - PASSWORD C (only mainnet)"
echo "LND needs to be restarted to lock wallet first .. (please wait)"
sudo systemctl restart lnd
sleep 2
echo "# Make sure Auto-Unlocks off"
sudo /home/admin/config.scripts/lnd.autounlock.sh off
err=""
if ! pip list | grep grpc; then sudo -H python3 -m pip install grpcio==1.38.1; fi
source <(sudo /home/admin/config.scripts/lnd.initwallet.py change-password mainnet $oldPassword $newPassword)
if [ "${err}" != "" ]; then
dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Was not able to change password\n\n${err}\n${errMore}" 10 52
clear
echo "# FAIL: Was not able to change password"
exit 0
echo "# LND needs to be restarted to lock wallet first .. (please wait)"
sudo systemctl restart lnd
sleep 2
err=""
if ! pip list | grep grpc; then
echo "# pip install grpc"
sudo -H python3 -m pip install grpcio==1.38.1 1>/dev/null 2>/dev/null
fi
source <(sudo /home/admin/config.scripts/lnd.initwallet.py change-password mainnet $oldPassword $newPassword)
if [ "${err}" != "" ]; then
echo "error='Was not able to change password'"
sleep 2
exit 0
fi
else
echo "# LND not installed/active"
fi
# CHANGE CORE LIGHTNING WALLET PASSWORD
if [ "${cl}" == "on" ] && [ "${clEncryptedHSM}" == "on" ]; then
echo "# CHANGE CORE LIGHTNING - PASSWORD C (only mainnet)"
sudo /home/admin/config.scripts/cl.hsmtool.sh change-password mainnet $oldPassword $newPassword
#TODO: test success
else
echo "# CORE LIGHTNING not installed/active/encrypted"
fi
# store password hash
mkpasswd -m sha-512 "${newPassword}" -S "${hashedPasswordSalt:0:16}" > ${hashedPasswordStoragePath}/c.hash
chown admin:admin ${hashedPasswordStoragePath}/c.hash
chmod 660 ${hashedPasswordStoragePath}/c.hash
# final user output
echo ""
echo "OK"
echo "#OK"
echo "error=''"
############################
# PASSWORD X
elif [ "${abcd}" = "x" ]; then
emptyAllowed=0
if [ "$4" == "empty-allowed" ]; then
if [ "$5" == "empty-allowed" ]; then
emptyAllowed=1
fi
# second parameter is the flexible text
text=$2
resultFile=$3
shred -u "$3" 2>/dev/null
text=$3
resultFile=$4
shred -u "$4" 2>/dev/null
# ask user for new password (first time)
password1=$(whiptail --passwordbox "\n${text}:\n(min 8chars, 1word, chars+number, no specials)" 10 52 "" --backtitle "RaspiBlitz" 3>&1 1>&2 2>&3)
@ -382,7 +515,8 @@ elif [ "${abcd}" = "x" ]; then
# check if passwords match
if [ "${password1}" != "${password2}" ]; then
dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Passwords dont Match\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4"
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set x "$3" "$4" "$5"
exit 0
fi
@ -391,7 +525,8 @@ elif [ "${abcd}" = "x" ]; then
# password zero
if [ ${#password1} -eq 0 ]; then
dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Password cannot be empty\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4"
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set x "$3" "$4" "$5"
exit 0
fi
@ -399,14 +534,16 @@ elif [ "${abcd}" = "x" ]; then
clearedResult=$(echo "${password1}" | tr -dc '[:alnum:]-.' | tr -d ' ')
if [ ${#clearedResult} != ${#password1} ] || [ ${#clearedResult} -eq 0 ]; then
dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Contains bad characters (spaces, special chars)\nPlease try again ..." 6 62
sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4"
# calling recursive repeat
/home/admin/config.scripts/blitz.password.sh set x "$3" "$4" "$5"
exit 0
fi
# password longer than 8
if [ ${#password1} -lt 8 ]; then
dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Password length under 8\nPlease try again ..." 6 52
sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4"
# calling recursive repeat
/home/admin/config.scripts/blitz.passwords.sh set x "$3" "$4" "$5"
exit 0
fi
@ -415,21 +552,14 @@ elif [ "${abcd}" = "x" ]; then
# store result is file
echo "${password1}" > "${resultFile}"
elif [ "${abcd}" = "cl" ]; then
/home/admin/config.scripts/cl.hsmtool.sh change-password mainnet
# do not reboot for cl password
reboot=0
# everything else
else
echo "FAIL: there is no password '${abcd}' (reminder: use lower case)"
echo "# FAIL: there is no password '${abcd}' (reminder: use lower case)"
echo "error='no password ${abcd}'"
exit 0
fi
# when started with menu ... reboot when done
if [ "${reboot}" == "1" ]; then
echo "Now rebooting to activate changes ..."
echo "# Now rebooting to activate changes ..."
sudo /home/admin/config.scripts/blitz.shutdown.sh reboot
else
echo "..."
fi

54
home.admin/config.scripts/blitz.web.api.sh
View file

@ -17,6 +17,12 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ];
exit 1
fi
# check if started with sudo
if [ "$EUID" -ne 0 ]; then
echo "error='run as root'"
exit 1
fi
DEFAULT_GITHUB_USER="fusion44"
DEFAULT_GITHUB_REPO="blitz_api"
DEFAULT_GITHUB_BRANCH="main"
@ -39,14 +45,16 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
fi
echo "# INSTALL Web API ..."
sudo apt install -y redis
sudo rm -r /home/admin/blitz_api 2>/dev/null
cd /home/admin
# git clone https://github.com/fusion44/blitz_api.git /home/admin/blitz_api
git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /home/admin/blitz_api
rm -r /root/blitz_api 2>/dev/null
cd /root
# git clone https://github.com/fusion44/blitz_api.git /root/blitz_api
git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /root/blitz_api
cd blitz_api
git checkout ${DEFAULT_GITHUB_BRANCH}
pip install -r requirements.txt
chown -R admin:admin /root/blitz_api
chmod a+x /root
chmod -R a+x /root/blitz_api
# build the config and set unique secret (its OK to be a new secret every install/upadte)
/home/admin/config.scripts/blitz.web.api.sh update-config
@ -61,10 +69,10 @@ Wants=network.target
After=network.target
[Service]
WorkingDirectory=/home/admin/blitz_api
WorkingDirectory=/root/blitz_api
# before every start update the config with latest credentials/settings
ExecStartPre=-/home/admin/config.scripts/blitz.web.api.sh update-config
ExecStart=sudo -u admin /usr/bin/python -m uvicorn app.main:app --port 11111 --host=0.0.0.0 --root-path /api
ExecStart=/usr/bin/python -m uvicorn app.main:app --port 11111 --host=0.0.0.0 --root-path /api
User=root
Group=root
Type=simple
@ -74,19 +82,18 @@ StandardError=journal
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/blitzapi.service
" | tee /etc/systemd/system/blitzapi.service
sudo systemctl enable blitzapi
sudo systemctl start blitzapi
systemctl enable blitzapi
systemctl start blitzapi
# TODO: remove after experimental step
sudo ufw allow 11111 comment 'WebAPI Develop'
# TODO: remove after experimental step (only have forward on nginx:80 /api)
ufw allow 11111 comment 'WebAPI Develop'
source <(/home/admin/_cache.sh export internet_localip)
@ -111,12 +118,12 @@ if [ "$1" = "update-config" ]; then
chain="main"
fi
cd /home/admin/blitz_api
cd /root/blitz_api
cp ./.env_sample ./.env
dateStr=$(date)
echo "# Update Web API CONFIG (${dateStr})"
RPCUSER=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcuser | cut -c 9-)
RPCPASS=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
RPCUSER=$(sudo cat /mnt/hdd/${network}/${network}.conf 2>/dev/null | grep rpcuser | cut -c 9-)
RPCPASS=$(sudo cat /mnt/hdd/${network}/${network}.conf 2>/dev/null | grep rpcpassword | cut -c 13-)
if [ "${RPCUSER}" == "" ]; then
RPCUSER="raspibolt"
fi
@ -128,7 +135,9 @@ if [ "$1" = "update-config" ]; then
sed -i "s/^bitcoind_ip_testnet=.*/bitcoind_ip_testnet=127.0.0.1/g" ./.env
sed -i "s/^bitcoind_user=.*/bitcoind_user=${RPCUSER}/g" ./.env
sed -i "s/^bitcoind_pw=.*/bitcoind_pw=${RPCPASS}/g" ./.env
sed -i "s/^# platform=.*/platform=raspiblitz/g" ./.env
sed -i "s/^platform=.*/platform=raspiblitz/g" ./.env
# configure LND
if [ "${lightning}" == "lnd" ]; then
@ -178,7 +187,7 @@ if [ "$1" = "update-code" ]; then
echo "# Update Web API CODE"
sudo systemctl stop blitzapi
cd /home/admin/blitz_api
cd /root/blitz_api
git fetch
git pull
pip install -r requirements.txt
@ -194,10 +203,11 @@ fi
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# UNINSTALL Web API"
sudo systemctl stop blitzapi
sudo systemctl disable blitzapi
sudo rm /etc/systemd/system/blitzapi.service
sudo rm -r /home/admin/blitz_api
systemctl stop blitzapi
systemctl disable blitzapi
rm /etc/systemd/system/blitzapi.service
rm -r /root/blitz_api
rm -r /root/.blitz_api 2>/dev/null
exit 0
fi

86
home.admin/config.scripts/blitz.web.sh
View file

@ -2,13 +2,14 @@
# TODO: later on this script will be run on build sdcard - make sure that the self-signed tls cert get created fresh on every new RaspiBlitz
source /mnt/hdd/raspiblitz.conf
source /mnt/hdd/raspiblitz.conf 2>/dev/null
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then
printf "Manage RaspiBlitz Web Interface(s)\n\n"
printf "blitz.web.sh check \t\tprint operational nginx listen status (lsof)\n"
printf "blitz.web.sh on \t\tturn on\n"
printf "blitz.web.sh http-on \t\tturn on basic http & api\n"
printf "blitz.web.sh https-on \t\tturn on https (needs hdd)\n"
printf "blitz.web.sh off \t\tturn off\n"
exit 1
fi
@ -27,11 +28,11 @@ if [ "$1" = "check" ]; then
echo "${active}" | awk '{ if($2 == "*") print $3 "\tany\t\t" $1; else print $3 "\t" $2 "\t" $1 }'
###################
# SWITCH ON
# SWITCH ON-BASICS
###################
elif [ "$1" = "1" ] || [ "$1" = "on" ]; then
elif [ "$1" = "http-on" ]; then
echo "Turning ON: Web"
echo "Turning ON: Web HTTP"
# install
sudo apt-get update
@ -42,7 +43,7 @@ elif [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo tee /etc/systemd/system/nginx.service.d/raspiblitz.conf >/dev/null <<EOF
# DO NOT EDIT! This file is generate by raspiblitz and will be overwritten
[Unit]
After=network.target nss-lookup.target mnt-hdd.mount
After=network.target nss-lookup.target
[Service]
Restart=on-failure
@ -50,13 +51,6 @@ TimeoutSec=120
RestartSec=60
EOF
# make sure that it is enabled and started
sudo systemctl enable nginx
sudo systemctl start nginx
# create nginx app-data dir
sudo mkdir /mnt/hdd/app-data/nginx/ 2>/dev/null
# general nginx settings
if ! grep -Eq '^\s*server_names_hash_bucket_size.*$' /etc/nginx/nginx.conf; then
# ToDo(frennkie) verify this
@ -66,6 +60,32 @@ EOF
sudo sed -i "s/# server_tokens off;/server_tokens off;/g" /etc/nginx/nginx.conf
fi
### Welcome Server on HTTP Port 80
sudo rm -f /etc/nginx/sites-enabled/default
sudo rm -f /var/www/html/index.nginx-debian.html
sudo mkdir -p /var/www/letsencrypt/.well-known/acme-challenge
sudo chown -R admin:www-data /var/www/letsencrypt
sudo cp -a /home/admin/assets/nginx/www_public/ /var/www/public
sudo chown www-data:www-data /var/www/public
# enable public site & API redirect
sudo cp /home/admin/assets/nginx/sites-available/public.conf /etc/nginx/sites-available/public.conf
sudo ln -sf /etc/nginx/sites-available/public.conf /etc/nginx/sites-enabled/public.conf
# make sure that it is enabled and started
sudo systemctl enable nginx
sudo systemctl start nginx
###################
# SWITCH ON
###################
elif [ "$1" = "https-on" ]; then
echo "Turning ON: Web HTTPS"
# create nginx app-data dir
sudo mkdir /mnt/hdd/app-data/nginx/ 2>/dev/null
echo "# Checking dhparam.pem ..."
if [ ! -f /etc/ssl/certs/dhparam.pem ]; then
@ -75,7 +95,6 @@ EOF
# generate dhparam.pem - can take +10 minutes on a Raspberry Pi
echo "Generating a complete new dhparam.pem"
echo "Running \"sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048\" next."
echo "This can take 5-10 minutes on a Raspberry Pi 3 - please be patient!"
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
sudo cp /etc/ssl/certs/dhparam.pem /mnt/hdd/app-data/nginx/dhparam.pem
else
@ -88,48 +107,11 @@ EOF
echo "# skip - dhparam.pem exists"
fi
# copy snippets
sudo cp /home/admin/assets/nginx/snippets/* /etc/nginx/snippets/
### Welcome Server on HTTP Port 80
sudo rm -f /etc/nginx/sites-enabled/default
sudo rm -f /var/www/html/index.nginx-debian.html
if ! [ -f /etc/nginx/sites-available/public.conf ]; then
echo "# copy /etc/nginx/sites-available/public.conf"
sudo cp /home/admin/assets/nginx/sites-available/public.conf /etc/nginx/sites-available/public.conf
else
echo "# exists /etc/nginx/sites-available/public.conf"
fi
if ! [ -d /var/www/letsencrypt/.well-known/acme-challenge ]; then
sudo mkdir -p /var/www/letsencrypt/.well-known/acme-challenge
fi
# make sure admin can write here even without sudo
sudo chown -R admin:www-data /var/www/letsencrypt
# copy webroot
if ! [ -d /var/www/public ]; then
echo "# copy /var/www/public"
sudo cp -a /home/admin/assets/nginx/www_public/ /var/www/public
sudo chown www-data:www-data /var/www/public
else
echo "# exists /var/www/public"
fi
sudo ln -sf /etc/nginx/sites-available/public.conf /etc/nginx/sites-enabled/public.conf
### RaspiBlitz Webserver on HTTPS 443
# copy compiled webUI (TODO: do later)
if ! [ -d /var/www/public/ui ]; then
echo "# copy precompiled webui TODO: implement"
sudo cp -a /home/admin/blitz_web_compiled /var/www/public/ui
sudo chown www-data:www-data /var/www/public/ui
else
echo "# exists /var/www/public/ui"
fi
if ! [ -f /mnt/hdd/app-data/nginx/tls.cert ];then
if [ -f /mnt/hdd/lnd/tls.cert ]; then

36
home.admin/config.scripts/blitz.web.ui.sh
View file

@ -1,11 +1,6 @@
#!/usr/bin/env bash
# TODO: Later use for default install (when no github parameters are given) a precompiled version
# that comes with the repo so that the user does not need to install node
# use fro that then: yarn build:production & yarn licenses generate-disclaimer
# TODO: Put WebUI into / base directory of nginx and let the index.html of the webUI handle
# the Tor detection or build it directly into the WebUI
# main repo: https://github.com/cstenglein/raspiblitz-web
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then
@ -16,6 +11,12 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ];
exit 0
fi
# check if started with sudo
if [ "$EUID" -ne 0 ]; then
echo "error='run as root'"
exit 1
fi
DEFAULT_GITHUB_USER="cstenglein"
DEFAULT_GITHUB_REPO="raspiblitz-web"
DEFAULT_GITHUB_BRANCH="master"
@ -38,29 +39,28 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
fi
echo "# INSTALL WebUI"
sudo rm -r /home/admin/blitz_web 2>/dev/null
cd /home/admin
rm -r /root/blitz_web 2>/dev/null
cd /root
# git clone https://github.com/cstenglein/raspiblitz-web.git /home/admin/blitz_web
git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /home/admin/blitz_web
git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /root/blitz_web
cd blitz_web
git checkout ${DEFAULT_GITHUB_BRANCH}
echo "# Compile WebUI"
/home/admin/config.scripts/bonus.nodejs.sh on
source <(/home/admin/config.scripts/bonus.nodejs.sh info)
sudo npm install --global yarn
npm install --global yarn
${NODEPATH}/yarn config set --home enableTelemetry 0
${NODEPATH}/yarn install
${NODEPATH}/yarn build
sudo rm -r /var/www/public/* 2>/dev/null
sudo cp -r /home/admin/blitz_web/build/* /var/www/public
sudo chown www-data:www-data -R /var/www/public
rm -r /var/www/public/* 2>/dev/null
cp -r /root/blitz_web/build/* /var/www/public
chown www-data:www-data -R /var/www/public
# install info
source <(/home/admin/_cache.sh export internet_localip)
echo "# The WebUI is now available under:"
echo "# http://${internet_localip}"
echo "# http://[LOCAIP]"
exit 0
fi
@ -71,14 +71,14 @@ fi
if [ "$1" = "update" ]; then
echo "# Update Web API"
cd /home/admin/blitz_web
cd /root/blitz_web
git fetch
git pull
source <(/home/admin/config.scripts/bonus.nodejs.sh info)
${NODEPATH}/yarn install
${NODEPATH}/yarn build
sudo rm -r /var/www/public/* 2>/dev/null
sudo cp -r /home/admin/blitz_web/build/* /var/www/public
sudo cp -r /root/blitz_web/build/* /var/www/public
sudo chown www-data:www-data -R /var/www/public
echo "# blitzapi updates and restarted"
exit 0
@ -91,7 +91,7 @@ fi
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# UNINSTALL WebUI"
sudo rm -r /home/admin/blitz_web 2>/dev/null
sudo rm -r /root/blitz_web 2>/dev/null
sudo rm -r /var/www/public/* 2>/dev/null
exit 0
fi

38
home.admin/config.scripts/bonus.btc-rpc-explorer.sh
View file

@ -39,11 +39,6 @@ This can take multiple hours.
exit 0
fi
# get network info
localip=$(ip addr | grep 'state UP' -A2 | grep -E -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
toraddress=$(sudo cat /mnt/hdd/tor/btc-rpc-explorer/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
# check if password protected
isBitcoinWalletOff=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep -c "^disablewallet=1")
passwordInfo=""
@ -86,6 +81,23 @@ if [ "$1" = "status" ]; then
if [ "${BTCRPCexplorer}" = "on" ]; then
echo "configured=1"
installed=$(sudo ls /etc/systemd/system/btc-rpc-explorer.service 2>/dev/null | grep -c 'btc-rpc-explorer.service')
echo "installed=${installed}"
# get network info
localip=$(ip addr | grep 'state UP' -A2 | grep -E -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
toraddress=$(sudo cat /mnt/hdd/tor/btc-rpc-explorer/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
echo "localIP='${localip}'"
echo "httpPort='3020'"
echo "httpsPort='3021'"
echo "httpsForced='0'"
echo "httpsSelfsigned='1'"
echo "authMethod='user_admin_password_b'"
echo "toraddress='${toraddress}'"
echo "fingerprint='${fingerprint}'"
# check indexing
source <(sudo /home/admin/config.scripts/network.txindex.sh status)
echo "isIndexed=${isIndexed}"
@ -100,6 +112,7 @@ if [ "$1" = "status" ]; then
else
echo "configured=0"
echo "installed=0"
fi
exit 0
fi
@ -283,7 +296,6 @@ StartLimitIntervalSec=0
[Service]
User=btcrpcexplorer
TimeoutStartUSec=infinity
ExecStartPre=/home/admin/config.scripts/bonus.btc-rpc-explorer.sh prestart
WorkingDirectory=/home/btcrpcexplorer/btc-rpc-explorer
ExecStart=/usr/bin/npm start
@ -323,6 +335,17 @@ EOF
# make sure to keep in sync with tor.network.sh script
/home/admin/config.scripts/tor.onion-service.sh btc-rpc-explorer 80 3022 443 3023
fi
source <(/home/admin/_cache.sh get state)
if [ "${state}" == "ready" ]; then
# start service
echo "# starting service ..."
sudo systemctl start btc-rpc-explorer 2>/dev/null
sleep 10
fi
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -369,6 +392,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# close ports on firewall
sudo ufw deny 3020
sudo ufw deny 3021
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi

19
home.admin/config.scripts/bonus.btcpayserver.sh
View file

@ -5,7 +5,7 @@
# https://github.com/dgarage/NBXplorer/tags
NBXplorerVersion="v2.2.20"
# https://github.com/btcpayserver/btcpayserver/releases
BTCPayVersion="v1.4.4"
BTCPayVersion="v1.5.1"
PGPsigner="nicolasdorier"
PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc"
@ -38,7 +38,11 @@ if [ "$1" = "status" ]; then
localIP=$(hostname -I | awk '{print $1}')
echo "localIP='${localIP}'"
echo "httpPort='23000'"
echo "httpsPort='23001'"
echo "httpsForced='1'"
echo "httpsSelfsigned='1'" # TODO: change later if IP2Tor+LetsEncrypt is active
echo "authMethod='userdefined'"
echo "publicIP='${publicIP}'"
# check for LetsEncryptDomain for DynDns
@ -476,11 +480,11 @@ WantedBy=multi-user.target
sudo systemctl start btcpayserver
echo "# Checking for btcpayserver config"
while [ ! -f "/home/btcpay/.btcpayserver/Main/settings.config" ]; do
echo "# Waiting for btcpayserver to start - CTRL+C to abort"
sleep 10
echo "# Waiting for btcpayserver to start - CTRL+C to abort .."
sleep 30
hasFailed=$(sudo systemctl status btcpayserver | grep -c "Active: failed")
if [ ${hasFailed} -eq 1 ]; then
echo "# seems like starting btcpayserver service has failed - see: systemctl status btcpayserver"
echo "# seems like starting btcpayserver service has failed - see: systemctl status btcpayserver"
echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214"
fi
done
@ -503,6 +507,9 @@ WantedBy=multi-user.target
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set BTCPayServer "on"
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -576,7 +583,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
else
echo "# BTCPayServer is not installed."
fi
exit 0
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
fi
if [ "$1" = "update" ]; then

13
home.admin/config.scripts/bonus.chantools.sh
View file

@ -6,7 +6,7 @@
lndVersion=$(lncli -v | cut -d " " -f 3 | cut -d"." -f2)
if [ $lndVersion -eq 14 ]; then
pinnedVersion="0.10.1"
pinnedVersion="0.10.4"
else
echo "# LND not installed or a version not tested with chantools"
lncli -v
@ -37,7 +37,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
downloadDir="/home/admin/download" # edit your download directory
PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
PGPcheck="4FC70F07310028424EFC20A8E4256593F177720"
PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
echo "Detect CPU architecture ..."
isARM=$(uname -m | grep -c 'arm')
@ -113,10 +113,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# install
sudo -u admin tar -xzf ${binaryName}
sudo -u bitcoin mkdir -p /home/bitcoin/bin 2>/dev/null
sudo install -m 0755 -o bitcoin -g bitcoin -t /home/bitcoin/bin chantools-linux-${OSversion}-v${pinnedVersion}/*
sudo install -m 0755 -o root -g root -t /usr/local/bin/ chantools-linux-${OSversion}-v${pinnedVersion}/*
sleep 3
installed=$(sudo -u bitcoin /home/bitcoin/bin/chantools --version)
installed=$(sudo -u bitcoin chantools --version)
if [ ${#installed} -eq 0 ]; then
echo
echo "# !!! BUILD FAILED --> Was not able to install Channel Tools"
@ -138,16 +137,14 @@ fi
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set chantools "off"
echo "# REMOVING Channel Tools"
sudo rm -rf /home/admin/download/chantools*
sudo rm -rf /home/bitcoin/bin/chantools*
sudo rm -rf /usr/local/bin/chantools*
echo "# OK, chantools is removed."
exit 0
fi
echo "# FAIL - Unknown Parameter $1"

17
home.admin/config.scripts/bonus.lnbits.sh
View file

@ -180,6 +180,9 @@ if [ "$1" = "status" ]; then
echo "localIP='${localIP}'"
echo "httpPort='5000'"
echo "httpsPort='5001'"
echo "httpsForced='1'"
echo "httpsSelfsigned='1'" # TODO: change later if IP2Tor+LetsEncrypt is active
echo "authMethod='none'"
echo "publicIP='${publicIP}'"
# check funding source
@ -228,7 +231,7 @@ if [ "$1" = "status" ]; then
isDead=$(sudo systemctl status lnbits | grep -c 'inactive (dead)')
if [ ${isDead} -eq 1 ]; then
echo "error='Service Failed'"
exit 1
exit 0
fi
else
@ -394,6 +397,12 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# get funding source and check that its available
fundingsource="$2"
# run with default funding source if not given as parameter
if [ "${fundingsource}" == "" ]; then
echo "# running with default lightning as funing source: ${lightning}"
fundingsource="${lightning}"
fi
if [ "${fundingsource}" == "lnd" ]; then
if [ "${lnd}" != "on" ]; then
echo "# FAIL: lnd mainnet needs to be activated"
@ -559,6 +568,9 @@ EOF
fi
echo "# OK install done ... might need to restart or call: sudo systemctl start lnbits"
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -740,7 +752,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set LNBits "off"
echo "OK LNbits is uninstalled"
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi

42
home.admin/config.scripts/bonus.mempool.sh
View file

@ -35,18 +35,13 @@ This can take multiple hours.
exit 0
fi
# get network info
localip=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/mempool/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
# Tor
sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
whiptail --title " Mempool " --msgbox "Open in your local web browser:
http://${localip}:4080\n
https://${localip}:4081 with Fingerprint:
http://${localIP}:${httpPort}\n
https://${localIP}:${httpsPort} with Fingerprint:
${fingerprint}\n
Hidden Service address for Tor Browser (QR see LCD):
${toraddress}
@ -56,8 +51,8 @@ ${toraddress}
# IP + Domain
whiptail --title " Mempool " --msgbox "Open in your local web browser:
http://${localip}:4080\n
https://${localip}:4081 with Fingerprint:
http://${localIP}:${httpPort}\n
https://${localIP}:${httpsPort} with Fingerprint:
${fingerprint}\n
Activate TOR to access the web block explorer from outside your local network.
" 16 54
@ -73,6 +68,21 @@ if [ "$1" = "status" ]; then
if [ "${mempoolExplorer}" = "on" ]; then
echo "configured=1"
# get network info
localIP=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/mempool/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
echo "installed=1"
echo "localIP='${localIP}'"
echo "httpPort='4080'"
echo "httpsPort='4081'"
echo "httpsForced='0'"
echo "httpsSelfsigned='1'"
echo "authMethod='none'"
echo "fingerprint='${fingerprint}'"
echo "toraddress='${toraddress}'"
# check indexing
source <(sudo /home/admin/config.scripts/network.txindex.sh status)
echo "isIndexed=${isIndexed}"
@ -86,6 +96,7 @@ if [ "$1" = "status" ]; then
fi
else
echo "installed=0"
echo "configured=0"
fi
exit 0
@ -144,7 +155,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
fi
sudo -u mempool NG_CLI_ANALYTICS=false npm run build
if ! [ $? -eq 0 ]; then
echo "FAIL - npm run build did not run correctly, aborting"
echo "FAIL - npm run build did not run correctly, aborting (1)"
exit 1
fi
@ -158,7 +169,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
fi
sudo -u mempool NG_CLI_ANALYTICS=false npm run build
if ! [ $? -eq 0 ]; then
echo "FAIL - npm run build did not run correctly, aborting"
echo "FAIL - npm run build did not run correctly, aborting (2)"
exit 1
fi
@ -297,6 +308,9 @@ EOF
# make sure to keep in sync with tor.network.sh script
/home/admin/config.scripts/tor.onion-service.sh mempool 80 4082 443 4083
fi
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -345,6 +359,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set mempoolExplorer "off"
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -379,7 +395,7 @@ if [ "$1" = "update" ]; then
fi
sudo -u mempool NG_CLI_ANALYTICS=false npm run build
if ! [ $? -eq 0 ]; then
echo "FAIL - npm run build did not run correctly, aborting"
echo "FAIL - npm run build did not run correctly, aborting (3)"
exit 1
fi
@ -393,7 +409,7 @@ if [ "$1" = "update" ]; then
fi
sudo -u mempool NG_CLI_ANALYTICS=false npm run build
if ! [ $? -eq 0 ]; then
echo "FAIL - npm run build did not run correctly, aborting"
echo "FAIL - npm run build did not run correctly, aborting (4)"
exit 1
fi

34
home.admin/config.scripts/bonus.rtl.sh
View file

@ -53,6 +53,29 @@ echo "# systemdService(${systemdService})"
# MENU
#########################
# show info menu
if [ "$1" = "status" ] || [ "$1" = "menu" ]; then
# get network info
isInstalled=$(sudo ls /etc/systemd/system/${netprefix}${typeprefix}RTL.service 2>/dev/null | grep -c 'RTL.service')
localip=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/${netprefix}${typeprefix}RTL/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
RTLHTTPS=$((RTLHTTP+1))
if [ "$1" = "status" ]; then
echo "installed='${isInstalled}'"
echo "localIP='${localip}'"
echo "httpPort='${RTLHTTP}'"
echo "httpsPort='${RTLHTTPS}'"
echo "httpsForced='0'"
echo "httpsSelfsigned='1'"
echo "authMethod='password_b'"
echo "toraddress='${toraddress}'"
exit
fi
fi
# show info menu
if [ "$1" = "menu" ]; then
@ -64,11 +87,6 @@ if [ "$1" = "menu" ]; then
exit 1
fi
# get network info
localip=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/${netprefix}${typeprefix}RTL/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
# info with Tor
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
@ -265,6 +283,9 @@ WantedBy=multi-user.target
sudo systemctl start ${systemdService}
echo "# OK - the ${systemdService}.service is now enabled & started"
echo "# Monitor with: sudo journalctl -f -u ${systemdService}"
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -480,6 +501,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# close ports on firewall
sudo ufw deny "${RTLHTTP}"
sudo ufw deny $((RTLHTTP+1))
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi

107
home.admin/config.scripts/bonus.specter.sh
View file

@ -26,11 +26,18 @@ if [ "$1" = "status" ]; then
echo "configured=1"
installed=$(sudo ls /etc/systemd/system/specter.service 2>/dev/null | grep -c 'specter.service')
echo "installed=${installed}"
# get network info
localip=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/specter/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /home/specter/.specter/cert.pem -fingerprint -noout | cut -d"=" -f2)
echo "localip='${localip}'"
echo "localIP='${localip}'"
echo "httpPort=''"
echo "httpsPort='25441'"
echo "httpsForced='1'"
echo "httpsSelfsigned='1'"
echo "toraddress='${toraddress}'"
echo "fingerprint='${fingerprint}'"
@ -43,6 +50,7 @@ if [ "$1" = "status" ]; then
else
echo "configured=0"
echo "installed=0"
fi
exit 0
@ -61,7 +69,7 @@ if [ "$1" = "menu" ]; then
# Tor
sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
whiptail --title " Specter Desktop " --msgbox "Open in your local web browser & accept self-signed cert:
https://${localip}:25441
https://${localIP}:25441
SHA1 Thumb/Fingerprint:
${fingerprint}
@ -77,7 +85,7 @@ Unfortunately the camera is currently not usable via Tor, though.
# IP + Domain
whiptail --title " Specter Desktop " --msgbox "Open in your local web browser & accept self-signed cert:
https://${localip}:25441
https://${localIP}:25441
SHA1 Thumb/Fingerprint:
${fingerprint}
@ -206,6 +214,10 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo apt-get install -y virtualenv libffi-dev libusb-1.0.0-dev libudev-dev
sudo adduser --disabled-password --gecos "" specter
if [ "$(ls /home | grep -c "specter")" == "0" ]; then
echo "error='was not able to create user specter'"
exit 1
fi
echo "# add the user to the debian-tor group"
sudo usermod -a -G debian-tor specter
@ -390,6 +402,8 @@ EOF
echo "# blockfilterindex is already active"
fi
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -401,52 +415,57 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# Hidden Service if Tor is active
if [ "${runBehindTor}" = "on" ]; then
echo "# Removing Tor hidden service for specter ..."
/home/admin/config.scripts/tor.onion-service.sh off specter
fi
isInstalled=$(sudo ls /etc/systemd/system/specter.service 2>/dev/null | grep -c 'specter.service')
if [ ${isInstalled} -eq 1 ]; then
echo "# --> REMOVING Specter Desktop"
sudo systemctl stop specter
sudo systemctl disable specter
sudo rm /etc/systemd/system/specter.service
sudo -u specter /home/specter/.env/bin/python3 -m pip uninstall --yes cryptoadvance.specter
if whiptail --defaultno --yesno "Do you want to delete all Data related to specter? This includes also Bitcoin-Core-Wallets managed by specter?" 0 0; then
echo "# --> Removing wallets in core"
bitcoin-cli listwallets | jq -r .[] | tail -n +2
for i in $(bitcoin-cli listwallets | jq -r .[] | tail -n +2)
do
name=$(echo $i | cut -d"/" -f2)
bitcoin-cli unloadwallet specter/$name
done
echo "# --> Removing the /mnt/hdd/app-data/.specter"
sudo rm -rf /mnt/hdd/app-data/.specter
echo "# --> Removing the specter user and home directory "
sudo userdel -rf specter
echo "# --> Removing blockfilterindex"
echo "# changing config ..."
sudo systemctl stop ${network}d
sudo sed -i "s/^blockfilterindex=.*/blockfilterindex=0/g" /mnt/hdd/${network}/${network}.conf
echo "# deleting blockfilterindex ..."
sudo rm -r /mnt/hdd/${network}/indexes/blockfilter
echo "# restarting bitcoind ..."
sudo systemctl restart ${network}d
else
echo "# --> Removing the specter user and home directory"
echo "# --> /mnt/hdd/app-data/.specter is preserved on the disk"
sudo userdel -rf specter
echo "# --> Switch off the blockfilterindex"
sudo sed -i "s/^blockfilterindex=.*/blockfilterindex=0/g" /mnt/hdd/${network}/${network}.conf
echo "# restarting bitcoind ..."
sudo systemctl restart ${network}d
fi
echo "# --> OK Specter Desktop removed."
else
echo "# --> Specter Desktop is not installed."
if [ ${isInstalled} -eq 0 ]; then
echo "error='was not installed'"
exit 1
fi
# removing base systemd service & code
echo "# --> REMOVING Specter Desktop"
sudo systemctl stop specter
sudo systemctl disable specter
sudo rm /etc/systemd/system/specter.service
sudo -u specter /home/specter/.env/bin/python3 -m pip uninstall --yes cryptoadvance.specter 1>&2
# get delete data status - either by parameter or if not set by user dialog
deleteData=""
if [ "$2" == "--delete-data" ]; then
deleteData="1"
fi
if [ "$2" == "--keep-data" ]; then
deleteData="0"
fi
if [ "${deleteData}" == "" ]; then
deleteData=whiptail --defaultno --yesno "Do you want to delete all Data related to specter? This includes also Bitcoin-Core-Wallets managed by specter?" 0 0
fi
# execute on delete data
if [ "${deleteData}" == "1" ]; then
echo "# --> Removing wallets in core"
bitcoin-cli listwallets | jq -r .[] | tail -n +2
for i in $(bitcoin-cli listwallets | jq -r .[] | tail -n +2)
do
name=$(echo $i | cut -d"/" -f2)
bitcoin-cli unloadwallet specter/$name
done
echo "# --> Removing the /mnt/hdd/app-data/.specter"
sudo rm -rf /mnt/hdd/app-data/.specter
else
echo "# --> wallets in core are preserved on the disk (if exist)"
echo "# --> /mnt/hdd/app-data/.specter is preserved on the disk"
fi
echo "# --> Removing the specter user and home directory"
sudo userdel -rf specter
echo "# --> OK Specter Desktop removed."
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi

41
home.admin/config.scripts/bonus.thunderhub.sh
View file

@ -6,7 +6,7 @@ THUBVERSION="v0.13.6"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "config script to install, update or uninstall ThunderHub"
echo "bonus.thunderhub.sh [on|off|menu|update]"
echo "bonus.thunderhub.sh [on|off|menu|update|status]"
echo "install $THUBVERSION by default"
exit 1
fi
@ -20,20 +20,39 @@ PGPpubkeyFingerprint="4403F1DFBE779457"
source /home/admin/raspiblitz.info
source /mnt/hdd/raspiblitz.conf
# show info menu
if [ "$1" = "menu" ]; then
if [ "$1" = "status" ] || [ "$1" = "menu" ]; then
# get network info
isInstalled=$(sudo ls /etc/systemd/system/thunderhub.service 2>/dev/null | grep -c 'thunderhub.service')
localip=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/thunderhub/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
httpPort="3010"
httpsPort="3011"
if [ "$1" = "status" ]; then
echo "installed='${isInstalled}'"
echo "localIP='${localip}'"
echo "httpPort='${httpPort}'"
echo "httpsPort='${httpsPort}'"
echo "httpsForced='0'"
echo "httpsSelfsigned='1'"
echo "authMethod='password_b'"
echo "toraddress='${toraddress}'"
exit
fi
fi
# show info menu
if [ "$1" = "menu" ]; then
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
# Info with TOR
sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
whiptail --title " ThunderHub " --msgbox "Open in your local web browser:
http://${localip}:3010\n
https://${localip}:3011 with Fingerprint:
http://${localip}:${httpPort}\n
https://${localip}:${httpsPort} with Fingerprint:
${fingerprint}\n
Use your Password B to login.\n
Hidden Service address for TOR Browser (see LCD for QR):\n${toraddress}
@ -42,8 +61,8 @@ Hidden Service address for TOR Browser (see LCD for QR):\n${toraddress}
else
# Info without TOR
whiptail --title " ThunderHub " --msgbox "Open in your local web browser:
http://${localip}:3010\n
Or ttps://${localip}:3011 with Fingerprint:
http://${localip}:${httpPort}\n
Or ttps://${localip}:${httpsPort} with Fingerprint:
${fingerprint}\n
Use your Password B to login.\n
Activate TOR to access the web interface from outside your local network.
@ -253,10 +272,15 @@ WantedBy=multi-user.target
if [ "${state}" == "ready" ]; then
echo "# OK - the thunderhub.service is enabled, system is ready so starting service"
sudo systemctl start thunderhub
echo "# Wait startup grace period 60 secs ... "
sleep 60
else
echo "# OK - the thunderhub.service is enabled, to start manually use: 'sudo systemctl start thunderhub'"
fi
fi
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -293,6 +317,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set thunderhub "off"
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
exit 0
fi
@ -344,6 +370,7 @@ if [ "$1" = "update" ]; then
echo
echo "# Starting the ThunderHub service ... *** "
sudo systemctl start thunderhub
exit 0
fi

26
home.admin/config.scripts/cl.hsmtool.sh
View file

@ -28,7 +28,7 @@ if [ $# -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]||\
echo "cl.hsmtool.sh [encrypt|decrypt] <mainnet|testnet|signet>"
echo "cl.hsmtool.sh [autounlock-on|autounlock-off] <mainnet|testnet|signet>"
echo
echo "cl.hsmtool.sh [change-password] <mainnet|testnet|signet> <NewPassword>"
echo "cl.hsmtool.sh [change-password] <mainnet|testnet|signet> <OldPassword> <NewPassword>"
echo
exit 1
fi
@ -100,10 +100,9 @@ function shredPasswordFile() {
}
function encryptHSMsecret() {
walletPassword=$3
walletPassword=$1
if [ ${#walletPassword} -eq 0 ];then
# ask for password in dialog if $walletPassword is not given in $3
sudo /home/admin/config.scripts/blitz.setpassword.sh x \
sudo /home/admin/config.scripts/blitz.passwords.sh set x \
"Enter the password C to encrypt the C-lightning wallet file (hsm_secret)" \
"$passwordFile"
sudo chown bitcoin:bitcoin $passwordFile
@ -119,6 +118,9 @@ function encryptHSMsecret() {
function decryptHSMsecret() {
# optional to give this function the decrypt password
password=$1
# check if encrypted
trap 'rm -f "$output"' EXIT
output=$(mktemp -p /dev/shm/)
@ -131,12 +133,16 @@ function decryptHSMsecret() {
else
# setting value in raspiblitz.conf
/home/admin/config.scripts/blitz.conf.sh set ${netprefix}clEncryptedHSM "on"
if [ -f $passwordFile ];then
if [ "${password}" != "" ]; then
echo "# using the password from parameter"
elif [ -f $passwordFile ];then
echo "# Getting the password from $passwordFile"
password=$(cat sudo cat $passwordFile)
else
passwordToFile
password=$(cat sudo cat $passwordFile)
fi
if sudo cat $passwordFile | sudo -u bitcoin lightning-hsmtool decrypt \
if echo "${password}" | sudo -u bitcoin lightning-hsmtool decrypt \
"$hsmSecretPath"; then
echo "# Decrypted successfully"
else
@ -367,8 +373,8 @@ elif [ "$1" = "encrypt" ]; then
# https://github.com/rootzoll/raspiblitz/blob/dev/FAQ.cl.md#seed
" | sudo -u bitcoin tee /home/bitcoin/.lightning/${CLNETWORK}/seedwords.info
# encrypt
walletPassword=$3
encryptHSMsecret $walletPassword
walletPassword=$4
encryptHSMsecret "$walletPassword"
elif [ "$1" = "decrypt" ]; then
@ -402,8 +408,8 @@ elif [ "$1" = "autounlock-off" ]; then
elif [ "$1" = "change-password" ]; then
decryptHSMsecret || exit 1
walletPassword=$3
decryptHSMsecret "$3"|| exit 1
walletPassword=$4
if ! encryptHSMsecret "$walletPassword"; then
echo "# Warning: the hsm_secret is left unencrypted."
echo "# To fix run:"

71
home.admin/config.scripts/cl.install.sh
View file

@ -2,20 +2,20 @@
# https://lightning.readthedocs.io/
# https://github.com/ElementsProject/lightning/releases
CLVERSION=v0.10.2
CLVERSION=v0.11.0.1
# install the latest master by using the last commit id
# https://github.com/ElementsProject/lightning/commit/master
# CLVERSION="063366ed7e3b7cc12a8d1681acc2b639cf07fa23"
# https://github.com/ElementsProject/lightning/tree/master/contrib/keys
# PGPsigner="rustyrussel"
# PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/rustyrussell.txt"
# PGPpubkeyFingerprint="D9200E6CD1ADB8F1"
PGPsigner="rustyrussel"
PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/rustyrussell.txt"
PGPpubkeyFingerprint="D9200E6CD1ADB8F1"
PGPsigner="cdecker"
PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/${PGPsigner}.txt"
PGPpubkeyFingerprint="A26D6D9FE088ED58"
#PGPsigner="cdecker"
#PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/${PGPsigner}.txt"
#PGPpubkeyFingerprint="A26D6D9FE088ED58"
# help
if [ $# -eq 0 ]||[ "$1" = "-h" ]||[ "$1" = "--help" ];then
@ -34,9 +34,9 @@ if [ $# -eq 0 ]||[ "$1" = "-h" ]||[ "$1" = "--help" ];then
exit 1
fi
function installDependencies()
function installDependencies()
{
echo "- Install build dependencies"
echo "- installDependencies()"
# from https://lightning.readthedocs.io/INSTALL.html#to-build-on-ubuntu
sudo apt-get install -y \
autoconf automake build-essential git libtool libgmp-dev \
@ -44,13 +44,18 @@ function installDependencies()
gettext
# additional requirements
sudo apt-get install -y postgresql libpq-dev
# rust for cln-grpc, includes rustfmt
sudo -u bitcoin curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u bitcoin sh -s -- -y
# mrkd and mistune needs to be globally available for the build
sudo pip3 install mrkd==0.2.0
sudo pip3 install mistune==0.8.4
# for pylightning
echo "- Install from the requirements.txt"
sudo -u bitcoin pip3 install --user mrkd==0.2.0
sudo -u bitcoin pip3 install --user mistune==0.8.4
sudo -u bitcoin pip3 install --user -r requirements.txt
# poetry
sudo -u bitcoin pip3 install --user poetry
if ! grep -Eq '^PATH="$HOME/.local/bin:$PATH"' /mnt/hdd/raspiblitz.conf; then
echo 'PATH="$HOME/.local/bin:$PATH"' | sudo tee -a /home/bitcoin/.profile
fi
export PATH="home/bitcoin/.local/bin:$PATH"
sudo -u bitcoin /home/bitcoin/.local/bin/poetry install
}
function buildAndInstallCLbinaries()
@ -68,7 +73,7 @@ function buildAndInstallCLbinaries()
}
if [ "$1" = "install" ]; then
echo "# *** INSTALL C-LIGHTNING ${CLVERSION} BINARY ***"
echo "# only binary install to system"
echo "# no configuration, no systemd service"
@ -99,7 +104,7 @@ if [ "$1" = "install" ]; then
#
# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/SHA256SUMS
# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/SHA256SUMS.asc
#
#
# verifyResult=$(sudo -u bitcoin gpg --verify SHA256SUMS.asc 2>&1)
#
# goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c)
@ -111,15 +116,15 @@ if [ "$1" = "install" ]; then
# echo "!!! DOWNLOAD FAILED --> PGP verification not OK / signature(${goodSignature}) verify(${correctKey})"
# exit 1
# else
# echo
# echo
# echo "****************************************************************"
# echo "OK --> the PGP signature of the C-lightning SHA256SUMS is correct"
# echo "****************************************************************"
# echo
# echo
# fi
#
#
# sudo -u bitcoin wget https://github.com/ElementsProject/lightning/releases/download/${CLVERSION}/clightning-${CLVERSION}.zip
#
#
# hashCheckResult=$(sha256sum -c SHA256SUMS 2>&1)
# goodHash=$(echo ${hashCheckResult} | grep 'OK' -c)
# echo "goodHash(${goodHash})"
@ -134,7 +139,7 @@ if [ "$1" = "install" ]; then
# echo "********************************************************************"
# echo
# fi
#
#
# sudo -u bitcoin unzip clightning-${CLVERSION}.zip
# cd clightning-${CLVERSION} || exit 1
@ -155,14 +160,14 @@ if [ "$1" = "install" ]; then
installDependencies
buildAndInstallCLbinaries
installed=$(sudo -u bitcoin lightning-cli --version)
if [ ${#installed} -eq 0 ]; then
echo
echo "!!! BUILD FAILED --> Was not able to install C-lightning"
exit 1
fi
correctVersion=$(echo "${installed}" | grep -c "${CLVERSION:1}")
if [ "${correctVersion}" -eq 0 ]; then
echo
@ -221,7 +226,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then
sudo -u bitcoin git clone https://github.com/ElementsProject/lightning.git
cd lightning || exit 1
echo
if [ "$1" = "update" ]; then
if [ $# -gt 1 ];then
CLVERSION=$2
@ -234,7 +239,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then
echo "# Press ENTER to continue or CTRL+C to abort the update"
read -r key
fi
elif [ "$1" = "testPR" ]; then
PRnumber=$2 || exit 1
echo "# Using the PR:"
@ -251,7 +256,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then
buildAndInstallCLbinaries
fi
##########
# Config #
##########
@ -277,7 +282,7 @@ if [ "$1" = on ]||[ "$1" = update ]||[ "$1" = testPR ];then
if [ ${CLNETWORK} != "bitcoin" ] && [ ! -d /home/bitcoin/.lightning/${CLNETWORK} ] ;then
sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK}
fi
if ! sudo ls ${CLCONF};then
echo "# Create ${CLCONF}"
echo "# lightningd configuration for ${network} ${CHAIN}
@ -297,7 +302,7 @@ always-use-proxy=true
echo "# The file ${CLCONF} is already present"
fi
sudo chown -R bitcoin:bitcoin /mnt/hdd/app-data/.lightning
sudo chown -R bitcoin:bitcoin /home/bitcoin/
sudo chown -R bitcoin:bitcoin /home/bitcoin/
## Create a wallet from seedwords for mainnet
if [ ${CHAIN} = "mainnet" ]; then
@ -343,8 +348,8 @@ always-use-proxy=true
#endscript
su bitcoin bitcoin
}" | sudo tee /etc/logrotate.d/${netprefix}lightningd
# debug:
# sudo logrotate --debug /etc/logrotate.d/lightningd
# debug:
# sudo logrotate --debug /etc/logrotate.d/lightningd
echo
sudo -u admin touch /home/admin/_aliases
@ -364,7 +369,7 @@ alias ${netprefix}clconf=\"sudo\
fi
echo "# The installed C-lightning version is: $(sudo -u bitcoin /usr/local/bin/lightningd --version)"
echo
echo
echo "# To activate the aliases reopen the terminal or use:"
echo "source ~/_aliases"
echo "# Monitor the ${netprefix}lightningd with:"
@ -389,7 +394,7 @@ alias ${netprefix}clconf=\"sudo\
fi
if [ "$1" = "display-seed" ]; then
# check if sudo
if [ "$EUID" -ne 0 ]; then
echo "Please run as root (with sudo)"
@ -452,7 +457,7 @@ if [ "$1" = "off" ];then
# setting value in the raspiblitz.conf
/home/admin/config.scripts/blitz.conf.sh set ${netprefix}cl "off"
# if cl mainnet was default - remove
# if cl mainnet was default - remove
if [ "${CHAIN}" == "mainnet" ] && [ "${lightning}" == "cl" ]; then
echo "# CL is REMOVED as the default lightning implementation"
/home/admin/config.scripts/blitz.conf.sh set lightning ""

2
home.admin/config.scripts/lnd.backup.sh
View file

@ -649,7 +649,7 @@ to protect the seed words. Most users did not set this.
sudo rm /var/cache/raspiblitz/.pass.tmp 2>/dev/null
sudo touch /var/cache/raspiblitz/.pass.tmp
sudo chown admin:admin /var/cache/raspiblitz/.pass.tmp
sudo /home/admin/config.scripts/blitz.setpassword.sh x "Enter extra Password D" /var/cache/raspiblitz/.pass.tmp empty-allowed
sudo /home/admin/config.scripts/blitz.password.sh set x "Enter extra Password D" /var/cache/raspiblitz/.pass.tmp empty-allowed
passwordD=$(sudo cat /var/cache/raspiblitz/.pass.tmp)
sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null
fi

8
home.admin/config.scripts/lnd.check.sh
View file

@ -157,7 +157,7 @@ if [ "$1" == "prestart" ]; then
setting ${lndConfFile} ${insertLine} "${network}d\.rpchost" "127\.0\.0\.1\:${portprefix}8332"
##### APPLICATION OPTIONS SECTION #####
sectionLine=$(cat ${lndConfFile} | grep -n "^\[Application Options\]" | cut -d ":" -f1)
echo "# sectionLine(${sectionLine})"
insertLine=$(expr $sectionLine + 1)
@ -243,11 +243,9 @@ if [ "$1" == "prestart" ]; then
setting ${lndConfFile} ${insertLine} "tor.active" "true"
# take care of incompatible settings https://github.com/rootzoll/raspiblitz/issues/2787#issuecomment-991245694
if [ $(cat ${lndConfFile} | grep -c "tor.skip-proxy-for-clearnet-targets=true") -gt 0 ] ||
[ $(cat ${lndConfFile} | grep -c "tor.skip-proxy-for-clearnet-targets=1") -gt 0 ]; then
if [ $(cat ${lndConfFile} | grep -c "^tor.skip-proxy-for-clearnet-targets=true") -gt 0 ] ||
[ $(cat ${lndConfFile} | grep -c "^tor.skip-proxy-for-clearnet-targets=1") -gt 0 ]; then
setting ${lndConfFile} ${insertLine} "tor.streamisolation" "false"
else
setting ${lndConfFile} ${insertLine} "tor.streamisolation" "true"
fi
# deprecate Tor password (remove if in lnd.conf)

16
home.admin/config.scripts/lnd.install.sh
View file

@ -4,17 +4,17 @@
## based on https://raspibolt.github.io/raspibolt/raspibolt_40_lnd.html#lightning-lnd
## see LND releases: https://github.com/lightningnetwork/lnd/releases
## !!!! If you change here - make sure to also change interims version in lnd.update.sh !!!
lndVersion="0.14.2-beta"
lndVersion="0.14.3-beta"
# olaoluwa
# PGPauthor="roasbeef"
# PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
# PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696"
PGPauthor="roasbeef"
PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696"
# guggero
PGPauthor="guggero"
PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
# PGPauthor="guggero"
# PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
# PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
# bitconner
#PGPauthor="bitconner"
@ -411,7 +411,7 @@ alias ${netprefix}lndconf=\"sudo nano /home/bitcoin/.lnd/${netprefix}lnd.conf\"\
# only ask on mainnet for passwordC - for the testnet/signet its default 'raspiblitz'
if [ "${CHAIN}" == "mainnet" ]; then
tempFile="/var/cache/raspiblitz/passwordc.tmp"
sudo /home/admin/config.scripts/blitz.setpassword.sh x "PASSWORD C - LND Wallet Password" ${tempFile}
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD C - LND Wallet Password" ${tempFile}
passwordC=$(sudo cat ${tempFile})
sudo rm ${tempFile}
else

16
home.admin/config.scripts/tor.onion-service.sh
View file

@ -29,9 +29,10 @@ if [ "$1" == "off" ]; then
sudo sed -i "/# Hidden Service for ${service}/,/^\s*$/{d}" "${torrc_services}"
# remove double empty lines
sudo mkdir /var/cache/raspiblitz/tmp 2>/dev/null
sudo cp "${torrc_services}" /var/cache/raspiblitz/tmp
sudo chmod 777 /var/cache/raspiblitz/tmp
sudo chown admin:admin /var/cache/raspiblitz/tmp
sudo chown -R admin:admin /var/cache/raspiblitz/tmp
sudo awk 'NF > 0 {blank=0} NF == 0 {blank++} blank < 2' "${torrc_services}" > /var/cache/raspiblitz/tmp
sudo mv /var/cache/raspiblitz/tmp "${torrc_services}"
sudo chmod 644 "${torrc_services}"
@ -86,9 +87,6 @@ HiddenServiceDir /mnt/hdd/tor/$service
HiddenServiceVersion 3
HiddenServicePort $toPort 127.0.0.1:$fromPort" | sudo tee -a "${torrc_services}"
# remove double empty lines
awk 'NF > 0 {blank=0} NF == 0 {blank++} blank < 2' "${torrc_services}" | sudo tee /var/cache/raspiblitz/tmp >/dev/null && sudo mv /var/cache/raspiblitz/tmp "${torrc_services}"
# check and insert second port pair
if [ ${#toPort2} -gt 0 ]; then
alreadyThere=$(sudo cat "${torrc_services}" 2>/dev/null | grep -c "\b127.0.0.1:$fromPort2\b")
@ -99,6 +97,16 @@ HiddenServicePort $toPort 127.0.0.1:$fromPort" | sudo tee -a "${torrc_services}"
fi
fi
# remove double empty lines
sudo mkdir /var/cache/raspiblitz/tmp 2>/dev/null
sudo cp "${torrc_services}" /var/cache/raspiblitz/tmp
sudo chmod 777 /var/cache/raspiblitz/tmp
sudo chown -R admin:admin /var/cache/raspiblitz/tmp
sudo awk 'NF > 0 {blank=0} NF == 0 {blank++} blank < 2' "${torrc_services}" > /var/cache/raspiblitz/tmp
sudo mv /var/cache/raspiblitz/tmp "${torrc_services}"
sudo chmod 644 "${torrc_services}"
sudo chown bitcoin:bitcoin "${torrc_services}"
# reload tor
echo
echo "Reloading Tor to activate the Hidden Service..."

50
home.admin/setup.scripts/controlFinalDialog.sh
View file

@ -81,58 +81,22 @@ After the final reboot there might now be some waiting time until your Blockchai
" 11 65
fi
########################################
# AFTER FINAL SETUP TASKS
echo "# AFTER FINAL SETUP TASKS" >> /home/admin/raspiblitz.log
# source info fresh
source /home/admin/raspiblitz.info
echo "# source /home/admin/raspiblitz.info" >> /home/admin/raspiblitz.log
cat /home/admin/raspiblitz.info >> /home/admin/raspiblitz.log
# make sure network defaults to bitcoin
if [ "${network}" == "" ]; then
echo "# WARN: default network to bitcoin" >> /home/admin/raspiblitz.log
network="bitcoin"
fi
# make sure for future starts that blockchain service gets started after bootstrap
# so deamon reloas needed ... system will go into reboot after last loop
# needs to be after wait loop because otherwise the "restart" on COPY OVER LAN will not work
echo "# Updating service ${network}d.service ..."
sudo sed -i "s/^Wants=.*/Wants=bootstrap.service/g" /etc/systemd/system/${network}d.service
sudo sed -i "s/^After=.*/After=bootstrap.service/g" /etc/systemd/system/${network}d.service
sudo systemctl daemon-reload 2>/dev/null
# delete setup data from RAM
sudo rm /var/cache/raspiblitz/temp/raspiblitz.setup
# signal that setup phase is over
/home/admin/_cache.sh set setupPhase "done"
# trigger after final setup tasks & reboot
/home/admin/_cache.sh set state "donefinal"
sleep 2
clear
source <(/home/admin/_cache.sh get internet_localip)
/home/admin/_cache.sh set setupPhase "done"
echo "***********************************************************"
echo "RaspiBlitz going to reboot"
echo "***********************************************************"
echo "This is the final setup reboot - you will get disconnected."
echo "SSH again into system with:"
echo "ssh admin@${internet_localip}"
echo "SSH again into system after restart."
echo "Use your password A"
echo "***********************************************************"
echo "# final setup reboot ..." >> /home/admin/raspiblitz.log
########################################
# AFTER SETUP REBOOT
# touchscreen activation, start with configured SWAP, fix LCD text bug
sudo cp /home/admin/raspiblitz.log /home/admin/raspiblitz.setup.log
sudo chmod 640 /home/admin/raspiblitz.setup.log
sudo chown root:sudo /home/admin/raspiblitz.setup.log
timeout 120 /home/admin/config.scripts/blitz.shutdown.sh reboot finalsetup
# if system has not rebooted yet - force reboot directly
sudo shutdown -r now
sleep 5
echo "When green activity light stays dark and LCD turns white then shutdown is complete."
sleep 10
echo "Please wait for shutdown ..."
sleep 120
echo "FAIL: automatic final reboot didnt worked .. please report to dev team and try to reboot manually"
exit 0

81
home.admin/setup.scripts/controlSetupDialog.sh
View file

@ -64,20 +64,13 @@ fi
# QuickOption: Migration from other node
if [ "${setupPhase}" == "migration" ]; then
source <(/home/admin/_cache.sh get hddGotMigrationData hddVersionLND)
# show recovery dialog
echo "# Starting migration dialog (${hddGotMigrationData}) ..."
# check if lightning is outdated
migrationMode="normal"
if [ "${lndVersion}" != "" ]; then
# get local lnd version & check compatibility
source <(/home/admin/config.scripts/lnd.install.sh info "${lndVersion}")
if [ "${compatible}" != "1" ]; then
migrationMode="outdatedLightning"
fi
source <(/home/admin/_cache.sh get hddGotMigrationData migrationMode)
if [ "${migrationMode}" == "" ]; then
migrationMode = "normal"
fi
# show recovery dialog
echo "# Starting migration dialog (${hddGotMigrationData}) (${migrationMode})..."
/home/admin/setup.scripts/dialogMigration.sh ${hddGotMigrationData} ${migrationMode}
if [ "$?" == "0" ]; then
@ -182,35 +175,8 @@ if [ "${setupPhase}" == "setup" ]; then
elif [ "${userChoice}" == "2" ]; then
# KEEP BLOCKCHAIN + DELETE ALL THE REST
# when blockchain comes from another node migrate data first
if [ "${hddGotMigrationData}" != "" ]; then
clear
echo "Migrating Blockchain of ${hddGotMigrationData}'"
source <(sudo /home/admin/config.scripts/blitz.migration.sh migration-${hddGotMigrationData})
if [ "${err}" != "" ]; then
echo "MIGRATION OF BLOCKHAIN FAILED: ${err}"
echo "Format data disk on laptop & recover funds with fresh sd card using seed words + static channel backup."
exit 1
fi
fi
# delete everything but blockchain
echo "Deleting everything on HDD/SSD while keeping blockchain ..."
sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount 1>/dev/null 2>/dev/null
sudo /home/admin/config.scripts/blitz.datadrive.sh clean all -keepblockchain
if [ "${error}" != "" ]; then
echo "CLEANING HDD FAILED:"
echo "${error}"
echo "Please report as issue on the raspiblitz github."
exit 1
fi
sudo /home/admin/config.scripts/blitz.datadrive.sh unmount
sleep 2
# by keeping that blockchain - user chose already the blockchain type
echo "Selecting as blockchain network automatically .."
echo "network=bitcoin" >> $SETUPFILE
# will be done by bootstrap later triggered by setup file entry
echo "cleanHDD=1'" >> $SETUPFILE
else
@ -306,28 +272,6 @@ if [ "${setupPhase}" == "setup" ]; then
done
echo "# CREATING raspiblitz.conf from your setup choices"
# source the raspiblitz version
source /home/admin/_version.info
# source the setup state fresh
source $SETUPFILE
# prepare & write basic config file (on temp mem drive)
CONFIGFILE="/var/cache/raspiblitz/temp/raspiblitz.conf"
sudo rm $CONFIGFILE 2>/dev/null
sudo touch $CONFIGFILE
sudo chown admin:admin $CONFIGFILE
sudo chmod 777 $CONFIGFILE
echo "# RASPIBLITZ CONFIG FILE" > $CONFIGFILE
echo "raspiBlitzVersion='${codeVersion}'" >> $CONFIGFILE
echo "lcdrotate='1'" >> $CONFIGFILE
echo "lightning='${lightning}'" >> $CONFIGFILE
echo "network='${network}'" >> $CONFIGFILE
echo "chain='main'" >> $CONFIGFILE
echo "hostname='${hostname}'" >> $CONFIGFILE
echo "runBehindTor='on'" >> $CONFIGFILE
fi
fi
@ -337,12 +281,9 @@ fi
# for fresh setup & migration
echo "# Starting passwords dialog ..."
/home/admin/setup.scripts/dialogPasswords.sh
sudo /home/admin/setup.scripts/dialogPasswords.sh
# set flag for bootstrap process to kick-off provision process
/home/admin/_cache.sh set state "waitprovision"
clear
echo "# setup dialog done - results in:"
echo "# $SETUPFILE"
echo "# $CONFIGFILE"
clear

6
home.admin/setup.scripts/dialogPasswords.sh
View file

@ -68,7 +68,7 @@ _temp="/var/cache/raspiblitz/temp/.temp.tmp"
# PASSWORD A
if [ "${setPasswordA}" == "1" ]; then
clear
sudo /home/admin/config.scripts/blitz.setpassword.sh x "PASSWORD A - Main User Password" $_temp
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD A - Main User Password" $_temp
password=$(sudo cat $_temp)
sudo rm $_temp
sudo sed -i '/^passwordA=/d' $SETUPFILE
@ -79,7 +79,7 @@ fi
# PASSWORD B
if [ "${setPasswordB}" == "1" ]; then
clear
sudo /home/admin/config.scripts/blitz.setpassword.sh x "PASSWORD B - APP Password" $_temp
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD B - APP Password" $_temp
password=$(sudo cat $_temp)
sudo rm $_temp
sudo sed -i '/^passwordB=/d' $SETUPFILE
@ -90,7 +90,7 @@ fi
# PASSWORD C
if [ "${setPasswordC}" == "1" ]; then
clear
sudo /home/admin/config.scripts/blitz.setpassword.sh x "PASSWORD C - Lightning Wallet Password" $_temp
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD C - Lightning Wallet Password" $_temp
password=$(sudo cat $_temp)
sudo rm $_temp
sudo sed -i '/^passwordC=/d' $SETUPFILE

13
home.admin/setup.scripts/eventInfoWait.sh
View file

@ -60,6 +60,13 @@ Preparing Blockchain Sync
Please wait ...
" 6 30
elif [ "${eventID}" == "formathdd" ]; then
dialog --backtitle "${backtitle}" --cr-wrap --infobox "
Format HDD/SSD
Please wait ...
" 6 30
elif [ "${eventID}" == "reboot" ] && [ "${contentString}" == "finalsetup" ]; then
dialog --backtitle "${backtitle}" --cr-wrap --infobox "
@ -207,9 +214,9 @@ elif [ "${eventID}" == "waitsetup" ] && [ "${mode}" == "lcd" ]; then
dialog --backtitle "${backtitle}" --cr-wrap --infobox "
${welcomeline}
------------------------------------
Use terminal command to login:
ssh admin@${internet_localip}
password: raspiblitz
browser: http://${internet_localip}
terminal: ssh admin@${internet_localip}
password: raspiblitz
" 9 41
else

6
toc.sh
View file

@ -7,9 +7,9 @@
## $1 = FILE.md
red="\033[31m"
#nocolor="\033[0m"
nocolor="\033[0m"
error_msg(){ printf %s"${red}ERROR: ${1}\n" >&2; exit 1; }
error_msg(){ printf %s"${red}ERROR: ${1}\n${nocolor}" >&2; exit 1; }
test -f "${1}" || error_msg "file '${1}' doesn't exist"
@ -59,7 +59,7 @@ while IFS="$(printf '\n')" read -r line; do
## set header indentation
line_md="$(printf '%s\n' "${line_md}" | sed "s|######| -|;s|#####| -|;s|####| -|;s|###| -|;s|##| -|;s|#|-|")"
## set link content
line_content="$(printf '%s\n' "${line_md}" | sed "s/.*- /#/;s| |-|g;s|'||g;s|]||g;s/|/-/g" | tr "[:upper:]" "[:lower:]" | tr -cd "[:alnum:]-._")"
line_content="$(printf '%s\n' "${line_md}" | sed "s/.*- /#/;s| |-|g;s|'||g;s|]||g;s/|/-/g" | tr "[:upper:]" "[:lower:]" | tr -cd "[:alnum:]-_" | tr -d ".")"
## set link reference
line_md="$(printf '%s\n' "${line_md}" | sed "s|- |- [|;s|$|](#${line_content}${line_repeated_index})|")"
## print header