mirror of
https://github.com/rootzoll/raspiblitz.git
synced 2025-02-24 22:58:43 +01:00
lnbits: run with separate user
This commit is contained in:
openoms
parent
dd6bce73a4
commit
20b916ed93
1 changed files with 32 additions and 29 deletions
|
|
@ -83,11 +83,11 @@ if [ "$1" = "write-macaroons" ]; then
|
|||
macaroonAdminHex=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/admin.macaroon)
|
||||
macaroonInvoiceHex=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/invoice.macaroon)
|
||||
macaroonReadHex=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/readonly.macaroon)
|
||||
sudo sed -i "s/^LND_CERT=.*/LND_CERT=/mnt/hdd/lnd/data/chain/${network}/${chain}net/tls.cert/g" /home/admin/lnbits/.env
|
||||
sudo sed -i "s/^LND_ADMIN_MACAROON=.*/LND_ADMIN_MACAROON=${macaroonAdminHex}/g" /home/admin/lnbits/.env
|
||||
sudo sed -i "s/^LND_INVOICE_MACAROON=.*/LND_INVOICE_MACAROON=${macaroonInvoiceHex}/g" /home/admin/lnbits/.env
|
||||
sudo sed -i "s/^LND_READ_MACAROON=.*/LND_READ_MACAROON=${macaroonReadHex}/g" /home/admin/lnbits/.env
|
||||
echo "# OK - macaroons written to /home/admin/lnbits/.env"
|
||||
sudo -u lnbits sed -i "s/^LND_CERT=.*/LND_CERT=\/mnt\/hdd\/lnd\/data\/chain\/${network}\/${chain}net\/tls.cert/g" /home/lnbits/lnbits/.env
|
||||
sudo -u lnbits sed -i "s/^LND_ADMIN_MACAROON=.*/LND_ADMIN_MACAROON=${macaroonAdminHex}/g" /home/lnbits/lnbits/.env
|
||||
sudo -u lnbits sed -i "s/^LND_INVOICE_MACAROON=.*/LND_INVOICE_MACAROON=${macaroonInvoiceHex}/g" /home/lnbits/lnbits/.env
|
||||
sudo -u lnbits sed -i "s/^LND_READ_MACAROON=.*/LND_READ_MACAROON=${macaroonReadHex}/g" /home/lnbits/lnbits/.env
|
||||
echo "# OK - macaroons written to /home/lnbits/lnbits/.env"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
|
@ -102,43 +102,46 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
|
|||
isInstalled=$(sudo ls /etc/systemd/system/lnbits.service 2>/dev/null | grep -c 'lnbits.service')
|
||||
if [ ${isInstalled} -eq 0 ]; then
|
||||
|
||||
echo "*** Add the 'lnbits' user ***"
|
||||
sudo adduser --disabled-password --gecos "" lnbits
|
||||
|
||||
# make sure needed debian packages are installed
|
||||
echo "# installing needed packages"
|
||||
sudo apt-get install -y pipenv 2>/dev/null
|
||||
|
||||
# install from GitHub
|
||||
echo "# get the github code"
|
||||
sudo rm -r /home/admin/lnbits 2>/dev/null
|
||||
cd /home/admin
|
||||
sudo -u admin git clone https://github.com/arcbtc/lnbits.git
|
||||
cd /home/admin/lnbits
|
||||
sudo -u admin git checkout tags/0.1.0
|
||||
sudo rm -r /home/lnbits/lnbits 2>/dev/null
|
||||
cd /home/lnbits
|
||||
sudo -u lnbits git clone https://github.com/arcbtc/lnbits.git
|
||||
cd /home/lnbits/lnbits
|
||||
sudo -u lnbits git checkout tags/0.1.0
|
||||
|
||||
# prepare .env file
|
||||
echo "# preparing env file"
|
||||
sudo rm /home/admin/lnbits/.env 2>/dev/null
|
||||
echo "FLASK_APP=lnbits" >> /home/admin/lnbits/.env
|
||||
echo "FLASK_ENV=production" >> /home/admin/lnbits/.env
|
||||
echo "LNBITS_BACKEND_WALLET_CLASS=LndWallet" >> /home/admin/lnbits/.env
|
||||
echo "LND_GRPC_ENDPOINT=127.0.0.1" >> /home/admin/lnbits/.env
|
||||
echo "LND_GRPC_PORT=10009" >> /home/admin/lnbits/.env
|
||||
echo "LNBITS_FORCE_HTTPS=0" >> /home/admin/lnbits/.env
|
||||
sudo -u admin /home/admin/config.scripts/bonus.lnbits.sh write-macaroons
|
||||
sudo rm /home/lnbits/lnbits/.env 2>/dev/null
|
||||
sudo -u lnbits touch /home/lnbits/lnbits/.env
|
||||
sudo bash -c "echo 'FLASK_APP=lnbits' >> /home/lnbits/lnbits/.env"
|
||||
sudo bash -c "echo 'FLASK_ENV=production' >> /home/lnbits/lnbits/.env"
|
||||
sudo bash -c "echo 'LNBITS_BACKEND_WALLET_CLASS=LndWallet' >> /home/lnbits/lnbits/.env"
|
||||
sudo bash -c "echo 'LND_GRPC_ENDPOINT=127.0.0.1' >> /home/lnbits/lnbits/.env"
|
||||
sudo bash -c "echo 'LND_GRPC_PORT=10009' >> /home/lnbits/lnbits/.env"
|
||||
sudo bash -c "echo 'LNBITS_FORCE_HTTPS=0' >> /home/lnbits/lnbits/.env"
|
||||
/home/admin/config.scripts/bonus.lnbits.sh write-macaroons
|
||||
|
||||
# set database path to HDD data so that its survives updates and migrations
|
||||
sudo mkdir /mnt/hdd/app-data/LNBits 2>/dev/null
|
||||
sudo chown admin:admin -R /mnt/hdd/app-data/LNBits
|
||||
echo "LNBITS_DATA_FOLDER=/mnt/hdd/app-data/LNBits" >> /home/admin/lnbits/.env
|
||||
sudo chown lnbits:lnbits -R /mnt/hdd/app-data/LNBits
|
||||
sudo bash -c "echo 'LNBITS_DATA_FOLDER=/mnt/hdd/app-data/LNBits' >> sudo /home/lnbits/lnbits/.env"
|
||||
|
||||
# to the install
|
||||
echo "# installing application dependencies"
|
||||
cd /home/admin/lnbits
|
||||
sudo -u admin pipenv install
|
||||
sudo -u admin /usr/bin/pipenv run pip install python-dotenv
|
||||
|
||||
cd /home/lnbits/lnbits
|
||||
sudo -u lnbits pipenv install
|
||||
sudo -u lnbits /usr/bin/pipenv run pip install python-dotenv
|
||||
# to the install
|
||||
echo "# updating databases"
|
||||
sudo -u admin /usr/bin/pipenv run flask migrate
|
||||
sudo -u lnbits /usr/bin/pipenv run flask migrate
|
||||
|
||||
# open firewall
|
||||
echo
|
||||
|
|
@ -158,9 +161,9 @@ Wants=lnd.service
|
|||
After=lnd.service
|
||||
|
||||
[Service]
|
||||
WorkingDirectory=/home/admin/lnbits
|
||||
ExecStart=/bin/sh -c 'cd /home/admin/lnbits && pipenv run gunicorn -b :5000 lnbits:app -k gevent'
|
||||
User=admin
|
||||
WorkingDirectory=/home/lnbits/lnbits
|
||||
ExecStart=/bin/sh -c 'cd /home/lnbits/lnbits && pipenv run gunicorn -b :5000 lnbits:app -k gevent'
|
||||
User=lnbits
|
||||
Restart=always
|
||||
TimeoutSec=120
|
||||
RestartSec=30
|
||||
|
|
@ -202,7 +205,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
|||
sudo systemctl stop lnbits
|
||||
sudo systemctl disable lnbits
|
||||
sudo rm /etc/systemd/system/lnbits.service
|
||||
sudo rm -r /home/admin/lnbits
|
||||
sudo userdel -rf lnbits
|
||||
echo "OK LNbits removed."
|
||||
else
|
||||
echo "LNbits is not installed."
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue