prevent redis hang on setup reboot (#4474)

to fix #4469 while removing sudos from bootstrap script
2025-03-01 00:59:23 +01:00 · 2024-03-15 11:28:07 +01:00 · 2024-03-15 11:28:07 +01:00 · 522b13e5d4
commit 522b13e5d4
parent 6918d21639
7 changed files with 156 additions and 76 deletions
--- a/home.admin/_background.scan.sh
+++ b/home.admin/_background.scan.sh
@ -128,6 +128,9 @@ fi
 # flag that init was done (will be checked on each loop)
 /home/admin/_cache.sh set system_init_time "$(date +%s)"
 # add info about start to raspiblitz.log
 echo "INFO: _bootstrap.scan.sh loop started > sudo journalctl -f -u background.scan" >> /home/admin/raspiblitz.log
 while [ 1 ]
 do
@ -140,6 +143,7 @@ do
  source <(/home/admin/_cache.sh get system_init_time)
  if [ "${system_init_time}" == "" ]; then
    echo "FAIL: CACHE IS MISSING INIT DATA ... exiting to let systemd restart"
    echo "INFO: _bootstrap.scan.sh -> cache not running - exiting" >> /home/admin/raspiblitz.log
    exit 1
  fi
--- a/home.admin/_background.sh
+++ b/home.admin/_background.sh
@ -13,6 +13,7 @@ configFile="/mnt/hdd/raspiblitz.conf"
 # LOGS see: sudo journalctl -f -u background
 echo "_background.sh STARTED"
 echo "INFO: _background.sh loop started - sudo journalctl -f -u background" >> /home/admin/raspiblitz.log
 # global vars
 blitzTUIHeartBeatLine=""
@ -104,8 +105,7 @@ do
    # detect a missing DHCP config
    if [ "${localip:0:4}" = "169." ]; then
-      echo "Missing DHCP detected ... trying emergency reboot"
+      echo "Missing DHCP detected ..."
      /home/admin/config.scripts/blitz.shutdown.sh reboot
    else
      echo "DHCP OK"
    fi
--- a/home.admin/_bootstrap.sh
+++ b/home.admin/_bootstrap.sh
@ -3,6 +3,8 @@
 # This script runs on every start called by boostrap.service
 # see logs with --> tail -n 100 /home/admin/raspiblitz.log
 # NOTE: this boostrap script runs as root user (bootstrap.service) - so no sudo needed
 ################################
 # BASIC SETTINGS
 ################################
@ -28,24 +30,35 @@ infoFile="/home/admin/raspiblitz.info"
 setupFile="/var/cache/raspiblitz/temp/raspiblitz.setup"
 # Backup last log file if available
-sudo cp ${logFile} /home/admin/raspiblitz.last.log 2>/dev/null
+cp ${logFile} /home/admin/raspiblitz.last.log 2>/dev/null
 # Init boostrap log file
 echo "Writing logs to: ${logFile}"
 echo "" > $logFile
-sudo chmod 640 ${logFile}
+chmod 640 ${logFile}
-sudo chown root:sudo ${logFile}
+chown root:sudo ${logFile}
 echo "***********************************************" >> $logFile
 echo "Running RaspiBlitz Bootstrap ${codeVersion}" >> $logFile
 date >> $logFile
 echo "***********************************************" >> $logFile
-# make sure SSH server is configured & running
+# list all running systemd services for future debug
-sudo /home/admin/config.scripts/blitz.ssh.sh checkrepair >> ${logFile}
+systemctl list-units --type=service --state=running >> $logFile
 # check if the file /etc/ssh/sshd_init_keys exists --> initial boot of fresh sd card image
 if [ -f "/etc/ssh/sshd_init_keys" ]; then
  echo "# init SSH KEYS fresh for new user" >> $logFile
  /home/admin/config.scripts/blitz.ssh.sh init >> $logFile
 else
  echo "# make sure SSH server is configured & running" >> $logFile
  /home/admin/config.scripts/blitz.ssh.sh checkrepair >> $logFile
 fi
 echo "## prepare raspiblitz temp" >> $logFile
 # make sure /var/cache/raspiblitz/temp exists
-sudo mkdir -p /var/cache/raspiblitz/temp
+mkdir -p /var/cache/raspiblitz/temp
-sudo chmod 777 /var/cache/raspiblitz/temp
+chmod 777 /var/cache/raspiblitz/temp
 ################################
 # INIT raspiblitz.info
@ -96,7 +109,7 @@ echo "ln_cl_mainnet_sync_initial_done=${ln_cl_mainnet_sync_initial_done}" >> $in
 echo "ln_cl_testnet_sync_initial_done=${ln_cl_testnet_sync_initial_done}" >> $infoFile
 echo "ln_cl_signet_sync_initial_done=${ln_cl_signet_sync_initial_done}" >> $infoFile
-sudo chmod 664 ${infoFile}
+chmod 664 ${infoFile}
 # write content of raspiblitz.info to logs
 cat $infoFile >> $logFile
@ -105,6 +118,18 @@ cat $infoFile >> $logFile
 # INIT RaspiBlitz Cache
 #########################
 # make sure that redis service is enabled (disabled on fresh sd card image)
 redisEnabled=$(systemctl is-enabled redis-server | grep -c "enabled")
 echo "## redisEnabled(${redisEnabled})" >> $logFile
 if [ ${redisEnabled} -eq 0 ]; then
  echo "# make sure redis is running" >> $logFile
  sleep 6
  systemctl status redis-server >> $logFile
  systemctl enable redis-server >> $logFile
  systemctl start redis-server >> $logFile
  systemctl status redis-server >> $logFile
 fi
 echo "## INIT RaspiBlitz Cache ... wait background.scan.service to finish first scan loop" >> $logFile
 systemscan_runtime=""
 while [ "${systemscan_runtime}" == "" ]
@ -131,23 +156,18 @@ source ${configFile} 2>/dev/null
 # CHECK SD CARD STATE
 # when a file 'stop' is on the sd card bootfs partition root - stop for manual provision
-flagExists=$(sudo ls /boot/firmware/stop | grep -c 'stop')
+flagExists=$(ls /boot/firmware/stop | grep -c 'stop')
 if [ "${flagExists}" == "1" ]; then
  # remove flag
-  sudo rm /boot/firmware/stop
+  rm /boot/firmware/stop
  # set state info
  /home/admin/_cache.sh set state "stop"
  /home/admin/_cache.sh set message "stopped for manual provision"
  # log info
  echo "INFO: 'bootstrap stopped - run release after manual provison'" >> ${logFile}
  exit 0
 fi
 # wifi config by file on sd card
-wifiFileExists=$(sudo ls /boot/firmware/wifi | grep -c 'wifi')
+wifiFileExists=$(ls /boot/firmware/wifi | grep -c 'wifi')
-wpaFileExists=$(sudo ls /boot/firmware/wpa_supplicant.conf | grep -c 'wpa_supplicant.conf')
+wpaFileExists=$(ls /boot/firmware/wpa_supplicant.conf | grep -c 'wpa_supplicant.conf')
 if [ "${wifiFileExists}" == "1" ] || [ "${wpaFileExists}" == "1" ]; then
  # set info
@ -159,8 +179,8 @@ if [ "${wifiFileExists}" == "1" ] || [ "${wpaFileExists}" == "1" ]; then
  # get second line as string from wifi file (PASSWORD OF WIFI)
  if [ "${wifiFileExists}" == "1" ]; then
    echo "Getting data from file: /boot/firmware/wifi" >> ${logFile}
-    ssid=$(sudo sed -n '1p' /boot/firmware/wifi | tr -d '[:space:]')
+    ssid=$(sed -n '1p' /boot/firmware/wifi | tr -d '[:space:]')
-    password=$(sudo sed -n '2p' /boot/firmware/wifi | tr -d '[:space:]')
+    password=$(sed -n '2p' /boot/firmware/wifi | tr -d '[:space:]')
  fi
  # File: wpa_supplicant.conf (legacy way to set wifi)
@ -182,22 +202,22 @@ if [ "${wifiFileExists}" == "1" ] || [ "${wpaFileExists}" == "1" ]; then
    /home/admin/_cache.sh set state "errorWIFI"
    /home/admin/_cache.sh set message "${err}"
    sleep 60
-    sudo shutdown now
+    shutdown now
    exit 1
  fi
  # remove file
  echo "Setting Wifi worked - removing file" >> ${logFile}
-  sudo rm /boot/firmware/wifi 2>/dev/null
+  rm /boot/firmware/wifi 2>/dev/null
-  sudo rm /boot/firmware/wpa_supplicant.conf 2>/dev/null
+  rm /boot/firmware/wpa_supplicant.conf 2>/dev/null
 else
  echo "No Wifi config by file on sd card." >> ${logFile}
 fi
 # when the provision did not ran thru without error (ask user for fresh sd card)
-provisionFlagExists=$(sudo ls /home/admin/provision.flag | grep -c 'provision.flag')
+provisionFlagExists=$(ls /home/admin/provision.flag | grep -c 'provision.flag')
 if [ "${provisionFlagExists}" == "1" ]; then
-  sudo systemctl stop ${network}d 2>/dev/null
+  systemctl stop ${network}d 2>/dev/null
  /home/admin/_cache.sh set state "inconsistentsystem"
  /home/admin/_cache.sh set message "provision did not ran thru"
  echo "FAIL: 'provision did not ran thru' - need fresh sd card!" >> ${logFile}
@ -224,15 +244,15 @@ sleep 5
 # Emergency cleaning logs when over 1GB (to prevent SD card filling up)
 # see https://github.com/rootzoll/raspiblitz/issues/418#issuecomment-472180944
 echo "*** Checking Log Size ***"
-logsMegaByte=$(sudo du -c -m /var/log | grep "total" | awk '{print $1;}')
+logsMegaByte=$(du -c -m /var/log | grep "total" | awk '{print $1;}')
 if [ ${logsMegaByte} -gt 1000 ]; then
  echo "WARN # Logs /var/log in are bigger then 1GB" >> $logFile
  # dont delete directories - can make services crash
-  sudo rm /var/log/*
+  rm /var/log/*
-  sudo service rsyslog restart
+  service rsyslog restart
  /home/admin/_cache.sh set message "WARNING: /var/log/ >1GB"
  echo "WARN # Logs in /var/log in were bigger then 1GB and got emergency delete to prevent fillup." >> $logFile
-  sudo ls -la /var/log >> $logFile
+  ls -la /var/log >> $logFile
  echo "If you see this in the logs please report to the GitHub issues, so LOG config needs to be optimized." >> $logFile
  sleep 10
 else
@ -241,19 +261,19 @@ fi
 echo ""
 # get the state of data drive
-source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
+source <(/home/admin/config.scripts/blitz.datadrive.sh status)
 ################################
 # WAIT LOOP: HDD CONNECTED
 ################################
 echo "Waiting for HDD/SSD ..." >> $logFile
-sudo ls -la /etc/ssh >> $logFile 
+ls -la /etc/ssh >> $logFile 
 until [ ${isMounted} -eq 1 ] || [ ${#hddCandidate} -gt 0 ]
 do
  # recheck HDD/SSD
-  source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
+  source <(/home/admin/config.scripts/blitz.datadrive.sh status)
  echo "isMounted: $isMounted" >> $logFile
  echo "hddCandidate: $hddCandidate" >> $logFile
@ -288,13 +308,13 @@ systemInitReboot=0
 # the sd card - switch to hdmi
 ################################
-forceHDMIoutput=$(sudo ls /boot/firmware/hdmi* 2>/dev/null | grep -c hdmi)
+forceHDMIoutput=$(ls /boot/firmware/hdmi* 2>/dev/null | grep -c hdmi)
 if [ ${forceHDMIoutput} -eq 1 ]; then
  # delete that file (to prevent loop)
-  sudo rm /boot/hdmi*
+  rm /boot/hdmi*
  # switch to HDMI what will trigger reboot
  echo "HDMI switch found ... activating HDMI display output & reboot" >> $logFile
-  sudo /home/admin/config.scripts/blitz.display.sh set-display hdmi >> $logFile
+  /home/admin/config.scripts/blitz.display.sh set-display hdmi >> $logFile
  systemInitReboot=1
  /home/admin/_cache.sh set message "HDMI"
 else
@ -306,11 +326,11 @@ fi
 # extend sd card to maximum capacity
 ################################
-source <(sudo /home/admin/config.scripts/blitz.bootdrive.sh status)
+source <(/home/admin/config.scripts/blitz.bootdrive.sh status)
 if [ "${needsExpansion}" == "1" ] && [ "${fsexpanded}" == "0" ]; then
  echo "FSEXPAND needed ... starting process" >> $logFile
-  sudo /home/admin/config.scripts/blitz.bootdrive.sh status >> $logFile
+  /home/admin/config.scripts/blitz.bootdrive.sh status >> $logFile
-  sudo /home/admin/config.scripts/blitz.bootdrive.sh fsexpand >> $logFile
+  /home/admin/config.scripts/blitz.bootdrive.sh fsexpand >> $logFile
  systemInitReboot=1
  /home/admin/_cache.sh set message "FSEXPAND"
 elif [ "${tooSmall}" == "1" ]; then
@ -320,7 +340,7 @@ elif [ "${tooSmall}" == "1" ]; then
  /home/admin/_cache.sh set state "sdtoosmall"
  echo "System stopped. Please cut power." >> $logFile
  sleep 6000
-  sudo shutdown -r now
+  shutdown -r now
  slepp 100
  exit 1
 else
@ -364,7 +384,7 @@ fi
 # the sd card - delete old ssh data
 ################################
-sshReset=$(sudo ls /boot/firmware/ssh.reset* 2>/dev/null | grep -c reset)
+sshReset=$(ls /boot/firmware/ssh.reset* 2>/dev/null | grep -c reset)
 if [ ${sshReset} -eq 1 ]; then
  # delete that file (to prevent loop)
  rm /boot/firmware/ssh.reset* >> $logFile
@ -412,7 +432,7 @@ fi
 # UASP FIX
 ################################
 /home/admin/_cache.sh set message "checking HDD"
-source <(sudo /home/admin/config.scripts/blitz.datadrive.sh uasp-fix)
+source <(/home/admin/config.scripts/blitz.datadrive.sh uasp-fix)
 if [ "${neededReboot}" == "1" ]; then
  echo "UASP FIX applied ... reboot needed." >> $logFile
  systemInitReboot=1
@ -425,11 +445,13 @@ fi
 # from actions above
 if [ "${systemInitReboot}" == "1" ]; then
  echo "Stopping Redis server" >> $logFile
  systemctl stop redis
  echo "Reboot" >> $logFile
-  sudo cp ${logFile} /home/admin/raspiblitz.systeminit.log
+  cp ${logFile} /home/admin/raspiblitz.systeminit.log
  /home/admin/_cache.sh set state "reboot"
  sleep 8
-  sudo shutdown -r now
+  shutdown -r now
  sleep 100
  exit 0
 fi
@ -504,7 +526,7 @@ fi
 /home/admin/_cache.sh set message "please wait"
 # get fresh info about data drive to continue
-source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
+source <(/home/admin/config.scripts/blitz.datadrive.sh status)
 echo "isMounted: $isMounted" >> $logFile
@ -590,11 +612,11 @@ if [ ${isMounted} -eq 0 ]; then
  do
    # get fresh info about data drive (in case the hdd gets disconnected)
-    source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
+    source <(/home/admin/config.scripts/blitz.datadrive.sh status)
    if [ "${hddCandidate}" == "" ]; then
      /home/admin/config.scripts/blitz.error.sh _bootstrap.sh "lost-hdd" "Lost HDD connection .. triggering reboot." "happened during WAIT LOOP: USER SETUP/UPDATE/MIGRATION" ${logFile}
      sleep 8
-      sudo shutdown -r now
+      shutdown -r now
      sleep 100
      exit 0
    fi
@ -605,7 +627,7 @@ if [ ${isMounted} -eq 0 ]; then
    if [ "${localip}" == "" ]; then
      sed -i "s/^state=.*/state=errorNetwork/g" ${infoFile}
      sleep 8
-      sudo shutdown now
+      shutdown now
      sleep 100
      exit 0
    fi
@ -630,7 +652,7 @@ if [ ${isMounted} -eq 0 ]; then
  echo "the provision process was started but did not finish yet" > /home/admin/provision.flag
  # get fresh data from setup file & data drive
-  source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
+  source <(/home/admin/config.scripts/blitz.datadrive.sh status)
  source ${setupFile}
  # special setup tasks (triggered by api/webui thru setupfile)
@ -641,7 +663,7 @@ if [ ${isMounted} -eq 0 ]; then
    # check if there is a flag set on sd card boot section to format as btrfs (experimental)
    filesystem="ext4"
-    flagBTRFS=$(sudo ls /boot/firmware/btrfs* 2>/dev/null | grep -c btrfs)
+    flagBTRFS=$(ls /boot/firmware/btrfs* 2>/dev/null | grep -c btrfs)
    if [ "${flagBTRFS}" != "0" ]; then
      echo "Found BTRFS flag ---> formatting with experimental BTRFS filesystem" >> ${logFile}
      filesystem="btrfs"
@ -651,7 +673,7 @@ if [ ${isMounted} -eq 0 ]; then
    error=""
    /home/admin/_cache.sh set state "formathdd"
    echo "Running Format: filesystem(${filesystem}) hddCandidate(${hddCandidate})" >> ${logFile}
-    source <(sudo /home/admin/config.scripts/blitz.datadrive.sh format ${filesystem} ${hddCandidate})
+    source <(/home/admin/config.scripts/blitz.datadrive.sh format ${filesystem} ${hddCandidate})
    if [ "${error}" != "" ]; then
      echo "FAIL ON FORMATTING THE DRIVE:" >> ${logFile}
      echo "${error}" >> ${logFile}
@ -671,7 +693,7 @@ if [ ${isMounted} -eq 0 ]; then
    if [ "${hddGotMigrationData}" != "" ]; then
        clear
        echo "Migrating Blockchain of ${hddGotMigrationData}'" >> ${logFile}
-        source <(sudo /home/admin/config.scripts/blitz.migration.sh migration-${hddGotMigrationData})
+        source <(/home/admin/config.scripts/blitz.migration.sh migration-${hddGotMigrationData})
        if [ "${error}" != "0" ]; then
          echo "MIGRATION OF BLOCKHAIN FAILED: ${err}" >> ${logFile}
          echo "Format data disk on laptop & recover funds with fresh sd card using seed words + static channel backup." >> ${logFile}
@ -683,8 +705,8 @@ if [ ${isMounted} -eq 0 ]; then
    # delete everything but blockchain
    echo "Deleting everything on HDD/SSD while keeping blockchain ..." >> ${logFile}
-    sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount 1>/dev/null 2>/dev/null
+    /home/admin/config.scripts/blitz.datadrive.sh tempmount 1>/dev/null 2>/dev/null
-    sudo /home/admin/config.scripts/blitz.datadrive.sh clean all -keepblockchain >> ${logFile}
+    /home/admin/config.scripts/blitz.datadrive.sh clean all -keepblockchain >> ${logFile}
    if [ "${error}" != "" ]; then
       echo "CLEANING HDD FAILED:" >> ${logFile}
      echo "${error}" >> ${logFile}
@ -693,7 +715,7 @@ if [ ${isMounted} -eq 0 ]; then
      /home/admin/_cache.sh set message "Fail Cleaning HDD"
      exit 1
    fi
-    sudo /home/admin/config.scripts/blitz.datadrive.sh unmount >> ${logFile}
+    /home/admin/config.scripts/blitz.datadrive.sh unmount >> ${logFile}
    /home/admin/_cache.sh set setupPhase "setup"
    sleep 2
@ -718,10 +740,10 @@ if [ ${isMounted} -eq 0 ]; then
    # will first be created and in cache drive
    # and some lines below copied to hdd when mounted
    TEMPCONFIGFILE="/var/cache/raspiblitz/temp/raspiblitz.conf"
-    sudo rm $TEMPCONFIGFILE 2>/dev/null
+    rm $TEMPCONFIGFILE 2>/dev/null
-    sudo touch $TEMPCONFIGFILE
+    touch $TEMPCONFIGFILE
-    sudo chown admin:admin $TEMPCONFIGFILE
+    chown admin:admin $TEMPCONFIGFILE
-    sudo chmod 777 $TEMPCONFIGFILE
+    chmod 777 $TEMPCONFIGFILE
    echo "# RASPIBLITZ CONFIG FILE" > $TEMPCONFIGFILE
    echo "raspiBlitzVersion='${codeVersion}'" >> $TEMPCONFIGFILE
    echo "lcdrotate='1'" >> $TEMPCONFIGFILE
@ -735,7 +757,7 @@ if [ ${isMounted} -eq 0 ]; then
  # make sure HDD is mounted (could be freshly formatted by user on last loop)
  source <(/home/admin/config.scripts/blitz.datadrive.sh status)
  echo "Temp mounting (2) data drive (hddFormat='${hddFormat}')" >> ${logFile}
-  source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount)
+  source <(/home/admin/config.scripts/blitz.datadrive.sh tempmount)
  echo "Temp mounting (2) result: ${isMounted}" >> ${logFile}
  # check that HDD was temp mounted
@ -747,16 +769,16 @@ if [ ${isMounted} -eq 0 ]; then
  # make sure all links between directories/drives are correct
  echo "Refreshing links between directories/drives .." >> ${logFile}
-  sudo /home/admin/config.scripts/blitz.datadrive.sh link
+  /home/admin/config.scripts/blitz.datadrive.sh link
  # copy over the raspiblitz.conf created from setup to HDD
  configExists=$(ls /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "raspiblitz.conf")
  if [ "${configExists}" != "1" ]; then
-    sudo cp /var/cache/raspiblitz/temp/raspiblitz.conf ${configFile}
+    cp /var/cache/raspiblitz/temp/raspiblitz.conf ${configFile}
  fi
  # enable tor service
-  sudo /home/admin/config.scripts/tor.install.sh enable >> ${logFile}
+  /home/admin/config.scripts/tor.install.sh enable >> ${logFile}
  # kick-off provision process
  /home/admin/_cache.sh set state "provision"
@ -824,7 +846,7 @@ if [ ${isMounted} -eq 0 ]; then
  fi
  echo "# setting PASSWORD A" >> ${logFile}
-  sudo /home/admin/config.scripts/blitz.passwords.sh set a "${passwordA}" >> ${logFile}
+  /home/admin/config.scripts/blitz.passwords.sh set a "${passwordA}" >> ${logFile}
  # Bitcoin Mainnet
  if [ "${mainnet}" == "on" ] || [ "${chain}" == "main" ]; then
@ -857,7 +879,7 @@ if [ ${isMounted} -eq 0 ]; then
    /home/admin/_cache.sh set message "Provision Setup"
    /home/admin/_provision.setup.sh
    errorState=$?
-    sudo cat /home/admin/raspiblitz.provision-setup.log
+    cat /home/admin/raspiblitz.provision-setup.log
    if [ "$errorState" != "0" ]; then
      # only trigger an error message if the script hasnt itself triggered an error message already
      source <(/home/admin/_cache.sh get state)
@ -983,7 +1005,7 @@ else
  # limit debug.log to 10MB on start - see #3872
  if [ $(grep -c "shrinkdebugfile=" < /mnt/hdd/bitcoin/bitcoin.conf) -eq 0 ];then
-    echo "shrinkdebugfile=1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf
+    echo "shrinkdebugfile=1" | tee -a /mnt/hdd/bitcoin/bitcoin.conf
  fi
  # /mnt/hdd/lnd/logs/bitcoin/mainnet/lnd.log
  rm /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2>/dev/null
@ -1048,7 +1070,7 @@ fi
 # CLEAN HDD TEMP
 #####################################
 echo "CLEANING TEMP DRIVE/FOLDER" >> $logFile
-source <(sudo /home/admin/config.scripts/blitz.datadrive.sh clean temp)
+source <(/home/admin/config.scripts/blitz.datadrive.sh clean temp)
 if [ ${#error} -gt 0 ]; then
  echo "FAIL: ${error}" >> $logFile
 else
@ -1082,7 +1104,7 @@ fi
 if [ -d "/mnt/hdd/app-data/subscriptions" ]; then
  echo "OK: subscription data directory exists"
-  sudo chown admin:admin /mnt/hdd/app-data/subscriptions
+  chown admin:admin /mnt/hdd/app-data/subscriptions
 else
  echo "CREATE: subscription data directory"
  mkdir /mnt/hdd/app-data/subscriptions
@ -1090,7 +1112,7 @@ else
 fi
 # make sure that bitcoin service is active
-sudo systemctl enable ${network}d
+systemctl enable ${network}d
 # make sure setup/provision is marked as done
 /home/admin/_cache.sh set setupPhase "done"
--- a/home.admin/_cache.sh
+++ b/home.admin/_cache.sh
@ -112,6 +112,7 @@ elif [ "$1" = "keyvalue" ] && [ "$2" = "on" ]; then
  # edit config: dont save to disk
  sudo sed -i "/^save .*/d" /etc/redis/redis.conf
  sudo sed -i 's/^stop-writes-on-bgsave-error yes/stop-writes-on-bgsave-error no/' /etc/redis/redis.conf
  # restart with new config
  if ! ischroot; then sudo systemctl restart redis-server; fi
--- a/home.admin/config.scripts/blitz.error.sh
+++ b/home.admin/config.scripts/blitz.error.sh
@ -60,6 +60,10 @@ if [ "${logfile}" !=  "" ]; then
  echo "##################" >> ${logFile}
  echo "${errorReport}" >> ${logFile}
  echo "##################" >> ${logFile}
 else 
  # if no logfile given - write to default log
    echo "##################" >> /home/admin/raspiblitz.log
  echo "${errorReport}" >> /home/admin/raspiblitz.log
 fi
 # on serial calls make sure that at least a second is between error reports
--- a/home.admin/config.scripts/blitz.preparerelease.sh
+++ b/home.admin/config.scripts/blitz.preparerelease.sh
@ -25,6 +25,7 @@ echo
 echo "deleting SSH Pub keys ..."
 echo "they will get recreated on fresh bootup, by _bootstrap.sh service"
 sudo rm /etc/ssh/ssh_host_*
 sudo touch /etc/ssh/sshd_init_keys
 echo "OK"
 # https://github.com/rootzoll/raspiblitz/issues/1068#issuecomment-599267503
@ -49,6 +50,14 @@ update_config=1
 country=US" | sudo tee /etc/wpa_supplicant/wpa_supplicant.conf  2>/dev/null
 echo "OK"
 # make sure that every install runs API with own secret
 # https://github.com/raspiblitz/raspiblitz/issues/4469
 echo
 echo "disable redis for initial start ..."
 sudo systemctl stop redis 2>/dev/null
 sudo systemctl disable redis 2>/dev/null
 echo "OK"
 echo
 echo "Will shutdown now."
 echo "Wait until Raspberry LEDs show no activity anymore."
--- a/home.admin/config.scripts/blitz.ssh.sh
+++ b/home.admin/config.scripts/blitz.ssh.sh
@ -5,7 +5,8 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ];
  echo "RaspiBlitz SSH tools"
  echo
  echo "## SSHD SERVICE #######"
-  echo "blitz.ssh.sh renew       --> renew the sshd host certs"
+  echo "blitz.ssh.sh renew       --> renew the sshd host certs & restarts sshd"
  echo "blitz.ssh.sh init        --> just creates sshd host certs"
  echo "blitz.ssh.sh clear       --> make sure old sshd host certs are cleared"
  echo "blitz.ssh.sh checkrepair --> check sshd & repair just in case"
  echo "blitz.ssh.sh backup      --> copy ssh keys to backup (if exist)"
@ -27,28 +28,67 @@ if [ "$EUID" -ne 0 ]; then
  exit 1
 fi
 ###################
 # INIT
 ###################
 if [ "$1" = "init" ]; then
  echo "# *** $0 $1"
  echo "# generate new keys"
  ssh-keygen -A
  if [ $? -gt 0 ]; then
    echo "error='ssh-keygen failed'"
    exit 1
  fi
  echo "# reconfigure"
  dpkg-reconfigure openssh-server
  if [ $? -gt 0 ]; then
    echo "error='dpkg-reconfigure failed'"
    exit 1
  fi
  echo "# remove flag"
  rm /etc/ssh/sshd_init_keys
  echo "# restart sshd"
  systemctl restart sshd
  if [ $? -gt 0 ]; then
    echo "error='sshd restart failed'"
    exit 1
  fi
  exit 0
 fi
 ###################
 # RENEW
 ###################
 if [ "$1" = "renew" ]; then
  echo "# *** $0 $1"
-  # stop sshd
+  echo "# stop sshd"
  systemctl stop sshd
-  # remove old keys
+  echo "# remove old keys"
  rm /etc/ssh/ssh_host_*
-  # generate new keys
+  echo "# generate new keys"
  ssh-keygen -A
  echo "# reconfigure"
  dpkg-reconfigure openssh-server
-  # clear journalctl logs
+  echo "# clear journalctl logs"
  journalctl --rotate
  journalctl --vacuum-time=1s
-  # restart sshd
+  if [ "$1" = "init" ]; then
    echo "# init mode - not starting sshd"
    rm /etc/ssh/sshd_init_keys
  else
    echo "# start sshd"
    systemctl start sshd
  fi
  exit 0
 fi