mirror of
https://github.com/rootzoll/raspiblitz.git
synced 2025-02-24 14:51:03 +01:00
electrs: nginx review, don't show addresses in log
related: https://github.com/rootzoll/raspiblitz/issues/1060, https://github.com/rootzoll/raspiblitz/issues/255 fixing: https://github.com/rootzoll/raspiblitz/issues/1251
This commit is contained in:
openoms
parent
920892d8cf
commit
65f29c25fc
1 changed files with 29 additions and 35 deletions
|
|
@ -5,7 +5,7 @@
|
||||||
# command info
|
# command info
|
||||||
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
|
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
|
||||||
echo "config script to switch the Electrum Rust Server on or off"
|
echo "config script to switch the Electrum Rust Server on or off"
|
||||||
echo "bonus.electrs.sh [on|off|status|menu]"
|
echo "bonus.electrs.sh [on|off|status[showAddress]|menu]"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -66,7 +66,9 @@ if [ "$1" = "status" ]; then
|
||||||
# check local IPv4 port
|
# check local IPv4 port
|
||||||
localIP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
|
localIP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
|
||||||
echo "localIP='${localIP}'"
|
echo "localIP='${localIP}'"
|
||||||
echo "publicIP='${publicIP}'"
|
if [ "$2" = "showAddress" ]; then
|
||||||
|
echo "publicIP='${publicIP}'"
|
||||||
|
fi
|
||||||
echo "portTCP='50001'"
|
echo "portTCP='50001'"
|
||||||
localPortRunning=$(sudo netstat -a | grep -c '0.0.0.0:50001')
|
localPortRunning=$(sudo netstat -a | grep -c '0.0.0.0:50001')
|
||||||
echo "localTCPPortActive=${localPortRunning}"
|
echo "localTCPPortActive=${localPortRunning}"
|
||||||
|
|
@ -92,8 +94,10 @@ if [ "$1" = "status" ]; then
|
||||||
# add TOR info
|
# add TOR info
|
||||||
if [ "${runBehindTor}" == "on" ]; then
|
if [ "${runBehindTor}" == "on" ]; then
|
||||||
echo "TORrunning=1"
|
echo "TORrunning=1"
|
||||||
TORaddress=$(sudo cat /mnt/hdd/tor/electrs/hostname)
|
if [ "$2" = "showAddress" ]; then
|
||||||
echo "TORaddress='${TORaddress}'"
|
TORaddress=$(sudo cat /mnt/hdd/tor/electrs/hostname)
|
||||||
|
echo "TORaddress='${TORaddress}'"
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
echo "TORrunning=0"
|
echo "TORrunning=0"
|
||||||
fi
|
fi
|
||||||
|
|
@ -115,7 +119,7 @@ if [ "$1" = "menu" ]; then
|
||||||
|
|
||||||
# get status
|
# get status
|
||||||
echo "# collecting status info ... (please wait)"
|
echo "# collecting status info ... (please wait)"
|
||||||
source <(sudo /home/admin/config.scripts/bonus.electrs.sh status)
|
source <(sudo /home/admin/config.scripts/bonus.electrs.sh status showAddress)
|
||||||
|
|
||||||
if [ ${serviceInstalled} -eq 0 ]; then
|
if [ ${serviceInstalled} -eq 0 ]; then
|
||||||
echo "# FAIL not installed"
|
echo "# FAIL not installed"
|
||||||
|
|
@ -153,7 +157,7 @@ Check 'sudo nginx -t' for a detailed error message.
|
||||||
sudo mkdir /var/log/nginx
|
sudo mkdir /var/log/nginx
|
||||||
sudo systemctl restart nginx
|
sudo systemctl restart nginx
|
||||||
fi
|
fi
|
||||||
/home/admin/config.scripts/internet.selfsignedcert.sh
|
/home/admin/config.scripts/blitz.web.sh
|
||||||
echo "Press ENTER to get back to main menu."
|
echo "Press ENTER to get back to main menu."
|
||||||
read key
|
read key
|
||||||
exit 0
|
exit 0
|
||||||
|
|
@ -326,13 +330,6 @@ EOF
|
||||||
sudo mv /home/admin/config.toml /home/electrs/.electrs/config.toml
|
sudo mv /home/admin/config.toml /home/electrs/.electrs/config.toml
|
||||||
sudo chown electrs:electrs /home/electrs/.electrs/config.toml
|
sudo chown electrs:electrs /home/electrs/.electrs/config.toml
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo "***"
|
|
||||||
echo "Open port 50001 on UFW "
|
|
||||||
echo "***"
|
|
||||||
echo ""
|
|
||||||
sudo ufw allow 50001 comment 'electrs TCP'
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "***"
|
echo "***"
|
||||||
echo "Checking for config.toml"
|
echo "Checking for config.toml"
|
||||||
|
|
@ -346,9 +343,6 @@ EOF
|
||||||
echo "OK"
|
echo "OK"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# create a self-signed ssl certificate
|
|
||||||
/home/admin/config.scripts/internet.selfsignedcert.sh
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "***"
|
echo "***"
|
||||||
echo "Setting up nginx.conf"
|
echo "Setting up nginx.conf"
|
||||||
|
|
@ -372,11 +366,11 @@ stream {
|
||||||
server {
|
server {
|
||||||
listen 50002 ssl;
|
listen 50002 ssl;
|
||||||
proxy_pass electrs;
|
proxy_pass electrs;
|
||||||
ssl_certificate /etc/ssl/certs/localhost.crt;
|
ssl_certificate /mnt/hdd/app-data/nginx/tls.cert;
|
||||||
ssl_certificate_key /etc/ssl/private/localhost.key;
|
ssl_certificate_key /mnt/hdd/app-data/nginx/tls.key;
|
||||||
ssl_session_cache shared:SSL-electrs:1m;
|
ssl_session_cache shared:SSL-electrs:1m;
|
||||||
ssl_session_timeout 4h;
|
ssl_session_timeout 4h;
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
}
|
}
|
||||||
}" | sudo tee -a /etc/nginx/nginx.conf
|
}" | sudo tee -a /etc/nginx/nginx.conf
|
||||||
|
|
@ -390,11 +384,11 @@ stream {
|
||||||
server {
|
server {
|
||||||
listen 50002 ssl;
|
listen 50002 ssl;
|
||||||
proxy_pass electrs;
|
proxy_pass electrs;
|
||||||
ssl_certificate /etc/ssl/certs/localhost.crt;
|
ssl_certificate /mnt/hdd/app-data/nginx/tls.cert;
|
||||||
ssl_certificate_key /etc/ssl/private/localhost.key;
|
ssl_certificate_key /mnt/hdd/app-data/nginx/tls.key;
|
||||||
ssl_session_cache shared:SSL-electrs:1m;
|
ssl_session_cache shared:SSL-electrs:1m;
|
||||||
ssl_session_timeout 4h;
|
ssl_session_timeout 4h;
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
}
|
}
|
||||||
}" | sudo tee -a /etc/nginx/nginx.conf
|
}" | sudo tee -a /etc/nginx/nginx.conf
|
||||||
|
|
@ -405,12 +399,16 @@ stream {
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "allow port 50002 on ufw"
|
|
||||||
sudo ufw allow 50002 comment 'electrs-nginx SSL'
|
|
||||||
|
|
||||||
sudo systemctl enable nginx
|
|
||||||
sudo systemctl restart nginx
|
sudo systemctl restart nginx
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo "***"
|
||||||
|
echo "Open ports 50001 and 5002 on UFW "
|
||||||
|
echo "***"
|
||||||
|
echo ""
|
||||||
|
sudo ufw allow 50001 comment 'electrs TCP'
|
||||||
|
sudo ufw allow 50002 comment 'electrs SSL'
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "***"
|
echo "***"
|
||||||
echo "Installing the systemd service"
|
echo "Installing the systemd service"
|
||||||
|
|
@ -485,17 +483,13 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
||||||
if [ ${isInstalled} -eq 1 ]; then
|
if [ ${isInstalled} -eq 1 ]; then
|
||||||
|
|
||||||
echo "#*** REMOVING ELECTRS ***"
|
echo "#*** REMOVING ELECTRS ***"
|
||||||
|
|
||||||
sudo systemctl stop electrs
|
|
||||||
sudo systemctl disable electrs
|
sudo systemctl disable electrs
|
||||||
|
|
||||||
sudo rm /etc/systemd/system/electrs.service
|
sudo rm /etc/systemd/system/electrs.service
|
||||||
|
# delete user and home directory
|
||||||
sudo rm -rf /home/electrs/electrs
|
sudo userdel -rf electrs
|
||||||
sudo rm -rf /home/electrs/.cargo
|
# close ports on firewall
|
||||||
sudo rm -rf /home/electrs/.rustup
|
sudo ufw deny 50001
|
||||||
sudo rm -rf /home/electrs/.profile
|
sudo ufw deny 50002
|
||||||
|
|
||||||
echo "# OK ElectRS removed."
|
echo "# OK ElectRS removed."
|
||||||
|
|
||||||
## Disable BTCEXP_ADDRESS_API if BTC-RPC-Explorer is active
|
## Disable BTCEXP_ADDRESS_API if BTC-RPC-Explorer is active
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue