mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2025-03-01 00:59:23 +01:00
Code Issues Projects Releases Packages Wiki Activity

merigng 1.9RC2 changes (#3657)

Browse source
This commit is contained in:
/rootzoll 2023-02-05 23:11:49 +01:00 committed by GitHub
parent 8d5f42ff2e
commit 8727207987
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
47 changed files with 1318 additions and 642 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
CHANGES.md
View file

@ -4,31 +4,37 @@
- New: Automated disk image build for amd64 (VM, laptop, desktop, server) and arm64-rpi (Raspberry Pi) [details](https://github.com/rootzoll/raspiblitz/tree/dev/ci/README.md)
- New: Fatpack & Minimal sd card builds [details](SECURITY.md#minimal-sd-card-build)
- New: I2P support for Bitcoin Core (i2pacceptincoming=1) [details](https://github.com/rootzoll/raspiblitz/issues/2413)
- New: CLN Watchtower (The Eye of Satoshi) [details](https://github.com/talaia-labs/rust-teos/tree/master/watchtower-plugin)
- New: LNDg v1.4.0 [details](https://github.com/cryptosharks131/lndg)
- New: Support of X708 UPS HAT [details](https://github.com/rootzoll/raspiblitz/pull/3087)
- New: BOS Telegram Bot Support (see OPTIONS on LND Balance of Satoshis menu entry)
- New: LightningTipBot v0.5 [details](https://github.com/LightningTipBot/LightningTipBot)
- New: CLI shortcut for ↬lnproxy [details](https://github.com/rootzoll/raspiblitz/pull/3333)
- New on WebUI: Jam (JoinMarket Web UI) v0.1.4 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.4)
- Update: Bitcoin Core v24.0.1 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.0.1.md)
- Update: LND v0.15.5 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.5-beta
- Update: LND v0.15.5 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.5-beta)
- Update: Core Lightning v22.11.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v22.11.1)
- Update: Electrum Server in Rust (electrs) v0.9.10 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0910-nov-3-2022)
- Update: Electrum Server in Rust (electrs) v0.9.11 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0911-jan-5-2023)
- Update: Lightning Terminal v0.8.4-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.8.4-alpha)
- Update: RTL v0.13.0 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.12.3)
- Update: Thunderhub v0.13.16 with balance sharing disabled [details](https://github.com/apotdevin/thunderhub/releases/tag/v0.13.16)
- Update: LNbits 0.9.4 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.2)
- Update: BTCPayServer 1.7.2 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.2)
- Update: LNbits 0.9.6 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.6)
- Update: BTCPayServer 1.7.5 (using postgres for new installs) [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5)
- Update: ItchySats 0.7.0 [details](https://github.com/itchysats/itchysats/releases/tag/0.7.0)
- Update: Channel Tools (chantools) v0.10.5 [details](https://github.com/guggero/chantools/releases/tag/v0.10.5)
- Update: JoinMarket v0.9.8 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.8)
- Update: JoininBox v0.7.4 [details](https://github.com/openoms/joininbox/releases/tag/v0.7.3)
- Update: Balance of Satoshis 13.6.0 (BOS) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#1360)
- Update: Circuitbreaker v0.3.2 [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md)
- Update: JoinMarket v0.9.9 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.9)
- Update: JoininBox v0.7.6 [details](https://github.com/openoms/joininbox/releases/tag/v0.7.6)
- Update: Balance of Satoshis 13.15.0 (bos) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#13150)
- Update: lndmanage 0.14.2 [details](https://github.com/bitromortac/lndmanage)
- Update: Circuitbreaker with webUI [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md)
- Update: Suez - Channel Visualization for LND & CL [details](https://github.com/prusnak/suez)
- Update: Tallycoin Connect v1.7.5 [details](https://github.com/djbooth007/tallycoin_connect/releases/tag/v1.7.5)
- Fixed: SCB/Emergency-Backup to USB drive (now also with CLN emergency.recover file)
- Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox)
- Info: IP2Tor unavailable & deactivated in SSH menus [details](https://github.com/rootzoll/raspiblitz/issues/3417#issuecomment-1310303480)
- Info: IP2Tor fix fulmo shop & added new ip2tor.com shop
- Info: 32GB sdcard is now enforced (after being recommended since v1.5)
- Info: 'Reindex Blockchain' is not part of 'repair' menu
## What's new in Version 1.8.0c of RaspiBlitz?

2
FAQ.cl.md
View file

@ -59,7 +59,7 @@
* Yes, all [BOLT specification](https://github.com/lightningnetwork/lightning-rfc) compliant implementations can open channels to each other and route payments.
### Can I run LND and CLN connected to the same node?
* Yes, both can run parallel on a RaspiBlitz and even have channels witch each other.
* Yes, both can run parallel on a RaspiBlitz and even have channels with each other.
### Can I convert an LND node to CLN (or the opposite)?
* No, currently there are no tools available to convert between the databases storing the channel states.

181
FAQ.md
View file

@ -4,74 +4,77 @@
---
Table of Contents
---
- [Upgrade](#upgrade)
- [How to verify the SD card image after download?](#how-to-verify-the-sd-card-image-after-download)
- [What changed on every upgrade?](#what-changed-on-every-upgrade)
- [How do I upgrade my RaspiBlitz?](#how-do-i-upgrade-my-raspiblitz)
- [Why do I need to re-burn my SD card for an update?](#why-do-i-need-to-re-burn-my-sd-card-for-an-update)
- [How can I update LND or bitcoind even before the next RaspiBlitz update?](#how-can-i-update-lnd-or-bitcoind-even-before-the-next-raspiblitz-update)
- [SSH](#ssh)
- [What to do when on SSH I see "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"](#what-to-do-when-on-ssh-i-see-warning-remote-host-identification-has-changed)
- [How do I unplug/shutdown safely without SSH](#how-do-i-unplugshutdown-safely-without-ssh)
- [I cannot connect via SSH to my RaspiBlitz. What do I do?](#i-cannot-connect-via-ssh-to-my-raspiblitz-what-do-i-do)
- [How to SSH over Tor?](#how-to-ssh-over-tor)
- [How to setup port-forwarding with a SSH tunnel?](#how-to-setup-port-forwarding-with-a-ssh-tunnel)
- [How do I setup just a port-forwarding user on my public server?](#how-do-i-setup-just-a-port-forwarding-user-on-my-public-server)
- [Display](#display)
- [Can I flip the screen?](#can-i-flip-the-screen)
- [How to fix my upside down LCD after update?](#how-to-fix-my-upside-down-lcd-after-update)
- [Can I run the RaspiBlitz without a display/LCD?](#can-i-run-the-raspiblitz-without-a-displaylcd)
- [How do I find the IP address when running without a display?](#how-do-i-find-the-ip-address-when-running-without-a-display)
- [Debug](#debug)
- [I have the full blockchain on another storage. How do I copy it to the RaspiBlitz?](#i-have-the-full-blockchain-on-another-storage-how-do-i-copy-it-to-the-raspiblitz)
- [How do I generate a Debug Report?](#how-do-i-generate-a-debug-report)
- [Why is my "final sync" taking so long?](#why-is-my-final-sync-taking-so-long)
- [How do I backup my Lightning Node?](#how-do-i-backup-my-lightning-node)
- [1) Securing your On-Chain- and Channel-Funds during Operation](#and-channel-funds-during-operation)
- [2) Making a complete LND data backup](#2-making-a-complete-lnd-data-backup)
- [How can I recover my coins from a failing RaspiBlitz?](#how-can-i-recover-my-coins-from-a-failing-raspiblitz)
- [1) Recover LND data](#1-recover-lnd-data)
- [2) Recover from Wallet Seed](#2-recover-from-wallet-seed)
- [How do I move funds & channels from RaspiBlitz to LND Lightning Desktop App?](#how-do-i-move-funds--channels-from-raspiblitz-to-lnd-lightning-desktop-app)
- [How do I change the Name/Alias of my lightning node](#how-do-i-change-the-namealias-of-my-lightning-node)
- [How do I change the public port LND/Lightning node is running on?](#how-do-i-change-the-public-port-lndlightning-node-is-running-on)
- [How do I solve a "signature mismatch after caveat verification" error?](#how-do-i-solve-a-signature-mismatch-after-caveat-verification-error)
- [Why is my node not routing?](#why-is-my-node-not-routing)
- [When using Auto-Unlock, how much security do I lose?](#when-using-auto-unlock-how-much-security-do-i-lose)
- [I connected my HDD but it still says 'Connect HDD' on the display?](#i-connected-my-hdd-but-it-still-says-connect-hdd-on-the-display)
- [How do I shrink the QR code for connecting my Shango/Zap/Zeus mobile phone?](#how-do-i-shrink-the-qr-code-for-connecting-my-shangozapzeus-mobile-phone)
- [Why is my bitcoin IP on the display red?](#why-is-my-bitcoin-ip-on-the-display-red)
- [Why is my node address on the display red?](#why-is-my-node-address-on-the-display-red)
- [Why is my node address on the display yellow (not green)?](#why-is-my-node-address-on-the-display-yellow-not-green)
- [How do I fix a displayed Error in my Config?](#how-do-i-fix-a-displayed-error-in-my-config)
- [Can I run the RaspiBlitz as Backend for BTCPayServer?](#can-i-run-the-raspiblitz-as-backend-for-btcpayserver)
- [I don't have a LAN port on my Laptop - how do I connect to my RaspiBlitz?](#how-do-i-connect-to-my-raspiblitz)
- [Is it possible to connect the Blitz over Wifi instead of using a LAN cable?](#is-it-possible-to-connect-the-blitz-over-wifi-instead-of-using-a-lan-cable)
- [Can I directly connect the RaspiBlitz to my laptop?](#can-i-directly-connect-the-raspiblitz-to-my-laptop)
- [How to attach the RaspberryPi to the HDD?](#how-to-attach-the-raspberrypi-to-the-hdd)
- [What other case options do I have?](#what-other-case-options-do-i-have)
- [Are those "Under-Voltage detected" warnings a problem?](#are-those-under-voltage-detected-warnings-a-problem)
- [How do I return to the menu after exiting to the command line](#how-do-i-return-to-the-menu-after-exiting-to-the-command-line)
- [How do I setup fresh/clean/reset and without going into recovery mode?](#how-do-i-setup-freshcleanreset-and-without-going-into-recovery-mode)
- [My blockchain data is corrupted - what can I do?](#what-can-i-do)
- [I have two RaspiBlitz in my network - can they both be public?](#can-they-both-be-public)
- [How can I enforce UASP mode for my SSD controller?](#how-can-i-enforce-uasp-mode-for-my-ssd-controller)
- [I am facing maintenance/emergency mode on boot. How do I fix it?](#i-am-facing-maintenanceemergency-mode-on-boot-how-do-i-fix-it)
- [Extras](#extras)
- [How do I connect a UPS to the RaspiBlitz?](#how-do-i-connect-a-ups-to-the-raspiblitz)
- [Can I run my RaspiBlitz on Solar Energy?](#can-i-run-my-raspiblitz-on-solar-energy)
- [How to use the Let's Encrypt client](#how-to-use-the-lets-encrypt-client)
- [Let's Encrypt - HTTP-01](#http-01)
- [Let's Encrypt - DNS-01](#dns-01)
- [Let's Encrypt - eMail Address](#email-address)
- [Let's Encrypt - Installation details](#installation-details)
- [What is this mnemonic seed word list?](#what-is-this-mnemonic-seed-word-list)
- [How do I set up VNC?](#how-do-i-set-up-vnc)
- [Why use BTRFS on RaspiBlitz?](#why-use-btrfs-on-raspiblitz)
- [Storing your important Data in RAID1 with a USB Thumb Drive](#storing-your-important-data-in-raid1-with-a-usb-thumb-drive)
- [Snapshotting the Blockchain](#snapshotting-the-blockchain)
- [How do I use BTRFS on RaspiBlitz?](#how-do-i-use-btrfs-on-raspiblitz)
- [How to recover a BTRFS partition?](#how-to-recover-a-btrfs-partition)
- [Table of Contents](#table-of-contents)
- [Upgrade](#upgrade)
- [How to verify the SD card image after download?](#how-to-verify-the-sd-card-image-after-download)
- [What changed on every upgrade?](#what-changed-on-every-upgrade)
- [How do I upgrade my RaspiBlitz?](#how-do-i-upgrade-my-raspiblitz)
- [Why do I need to re-burn my SD card for an update?](#why-do-i-need-to-re-burn-my-sd-card-for-an-update)
- [How can I update LND or bitcoind even before the next RaspiBlitz update?](#how-can-i-update-lnd-or-bitcoind-even-before-the-next-raspiblitz-update)
- [SSH](#ssh)
- [What to do when on SSH I see "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"](#what-to-do-when-on-ssh-i-see-warning-remote-host-identification-has-changed)
- [How do I unplug/shutdown safely without SSH](#how-do-i-unplugshutdown-safely-without-ssh)
- [I cannot connect via SSH to my RaspiBlitz. What do I do?](#i-cannot-connect-via-ssh-to-my-raspiblitz-what-do-i-do)
- [How to SSH over Tor?](#how-to-ssh-over-tor)
- [How to setup port-forwarding with a SSH tunnel?](#how-to-setup-port-forwarding-with-a-ssh-tunnel)
- [How do I setup just a port-forwarding user on my public server?](#how-do-i-setup-just-a-port-forwarding-user-on-my-public-server)
- [How to reset the ssh config and keys?](#how-to-reset-the-ssh-config-and-keys)
- [Display](#display)
- [Can I flip the screen?](#can-i-flip-the-screen)
- [How to fix my upside down LCD after update?](#how-to-fix-my-upside-down-lcd-after-update)
- [Can I run the RaspiBlitz without a display/LCD?](#can-i-run-the-raspiblitz-without-a-displaylcd)
- [How do I find the IP address when running without a display?](#how-do-i-find-the-ip-address-when-running-without-a-display)
- [Debug](#debug)
- [I have the full blockchain on another storage. How do I copy it to the RaspiBlitz?](#i-have-the-full-blockchain-on-another-storage-how-do-i-copy-it-to-the-raspiblitz)
- [How do I generate a Debug Report?](#how-do-i-generate-a-debug-report)
- [Why is my "final sync" taking so long?](#why-is-my-final-sync-taking-so-long)
- [How do I backup my Lightning Node?](#how-do-i-backup-my-lightning-node)
- [1) Securing your On-Chain- and Channel-Funds during Operation](#1-securing-your-on-chain--and-channel-funds-during-operation)
- [2) Making a complete LND data backup](#2-making-a-complete-lnd-data-backup)
- [How can I recover my coins from a failing RaspiBlitz?](#how-can-i-recover-my-coins-from-a-failing-raspiblitz)
- [1) Recover LND data](#1-recover-lnd-data)
- [2) Recover from Wallet Seed](#2-recover-from-wallet-seed)
- [How do I move funds \& channels from RaspiBlitz to LND Lightning Desktop App?](#how-do-i-move-funds--channels-from-raspiblitz-to-lnd-lightning-desktop-app)
- [How do I change the Name/Alias of my lightning node](#how-do-i-change-the-namealias-of-my-lightning-node)
- [How do I change the public port LND/Lightning node is running on?](#how-do-i-change-the-public-port-lndlightning-node-is-running-on)
- [How do I solve a "signature mismatch after caveat verification" error?](#how-do-i-solve-a-signature-mismatch-after-caveat-verification-error)
- [Why is my node not routing?](#why-is-my-node-not-routing)
- [When using Auto-Unlock, how much security do I lose?](#when-using-auto-unlock-how-much-security-do-i-lose)
- [I connected my HDD but it still says 'Connect HDD' on the display?](#i-connected-my-hdd-but-it-still-says-connect-hdd-on-the-display)
- [How do I shrink the QR code for connecting my Shango/Zap/Zeus mobile phone?](#how-do-i-shrink-the-qr-code-for-connecting-my-shangozapzeus-mobile-phone)
- [Why is my bitcoin IP on the display red?](#why-is-my-bitcoin-ip-on-the-display-red)
- [Why is my node address on the display red?](#why-is-my-node-address-on-the-display-red)
- [Why is my node address on the display yellow (not green)?](#why-is-my-node-address-on-the-display-yellow-not-green)
- [How can I set a fixed IP?](#how-can-i-set-a-fixed-ip)
- [How do I fix a displayed Error in my Config?](#how-do-i-fix-a-displayed-error-in-my-config)
- [Can I run the RaspiBlitz as Backend for BTCPayServer?](#can-i-run-the-raspiblitz-as-backend-for-btcpayserver)
- [I don't have a LAN port on my Laptop - how do I connect to my RaspiBlitz?](#i-dont-have-a-lan-port-on-my-laptop---how-do-i-connect-to-my-raspiblitz)
- [Is it possible to connect the Blitz over Wifi instead of using a LAN cable?](#is-it-possible-to-connect-the-blitz-over-wifi-instead-of-using-a-lan-cable)
- [Can I directly connect the RaspiBlitz to my laptop?](#can-i-directly-connect-the-raspiblitz-to-my-laptop)
- [How to attach the RaspberryPi to the HDD?](#how-to-attach-the-raspberrypi-to-the-hdd)
- [What other case options do I have?](#what-other-case-options-do-i-have)
- [Are those "Under-Voltage detected" warnings a problem?](#are-those-under-voltage-detected-warnings-a-problem)
- [How do I return to the menu after exiting to the command line](#how-do-i-return-to-the-menu-after-exiting-to-the-command-line)
- [How do I setup fresh/clean/reset and without going into recovery mode?](#how-do-i-setup-freshcleanreset-and-without-going-into-recovery-mode)
- [My blockchain data is corrupted - what can I do?](#my-blockchain-data-is-corrupted---what-can-i-do)
- [I have two RaspiBlitz in my network - can they both be public?](#i-have-two-raspiblitz-in-my-network---can-they-both-be-public)
- [How can I enforce UASP mode for my SSD controller?](#how-can-i-enforce-uasp-mode-for-my-ssd-controller)
- [I am facing maintenance/emergency mode on boot. How do I fix it?](#i-am-facing-maintenanceemergency-mode-on-boot-how-do-i-fix-it)
- [Extras](#extras)
- [How do I connect a UPS to the RaspiBlitz?](#how-do-i-connect-a-ups-to-the-raspiblitz)
- [Can I run my RaspiBlitz on Solar Energy?](#can-i-run-my-raspiblitz-on-solar-energy)
- [How to use the Let's Encrypt client](#how-to-use-the-lets-encrypt-client)
- [Let's Encrypt - HTTP-01](#lets-encrypt---http-01)
- [Let's Encrypt - DNS-01](#lets-encrypt---dns-01)
- [Let's Encrypt - eMail Address](#lets-encrypt---email-address)
- [Let's Encrypt - Installation details](#lets-encrypt---installation-details)
- [What is this mnemonic seed word list?](#what-is-this-mnemonic-seed-word-list)
- [How do I set up VNC?](#how-do-i-set-up-vnc)
- [Why use BTRFS on RaspiBlitz?](#why-use-btrfs-on-raspiblitz)
- [Storing your important Data in RAID1 with a USB Thumb Drive](#storing-your-important-data-in-raid1-with-a-usb-thumb-drive)
- [Snapshotting the Blockchain](#snapshotting-the-blockchain)
- [How do I use BTRFS on RaspiBlitz?](#how-do-i-use-btrfs-on-raspiblitz)
- [How to recover a BTRFS partition?](#how-to-recover-a-btrfs-partition)
---
## Upgrade
@ -255,7 +258,7 @@ useradd -g forwardings -d /home [USERNAME]
echo 'command="date" [CONTENT-OF-RASPIBLITZ-ROOT-SSH-PUBKEY]' > /etc/ssh/authorized_keys/[USERNAME]
```
As a result you should see a "good signature" message with a main fingerprint the same as you can find on the [keybase.io/rootzoll](https://keybase.io/rootzoll) that is ending on `1C73 060C 7C17 6461` the sub fingerprint should end on `A2D7 AA9D D1B5 CC56 47DA`. If that fingerprint is correct, the SD card image you downloaded is a original release RaspiBlitz.
### How to reset the ssh config and keys?
- shutdown the RaspiBlitz - if you dont have touchscreen activated, disconnect LAN cable, wait until HDD/SSD activity slows down (no constant blinking) and then cut the power
- take out the SD card and connect it to your laptop - it should appear as a `boot` drive
@ -302,6 +305,17 @@ You can also put an empty file just called `hdmi` (without any ending) onto the
## Debug
### How do I generate a Debug Report?
If your RaspiBlitz is not working correctly and you like to get help from the community, it's good to provide more debug information, so others can better diagnose your problem - please follow the following steps to generate a debug report:
- SSH into your raspiblitz as admin user with your password A
- If you see the menu - use CTRL+C to get to the terminal
- To generate debug report run: `debug`, optionally create a link with `debug -l`
- Then copy all output beginning with `*** RASPIBLITZ LOGS ***` and share this
*PLEASE NOTICE: It's possible that these logs can contain private information (like IPs, node IDs, ...) - just share publicly what you feel OK with.*
### I have the full blockchain on another storage. How do I copy it to the RaspiBlitz?
Copying a already synced blockchain from another storage (e.g. your Laptop or external hard drive) can be a quick way to get the RaspiBlitz started or replacing a corrupted blockchain with a fresh one. Also that way you have synced and verified the blockchain yourself, and are not trusting the RaspiBlitz Torrent downloads (Don't trust, verify).
@ -318,16 +332,13 @@ If everything described above is in order, start the setup of the new RaspiBlitz
Once you finished all the transfers, the Raspiblitz will make a quick-check on the data - but that will not guarantee that everything in detail was OK with the transfer. Check further FAQ answers if you get stuck or see a final sync with a value below 90%.
### How do I generate a Debug Report?
### Bitcoind tells me to reindex - how can I do this?
If your RaspiBlitz is not working correctly and you like to get help from the community, it's good to provide more debug information, so others can better diagnose your problem - please follow the following steps to generate a debug report:
To find/access information fast in large data sets like the Bitcoin blockhain indexes are needed. Those indexes can get corrupted on your HDD/SSD and to repair them they need to be rebuild - re-indexed. Bitcoind has two different options to do this - a fast way called "reindex-chainstate" (which just rebuilds the UTXO set from the blocks as you have them) and the slow but complete way called just "reindex" that would even recheck all your block data - see for details here: https://bitcoin.stackexchange.com/questions/60709/when-should-i-use-reindex-chainstate-and-when-reindex
So if you read in your debug logs of bitcoind that you should "reindex" you can try first just to do a fast "reindex-chainstate" and if that didnt worked a slow and full "reindex".
- SSH into your raspiblitz as admin user with your password A
- If you see the menu - use CTRL+C to get to the terminal
- To generate debug report run: `debug`, optionally create a link with `debug -l`
- Then copy all output beginning with `*** RASPIBLITZ LOGS ***` and share this
*PLEASE NOTICE: It's possible that these logs can contain private information (like IPs, node IDs, ...) - just share publicly what you feel OK with.*
See the raspiblitz script `./config.scripts/network.reindex.sh` or the REAPIR menu to start these processes.
### Why is my "final sync" taking so long?
@ -540,7 +551,7 @@ https://github.com/raspibolt/raspibolt/blob/a21788c0518618d17093e3f447f68a53e4ef
### Can I directly connect the RaspiBlitz to my laptop?
If you have a LAN port on your laptop - or you have a USB-LAN adapter, you can connect the RaspiBlitz directly (without a router/switch) to your laptop and share the WIFI internet connection. You can follow this [guide for OSX](https://medium.com/@tzhenghao/how-to-ssh-into-your-raspberry-pi-with-a-mac-and-ethernet-cable-636a197d055).
If you have a LAN port on your laptop - or you have a USB-LAN adapter, you can connect the RaspiBlitz directly (without a router/switch) to your laptop and share the WIFI internet connection. You can follow this [guide for OSX](https://medium.com/@tzhenghao/how-to-ssh-into-your-raspberry-pi-with-a-mac-and-ethernet-cable-636a197d055) and this [guide for Windows](https://www.tomshardware.com/how-to/share-internet-connection-windows-ethernet-wi-fi).
In short for OSX:
@ -552,7 +563,19 @@ In short for OSX:
* in terminal > `arp -a` and check for an IP of a client to the bridge
* in terminal > ssh admin@[clientIP]
If anyone has experience on doing this in Linux/Win, please share.
In short for Windows:
* make sure all VPNs are off (can interfere with local LAN)
* connect Raspiblitz with laptop LAN/ethernet directly
* Control Panel > Network and Internet > Network and Sharing Centre
* Click on your active internet connection highlighted in blue
* Properties > Sharing
* Check the box titled "Allow other network users to connect through this computer's Internet connection
* Select LAN/Ethernet from the "Home networking connection:" dropdown menu
* Click OK
* Restart the Raspiblitz
If anyone has experience on doing this in Linux please share.
### How to attach the RaspberryPi to the HDD?

25
README.md
View file

@ -772,7 +772,7 @@ Using pre-signed bitcoin transactions (PSBT) and [Hardware Wallet Interface](htt
At the moment it is very Linux-focused.
The same applies to multi-signature setups.
The goal of the Specter Desktop wallet is to make a convenient and user-friendly GUI around Bitcoin Core, focusing on multi-signature setups with air-gapped hardware wallets like Trezor, Ledger, COLDCARD or the Specter-DIY.
The goal of the Specter Desktop wallet is to make a sub and user-friendly GUI around Bitcoin Core, focusing on multi-signature setups with air-gapped hardware wallets like Trezor, Ledger, COLDCARD or the Specter-DIY.
![SPECTER](pictures/specter.jpg)
@ -855,6 +855,11 @@ LNbits is a very simple server that sits on top of your Lightning Wallet.
![LNBITS](pictures/lnbits.png)
It can be used together with IP2Tor to provide:
- Lightning Paper Vouchers (Plugin: LNURLw)
- Merchant Onboarding (Plugin: TPOS)
[![Video Tutorial](pictures/video-vouchers.png)](https://www.youtube.com/watch?v=0Bt3tHULAnw)
You can also develop your own extensions on it.
@ -1009,7 +1014,20 @@ At the moment, the following subscription services are available:
##### IP2TOR (paid)
DEACTIVATED SINCE 1.9 --> see for background: https://github.com/rootzoll/raspiblitz/issues/3417#issuecomment-1310303480
IP2TOR is a tunnel service where you can run your RaspiBlitz anonymously behind TOR but you rent a port on a clearnet IP through which you can make services of your RaspiBlitz easy reachable for everybody on the internet.
You don't need to care about your local router or firewall settings.
You can pay for this service directly through Lightning from your RaspiBlitz as subscription.
At first you select what services of your RaspiBlitz you like to tunnel through a IP2TOR bridge.
You will get a list of available IP2TOR shops & bridge offerings.
Select `OK` on an IP2TOR bridge offering and you will see more details on it, such as how many satoshis the subscription will cost you.
Your node should be funded and have channels open already at this point.
If you choose `AGREE` on the details of a IP2TOR bridge offering the RaspiBlitz tries for you to setup the IP2TOR bridge.
If everything worked you will find now the subscription under `MAINMENU` > `SUBSCRIBE` > `LIST My Subscriptions` where you can cancel it again.
To try out the IP2TOR tunnel choose in `MAINMENU` the extra menu point of the Service you choose the bridge for and it should give you now an updated URL or try calling the API on the IP and Port that is displayed under the details of the subscription in the `LIST My Subscriptions` section.
##### HTTPS with LetsEncrypt (free)
@ -1347,7 +1365,8 @@ But if you want to build that image yourself - here is a quick guide:
- Get a latest RaspiOS 64-bit (Desktop): [DOWNLOAD](https://downloads.raspberrypi.org/raspios_arm64/images).
- Write the image to an SD card: [TUTORIAL](https://www.raspberrypi.org/documentation/installation/installing-images/README.md).
- Add a file called `ssh` to the root of the SD card when mounted on your laptop to enable SSH login.
- Add a file called `userconf` next to the empty `ssh` file that contains just the string `pi:$6$p2DNwHsYzR06mVFX$jwZnOo5Jl/6pEMFFowpUBqM7E0Rz8vEtXtupwxuXZA7eqyKxDk8barhYZ24ei/JEP4e8Jr0mOvRThASuUxIAZ0`.
- Newest RasperryOS release did remove the default username therefore you need to create an own user. Add a file called `userconf` next to the empty `ssh` file and add your specified userstring as followed:
Create a hashed password using command on linux `echo 'raspberry' | openssl passwd -6 -stdin` and copy the output allongside the username for example `pi:$6$6c.o/U6OkN3ST65b$7F3TIamnnQCwQT4h00Vp1mcVMdSg3 ams7yeVGfZbclcScEnRnw9tkgI9btalTCHFI84o3Pr3cDbdpbCXYTmF1` into the userconf file. See also https://www.raspberrypi.com/news/raspberry-pi-bullseye-update-april-2022/
- Start the card on a Raspi and login via SSH with `ssh pi@[IP-OF-YOUR-RASPI]`. Password is `raspberry`.
Now you are ready to start the SD card build script (check the code to see if the installation and config are OK for you).

4
alternative.platforms/Proxmox/README.md
View file

@ -125,10 +125,10 @@ apt upgrade -y
apt install sudo
```
Now we need to download the Build SDCard Script from Rootzoll. The version can be customized as you like. The latest version (as of block time 755125) is the 1.8.
Now we need to download the Build SDCard Script from Rootzoll. The version can be customized as you like. The latest version (as of block time 768745) is the 1.9.
```
wget https://raw.githubusercontent.com/rootzoll/raspiblitz/v1.8/build_sdcard.sh
wget https://raw.githubusercontent.com/rootzoll/raspiblitz/v1.9/build_sdcard.sh
```
And run:

65
build_sdcard.sh
View file

@ -273,8 +273,18 @@ sleep 3 ## give time to cancel
export DEBIAN_FRONTEND=noninteractive
echo "*** Prevent sleep ***" # on all platforms
echo "*** Prevent sleep ***" # on all platforms https://wiki.debian.org/Suspend
sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target
sudo mkdir /etc/systemd/sleep.conf.d
echo "[Sleep]
AllowSuspend=no
AllowHibernation=no
AllowSuspendThenHibernate=no
AllowHybridSleep=no" | sudo tee /etc/systemd/sleep.conf.d/nosuspend.conf
sudo mkdir /etc/systemd/logind.conf.d
echo "[Login]
HandleLidSwitch=ignore
HandleLidSwitchDocked=ignore" | sudo tee /etc/systemd/logind.conf.d/nosuspend.conf
# FIXING LOCALES
# https://github.com/rootzoll/raspiblitz/issues/138
@ -478,11 +488,11 @@ sudo sed -i "s/^#SystemMaxFileSize=.*/SystemMaxFileSize=50M/g" /etc/systemd/jour
echo "
/var/log/syslog
{
rotate 7
daily
missingok
notifempty
delaycompress
rotate 7
daily
missingok
notifempty
delaycompress
compress
postrotate
invoke-rc.d rsyslog rotate > /dev/null
@ -504,23 +514,22 @@ echo "
sharedscripts
postrotate
invoke-rc.d rsyslog rotate > /dev/null
enscript
endscript
}
/var/log/kern.log
/var/log/auth.log
{
rotate 4
size=100M
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
invoke-rc.d rsyslog rotate > /dev/null
endscript
rotate 4
size=100M
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
invoke-rc.d rsyslog rotate > /dev/null
endscript
}
/var/log/user.log
@ -529,16 +538,16 @@ echo "
/var/log/debug
/var/log/messages
{
rotate 4
weekly
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
invoke-rc.d rsyslog rotate > /dev/null
endscript
rotate 4
weekly
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
invoke-rc.d rsyslog rotate > /dev/null
endscript
}
" | sudo tee ./rsyslog
sudo mv ./rsyslog /etc/logrotate.d/rsyslog

43
ci/README.md
View file

@ -17,8 +17,8 @@
- [fatpack image](#fatpack-image)
- [lean image](#lean-image)
- [Add Gnome desktop (optional)](#add-gnome-desktop-optional)
- [Add wifi](#add-wifi)
- [Add wifi driver (optional)](#add-wifi-driver-optional)
- [Add wifi (optional)](#add-wifi-optional)
- [Add wifi driver (optional)](#add-wifi-driver-optional)
- [Workflow notes](#workflow-notes)
- [Packer .json settings:](#packer-json-settings)
- [VNC](#vnc)
@ -56,32 +56,33 @@ with the [Makefile](https://github.com/rootzoll/raspiblitz/blob/dev/Makefile)
### Generate an amd64 image
The workflow locally and in github actions generates a .qcow2 format amd64 image.
* Tested with
* libvirt / virsh / virt-manager (https://virt-manager.org/)
* written to disk and booted with legacy boot (non-UEFI)
* libvirt / virsh / virt-manager (https://virt-manager.org/)
* written to disk and booted with legacy boot (non-UEFI)
```
make amd64-lean-image
```
* find the compressed .qcow2 image and sh256 hashes in the `ci/amd64/builds` directory
## Images generated in github actions
* Find the images in the green runs in github actions at:
https://github.com/rootzoll/raspiblitz/actions
* To see the downloadable artifacts will need to log in to GitHub
* Find the latest successful builds for amd64 using the dev branch at:
https://github.com/rootzoll/raspiblitz/actions/workflows/amd64-lean-image.yml?query=workflow%3Aamd64-lean-image-build+branch%3Adev+is%3Asuccess++
```
# unzip to the same directory
unzip raspiblitz-amd64-image-YEAR-MM-DD-COMMITHASH.zip
```
## Write the image to a disk connected with USB
identify the connected disk with `lsblk` eg `/dev/sdd`
* identify the connected disk with `lsblk` eg `/dev/sdd`
### Convert the qcow2 volume to a raw disk image
### Convert the qcow2 volume to a raw disk image
* the raw image is 33.5 GB
```
# unzip
gzip -dkv raspiblitz-amd64-debian-11.5-lean.qcow2.gz
# convert
qemu-img convert raspiblitz-amd64-debian-11.5-lean.qcow2 raspiblitz-amd64-debian-11.5-lean.img
```
```
# unzip
gzip -dkv raspiblitz-amd64-debian-11.5-lean.qcow2.gz
# convert
qemu-img convert raspiblitz-amd64-debian-11.5-lean.qcow2 raspiblitz-amd64-debian-11.5-lean.img
```
### Write to a disk connected with USB with Balena Etcher or `dd`
* [Balena Etcher](https://www.balena.io/etcher/) to write the .img to disk
* dd to write the .img to disk
@ -134,18 +135,18 @@ identify the connected disk with `lsblk` eg `/dev/sdd`
#### Add Gnome desktop (optional)
* Connect to the internet (easiest to plug in a LAN cable - use a USB - LAN adapter if have no port)
```
apt install gnome
systemctl start gdm
```
```
apt install gnome
systemctl start gdm
```
## Add wifi
### Add wifi (optional)
* if the wifi driver is included in the FOSS Debian distro
* in the command line run the network manager interface to connect:
```
sudo nmtui
```
## Add wifi driver (optional)
### Add wifi driver (optional)
* as in https://wiki.debian.org/iwlwifi
* add the component `non-free` after `deb http://deb.debian.org/debian bullseye main` in `/etc/apt/sources.list`
* install the wifi driver for the mentioned cards:

15
home.admin/00infoBlitz.sh
View file

@ -353,7 +353,7 @@ else
appInfoLine=""
# Electrum Server - electrs
if [ "${ElectRS}" = "on" ]; then
if [ "${ElectRS}" == "on" ]; then
error=""
source <(sudo /home/admin/config.scripts/bonus.electrs.sh status-sync 2>/dev/null)
if [ ${#infoSync} -gt 0 ]; then
@ -361,15 +361,10 @@ else
fi
fi
# BTC RPC EXPLORER
if [ "${BTCRPCexplorer}" = "on" ]; then
error=""
source <(sudo /home/admin/config.scripts/bonus.btc-rpc-explorer.sh status 2>/dev/null)
if [ ${#error} -gt 0 ]; then
appInfoLine="ERROR BTC-RPC-Explorer: ${error} (try restart)"
elif [ "${isIndexed}" = "0" ]; then
appInfoLine="BTC-RPC-Explorer: ${indexInfo}"
fi
# Transaction Index
source <(/home/admin/config.scripts/network.txindex.sh status)
if [ "${txindex}" == "1" ] && [ "${isIndexed}" != "1" ]; then
appInfoLine="Transaction Index: ${indexInfo}"
fi
if [ ${#appInfoLine} -gt 0 ]; then

9
home.admin/00mainMenu.sh
View file

@ -1,5 +1,5 @@
#!/bin/bash
echo "Starting the main menu ..."
# MAIN MENU AFTER SETUP
@ -158,7 +158,7 @@ if [ "${homer}" == "on" ]; then
CHOICE_HEIGHT=$((CHOICE_HEIGHT+1))
fi
if [ "${circuitbreaker}" == "on" ]; then
OPTIONS+=(CIRCUIT "Circuitbreaker (LND firewall)")
OPTIONS+=(CIRCUITBREAKER "Circuitbreaker (LND firewall)")
fi
if [ "${tallycoinConnect}" == "on" ]; then
OPTIONS+=(TALLY "Tallycoin Connect")
@ -286,7 +286,7 @@ case $CHOICE in
;;
LIGHTNINGTIPBOT)
/home/admin/config.scripts/bonus.lightningtipbot.sh menu
;;
;;
LOOP)
/home/admin/config.scripts/bonus.loop.sh menu
;;
@ -329,7 +329,6 @@ case $CHOICE in
HELIPAD)
sudo /home/admin/config.scripts/bonus.helipad.sh menu
;;
SQUEAKNODE)
/home/admin/config.scripts/bonus.squeaknode.sh menu
;;
@ -339,7 +338,7 @@ case $CHOICE in
CHANTOOLS)
sudo /home/admin/config.scripts/bonus.chantools.sh menu
;;
CIRCUIT)
CIRCUITBREAKER)
sudo /home/admin/config.scripts/bonus.circuitbreaker.sh menu
;;
TESTNETS)

7
home.admin/00raspiblitz.sh
View file

@ -48,13 +48,6 @@ if [ "${copyInProgress}" = "1" ]; then
exit
fi
# special state: reindex was triggered
if [ "${state}" = "reindex" ]; then
echo "Re-Index in progress ... start monitoring:"
/home/admin/config.scripts/network.reindex.sh
exit
fi
# special state: copystation
if [ "${state}" = "copystation" ]; then
echo "Copy Station is Running ..."

4
home.admin/98repairBlockchain.sh
View file

@ -29,10 +29,6 @@ elif [ "${CHOICE}" = "RESYNC" ]; then
echo "rebooting .. (please wait)"
sudo /home/admin/config.scripts/blitz.shutdown.sh reboot
elif [ "${CHOICE}" = "REINDEX" ]; then
echo "Starting REINDEX ..."
sudo /home/admin/config.scripts/network.reindex.sh
elif [ "${CHOICE}" = "BACKUP" ]; then
/home/admin/config.scripts/lnd.compact.sh interactive
sudo /home/admin/config.scripts/lnd.backup.sh lnd-export-gui

29
home.admin/98repairMenu.sh
View file

@ -65,6 +65,9 @@ RaspiBlitz image to your SD card.
" 12 40
}
# get status of txindex
source <(/home/admin/config.scripts/network.txindex.sh status)
OPTIONS=()
#OPTIONS+=(HARDWARE "Run Hardwaretest")
OPTIONS+=(SOFTWARE "Run Softwaretest (DebugReport)")
@ -76,11 +79,17 @@ if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then
fi
OPTIONS+=(MIGRATION "Migrate Blitz Data to new Hardware")
OPTIONS+=(COPY-SOURCE "Copy Blockchain Source Modus")
if [ "${txindex}" == "1" ]; then
OPTIONS+=(DELETE-INDEX "Reindex Bitcoin Transaction-Index")
elif [ "${indexByteSize}" != "0" ]; then
OPTIONS+=(DELETE-INDEX "Delete Bitcoin Transaction-Index")
fi
OPTIONS+=(REINDEX-UTXO "Redindex Just Bitcoin Chainstate (Fast)")
OPTIONS+=(REINDEX-FULL "Redindex Full Bitcoin Blockchain (Slow)")
OPTIONS+=(RESET-CHAIN "Delete Blockchain & Re-Download")
OPTIONS+=(RESET-HDD "Delete HDD Data but keep Blockchain")
OPTIONS+=(RESET-ALL "Delete HDD completely to start fresh")
OPTIONS+=(DELETE-ELEC "Delete Electrum Index")
OPTIONS+=(DELETE-INDEX "Delete Bitcoin Transaction-Index")
CHOICE=$(whiptail --clear --title "Repair Options" --menu "" 19 62 12 "${OPTIONS[@]}" 2>&1 >/dev/tty)
@ -89,7 +98,15 @@ case $CHOICE in
# HARDWARE)
# ;;
SOFTWARE)
sudo /home/admin/config.scripts/blitz.debug.sh
echo "Generating debug logs. Be patient, this should take maximum 2 minutes .."
sudo rm /var/cache/raspiblitz/debug.log 2>/dev/null
/home/admin/config.scripts/blitz.debug.sh > /var/cache/raspiblitz/debug.log
echo "Redacting .."
/home/admin/config.scripts/blitz.debug.sh redact /var/cache/raspiblitz/debug.log
sudo chmod 640 /var/cache/raspiblitz/debug.log
sudo chown root:sudo /var/cache/raspiblitz/debug.log
cat /var/cache/raspiblitz/debug.log
echo
echo "Press ENTER to return to main menu."
read key
;;
@ -148,6 +165,14 @@ case $CHOICE in
/home/admin/config.scripts/network.txindex.sh delete
exit 0;
;;
REINDEX-UTXO)
/home/admin/config.scripts/network.reindex.sh reindex-chainstate mainnet
exit 0;
;;
REINDEX-FULL)
/home/admin/config.scripts/network.reindex.sh reindex mainnet
exit 0;
;;
COPY-SOURCE)
/home/admin/config.scripts/blitz.copychain.sh source
/home/admin/config.scripts/lnd.unlock.sh

15
home.admin/99clMenu.sh
View file

@ -35,11 +35,11 @@ fi
OPTIONS+=(SEED "Show Wallet Seed Words")
if [ "${clWatchtowerClient}" == "on" ] && [ "${CHAIN}" == "mainnet" ]; then
OPTIONS+=(WATCHTOWER "Watchtower Client Options")
fi
fi
OPTIONS+=(REPAIR-CL "Repair options for Core Lightning")
if [ "${lightning}" != "cl" ] && [ "${CHAIN}" == "mainnet" ]; then
OPTIONS+=(SWITCHLN "Use Core Lightning as default")
fi
fi
CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1"))
HEIGHT=$((CHOICE_HEIGHT+6))
@ -92,12 +92,9 @@ case $CHOICE in
if [ ! -f /home/bitcoin/suez/suez ];then
/home/admin/config.scripts/bonus.suez.sh on
fi
cd /home/bitcoin/suez || exit 0
command="sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF}"
echo "# Running the command:"
echo "${command}"
cd /home/bitcoin/suez || exit 1
echo
$command
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF}
echo
echo "Press ENTER to return to main menu."
read key
@ -111,7 +108,7 @@ case $CHOICE in
/home/admin/99clRepairMenu.sh $CHAIN
;;
SWITCHLN)
clear
clear
echo
# setting value in the raspiblitz.conf
/home/admin/config.scripts/blitz.conf.sh set lightning "cl"
@ -123,4 +120,4 @@ case $CHOICE in
;;
esac
exit 0
exit 0

74
home.admin/_commands.sh
View file

@ -80,15 +80,18 @@ function blitzhelp() {
echo "Extras:"
echo " whitepaper download the whitepaper from the blockchain to /home/admin/bitcoin.pdf"
echo " notifyme wrapper for blitz.notify.sh that will send a notification using the configured method and settings"
echo " suez visualize channels (for the default ln implementation and chain when installed)"
exho " lnproxy wrap invoices with lnproxy"
echo
echo "LND:"
echo " lncli LND commandline interface (when installed)"
echo " balance your satoshi balance"
echo " channels your lightning channels"
echo " fwdreport show forwarding report"
echo " manage use the lndmanage bonus app"
echo
echo "CLN:"
echo " lightning-cli Core-Lightning commandline interface (when installed)"
echo " lightning-cli Core Lightning commandline interface (when installed)"
}
# command: raspiblitz
@ -369,6 +372,21 @@ function jm() {
fi
}
# command: manage
# switch to lndmanage env
function manage() {
if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "lndmanage=on") -eq 1 ]; then
cd /home/admin/lndmanage
source venv/bin/activate
echo "NOTICE: Needs at least one active channel to run without error."
echo "to exit (venv) enter ---> deactivate"
lndmanage
else
echo "lndmanage not installed - to install run:"
echo "sudo /home/admin/config.scripts/bonus.lndmanage.sh on"
fi
}
# command: ckbunker
# switch to the ckbunker user
function ckbunker() {
@ -512,15 +530,55 @@ function bm() {
# command: lnproxy
function lnproxy() {
if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "runBehindTor=on") -eq 1 ]; then
echo
echo "Requesting a wrapped invoice from rdq6tvulanl7aqtupmoboyk2z3suzkdwurejwyjyjf4itr3zhxrm2lad.onion ..."
echo
torify curl http://rdq6tvulanl7aqtupmoboyk2z3suzkdwurejwyjyjf4itr3zhxrm2lad.onion/api/${1}
source /mnt/hdd/raspiblitz.conf
if [ $# -gt 0 ]; then
invoice=$1
else
echo "Paste the invoice to be wrapped and press enter:"
read -r invoice
fi
if systemctl is-active --quiet tor@default; then
if [ -z "${lnproxy_override_tor}" ]; then
lnproxy_override_tor="rdq6tvulanl7aqtupmoboyk2z3suzkdwurejwyjyjf4itr3zhxrm2lad.onion/api"
fi
wrapped=$(torsocks curl -sS http://${lnproxy_override_tor}/${invoice})
echo
echo "Requesting a wrapped invoice from https://lnproxy.org ..."
echo "Requesting a wrapped invoice from ${lnproxy_override_tor}"
else
if [ -z "${lnproxy_override_clearnet}" ]; then
lnproxy_override_clearnet="lnproxy.org/api"
fi
wrapped=$(curl -sS https://${lnproxy_override_clearnet}/${invoice})
echo
curl https://lnproxy.org/api/${1}
echo "Requesting a wrapped invoice from ${lnproxy_override_clearnet}"
fi
echo
/home/admin/config.scripts/blitz.check-invoice-wrap.py "$1" "$wrapped"
echo
echo $wrapped
}
# command: suez
function suez() {
source /mnt/hdd/raspiblitz.conf
if [ ${lightning} = 'cl' ] || [ ${lightning} = 'lnd' ]; then
if [ ! -f /home/bitcoin/suez/suez ];then
/home/admin/config.scripts/bonus.suez.sh on
fi
source <(/home/admin/config.scripts/network.aliases.sh getvars ${lightning} ${chain}net)
cd /home/bitcoin/suez || exit 1
clear
echo "# Showing the channels of ${lightning} ${chain}net - consider reducing the font size (press CTRL- or CMD-)"
if [ ${lightning} = cl ]; then
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \
--client=c-lightning --client-args=--conf=${CLCONF}
elif [ ${lightning} = lnd ]; then
sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \
--client-args=-n=${CHAIN} \
--client-args=--rpcserver=localhost:1${L2rpcportmod}009
fi
cd
else
echo "# Lightning is ${lightning}"
fi
}

21
home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf Normal file
View file

@ -0,0 +1,21 @@
## circuitbreaker_ssl.conf
server {
listen 9236 ssl http2;
listen [::]:9236 ssl http2;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data.conf;
include /etc/nginx/snippets/gzip-params.conf;
access_log /var/log/nginx/access_circuitbreaker.log;
error_log /var/log/nginx/error_circuitbreaker.log;
location / {
proxy_pass http://127.0.0.1:9235;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
}

27
home.admin/assets/nginx/sites-available/lnproxy_ssl.conf Normal file
View file

@ -0,0 +1,27 @@
## lnproxy_ssl.conf
server {
listen 4749 ssl http2;
listen [::]:4749 ssl http2;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data.conf;
include /etc/nginx/snippets/gzip-params.conf;
access_log /var/log/nginx/access_lnproxy.log;
error_log /var/log/nginx/error_lnproxy.log;
location /api/ {
proxy_pass http://127.0.0.1:4747;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
location / {
proxy_pass http://127.0.0.1:4748;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
}

26
home.admin/assets/nginx/sites-available/lnproxy_tor.conf Normal file
View file

@ -0,0 +1,26 @@
## lnproxy_tor.conf
server {
listen 4750;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data.conf;
include /etc/nginx/snippets/gzip-params.conf;
access_log /var/log/nginx/access_lnproxy.log;
error_log /var/log/nginx/error_lnproxy.log;
location /api/ {
proxy_pass http://127.0.0.1:4747;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
location / {
proxy_pass http://127.0.0.1:4748;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
}

26
home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf Normal file
View file

@ -0,0 +1,26 @@
## lnproxy_tor_ssl.conf
server {
listen 4751 ssl http2;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data.conf;
include /etc/nginx/snippets/gzip-params.conf;
access_log /var/log/nginx/access_lnproxy.log;
error_log /var/log/nginx/error_lnproxy.log;
location /api/ {
proxy_pass http://127.0.0.1:4747;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
location / {
proxy_pass http://127.0.0.1:4748;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}
}

9
home.admin/config.scripts/bitcoin.monitor.sh
View file

@ -156,12 +156,15 @@ if [ "$2" = "info" ]; then
btc_blocks_behind=$((${btc_blocks_headers} - ${btc_blocks_verified}))
btc_sync_initialblockdownload=$(echo "${blockchaininfo}" | jq -r '.initialblockdownload' | grep -c 'true')
btc_sync_progress=$(echo "${blockchaininfo}" | jq -r '.verificationprogress')
btc_sync_percentage=$(echo ${btc_sync_progress} | awk '{printf( "%.2f%%", 100 * $1)}')
if [ "${btc_blocks_headers}" != "" ] && [ "${btc_blocks_headers}" == "${btc_blocks_verified}" ]; then
if (( $(awk 'BEGIN { print( '${btc_sync_progress}'<0.99995 ) }') )); then
# #3620 prevent displaying 100.00%, although incorrect because of rounding
btc_sync_percentage=$(awk 'BEGIN { printf( "%.2f%%", 100 * '${btc_sync_progress}') }')
elif [ "${btc_blocks_headers}" != "" ] && [ "${btc_blocks_headers}" == "${btc_blocks_verified}" ]; then
btc_sync_percentage="100.00"
else
btc_sync_percentage="99.99"
fi
# determine if synced (tolerate falling 1 block behind)
# and be sure that initial blockdownload is done
btc_synced=0

54
home.admin/config.scripts/blitz.check-invoice-wrap.py Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env python3
# adapted from: https://github.com/lnproxy/lnproxy-cli/blob/fe18d16e42b58f635b94c7da59a34d5e092e4d56/check-wrap.py
# Parses payment hashes and amounts in bolt11 invoices to check lnproxy
# Can skip most bolt11 checks since both the user's wallet and lnproxy will do that
from decimal import Decimal
CHARSET = "qpzry9x8gf2tvdw0s3jn54khce6mua7l"
units = {
'p': 10**12,
'n': 10**9,
'u': 10**6,
'm': 10**3,
}
def parse(invoice):
invoice = invoice.lower()
pos = invoice.rfind('1')
amount = invoice[4:pos]
if amount == '':
amount = Decimal(0)
else:
amount = Decimal(amount[:-1]) / units[amount[-1]]
data = invoice[pos+1+7:]
i = 0
while i < len(data):
if data[i] == 'p' and data[i+1:i+1+2] == 'p5':
payment_hash = data[i+1+2:i+1+2+52]
break
else:
i += 3 + CHARSET.find(data[i+1]) * 32 + CHARSET.find(data[i+1+1])
return (amount, payment_hash)
from sys import stderr, argv
try:
if len(argv) != 3:
raise Exception("Incorrect number of arguments")
amt1, hash1 = parse(argv[1])
amt2, hash2 = parse(argv[2])
if hash1 != hash2:
print(f"Payment hashes do not match!", file=stderr)
exit(3)
if amt1 != Decimal(0):
print(f"Hashes match, routing fee is {(amt2-amt1)*10**8:0,.0f} sat ({(amt2-amt1)/amt1*100:0.2f}%)")
else:
print(f"Hashes match")
except Exception as err:
print('Error:', err)
print(f"usage: {argv[0]} <original invoice> <wrapped invoice>", file=stderr)
exit(2)

2
home.admin/config.scripts/blitz.copychain.sh
View file

@ -141,7 +141,7 @@ if [ "$1" = "target" ]; then
echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore."
echo ""
echo "COPY, PASTE & EXECUTE the following command on your Windows computer terminal:"
echo "sftp -r ./chainstate ./blocks bitcoin@${internet_localip}:/mnt/hdd/bitcoin"
echo "scp -r ./chainstate ./blocks bitcoin@${internet_localip}:/mnt/hdd/bitcoin"
echo ""
echo "If asked for a password use PASSWORD A (or 'raspiblitz')."
fi

41
home.admin/config.scripts/blitz.debug.sh
View file

@ -148,8 +148,8 @@ if [ "${testnet}" == "on" ] || [ "${testnet}" == "1" ]; then
sudo journalctl -u t${network}d -b --no-pager -n8
echo
echo "*** LAST BLOCKCHAIN (TESTNET) 20 INFO LOGS ***"
echo "sudo tail -n 20 /mnt/hdd/${network}/tdebug.log"
sudo tail -n 20 /mnt/hdd/${network}/tdebug.log
echo "sudo tail -n 20 /mnt/hdd/${network}/testnet3/debug.log"
sudo tail -n 20 /mnt/hdd/${network}/testnet3/debug.log
echo
else
echo "- OFF by config -"
@ -192,8 +192,8 @@ if [ "${signet}" == "on" ] || [ "${signet}" == "1" ]; then
sudo journalctl -u s${network}d -b --no-pager -n8
echo
echo "*** LAST BLOCKCHAIN (SIGNET) 20 INFO LOGS ***"
echo "sudo tail -n 20 /mnt/hdd/${network}/sdebug.log"
sudo tail -n 20 /mnt/hdd/${network}/sdebug.log
echo "sudo tail -n 20 /mnt/hdd/${network}/signet/debug.log"
sudo tail -n 20 /mnt/hdd/${network}/signet/debug.log
echo
else
echo "- OFF by config -"
@ -313,6 +313,39 @@ else
echo "- LIT is OFF by config"
fi
if [ "${lndg}" == "on" ]; then
echo
echo "*** LNDg Status ***"
sudo /home/admin/config.scripts/bonus.lndg.sh status
echo
echo "*** LNDg JOBS SYSTEMD STATUS ***"
sudo systemctl status jobs-lndg.service -n2 --no-pager
echo "sudo tail -n 5 /var/log/lnd_jobs_error.log"
sudo tail -n 5 /var/log/lnd_jobs_error.log
echo
echo "*** LNDg REBALANCER SYSTEMD STATUS ***"
sudo systemctl status rebalancer-lndg.service -n2 --no-pager
echo "sudo tail -n 5 /var/log/lnd_rebalancer_error.log"
sudo tail -n 5 /var/log/lnd_rebalancer_error.log
echo
echo "*** LNDg HTLC-STREAM SYSTEMD STATUS ***"
sudo systemctl status htlc-stream-lndg.service -n2 --no-pager
echo "sudo tail -n 5 /var/log/lnd_htlc_stream_error.log"
sudo tail -n 5 /var/log/lnd_htlc_stream_error.log
echo
echo "*** LNDg GUNICORN SERVER SYSTEMD STATUS ***"
sudo systemctl status gunicorn.service -n2 --no-pager
echo "sudo tail -n 5 /var/log/gunicorn_error.log"
sudo tail -n 5 /var/log/gunicorn_error.log 2>/dev/null
echo
echo "*** LAST 10 LNDg LOGS ***"
echo "sudo journalctl -u lndg -b --no-pager -n10"
sudo journalctl -u lndg -b --no-pager -n20
echo
else
echo "- LNDg is OFF by config"
fi
if [ "${BTCPayServer}" == "on" ]; then
echo
echo "*** LAST 20 BTCPayServer LOGS ***"

10
home.admin/config.scripts/blitz.passwords.sh
View file

@ -391,7 +391,15 @@ elif [ "${abcd}" = "b" ]; then
# LNDg
if [ "${lndg}" == "on" ]; then
echo "# changing the password for lndg"
sudo -u lndg /home/lndg/lndg/.venv/bin/python initialize.py -pw ${newPassword}
sudo -u lndg /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/initialize.py -pw ${newPassword}
fi
# mempool Explorer
if [ "${mempoolExplorer}" == "on" ]; then
echo "# changing the password for mempool Explorer"
sudo jq ".CORE_RPC.PASSWORD=\"${newPassword}\"" /home/mempool/mempool/backend/mempool-config.json > /var/cache/raspiblitz/mempool-config.json
sudo mv /var/cache/raspiblitz/mempool-config.json /home/mempool/mempool/backend/mempool-config.json
sudo chown mempool:mempool /home/mempool/mempool/backend/mempool-config.json
fi
echo "# OK -> RPC Password B changed"

82
home.admin/config.scripts/blitz.subscriptions.ip2tor.py
View file

@ -595,37 +595,68 @@ def menuMakeSubscription(blitzServiceName, torAddress, torPort):
torTarget = "{0}:{1}".format(torAddress, torPort)
############################
# PHASE 1: Enter Shop URL
# see if user had before entered another shop of preference
shopurl = DEFAULT_SHOPURL
try:
subscriptions = toml.load(SUBSCRIPTIONS_FILE)
shopurl = subscriptions['shop_ip2tor']
print("# using last shop url set in subscriptions.toml")
except Exception as e:
print("# using default shop url")
# remove https:// from shop url (to keep it short)
if shopurl.find("://") > 0:
shopurl = shopurl[shopurl.find("://") + 3:]
# PHASE 1: Choose Shop URL
shopurl = ""
while True:
# input shop url
# see if user had before entered another shop of preference
lastusedShop = ""
try:
subscriptions = toml.load(SUBSCRIPTIONS_FILE)
lastusedShop = subscriptions['shop_ip2tor']
print("# using last shop url set in subscriptions.toml")
except Exception as e:
print("# using default shop url")
# set choices of shops
choices = []
# remove https:// from shop url (to keep it short)
if lastusedShop.find("://") > 0: lastusedShop = lastusedShop[lastusedShop.find("://") + 3:]
# IP2TOR.COM Shop
choice_url_ip2torcom="ip2tor.com"
choices.append(("A", "ip2tor.com Shop"))
if lastusedShop == choice_url_ip2torcom: lastusedShop=""
# FULMO Shop
choice_url_fulmo="fulmo7x6yvgz6zs2b2ptduvzwevxmizhq23klkenslt5drxx2physlqd.onion"
choices.append(("B", "Fulmo Shop"))
if lastusedShop == choice_url_fulmo: lastusedShop=""
# add before option if different from static options
if len(lastusedShop) > 0: choices.append(("Y", lastusedShop))
# enter own shop address option
choices.append(("X", "Enter a new Shop URL"))
# select dialog
d = Dialog(dialog="dialog", autowidgetsize=True)
d.set_background_title("Select IP2TOR Bridge Shop (communication secured thru TOR)")
code, text = d.inputbox(
"Enter Address of the IP2TOR Shop (OR JUST PRESS OK):",
height=10, width=72, init=shopurl,
title="Shop Address")
d.set_background_title("IP2TOR - Select Shop")
code, selected = d.menu(
"\nChoose your IP2Tor provider/shop:",
choices=choices, width=75, height=10, title="Select IP2Tor Shop")
# if user canceled
if code != d.OK:
sys.exit(0)
# get host list from shop
shopurl = text
if selected == "A" : shopurl=choice_url_ip2torcom
if selected == "B" : shopurl=choice_url_fulmo
if selected == "Y" : shopurl=lastusedShop
# input shop url
if selected == "X":
d = Dialog(dialog="dialog", autowidgetsize=True)
d.set_background_title("IP2TOR - Add new Shop")
code, shopurl = d.inputbox(
"Enter Address of the IP2TOR Shop (OR JUST PRESS OK):",
height=10, width=72, init=shopurl,
title="Shop Address")
if shopurl.find("://") > 0: shopurl = shopurl[shopurl.find("://") + 3:]
# try & get host list from shop
os.system('clear')
try:
hosts = shopList(shopurl)
@ -686,6 +717,9 @@ Try again later, enter another address or cancel.
if len(host['terms_of_service']) == 0: host['terms_of_service'] = "-"
if len(host['terms_of_service_url']) == 0: host['terms_of_service_url'] = "-"
description=host['terms_of_service']
if "description" in host: description = "{0} / {1}".format(host['description'], host['terms_of_service'])
# show details of selected
d = Dialog(dialog="dialog", autowidgetsize=True)
d.set_background_title("IP2TOR Bridge Offer Details: {0}".format(shopurl))
@ -704,7 +738,7 @@ the "SUBSCRIPTONS" menu on your RaspiBlitz.
There will be no refunds for not used hours.
There is no guarantee for quality of service.
The service has the following additional terms:
The service has the following additional description & terms:
{5}
More information on the service you can find under:
@ -715,7 +749,7 @@ More information on the service you can find under:
host['tor_bridge_price_extension_sats'],
host['ip'],
torTarget,
host['terms_of_service'],
description,
host['terms_of_service_url'],
blitzServiceName
)

2
home.admin/config.scripts/blitz.subscriptions.py
View file

@ -225,7 +225,7 @@ def main():
choices = list()
choices.append(("LIST", "My Subscriptions"))
#choices.append(("NEW1", "+ IP2TOR Bridge (paid)"))
choices.append(("NEW1", "+ IP2TOR Bridge (paid)"))
choices.append(("NEW2", "+ LetsEncrypt HTTPS Domain (free)"))
d = Dialog(dialog="dialog", autowidgetsize=True)

22
home.admin/config.scripts/bonus.bos.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/alexbosworth/balanceofsatoshis/blob/master/package.json#L81
BOSVERSION="13.6.0"
BOSVERSION="13.15.0"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -75,14 +75,14 @@ https://github.com/alexbosworth/balanceofsatoshis/blob/master/README.md
Start BoS telegram setup now?" 14 72
if [ "$?" != "1" ]; then
exit 0
fi
fi
sudo bash /home/admin/config.scripts/bonus.bos.sh telegram setup
echo
echo "OK Balance of Satoshis telegram setup done."
echo "PRESS ENTER to continue"
read key
exit 0
;;
;;
TELEGRAM-SERVICE)
clear
connectMsg="
@ -95,7 +95,7 @@ Please enter the CONNECT CODE from your telegram bot
connectCode=$(echo "${connectCode}" | cut -d " " -f1)
else
exit 0
fi
fi
/home/admin/config.scripts/bonus.bos.sh telegram on ${connectCode}
echo
echo "OK BoS telegram service active."
@ -185,14 +185,14 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sleep 3
exit 1
fi
echo "*** INSTALL BALANCE OF SATOSHIS ***"
# check and install NodeJS
/home/admin/config.scripts/bonus.nodejs.sh on
# create bos user
sudo adduser --disabled-password --gecos "" bos
echo "# Create data folder on the disk"
# move old data if present
sudo mv /home/bos/.bos /mnt/hdd/app-data/ 2>/dev/null
@ -207,19 +207,19 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo -u bos mkdir /home/bos/.npm-global
sudo -u bos npm config set prefix '/home/bos/.npm-global'
sudo bash -c "echo 'PATH=$PATH:/home/bos/.npm-global/bin' >> /home/bos/.bashrc"
# download source code
sudo -u bos git clone https://github.com/alexbosworth/balanceofsatoshis.git /home/bos/balanceofsatoshis
cd /home/bos/balanceofsatoshis
# make sure symlink to central app-data directory exists ***"
sudo rm -rf /home/bos/.lnd # not a symlink.. delete it silently
# create symlink
sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/bos/.lnd"
# add user to group with admin access to lnd
sudo /usr/sbin/usermod --append --groups lndadmin bos
# install bos
# check latest version:
# https://github.com/alexbosworth/balanceofsatoshis/blob/master/package.json#L70

266
home.admin/config.scripts/bonus.btcpayserver.sh
View file

@ -3,9 +3,9 @@
# Based on: https://gist.github.com/normandmickey/3f10fc077d15345fb469034e3697d0d0
# https://github.com/dgarage/NBXplorer/tags
NBXplorerVersion="v2.3.49"
NBXplorerVersion="v2.3.58"
# https://github.com/btcpayserver/btcpayserver/releases
BTCPayVersion="v1.7.2"
BTCPayVersion="v1.7.5"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -25,27 +25,19 @@ source /mnt/hdd/raspiblitz.conf
source /home/admin/raspiblitz.info
source <(/home/admin/_cache.sh get state)
function postgresConfig() {
echo "# Generate the database"
sudo -u postgres psql -c "create database nbxplorermainnet;"
sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';"
# change to ${newPassword} or use Passfile=
# sudo -u postgres psql -c "alter user btcpay with encrypted password '${newPassword}';"
# sudo -u btcpay sed -i "s/Password=*/Password='${newPassword}';/g" /home/btcpay/.nbxplorer/Main/settings.config
# sudo -u btcpay sed -i "s/Password=*/Password='${newPassword}';/g" /home/btcpay/.btcpayserver/Main/settings.config
sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;"
function NBXplorerConfig() {
# check the postgres database
if sudo -u postgres psql -c '\l' | grep nbxplorermainnet; then
echo "# nbxplorermainnet database already exists"
else
echo "# Generate the database for nbxplorer"
sudo -u postgres psql -c "create database nbxplorermainnet;"
sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';"
sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;"
fi
echo "# List databases with: sudo -u postgres psql -c '\l'"
sudo -u postgres psql -c '\l'
## clean postgresql:
# sudo su - postgres -c "/usr/lib/postgresql/${PGVERSION}/bin/pg_ctl stop --wait --pgdata=/var/lib/postgresql/${PGVERSION}/main"
# sudo pg_dropcluster ${PGVERSION} main
# sudo apt remove postgresql -y --purge
# sudo apt remove postgresql-${PGVERSION} -y --purge
}
function NBXplorerConfig() {
# https://docs.btcpayserver.org/Deployment/ManualDeploymentExtended/#4-create-a-configuration-file
echo
echo "# Getting RPC credentials from the bitcoin.conf"
@ -66,7 +58,24 @@ nomigrateevts=1
function BtcPayConfig() {
# set thumbprint
FINGERPRINT=$(openssl x509 -noout -fingerprint -sha256 -inform pem -in /home/btcpay/.lnd/tls.cert | cut -d"=" -f2)
echo "# setting the LND TLS thumbprint for BTCPay"
if sudo ls /mnt/hdd/app-data/.btcpayserver/Main/sqllite.db 1>/dev/null 2>&1; then
echo "# sqlite database exists"
databaseOption="# keep using sqlite as /mnt/hdd/app-data/.btcpayserver/Main/sqllite.db exists (configured in the btcpayserver.service)"
else
echo "# sqlite database does not exist, using postgresql"
databaseOption="postgres=User ID=btcpay;Host=localhost;Port=5432;Application Name=btcpay;MaxPoolSize=20;Database=btcpaymainnet;Password='raspiblitz';"
if sudo -u postgres psql -c '\l' | grep btcpaymainnet; then
echo "# btcpaymainnet database already exists"
else
echo "# Generate the database for btcpay"
sudo -u postgres psql -c "create database btcpaymainnet;"
sudo -u postgres psql -c "create user btcpay with encrypted password 'raspiblitz';"
sudo -u postgres psql -c "grant all privileges on database btcpaymainnet to btcpay;"
fi
echo "# List databases with: sudo -u postgres psql -c '\l'"
sudo -u postgres psql -c '\l'
fi
echo "# Regenerate the btcpayserver settings (includes the LND TLS thumbprint)"
# https://docs.btcpayserver.org/Deployment/ManualDeploymentExtended/#3-create-a-configuration-file
echo "
### Global settings ###
@ -82,24 +91,60 @@ BTC.explorer.url=http://127.0.0.1:24444/
BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/home/btcpay/admin.macaroon;certthumbprint=$FINGERPRINT
### Database ###
# keep sqlite for now as configured in the btcpayserver.service
# postgres=User ID=btcpay;Password=urpassword;Application Name=btcpayserver;Host=localhost;Port=5432;Database=btcpay;
${databaseOption}
explorer.postgres=User ID=nbxplorer;Host=localhost;Port=5432;Application Name=nbxplorer;MaxPoolSize=20;Database=nbxplorermainnet;Password='raspiblitz';
" | sudo -u btcpay tee /home/btcpay/.btcpayserver/Main/settings.config
#doesNetworkEntryAlreadyExists=$(sudo cat /home/btcpay/.btcpayserver/Main/settings.config | grep -c '^network=')
#echo "# setting new LND TLS thumbprint for BTCPay"
#s="BTC.lightning=type=lnd-rest\;server=https\://127.0.0.1:8080/\;macaroonfilepath=/home/btcpay/admin.macaroon\;"
#sudo -u btcpay sed -i "s|^${s}certthumbprint=.*|${s}certthumbprint=$FINGERPRINT|g" /home/btcpay/.btcpayserver/Main/settings.config
}
function BtcPayService() {
if sudo ls /mnt/hdd/app-data/.btcpayserver/Main/sqllite.db 1>/dev/null 2>&1; then
echo "# sqlite database exists"
databaseOption=" -- --sqlitefile=sqllite.db"
else
echo "# sqlite database does not exist, using postgresql"
databaseOption=""
fi
# see the configuration options with:
# sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release --project "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- -h
# run manually to debug:
# sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release --project "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- --sqlitefile=sqllite.db
echo "# create the btcpayserver.service"
echo "
[Unit]
Description=BtcPayServer daemon
Requires=nbxplorer.service
After=nbxplorer.service
[Service]
ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \
-c Release --project \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" ${databaseOption}
User=btcpay
Group=btcpay
Type=simple
PIDFile=/run/btcpayserver/btcpayserver.pid
Restart=always
RestartSec=10
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/btcpayserver.service
sudo systemctl daemon-reload
}
if [ "$1" = "status" ]; then
echo "version='${BTCPayVersion}'"
isInstalled=$(compgen -u | grep -c btcpay)
echo "prepared=${isInstalled}"
isActive=$(sudo ls /etc/systemd/system/btcpayserver.service 2>/dev/null | grep -c 'btcpayserver.service')
echo "installed=${isActive}"
isInstalled=$(compgen -u | grep -c btcpay)
echo "prepared=${isInstalled}"
isActive=$(sudo ls /etc/systemd/system/btcpayserver.service 2>/dev/null | grep -c 'btcpayserver.service')
echo "installed=${isActive}"
if [ "${BTCPayServer}" = "on" ]; then
echo "switchedon=1"
@ -168,31 +213,31 @@ if [ "$1" = "menu" ]; then
source <(sudo /home/admin/config.scripts/bonus.btcpayserver.sh status)
if [ ${switchedon} -eq 0 ]; then
whiptail --title " BTCPay Server " --msgbox "BTCPay Server is not activated." 7 36
exit 0
whiptail --title " BTCPay Server " --msgbox "BTCPay Server is not activated." 7 36
exit 0
fi
if [ ${installed} -eq 0 ]; then
whiptail --title " BTCPay Server " --msgbox "BTCPay Server needs to be re-installed.\nPress OK to start process." 8 45
/home/admin/config.scripts/bonus.btcpayserver.sh on
exit 0
whiptail --title " BTCPay Server " --msgbox "BTCPay Server needs to be re-installed.\nPress OK to start process." 8 45
/home/admin/config.scripts/bonus.btcpayserver.sh on
exit 0
fi
# display possible problems with IP2TOR setup
if [ ${#ip2torWarn} -gt 0 ]; then
whiptail --title " Warning " \
--yes-button "Back" \
--no-button "Continue Anyway" \
--yesno "Your IP2TOR+LetsEncrypt may have problems:\n${ip2torWarn}\n\nCheck if locally responding: https://${localIP}:${httpsPort}\n\nCheck if service is reachable over Tor:\n${toraddress}" 14 72
--yes-button "Back" \
--no-button "Continue Anyway" \
--yesno "Your IP2TOR+LetsEncrypt may have problems:\n${ip2torWarn}\n\nCheck if locally responding: https://${localIP}:${httpsPort}\n\nCheck if service is reachable over Tor:\n${toraddress}" 14 72
if [ "$?" != "1" ]; then
exit 0
fi
fi
fi
text="Local Web Browser: https://${localIP}:${httpsPort}"
if [ ${#publicDomain} -gt 0 ]; then
text="${text}
text="${text}
Public Domain: https://${publicDomain}:${httpsPort}
port forwarding on router needs to be active & may change port"
fi
@ -216,13 +261,13 @@ SHA1 ${sslFingerprintTOR}"
IP2TOR: https://${ip2torIP}:${ip2torPort}
SHA1 ${sslFingerprintTOR}
go MAINMENU > SUBSCRIBE and add LetsEncrypt HTTPS Domain"
# elif [ ${#publicDomain} -eq 0 ]; then
# text="${text}\n
#To enable easy reachability with normal browser from the outside
#consider adding a IP2TOR Bridge: MAINMENU > SUBSCRIBE > IP2TOR"
elif [ ${#publicDomain} -eq 0 ]; then
text="${text}\n
To enable easy reachability with normal browser from the outside
consider adding a IP2TOR Bridge: MAINMENU > SUBSCRIBE > IP2TOR"
fi
text="${text}\n
text="${text}\n
To get the 'Connection String' to activate Lightning Payments:
MAINMENU > CONNECT > BTCPay Server"
@ -241,8 +286,8 @@ if [ "$1" = "write-tls-macaroon" ]; then
echo "# make sure symlink to central app-data directory exists"
if ! [[ -L "/home/btcpay/.lnd" ]]; then
sudo rm -rf "/home/btcpay/.lnd" # not a symlink.. delete it silently
sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/btcpay/.lnd" # and create symlink
sudo rm -rf "/home/btcpay/.lnd" # not a symlink.. delete it silently
sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/btcpay/.lnd" # and create symlink
fi
# copy admin macaroon
@ -264,7 +309,7 @@ if [ "$1" = "cln-lightning-rpc-access" ]; then
if [ "${cl}" = "on" ]; then
source <(/home/admin/config.scripts/network.aliases.sh getvars cl mainnet)
if [ $(grep -c "^rpc-file-mode=0660" < ${CLCONF}) -eq 0 ]; then
if [ $(grep -c "^rpc-file-mode=0660" <${CLCONF}) -eq 0 ]; then
echo "rpc-file-mode=0660" | tee -a ${CLCONF}
if [ "${state}" == "ready" ]; then
sudo systemctl restart lightningd
@ -341,9 +386,9 @@ if [ "$1" = "install" ]; then
echo "DOTNET_CLI_TELEMETRY_OPTOUT=1" | sudo tee -a /etc/environment
# NBXplorer
echo "# Install NBXplorer"
echo "# Install NBXplorer $NBXplorerVersion"
cd /home/btcpay || exit 1
echo "# Download the NBXplorer source code ..."
echo "# Download the NBXplorer source code $NBXplorerVersion"
sudo -u btcpay git clone https://github.com/dgarage/NBXplorer.git 2>/dev/null
cd NBXplorer || exit 1
sudo -u btcpay git reset --hard $NBXplorerVersion
@ -352,14 +397,17 @@ if [ "$1" = "install" ]; then
PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc"
PGPpubkeyFingerprint="AB4CFA9895ACA0DBE27F6B346618763EF09186FE"
sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
echo "# Build NBXplorer ..."
echo "# Build NBXplorer $NBXplorerVersion"
# from the build.sh with path
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj || (
echo "# Build failed"
exit 1
)
# BTCPayServer
echo "# Install BTCPayServer"
cd /home/btcpay || exit 1
echo "# Download the BTCPayServer source code ..."
echo "# Download the BTCPayServer source code $BTCPayVersion"
sudo -u btcpay git clone https://github.com/btcpayserver/btcpayserver.git 2>/dev/null
cd btcpayserver || exit 1
sudo -u btcpay git reset --hard $BTCPayVersion
@ -372,9 +420,13 @@ if [ "$1" = "install" ]; then
#PGPpubkeyFingerprint="8E5530D9D1C93097"
sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
echo "# Build BTCPayServer ..."
echo "# Build BTCPayServer $BTCPayVersion"
# from the build.sh with path
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release \
/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj || (
echo "# Build failed"
exit 1
)
exit 0
fi
@ -430,13 +482,13 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# setup nginx symlinks
if ! [ -f /etc/nginx/sites-available/btcpay_ssl.conf ]; then
sudo cp /home/admin/assets/nginx/sites-available/btcpay_ssl.conf /etc/nginx/sites-available/btcpay_ssl.conf
sudo cp /home/admin/assets/nginx/sites-available/btcpay_ssl.conf /etc/nginx/sites-available/btcpay_ssl.conf
fi
if ! [ -f /etc/nginx/sites-available/btcpay_tor.conf ]; then
sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor.conf /etc/nginx/sites-available/btcpay_tor.conf
sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor.conf /etc/nginx/sites-available/btcpay_tor.conf
fi
if ! [ -f /etc/nginx/sites-available/btcpay_tor_ssl.conf ]; then
sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor_ssl.conf /etc/nginx/sites-available/btcpay_tor_ssl.conf
sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor_ssl.conf /etc/nginx/sites-available/btcpay_tor_ssl.conf
fi
sudo ln -sf /etc/nginx/sites-available/btcpay_ssl.conf /etc/nginx/sites-enabled/
sudo ln -sf /etc/nginx/sites-available/btcpay_tor.conf /etc/nginx/sites-enabled/
@ -522,26 +574,23 @@ WantedBy=multi-user.target
echo "# Starting nbxplorer"
sudo systemctl start nbxplorer
echo "# Checking for nbxplorer config"
while [ ! -f "/home/btcpay/.nbxplorer/Main/settings.config" ]
do
echo "# Waiting for nbxplorer to start - CTRL+C to abort"
sleep 10
hasFailed=$(sudo systemctl status nbxplorer | grep -c "Active: failed")
if [ ${hasFailed} -eq 1 ]; then
echo "# seems like starting nbxplorer service has failed - see: systemctl status nbxplorer"
echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214"
fi
while [ ! -f "/home/btcpay/.nbxplorer/Main/settings.config" ]; do
echo "# Waiting for nbxplorer to start - CTRL+C to abort"
sleep 10
hasFailed=$(sudo systemctl status nbxplorer | grep -c "Active: failed")
if [ ${hasFailed} -eq 1 ]; then
echo "# seems like starting nbxplorer service has failed - see: systemctl status nbxplorer"
echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214"
fi
done
else
echo "# Because the system is not 'ready' the service 'nbxplorer' will not be started at this point .. its enabled and will start on next reboot"
fi
postgresConfig
NBXplorerConfig
# whitelist localhost in bitcoind
if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then
if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf; then
echo "whitelist=127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf
bitcoindRestart=yes
fi
@ -554,38 +603,11 @@ WantedBy=multi-user.target
sudo systemctl restart nbxplorer
fi
# see the configuration options with:
# sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release -p "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- -h
# run manually to debug:
# sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release --project "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- --sqlitefile=sqllite.db
echo "# create the btcpayserver.service"
echo "
[Unit]
Description=BtcPayServer daemon
Requires=nbxplorer.service
After=nbxplorer.service
BtcPayConfig
[Service]
ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \
-c Release --project \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" \
-- --sqlitefile=sqllite.db
User=btcpay
Group=btcpay
Type=simple
PIDFile=/run/btcpayserver/btcpayserver.pid
Restart=on-failure
BtcPayService
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/btcpayserver.service
sudo systemctl enable btcpayserver
if [ "${state}" == "ready" ]; then
echo "# Starting btcpayserver"
sudo systemctl start btcpayserver
@ -593,14 +615,14 @@ WantedBy=multi-user.target
while [ ! -f "/home/btcpay/.btcpayserver/Main/settings.config" ]; do
echo "# Waiting for btcpayserver to start - CTRL+C to abort .."
sleep 30
hasFailed=$(sudo systemctl status btcpayserver | grep -c "Active: failed")
hasFailed=$(sudo systemctl status btcpayserver | grep -c "Active: failed")
if [ ${hasFailed} -eq 1 ]; then
echo "# seems like starting btcpayserver service has failed - see: systemctl status btcpayserver"
echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214"
fi
done
else
echo "# Because the system is not 'ready' the service 'btcpayserver' will not be started at this point .. its enabled and will start on next reboot"
echo "# Because the system is not 'ready' the service 'btcpayserver' will not be started at this point .. it is enabled and will start on next reboot"
fi
sudo -u btcpay mkdir -p /home/btcpay/.btcpayserver/Main/
@ -634,7 +656,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
else
if (whiptail --title " DELETE DATA? " --yesno "Do you want to delete\nthe BTCPay Server Data?" 8 30); then
deleteData=1
else
else
deleteData=0
fi
fi
@ -684,7 +706,10 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
else
echo "# keeping data"
fi
echo "# OK BTCPayServer deactivaed."
echo "# OK BTCPayServer deactivated."
echo "# delete the btcpay user home directory"
sudo userdel -rf btcpay 2>/dev/null
# needed for API/WebUI as signal that install ran thru
echo "result='OK'"
@ -693,6 +718,11 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
fi
if [ "$1" = "update" ]; then
# prevent the git error 'detected dubious ownership in repository'
git config --global --add safe.directory /home/btcpay/NBXplorer
git config --global --add safe.directory /home/btcpay/btcpayserver
echo "# Update NBXplorer"
cd /home/btcpay || exit 1
cd NBXplorer || exit 1
@ -712,7 +742,7 @@ if [ "$1" = "update" ]; then
TAG=$(git tag | sort -V | tail -1)
echo "# Up-to-date on version $TAG"
else
echo "# Pulling latest changes..."
echo "# Pulling the latest changes..."
sudo -u btcpay git pull -p
TAG=$(git tag | sort -V | tail -1)
echo "# Reset to the latest release tag: $TAG"
@ -720,22 +750,24 @@ if [ "$1" = "update" ]; then
PGPsigner="nicolasdorier"
PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc"
PGPpubkeyFingerprint="AB4CFA9895ACA0DBE27F6B346618763EF09186FE"
sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
echo "# Build NBXplorer ..."
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
echo "# Build NBXplorer $TAG"
# from the build.sh with path
sudo systemctl stop nbxplorer
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj || (
echo "# Build failed"
exit 1
)
# whitelist localhost in bitcoind
if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then
if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf; then
echo "whitelist=127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf
echo "# Restarting bitcoind"
sudo systemctl restart bitcoind
fi
# POSTGRES
postgresConfig
NBXplorerConfig
sudo systemctl start nbxplorer
@ -747,6 +779,9 @@ if [ "$1" = "update" ]; then
BtcPayConfig
# always update the btcpayserver.service
BtcPayService
echo "# Update BTCPayServer"
cd /home/btcpay || exit 1
cd btcpayserver || exit 1
@ -775,10 +810,13 @@ if [ "$1" = "update" ]; then
# https://github.com/rootzoll/raspiblitz/issues/3025
# sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \
# "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
echo "# Build BTCPayServer ..."
echo "# Build BTCPayServer $TAG"
# from the build.sh with path
sudo systemctl stop btcpayserver
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj
sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj || (
echo "# Build failed"
exit 1
)
sudo systemctl start btcpayserver
echo "# Updated BTCPayServer to $TAG"
fi

99
home.admin/config.scripts/bonus.circuitbreaker.sh
View file

@ -1,8 +1,8 @@
#!/bin/bash
# https://github.com/lightningequipment/circuitbreaker/releases
pinnedVersion="v0.3.2"
# the commits are not signed
# https://github.com/lightningequipment/circuitbreaker/commits/master
pinnedVersion="e223938d983b756b3893880f3b3bf77e624a9f00"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -16,10 +16,37 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
exit 1
fi
PGPsigner="web-flow"
PGPpubkeyLink="https://github.com/${PGPsigner}.gpg"
PGPpubkeyFingerprint="4AEE18F83AFDEB23"
# PGPsigner="joostjager"
# PGPpubkeyLink="https://github.com/${PGPsigner}.gpg"
# PGPpubkeyFingerprint="B9A26449A5528325"
source /mnt/hdd/raspiblitz.conf
isInstalled=$(sudo ls /etc/systemd/system/circuitbreaker.service 2>/dev/null | grep -c 'circuitbreaker.service')
# show info menu
if [ "$1" = "menu" ]; then
# get network info
localip=$(hostname -I | awk '{print $1}')
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
# info without Tor
whiptail --title " Circuit Breaker" --msgbox "Open in your local web browser & accept self-signed cert:
https://${localip}:9236\n
SHA1 Thumb/Fingerprint:
${fingerprint}\n
To follow the logs use the command:
sudo journalctl -fu circuitbreaker
" 14 63
echo "please wait ..."
exit 0
fi
# switch on
if [ "$1" = "menu" ]; then
if [ ${isInstalled} -eq 1 ]; then
@ -67,23 +94,15 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo /usr/sbin/usermod --append --groups lndadmin circuitbreaker
# install from source
cd /home/circuitbreaker
cd /home/circuitbreaker || exit 1
sudo -u circuitbreaker git clone https://github.com/lightningequipment/circuitbreaker.git
cd circuitbreaker
cd circuitbreaker || exit 1
sudo -u circuitbreaker git reset --hard $pinnedVersion
sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1
##################
# config
##################
echo
echo "# Setting the example configuration from:"
echo "# https://github.com/lightningequipment/circuitbreaker/blob/$pinnedVersion/circuitbreaker-example.yaml"
echo "# Find it at: /home/circuitbreaker/.circutbreaker/circuitbreaker.yaml"
echo
sudo -u circuitbreaker mkdir /home/circuitbreaker/.circuitbreaker 2>/dev/null
sudo -u circuitbreaker cp circuitbreaker-example.yaml \
/home/circuitbreaker/.circuitbreaker/circuitbreaker.yaml
sudo -u circuitbreaker /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1
# make systemd service
# sudo nano /etc/systemd/system/circuitbreaker.service
@ -114,14 +133,22 @@ WantedBy=multi-user.target
sudo systemctl enable circuitbreaker
echo "# OK - the circuitbreaker.service is now enabled"
else
else
echo "# The circuitbreaker.service is already installed."
fi
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set circuitbreaker "on"
##################
# NGINX
##################
# setup nginx symlinks
if ! [ -f /etc/nginx/sites-available/circuitbreaker_ssl.conf ]; then
sudo cp /home/admin/assets/nginx/sites-available/circuitbreaker_ssl.conf /etc/nginx/sites-available/circuitbreaker_ssl.conf
fi
sudo ln -sf /etc/nginx/sites-available/circuitbreaker_ssl.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
isInstalled=$(sudo -u circuitbreaker /home/circuitbreaker/go/bin/circuitbreaker --version | grep -c "circuitbreaker version")
isInstalled=$(sudo -u circuitbreaker /home/circuitbreaker/go/bin/circuitbreaker --version | grep -c "circuitbreakerd version")
if [ ${isInstalled} -eq 1 ]; then
echo
@ -138,35 +165,43 @@ WantedBy=multi-user.target
echo "# Failed to install circuitbreaker "
exit 1
fi
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set circuitbreaker "on"
sudo ufw allow 9236 comment circuitbreaker_https
exit 0
fi
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# Removing the user and it's home directory"
sudo userdel -rf circuitbreaker 2>/dev/null
if [ ${isInstalled} -eq 1 ]; then
echo "# Removing the circuitbreaker.service"
sudo systemctl stop circuitbreaker
sudo systemctl disable circuitbreaker
sudo rm /etc/systemd/system/circuitbreaker.service
echo "# Removing the user and it's home directory"
sudo userdel -rf circuitbreaker 2>/dev/null
echo "# OK, Circuit Breaker is removed."
echo "# OK, circuitbreaker.service is removed."
else
echo "# Circuit Breaker is not installed."
echo "# circuitbreaker.service is not installed."
fi
# setting value in raspiblitz.conf
/home/admin/config.scripts/blitz.conf.sh set circuitbreaker "off"
sudo ufw delete allow 9236
exit 0
fi
# update
if [ "$1" = "update" ]; then
echo "# Updating Circuit Breaker"
cd /home/circuitbreaker/circuitbreaker
cd /home/circuitbreaker/circuitbreaker || exit 1
# from https://github.com/apotdevin/thunderhub/blob/master/scripts/updateToLatest.sh
# fetch latest master
sudo -u circuitbreaker git fetch
@ -190,16 +225,12 @@ if [ "$1" = "update" ]; then
echo "# Pulling latest changes..."
sudo -u circuitbreaker git pull -p
sudo -u circuitbreaker git reset --hard $TAG
#TODO PGP verification on update
echo "# Installing the version: $TAG"
sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1
echo
echo "# Setting the example configuration from:"
echo "# https://github.com/lightningequipment/circuitbreaker/blob/$TAG/circuitbreaker-example.yaml"
echo "# Find it at: /home/circuitbreaker/.circutbreaker/circuitbreaker.yaml"
sudo -u circuitbreaker mkdir /home/circuitbreaker/.circuitbreaker 2>/dev/null
sudo -u circuitbreaker cp circuitbreaker-example.yaml \
/home/circuitbreaker/.circuitbreaker/circuitbreaker.yaml
echo
echo "# Updated to version" $TAG
echo
echo "# Starting the circuitbreaker service ... "
@ -210,4 +241,4 @@ fi
echo "# FAIL - Unknown Parameter $1"
echo "# may need reboot to run normal again"
exit 1
exit 1

96
home.admin/config.scripts/bonus.electrs.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/romanz/electrs/releases
ELECTRSVERSION="v0.9.10"
ELECTRSVERSION="v0.9.11"
# https://github.com/romanz/electrs/commits/master
# ELECTRSVERSION="446858ea621416916f84cbce61be92b748e8133e"
@ -73,7 +73,7 @@ if [ "$1" = "status" ]; then
# no answer on that port
echo "publicHTTPPortAnswering=0"
fi
# add TOR info
# add Tor info
if [ "${runBehindTor}" == "on" ]; then
echo "TorRunning=1"
if [ "$2" = "showAddress" ]; then
@ -98,20 +98,21 @@ if [ "$1" = "status-sync" ] || [ "$1" = "status" ]; then
echo "serviceRunning=${serviceRunning}"
if [ ${serviceRunning} -eq 1 ]; then
# Experimental try to get sync Info
syncedToBlock=$(sudo journalctl -u electrs --no-pager -n2000 | grep "height=" | tail -n1| cut -d= -f3)
blockchainHeight=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | jq -r '.headers' | sed 's/[^0-9]*//g')
lastBlockchainHeight=$(($blockchainHeight -1))
syncProgress=0
if [ "${syncedToBlock}" != "" ] && [ "${blockchainHeight}" != "" ] && [ "${blockchainHeight}" != "0" ]; then
syncProgress="$(echo "$syncedToBlock" "$blockchainHeight" | awk '{printf "%.2f", $1 / $2 * 100}')"
fi
echo "syncProgress=${syncProgress}%"
if [ "${syncedToBlock}" = "${blockchainHeight}" ] || [ "${syncedToBlock}" = "${lastBlockchainHeight}" ]; then
echo "tipSynced=1"
else
echo "tipSynced=0"
fi
# Experimental try to get sync Info (electrs debug info would need more details)
#source <(/home/admin/_cache.sh get btc_mainnet_blocks_headers)
#blockchainHeight="${btc_mainnet_blocks_headers}"
#lastBlockchainHeight=$(($blockchainHeight -1))
#syncedToBlock=$(sudo journalctl -u electrs --no-pager -n2000 | grep "height=" | tail -n1| cut -d= -f3)
#syncProgress=0
#if [ "${syncedToBlock}" != "" ] && [ "${blockchainHeight}" != "" ] && [ "${blockchainHeight}" != "0" ]; then
# syncProgress="$(echo "$syncedToBlock" "$blockchainHeight" | awk '{printf "%.2f", $1 / $2 * 100}')"
#fi
#echo "syncProgress=${syncProgress}%"
#if [ "${syncedToBlock}" = "${blockchainHeight}" ] || [ "${syncedToBlock}" = "${lastBlockchainHeight}" ]; then
# echo "tipSynced=1"
#else
# echo "tipSynced=0"
#fi
# check if initial sync was done, by setting a file as once electrs is the first time responding on port 50001
electrumResponding=$(echo '{"jsonrpc":"2.0","method":"server.ping","params":[],"id":"electrs-check"}' | netcat -w 2 127.0.0.1 50001 | grep -c "result")
@ -135,7 +136,7 @@ if [ "$1" = "status-sync" ] || [ "$1" = "status" ]; then
fi
else
echo "tipSynced=0"
# echo "tipSynced=0"
echo "initialSynced=0"
echo "electrumResponding=0"
echo "infoSync='Not running - check: sudo journalctl -u electrs'"
@ -268,7 +269,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
isInstalled=$(sudo ls /etc/systemd/system/electrs.service 2>/dev/null | grep -c 'electrs.service')
if [ ${isInstalled} -eq 0 ]; then
#cleanup
# cleanup
sudo rm -f /home/electrs/.electrs/config.toml
echo
@ -289,9 +290,14 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo
sudo -u electrs git clone https://github.com/romanz/electrs
cd /home/electrs/electrs || exit 1
sudo -u electrs git reset --hard $ELECTRSVERSION
# verify
sudo -u electrs /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
# build
sudo -u electrs /home/electrs/.cargo/bin/cargo build --locked --release || exit 1
echo
@ -302,7 +308,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo
echo "# Getting RPC credentials from the bitcoin.conf"
#read PASSWORD_B
# read PASSWORD_B
RPC_USER=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcuser | cut -c 9-)
PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
echo "# Done"
@ -478,8 +484,7 @@ fi
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# setting value in raspiblitz config
/home/admin/config.scripts/blitz.conf.sh set ElectRS "off"
echo "# REMOVING ELECTRS"
# if second parameter is "deleteindex"
if [ "$2" == "deleteindex" ]; then
@ -487,23 +492,10 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
sudo rm -rf /mnt/hdd/app-storage/electrs/
fi
# Hidden Service if Tor is active
if [ "${runBehindTor}" = "on" ]; then
/home/admin/config.scripts/tor.onion-service.sh off electrs
fi
isInstalled=$(sudo ls /etc/systemd/system/electrs.service 2>/dev/null | grep -c 'electrs.service')
if [ ${isInstalled} -eq 1 ]; then
echo "# REMOVING ELECTRS"
sudo systemctl disable electrs
sudo rm /etc/systemd/system/electrs.service
# delete user and home directory
sudo userdel -rf electrs
# close ports on firewall
sudo ufw deny 50001
sudo ufw deny 50002
echo "# OK ElectRS removed."
# restart BTC-RPC-Explorer to reconfigure itself to use electrs for address API
if [ "${BTCRPCexplorer}" == "on" ]; then
@ -512,8 +504,25 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
fi
else
echo "# ElectRS is not installed."
echo "# electrs.service is not installed."
fi
# Hidden Service if Tor is active
if [ "${runBehindTor}" = "on" ]; then
/home/admin/config.scripts/tor.onion-service.sh off electrs
fi
# close ports on firewall
sudo ufw delete allow 50001
sudo ufw delete allow 50002
# delete user and home directory
sudo userdel -rf electrs
# setting value in raspiblitz config
/home/admin/config.scripts/blitz.conf.sh set ElectRS "off"
echo "# OK ElectRS removed."
exit 0
fi
@ -522,7 +531,7 @@ if [ "$1" = "update" ]; then
cd /home/electrs/electrs || exit 1
sudo -u electrs git fetch
localVersion=$(git describe --tag)
localVersion=$(/home/electrs/electrs/target/release/electrs --version)
updateVersion=$(curl --header "X-GitHub-Api-Version:2022-11-28" -s https://api.github.com/repos/romanz/electrs/releases/latest|grep tag_name|head -1|cut -d '"' -f4)
if [ $localVersion = $updateVersion ]; then
@ -532,12 +541,21 @@ if [ "$1" = "update" ]; then
sudo -u electrs git pull -p
echo "# Reset to the latest release tag: $updateVersion"
sudo -u electrs git reset --hard $updateVersion
sudo -u electrs /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
echo "# Installing build dependencies"
sudo -u electrs curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u electrs sh -s -- --default-toolchain none -y
sudo apt install -y clang cmake build-essential # for building 'rust-rocksdb'
echo
echo "# Build Electrs ..."
sudo -u electrs /home/electrs/.cargo/bin/cargo build --locked --release || exit 1
# update config
sed -i "/^server_banner =/d" /home/electrs/.electrs/config.toml
sudo bash -c "echo 'server_banner = \"Welcome to electrs $updateVersion - the Electrum Rust Server on your RaspiBlitz\"' >> /home/electrs/.electrs/config.toml"
sudo -u electrs sed -i "/^server_banner = /d" /home/electrs/.electrs/config.toml
sudo -u electrs bash -c "echo 'server_banner = \"Welcome to electrs $updateVersion - the Electrum Rust Server on your RaspiBlitz\"' >> /home/electrs/.electrs/config.toml"
echo "# Updated Electrs to $updateVersion"
fi

105
home.admin/config.scripts/bonus.go.sh
View file

@ -1,10 +1,15 @@
#!/usr/bin/env sh
# set version, check: https://golang.org/dl/
goVersion="1.18.7"
goVersion="1.19.5"
# checksums:
amd64Checksum="36519702ae2fd573c9869461990ae550c8c0d955cd28d2827a6b159fda81ff95"
armv6lChecksum="ec14f04bdaf4a62bdcf8b55b9b6434cc27c2df7d214d0bb7076a7597283b026a"
arm64Checksum="fc0aa29c933cec8d76f5435d859aaf42249aa08c74eb2d154689ae44c08d23b3"
downloadFolder="/home/admin/download"
usage(){
usage() {
printf "Config script to install or remove Go\n"
printf "./bonus.go.sh [on|off]\n"
exit 1
@ -12,51 +17,65 @@ usage(){
case "$1" in
1|on) # switch on
. /etc/profile # get Go vars - needed if there was no log-out since Go installed
printf "Check Framework: Go\n"
if go version 2>/dev/null | grep -q "${goVersion}" ; then
printf "\nThe requested version of Go is already installed.\n"
go version
printf "\n"
1 | on) # switch on
. /etc/profile # get Go vars - needed if there was no log-out since Go installed
printf "# Check Framework: Go\n"
if go version 2>/dev/null | grep -q "${goVersion}"; then
printf "\nThe requested version of Go is already installed.\n"
go version
printf "\n"
else
goOSversion=$(dpkg --print-architecture)
if [ ${goOSversion} = "armv6l" ]; then
checksum=${armv6lChecksum}
elif [ ${goOSversion{} = "arm64" ]; then
checksum=${arm64Checksum}
elif [ ${goOSversion} = "amd64" ]; then
checksum=${amd64Checksum}
else
architecture="$(uname -m)"
case "${architecture}" in
arm*) goOSversion="armv6l";;
aarch64) goOSversion="arm64";;
x86_64) goOSversion="amd64";;
*) printf %s"Not available for architecture=${architecture}\n"; exit 1
esac
printf %s"\n*** Installing Go v${goVersion} for ${goOSversion} \n***"
wget https://dl.google.com/go/go${goVersion}.linux-${goOSversion}.tar.gz -P ${downloadFolder}
if [ ! -f "${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz" ]; then
printf "# FAIL # Download failed.\n"
rm -fv go${goVersion}.linux-${goOSversion}.tar.gz*
exit 1
fi
printf "Clean old Go version\n"
sudo rm -rf /usr/local/go /usr/local/gocode
sudo tar -C /usr/local -xzf ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz
rm -fv ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz*
sudo mkdir -v /usr/local/gocode
sudo chmod -v 777 /usr/local/gocode
export GOROOT=/usr/local/go
export PATH=$PATH:$GOROOT/bin
export GOPATH=/usr/local/gocode
export PATH=$PATH:$GOPATH/bin
sudo grep -q "GOROOT=" /etc/profile || { printf "\nGOROOT=/usr/local/go\nPATH=\$PATH:\$GOROOT/bin/\nGOPATH=/usr/local/gocode\nPATH=\$PATH:\$GOPATH/bin/\n\n" | sudo tee -a /etc/profile; }
go env -w GOPATH=/usr/local/gocode # set GOPATH https://github.com/golang/go/wiki/SettingGOPATH
go version | grep -q "go" || { printf "FAIL: Unable to install Go\n"; exit 1; }
printf %s"Installed $(go version 2>/dev/null)\n\n"
echo "# architecture $goOSversion not supported"
exit 1
fi
;;
0|off) # switch off
printf "*** REMOVING GO ***\n"
printf %s"\n*** Installing Go v${goVersion} for ${goOSversion} \n***"
wget https://dl.google.com/go/go${goVersion}.linux-${goOSversion}.tar.gz -P ${downloadFolder}
if [ ! -f "${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz" ]; then
printf "# FAIL # Download failed.\n"
rm -fv go${goVersion}.linux-${goOSversion}.tar.gz*
exit 1
fi
if ! echo ${checksum} ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz | sha256sum -c; then
printf "# FAIL: Download corrupted\n"
rm -fv ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz*
exit 1
fi
printf "# Clean old Go version\n"
sudo rm -rf /usr/local/go /usr/local/gocode
printf "OK Go removed.\n"
sudo tar -C /usr/local -xzf ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz
rm -fv ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz*
sudo mkdir -v /usr/local/gocode
sudo chmod -v 777 /usr/local/gocode
export GOROOT=/usr/local/go
export PATH=$PATH:$GOROOT/bin
export GOPATH=/usr/local/gocode
export PATH=$PATH:$GOPATH/bin
sudo grep -q "GOROOT=" /etc/profile || { printf "\nGOROOT=/usr/local/go\nPATH=\$PATH:\$GOROOT/bin/\nGOPATH=/usr/local/gocode\nPATH=\$PATH:\$GOPATH/bin/\n\n" | sudo tee -a /etc/profile; }
go env -w GOPATH=/usr/local/gocode # set GOPATH https://github.com/golang/go/wiki/SettingGOPATH
go version | grep -q "go" || {
printf "FAIL: Unable to install Go\n"
exit 1
}
printf %s"Installed $(go version 2>/dev/null)\n\n"
fi
;;
*) usage
0 | off) # switch off
printf "*** REMOVING GO ***\n"
sudo rm -rf /usr/local/go /usr/local/gocode
printf "# OK Go removed.\n"
;;
esac
*) usage ;;
esac

22
home.admin/config.scripts/bonus.joinmarket.sh
View file

@ -6,7 +6,7 @@
# https://github.com/openoms/joininbox
# https://github.com/openoms/joininbox/tags
JBTAG="v0.7.4" # installs JoinMarket v0.9.8
JBTAG="v0.7.6" # installs JoinMarket v0.9.9
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -20,9 +20,9 @@ fi
# show info menu
if [ "$1" = "menu" ]; then
whiptail --title " JoinMarket info " \
--yes-button "Start Joininbox" \
--no-button "Cancel" \
--yesno "Usage notes:
--yes-button "Start Joininbox" \
--no-button "Cancel" \
--yesno "Usage notes:
https://github.com/openoms/bitcoin-tutorials/blob/master/joinmarket/README.md
Can also type: 'jm' in the command line to switch to the dedicated user,
@ -35,8 +35,8 @@ and start the JoininBox menu.
fi
# check if sudo
if [ "$EUID" -ne 0 ]
then echo "Please run as root (with sudo)"
if [ "$EUID" -ne 0 ]; then
echo "Please run as root (with sudo)"
exit
fi
@ -80,7 +80,7 @@ if [ "$1" = "install" ]; then
# https://github.com/openoms/joininbox/releases/
sudo -u joinmarket git reset --hard ${JBTAG}
sudo -u joinmarket /home/admin/config.scripts/blitz.git-verify.sh \
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${JBTAG}" || exit 1
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${JBTAG}" || exit 1
# copy the scripts in place
sudo -u joinmarket cp /home/joinmarket/joininbox/scripts/* /home/joinmarket/
@ -161,7 +161,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# make sure the Bitcoin Core wallet is on
/home/admin/config.scripts/network.wallet.sh on
if [ $(/usr/local/bin/bitcoin-cli -conf=/mnt/hdd/bitcoin/bitcoin.conf listwallets | grep -c wallet.dat) -eq 0 ];then
if [ $(/usr/local/bin/bitcoin-cli -conf=/mnt/hdd/bitcoin/bitcoin.conf listwallets | grep -c wallet.dat) -eq 0 ]; then
echo "# Create a non-descriptor wallet.dat"
/usr/local/bin/bitcoin-cli -conf=/mnt/hdd/bitcoin/bitcoin.conf -named createwallet wallet_name=wallet.dat descriptors=false
else
@ -187,9 +187,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
ln -s /mnt/hdd/app-data/.joinmarket /home/joinmarket/ 2>/dev/null
chown -R joinmarket:joinmarket /home/joinmarket/.joinmarket
# specify wallet.dat in old config for multiwallet for multiwallet support
if [ -f "/home/joinmarket/.joinmarket/joinmarket.cfg" ] ; then
if [ -f "/home/joinmarket/.joinmarket/joinmarket.cfg" ]; then
sudo -u joinmarket sed -i "s/^rpc_wallet_file =.*/rpc_wallet_file = wallet.dat/g" \
/home/joinmarket/.joinmarket/joinmarket.cfg
/home/joinmarket/.joinmarket/joinmarket.cfg
echo "# specified to use wallet.dat in the recovered joinmarket.cfg"
fi
@ -210,7 +210,7 @@ source /home/joinmarket/_commands.sh
if [ -z \"\$TMUX\" ]; then
/home/joinmarket/menu.sh
fi
" | sudo -u joinmarket tee -a /home/joinmarket/.bashrc
" | sudo -u joinmarket tee -a /home/joinmarket/.bashrc
# configure joinmarket (includes a check if it is installed)
if sudo -u joinmarket /home/joinmarket/start.joininbox.sh; then

32
home.admin/config.scripts/bonus.lnbits.sh
View file

@ -3,7 +3,7 @@
# https://github.com/lnbits/lnbits-legend
# https://github.com/lnbits/lnbits-legend/releases
tag="0.9.4"
tag="0.9.6"
VERSION="${tag}"
# command info
@ -174,10 +174,10 @@ https://${ip2torDomain}:${ip2torPort} ready for public use"
IP2TOR: https://${ip2torIP}:${ip2torPort}
SHA1 ${sslFingerprintTOR}\n
Consider adding a LetsEncrypt HTTPS Domain under OPTIONS."
# elif [ ${#publicDomain} -eq 0 ]; then
# text="${text}\n
#To enable easy reachability with normal browser from the outside
#Consider adding a IP2TOR Bridge under OPTIONS."
elif [ ${#publicDomain} -eq 0 ]; then
text="${text}\n
To enable easy reachability with normal browser from the outside
Consider adding a IP2TOR Bridge under OPTIONS."
fi
whiptail --title " LNbits ${fundinginfo}" --yes-button "OK" --no-button "OPTIONS" --yesno "${text}" 18 69
@ -194,16 +194,16 @@ Consider adding a LetsEncrypt HTTPS Domain under OPTIONS."
OPTIONS=()
# IP2TOR options
#if [ "${ip2torDomain}" != "" ]; then
# # IP2TOR+LetsEncrypt active - offer cancel
# OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits")
#elif [ "${ip2torIP}" != "" ]; then
# # just IP2TOR active - offer cancel or Lets Encrypt
# OPTIONS+=(HTTPS-ON "Add free HTTPS-Certificate for LNbits")
# OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits")
#else
# OPTIONS+=(IP2TOR-ON "Make Public with IP2Tor Subscription")
#fi
if [ "${ip2torDomain}" != "" ]; then
# IP2TOR+LetsEncrypt active - offer cancel
OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits")
elif [ "${ip2torIP}" != "" ]; then
# just IP2TOR active - offer cancel or Lets Encrypt
OPTIONS+=(HTTPS-ON "Add free HTTPS-Certificate for LNbits")
OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits")
else
OPTIONS+=(IP2TOR-ON "Make Public with IP2Tor Subscription")
fi
# Change Funding Source options (only if available)
if [ "${LNBitsFunding}" == "lnd" ] && [ "${cl}" == "on" ]; then
@ -608,7 +608,7 @@ if [ "$1" = "install" ]; then
exit 0
fi
echo "# *** INSTALL THUNDERHUB ***"
echo "# *** INSTALL LNBIS ${VERSION} ***"
# add lnbits user
echo "*** Add the 'lnbits' user ***"

4
home.admin/config.scripts/bonus.lndconnect.sh
View file

@ -98,7 +98,7 @@ elif [ "${targetWallet}" = "zeus-ios" ]; then
usingIP2TOR="LND-REST-API"
forceTOR=1
host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname)
connectInfo="- start the Zeus Wallet --> lndconnect\n- scan the QR code \n- activate 'Tor' option \n- activate 'Certification Verification' option\n- save Node Config"
connectInfo="- start the Zeus Wallet --> Scan Node Config\n- scan the QR code \n- save Node Config"
elif [ "${targetWallet}" = "zeus-android" ]; then
@ -106,7 +106,7 @@ elif [ "${targetWallet}" = "zeus-android" ]; then
usingIP2TOR="LND-REST-API"
forceTOR=1
host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname)
connectInfo="- start the Zeus Wallet --> lndconnect\n- scan the QR code \n- activate 'Tor' option \n- activate 'Certification Verification' option\n- save Node Config"
connectInfo="- start the Zeus Wallet --> Scan Node Config\n- scan the QR code \n- save Node Config"
elif [ "${targetWallet}" = "sendmany-android" ]; then

11
home.admin/config.scripts/bonus.lndg.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/cryptosharks131/lndg
VERSION="1.4.0 "
VERSION="1.5.0 "
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -155,7 +155,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
if [ "$2" == "deletedatabase" ]; then
# deleting old database and moving new database
echo "Deleting existing database and creating new one"
echo "Deleting existing database and creating new one"
sudo rm -rf /mnt/hdd/app-data/lndg/data
sudo cp -p -r /home/lndg/lndg/data /mnt/hdd/app-data/lndg/data
sudo rm /home/lndg/lndg/data/db.sqlite3
@ -166,8 +166,11 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# using existing database, so remove newly created database and link to existing one
echo "Database already exists, using existing database"
sudo rm /home/lndg/lndg/data/db.sqlite3
sudo chown -R lndg:lndg /mnt/hdd/app-data/lndg
sudo chmod -R 755 /mnt/hdd/app-data/lndg
sudo chmod 644 /mnt/hdd/app-data/lndg/data/db.sqlite3
sudo -u lndg ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3
sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate
sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate
fi
else
@ -243,7 +246,7 @@ ExecStart=/home/lndg/lndg/.venv/bin/gunicorn lndg.wsgi -w 4 -b 0.0.0.0:8889
Restart=always
KillSignal=SIGQUIT
Type=notify
StandardError=syslog
StandardError=append:/var/log/gunicorn_error.log
NotifyAccess=all
RestartSec=60s

4
home.admin/config.scripts/bonus.lndmanage.sh
View file

@ -9,7 +9,7 @@ fi
# set version of LND manage to install
# https://github.com/bitromortac/lndmanage/releases
lndmanageVersion="0.11.0"
lndmanageVersion="0.14.2"
pgpKeyDownload="https://github.com/bitromortac.gpg"
gpgFingerprint="0453B9F5071261A40FDB34181965063FC13BEBE2"
@ -69,7 +69,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# installing ..."
python3 -m venv venv
source /home/admin/lndmanage/venv/bin/activate
python3 -m pip install lndmanage-0.11.0-py3-none-any.whl
python3 -m pip install lndmanage-${lndmanageVersion}-py3-none-any.whl
# get build dependencies
# python3 -m pip install --upgrade pip wheel setuptools

252
home.admin/config.scripts/bonus.lnproxy.sh Normal file
View file

@ -0,0 +1,252 @@
#!/bin/bash
# https://github.com/lnproxy/lnproxy/commits/main
LNPROXYVERSION="423723b58cc45daa2fdf6c8b22537d560aca4d7a"
# https://github.com/lnproxy/lnproxy-webui/commits/main
WEBUIVERSION=24d291c884a0b60126c1915301f29c893900a155
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "config script to install or uninstall the lnproxy server"
echo "bonus.lnproxy.sh [on|off|menu]"
echo "installs the version $LNPROXYVERSION by default"
exit 1
fi
source /mnt/hdd/raspiblitz.conf
localip=$(hostname -I | awk '{print $1}')
# menu
if [ "$1" = "menu" ]; then
if systemctl is-active --quiet lnproxy; then
# get network info
torAddress=$(sudo cat /mnt/hdd/tor/lnproxy/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
if [ "${runBehindTor}" = "on" ] && [ -n "${torAddress}" ]; then
# Info with Tor
sudo /home/admin/config.scripts/blitz.display.sh qr "${torAddress}"
whiptail --title " lnproxy-webui and API" --msgbox "\
Open in your local web browser:
http://${localip}:4748
https://${localip}:4749 with Fingerprint:
${fingerprint}\n
Hidden Service address for Tor Browser (see LCD for QR):
${torAddress}\n
To use the API:
curl -k https://${localip}:4749/api/{invoice}?routing_msat={budget}\n
The Tor Hidden Service address to share for using the API:
${torAddress}/api
" 19 67
sudo /home/admin/config.scripts/blitz.display.sh hide
else
# Info without Tor
whiptail --title " lnproxy-webui " --msgbox "Open in your local web browser:
http://${localip}:4748\n
Activate Tor to access the web interface from outside your local network.
" 15 57
fi
echo "# please wait ..."
else
echo "# *** LNPROXY IS NOT INSTALLED ***"
fi
exit 0
fi
# install
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
if systemctl is-active --quiet lnproxy; then
echo "# FAIL - lnproxy already installed"
sleep 3
exit 1
fi
echo "*** INSTALL LNPROXY ***"
# check and install Go
/home/admin/config.scripts/bonus.go.sh on
# create lnproxy user
sudo adduser --disabled-password --gecos "" lnproxy
# create macaroon
cd /home/bitcoin || exit 1
sudo -u bitcoin lncli bakemacaroon --save_to lnproxy.macaroon \
uri:/lnrpc.Lightning/DecodePayReq \
uri:/lnrpc.Lightning/LookupInvoice \
uri:/invoicesrpc.Invoices/AddHoldInvoice \
uri:/invoicesrpc.Invoices/SubscribeSingleInvoice \
uri:/invoicesrpc.Invoices/CancelInvoice \
uri:/invoicesrpc.Invoices/SettleInvoice \
uri:/routerrpc.Router/SendPaymentV2
sudo mv ./lnproxy.macaroon /home/lnproxy/
sudo chown lnproxy:lnproxy /home/lnproxy/lnproxy.macaroon
sudo chmod 600 /home/lnproxy/lnproxy.macaroon
# make sure symlink to central app-data directory exists
sudo rm -rf /home/lnproxy/.lnd # not a symlink.. delete it silently
# create symlink
sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/lnproxy/.lnd"
# download source code
cd /home/lnproxy/ || exit 1
sudo -u lnproxy git clone https://github.com/lnproxy/lnproxy.git /home/lnproxy/lnproxy
cd /home/lnproxy/lnproxy || exit 1
sudo -u lnproxy git reset --hard ${LNPROXYVERSION} || exit 1
# build
sudo -u lnproxy /usr/local/go/bin/go get lnproxy
sudo -u lnproxy /usr/local/go/bin/go build
# manual start (in tmux)
# sudo -u lnproxy /home/lnproxy/lnproxy/lnproxy -lnd-cert /home/lnproxy/.lnd/tls.cert /home/lnproxy/lnproxy.macaroon
# create systemd service
cat <<EOF | sudo tee /etc/systemd/system/lnproxy.service
[Unit]
Description=lnproxy
After=lnd.service
[Service]
User=lnproxy
Group=lnproxy
Type=simple
ExecStart=/home/lnproxy/lnproxy/lnproxy -lnd-cert /home/lnproxy/.lnd/tls.cert /home/lnproxy/lnproxy.macaroon
Restart=on-failure
RestartSec=30
TimeoutSec=120
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
EOF
# enable and start service
sudo systemctl enable lnproxy
source <(/home/admin/_cache.sh get state)
if [ "${state}" == "ready" ]; then
echo "# OK - the lnproxy.service is enabled, system is on ready so starting service"
sudo systemctl start lnproxy
else
echo "# OK - the lnproxy.service is enabled, to start manually use: sudo systemctl start lnproxy"
fi
# lnproxy-webui
cd /home/lnproxy/ || exit 1
sudo -u lnproxy git clone https://github.com/lnproxy/lnproxy-webui
cd /home/lnproxy/lnproxy-webui || exit 1
sudo -u lnproxy git reset --hard ${WEBUIVERSION} || exit 1
# build
sudo -u lnproxy /usr/local/go/bin/go get lnproxy-webui
sudo -u lnproxy /usr/local/go/bin/go build
# create systemd service
cat <<EOF | sudo tee /etc/systemd/system/lnproxy-webui.service
[Unit]
Description=lnproxy-webui
After=lnproxy.service
[Service]
WorkingDirectory=/home/lnproxy/lnproxy-webui
User=lnproxy
Group=lnproxy
Type=simple
ExecStart=/home/lnproxy/lnproxy-webui/lnproxy-webui
Restart=on-failure
RestartSec=30
TimeoutSec=120
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
EOF
# enable and start service
sudo systemctl enable lnproxy-webui
source <(/home/admin/_cache.sh get state)
if [ "${state}" == "ready" ]; then
echo "# OK - the lnproxy-webui.service is enabled, system is on ready so starting service"
sudo systemctl start lnproxy-webui
else
echo "# OK - the lnproxy-webui.service is enabled, to start manually use: sudo systemctl start lnproxy-webui"
fi
##################
# NGINX
##################
# setup nginx symlinks
if ! [ -f /etc/nginx/sites-available/lnproxy_ssl.conf ]; then
sudo cp -f /home/admin/assets/nginx/sites-available/lnproxy_ssl.conf /etc/nginx/sites-available/lnproxy_ssl.conf
fi
if ! [ -f /etc/nginx/sites-available/lnproxy_tor.conf ]; then
sudo cp /home/admin/assets/nginx/sites-available/lnproxy_tor.conf /etc/nginx/sites-available/lnproxy_tor.conf
fi
if ! [ -f /etc/nginx/sites-available/lnproxy_tor_ssl.conf ]; then
sudo cp /home/admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf /etc/nginx/sites-available/lnproxy_tor_ssl.conf
fi
sudo ln -sf /etc/nginx/sites-available/lnproxy_ssl.conf /etc/nginx/sites-enabled/
sudo ln -sf /etc/nginx/sites-available/lnproxy_tor.conf /etc/nginx/sites-enabled/
sudo ln -sf /etc/nginx/sites-available/lnproxy_tor_ssl.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
sudo ufw allow 4747 comment lnproxy-HTTP
sudo ufw allow 4748 comment lnproxy-webui-HTTP
sudo ufw allow 4749 comment lnproxy-HTTPS
/home/admin/config.scripts/tor.onion-service.sh lnproxy 80 4750 443 4751
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set lnproxy "on"
echo "# API:"
echo "curl http://${localip}:4747/{your_invoice}?routing_msat={routing_budget}"
echo "# WebUI:"
echo "http://${localip}:4748"
echo "# More info at:"
echo "https://github.com/lnproxy/lnproxy"
exit 0
fi
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "*** REMOVING LNPROXY***"
# remove user and home directory
sudo userdel -rf lnproxy
# remove systemd services
sudo systemctl disable --now lnproxy
/etc/systemd/system/lnproxy.service
sudo systemctl disable --now lnproxy-webui
/etc/systemd/system/lnproxy-webui.service
# remove Tor service
/home/admin/config.scripts/tor.onion-service.sh off lnproxy
# close ports on firewall
sudo ufw delete allow 4747
sudo ufw delete allow 4748
sudo ufw delete allow 4749
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set lnproxy "off"
echo "# OK, lnproxy is removed."
exit 0
fi

53
home.admin/config.scripts/bonus.postgresql.sh
View file

@ -2,12 +2,12 @@
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "config script to install PostgreSQL"
echo "bonus.postgresql.sh [on|off]"
echo "bonus.postgresql.sh [backup] [database]"
echo "bonus.postgresql.sh [restore] [database] [user] [password]"
echo "bonus.postgresql.sh [info]"
exit 1
echo "config script to install PostgreSQL"
echo "bonus.postgresql.sh [on|off]"
echo "bonus.postgresql.sh [backup] [database]"
echo "bonus.postgresql.sh [restore] [database] [user] [password]"
echo "bonus.postgresql.sh [info]"
exit 1
fi
command=$1
@ -36,22 +36,22 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
fi
fix_postgres=0
if [ -L $postgres_datadir ] ; then
if [ -e $postgres_datadir ] ; then
echo "# Good link in $postgres_datadir"
else
echo "# Broken link in $postgres_datadir"
fix_postgres=1
fi
elif [ -e $postgres_datadir ] ; then
echo "# Not a link in $postgres_datadir"
fix_postgres=1
if [ -L $postgres_datadir ]; then
if [ -e $postgres_datadir ]; then
echo "# Good link in $postgres_datadir"
else
echo "# Broken link in $postgres_datadir"
fix_postgres=1
fi
elif [ -e $postgres_datadir ]; then
echo "# Not a link in $postgres_datadir"
fix_postgres=1
else
echo "# Missing Link in $postgres_datadir"
fix_postgres=1
echo "# Missing Link in $postgres_datadir"
fix_postgres=1
fi
if [ fix_postgres = 1 ] || [ ! -d /mnt/hdd/app-data/postgresql ]; then
if [ ${fix_postgres} = 1 ] || [ ! -d /mnt/hdd/app-data/postgresql ]; then
echo "# Move the PostgreSQL data to /mnt/hdd/app-data/postgresql"
sudo systemctl stop postgresql 2>/dev/null
sudo rsync -av $postgres_datadir /mnt/hdd/app-data
@ -67,9 +67,8 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
# wait for the postgres server to start
count=0
count_max=30
while ! nc -zv 127.0.0.1 5432 2>/dev/null;
do
count=`expr $count + 1`
while ! nc -zv 127.0.0.1 5432 2>/dev/null; do
count=$((count + 1))
echo "sleep $count/$count_max"
sleep 1
if [ $count = $count_max ]; then
@ -103,16 +102,16 @@ fi
# backup
backup_target="/mnt/hdd/app-data/backup/$db_name"
backup_file="${db_name}_`date +%d`-`date +%m`-`date +%Y`_`date +%H`-`date +%M`_dump"
backup_file="${db_name}_$(date +%d)-$(date +%m)-$(date +%Y)_$(date +%H)-$(date +%M)_dump"
if [ ! -d $backup_target ]; then
sudo mkdir -p $backup_target 1>&2
sudo mkdir -p $backup_target 1>&2
fi
# https://www.postgresql.org/docs/current/backup-dump.html
if [ "$command" = "backup" ] && [ "$db_name" != "" ]; then
echo "*** BACKUP POSTGRESQL $db_name ***"
sudo -u postgres pg_dump $db_name > $backup_target/${backup_file}.sql || exit 1
sudo -u postgres pg_dump $db_name >$backup_target/${backup_file}.sql || exit 1
# Delete old backups (keep last 3 backups)
sudo chown -R admin:admin $backup_target
ls -tp $backup_target/*.sql | grep -v '/$' | tail -n +4 | tr '\n' '\0' | xargs -0 rm -- 2>/dev/null
@ -154,7 +153,7 @@ if [ "$command" = "restore" ] && [ "$db_name" != "" ] && [ "$db_user" != "" ] &&
echo "# Import SQL Dump"
sudo mkdir -p $backup_target/logs 1>&2
sudo chown -R postgres:postgres $backup_file
sudo -u postgres psql $db_name < ${backup_file} > $backup_target/logs/sql_import.log || exit 1
sudo -u postgres psql $db_name <${backup_file} >$backup_target/logs/sql_import.log || exit 1
echo "$backup_target/sql_import.log written"
echo "OK - database $db_name restored from ${backup_file}"
exit 0
@ -176,4 +175,4 @@ if [ "$command" = "info" ]; then
fi
echo "FAIL - Unknown Parameter $command"
exit 1
exit 1

6
home.admin/config.scripts/bonus.sphinxrelay.sh
View file

@ -108,9 +108,9 @@ iOS support is native, Android needs Orbot"
At the moment your Sphinx Relay Server is just available
within the local network - without transport encryption.
Local server for test & debug: ${publicURL}/app"#\n
#To enable easy reachability from the outside consider
#adding a IP2TOR Bridge and reconnect:
#MAINMENU > SUBSCRIBE > IP2TOR > SPHINX"
To enable easy reachability from the outside consider
adding a IP2TOR Bridge and reconnect:
MAINMENU > SUBSCRIBE > IP2TOR > SPHINX"
extraPairInfo="You need to be on the same local network to make this work."
else

18
home.admin/config.scripts/bonus.suez.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/prusnak/suez/commits/master
SUEZVERSION="e402edbddb45d8a53af346b8582243f4068ece6c"
SUEZVERSION="bcfd3502ac1f7d95b90c62c1daeae50aa7052be7"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -12,7 +12,7 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
fi
PGPsigner="prusnak"
PGPpubkeyLink="https://github.com/${PGPsigner}.gpg"
PGPpubkeyLink="https://rusnak.io/public/pgp.txt"
PGPpubkeyFingerprint="91F3B339B9A02A3D"
source /mnt/hdd/raspiblitz.conf
@ -21,8 +21,7 @@ source /mnt/hdd/raspiblitz.conf
if [ "$1" = "menu" ]; then
dialog --title " Info Suez" --msgbox "
Suez is a command line tool.
Type: 'suez' for the default channel visualization for LND
Type: 'suez --help' in the command line to see the usage options.
Type: 'suez' to visualize the channels of the default ln instance
Readme: https://github.com/prusnak/suez#readme
" 10 75
exit 0
@ -46,11 +45,6 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
"${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
sudo -u bitcoin /home/bitcoin/.local/bin/poetry install
echo "# Adding alias"
sudo -u admin touch /home/admin/_aliases
echo "alias suez='cd /home/bitcoin/suez && sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez'"\
| sudo tee -a /home/admin/_aliases
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set suez "on"
@ -65,16 +59,14 @@ fi
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# REMOVING SUEZ"
sudo rm -rf /home/bitcoin/suez
echo "# OK, suez is removed."
echo "# OK, Suez is removed."
# setting value in raspi blitz config
/home/admin/config.scripts/blitz.conf.sh set suez "off"
exit 0
fi
# update
@ -98,4 +90,4 @@ if [ "$1" = "update" ]; then
fi
echo "FAIL - Unknown Parameter $1"
exit 1
exit 1

2
home.admin/config.scripts/bonus.tallycoin-connect.sh
View file

@ -8,7 +8,7 @@ HOME_DIR=/home/$USERNAME
CONFIG_FILE=$APP_DATA_DIR/tallycoin_api.key
RASPIBLITZ_INFO=/home/admin/raspiblitz.info
SERVICE_FILE=/etc/systemd/system/tallycoin-connect.service
TC_VERSION=1.7.1
TC_VERSION=1.7.5
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then

2
home.admin/config.scripts/cl.backup.sh
View file

@ -189,7 +189,7 @@ if [ ${mode} = "cl-export-gui" ]; then
echo
echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:"
echo "sftp '${fileowner}@${localip}:${filename}' ./"
echo "ON WINDOWS USE:"
echo "ON WINDOWS - RUN IN CMD:"
echo "sftp ${fileowner}@${localip}:${filename} ."
echo
echo "Use password A to authenticate file transfer."

2
home.admin/config.scripts/cl.hsmtool.sh
View file

@ -156,7 +156,7 @@ function decryptHSMsecret() {
/home/admin/config.scripts/cl.hsmtool.sh unlock ${CHAIN}
# attempt to decrypt again
sudo cat $passwordFile | sudo -u bitcoin lightning-hsmtool decrypt \
"$hsmSecretPath" || echo "# Couldn't decrypt"; exit 1
"$hsmSecretPath" || (echo "# Couldn't decrypt"; exit 1)
fi
fi
shredPasswordFile

2
home.admin/config.scripts/lnd.backup.sh
View file

@ -199,7 +199,7 @@ if [ ${mode} = "lnd-export-gui" ]; then
echo
echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:"
echo "sftp '${fileowner}@${localip}:${filename}' ./"
echo "ON WINDOWS USE:"
echo "ON WINDOWS - RUN IN CMD:"
echo "sftp ${fileowner}@${localip}:${filename} ."
echo "Use password A to authenticate file transfer."
echo

6
home.admin/config.scripts/lnd.export.sh
View file

@ -136,9 +136,9 @@ elif [ "${exportType}" = "btcpay" ]; then
echo "NOTE: You have a IP2TOR connection for LND REST API .. so you can use this connection string also with a external BTCPay server."
else
echo "IMPORTANT: You can only use this connection string for a BTCPay server running on this RaspiBlitz."
#echo "If you want to connect from a external BTCPay server activate a IP2TOR tunnel for LND-REST first:"
#echo "MAIN MENU > SUBSCRIBE > IP2TOR > LND REST API"
#echo "Then come back and get a new connection string."
echo "If you want to connect from a external BTCPay server activate a IP2TOR tunnel for LND-REST first:"
echo "MAIN MENU > SUBSCRIBE > IP2TOR > LND REST API"
echo "Then come back and get a new connection string."
fi
echo ""

117
home.admin/config.scripts/network.reindex.sh
View file

@ -1,93 +1,54 @@
#!/bin/bash
# command info
if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "script to run re-index if the blockchain (in case of repair)"
echo "run to start or monitor re-index progress"
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "script to run re-index if the blockchain - blocks will not be deleted but re-indexed"
echo "will trigger reboot after started and progress can be monitored thru normal sync status"
echo "There are two ways to re-index - for details see: https://bitcoin.stackexchange.com/a/60711"
echo "network.reindex.sh reindex [mainnet|testnet|signet] --> re-index chain & repair corrupt blocks"
echo "network.reindex.sh reindex-chainstate [mainnet|testnet|signet] --> only re-build UTXO set (fast)"
exit 1
fi
# check and load raspiblitz config
# to know which network is running
source /home/admin/raspiblitz.info
source /mnt/hdd/raspiblitz.conf
# if re-index is not running, start ...
source <(/home/admin/_cache.sh get state)
if [ "${state}" != "reindex" ]; then
if [ "$1" = "reindex" ] || [ "$1" = "reindex-chainstate" ]; then
# stop services
echo "making sure services are not running .."
sudo systemctl stop lnd 2>/dev/null
sudo systemctl stop ${network}d 2>/dev/null
action="$1"
# network prefixes
if [ "$2" = "mainnet" ]; then
echo "# network.reindex.sh ${action} --> mainnet"
prefix=""
netparam=""
elif [ "$2" = "testnet" ]; then
echo "# network.reindex.sh ${action} --> testnet"
prefix="t"
netparam="-testnet "
elif [ "$2" = "signet" ]; then
echo "# network.reindex.sh ${action} --> signet"
prefix="s"
netparam="-signet "
else
echo "error='unknown/missing secondary parameter'"
exit 1
fi
# stop bitcoin service
echo "# stopping ${network} service (please wait - can take time) .."
sudo systemctl stop ${prefix}${network}d
# starting reindex
echo "starting re-index ..."
sudo -u bitcoin /usr/local/bin/${network}d -daemon -reindex -conf=/home/bitcoin/.${network}/${network}.conf -datadir=/home/bitcoin/.${network}
# set reindex flag in raspiblitz.info (gets deleted after (final) reboot)
sudo sed -i "s/^state=.*/state=reindex/g" /home/admin/raspiblitz.info
echo "# starting ${network} service with -${action} flag"
sudo -u bitcoin /usr/local/bin/${network}d ${netparam}-daemon -blockfilterindex=0 -${action} -conf=/mnt/hdd/${network}/${network}.conf -datadir=/mnt/hdd/${network} 1>&2
echo "# waiting 10 secs"
sleep 10
echo "# going into reboot - reindex process can be monitored like normal blockchain sync status"
sudo /home/admin/config.scripts/blitz.shutdown.sh reboot
exit 0
fi
# while loop to wait to finish
finished=0
progress=0
while [ ${finished} -eq 0 ]
do
clear
echo "*************************"
echo "REINDEXING BLOCKCHAIN"
echo "*************************"
date
echo "THIS CAN TAKE SOME VERY LONG TIME"
echo "See Raspiblitz FAQ: https://github.com/rootzoll/raspiblitz"
echo "On question: My blockchain data is corrupted - what can I do?"
echo "If you dont see any progress after 24h keep X pressed to stop."
echo "error='unknown main parameter'"
exit 1
# get blockchain sync progress
blockchaininfo=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo)
progress=$(echo "${blockchaininfo}" | jq -r '.verificationprogress')
#progress=$(echo "${progress}*100" | bc)
progress=$(echo $progress | awk '{printf( "%.2f%%", 100 * $1)}')
inprogress="$(echo "${blockchaininfo}" | jq -r '.initialblockdownload')"
if [ "${inprogress}" = "false" ]; then
finished=1
fi
echo ""
echo "RUNNING: ${inprogress}"
echo "PROGRESS: ${progress}"
echo ""
echo "You can close terminal while reindex is running.."
echo "But you have to login again to check if ready."
# wait 2 seconds for key input
read -n 1 -t 2 keyPressed
# check if user wants to abort monitor
if [ "${keyPressed}" = "x" ]; then
echo "stopped by user ..."
break
fi
done
# trigger reboot when finished
echo "*************************"
if [ ${finished} -eq 0 ]; then
echo "Re-Index CANCELED"
else
echo "Re-Index finished"
fi
echo "Starting reboot ..."
echo "*************************"
# stop bitcoind
sudo -u bitcoin ${network}-cli stop
sleep 4
# clean logs (to prevent a false reindex detection)
sudo rm /mnt/hdd/${network}/debug.log 2>/dev/null
# reboot
sudo /home/admin/config.scripts/blitz.shutdown.sh reboot

38
home.admin/config.scripts/network.txindex.sh
View file

@ -30,36 +30,47 @@ if [ "$1" = "status" ]; then
echo "##### STATUS TXINDEX"
indexByteSize=$(sudo du -s /mnt/hdd/bitcoin/indexes/txindex 2>/dev/null | cut -f1)
if [ "${indexByteSize}" == "" ]; then
indexByteSize=0
fi
echo "txindex=${txindex}"
echo "indexByteSize=${indexByteSize}"
if [ ${txindex} -eq 0 ]; then
exit 0
fi
# try to gather if still indexing
source <(/home/admin/_cache.sh get btc_mainnet_blocks_headers)
blockchainHeight="${btc_mainnet_blocks_headers}"
indexedToBlock=$(sudo tail -n 200 /mnt/hdd/${network}${pathAdd}/debug.log | grep "Syncing txindex with block chain from height" | tail -n 1 | cut -d " " -f 9 | sed 's/[^0-9]*//g')
blockchainHeight=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | jq -r '.blocks' | sed 's/[^0-9]*//g')
indexFinished=$(sudo tail -n 200 /mnt/hdd/${network}${pathAdd}/debug.log | grep -c "txindex is enabled at height")
echo "indexedToBlock=${indexedToBlock}"
echo "blockchainHeight=${blockchainHeight}"
echo "indexFinished=${indexFinished}"
if [ ${#indexedToBlock} -eq 0 ] || [ ${indexFinished} -gt 0 ] || [ "${indexedToBlock}" = "${blockchainHeight}" ]; then
echo "isIndexed=1"
indexedToBlock=$blockchainHeight
indexFinished=1
indexInfo="OK"
else
echo "isIndexed=0"
if [ ${#indexedToBlock} -gt 0 ] && [ ${#blockchainHeight} -gt 0 ]; then
progressPercent=$(printf %.2f $(echo "${indexedToBlock}/${blockchainHeight}*100" | bc -l))
indexInfo="Indexing is at ${progressPercent}% (please wait)"
indexInfo="Building ${progressPercent}% (please wait)"
else
indexInfo="Indexing is running (please wait)"
indexInfo="Building (please wait)"
fi
echo "indexInfo='${indexInfo}'"
fi
fi
echo "indexFinished=${indexFinished}"
echo "indexedToBlock=${indexedToBlock}"
echo "blockchainHeight=${blockchainHeight}"
exit 0
fi
###################
# switch on
###################
@ -84,27 +95,26 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
fi
fi
###################
# switch off
###################
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# changing config ..."
sudo sed -i "s/^txindex=.*/txindex=0/g" /mnt/hdd/${network}/${network}.conf
echo "# deinstalling apps needing txindex ..."
sudo -u admin /home/admin/config.scripts/bonus.btc-rpc-explorer.sh off
echo "# restarting bitcoind ..."
sudo systemctl restart ${network}d
exit 0
fi
###################
# delete (and make sure all using apps are deinstalled)
# on version update check all bonus scripts that this network.txindex.sh on
###################
if [ "$1" = "delete" ]; then
echo "# deinstalling apps needing txindex ..."
sudo -u admin /home/admin/config.scripts/bonus.btc-rpc-explorer.sh off
echo "# changing config ..."
echo "# stopping bitcoind ..."
sudo systemctl stop ${network}d
sudo sed -i "s/^txindex=.*/txindex=0/g" /mnt/hdd/${network}/${network}.conf
echo "# deleting tx index ..."
sudo rm -r /mnt/hdd/${network}/indexes/txindex
echo "# restarting bitcoind ..."

4
home.admin/config.scripts/tor.network.sh
View file

@ -71,7 +71,7 @@ deactivateBitcoinOverTor()
[ -f "/home/admin/raspiblitz.info" ] && . /home/admin/raspiblitz.info
[ -f "/mnt/hdd/raspiblitz.conf" ] && . /mnt/hdd/raspiblitz.conf
torActive=$(sudo systemctl is-active tor@default | grep -c "active")
torActive=$(systemctl is-active tor@default | grep -c "^active")
curl --socks5 127.0.0.1:9050 --socks5-hostname 127.0.0.1:9050 -m 5 -s https://check.torproject.org/api/ip | grep -q "\"IsTor\":true" && torFunctional=1
case "$1" in
@ -156,7 +156,7 @@ EOF
sudo chmod -R 700 /mnt/hdd/tor
sudo chown -R debian-tor:debian-tor /mnt/hdd/tor
sudo systemctl restart tor@default
echo "OK - Tor is now $(sudo systemctl is-active tor@default)"
echo "OK - Tor is now $(systemctl is-active tor@default)"
echo "needs reboot to activate new setting"
;;