From 8727207987ca0de74bfaf4a4b8a4b607a9a1ffa2 Mon Sep 17 00:00:00 2001 From: /rootzoll Date: Sun, 5 Feb 2023 23:11:49 +0100 Subject: [PATCH] merigng 1.9RC2 changes (#3657) --- CHANGES.md | 24 +- FAQ.cl.md | 2 +- FAQ.md | 181 ++++++------ README.md | 25 +- alternative.platforms/Proxmox/README.md | 4 +- build_sdcard.sh | 65 +++-- ci/README.md | 43 +-- home.admin/00infoBlitz.sh | 15 +- home.admin/00mainMenu.sh | 9 +- home.admin/00raspiblitz.sh | 7 - home.admin/98repairBlockchain.sh | 4 - home.admin/98repairMenu.sh | 29 +- home.admin/99clMenu.sh | 15 +- home.admin/_commands.sh | 74 ++++- .../sites-available/circuitbreaker_ssl.conf | 21 ++ .../nginx/sites-available/lnproxy_ssl.conf | 27 ++ .../nginx/sites-available/lnproxy_tor.conf | 26 ++ .../sites-available/lnproxy_tor_ssl.conf | 26 ++ home.admin/config.scripts/bitcoin.monitor.sh | 9 +- .../blitz.check-invoice-wrap.py | 54 ++++ home.admin/config.scripts/blitz.copychain.sh | 2 +- home.admin/config.scripts/blitz.debug.sh | 41 ++- home.admin/config.scripts/blitz.passwords.sh | 10 +- .../blitz.subscriptions.ip2tor.py | 82 ++++-- .../config.scripts/blitz.subscriptions.py | 2 +- home.admin/config.scripts/bonus.bos.sh | 22 +- .../config.scripts/bonus.btcpayserver.sh | 266 ++++++++++-------- .../config.scripts/bonus.circuitbreaker.sh | 99 ++++--- home.admin/config.scripts/bonus.electrs.sh | 96 ++++--- home.admin/config.scripts/bonus.go.sh | 105 ++++--- home.admin/config.scripts/bonus.joinmarket.sh | 22 +- home.admin/config.scripts/bonus.lnbits.sh | 32 +-- home.admin/config.scripts/bonus.lndconnect.sh | 4 +- home.admin/config.scripts/bonus.lndg.sh | 11 +- home.admin/config.scripts/bonus.lndmanage.sh | 4 +- home.admin/config.scripts/bonus.lnproxy.sh | 252 +++++++++++++++++ home.admin/config.scripts/bonus.postgresql.sh | 53 ++-- .../config.scripts/bonus.sphinxrelay.sh | 6 +- home.admin/config.scripts/bonus.suez.sh | 18 +- .../config.scripts/bonus.tallycoin-connect.sh | 2 +- home.admin/config.scripts/cl.backup.sh | 2 +- home.admin/config.scripts/cl.hsmtool.sh | 2 +- home.admin/config.scripts/lnd.backup.sh | 2 +- home.admin/config.scripts/lnd.export.sh | 6 +- home.admin/config.scripts/network.reindex.sh | 117 +++----- home.admin/config.scripts/network.txindex.sh | 38 ++- home.admin/config.scripts/tor.network.sh | 4 +- 47 files changed, 1318 insertions(+), 642 deletions(-) create mode 100644 home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf create mode 100644 home.admin/assets/nginx/sites-available/lnproxy_ssl.conf create mode 100644 home.admin/assets/nginx/sites-available/lnproxy_tor.conf create mode 100644 home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf create mode 100644 home.admin/config.scripts/blitz.check-invoice-wrap.py create mode 100644 home.admin/config.scripts/bonus.lnproxy.sh diff --git a/CHANGES.md b/CHANGES.md index 438d3dc6d..694b4e701 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -4,31 +4,37 @@ - New: Automated disk image build for amd64 (VM, laptop, desktop, server) and arm64-rpi (Raspberry Pi) [details](https://github.com/rootzoll/raspiblitz/tree/dev/ci/README.md) - New: Fatpack & Minimal sd card builds [details](SECURITY.md#minimal-sd-card-build) +- New: I2P support for Bitcoin Core (i2pacceptincoming=1) [details](https://github.com/rootzoll/raspiblitz/issues/2413) - New: CLN Watchtower (The Eye of Satoshi) [details](https://github.com/talaia-labs/rust-teos/tree/master/watchtower-plugin) - New: LNDg v1.4.0 [details](https://github.com/cryptosharks131/lndg) - New: Support of X708 UPS HAT [details](https://github.com/rootzoll/raspiblitz/pull/3087) - New: BOS Telegram Bot Support (see OPTIONS on LND Balance of Satoshis menu entry) - New: LightningTipBot v0.5 [details](https://github.com/LightningTipBot/LightningTipBot) +- New: CLI shortcut for ↬lnproxy [details](https://github.com/rootzoll/raspiblitz/pull/3333) - New on WebUI: Jam (JoinMarket Web UI) v0.1.4 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.4) - Update: Bitcoin Core v24.0.1 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.0.1.md) -- Update: LND v0.15.5 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.5-beta +- Update: LND v0.15.5 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.5-beta) - Update: Core Lightning v22.11.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v22.11.1) -- Update: Electrum Server in Rust (electrs) v0.9.10 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0910-nov-3-2022) +- Update: Electrum Server in Rust (electrs) v0.9.11 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0911-jan-5-2023) - Update: Lightning Terminal v0.8.4-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.8.4-alpha) - Update: RTL v0.13.0 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.12.3) - Update: Thunderhub v0.13.16 with balance sharing disabled [details](https://github.com/apotdevin/thunderhub/releases/tag/v0.13.16) -- Update: LNbits 0.9.4 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.2) -- Update: BTCPayServer 1.7.2 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.2) +- Update: LNbits 0.9.6 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.6) +- Update: BTCPayServer 1.7.5 (using postgres for new installs) [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.7.5) - Update: ItchySats 0.7.0 [details](https://github.com/itchysats/itchysats/releases/tag/0.7.0) - Update: Channel Tools (chantools) v0.10.5 [details](https://github.com/guggero/chantools/releases/tag/v0.10.5) -- Update: JoinMarket v0.9.8 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.8) -- Update: JoininBox v0.7.4 [details](https://github.com/openoms/joininbox/releases/tag/v0.7.3) -- Update: Balance of Satoshis 13.6.0 (BOS) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#1360) -- Update: Circuitbreaker v0.3.2 [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md) +- Update: JoinMarket v0.9.9 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.9) +- Update: JoininBox v0.7.6 [details](https://github.com/openoms/joininbox/releases/tag/v0.7.6) +- Update: Balance of Satoshis 13.15.0 (bos) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#13150) +- Update: lndmanage 0.14.2 [details](https://github.com/bitromortac/lndmanage) +- Update: Circuitbreaker with webUI [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md) +- Update: Suez - Channel Visualization for LND & CL [details](https://github.com/prusnak/suez) +- Update: Tallycoin Connect v1.7.5 [details](https://github.com/djbooth007/tallycoin_connect/releases/tag/v1.7.5) - Fixed: SCB/Emergency-Backup to USB drive (now also with CLN emergency.recover file) - Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox) -- Info: IP2Tor unavailable & deactivated in SSH menus [details](https://github.com/rootzoll/raspiblitz/issues/3417#issuecomment-1310303480) +- Info: IP2Tor fix fulmo shop & added new ip2tor.com shop - Info: 32GB sdcard is now enforced (after being recommended since v1.5) +- Info: 'Reindex Blockchain' is not part of 'repair' menu ## What's new in Version 1.8.0c of RaspiBlitz? diff --git a/FAQ.cl.md b/FAQ.cl.md index 148b0d20c..77fa7bd08 100644 --- a/FAQ.cl.md +++ b/FAQ.cl.md @@ -59,7 +59,7 @@ * Yes, all [BOLT specification](https://github.com/lightningnetwork/lightning-rfc) compliant implementations can open channels to each other and route payments. ### Can I run LND and CLN connected to the same node? -* Yes, both can run parallel on a RaspiBlitz and even have channels witch each other. +* Yes, both can run parallel on a RaspiBlitz and even have channels with each other. ### Can I convert an LND node to CLN (or the opposite)? * No, currently there are no tools available to convert between the databases storing the channel states. diff --git a/FAQ.md b/FAQ.md index 0621c658f..b551110b3 100644 --- a/FAQ.md +++ b/FAQ.md @@ -4,74 +4,77 @@ --- Table of Contents --- - - [Upgrade](#upgrade) - - [How to verify the SD card image after download?](#how-to-verify-the-sd-card-image-after-download) - - [What changed on every upgrade?](#what-changed-on-every-upgrade) - - [How do I upgrade my RaspiBlitz?](#how-do-i-upgrade-my-raspiblitz) - - [Why do I need to re-burn my SD card for an update?](#why-do-i-need-to-re-burn-my-sd-card-for-an-update) - - [How can I update LND or bitcoind even before the next RaspiBlitz update?](#how-can-i-update-lnd-or-bitcoind-even-before-the-next-raspiblitz-update) - - [SSH](#ssh) - - [What to do when on SSH I see "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"](#what-to-do-when-on-ssh-i-see-warning-remote-host-identification-has-changed) - - [How do I unplug/shutdown safely without SSH](#how-do-i-unplugshutdown-safely-without-ssh) - - [I cannot connect via SSH to my RaspiBlitz. What do I do?](#i-cannot-connect-via-ssh-to-my-raspiblitz-what-do-i-do) - - [How to SSH over Tor?](#how-to-ssh-over-tor) - - [How to setup port-forwarding with a SSH tunnel?](#how-to-setup-port-forwarding-with-a-ssh-tunnel) - - [How do I setup just a port-forwarding user on my public server?](#how-do-i-setup-just-a-port-forwarding-user-on-my-public-server) - - [Display](#display) - - [Can I flip the screen?](#can-i-flip-the-screen) - - [How to fix my upside down LCD after update?](#how-to-fix-my-upside-down-lcd-after-update) - - [Can I run the RaspiBlitz without a display/LCD?](#can-i-run-the-raspiblitz-without-a-displaylcd) - - [How do I find the IP address when running without a display?](#how-do-i-find-the-ip-address-when-running-without-a-display) - - [Debug](#debug) - - [I have the full blockchain on another storage. How do I copy it to the RaspiBlitz?](#i-have-the-full-blockchain-on-another-storage-how-do-i-copy-it-to-the-raspiblitz) - - [How do I generate a Debug Report?](#how-do-i-generate-a-debug-report) - - [Why is my "final sync" taking so long?](#why-is-my-final-sync-taking-so-long) - - [How do I backup my Lightning Node?](#how-do-i-backup-my-lightning-node) - - [1) Securing your On-Chain- and Channel-Funds during Operation](#and-channel-funds-during-operation) - - [2) Making a complete LND data backup](#2-making-a-complete-lnd-data-backup) - - [How can I recover my coins from a failing RaspiBlitz?](#how-can-i-recover-my-coins-from-a-failing-raspiblitz) - - [1) Recover LND data](#1-recover-lnd-data) - - [2) Recover from Wallet Seed](#2-recover-from-wallet-seed) - - [How do I move funds & channels from RaspiBlitz to LND Lightning Desktop App?](#how-do-i-move-funds--channels-from-raspiblitz-to-lnd-lightning-desktop-app) - - [How do I change the Name/Alias of my lightning node](#how-do-i-change-the-namealias-of-my-lightning-node) - - [How do I change the public port LND/Lightning node is running on?](#how-do-i-change-the-public-port-lndlightning-node-is-running-on) - - [How do I solve a "signature mismatch after caveat verification" error?](#how-do-i-solve-a-signature-mismatch-after-caveat-verification-error) - - [Why is my node not routing?](#why-is-my-node-not-routing) - - [When using Auto-Unlock, how much security do I lose?](#when-using-auto-unlock-how-much-security-do-i-lose) - - [I connected my HDD but it still says 'Connect HDD' on the display?](#i-connected-my-hdd-but-it-still-says-connect-hdd-on-the-display) - - [How do I shrink the QR code for connecting my Shango/Zap/Zeus mobile phone?](#how-do-i-shrink-the-qr-code-for-connecting-my-shangozapzeus-mobile-phone) - - [Why is my bitcoin IP on the display red?](#why-is-my-bitcoin-ip-on-the-display-red) - - [Why is my node address on the display red?](#why-is-my-node-address-on-the-display-red) - - [Why is my node address on the display yellow (not green)?](#why-is-my-node-address-on-the-display-yellow-not-green) - - [How do I fix a displayed Error in my Config?](#how-do-i-fix-a-displayed-error-in-my-config) - - [Can I run the RaspiBlitz as Backend for BTCPayServer?](#can-i-run-the-raspiblitz-as-backend-for-btcpayserver) - - [I don't have a LAN port on my Laptop - how do I connect to my RaspiBlitz?](#how-do-i-connect-to-my-raspiblitz) - - [Is it possible to connect the Blitz over Wifi instead of using a LAN cable?](#is-it-possible-to-connect-the-blitz-over-wifi-instead-of-using-a-lan-cable) - - [Can I directly connect the RaspiBlitz to my laptop?](#can-i-directly-connect-the-raspiblitz-to-my-laptop) - - [How to attach the RaspberryPi to the HDD?](#how-to-attach-the-raspberrypi-to-the-hdd) - - [What other case options do I have?](#what-other-case-options-do-i-have) - - [Are those "Under-Voltage detected" warnings a problem?](#are-those-under-voltage-detected-warnings-a-problem) - - [How do I return to the menu after exiting to the command line](#how-do-i-return-to-the-menu-after-exiting-to-the-command-line) - - [How do I setup fresh/clean/reset and without going into recovery mode?](#how-do-i-setup-freshcleanreset-and-without-going-into-recovery-mode) - - [My blockchain data is corrupted - what can I do?](#what-can-i-do) - - [I have two RaspiBlitz in my network - can they both be public?](#can-they-both-be-public) - - [How can I enforce UASP mode for my SSD controller?](#how-can-i-enforce-uasp-mode-for-my-ssd-controller) - - [I am facing maintenance/emergency mode on boot. How do I fix it?](#i-am-facing-maintenanceemergency-mode-on-boot-how-do-i-fix-it) - - [Extras](#extras) - - [How do I connect a UPS to the RaspiBlitz?](#how-do-i-connect-a-ups-to-the-raspiblitz) - - [Can I run my RaspiBlitz on Solar Energy?](#can-i-run-my-raspiblitz-on-solar-energy) - - [How to use the Let's Encrypt client](#how-to-use-the-lets-encrypt-client) - - [Let's Encrypt - HTTP-01](#http-01) - - [Let's Encrypt - DNS-01](#dns-01) - - [Let's Encrypt - eMail Address](#email-address) - - [Let's Encrypt - Installation details](#installation-details) - - [What is this mnemonic seed word list?](#what-is-this-mnemonic-seed-word-list) - - [How do I set up VNC?](#how-do-i-set-up-vnc) - - [Why use BTRFS on RaspiBlitz?](#why-use-btrfs-on-raspiblitz) - - [Storing your important Data in RAID1 with a USB Thumb Drive](#storing-your-important-data-in-raid1-with-a-usb-thumb-drive) - - [Snapshotting the Blockchain](#snapshotting-the-blockchain) - - [How do I use BTRFS on RaspiBlitz?](#how-do-i-use-btrfs-on-raspiblitz) - - [How to recover a BTRFS partition?](#how-to-recover-a-btrfs-partition) +- [Table of Contents](#table-of-contents) +- [Upgrade](#upgrade) + - [How to verify the SD card image after download?](#how-to-verify-the-sd-card-image-after-download) + - [What changed on every upgrade?](#what-changed-on-every-upgrade) + - [How do I upgrade my RaspiBlitz?](#how-do-i-upgrade-my-raspiblitz) + - [Why do I need to re-burn my SD card for an update?](#why-do-i-need-to-re-burn-my-sd-card-for-an-update) + - [How can I update LND or bitcoind even before the next RaspiBlitz update?](#how-can-i-update-lnd-or-bitcoind-even-before-the-next-raspiblitz-update) +- [SSH](#ssh) + - [What to do when on SSH I see "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"](#what-to-do-when-on-ssh-i-see-warning-remote-host-identification-has-changed) + - [How do I unplug/shutdown safely without SSH](#how-do-i-unplugshutdown-safely-without-ssh) + - [I cannot connect via SSH to my RaspiBlitz. What do I do?](#i-cannot-connect-via-ssh-to-my-raspiblitz-what-do-i-do) + - [How to SSH over Tor?](#how-to-ssh-over-tor) + - [How to setup port-forwarding with a SSH tunnel?](#how-to-setup-port-forwarding-with-a-ssh-tunnel) + - [How do I setup just a port-forwarding user on my public server?](#how-do-i-setup-just-a-port-forwarding-user-on-my-public-server) + - [How to reset the ssh config and keys?](#how-to-reset-the-ssh-config-and-keys) +- [Display](#display) + - [Can I flip the screen?](#can-i-flip-the-screen) + - [How to fix my upside down LCD after update?](#how-to-fix-my-upside-down-lcd-after-update) + - [Can I run the RaspiBlitz without a display/LCD?](#can-i-run-the-raspiblitz-without-a-displaylcd) + - [How do I find the IP address when running without a display?](#how-do-i-find-the-ip-address-when-running-without-a-display) +- [Debug](#debug) + - [I have the full blockchain on another storage. How do I copy it to the RaspiBlitz?](#i-have-the-full-blockchain-on-another-storage-how-do-i-copy-it-to-the-raspiblitz) + - [How do I generate a Debug Report?](#how-do-i-generate-a-debug-report) + - [Why is my "final sync" taking so long?](#why-is-my-final-sync-taking-so-long) + - [How do I backup my Lightning Node?](#how-do-i-backup-my-lightning-node) + - [1) Securing your On-Chain- and Channel-Funds during Operation](#1-securing-your-on-chain--and-channel-funds-during-operation) + - [2) Making a complete LND data backup](#2-making-a-complete-lnd-data-backup) + - [How can I recover my coins from a failing RaspiBlitz?](#how-can-i-recover-my-coins-from-a-failing-raspiblitz) + - [1) Recover LND data](#1-recover-lnd-data) + - [2) Recover from Wallet Seed](#2-recover-from-wallet-seed) + - [How do I move funds \& channels from RaspiBlitz to LND Lightning Desktop App?](#how-do-i-move-funds--channels-from-raspiblitz-to-lnd-lightning-desktop-app) + - [How do I change the Name/Alias of my lightning node](#how-do-i-change-the-namealias-of-my-lightning-node) + - [How do I change the public port LND/Lightning node is running on?](#how-do-i-change-the-public-port-lndlightning-node-is-running-on) + - [How do I solve a "signature mismatch after caveat verification" error?](#how-do-i-solve-a-signature-mismatch-after-caveat-verification-error) + - [Why is my node not routing?](#why-is-my-node-not-routing) + - [When using Auto-Unlock, how much security do I lose?](#when-using-auto-unlock-how-much-security-do-i-lose) + - [I connected my HDD but it still says 'Connect HDD' on the display?](#i-connected-my-hdd-but-it-still-says-connect-hdd-on-the-display) + - [How do I shrink the QR code for connecting my Shango/Zap/Zeus mobile phone?](#how-do-i-shrink-the-qr-code-for-connecting-my-shangozapzeus-mobile-phone) + - [Why is my bitcoin IP on the display red?](#why-is-my-bitcoin-ip-on-the-display-red) + - [Why is my node address on the display red?](#why-is-my-node-address-on-the-display-red) + - [Why is my node address on the display yellow (not green)?](#why-is-my-node-address-on-the-display-yellow-not-green) + - [How can I set a fixed IP?](#how-can-i-set-a-fixed-ip) + - [How do I fix a displayed Error in my Config?](#how-do-i-fix-a-displayed-error-in-my-config) + - [Can I run the RaspiBlitz as Backend for BTCPayServer?](#can-i-run-the-raspiblitz-as-backend-for-btcpayserver) + - [I don't have a LAN port on my Laptop - how do I connect to my RaspiBlitz?](#i-dont-have-a-lan-port-on-my-laptop---how-do-i-connect-to-my-raspiblitz) + - [Is it possible to connect the Blitz over Wifi instead of using a LAN cable?](#is-it-possible-to-connect-the-blitz-over-wifi-instead-of-using-a-lan-cable) + - [Can I directly connect the RaspiBlitz to my laptop?](#can-i-directly-connect-the-raspiblitz-to-my-laptop) + - [How to attach the RaspberryPi to the HDD?](#how-to-attach-the-raspberrypi-to-the-hdd) + - [What other case options do I have?](#what-other-case-options-do-i-have) + - [Are those "Under-Voltage detected" warnings a problem?](#are-those-under-voltage-detected-warnings-a-problem) + - [How do I return to the menu after exiting to the command line](#how-do-i-return-to-the-menu-after-exiting-to-the-command-line) + - [How do I setup fresh/clean/reset and without going into recovery mode?](#how-do-i-setup-freshcleanreset-and-without-going-into-recovery-mode) + - [My blockchain data is corrupted - what can I do?](#my-blockchain-data-is-corrupted---what-can-i-do) + - [I have two RaspiBlitz in my network - can they both be public?](#i-have-two-raspiblitz-in-my-network---can-they-both-be-public) + - [How can I enforce UASP mode for my SSD controller?](#how-can-i-enforce-uasp-mode-for-my-ssd-controller) + - [I am facing maintenance/emergency mode on boot. How do I fix it?](#i-am-facing-maintenanceemergency-mode-on-boot-how-do-i-fix-it) +- [Extras](#extras) + - [How do I connect a UPS to the RaspiBlitz?](#how-do-i-connect-a-ups-to-the-raspiblitz) + - [Can I run my RaspiBlitz on Solar Energy?](#can-i-run-my-raspiblitz-on-solar-energy) + - [How to use the Let's Encrypt client](#how-to-use-the-lets-encrypt-client) + - [Let's Encrypt - HTTP-01](#lets-encrypt---http-01) + - [Let's Encrypt - DNS-01](#lets-encrypt---dns-01) + - [Let's Encrypt - eMail Address](#lets-encrypt---email-address) + - [Let's Encrypt - Installation details](#lets-encrypt---installation-details) + - [What is this mnemonic seed word list?](#what-is-this-mnemonic-seed-word-list) + - [How do I set up VNC?](#how-do-i-set-up-vnc) + - [Why use BTRFS on RaspiBlitz?](#why-use-btrfs-on-raspiblitz) + - [Storing your important Data in RAID1 with a USB Thumb Drive](#storing-your-important-data-in-raid1-with-a-usb-thumb-drive) + - [Snapshotting the Blockchain](#snapshotting-the-blockchain) + - [How do I use BTRFS on RaspiBlitz?](#how-do-i-use-btrfs-on-raspiblitz) + - [How to recover a BTRFS partition?](#how-to-recover-a-btrfs-partition) --- ## Upgrade @@ -255,7 +258,7 @@ useradd -g forwardings -d /home [USERNAME] echo 'command="date" [CONTENT-OF-RASPIBLITZ-ROOT-SSH-PUBKEY]' > /etc/ssh/authorized_keys/[USERNAME] ``` -As a result you should see a "good signature" message with a main fingerprint the same as you can find on the [keybase.io/rootzoll](https://keybase.io/rootzoll) that is ending on `1C73 060C 7C17 6461` the sub fingerprint should end on `A2D7 AA9D D1B5 CC56 47DA`. If that fingerprint is correct, the SD card image you downloaded is a original release RaspiBlitz. +### How to reset the ssh config and keys? - shutdown the RaspiBlitz - if you dont have touchscreen activated, disconnect LAN cable, wait until HDD/SSD activity slows down (no constant blinking) and then cut the power - take out the SD card and connect it to your laptop - it should appear as a `boot` drive @@ -302,6 +305,17 @@ You can also put an empty file just called `hdmi` (without any ending) onto the ## Debug +### How do I generate a Debug Report? + +If your RaspiBlitz is not working correctly and you like to get help from the community, it's good to provide more debug information, so others can better diagnose your problem - please follow the following steps to generate a debug report: + +- SSH into your raspiblitz as admin user with your password A +- If you see the menu - use CTRL+C to get to the terminal +- To generate debug report run: `debug`, optionally create a link with `debug -l` +- Then copy all output beginning with `*** RASPIBLITZ LOGS ***` and share this + +*PLEASE NOTICE: It's possible that these logs can contain private information (like IPs, node IDs, ...) - just share publicly what you feel OK with.* + ### I have the full blockchain on another storage. How do I copy it to the RaspiBlitz? Copying a already synced blockchain from another storage (e.g. your Laptop or external hard drive) can be a quick way to get the RaspiBlitz started or replacing a corrupted blockchain with a fresh one. Also that way you have synced and verified the blockchain yourself, and are not trusting the RaspiBlitz Torrent downloads (Don't trust, verify). @@ -318,16 +332,13 @@ If everything described above is in order, start the setup of the new RaspiBlitz Once you finished all the transfers, the Raspiblitz will make a quick-check on the data - but that will not guarantee that everything in detail was OK with the transfer. Check further FAQ answers if you get stuck or see a final sync with a value below 90%. -### How do I generate a Debug Report? +### Bitcoind tells me to reindex - how can I do this? -If your RaspiBlitz is not working correctly and you like to get help from the community, it's good to provide more debug information, so others can better diagnose your problem - please follow the following steps to generate a debug report: + To find/access information fast in large data sets like the Bitcoin blockhain indexes are needed. Those indexes can get corrupted on your HDD/SSD and to repair them they need to be rebuild - re-indexed. Bitcoind has two different options to do this - a fast way called "reindex-chainstate" (which just rebuilds the UTXO set from the blocks as you have them) and the slow but complete way called just "reindex" that would even recheck all your block data - see for details here: https://bitcoin.stackexchange.com/questions/60709/when-should-i-use-reindex-chainstate-and-when-reindex + + So if you read in your debug logs of bitcoind that you should "reindex" you can try first just to do a fast "reindex-chainstate" and if that didnt worked a slow and full "reindex". -- SSH into your raspiblitz as admin user with your password A -- If you see the menu - use CTRL+C to get to the terminal -- To generate debug report run: `debug`, optionally create a link with `debug -l` -- Then copy all output beginning with `*** RASPIBLITZ LOGS ***` and share this - -*PLEASE NOTICE: It's possible that these logs can contain private information (like IPs, node IDs, ...) - just share publicly what you feel OK with.* +See the raspiblitz script `./config.scripts/network.reindex.sh` or the REAPIR menu to start these processes. ### Why is my "final sync" taking so long? @@ -540,7 +551,7 @@ https://github.com/raspibolt/raspibolt/blob/a21788c0518618d17093e3f447f68a53e4ef ### Can I directly connect the RaspiBlitz to my laptop? -If you have a LAN port on your laptop - or you have a USB-LAN adapter, you can connect the RaspiBlitz directly (without a router/switch) to your laptop and share the WIFI internet connection. You can follow this [guide for OSX](https://medium.com/@tzhenghao/how-to-ssh-into-your-raspberry-pi-with-a-mac-and-ethernet-cable-636a197d055). +If you have a LAN port on your laptop - or you have a USB-LAN adapter, you can connect the RaspiBlitz directly (without a router/switch) to your laptop and share the WIFI internet connection. You can follow this [guide for OSX](https://medium.com/@tzhenghao/how-to-ssh-into-your-raspberry-pi-with-a-mac-and-ethernet-cable-636a197d055) and this [guide for Windows](https://www.tomshardware.com/how-to/share-internet-connection-windows-ethernet-wi-fi). In short for OSX: @@ -552,7 +563,19 @@ In short for OSX: * in terminal > `arp -a` and check for an IP of a client to the bridge * in terminal > ssh admin@[clientIP] -If anyone has experience on doing this in Linux/Win, please share. +In short for Windows: + +* make sure all VPNs are off (can interfere with local LAN) +* connect Raspiblitz with laptop LAN/ethernet directly +* Control Panel > Network and Internet > Network and Sharing Centre +* Click on your active internet connection highlighted in blue +* Properties > Sharing +* Check the box titled "Allow other network users to connect through this computer's Internet connection +* Select LAN/Ethernet from the "Home networking connection:" dropdown menu +* Click OK +* Restart the Raspiblitz + +If anyone has experience on doing this in Linux please share. ### How to attach the RaspberryPi to the HDD? diff --git a/README.md b/README.md index 59346d880..8237b690c 100644 --- a/README.md +++ b/README.md @@ -772,7 +772,7 @@ Using pre-signed bitcoin transactions (PSBT) and [Hardware Wallet Interface](htt At the moment it is very Linux-focused. The same applies to multi-signature setups. -The goal of the Specter Desktop wallet is to make a convenient and user-friendly GUI around Bitcoin Core, focusing on multi-signature setups with air-gapped hardware wallets like Trezor, Ledger, COLDCARD or the Specter-DIY. +The goal of the Specter Desktop wallet is to make a sub and user-friendly GUI around Bitcoin Core, focusing on multi-signature setups with air-gapped hardware wallets like Trezor, Ledger, COLDCARD or the Specter-DIY. ![SPECTER](pictures/specter.jpg) @@ -855,6 +855,11 @@ LNbits is a very simple server that sits on top of your Lightning Wallet. ![LNBITS](pictures/lnbits.png) +It can be used together with IP2Tor to provide: + +- Lightning Paper Vouchers (Plugin: LNURLw) +- Merchant Onboarding (Plugin: TPOS) + [![Video Tutorial](pictures/video-vouchers.png)](https://www.youtube.com/watch?v=0Bt3tHULAnw) You can also develop your own extensions on it. @@ -1009,7 +1014,20 @@ At the moment, the following subscription services are available: ##### IP2TOR (paid) -DEACTIVATED SINCE 1.9 --> see for background: https://github.com/rootzoll/raspiblitz/issues/3417#issuecomment-1310303480 +IP2TOR is a tunnel service where you can run your RaspiBlitz anonymously behind TOR but you rent a port on a clearnet IP through which you can make services of your RaspiBlitz easy reachable for everybody on the internet. +You don't need to care about your local router or firewall settings. +You can pay for this service directly through Lightning from your RaspiBlitz as subscription. + +At first you select what services of your RaspiBlitz you like to tunnel through a IP2TOR bridge. + +You will get a list of available IP2TOR shops & bridge offerings. +Select `OK` on an IP2TOR bridge offering and you will see more details on it, such as how many satoshis the subscription will cost you. +Your node should be funded and have channels open already at this point. + +If you choose `AGREE` on the details of a IP2TOR bridge offering the RaspiBlitz tries for you to setup the IP2TOR bridge. +If everything worked you will find now the subscription under `MAINMENU` > `SUBSCRIBE` > `LIST My Subscriptions` where you can cancel it again. + +To try out the IP2TOR tunnel choose in `MAINMENU` the extra menu point of the Service you choose the bridge for and it should give you now an updated URL or try calling the API on the IP and Port that is displayed under the details of the subscription in the `LIST My Subscriptions` section. ##### HTTPS with LetsEncrypt (free) @@ -1347,7 +1365,8 @@ But if you want to build that image yourself - here is a quick guide: - Get a latest RaspiOS 64-bit (Desktop): [DOWNLOAD](https://downloads.raspberrypi.org/raspios_arm64/images). - Write the image to an SD card: [TUTORIAL](https://www.raspberrypi.org/documentation/installation/installing-images/README.md). - Add a file called `ssh` to the root of the SD card when mounted on your laptop to enable SSH login. -- Add a file called `userconf` next to the empty `ssh` file that contains just the string `pi:$6$p2DNwHsYzR06mVFX$jwZnOo5Jl/6pEMFFowpUBqM7E0Rz8vEtXtupwxuXZA7eqyKxDk8barhYZ24ei/JEP4e8Jr0mOvRThASuUxIAZ0`. +- Newest RasperryOS release did remove the default username therefore you need to create an own user. Add a file called `userconf` next to the empty `ssh` file and add your specified userstring as followed: + Create a hashed password using command on linux `echo 'raspberry' | openssl passwd -6 -stdin` and copy the output allongside the username for example `pi:$6$6c.o/U6OkN3ST65b$7F3TIamnnQCwQT4h00Vp1mcVMdSg3 ams7yeVGfZbclcScEnRnw9tkgI9btalTCHFI84o3Pr3cDbdpbCXYTmF1` into the userconf file. See also https://www.raspberrypi.com/news/raspberry-pi-bullseye-update-april-2022/ - Start the card on a Raspi and login via SSH with `ssh pi@[IP-OF-YOUR-RASPI]`. Password is `raspberry`. Now you are ready to start the SD card build script (check the code to see if the installation and config are OK for you). diff --git a/alternative.platforms/Proxmox/README.md b/alternative.platforms/Proxmox/README.md index fac1c0053..17c1a85af 100644 --- a/alternative.platforms/Proxmox/README.md +++ b/alternative.platforms/Proxmox/README.md @@ -125,10 +125,10 @@ apt upgrade -y apt install sudo ``` -Now we need to download the Build SDCard Script from Rootzoll. The version can be customized as you like. The latest version (as of block time 755125) is the 1.8. +Now we need to download the Build SDCard Script from Rootzoll. The version can be customized as you like. The latest version (as of block time 768745) is the 1.9. ``` -wget https://raw.githubusercontent.com/rootzoll/raspiblitz/v1.8/build_sdcard.sh +wget https://raw.githubusercontent.com/rootzoll/raspiblitz/v1.9/build_sdcard.sh ``` And run: diff --git a/build_sdcard.sh b/build_sdcard.sh index 837a74e57..5e6397e3e 100644 --- a/build_sdcard.sh +++ b/build_sdcard.sh @@ -273,8 +273,18 @@ sleep 3 ## give time to cancel export DEBIAN_FRONTEND=noninteractive -echo "*** Prevent sleep ***" # on all platforms +echo "*** Prevent sleep ***" # on all platforms https://wiki.debian.org/Suspend sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target +sudo mkdir /etc/systemd/sleep.conf.d +echo "[Sleep] +AllowSuspend=no +AllowHibernation=no +AllowSuspendThenHibernate=no +AllowHybridSleep=no" | sudo tee /etc/systemd/sleep.conf.d/nosuspend.conf +sudo mkdir /etc/systemd/logind.conf.d +echo "[Login] +HandleLidSwitch=ignore +HandleLidSwitchDocked=ignore" | sudo tee /etc/systemd/logind.conf.d/nosuspend.conf # FIXING LOCALES # https://github.com/rootzoll/raspiblitz/issues/138 @@ -478,11 +488,11 @@ sudo sed -i "s/^#SystemMaxFileSize=.*/SystemMaxFileSize=50M/g" /etc/systemd/jour echo " /var/log/syslog { - rotate 7 - daily - missingok - notifempty - delaycompress + rotate 7 + daily + missingok + notifempty + delaycompress compress postrotate invoke-rc.d rsyslog rotate > /dev/null @@ -504,23 +514,22 @@ echo " sharedscripts postrotate invoke-rc.d rsyslog rotate > /dev/null - enscript + endscript } - /var/log/kern.log /var/log/auth.log { - rotate 4 - size=100M - missingok - notifempty - compress - delaycompress - sharedscripts - postrotate - invoke-rc.d rsyslog rotate > /dev/null - endscript + rotate 4 + size=100M + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + invoke-rc.d rsyslog rotate > /dev/null + endscript } /var/log/user.log @@ -529,16 +538,16 @@ echo " /var/log/debug /var/log/messages { - rotate 4 - weekly - missingok - notifempty - compress - delaycompress - sharedscripts - postrotate - invoke-rc.d rsyslog rotate > /dev/null - endscript + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + invoke-rc.d rsyslog rotate > /dev/null + endscript } " | sudo tee ./rsyslog sudo mv ./rsyslog /etc/logrotate.d/rsyslog diff --git a/ci/README.md b/ci/README.md index d8d69eee4..638ff4a55 100644 --- a/ci/README.md +++ b/ci/README.md @@ -17,8 +17,8 @@ - [fatpack image](#fatpack-image) - [lean image](#lean-image) - [Add Gnome desktop (optional)](#add-gnome-desktop-optional) -- [Add wifi](#add-wifi) -- [Add wifi driver (optional)](#add-wifi-driver-optional) + - [Add wifi (optional)](#add-wifi-optional) + - [Add wifi driver (optional)](#add-wifi-driver-optional) - [Workflow notes](#workflow-notes) - [Packer .json settings:](#packer-json-settings) - [VNC](#vnc) @@ -56,32 +56,33 @@ with the [Makefile](https://github.com/rootzoll/raspiblitz/blob/dev/Makefile) ### Generate an amd64 image The workflow locally and in github actions generates a .qcow2 format amd64 image. * Tested with - * libvirt / virsh / virt-manager (https://virt-manager.org/) - * written to disk and booted with legacy boot (non-UEFI) + * libvirt / virsh / virt-manager (https://virt-manager.org/) + * written to disk and booted with legacy boot (non-UEFI) ``` make amd64-lean-image ``` * find the compressed .qcow2 image and sh256 hashes in the `ci/amd64/builds` directory ## Images generated in github actions -* Find the images in the green runs in github actions at: -https://github.com/rootzoll/raspiblitz/actions - +* To see the downloadable artifacts will need to log in to GitHub +* Find the latest successful builds for amd64 using the dev branch at: +https://github.com/rootzoll/raspiblitz/actions/workflows/amd64-lean-image.yml?query=workflow%3Aamd64-lean-image-build+branch%3Adev+is%3Asuccess++ ``` # unzip to the same directory unzip raspiblitz-amd64-image-YEAR-MM-DD-COMMITHASH.zip ``` ## Write the image to a disk connected with USB -identify the connected disk with `lsblk` eg `/dev/sdd` +* identify the connected disk with `lsblk` eg `/dev/sdd` -### Convert the qcow2 volume to a raw disk image +### Convert the qcow2 volume to a raw disk image * the raw image is 33.5 GB - ``` - # unzip - gzip -dkv raspiblitz-amd64-debian-11.5-lean.qcow2.gz - # convert - qemu-img convert raspiblitz-amd64-debian-11.5-lean.qcow2 raspiblitz-amd64-debian-11.5-lean.img - ``` + ``` + # unzip + gzip -dkv raspiblitz-amd64-debian-11.5-lean.qcow2.gz + # convert + qemu-img convert raspiblitz-amd64-debian-11.5-lean.qcow2 raspiblitz-amd64-debian-11.5-lean.img + ``` + ### Write to a disk connected with USB with Balena Etcher or `dd` * [Balena Etcher](https://www.balena.io/etcher/) to write the .img to disk * dd to write the .img to disk @@ -134,18 +135,18 @@ identify the connected disk with `lsblk` eg `/dev/sdd` #### Add Gnome desktop (optional) * Connect to the internet (easiest to plug in a LAN cable - use a USB - LAN adapter if have no port) - ``` - apt install gnome - systemctl start gdm - ``` + ``` + apt install gnome + systemctl start gdm + ``` -## Add wifi +### Add wifi (optional) * if the wifi driver is included in the FOSS Debian distro * in the command line run the network manager interface to connect: ``` sudo nmtui ``` -## Add wifi driver (optional) +### Add wifi driver (optional) * as in https://wiki.debian.org/iwlwifi * add the component `non-free` after `deb http://deb.debian.org/debian bullseye main` in `/etc/apt/sources.list` * install the wifi driver for the mentioned cards: diff --git a/home.admin/00infoBlitz.sh b/home.admin/00infoBlitz.sh index c4dc75702..bd525df63 100755 --- a/home.admin/00infoBlitz.sh +++ b/home.admin/00infoBlitz.sh @@ -353,7 +353,7 @@ else appInfoLine="" # Electrum Server - electrs - if [ "${ElectRS}" = "on" ]; then + if [ "${ElectRS}" == "on" ]; then error="" source <(sudo /home/admin/config.scripts/bonus.electrs.sh status-sync 2>/dev/null) if [ ${#infoSync} -gt 0 ]; then @@ -361,15 +361,10 @@ else fi fi - # BTC RPC EXPLORER - if [ "${BTCRPCexplorer}" = "on" ]; then - error="" - source <(sudo /home/admin/config.scripts/bonus.btc-rpc-explorer.sh status 2>/dev/null) - if [ ${#error} -gt 0 ]; then - appInfoLine="ERROR BTC-RPC-Explorer: ${error} (try restart)" - elif [ "${isIndexed}" = "0" ]; then - appInfoLine="BTC-RPC-Explorer: ${indexInfo}" - fi + # Transaction Index + source <(/home/admin/config.scripts/network.txindex.sh status) + if [ "${txindex}" == "1" ] && [ "${isIndexed}" != "1" ]; then + appInfoLine="Transaction Index: ${indexInfo}" fi if [ ${#appInfoLine} -gt 0 ]; then diff --git a/home.admin/00mainMenu.sh b/home.admin/00mainMenu.sh index bb5caae15..11d469f73 100755 --- a/home.admin/00mainMenu.sh +++ b/home.admin/00mainMenu.sh @@ -1,5 +1,5 @@ #!/bin/bash - + echo "Starting the main menu ..." # MAIN MENU AFTER SETUP @@ -158,7 +158,7 @@ if [ "${homer}" == "on" ]; then CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi if [ "${circuitbreaker}" == "on" ]; then - OPTIONS+=(CIRCUIT "Circuitbreaker (LND firewall)") + OPTIONS+=(CIRCUITBREAKER "Circuitbreaker (LND firewall)") fi if [ "${tallycoinConnect}" == "on" ]; then OPTIONS+=(TALLY "Tallycoin Connect") @@ -286,7 +286,7 @@ case $CHOICE in ;; LIGHTNINGTIPBOT) /home/admin/config.scripts/bonus.lightningtipbot.sh menu - ;; + ;; LOOP) /home/admin/config.scripts/bonus.loop.sh menu ;; @@ -329,7 +329,6 @@ case $CHOICE in HELIPAD) sudo /home/admin/config.scripts/bonus.helipad.sh menu ;; - SQUEAKNODE) /home/admin/config.scripts/bonus.squeaknode.sh menu ;; @@ -339,7 +338,7 @@ case $CHOICE in CHANTOOLS) sudo /home/admin/config.scripts/bonus.chantools.sh menu ;; - CIRCUIT) + CIRCUITBREAKER) sudo /home/admin/config.scripts/bonus.circuitbreaker.sh menu ;; TESTNETS) diff --git a/home.admin/00raspiblitz.sh b/home.admin/00raspiblitz.sh index 93017c664..ef28bd465 100755 --- a/home.admin/00raspiblitz.sh +++ b/home.admin/00raspiblitz.sh @@ -48,13 +48,6 @@ if [ "${copyInProgress}" = "1" ]; then exit fi -# special state: reindex was triggered -if [ "${state}" = "reindex" ]; then - echo "Re-Index in progress ... start monitoring:" - /home/admin/config.scripts/network.reindex.sh - exit -fi - # special state: copystation if [ "${state}" = "copystation" ]; then echo "Copy Station is Running ..." diff --git a/home.admin/98repairBlockchain.sh b/home.admin/98repairBlockchain.sh index f02e9cb89..414695b15 100755 --- a/home.admin/98repairBlockchain.sh +++ b/home.admin/98repairBlockchain.sh @@ -29,10 +29,6 @@ elif [ "${CHOICE}" = "RESYNC" ]; then echo "rebooting .. (please wait)" sudo /home/admin/config.scripts/blitz.shutdown.sh reboot -elif [ "${CHOICE}" = "REINDEX" ]; then - echo "Starting REINDEX ..." - sudo /home/admin/config.scripts/network.reindex.sh - elif [ "${CHOICE}" = "BACKUP" ]; then /home/admin/config.scripts/lnd.compact.sh interactive sudo /home/admin/config.scripts/lnd.backup.sh lnd-export-gui diff --git a/home.admin/98repairMenu.sh b/home.admin/98repairMenu.sh index 1a8c78bcb..d22457493 100755 --- a/home.admin/98repairMenu.sh +++ b/home.admin/98repairMenu.sh @@ -65,6 +65,9 @@ RaspiBlitz image to your SD card. " 12 40 } +# get status of txindex +source <(/home/admin/config.scripts/network.txindex.sh status) + OPTIONS=() #OPTIONS+=(HARDWARE "Run Hardwaretest") OPTIONS+=(SOFTWARE "Run Softwaretest (DebugReport)") @@ -76,11 +79,17 @@ if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then fi OPTIONS+=(MIGRATION "Migrate Blitz Data to new Hardware") OPTIONS+=(COPY-SOURCE "Copy Blockchain Source Modus") +if [ "${txindex}" == "1" ]; then + OPTIONS+=(DELETE-INDEX "Reindex Bitcoin Transaction-Index") +elif [ "${indexByteSize}" != "0" ]; then + OPTIONS+=(DELETE-INDEX "Delete Bitcoin Transaction-Index") +fi +OPTIONS+=(REINDEX-UTXO "Redindex Just Bitcoin Chainstate (Fast)") +OPTIONS+=(REINDEX-FULL "Redindex Full Bitcoin Blockchain (Slow)") OPTIONS+=(RESET-CHAIN "Delete Blockchain & Re-Download") OPTIONS+=(RESET-HDD "Delete HDD Data but keep Blockchain") OPTIONS+=(RESET-ALL "Delete HDD completely to start fresh") OPTIONS+=(DELETE-ELEC "Delete Electrum Index") -OPTIONS+=(DELETE-INDEX "Delete Bitcoin Transaction-Index") CHOICE=$(whiptail --clear --title "Repair Options" --menu "" 19 62 12 "${OPTIONS[@]}" 2>&1 >/dev/tty) @@ -89,7 +98,15 @@ case $CHOICE in # HARDWARE) # ;; SOFTWARE) - sudo /home/admin/config.scripts/blitz.debug.sh + echo "Generating debug logs. Be patient, this should take maximum 2 minutes .." + sudo rm /var/cache/raspiblitz/debug.log 2>/dev/null + /home/admin/config.scripts/blitz.debug.sh > /var/cache/raspiblitz/debug.log + echo "Redacting .." + /home/admin/config.scripts/blitz.debug.sh redact /var/cache/raspiblitz/debug.log + sudo chmod 640 /var/cache/raspiblitz/debug.log + sudo chown root:sudo /var/cache/raspiblitz/debug.log + cat /var/cache/raspiblitz/debug.log + echo echo "Press ENTER to return to main menu." read key ;; @@ -148,6 +165,14 @@ case $CHOICE in /home/admin/config.scripts/network.txindex.sh delete exit 0; ;; + REINDEX-UTXO) + /home/admin/config.scripts/network.reindex.sh reindex-chainstate mainnet + exit 0; + ;; + REINDEX-FULL) + /home/admin/config.scripts/network.reindex.sh reindex mainnet + exit 0; + ;; COPY-SOURCE) /home/admin/config.scripts/blitz.copychain.sh source /home/admin/config.scripts/lnd.unlock.sh diff --git a/home.admin/99clMenu.sh b/home.admin/99clMenu.sh index 9a9406391..ccbe06404 100644 --- a/home.admin/99clMenu.sh +++ b/home.admin/99clMenu.sh @@ -35,11 +35,11 @@ fi OPTIONS+=(SEED "Show Wallet Seed Words") if [ "${clWatchtowerClient}" == "on" ] && [ "${CHAIN}" == "mainnet" ]; then OPTIONS+=(WATCHTOWER "Watchtower Client Options") -fi +fi OPTIONS+=(REPAIR-CL "Repair options for Core Lightning") if [ "${lightning}" != "cl" ] && [ "${CHAIN}" == "mainnet" ]; then OPTIONS+=(SWITCHLN "Use Core Lightning as default") -fi +fi CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) HEIGHT=$((CHOICE_HEIGHT+6)) @@ -92,12 +92,9 @@ case $CHOICE in if [ ! -f /home/bitcoin/suez/suez ];then /home/admin/config.scripts/bonus.suez.sh on fi - cd /home/bitcoin/suez || exit 0 - command="sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF}" - echo "# Running the command:" - echo "${command}" + cd /home/bitcoin/suez || exit 1 echo - $command + sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF} echo echo "Press ENTER to return to main menu." read key @@ -111,7 +108,7 @@ case $CHOICE in /home/admin/99clRepairMenu.sh $CHAIN ;; SWITCHLN) - clear + clear echo # setting value in the raspiblitz.conf /home/admin/config.scripts/blitz.conf.sh set lightning "cl" @@ -123,4 +120,4 @@ case $CHOICE in ;; esac -exit 0 \ No newline at end of file +exit 0 diff --git a/home.admin/_commands.sh b/home.admin/_commands.sh index 3808e5799..5c2a67013 100755 --- a/home.admin/_commands.sh +++ b/home.admin/_commands.sh @@ -80,15 +80,18 @@ function blitzhelp() { echo "Extras:" echo " whitepaper download the whitepaper from the blockchain to /home/admin/bitcoin.pdf" echo " notifyme wrapper for blitz.notify.sh that will send a notification using the configured method and settings" + echo " suez visualize channels (for the default ln implementation and chain when installed)" + exho " lnproxy wrap invoices with lnproxy" echo echo "LND:" echo " lncli LND commandline interface (when installed)" echo " balance your satoshi balance" echo " channels your lightning channels" echo " fwdreport show forwarding report" + echo " manage use the lndmanage bonus app" echo echo "CLN:" - echo " lightning-cli Core-Lightning commandline interface (when installed)" + echo " lightning-cli Core Lightning commandline interface (when installed)" } # command: raspiblitz @@ -369,6 +372,21 @@ function jm() { fi } +# command: manage +# switch to lndmanage env +function manage() { + if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "lndmanage=on") -eq 1 ]; then + cd /home/admin/lndmanage + source venv/bin/activate + echo "NOTICE: Needs at least one active channel to run without error." + echo "to exit (venv) enter ---> deactivate" + lndmanage + else + echo "lndmanage not installed - to install run:" + echo "sudo /home/admin/config.scripts/bonus.lndmanage.sh on" + fi +} + # command: ckbunker # switch to the ckbunker user function ckbunker() { @@ -512,15 +530,55 @@ function bm() { # command: lnproxy function lnproxy() { - if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "runBehindTor=on") -eq 1 ]; then - echo - echo "Requesting a wrapped invoice from rdq6tvulanl7aqtupmoboyk2z3suzkdwurejwyjyjf4itr3zhxrm2lad.onion ..." - echo - torify curl http://rdq6tvulanl7aqtupmoboyk2z3suzkdwurejwyjyjf4itr3zhxrm2lad.onion/api/${1} + source /mnt/hdd/raspiblitz.conf + if [ $# -gt 0 ]; then + invoice=$1 else + echo "Paste the invoice to be wrapped and press enter:" + read -r invoice + fi + if systemctl is-active --quiet tor@default; then + if [ -z "${lnproxy_override_tor}" ]; then + lnproxy_override_tor="rdq6tvulanl7aqtupmoboyk2z3suzkdwurejwyjyjf4itr3zhxrm2lad.onion/api" + fi + wrapped=$(torsocks curl -sS http://${lnproxy_override_tor}/${invoice}) echo - echo "Requesting a wrapped invoice from https://lnproxy.org ..." + echo "Requesting a wrapped invoice from ${lnproxy_override_tor}" + else + if [ -z "${lnproxy_override_clearnet}" ]; then + lnproxy_override_clearnet="lnproxy.org/api" + fi + wrapped=$(curl -sS https://${lnproxy_override_clearnet}/${invoice}) echo - curl https://lnproxy.org/api/${1} + echo "Requesting a wrapped invoice from ${lnproxy_override_clearnet}" + fi + echo + /home/admin/config.scripts/blitz.check-invoice-wrap.py "$1" "$wrapped" + echo + echo $wrapped +} + +# command: suez +function suez() { + source /mnt/hdd/raspiblitz.conf + if [ ${lightning} = 'cl' ] || [ ${lightning} = 'lnd' ]; then + if [ ! -f /home/bitcoin/suez/suez ];then + /home/admin/config.scripts/bonus.suez.sh on + fi + source <(/home/admin/config.scripts/network.aliases.sh getvars ${lightning} ${chain}net) + cd /home/bitcoin/suez || exit 1 + clear + echo "# Showing the channels of ${lightning} ${chain}net - consider reducing the font size (press CTRL- or CMD-)" + if [ ${lightning} = cl ]; then + sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \ + --client=c-lightning --client-args=--conf=${CLCONF} + elif [ ${lightning} = lnd ]; then + sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \ + --client-args=-n=${CHAIN} \ + --client-args=--rpcserver=localhost:1${L2rpcportmod}009 + fi + cd + else + echo "# Lightning is ${lightning}" fi } diff --git a/home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf b/home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf new file mode 100644 index 000000000..d2d958191 --- /dev/null +++ b/home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf @@ -0,0 +1,21 @@ +## circuitbreaker_ssl.conf + +server { + listen 9236 ssl http2; + listen [::]:9236 ssl http2; + server_name _; + + include /etc/nginx/snippets/ssl-params.conf; + include /etc/nginx/snippets/ssl-certificate-app-data.conf; + + include /etc/nginx/snippets/gzip-params.conf; + + access_log /var/log/nginx/access_circuitbreaker.log; + error_log /var/log/nginx/error_circuitbreaker.log; + + location / { + proxy_pass http://127.0.0.1:9235; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } +} diff --git a/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf b/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf new file mode 100644 index 000000000..ab7d7009c --- /dev/null +++ b/home.admin/assets/nginx/sites-available/lnproxy_ssl.conf @@ -0,0 +1,27 @@ +## lnproxy_ssl.conf + +server { + listen 4749 ssl http2; + listen [::]:4749 ssl http2; + server_name _; + + include /etc/nginx/snippets/ssl-params.conf; + include /etc/nginx/snippets/ssl-certificate-app-data.conf; + + include /etc/nginx/snippets/gzip-params.conf; + + access_log /var/log/nginx/access_lnproxy.log; + error_log /var/log/nginx/error_lnproxy.log; + + location /api/ { + proxy_pass http://127.0.0.1:4747; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } + + location / { + proxy_pass http://127.0.0.1:4748; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } +} diff --git a/home.admin/assets/nginx/sites-available/lnproxy_tor.conf b/home.admin/assets/nginx/sites-available/lnproxy_tor.conf new file mode 100644 index 000000000..9bfd1113c --- /dev/null +++ b/home.admin/assets/nginx/sites-available/lnproxy_tor.conf @@ -0,0 +1,26 @@ +## lnproxy_tor.conf + +server { + listen 4750; + server_name _; + + include /etc/nginx/snippets/ssl-params.conf; + include /etc/nginx/snippets/ssl-certificate-app-data.conf; + + include /etc/nginx/snippets/gzip-params.conf; + + access_log /var/log/nginx/access_lnproxy.log; + error_log /var/log/nginx/error_lnproxy.log; + + location /api/ { + proxy_pass http://127.0.0.1:4747; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } + + location / { + proxy_pass http://127.0.0.1:4748; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } +} diff --git a/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf b/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf new file mode 100644 index 000000000..65b998244 --- /dev/null +++ b/home.admin/assets/nginx/sites-available/lnproxy_tor_ssl.conf @@ -0,0 +1,26 @@ +## lnproxy_tor_ssl.conf + +server { + listen 4751 ssl http2; + server_name _; + + include /etc/nginx/snippets/ssl-params.conf; + include /etc/nginx/snippets/ssl-certificate-app-data.conf; + + include /etc/nginx/snippets/gzip-params.conf; + + access_log /var/log/nginx/access_lnproxy.log; + error_log /var/log/nginx/error_lnproxy.log; + + location /api/ { + proxy_pass http://127.0.0.1:4747; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } + + location / { + proxy_pass http://127.0.0.1:4748; + + include /etc/nginx/snippets/ssl-proxy-params.conf; + } +} diff --git a/home.admin/config.scripts/bitcoin.monitor.sh b/home.admin/config.scripts/bitcoin.monitor.sh index f863e8bfe..38cc933a4 100755 --- a/home.admin/config.scripts/bitcoin.monitor.sh +++ b/home.admin/config.scripts/bitcoin.monitor.sh @@ -156,12 +156,15 @@ if [ "$2" = "info" ]; then btc_blocks_behind=$((${btc_blocks_headers} - ${btc_blocks_verified})) btc_sync_initialblockdownload=$(echo "${blockchaininfo}" | jq -r '.initialblockdownload' | grep -c 'true') btc_sync_progress=$(echo "${blockchaininfo}" | jq -r '.verificationprogress') - btc_sync_percentage=$(echo ${btc_sync_progress} | awk '{printf( "%.2f%%", 100 * $1)}') - if [ "${btc_blocks_headers}" != "" ] && [ "${btc_blocks_headers}" == "${btc_blocks_verified}" ]; then + if (( $(awk 'BEGIN { print( '${btc_sync_progress}'<0.99995 ) }') )); then + # #3620 prevent displaying 100.00%, although incorrect because of rounding + btc_sync_percentage=$(awk 'BEGIN { printf( "%.2f%%", 100 * '${btc_sync_progress}') }') + elif [ "${btc_blocks_headers}" != "" ] && [ "${btc_blocks_headers}" == "${btc_blocks_verified}" ]; then btc_sync_percentage="100.00" + else + btc_sync_percentage="99.99" fi - # determine if synced (tolerate falling 1 block behind) # and be sure that initial blockdownload is done btc_synced=0 diff --git a/home.admin/config.scripts/blitz.check-invoice-wrap.py b/home.admin/config.scripts/blitz.check-invoice-wrap.py new file mode 100644 index 000000000..32a1aab04 --- /dev/null +++ b/home.admin/config.scripts/blitz.check-invoice-wrap.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python3 +# adapted from: https://github.com/lnproxy/lnproxy-cli/blob/fe18d16e42b58f635b94c7da59a34d5e092e4d56/check-wrap.py +# Parses payment hashes and amounts in bolt11 invoices to check lnproxy +# Can skip most bolt11 checks since both the user's wallet and lnproxy will do that + +from decimal import Decimal + +CHARSET = "qpzry9x8gf2tvdw0s3jn54khce6mua7l" +units = { + 'p': 10**12, + 'n': 10**9, + 'u': 10**6, + 'm': 10**3, +} + +def parse(invoice): + invoice = invoice.lower() + pos = invoice.rfind('1') + amount = invoice[4:pos] + if amount == '': + amount = Decimal(0) + else: + amount = Decimal(amount[:-1]) / units[amount[-1]] + data = invoice[pos+1+7:] + i = 0 + while i < len(data): + if data[i] == 'p' and data[i+1:i+1+2] == 'p5': + payment_hash = data[i+1+2:i+1+2+52] + break + else: + i += 3 + CHARSET.find(data[i+1]) * 32 + CHARSET.find(data[i+1+1]) + return (amount, payment_hash) + +from sys import stderr, argv +try: + if len(argv) != 3: + raise Exception("Incorrect number of arguments") + + amt1, hash1 = parse(argv[1]) + amt2, hash2 = parse(argv[2]) + + if hash1 != hash2: + print(f"Payment hashes do not match!", file=stderr) + exit(3) + + if amt1 != Decimal(0): + print(f"Hashes match, routing fee is {(amt2-amt1)*10**8:0,.0f} sat ({(amt2-amt1)/amt1*100:0.2f}%)") + else: + print(f"Hashes match") + +except Exception as err: + print('Error:', err) + print(f"usage: {argv[0]} ", file=stderr) + exit(2) diff --git a/home.admin/config.scripts/blitz.copychain.sh b/home.admin/config.scripts/blitz.copychain.sh index 8233c07e9..1b732aac7 100644 --- a/home.admin/config.scripts/blitz.copychain.sh +++ b/home.admin/config.scripts/blitz.copychain.sh @@ -141,7 +141,7 @@ if [ "$1" = "target" ]; then echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." echo "" echo "COPY, PASTE & EXECUTE the following command on your Windows computer terminal:" - echo "sftp -r ./chainstate ./blocks bitcoin@${internet_localip}:/mnt/hdd/bitcoin" + echo "scp -r ./chainstate ./blocks bitcoin@${internet_localip}:/mnt/hdd/bitcoin" echo "" echo "If asked for a password use PASSWORD A (or 'raspiblitz')." fi diff --git a/home.admin/config.scripts/blitz.debug.sh b/home.admin/config.scripts/blitz.debug.sh index eea4fc3be..d02c39cd0 100755 --- a/home.admin/config.scripts/blitz.debug.sh +++ b/home.admin/config.scripts/blitz.debug.sh @@ -148,8 +148,8 @@ if [ "${testnet}" == "on" ] || [ "${testnet}" == "1" ]; then sudo journalctl -u t${network}d -b --no-pager -n8 echo echo "*** LAST BLOCKCHAIN (TESTNET) 20 INFO LOGS ***" - echo "sudo tail -n 20 /mnt/hdd/${network}/tdebug.log" - sudo tail -n 20 /mnt/hdd/${network}/tdebug.log + echo "sudo tail -n 20 /mnt/hdd/${network}/testnet3/debug.log" + sudo tail -n 20 /mnt/hdd/${network}/testnet3/debug.log echo else echo "- OFF by config -" @@ -192,8 +192,8 @@ if [ "${signet}" == "on" ] || [ "${signet}" == "1" ]; then sudo journalctl -u s${network}d -b --no-pager -n8 echo echo "*** LAST BLOCKCHAIN (SIGNET) 20 INFO LOGS ***" - echo "sudo tail -n 20 /mnt/hdd/${network}/sdebug.log" - sudo tail -n 20 /mnt/hdd/${network}/sdebug.log + echo "sudo tail -n 20 /mnt/hdd/${network}/signet/debug.log" + sudo tail -n 20 /mnt/hdd/${network}/signet/debug.log echo else echo "- OFF by config -" @@ -313,6 +313,39 @@ else echo "- LIT is OFF by config" fi +if [ "${lndg}" == "on" ]; then + echo + echo "*** LNDg Status ***" + sudo /home/admin/config.scripts/bonus.lndg.sh status + echo + echo "*** LNDg JOBS SYSTEMD STATUS ***" + sudo systemctl status jobs-lndg.service -n2 --no-pager + echo "sudo tail -n 5 /var/log/lnd_jobs_error.log" + sudo tail -n 5 /var/log/lnd_jobs_error.log + echo + echo "*** LNDg REBALANCER SYSTEMD STATUS ***" + sudo systemctl status rebalancer-lndg.service -n2 --no-pager + echo "sudo tail -n 5 /var/log/lnd_rebalancer_error.log" + sudo tail -n 5 /var/log/lnd_rebalancer_error.log + echo + echo "*** LNDg HTLC-STREAM SYSTEMD STATUS ***" + sudo systemctl status htlc-stream-lndg.service -n2 --no-pager + echo "sudo tail -n 5 /var/log/lnd_htlc_stream_error.log" + sudo tail -n 5 /var/log/lnd_htlc_stream_error.log + echo + echo "*** LNDg GUNICORN SERVER SYSTEMD STATUS ***" + sudo systemctl status gunicorn.service -n2 --no-pager + echo "sudo tail -n 5 /var/log/gunicorn_error.log" + sudo tail -n 5 /var/log/gunicorn_error.log 2>/dev/null + echo + echo "*** LAST 10 LNDg LOGS ***" + echo "sudo journalctl -u lndg -b --no-pager -n10" + sudo journalctl -u lndg -b --no-pager -n20 + echo +else + echo "- LNDg is OFF by config" +fi + if [ "${BTCPayServer}" == "on" ]; then echo echo "*** LAST 20 BTCPayServer LOGS ***" diff --git a/home.admin/config.scripts/blitz.passwords.sh b/home.admin/config.scripts/blitz.passwords.sh index d8dabe2f7..96b5b65e6 100755 --- a/home.admin/config.scripts/blitz.passwords.sh +++ b/home.admin/config.scripts/blitz.passwords.sh @@ -391,7 +391,15 @@ elif [ "${abcd}" = "b" ]; then # LNDg if [ "${lndg}" == "on" ]; then echo "# changing the password for lndg" - sudo -u lndg /home/lndg/lndg/.venv/bin/python initialize.py -pw ${newPassword} + sudo -u lndg /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/initialize.py -pw ${newPassword} + fi + + # mempool Explorer + if [ "${mempoolExplorer}" == "on" ]; then + echo "# changing the password for mempool Explorer" + sudo jq ".CORE_RPC.PASSWORD=\"${newPassword}\"" /home/mempool/mempool/backend/mempool-config.json > /var/cache/raspiblitz/mempool-config.json + sudo mv /var/cache/raspiblitz/mempool-config.json /home/mempool/mempool/backend/mempool-config.json + sudo chown mempool:mempool /home/mempool/mempool/backend/mempool-config.json fi echo "# OK -> RPC Password B changed" diff --git a/home.admin/config.scripts/blitz.subscriptions.ip2tor.py b/home.admin/config.scripts/blitz.subscriptions.ip2tor.py index c58c93d46..673d329fa 100755 --- a/home.admin/config.scripts/blitz.subscriptions.ip2tor.py +++ b/home.admin/config.scripts/blitz.subscriptions.ip2tor.py @@ -595,37 +595,68 @@ def menuMakeSubscription(blitzServiceName, torAddress, torPort): torTarget = "{0}:{1}".format(torAddress, torPort) ############################ - # PHASE 1: Enter Shop URL - - # see if user had before entered another shop of preference - shopurl = DEFAULT_SHOPURL - try: - subscriptions = toml.load(SUBSCRIPTIONS_FILE) - shopurl = subscriptions['shop_ip2tor'] - print("# using last shop url set in subscriptions.toml") - except Exception as e: - print("# using default shop url") - - # remove https:// from shop url (to keep it short) - if shopurl.find("://") > 0: - shopurl = shopurl[shopurl.find("://") + 3:] + # PHASE 1: Choose Shop URL + shopurl = "" while True: - # input shop url + # see if user had before entered another shop of preference + lastusedShop = "" + try: + subscriptions = toml.load(SUBSCRIPTIONS_FILE) + lastusedShop = subscriptions['shop_ip2tor'] + print("# using last shop url set in subscriptions.toml") + except Exception as e: + print("# using default shop url") + + # set choices of shops + choices = [] + + # remove https:// from shop url (to keep it short) + if lastusedShop.find("://") > 0: lastusedShop = lastusedShop[lastusedShop.find("://") + 3:] + + # IP2TOR.COM Shop + choice_url_ip2torcom="ip2tor.com" + choices.append(("A", "ip2tor.com Shop")) + if lastusedShop == choice_url_ip2torcom: lastusedShop="" + + # FULMO Shop + choice_url_fulmo="fulmo7x6yvgz6zs2b2ptduvzwevxmizhq23klkenslt5drxx2physlqd.onion" + choices.append(("B", "Fulmo Shop")) + if lastusedShop == choice_url_fulmo: lastusedShop="" + + # add before option if different from static options + if len(lastusedShop) > 0: choices.append(("Y", lastusedShop)) + + # enter own shop address option + choices.append(("X", "Enter a new Shop URL")) + + # select dialog d = Dialog(dialog="dialog", autowidgetsize=True) - d.set_background_title("Select IP2TOR Bridge Shop (communication secured thru TOR)") - code, text = d.inputbox( - "Enter Address of the IP2TOR Shop (OR JUST PRESS OK):", - height=10, width=72, init=shopurl, - title="Shop Address") + d.set_background_title("IP2TOR - Select Shop") + code, selected = d.menu( + "\nChoose your IP2Tor provider/shop:", + choices=choices, width=75, height=10, title="Select IP2Tor Shop") # if user canceled if code != d.OK: sys.exit(0) - # get host list from shop - shopurl = text + if selected == "A" : shopurl=choice_url_ip2torcom + if selected == "B" : shopurl=choice_url_fulmo + if selected == "Y" : shopurl=lastusedShop + + # input shop url + if selected == "X": + d = Dialog(dialog="dialog", autowidgetsize=True) + d.set_background_title("IP2TOR - Add new Shop") + code, shopurl = d.inputbox( + "Enter Address of the IP2TOR Shop (OR JUST PRESS OK):", + height=10, width=72, init=shopurl, + title="Shop Address") + if shopurl.find("://") > 0: shopurl = shopurl[shopurl.find("://") + 3:] + + # try & get host list from shop os.system('clear') try: hosts = shopList(shopurl) @@ -686,6 +717,9 @@ Try again later, enter another address or cancel. if len(host['terms_of_service']) == 0: host['terms_of_service'] = "-" if len(host['terms_of_service_url']) == 0: host['terms_of_service_url'] = "-" + description=host['terms_of_service'] + if "description" in host: description = "{0} / {1}".format(host['description'], host['terms_of_service']) + # show details of selected d = Dialog(dialog="dialog", autowidgetsize=True) d.set_background_title("IP2TOR Bridge Offer Details: {0}".format(shopurl)) @@ -704,7 +738,7 @@ the "SUBSCRIPTONS" menu on your RaspiBlitz. There will be no refunds for not used hours. There is no guarantee for quality of service. -The service has the following additional terms: +The service has the following additional description & terms: {5} More information on the service you can find under: @@ -715,7 +749,7 @@ More information on the service you can find under: host['tor_bridge_price_extension_sats'], host['ip'], torTarget, - host['terms_of_service'], + description, host['terms_of_service_url'], blitzServiceName ) diff --git a/home.admin/config.scripts/blitz.subscriptions.py b/home.admin/config.scripts/blitz.subscriptions.py index c184776a0..eae24c06a 100755 --- a/home.admin/config.scripts/blitz.subscriptions.py +++ b/home.admin/config.scripts/blitz.subscriptions.py @@ -225,7 +225,7 @@ def main(): choices = list() choices.append(("LIST", "My Subscriptions")) - #choices.append(("NEW1", "+ IP2TOR Bridge (paid)")) + choices.append(("NEW1", "+ IP2TOR Bridge (paid)")) choices.append(("NEW2", "+ LetsEncrypt HTTPS Domain (free)")) d = Dialog(dialog="dialog", autowidgetsize=True) diff --git a/home.admin/config.scripts/bonus.bos.sh b/home.admin/config.scripts/bonus.bos.sh index 839dca63f..9c7263e68 100755 --- a/home.admin/config.scripts/bonus.bos.sh +++ b/home.admin/config.scripts/bonus.bos.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/alexbosworth/balanceofsatoshis/blob/master/package.json#L81 -BOSVERSION="13.6.0" +BOSVERSION="13.15.0" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -75,14 +75,14 @@ https://github.com/alexbosworth/balanceofsatoshis/blob/master/README.md Start BoS telegram setup now?" 14 72 if [ "$?" != "1" ]; then exit 0 - fi + fi sudo bash /home/admin/config.scripts/bonus.bos.sh telegram setup echo echo "OK Balance of Satoshis telegram setup done." echo "PRESS ENTER to continue" read key exit 0 - ;; + ;; TELEGRAM-SERVICE) clear connectMsg=" @@ -95,7 +95,7 @@ Please enter the CONNECT CODE from your telegram bot connectCode=$(echo "${connectCode}" | cut -d " " -f1) else exit 0 - fi + fi /home/admin/config.scripts/bonus.bos.sh telegram on ${connectCode} echo echo "OK BoS telegram service active." @@ -185,14 +185,14 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sleep 3 exit 1 fi - + echo "*** INSTALL BALANCE OF SATOSHIS ***" # check and install NodeJS /home/admin/config.scripts/bonus.nodejs.sh on - + # create bos user sudo adduser --disabled-password --gecos "" bos - + echo "# Create data folder on the disk" # move old data if present sudo mv /home/bos/.bos /mnt/hdd/app-data/ 2>/dev/null @@ -207,19 +207,19 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo -u bos mkdir /home/bos/.npm-global sudo -u bos npm config set prefix '/home/bos/.npm-global' sudo bash -c "echo 'PATH=$PATH:/home/bos/.npm-global/bin' >> /home/bos/.bashrc" - + # download source code sudo -u bos git clone https://github.com/alexbosworth/balanceofsatoshis.git /home/bos/balanceofsatoshis cd /home/bos/balanceofsatoshis - + # make sure symlink to central app-data directory exists ***" sudo rm -rf /home/bos/.lnd # not a symlink.. delete it silently # create symlink sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/bos/.lnd" - + # add user to group with admin access to lnd sudo /usr/sbin/usermod --append --groups lndadmin bos - + # install bos # check latest version: # https://github.com/alexbosworth/balanceofsatoshis/blob/master/package.json#L70 diff --git a/home.admin/config.scripts/bonus.btcpayserver.sh b/home.admin/config.scripts/bonus.btcpayserver.sh index 42f180c33..b627c516c 100644 --- a/home.admin/config.scripts/bonus.btcpayserver.sh +++ b/home.admin/config.scripts/bonus.btcpayserver.sh @@ -3,9 +3,9 @@ # Based on: https://gist.github.com/normandmickey/3f10fc077d15345fb469034e3697d0d0 # https://github.com/dgarage/NBXplorer/tags -NBXplorerVersion="v2.3.49" +NBXplorerVersion="v2.3.58" # https://github.com/btcpayserver/btcpayserver/releases -BTCPayVersion="v1.7.2" +BTCPayVersion="v1.7.5" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -25,27 +25,19 @@ source /mnt/hdd/raspiblitz.conf source /home/admin/raspiblitz.info source <(/home/admin/_cache.sh get state) -function postgresConfig() { - - echo "# Generate the database" - sudo -u postgres psql -c "create database nbxplorermainnet;" - sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';" - # change to ${newPassword} or use Passfile= - # sudo -u postgres psql -c "alter user btcpay with encrypted password '${newPassword}';" - # sudo -u btcpay sed -i "s/Password=*/Password='${newPassword}';/g" /home/btcpay/.nbxplorer/Main/settings.config - # sudo -u btcpay sed -i "s/Password=*/Password='${newPassword}';/g" /home/btcpay/.btcpayserver/Main/settings.config - sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;" +function NBXplorerConfig() { + # check the postgres database + if sudo -u postgres psql -c '\l' | grep nbxplorermainnet; then + echo "# nbxplorermainnet database already exists" + else + echo "# Generate the database for nbxplorer" + sudo -u postgres psql -c "create database nbxplorermainnet;" + sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';" + sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;" + fi echo "# List databases with: sudo -u postgres psql -c '\l'" sudo -u postgres psql -c '\l' - ## clean postgresql: - # sudo su - postgres -c "/usr/lib/postgresql/${PGVERSION}/bin/pg_ctl stop --wait --pgdata=/var/lib/postgresql/${PGVERSION}/main" - # sudo pg_dropcluster ${PGVERSION} main - # sudo apt remove postgresql -y --purge - # sudo apt remove postgresql-${PGVERSION} -y --purge -} - -function NBXplorerConfig() { # https://docs.btcpayserver.org/Deployment/ManualDeploymentExtended/#4-create-a-configuration-file echo echo "# Getting RPC credentials from the bitcoin.conf" @@ -66,7 +58,24 @@ nomigrateevts=1 function BtcPayConfig() { # set thumbprint FINGERPRINT=$(openssl x509 -noout -fingerprint -sha256 -inform pem -in /home/btcpay/.lnd/tls.cert | cut -d"=" -f2) - echo "# setting the LND TLS thumbprint for BTCPay" + if sudo ls /mnt/hdd/app-data/.btcpayserver/Main/sqllite.db 1>/dev/null 2>&1; then + echo "# sqlite database exists" + databaseOption="# keep using sqlite as /mnt/hdd/app-data/.btcpayserver/Main/sqllite.db exists (configured in the btcpayserver.service)" + else + echo "# sqlite database does not exist, using postgresql" + databaseOption="postgres=User ID=btcpay;Host=localhost;Port=5432;Application Name=btcpay;MaxPoolSize=20;Database=btcpaymainnet;Password='raspiblitz';" + if sudo -u postgres psql -c '\l' | grep btcpaymainnet; then + echo "# btcpaymainnet database already exists" + else + echo "# Generate the database for btcpay" + sudo -u postgres psql -c "create database btcpaymainnet;" + sudo -u postgres psql -c "create user btcpay with encrypted password 'raspiblitz';" + sudo -u postgres psql -c "grant all privileges on database btcpaymainnet to btcpay;" + fi + echo "# List databases with: sudo -u postgres psql -c '\l'" + sudo -u postgres psql -c '\l' + fi + echo "# Regenerate the btcpayserver settings (includes the LND TLS thumbprint)" # https://docs.btcpayserver.org/Deployment/ManualDeploymentExtended/#3-create-a-configuration-file echo " ### Global settings ### @@ -82,24 +91,60 @@ BTC.explorer.url=http://127.0.0.1:24444/ BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/home/btcpay/admin.macaroon;certthumbprint=$FINGERPRINT ### Database ### -# keep sqlite for now as configured in the btcpayserver.service -# postgres=User ID=btcpay;Password=urpassword;Application Name=btcpayserver;Host=localhost;Port=5432;Database=btcpay; +${databaseOption} explorer.postgres=User ID=nbxplorer;Host=localhost;Port=5432;Application Name=nbxplorer;MaxPoolSize=20;Database=nbxplorermainnet;Password='raspiblitz'; " | sudo -u btcpay tee /home/btcpay/.btcpayserver/Main/settings.config - #doesNetworkEntryAlreadyExists=$(sudo cat /home/btcpay/.btcpayserver/Main/settings.config | grep -c '^network=') - #echo "# setting new LND TLS thumbprint for BTCPay" - #s="BTC.lightning=type=lnd-rest\;server=https\://127.0.0.1:8080/\;macaroonfilepath=/home/btcpay/admin.macaroon\;" - #sudo -u btcpay sed -i "s|^${s}certthumbprint=.*|${s}certthumbprint=$FINGERPRINT|g" /home/btcpay/.btcpayserver/Main/settings.config +} + +function BtcPayService() { + if sudo ls /mnt/hdd/app-data/.btcpayserver/Main/sqllite.db 1>/dev/null 2>&1; then + echo "# sqlite database exists" + databaseOption=" -- --sqlitefile=sqllite.db" + else + echo "# sqlite database does not exist, using postgresql" + databaseOption="" + fi + # see the configuration options with: + # sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release --project "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- -h + # run manually to debug: + # sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release --project "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- --sqlitefile=sqllite.db + echo "# create the btcpayserver.service" + echo " +[Unit] +Description=BtcPayServer daemon +Requires=nbxplorer.service +After=nbxplorer.service + +[Service] +ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \ + -c Release --project \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" ${databaseOption} +User=btcpay +Group=btcpay +Type=simple +PIDFile=/run/btcpayserver/btcpayserver.pid +Restart=always +RestartSec=10 + +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + +[Install] +WantedBy=multi-user.target +" | sudo tee /etc/systemd/system/btcpayserver.service + sudo systemctl daemon-reload } if [ "$1" = "status" ]; then echo "version='${BTCPayVersion}'" - isInstalled=$(compgen -u | grep -c btcpay) - echo "prepared=${isInstalled}" - isActive=$(sudo ls /etc/systemd/system/btcpayserver.service 2>/dev/null | grep -c 'btcpayserver.service') - echo "installed=${isActive}" + isInstalled=$(compgen -u | grep -c btcpay) + echo "prepared=${isInstalled}" + isActive=$(sudo ls /etc/systemd/system/btcpayserver.service 2>/dev/null | grep -c 'btcpayserver.service') + echo "installed=${isActive}" if [ "${BTCPayServer}" = "on" ]; then echo "switchedon=1" @@ -168,31 +213,31 @@ if [ "$1" = "menu" ]; then source <(sudo /home/admin/config.scripts/bonus.btcpayserver.sh status) if [ ${switchedon} -eq 0 ]; then - whiptail --title " BTCPay Server " --msgbox "BTCPay Server is not activated." 7 36 - exit 0 + whiptail --title " BTCPay Server " --msgbox "BTCPay Server is not activated." 7 36 + exit 0 fi if [ ${installed} -eq 0 ]; then - whiptail --title " BTCPay Server " --msgbox "BTCPay Server needs to be re-installed.\nPress OK to start process." 8 45 - /home/admin/config.scripts/bonus.btcpayserver.sh on - exit 0 + whiptail --title " BTCPay Server " --msgbox "BTCPay Server needs to be re-installed.\nPress OK to start process." 8 45 + /home/admin/config.scripts/bonus.btcpayserver.sh on + exit 0 fi # display possible problems with IP2TOR setup if [ ${#ip2torWarn} -gt 0 ]; then whiptail --title " Warning " \ - --yes-button "Back" \ - --no-button "Continue Anyway" \ - --yesno "Your IP2TOR+LetsEncrypt may have problems:\n${ip2torWarn}\n\nCheck if locally responding: https://${localIP}:${httpsPort}\n\nCheck if service is reachable over Tor:\n${toraddress}" 14 72 + --yes-button "Back" \ + --no-button "Continue Anyway" \ + --yesno "Your IP2TOR+LetsEncrypt may have problems:\n${ip2torWarn}\n\nCheck if locally responding: https://${localIP}:${httpsPort}\n\nCheck if service is reachable over Tor:\n${toraddress}" 14 72 if [ "$?" != "1" ]; then exit 0 - fi + fi fi text="Local Web Browser: https://${localIP}:${httpsPort}" if [ ${#publicDomain} -gt 0 ]; then - text="${text} + text="${text} Public Domain: https://${publicDomain}:${httpsPort} port forwarding on router needs to be active & may change port" fi @@ -216,13 +261,13 @@ SHA1 ${sslFingerprintTOR}" IP2TOR: https://${ip2torIP}:${ip2torPort} SHA1 ${sslFingerprintTOR} go MAINMENU > SUBSCRIBE and add LetsEncrypt HTTPS Domain" -# elif [ ${#publicDomain} -eq 0 ]; then -# text="${text}\n -#To enable easy reachability with normal browser from the outside -#consider adding a IP2TOR Bridge: MAINMENU > SUBSCRIBE > IP2TOR" + elif [ ${#publicDomain} -eq 0 ]; then + text="${text}\n +To enable easy reachability with normal browser from the outside +consider adding a IP2TOR Bridge: MAINMENU > SUBSCRIBE > IP2TOR" fi -text="${text}\n + text="${text}\n To get the 'Connection String' to activate Lightning Payments: MAINMENU > CONNECT > BTCPay Server" @@ -241,8 +286,8 @@ if [ "$1" = "write-tls-macaroon" ]; then echo "# make sure symlink to central app-data directory exists" if ! [[ -L "/home/btcpay/.lnd" ]]; then - sudo rm -rf "/home/btcpay/.lnd" # not a symlink.. delete it silently - sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/btcpay/.lnd" # and create symlink + sudo rm -rf "/home/btcpay/.lnd" # not a symlink.. delete it silently + sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/btcpay/.lnd" # and create symlink fi # copy admin macaroon @@ -264,7 +309,7 @@ if [ "$1" = "cln-lightning-rpc-access" ]; then if [ "${cl}" = "on" ]; then source <(/home/admin/config.scripts/network.aliases.sh getvars cl mainnet) - if [ $(grep -c "^rpc-file-mode=0660" < ${CLCONF}) -eq 0 ]; then + if [ $(grep -c "^rpc-file-mode=0660" <${CLCONF}) -eq 0 ]; then echo "rpc-file-mode=0660" | tee -a ${CLCONF} if [ "${state}" == "ready" ]; then sudo systemctl restart lightningd @@ -341,9 +386,9 @@ if [ "$1" = "install" ]; then echo "DOTNET_CLI_TELEMETRY_OPTOUT=1" | sudo tee -a /etc/environment # NBXplorer - echo "# Install NBXplorer" + echo "# Install NBXplorer $NBXplorerVersion" cd /home/btcpay || exit 1 - echo "# Download the NBXplorer source code ..." + echo "# Download the NBXplorer source code $NBXplorerVersion" sudo -u btcpay git clone https://github.com/dgarage/NBXplorer.git 2>/dev/null cd NBXplorer || exit 1 sudo -u btcpay git reset --hard $NBXplorerVersion @@ -352,14 +397,17 @@ if [ "$1" = "install" ]; then PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc" PGPpubkeyFingerprint="AB4CFA9895ACA0DBE27F6B346618763EF09186FE" sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 - echo "# Build NBXplorer ..." + echo "# Build NBXplorer $NBXplorerVersion" # from the build.sh with path - sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj + sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj || ( + echo "# Build failed" + exit 1 + ) # BTCPayServer echo "# Install BTCPayServer" cd /home/btcpay || exit 1 - echo "# Download the BTCPayServer source code ..." + echo "# Download the BTCPayServer source code $BTCPayVersion" sudo -u btcpay git clone https://github.com/btcpayserver/btcpayserver.git 2>/dev/null cd btcpayserver || exit 1 sudo -u btcpay git reset --hard $BTCPayVersion @@ -372,9 +420,13 @@ if [ "$1" = "install" ]; then #PGPpubkeyFingerprint="8E5530D9D1C93097" sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 - echo "# Build BTCPayServer ..." + echo "# Build BTCPayServer $BTCPayVersion" # from the build.sh with path - sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj + sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release \ + /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj || ( + echo "# Build failed" + exit 1 + ) exit 0 fi @@ -430,13 +482,13 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # setup nginx symlinks if ! [ -f /etc/nginx/sites-available/btcpay_ssl.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/btcpay_ssl.conf /etc/nginx/sites-available/btcpay_ssl.conf + sudo cp /home/admin/assets/nginx/sites-available/btcpay_ssl.conf /etc/nginx/sites-available/btcpay_ssl.conf fi if ! [ -f /etc/nginx/sites-available/btcpay_tor.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor.conf /etc/nginx/sites-available/btcpay_tor.conf + sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor.conf /etc/nginx/sites-available/btcpay_tor.conf fi if ! [ -f /etc/nginx/sites-available/btcpay_tor_ssl.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor_ssl.conf /etc/nginx/sites-available/btcpay_tor_ssl.conf + sudo cp /home/admin/assets/nginx/sites-available/btcpay_tor_ssl.conf /etc/nginx/sites-available/btcpay_tor_ssl.conf fi sudo ln -sf /etc/nginx/sites-available/btcpay_ssl.conf /etc/nginx/sites-enabled/ sudo ln -sf /etc/nginx/sites-available/btcpay_tor.conf /etc/nginx/sites-enabled/ @@ -522,26 +574,23 @@ WantedBy=multi-user.target echo "# Starting nbxplorer" sudo systemctl start nbxplorer echo "# Checking for nbxplorer config" - while [ ! -f "/home/btcpay/.nbxplorer/Main/settings.config" ] - do - echo "# Waiting for nbxplorer to start - CTRL+C to abort" - sleep 10 - hasFailed=$(sudo systemctl status nbxplorer | grep -c "Active: failed") - if [ ${hasFailed} -eq 1 ]; then - echo "# seems like starting nbxplorer service has failed - see: systemctl status nbxplorer" - echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214" - fi + while [ ! -f "/home/btcpay/.nbxplorer/Main/settings.config" ]; do + echo "# Waiting for nbxplorer to start - CTRL+C to abort" + sleep 10 + hasFailed=$(sudo systemctl status nbxplorer | grep -c "Active: failed") + if [ ${hasFailed} -eq 1 ]; then + echo "# seems like starting nbxplorer service has failed - see: systemctl status nbxplorer" + echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214" + fi done else echo "# Because the system is not 'ready' the service 'nbxplorer' will not be started at this point .. its enabled and will start on next reboot" fi - postgresConfig - NBXplorerConfig # whitelist localhost in bitcoind - if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then + if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf; then echo "whitelist=127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf bitcoindRestart=yes fi @@ -554,38 +603,11 @@ WantedBy=multi-user.target sudo systemctl restart nbxplorer fi - # see the configuration options with: - # sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release -p "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- -h - # run manually to debug: - # sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release --project "/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- --sqlitefile=sqllite.db - echo "# create the btcpayserver.service" - echo " -[Unit] -Description=BtcPayServer daemon -Requires=nbxplorer.service -After=nbxplorer.service + BtcPayConfig -[Service] -ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \ - -c Release --project \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" \ - -- --sqlitefile=sqllite.db -User=btcpay -Group=btcpay -Type=simple -PIDFile=/run/btcpayserver/btcpayserver.pid -Restart=on-failure + BtcPayService -# Hardening measures -PrivateTmp=true -ProtectSystem=full -NoNewPrivileges=true -PrivateDevices=true - -[Install] -WantedBy=multi-user.target -" | sudo tee /etc/systemd/system/btcpayserver.service sudo systemctl enable btcpayserver - if [ "${state}" == "ready" ]; then echo "# Starting btcpayserver" sudo systemctl start btcpayserver @@ -593,14 +615,14 @@ WantedBy=multi-user.target while [ ! -f "/home/btcpay/.btcpayserver/Main/settings.config" ]; do echo "# Waiting for btcpayserver to start - CTRL+C to abort .." sleep 30 - hasFailed=$(sudo systemctl status btcpayserver | grep -c "Active: failed") + hasFailed=$(sudo systemctl status btcpayserver | grep -c "Active: failed") if [ ${hasFailed} -eq 1 ]; then echo "# seems like starting btcpayserver service has failed - see: systemctl status btcpayserver" echo "# maybe report here: https://github.com/rootzoll/raspiblitz/issues/214" fi done else - echo "# Because the system is not 'ready' the service 'btcpayserver' will not be started at this point .. its enabled and will start on next reboot" + echo "# Because the system is not 'ready' the service 'btcpayserver' will not be started at this point .. it is enabled and will start on next reboot" fi sudo -u btcpay mkdir -p /home/btcpay/.btcpayserver/Main/ @@ -634,7 +656,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then else if (whiptail --title " DELETE DATA? " --yesno "Do you want to delete\nthe BTCPay Server Data?" 8 30); then deleteData=1 - else + else deleteData=0 fi fi @@ -684,7 +706,10 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then else echo "# keeping data" fi - echo "# OK BTCPayServer deactivaed." + echo "# OK BTCPayServer deactivated." + + echo "# delete the btcpay user home directory" + sudo userdel -rf btcpay 2>/dev/null # needed for API/WebUI as signal that install ran thru echo "result='OK'" @@ -693,6 +718,11 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then fi if [ "$1" = "update" ]; then + + # prevent the git error 'detected dubious ownership in repository' + git config --global --add safe.directory /home/btcpay/NBXplorer + git config --global --add safe.directory /home/btcpay/btcpayserver + echo "# Update NBXplorer" cd /home/btcpay || exit 1 cd NBXplorer || exit 1 @@ -712,7 +742,7 @@ if [ "$1" = "update" ]; then TAG=$(git tag | sort -V | tail -1) echo "# Up-to-date on version $TAG" else - echo "# Pulling latest changes..." + echo "# Pulling the latest changes..." sudo -u btcpay git pull -p TAG=$(git tag | sort -V | tail -1) echo "# Reset to the latest release tag: $TAG" @@ -720,22 +750,24 @@ if [ "$1" = "update" ]; then PGPsigner="nicolasdorier" PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc" PGPpubkeyFingerprint="AB4CFA9895ACA0DBE27F6B346618763EF09186FE" + sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 - echo "# Build NBXplorer ..." + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + + echo "# Build NBXplorer $TAG" # from the build.sh with path sudo systemctl stop nbxplorer - sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj + sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj || ( + echo "# Build failed" + exit 1 + ) # whitelist localhost in bitcoind - if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then + if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf; then echo "whitelist=127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf echo "# Restarting bitcoind" sudo systemctl restart bitcoind fi - # POSTGRES - postgresConfig - NBXplorerConfig sudo systemctl start nbxplorer @@ -747,6 +779,9 @@ if [ "$1" = "update" ]; then BtcPayConfig + # always update the btcpayserver.service + BtcPayService + echo "# Update BTCPayServer" cd /home/btcpay || exit 1 cd btcpayserver || exit 1 @@ -775,10 +810,13 @@ if [ "$1" = "update" ]; then # https://github.com/rootzoll/raspiblitz/issues/3025 # sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \ # "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 - echo "# Build BTCPayServer ..." + echo "# Build BTCPayServer $TAG" # from the build.sh with path sudo systemctl stop btcpayserver - sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj + sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release /home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj || ( + echo "# Build failed" + exit 1 + ) sudo systemctl start btcpayserver echo "# Updated BTCPayServer to $TAG" fi diff --git a/home.admin/config.scripts/bonus.circuitbreaker.sh b/home.admin/config.scripts/bonus.circuitbreaker.sh index 2433ddfb1..3edc8313f 100755 --- a/home.admin/config.scripts/bonus.circuitbreaker.sh +++ b/home.admin/config.scripts/bonus.circuitbreaker.sh @@ -1,8 +1,8 @@ #!/bin/bash # https://github.com/lightningequipment/circuitbreaker/releases -pinnedVersion="v0.3.2" -# the commits are not signed +# https://github.com/lightningequipment/circuitbreaker/commits/master +pinnedVersion="e223938d983b756b3893880f3b3bf77e624a9f00" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -16,10 +16,37 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then exit 1 fi +PGPsigner="web-flow" +PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" +PGPpubkeyFingerprint="4AEE18F83AFDEB23" + +# PGPsigner="joostjager" +# PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" +# PGPpubkeyFingerprint="B9A26449A5528325" + source /mnt/hdd/raspiblitz.conf isInstalled=$(sudo ls /etc/systemd/system/circuitbreaker.service 2>/dev/null | grep -c 'circuitbreaker.service') +# show info menu +if [ "$1" = "menu" ]; then + # get network info + localip=$(hostname -I | awk '{print $1}') + fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) + + # info without Tor + whiptail --title " Circuit Breaker" --msgbox "Open in your local web browser & accept self-signed cert: +https://${localip}:9236\n +SHA1 Thumb/Fingerprint: +${fingerprint}\n +To follow the logs use the command: +sudo journalctl -fu circuitbreaker +" 14 63 + + echo "please wait ..." + exit 0 +fi + # switch on if [ "$1" = "menu" ]; then if [ ${isInstalled} -eq 1 ]; then @@ -67,23 +94,15 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo /usr/sbin/usermod --append --groups lndadmin circuitbreaker # install from source - cd /home/circuitbreaker + cd /home/circuitbreaker || exit 1 sudo -u circuitbreaker git clone https://github.com/lightningequipment/circuitbreaker.git - cd circuitbreaker + cd circuitbreaker || exit 1 sudo -u circuitbreaker git reset --hard $pinnedVersion - sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1 - ################## - # config - ################## - echo - echo "# Setting the example configuration from:" - echo "# https://github.com/lightningequipment/circuitbreaker/blob/$pinnedVersion/circuitbreaker-example.yaml" - echo "# Find it at: /home/circuitbreaker/.circutbreaker/circuitbreaker.yaml" - echo - sudo -u circuitbreaker mkdir /home/circuitbreaker/.circuitbreaker 2>/dev/null - sudo -u circuitbreaker cp circuitbreaker-example.yaml \ - /home/circuitbreaker/.circuitbreaker/circuitbreaker.yaml + sudo -u circuitbreaker /home/admin/config.scripts/blitz.git-verify.sh \ + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + + sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1 # make systemd service # sudo nano /etc/systemd/system/circuitbreaker.service @@ -114,14 +133,22 @@ WantedBy=multi-user.target sudo systemctl enable circuitbreaker echo "# OK - the circuitbreaker.service is now enabled" - else + else echo "# The circuitbreaker.service is already installed." fi - # setting value in raspi blitz config - /home/admin/config.scripts/blitz.conf.sh set circuitbreaker "on" + ################## + # NGINX + ################## + # setup nginx symlinks + if ! [ -f /etc/nginx/sites-available/circuitbreaker_ssl.conf ]; then + sudo cp /home/admin/assets/nginx/sites-available/circuitbreaker_ssl.conf /etc/nginx/sites-available/circuitbreaker_ssl.conf + fi + sudo ln -sf /etc/nginx/sites-available/circuitbreaker_ssl.conf /etc/nginx/sites-enabled/ + sudo nginx -t + sudo systemctl reload nginx - isInstalled=$(sudo -u circuitbreaker /home/circuitbreaker/go/bin/circuitbreaker --version | grep -c "circuitbreaker version") + isInstalled=$(sudo -u circuitbreaker /home/circuitbreaker/go/bin/circuitbreaker --version | grep -c "circuitbreakerd version") if [ ${isInstalled} -eq 1 ]; then echo @@ -138,35 +165,43 @@ WantedBy=multi-user.target echo "# Failed to install circuitbreaker " exit 1 fi - + + # setting value in raspi blitz config + /home/admin/config.scripts/blitz.conf.sh set circuitbreaker "on" + + sudo ufw allow 9236 comment circuitbreaker_https + exit 0 fi # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then + echo "# Removing the user and it's home directory" + sudo userdel -rf circuitbreaker 2>/dev/null + if [ ${isInstalled} -eq 1 ]; then echo "# Removing the circuitbreaker.service" sudo systemctl stop circuitbreaker sudo systemctl disable circuitbreaker sudo rm /etc/systemd/system/circuitbreaker.service - echo "# Removing the user and it's home directory" - sudo userdel -rf circuitbreaker 2>/dev/null - echo "# OK, Circuit Breaker is removed." + echo "# OK, circuitbreaker.service is removed." else - echo "# Circuit Breaker is not installed." + echo "# circuitbreaker.service is not installed." fi # setting value in raspiblitz.conf /home/admin/config.scripts/blitz.conf.sh set circuitbreaker "off" + sudo ufw delete allow 9236 + exit 0 fi # update if [ "$1" = "update" ]; then echo "# Updating Circuit Breaker" - cd /home/circuitbreaker/circuitbreaker + cd /home/circuitbreaker/circuitbreaker || exit 1 # from https://github.com/apotdevin/thunderhub/blob/master/scripts/updateToLatest.sh # fetch latest master sudo -u circuitbreaker git fetch @@ -190,16 +225,12 @@ if [ "$1" = "update" ]; then echo "# Pulling latest changes..." sudo -u circuitbreaker git pull -p sudo -u circuitbreaker git reset --hard $TAG + + #TODO PGP verification on update + echo "# Installing the version: $TAG" sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1 echo - echo "# Setting the example configuration from:" - echo "# https://github.com/lightningequipment/circuitbreaker/blob/$TAG/circuitbreaker-example.yaml" - echo "# Find it at: /home/circuitbreaker/.circutbreaker/circuitbreaker.yaml" - sudo -u circuitbreaker mkdir /home/circuitbreaker/.circuitbreaker 2>/dev/null - sudo -u circuitbreaker cp circuitbreaker-example.yaml \ - /home/circuitbreaker/.circuitbreaker/circuitbreaker.yaml - echo echo "# Updated to version" $TAG echo echo "# Starting the circuitbreaker service ... " @@ -210,4 +241,4 @@ fi echo "# FAIL - Unknown Parameter $1" echo "# may need reboot to run normal again" -exit 1 \ No newline at end of file +exit 1 diff --git a/home.admin/config.scripts/bonus.electrs.sh b/home.admin/config.scripts/bonus.electrs.sh index b16f2ce90..3d8b25f90 100755 --- a/home.admin/config.scripts/bonus.electrs.sh +++ b/home.admin/config.scripts/bonus.electrs.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/romanz/electrs/releases -ELECTRSVERSION="v0.9.10" +ELECTRSVERSION="v0.9.11" # https://github.com/romanz/electrs/commits/master # ELECTRSVERSION="446858ea621416916f84cbce61be92b748e8133e" @@ -73,7 +73,7 @@ if [ "$1" = "status" ]; then # no answer on that port echo "publicHTTPPortAnswering=0" fi - # add TOR info + # add Tor info if [ "${runBehindTor}" == "on" ]; then echo "TorRunning=1" if [ "$2" = "showAddress" ]; then @@ -98,20 +98,21 @@ if [ "$1" = "status-sync" ] || [ "$1" = "status" ]; then echo "serviceRunning=${serviceRunning}" if [ ${serviceRunning} -eq 1 ]; then - # Experimental try to get sync Info - syncedToBlock=$(sudo journalctl -u electrs --no-pager -n2000 | grep "height=" | tail -n1| cut -d= -f3) - blockchainHeight=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | jq -r '.headers' | sed 's/[^0-9]*//g') - lastBlockchainHeight=$(($blockchainHeight -1)) - syncProgress=0 - if [ "${syncedToBlock}" != "" ] && [ "${blockchainHeight}" != "" ] && [ "${blockchainHeight}" != "0" ]; then - syncProgress="$(echo "$syncedToBlock" "$blockchainHeight" | awk '{printf "%.2f", $1 / $2 * 100}')" - fi - echo "syncProgress=${syncProgress}%" - if [ "${syncedToBlock}" = "${blockchainHeight}" ] || [ "${syncedToBlock}" = "${lastBlockchainHeight}" ]; then - echo "tipSynced=1" - else - echo "tipSynced=0" - fi + # Experimental try to get sync Info (electrs debug info would need more details) + #source <(/home/admin/_cache.sh get btc_mainnet_blocks_headers) + #blockchainHeight="${btc_mainnet_blocks_headers}" + #lastBlockchainHeight=$(($blockchainHeight -1)) + #syncedToBlock=$(sudo journalctl -u electrs --no-pager -n2000 | grep "height=" | tail -n1| cut -d= -f3) + #syncProgress=0 + #if [ "${syncedToBlock}" != "" ] && [ "${blockchainHeight}" != "" ] && [ "${blockchainHeight}" != "0" ]; then + # syncProgress="$(echo "$syncedToBlock" "$blockchainHeight" | awk '{printf "%.2f", $1 / $2 * 100}')" + #fi + #echo "syncProgress=${syncProgress}%" + #if [ "${syncedToBlock}" = "${blockchainHeight}" ] || [ "${syncedToBlock}" = "${lastBlockchainHeight}" ]; then + # echo "tipSynced=1" + #else + # echo "tipSynced=0" + #fi # check if initial sync was done, by setting a file as once electrs is the first time responding on port 50001 electrumResponding=$(echo '{"jsonrpc":"2.0","method":"server.ping","params":[],"id":"electrs-check"}' | netcat -w 2 127.0.0.1 50001 | grep -c "result") @@ -135,7 +136,7 @@ if [ "$1" = "status-sync" ] || [ "$1" = "status" ]; then fi else - echo "tipSynced=0" + # echo "tipSynced=0" echo "initialSynced=0" echo "electrumResponding=0" echo "infoSync='Not running - check: sudo journalctl -u electrs'" @@ -268,7 +269,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then isInstalled=$(sudo ls /etc/systemd/system/electrs.service 2>/dev/null | grep -c 'electrs.service') if [ ${isInstalled} -eq 0 ]; then - #cleanup + # cleanup sudo rm -f /home/electrs/.electrs/config.toml echo @@ -289,9 +290,14 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo sudo -u electrs git clone https://github.com/romanz/electrs cd /home/electrs/electrs || exit 1 + sudo -u electrs git reset --hard $ELECTRSVERSION + + # verify sudo -u electrs /home/admin/config.scripts/blitz.git-verify.sh \ "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + + # build sudo -u electrs /home/electrs/.cargo/bin/cargo build --locked --release || exit 1 echo @@ -302,7 +308,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo echo "# Getting RPC credentials from the bitcoin.conf" - #read PASSWORD_B + # read PASSWORD_B RPC_USER=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcuser | cut -c 9-) PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-) echo "# Done" @@ -478,8 +484,7 @@ fi # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then - # setting value in raspiblitz config - /home/admin/config.scripts/blitz.conf.sh set ElectRS "off" + echo "# REMOVING ELECTRS" # if second parameter is "deleteindex" if [ "$2" == "deleteindex" ]; then @@ -487,23 +492,10 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo rm -rf /mnt/hdd/app-storage/electrs/ fi - # Hidden Service if Tor is active - if [ "${runBehindTor}" = "on" ]; then - /home/admin/config.scripts/tor.onion-service.sh off electrs - fi - isInstalled=$(sudo ls /etc/systemd/system/electrs.service 2>/dev/null | grep -c 'electrs.service') if [ ${isInstalled} -eq 1 ]; then - - echo "# REMOVING ELECTRS" sudo systemctl disable electrs sudo rm /etc/systemd/system/electrs.service - # delete user and home directory - sudo userdel -rf electrs - # close ports on firewall - sudo ufw deny 50001 - sudo ufw deny 50002 - echo "# OK ElectRS removed." # restart BTC-RPC-Explorer to reconfigure itself to use electrs for address API if [ "${BTCRPCexplorer}" == "on" ]; then @@ -512,8 +504,25 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then fi else - echo "# ElectRS is not installed." + echo "# electrs.service is not installed." fi + + # Hidden Service if Tor is active + if [ "${runBehindTor}" = "on" ]; then + /home/admin/config.scripts/tor.onion-service.sh off electrs + fi + + # close ports on firewall + sudo ufw delete allow 50001 + sudo ufw delete allow 50002 + + # delete user and home directory + sudo userdel -rf electrs + + # setting value in raspiblitz config + /home/admin/config.scripts/blitz.conf.sh set ElectRS "off" + + echo "# OK ElectRS removed." exit 0 fi @@ -522,7 +531,7 @@ if [ "$1" = "update" ]; then cd /home/electrs/electrs || exit 1 sudo -u electrs git fetch - localVersion=$(git describe --tag) + localVersion=$(/home/electrs/electrs/target/release/electrs --version) updateVersion=$(curl --header "X-GitHub-Api-Version:2022-11-28" -s https://api.github.com/repos/romanz/electrs/releases/latest|grep tag_name|head -1|cut -d '"' -f4) if [ $localVersion = $updateVersion ]; then @@ -532,12 +541,21 @@ if [ "$1" = "update" ]; then sudo -u electrs git pull -p echo "# Reset to the latest release tag: $updateVersion" sudo -u electrs git reset --hard $updateVersion + + sudo -u electrs /home/admin/config.scripts/blitz.git-verify.sh \ + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + + echo "# Installing build dependencies" + sudo -u electrs curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u electrs sh -s -- --default-toolchain none -y + sudo apt install -y clang cmake build-essential # for building 'rust-rocksdb' + echo + echo "# Build Electrs ..." sudo -u electrs /home/electrs/.cargo/bin/cargo build --locked --release || exit 1 - + # update config - sed -i "/^server_banner =/d" /home/electrs/.electrs/config.toml - sudo bash -c "echo 'server_banner = \"Welcome to electrs $updateVersion - the Electrum Rust Server on your RaspiBlitz\"' >> /home/electrs/.electrs/config.toml" + sudo -u electrs sed -i "/^server_banner = /d" /home/electrs/.electrs/config.toml + sudo -u electrs bash -c "echo 'server_banner = \"Welcome to electrs $updateVersion - the Electrum Rust Server on your RaspiBlitz\"' >> /home/electrs/.electrs/config.toml" echo "# Updated Electrs to $updateVersion" fi diff --git a/home.admin/config.scripts/bonus.go.sh b/home.admin/config.scripts/bonus.go.sh index 771cb7222..931e76afb 100755 --- a/home.admin/config.scripts/bonus.go.sh +++ b/home.admin/config.scripts/bonus.go.sh @@ -1,10 +1,15 @@ #!/usr/bin/env sh # set version, check: https://golang.org/dl/ -goVersion="1.18.7" +goVersion="1.19.5" +# checksums: +amd64Checksum="36519702ae2fd573c9869461990ae550c8c0d955cd28d2827a6b159fda81ff95" +armv6lChecksum="ec14f04bdaf4a62bdcf8b55b9b6434cc27c2df7d214d0bb7076a7597283b026a" +arm64Checksum="fc0aa29c933cec8d76f5435d859aaf42249aa08c74eb2d154689ae44c08d23b3" + downloadFolder="/home/admin/download" -usage(){ +usage() { printf "Config script to install or remove Go\n" printf "./bonus.go.sh [on|off]\n" exit 1 @@ -12,51 +17,65 @@ usage(){ case "$1" in - 1|on) # switch on - . /etc/profile # get Go vars - needed if there was no log-out since Go installed - printf "Check Framework: Go\n" - if go version 2>/dev/null | grep -q "${goVersion}" ; then - printf "\nThe requested version of Go is already installed.\n" - go version - printf "\n" +1 | on) # switch on + . /etc/profile # get Go vars - needed if there was no log-out since Go installed + printf "# Check Framework: Go\n" + if go version 2>/dev/null | grep -q "${goVersion}"; then + printf "\nThe requested version of Go is already installed.\n" + go version + printf "\n" + else + goOSversion=$(dpkg --print-architecture) + if [ ${goOSversion} = "armv6l" ]; then + checksum=${armv6lChecksum} + elif [ ${goOSversion{} = "arm64" ]; then + checksum=${arm64Checksum} + elif [ ${goOSversion} = "amd64" ]; then + checksum=${amd64Checksum} else - architecture="$(uname -m)" - case "${architecture}" in - arm*) goOSversion="armv6l";; - aarch64) goOSversion="arm64";; - x86_64) goOSversion="amd64";; - *) printf %s"Not available for architecture=${architecture}\n"; exit 1 - esac - printf %s"\n*** Installing Go v${goVersion} for ${goOSversion} \n***" - wget https://dl.google.com/go/go${goVersion}.linux-${goOSversion}.tar.gz -P ${downloadFolder} - if [ ! -f "${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz" ]; then - printf "# FAIL # Download failed.\n" - rm -fv go${goVersion}.linux-${goOSversion}.tar.gz* - exit 1 - fi - printf "Clean old Go version\n" - sudo rm -rf /usr/local/go /usr/local/gocode - sudo tar -C /usr/local -xzf ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz - rm -fv ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz* - sudo mkdir -v /usr/local/gocode - sudo chmod -v 777 /usr/local/gocode - export GOROOT=/usr/local/go - export PATH=$PATH:$GOROOT/bin - export GOPATH=/usr/local/gocode - export PATH=$PATH:$GOPATH/bin - sudo grep -q "GOROOT=" /etc/profile || { printf "\nGOROOT=/usr/local/go\nPATH=\$PATH:\$GOROOT/bin/\nGOPATH=/usr/local/gocode\nPATH=\$PATH:\$GOPATH/bin/\n\n" | sudo tee -a /etc/profile; } - go env -w GOPATH=/usr/local/gocode # set GOPATH https://github.com/golang/go/wiki/SettingGOPATH - go version | grep -q "go" || { printf "FAIL: Unable to install Go\n"; exit 1; } - printf %s"Installed $(go version 2>/dev/null)\n\n" + echo "# architecture $goOSversion not supported" + exit 1 fi - ;; - 0|off) # switch off - printf "*** REMOVING GO ***\n" + printf %s"\n*** Installing Go v${goVersion} for ${goOSversion} \n***" + wget https://dl.google.com/go/go${goVersion}.linux-${goOSversion}.tar.gz -P ${downloadFolder} + if [ ! -f "${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz" ]; then + printf "# FAIL # Download failed.\n" + rm -fv go${goVersion}.linux-${goOSversion}.tar.gz* + exit 1 + fi + if ! echo ${checksum} ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz | sha256sum -c; then + printf "# FAIL: Download corrupted\n" + rm -fv ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz* + exit 1 + fi + + printf "# Clean old Go version\n" sudo rm -rf /usr/local/go /usr/local/gocode - printf "OK Go removed.\n" + sudo tar -C /usr/local -xzf ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz + rm -fv ${downloadFolder}/go${goVersion}.linux-${goOSversion}.tar.gz* + sudo mkdir -v /usr/local/gocode + sudo chmod -v 777 /usr/local/gocode + export GOROOT=/usr/local/go + export PATH=$PATH:$GOROOT/bin + export GOPATH=/usr/local/gocode + export PATH=$PATH:$GOPATH/bin + sudo grep -q "GOROOT=" /etc/profile || { printf "\nGOROOT=/usr/local/go\nPATH=\$PATH:\$GOROOT/bin/\nGOPATH=/usr/local/gocode\nPATH=\$PATH:\$GOPATH/bin/\n\n" | sudo tee -a /etc/profile; } + go env -w GOPATH=/usr/local/gocode # set GOPATH https://github.com/golang/go/wiki/SettingGOPATH + go version | grep -q "go" || { + printf "FAIL: Unable to install Go\n" + exit 1 + } + printf %s"Installed $(go version 2>/dev/null)\n\n" + fi ;; - *) usage +0 | off) # switch off + printf "*** REMOVING GO ***\n" + sudo rm -rf /usr/local/go /usr/local/gocode + printf "# OK Go removed.\n" + ;; -esac \ No newline at end of file +*) usage ;; + +esac diff --git a/home.admin/config.scripts/bonus.joinmarket.sh b/home.admin/config.scripts/bonus.joinmarket.sh index e93d26522..d36f00b46 100755 --- a/home.admin/config.scripts/bonus.joinmarket.sh +++ b/home.admin/config.scripts/bonus.joinmarket.sh @@ -6,7 +6,7 @@ # https://github.com/openoms/joininbox # https://github.com/openoms/joininbox/tags -JBTAG="v0.7.4" # installs JoinMarket v0.9.8 +JBTAG="v0.7.6" # installs JoinMarket v0.9.9 # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -20,9 +20,9 @@ fi # show info menu if [ "$1" = "menu" ]; then whiptail --title " JoinMarket info " \ - --yes-button "Start Joininbox" \ - --no-button "Cancel" \ - --yesno "Usage notes: + --yes-button "Start Joininbox" \ + --no-button "Cancel" \ + --yesno "Usage notes: https://github.com/openoms/bitcoin-tutorials/blob/master/joinmarket/README.md Can also type: 'jm' in the command line to switch to the dedicated user, @@ -35,8 +35,8 @@ and start the JoininBox menu. fi # check if sudo -if [ "$EUID" -ne 0 ] - then echo "Please run as root (with sudo)" +if [ "$EUID" -ne 0 ]; then + echo "Please run as root (with sudo)" exit fi @@ -80,7 +80,7 @@ if [ "$1" = "install" ]; then # https://github.com/openoms/joininbox/releases/ sudo -u joinmarket git reset --hard ${JBTAG} sudo -u joinmarket /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${JBTAG}" || exit 1 + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${JBTAG}" || exit 1 # copy the scripts in place sudo -u joinmarket cp /home/joinmarket/joininbox/scripts/* /home/joinmarket/ @@ -161,7 +161,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # make sure the Bitcoin Core wallet is on /home/admin/config.scripts/network.wallet.sh on - if [ $(/usr/local/bin/bitcoin-cli -conf=/mnt/hdd/bitcoin/bitcoin.conf listwallets | grep -c wallet.dat) -eq 0 ];then + if [ $(/usr/local/bin/bitcoin-cli -conf=/mnt/hdd/bitcoin/bitcoin.conf listwallets | grep -c wallet.dat) -eq 0 ]; then echo "# Create a non-descriptor wallet.dat" /usr/local/bin/bitcoin-cli -conf=/mnt/hdd/bitcoin/bitcoin.conf -named createwallet wallet_name=wallet.dat descriptors=false else @@ -187,9 +187,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then ln -s /mnt/hdd/app-data/.joinmarket /home/joinmarket/ 2>/dev/null chown -R joinmarket:joinmarket /home/joinmarket/.joinmarket # specify wallet.dat in old config for multiwallet for multiwallet support - if [ -f "/home/joinmarket/.joinmarket/joinmarket.cfg" ] ; then + if [ -f "/home/joinmarket/.joinmarket/joinmarket.cfg" ]; then sudo -u joinmarket sed -i "s/^rpc_wallet_file =.*/rpc_wallet_file = wallet.dat/g" \ - /home/joinmarket/.joinmarket/joinmarket.cfg + /home/joinmarket/.joinmarket/joinmarket.cfg echo "# specified to use wallet.dat in the recovered joinmarket.cfg" fi @@ -210,7 +210,7 @@ source /home/joinmarket/_commands.sh if [ -z \"\$TMUX\" ]; then /home/joinmarket/menu.sh fi -" | sudo -u joinmarket tee -a /home/joinmarket/.bashrc +" | sudo -u joinmarket tee -a /home/joinmarket/.bashrc # configure joinmarket (includes a check if it is installed) if sudo -u joinmarket /home/joinmarket/start.joininbox.sh; then diff --git a/home.admin/config.scripts/bonus.lnbits.sh b/home.admin/config.scripts/bonus.lnbits.sh index 4915a74f7..ea0c493fc 100644 --- a/home.admin/config.scripts/bonus.lnbits.sh +++ b/home.admin/config.scripts/bonus.lnbits.sh @@ -3,7 +3,7 @@ # https://github.com/lnbits/lnbits-legend # https://github.com/lnbits/lnbits-legend/releases -tag="0.9.4" +tag="0.9.6" VERSION="${tag}" # command info @@ -174,10 +174,10 @@ https://${ip2torDomain}:${ip2torPort} ready for public use" IP2TOR: https://${ip2torIP}:${ip2torPort} SHA1 ${sslFingerprintTOR}\n Consider adding a LetsEncrypt HTTPS Domain under OPTIONS." -# elif [ ${#publicDomain} -eq 0 ]; then -# text="${text}\n -#To enable easy reachability with normal browser from the outside -#Consider adding a IP2TOR Bridge under OPTIONS." + elif [ ${#publicDomain} -eq 0 ]; then + text="${text}\n +To enable easy reachability with normal browser from the outside +Consider adding a IP2TOR Bridge under OPTIONS." fi whiptail --title " LNbits ${fundinginfo}" --yes-button "OK" --no-button "OPTIONS" --yesno "${text}" 18 69 @@ -194,16 +194,16 @@ Consider adding a LetsEncrypt HTTPS Domain under OPTIONS." OPTIONS=() # IP2TOR options - #if [ "${ip2torDomain}" != "" ]; then - # # IP2TOR+LetsEncrypt active - offer cancel - # OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits") - #elif [ "${ip2torIP}" != "" ]; then - # # just IP2TOR active - offer cancel or Lets Encrypt - # OPTIONS+=(HTTPS-ON "Add free HTTPS-Certificate for LNbits") - # OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits") - #else - # OPTIONS+=(IP2TOR-ON "Make Public with IP2Tor Subscription") - #fi + if [ "${ip2torDomain}" != "" ]; then + # IP2TOR+LetsEncrypt active - offer cancel + OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits") + elif [ "${ip2torIP}" != "" ]; then + # just IP2TOR active - offer cancel or Lets Encrypt + OPTIONS+=(HTTPS-ON "Add free HTTPS-Certificate for LNbits") + OPTIONS+=(IP2TOR-OFF "Cancel IP2Tor Subscription for LNbits") + else + OPTIONS+=(IP2TOR-ON "Make Public with IP2Tor Subscription") + fi # Change Funding Source options (only if available) if [ "${LNBitsFunding}" == "lnd" ] && [ "${cl}" == "on" ]; then @@ -608,7 +608,7 @@ if [ "$1" = "install" ]; then exit 0 fi - echo "# *** INSTALL THUNDERHUB ***" + echo "# *** INSTALL LNBIS ${VERSION} ***" # add lnbits user echo "*** Add the 'lnbits' user ***" diff --git a/home.admin/config.scripts/bonus.lndconnect.sh b/home.admin/config.scripts/bonus.lndconnect.sh index 41f10007b..86439d0b5 100755 --- a/home.admin/config.scripts/bonus.lndconnect.sh +++ b/home.admin/config.scripts/bonus.lndconnect.sh @@ -98,7 +98,7 @@ elif [ "${targetWallet}" = "zeus-ios" ]; then usingIP2TOR="LND-REST-API" forceTOR=1 host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname) - connectInfo="- start the Zeus Wallet --> lndconnect\n- scan the QR code \n- activate 'Tor' option \n- activate 'Certification Verification' option\n- save Node Config" + connectInfo="- start the Zeus Wallet --> Scan Node Config\n- scan the QR code \n- save Node Config" elif [ "${targetWallet}" = "zeus-android" ]; then @@ -106,7 +106,7 @@ elif [ "${targetWallet}" = "zeus-android" ]; then usingIP2TOR="LND-REST-API" forceTOR=1 host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname) - connectInfo="- start the Zeus Wallet --> lndconnect\n- scan the QR code \n- activate 'Tor' option \n- activate 'Certification Verification' option\n- save Node Config" + connectInfo="- start the Zeus Wallet --> Scan Node Config\n- scan the QR code \n- save Node Config" elif [ "${targetWallet}" = "sendmany-android" ]; then diff --git a/home.admin/config.scripts/bonus.lndg.sh b/home.admin/config.scripts/bonus.lndg.sh index 9d74d4ed6..3924aaa3e 100644 --- a/home.admin/config.scripts/bonus.lndg.sh +++ b/home.admin/config.scripts/bonus.lndg.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/cryptosharks131/lndg -VERSION="1.4.0 " +VERSION="1.5.0 " # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -155,7 +155,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then if [ "$2" == "deletedatabase" ]; then # deleting old database and moving new database - echo "Deleting existing database and creating new one" + echo "Deleting existing database and creating new one" sudo rm -rf /mnt/hdd/app-data/lndg/data sudo cp -p -r /home/lndg/lndg/data /mnt/hdd/app-data/lndg/data sudo rm /home/lndg/lndg/data/db.sqlite3 @@ -166,8 +166,11 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # using existing database, so remove newly created database and link to existing one echo "Database already exists, using existing database" sudo rm /home/lndg/lndg/data/db.sqlite3 + sudo chown -R lndg:lndg /mnt/hdd/app-data/lndg + sudo chmod -R 755 /mnt/hdd/app-data/lndg + sudo chmod 644 /mnt/hdd/app-data/lndg/data/db.sqlite3 sudo -u lndg ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3 - sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate + sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate fi else @@ -243,7 +246,7 @@ ExecStart=/home/lndg/lndg/.venv/bin/gunicorn lndg.wsgi -w 4 -b 0.0.0.0:8889 Restart=always KillSignal=SIGQUIT Type=notify -StandardError=syslog +StandardError=append:/var/log/gunicorn_error.log NotifyAccess=all RestartSec=60s diff --git a/home.admin/config.scripts/bonus.lndmanage.sh b/home.admin/config.scripts/bonus.lndmanage.sh index 4612f59a5..5337e6430 100755 --- a/home.admin/config.scripts/bonus.lndmanage.sh +++ b/home.admin/config.scripts/bonus.lndmanage.sh @@ -9,7 +9,7 @@ fi # set version of LND manage to install # https://github.com/bitromortac/lndmanage/releases -lndmanageVersion="0.11.0" +lndmanageVersion="0.14.2" pgpKeyDownload="https://github.com/bitromortac.gpg" gpgFingerprint="0453B9F5071261A40FDB34181965063FC13BEBE2" @@ -69,7 +69,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# installing ..." python3 -m venv venv source /home/admin/lndmanage/venv/bin/activate - python3 -m pip install lndmanage-0.11.0-py3-none-any.whl + python3 -m pip install lndmanage-${lndmanageVersion}-py3-none-any.whl # get build dependencies # python3 -m pip install --upgrade pip wheel setuptools diff --git a/home.admin/config.scripts/bonus.lnproxy.sh b/home.admin/config.scripts/bonus.lnproxy.sh new file mode 100644 index 000000000..fb26b2494 --- /dev/null +++ b/home.admin/config.scripts/bonus.lnproxy.sh @@ -0,0 +1,252 @@ +#!/bin/bash + +# https://github.com/lnproxy/lnproxy/commits/main +LNPROXYVERSION="423723b58cc45daa2fdf6c8b22537d560aca4d7a" +# https://github.com/lnproxy/lnproxy-webui/commits/main +WEBUIVERSION=24d291c884a0b60126c1915301f29c893900a155 + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "config script to install or uninstall the lnproxy server" + echo "bonus.lnproxy.sh [on|off|menu]" + echo "installs the version $LNPROXYVERSION by default" + exit 1 +fi + +source /mnt/hdd/raspiblitz.conf +localip=$(hostname -I | awk '{print $1}') + +# menu +if [ "$1" = "menu" ]; then + + if systemctl is-active --quiet lnproxy; then + # get network info + torAddress=$(sudo cat /mnt/hdd/tor/lnproxy/hostname 2>/dev/null) + fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) + + if [ "${runBehindTor}" = "on" ] && [ -n "${torAddress}" ]; then + # Info with Tor + sudo /home/admin/config.scripts/blitz.display.sh qr "${torAddress}" + whiptail --title " lnproxy-webui and API" --msgbox "\ +Open in your local web browser: +http://${localip}:4748 +https://${localip}:4749 with Fingerprint: +${fingerprint}\n +Hidden Service address for Tor Browser (see LCD for QR): +${torAddress}\n +To use the API: +curl -k https://${localip}:4749/api/{invoice}?routing_msat={budget}\n +The Tor Hidden Service address to share for using the API: +${torAddress}/api +" 19 67 + sudo /home/admin/config.scripts/blitz.display.sh hide + else + # Info without Tor + whiptail --title " lnproxy-webui " --msgbox "Open in your local web browser: +http://${localip}:4748\n +Activate Tor to access the web interface from outside your local network. +" 15 57 + fi + echo "# please wait ..." + else + echo "# *** LNPROXY IS NOT INSTALLED ***" + fi + exit 0 +fi + +# install +if [ "$1" = "1" ] || [ "$1" = "on" ]; then + + if systemctl is-active --quiet lnproxy; then + echo "# FAIL - lnproxy already installed" + sleep 3 + exit 1 + fi + + echo "*** INSTALL LNPROXY ***" + # check and install Go + /home/admin/config.scripts/bonus.go.sh on + + # create lnproxy user + sudo adduser --disabled-password --gecos "" lnproxy + + # create macaroon + cd /home/bitcoin || exit 1 + sudo -u bitcoin lncli bakemacaroon --save_to lnproxy.macaroon \ + uri:/lnrpc.Lightning/DecodePayReq \ + uri:/lnrpc.Lightning/LookupInvoice \ + uri:/invoicesrpc.Invoices/AddHoldInvoice \ + uri:/invoicesrpc.Invoices/SubscribeSingleInvoice \ + uri:/invoicesrpc.Invoices/CancelInvoice \ + uri:/invoicesrpc.Invoices/SettleInvoice \ + uri:/routerrpc.Router/SendPaymentV2 + sudo mv ./lnproxy.macaroon /home/lnproxy/ + sudo chown lnproxy:lnproxy /home/lnproxy/lnproxy.macaroon + sudo chmod 600 /home/lnproxy/lnproxy.macaroon + + # make sure symlink to central app-data directory exists + sudo rm -rf /home/lnproxy/.lnd # not a symlink.. delete it silently + # create symlink + sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/lnproxy/.lnd" + + # download source code + cd /home/lnproxy/ || exit 1 + sudo -u lnproxy git clone https://github.com/lnproxy/lnproxy.git /home/lnproxy/lnproxy + cd /home/lnproxy/lnproxy || exit 1 + sudo -u lnproxy git reset --hard ${LNPROXYVERSION} || exit 1 + + # build + sudo -u lnproxy /usr/local/go/bin/go get lnproxy + sudo -u lnproxy /usr/local/go/bin/go build + + # manual start (in tmux) + # sudo -u lnproxy /home/lnproxy/lnproxy/lnproxy -lnd-cert /home/lnproxy/.lnd/tls.cert /home/lnproxy/lnproxy.macaroon + + # create systemd service + cat </dev/null sudo rsync -av $postgres_datadir /mnt/hdd/app-data @@ -67,9 +67,8 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then # wait for the postgres server to start count=0 count_max=30 - while ! nc -zv 127.0.0.1 5432 2>/dev/null; - do - count=`expr $count + 1` + while ! nc -zv 127.0.0.1 5432 2>/dev/null; do + count=$((count + 1)) echo "sleep $count/$count_max" sleep 1 if [ $count = $count_max ]; then @@ -103,16 +102,16 @@ fi # backup backup_target="/mnt/hdd/app-data/backup/$db_name" -backup_file="${db_name}_`date +%d`-`date +%m`-`date +%Y`_`date +%H`-`date +%M`_dump" +backup_file="${db_name}_$(date +%d)-$(date +%m)-$(date +%Y)_$(date +%H)-$(date +%M)_dump" if [ ! -d $backup_target ]; then - sudo mkdir -p $backup_target 1>&2 + sudo mkdir -p $backup_target 1>&2 fi # https://www.postgresql.org/docs/current/backup-dump.html if [ "$command" = "backup" ] && [ "$db_name" != "" ]; then echo "*** BACKUP POSTGRESQL $db_name ***" - sudo -u postgres pg_dump $db_name > $backup_target/${backup_file}.sql || exit 1 + sudo -u postgres pg_dump $db_name >$backup_target/${backup_file}.sql || exit 1 # Delete old backups (keep last 3 backups) sudo chown -R admin:admin $backup_target ls -tp $backup_target/*.sql | grep -v '/$' | tail -n +4 | tr '\n' '\0' | xargs -0 rm -- 2>/dev/null @@ -154,7 +153,7 @@ if [ "$command" = "restore" ] && [ "$db_name" != "" ] && [ "$db_user" != "" ] && echo "# Import SQL Dump" sudo mkdir -p $backup_target/logs 1>&2 sudo chown -R postgres:postgres $backup_file - sudo -u postgres psql $db_name < ${backup_file} > $backup_target/logs/sql_import.log || exit 1 + sudo -u postgres psql $db_name <${backup_file} >$backup_target/logs/sql_import.log || exit 1 echo "$backup_target/sql_import.log written" echo "OK - database $db_name restored from ${backup_file}" exit 0 @@ -176,4 +175,4 @@ if [ "$command" = "info" ]; then fi echo "FAIL - Unknown Parameter $command" -exit 1 \ No newline at end of file +exit 1 diff --git a/home.admin/config.scripts/bonus.sphinxrelay.sh b/home.admin/config.scripts/bonus.sphinxrelay.sh index fe3d3c498..6ade00144 100755 --- a/home.admin/config.scripts/bonus.sphinxrelay.sh +++ b/home.admin/config.scripts/bonus.sphinxrelay.sh @@ -108,9 +108,9 @@ iOS support is native, Android needs Orbot" At the moment your Sphinx Relay Server is just available within the local network - without transport encryption. Local server for test & debug: ${publicURL}/app"#\n -#To enable easy reachability from the outside consider -#adding a IP2TOR Bridge and reconnect: -#MAINMENU > SUBSCRIBE > IP2TOR > SPHINX" +To enable easy reachability from the outside consider +adding a IP2TOR Bridge and reconnect: +MAINMENU > SUBSCRIBE > IP2TOR > SPHINX" extraPairInfo="You need to be on the same local network to make this work." else diff --git a/home.admin/config.scripts/bonus.suez.sh b/home.admin/config.scripts/bonus.suez.sh index edc50ed94..61bae1f09 100644 --- a/home.admin/config.scripts/bonus.suez.sh +++ b/home.admin/config.scripts/bonus.suez.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/prusnak/suez/commits/master -SUEZVERSION="e402edbddb45d8a53af346b8582243f4068ece6c" +SUEZVERSION="bcfd3502ac1f7d95b90c62c1daeae50aa7052be7" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -12,7 +12,7 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then fi PGPsigner="prusnak" -PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" +PGPpubkeyLink="https://rusnak.io/public/pgp.txt" PGPpubkeyFingerprint="91F3B339B9A02A3D" source /mnt/hdd/raspiblitz.conf @@ -21,8 +21,7 @@ source /mnt/hdd/raspiblitz.conf if [ "$1" = "menu" ]; then dialog --title " Info Suez" --msgbox " Suez is a command line tool. -Type: 'suez' for the default channel visualization for LND -Type: 'suez --help' in the command line to see the usage options. +Type: 'suez' to visualize the channels of the default ln instance Readme: https://github.com/prusnak/suez#readme " 10 75 exit 0 @@ -46,11 +45,6 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 sudo -u bitcoin /home/bitcoin/.local/bin/poetry install - echo "# Adding alias" - sudo -u admin touch /home/admin/_aliases - echo "alias suez='cd /home/bitcoin/suez && sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez'"\ - | sudo tee -a /home/admin/_aliases - # setting value in raspi blitz config /home/admin/config.scripts/blitz.conf.sh set suez "on" @@ -65,16 +59,14 @@ fi # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then - echo "# REMOVING SUEZ" sudo rm -rf /home/bitcoin/suez - echo "# OK, suez is removed." + echo "# OK, Suez is removed." # setting value in raspi blitz config /home/admin/config.scripts/blitz.conf.sh set suez "off" exit 0 - fi # update @@ -98,4 +90,4 @@ if [ "$1" = "update" ]; then fi echo "FAIL - Unknown Parameter $1" -exit 1 \ No newline at end of file +exit 1 diff --git a/home.admin/config.scripts/bonus.tallycoin-connect.sh b/home.admin/config.scripts/bonus.tallycoin-connect.sh index 36e43bf40..2632e472a 100755 --- a/home.admin/config.scripts/bonus.tallycoin-connect.sh +++ b/home.admin/config.scripts/bonus.tallycoin-connect.sh @@ -8,7 +8,7 @@ HOME_DIR=/home/$USERNAME CONFIG_FILE=$APP_DATA_DIR/tallycoin_api.key RASPIBLITZ_INFO=/home/admin/raspiblitz.info SERVICE_FILE=/etc/systemd/system/tallycoin-connect.service -TC_VERSION=1.7.1 +TC_VERSION=1.7.5 # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then diff --git a/home.admin/config.scripts/cl.backup.sh b/home.admin/config.scripts/cl.backup.sh index 649b0512c..d1debaad9 100644 --- a/home.admin/config.scripts/cl.backup.sh +++ b/home.admin/config.scripts/cl.backup.sh @@ -189,7 +189,7 @@ if [ ${mode} = "cl-export-gui" ]; then echo echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:" echo "sftp '${fileowner}@${localip}:${filename}' ./" - echo "ON WINDOWS USE:" + echo "ON WINDOWS - RUN IN CMD:" echo "sftp ${fileowner}@${localip}:${filename} ." echo echo "Use password A to authenticate file transfer." diff --git a/home.admin/config.scripts/cl.hsmtool.sh b/home.admin/config.scripts/cl.hsmtool.sh index d117f4944..4912a09e3 100644 --- a/home.admin/config.scripts/cl.hsmtool.sh +++ b/home.admin/config.scripts/cl.hsmtool.sh @@ -156,7 +156,7 @@ function decryptHSMsecret() { /home/admin/config.scripts/cl.hsmtool.sh unlock ${CHAIN} # attempt to decrypt again sudo cat $passwordFile | sudo -u bitcoin lightning-hsmtool decrypt \ - "$hsmSecretPath" || echo "# Couldn't decrypt"; exit 1 + "$hsmSecretPath" || (echo "# Couldn't decrypt"; exit 1) fi fi shredPasswordFile diff --git a/home.admin/config.scripts/lnd.backup.sh b/home.admin/config.scripts/lnd.backup.sh index a527a7d73..1eb13d93c 100755 --- a/home.admin/config.scripts/lnd.backup.sh +++ b/home.admin/config.scripts/lnd.backup.sh @@ -199,7 +199,7 @@ if [ ${mode} = "lnd-export-gui" ]; then echo echo "ON YOUR MAC & LINUX LAPTOP - RUN IN NEW TERMINAL:" echo "sftp '${fileowner}@${localip}:${filename}' ./" - echo "ON WINDOWS USE:" + echo "ON WINDOWS - RUN IN CMD:" echo "sftp ${fileowner}@${localip}:${filename} ." echo "Use password A to authenticate file transfer." echo diff --git a/home.admin/config.scripts/lnd.export.sh b/home.admin/config.scripts/lnd.export.sh index 79eac0a89..fa6307898 100755 --- a/home.admin/config.scripts/lnd.export.sh +++ b/home.admin/config.scripts/lnd.export.sh @@ -136,9 +136,9 @@ elif [ "${exportType}" = "btcpay" ]; then echo "NOTE: You have a IP2TOR connection for LND REST API .. so you can use this connection string also with a external BTCPay server." else echo "IMPORTANT: You can only use this connection string for a BTCPay server running on this RaspiBlitz." - #echo "If you want to connect from a external BTCPay server activate a IP2TOR tunnel for LND-REST first:" - #echo "MAIN MENU > SUBSCRIBE > IP2TOR > LND REST API" - #echo "Then come back and get a new connection string." + echo "If you want to connect from a external BTCPay server activate a IP2TOR tunnel for LND-REST first:" + echo "MAIN MENU > SUBSCRIBE > IP2TOR > LND REST API" + echo "Then come back and get a new connection string." fi echo "" diff --git a/home.admin/config.scripts/network.reindex.sh b/home.admin/config.scripts/network.reindex.sh index 0919ba63d..f78ff514c 100755 --- a/home.admin/config.scripts/network.reindex.sh +++ b/home.admin/config.scripts/network.reindex.sh @@ -1,93 +1,54 @@ #!/bin/bash # command info -if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "script to run re-index if the blockchain (in case of repair)" - echo "run to start or monitor re-index progress" +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "script to run re-index if the blockchain - blocks will not be deleted but re-indexed" + echo "will trigger reboot after started and progress can be monitored thru normal sync status" + echo "There are two ways to re-index - for details see: https://bitcoin.stackexchange.com/a/60711" + echo "network.reindex.sh reindex [mainnet|testnet|signet] --> re-index chain & repair corrupt blocks" + echo "network.reindex.sh reindex-chainstate [mainnet|testnet|signet] --> only re-build UTXO set (fast)" exit 1 fi -# check and load raspiblitz config -# to know which network is running -source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -# if re-index is not running, start ... -source <(/home/admin/_cache.sh get state) -if [ "${state}" != "reindex" ]; then +if [ "$1" = "reindex" ] || [ "$1" = "reindex-chainstate" ]; then - # stop services - echo "making sure services are not running .." - sudo systemctl stop lnd 2>/dev/null - sudo systemctl stop ${network}d 2>/dev/null + action="$1" + + # network prefixes + if [ "$2" = "mainnet" ]; then + echo "# network.reindex.sh ${action} --> mainnet" + prefix="" + netparam="" + elif [ "$2" = "testnet" ]; then + echo "# network.reindex.sh ${action} --> testnet" + prefix="t" + netparam="-testnet " + elif [ "$2" = "signet" ]; then + echo "# network.reindex.sh ${action} --> signet" + prefix="s" + netparam="-signet " + else + echo "error='unknown/missing secondary parameter'" + exit 1 + fi + + # stop bitcoin service + echo "# stopping ${network} service (please wait - can take time) .." + sudo systemctl stop ${prefix}${network}d # starting reindex - echo "starting re-index ..." - sudo -u bitcoin /usr/local/bin/${network}d -daemon -reindex -conf=/home/bitcoin/.${network}/${network}.conf -datadir=/home/bitcoin/.${network} - - # set reindex flag in raspiblitz.info (gets deleted after (final) reboot) - sudo sed -i "s/^state=.*/state=reindex/g" /home/admin/raspiblitz.info + echo "# starting ${network} service with -${action} flag" + sudo -u bitcoin /usr/local/bin/${network}d ${netparam}-daemon -blockfilterindex=0 -${action} -conf=/mnt/hdd/${network}/${network}.conf -datadir=/mnt/hdd/${network} 1>&2 + echo "# waiting 10 secs" + sleep 10 + echo "# going into reboot - reindex process can be monitored like normal blockchain sync status" + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot + exit 0 fi -# while loop to wait to finish -finished=0 -progress=0 -while [ ${finished} -eq 0 ] - do - clear - echo "*************************" - echo "REINDEXING BLOCKCHAIN" - echo "*************************" - date - echo "THIS CAN TAKE SOME VERY LONG TIME" - echo "See Raspiblitz FAQ: https://github.com/rootzoll/raspiblitz" - echo "On question: My blockchain data is corrupted - what can I do?" - echo "If you dont see any progress after 24h keep X pressed to stop." +echo "error='unknown main parameter'" +exit 1 - # get blockchain sync progress - blockchaininfo=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo) - progress=$(echo "${blockchaininfo}" | jq -r '.verificationprogress') - #progress=$(echo "${progress}*100" | bc) - progress=$(echo $progress | awk '{printf( "%.2f%%", 100 * $1)}') - inprogress="$(echo "${blockchaininfo}" | jq -r '.initialblockdownload')" - if [ "${inprogress}" = "false" ]; then - finished=1 - fi - - echo "" - echo "RUNNING: ${inprogress}" - echo "PROGRESS: ${progress}" - echo "" - - echo "You can close terminal while reindex is running.." - echo "But you have to login again to check if ready." - - # wait 2 seconds for key input - read -n 1 -t 2 keyPressed - - # check if user wants to abort monitor - if [ "${keyPressed}" = "x" ]; then - echo "stopped by user ..." - break - fi - -done - - -# trigger reboot when finished -echo "*************************" -if [ ${finished} -eq 0 ]; then - echo "Re-Index CANCELED" -else - echo "Re-Index finished" -fi -echo "Starting reboot ..." -echo "*************************" -# stop bitcoind -sudo -u bitcoin ${network}-cli stop -sleep 4 -# clean logs (to prevent a false reindex detection) -sudo rm /mnt/hdd/${network}/debug.log 2>/dev/null -# reboot -sudo /home/admin/config.scripts/blitz.shutdown.sh reboot \ No newline at end of file diff --git a/home.admin/config.scripts/network.txindex.sh b/home.admin/config.scripts/network.txindex.sh index 3649bba60..df5b183b6 100755 --- a/home.admin/config.scripts/network.txindex.sh +++ b/home.admin/config.scripts/network.txindex.sh @@ -30,36 +30,47 @@ if [ "$1" = "status" ]; then echo "##### STATUS TXINDEX" + indexByteSize=$(sudo du -s /mnt/hdd/bitcoin/indexes/txindex 2>/dev/null | cut -f1) + if [ "${indexByteSize}" == "" ]; then + indexByteSize=0 + fi + echo "txindex=${txindex}" + echo "indexByteSize=${indexByteSize}" if [ ${txindex} -eq 0 ]; then exit 0 fi # try to gather if still indexing + source <(/home/admin/_cache.sh get btc_mainnet_blocks_headers) + blockchainHeight="${btc_mainnet_blocks_headers}" indexedToBlock=$(sudo tail -n 200 /mnt/hdd/${network}${pathAdd}/debug.log | grep "Syncing txindex with block chain from height" | tail -n 1 | cut -d " " -f 9 | sed 's/[^0-9]*//g') - blockchainHeight=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | jq -r '.blocks' | sed 's/[^0-9]*//g') indexFinished=$(sudo tail -n 200 /mnt/hdd/${network}${pathAdd}/debug.log | grep -c "txindex is enabled at height") - echo "indexedToBlock=${indexedToBlock}" - echo "blockchainHeight=${blockchainHeight}" - echo "indexFinished=${indexFinished}" + if [ ${#indexedToBlock} -eq 0 ] || [ ${indexFinished} -gt 0 ] || [ "${indexedToBlock}" = "${blockchainHeight}" ]; then echo "isIndexed=1" + indexedToBlock=$blockchainHeight + indexFinished=1 indexInfo="OK" else echo "isIndexed=0" if [ ${#indexedToBlock} -gt 0 ] && [ ${#blockchainHeight} -gt 0 ]; then progressPercent=$(printf %.2f $(echo "${indexedToBlock}/${blockchainHeight}*100" | bc -l)) - indexInfo="Indexing is at ${progressPercent}% (please wait)" + indexInfo="Building ${progressPercent}% (please wait)" else - indexInfo="Indexing is running (please wait)" + indexInfo="Building (please wait)" fi echo "indexInfo='${indexInfo}'" - fi + fi + + echo "indexFinished=${indexFinished}" + echo "indexedToBlock=${indexedToBlock}" + echo "blockchainHeight=${blockchainHeight}" + exit 0 fi - ################### # switch on ################### @@ -84,27 +95,26 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then fi fi - ################### # switch off ################### if [ "$1" = "0" ] || [ "$1" = "off" ]; then + echo "# changing config ..." sudo sed -i "s/^txindex=.*/txindex=0/g" /mnt/hdd/${network}/${network}.conf + echo "# deinstalling apps needing txindex ..." + sudo -u admin /home/admin/config.scripts/bonus.btc-rpc-explorer.sh off + echo "# restarting bitcoind ..." sudo systemctl restart ${network}d exit 0 fi - ################### # delete (and make sure all using apps are deinstalled) # on version update check all bonus scripts that this network.txindex.sh on ################### if [ "$1" = "delete" ]; then - echo "# deinstalling apps needing txindex ..." - sudo -u admin /home/admin/config.scripts/bonus.btc-rpc-explorer.sh off - echo "# changing config ..." + echo "# stopping bitcoind ..." sudo systemctl stop ${network}d - sudo sed -i "s/^txindex=.*/txindex=0/g" /mnt/hdd/${network}/${network}.conf echo "# deleting tx index ..." sudo rm -r /mnt/hdd/${network}/indexes/txindex echo "# restarting bitcoind ..." diff --git a/home.admin/config.scripts/tor.network.sh b/home.admin/config.scripts/tor.network.sh index 2255505ae..40f2c3f1b 100755 --- a/home.admin/config.scripts/tor.network.sh +++ b/home.admin/config.scripts/tor.network.sh @@ -71,7 +71,7 @@ deactivateBitcoinOverTor() [ -f "/home/admin/raspiblitz.info" ] && . /home/admin/raspiblitz.info [ -f "/mnt/hdd/raspiblitz.conf" ] && . /mnt/hdd/raspiblitz.conf -torActive=$(sudo systemctl is-active tor@default | grep -c "active") +torActive=$(systemctl is-active tor@default | grep -c "^active") curl --socks5 127.0.0.1:9050 --socks5-hostname 127.0.0.1:9050 -m 5 -s https://check.torproject.org/api/ip | grep -q "\"IsTor\":true" && torFunctional=1 case "$1" in @@ -156,7 +156,7 @@ EOF sudo chmod -R 700 /mnt/hdd/tor sudo chown -R debian-tor:debian-tor /mnt/hdd/tor sudo systemctl restart tor@default - echo "OK - Tor is now $(sudo systemctl is-active tor@default)" + echo "OK - Tor is now $(systemctl is-active tor@default)" echo "needs reboot to activate new setting" ;;