mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2024-11-19 01:40:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

New 64-bit sd card image with btc/nd update, fatpack & tor by default (#2060)

Browse Source
This commit is contained in:
/rootzoll 2021-03-15 23:16:27 +01:00 committed by GitHub
parent 41888d24cb
commit 955020c0e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 4657 additions and 2207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES.md
View File

@ -1,5 +1,12 @@
# CHANGES between Releases
## Whats new in Version 1.7.0 of RaspiBlitz?
- Update: Raspberry Pi OS Base Image 64-bit (August 2020)
- Update: bitcoin-core version 0.21.0-beta [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0.21.0.md)
- Update: LND version 0.12.1-beta [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.12.1-beta)
- New: Build SD card Image with parameters & FatPack [details](https://github.com/rootzoll/raspiblitz/pull/2044)
## Whats new in Version 1.6.3 of RaspiBlitz?
- Update: mempool space 2.0.1 [details](https://github.com/mempool/mempool)

8
FAQ.md
View File

@ -32,7 +32,7 @@
- [Is it possible to connect the Blitz over Wifi instead of using a LAN cable?](#is-it-possible-to-connect-the-blitz-over-wifi-instead-of-using-a-lan-cable)
- [Can I directly connect the RaspiBlitz with my laptop?](#can-i-directly-connect-the-raspiblitz-with-my-laptop)
- [How do I unplug/shutdown safely without SSH](#how-do-i-unplugshutdown-safely-without-ssh)
- [How can I build an SD card other then the master branch?](#how-can-i-build-an-sd-card-other-then-the-master-branch)
- [How can I build an SD card from another branch?](#how-can-i-build-an-sd-card-from-another-branch)
- [How can I build an SD card from my forked GitHub Repo?](#how-can-i-build-an-sd-card-from-my-forked-github-repo)
- [How can I checkout a new branch from the RaspiBlitz repo to my forked repo?](#how-can-i-checkout-a-new-branch-from-the-raspiblitz-repo-to-my-forked-repo)
- [How can I sync a branch of my forked GitHub with my local RaspiBlitz?](#how-can-i-sync-a-branch-of-my-forked-github-with-my-local-raspiblitz)
@ -399,7 +399,7 @@ Just removing power from the RaspiBlitz can lead to data corruption if the HDD i
But if cannot login with SSH and you need to power off at least remove the LAN cable (network connection)first for sometime (around 10-30 secs - until you can see no more blinking lights on the HDD) and then remove the power cable. This should minimize the risk if data corruption in this situations.
## How can I build an SD card other then the master branch?
## How can I build an SD card from another branch?
There might be new, but not released features in development that are not yet in the master branch - but you want to try them out.
@ -407,7 +407,7 @@ To build a SD card image from another branch than master, you follow the [Build
For example if you want to make a build from the 'dev' branch you execute the following command:
`wget https://raw.githubusercontent.com/rootzoll/raspiblitz/dev/build_sdcard.sh && sudo bash build_sdcard.sh 'dev'`
`wget https://raw.githubusercontent.com/rootzoll/raspiblitz/dev/build_sdcard.sh && sudo bash build_sdcard.sh false rootzoll dev true true true`
## How can I build an SD card from my forked GitHub Repo?
@ -417,7 +417,7 @@ If you fork the RaspiBlitz repo (much welcome) and you want to run that code on
* The long way: If you like to install/remove/change services and system configurations you need to build a SD card from your own code. Prepare like in [Build the SD Card Image](README.md#build-the-sd-card-image) from the README but in the end run the command:
`wget https://raw.githubusercontent.com/[GITHUB-USERNAME]/raspiblitz/[BRANCH]/build_sdcard.sh && sudo bash build_sdcard.sh [BRANCH] [GITHUB-USERNAME]
`wget https://raw.githubusercontent.com/[GITHUB-USERNAME]/raspiblitz/[BRANCH]/build_sdcard.sh && sudo bash build_sdcard.sh false [GITHUB-USERNAME] [BRANCH] true true true`
If you are then working in your forked repo and want to update the scripts on your RaspiBlitz with your latest repo changes, run `/home/admin/XXsyncScripts.sh` - That's OK as long as you don't make changes to the SD card build script - for that you would need to build a fresh SD card again from your repo.

2
README.md
View File

@ -2,7 +2,7 @@
*Build your own Lightning Node on a RaspberryPi with a nice Display.*
`Version 1.6.2 with lnd 0.11.1 and bitcoin 0.20.0 (or litecoin 0.18.1)`
`Version 1.7.0 with lnd 0.12.1 and bitcoin 0.21.0 (or litecoin 0.18.1)`
![RaspiBlitz](pictures/raspiblitz.jpg)

722
build_sdcard.sh
View File

@ -99,36 +99,29 @@ if [ ${#modeWifi} -eq 0 ] || [ "${modeWifi}" == "true" ]; then
fi
echo "6) will use WIFI --> '${modeWifi}'"
echo -n "Do you agree with all parameters above? (yes/no) "
read installRaspiblitzAnswer
if [ "$installRaspiblitzAnswer" == "yes" ] ; then
echo ""
echo ""
else
exit 1
fi
echo "Installing Raspiblitz..."
sleep 3
echo ""
echo "*** CHECK BASE IMAGE ***"
echo "Detect CPU architecture ..."
# AUTO-DETECTION: CPU-ARCHITECTURE
# ---------------------------------------
# keep in mind that DietPi for Raspberry is also a stripped down Raspbian
isARM=$(uname -m | grep -c 'arm')
isAARCH64=$(uname -m | grep -c 'aarch64')
isX86_64=$(uname -m | grep -c 'x86_64')
if [ ${isARM} -eq 0 ] && [ ${isAARCH64} -eq 0 ] && [ ${isX86_64} -eq 0 ] ; then
cpu="?"
if [ ${isARM} -gt 0 ]; then
cpu="arm"
elif [ ${isAARCH64} -gt 0 ]; then
cpu="aarch64"
elif [ ${isX86_64} -gt 0 ]; then
cpu="x86_64"
else
echo "!!! FAIL !!!"
echo "Can only build on ARM, aarch64, x86_64 or i386 not on:"
echo "Can only build on ARM, aarch64, x86_64 not on:"
uname -m
exit 1
else
echo "OK running on $(uname -m) architecture."
fi
echo "X) will use CPU-ARCHITECTURE --> '${cpu}'"
# keep in mind that DietPi for Raspberry is also a stripped down Raspbian
echo "Detect Base Image ..."
# AUTO-DETECTION: OPERATINGSYSTEM
# ---------------------------------------
baseImage="?"
isDietPi=$(uname -n | grep -c 'DietPi')
isRaspbian=$(cat /etc/os-release 2>/dev/null | grep -c 'Raspbian')
@ -150,26 +143,78 @@ if [ ${isDebian} -gt 0 ]; then
fi
fi
if [ ${isUbuntu} -gt 0 ]; then
baseImage="ubuntu"
baseImage="ubuntu"
fi
if [ ${isDietPi} -gt 0 ]; then
baseImage="dietpi"
fi
if [ "${baseImage}" = "?" ]; then
cat /etc/os-release 2>/dev/null
echo "!!! FAIL !!!"
echo "Base Image cannot be detected or is not supported."
echo "!!! FAIL: Base Image cannot be detected or is not supported."
exit 1
fi
echo "X) will use OPERATINGSYSTEM ---> '${baseImage}'"
# USER-CONFIRMATION
echo -n "Do you agree with all parameters above? (yes/no) "
read installRaspiblitzAnswer
if [ "$installRaspiblitzAnswer" == "yes" ] ; then
echo ""
echo ""
echo "Building RaspiBlitz ..."
sleep 3
echo ""
else
echo "OK running ${baseImage}"
exit 1
fi
# INSTALL TOR
echo "*** INSTALL TOR BY DEFAULT ***"
echo ""
sudo apt install -y dirmngr
echo "*** Adding KEYS deb.torproject.org ***"
# fix for v1.6 base image https://github.com/rootzoll/raspiblitz/issues/1906#issuecomment-755299759
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | sudo gpg --import
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
torKeyAvailable=$(sudo gpg --list-keys | grep -c "A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89")
if [ ${torKeyAvailable} -eq 0 ]; then
echo "!!! FAIL: Was not able to import deb.torproject.org key"
exit 1
fi
echo "- OK key added"
echo "*** Adding Tor Sources to sources.list ***"
torSourceListAvailable=$(sudo cat /etc/apt/sources.list | grep -c 'https://deb.torproject.org/torproject.org')
echo "torSourceListAvailable=${torSourceListAvailable}"
if [ ${torSourceListAvailable} -eq 0 ]; then
echo "- adding TOR sources ..."
if [ "${baseImage}" = "raspbian" ] || [ "${baseImage}" = "raspios_arm64" ] || [ "${baseImage}" = "armbian" ] || [ "${baseImage}" = "dietpi" ]; then
echo "- using https://deb.torproject.org/torproject.org buster"
echo "deb https://deb.torproject.org/torproject.org buster main" | sudo tee -a /etc/apt/sources.list
echo "deb-src https://deb.torproject.org/torproject.org buster main" | sudo tee -a /etc/apt/sources.list
elif [ "${baseImage}" = "ubuntu" ]; then
echo "- using https://deb.torproject.org/torproject.org focal"
echo "deb https://deb.torproject.org/torproject.org focal main" | sudo tee -a /etc/apt/sources.list
echo "deb-src https://deb.torproject.org/torproject.org focal main" | sudo tee -a /etc/apt/sources.list
else
echo "!!! FAIL: No Tor sources for os: ${baseImage}"
exit 1
fi
echo "- OK sources added"
else
echo "TOR sources are available"
fi
echo "*** Install & Enable Tor ***"
sudo apt install tor tor-arm torsocks -y
echo ""
# FIXING LOCALES
# https://github.com/rootzoll/raspiblitz/issues/138
# https://daker.me/2014/10/how-to-fix-perl-warning-setting-locale-failed-in-raspbian.html
# https://stackoverflow.com/questions/38188762/generate-all-locales-in-a-docker-image
if [ "${baseImage}" = "raspbian" ] || [ "${baseImage}" = "dietpi" ] || \
[ "${baseImage}" = "raspios_arm64" ]||[ "${baseImage}" = "debian_rpi64" ]; then
# fixing locales for build
# https://github.com/rootzoll/raspiblitz/issues/138
# https://daker.me/2014/10/how-to-fix-perl-warning-setting-locale-failed-in-raspbian.html
# https://stackoverflow.com/questions/38188762/generate-all-locales-in-a-docker-image
echo ""
echo "*** FIXING LOCALES FOR BUILD ***"
@ -265,11 +310,10 @@ if [ "${baseImage}" = "raspbian" ]||[ "${baseImage}" = "raspios_arm64" ]||\
# run fsck on sd root partition on every startup to prevent "maintenance login" screen
# see: https://github.com/rootzoll/raspiblitz/issues/782#issuecomment-564981630
# see https://github.com/rootzoll/raspiblitz/issues/1053#issuecomment-600878695
# use command to check last fsck check: sudo tune2fs -l ${rootPartition}
# use command to check last fsck check: sudo tune2fs -l /dev/mmcblk0p2
if [ "${tweakBootdrives}" == "true" ]; then
rootPartition = "/dev/mmcblk0p2"
echo "* running tune2fs on ${rootPartition}"
sudo tune2fs -c 1 ${rootPartition}
echo "* running tune2fs"
sudo tune2fs -c 1 /dev/mmcblk0p2
else
echo "* skipping tweakBootdrives"
fi
@ -457,8 +501,12 @@ sudo apt install -y netcat
# install OpenSSH client + server
sudo apt install -y openssh-client
sudo apt install -y openssh-sftp-server
sudo apt install -y sshpass
# install killall, fuser
sudo apt install -y psmisc
# install firewall
sudo apt install -y ufw
sudo apt clean
sudo apt -y autoremove
@ -496,6 +544,104 @@ sudo /usr/sbin/groupadd --force --gid 9705 lndsigner
sudo /usr/sbin/groupadd --force --gid 9706 lndwalletkit
sudo /usr/sbin/groupadd --force --gid 9707 lndrouter
echo ""
echo "*** Python DEFAULT libs & dependencies ***"
# for setup shell scripts
sudo apt -y install dialog bc python3-dialog
# libs (for global python scripts)
sudo -H python3 -m pip install grpcio==1.36.1
sudo -H python3 -m pip install googleapis-common-protos==1.53.0
sudo -H python3 -m pip install toml==0.10.1
sudo -H python3 -m pip install j2cli==0.3.10
sudo -H python3 -m pip install requests[socks]==2.21.0
echo ""
echo "*** SHELL SCRIPTS AND ASSETS ***"
# move files from gitclone
cd /home/admin/
sudo -u admin rm -rf /home/admin/raspiblitz
sudo -u admin git clone -b ${githubBranch} https://github.com/${githubUser}/raspiblitz.git
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/*.* /home/admin
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/.tmux.conf /home/admin
sudo -u admin chmod +x *.sh
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/assets /home/admin/
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/config.scripts /home/admin/
sudo -u admin chmod +x /home/admin/config.scripts/*.sh
# install newest version of BlitzPy
blitzpy_wheel=$(ls -trR /home/admin/raspiblitz/home.admin/BlitzPy/dist | grep -E "*any.whl" | tail -n 1)
blitzpy_version=$(echo ${blitzpy_wheel} | grep -oE "([0-9]\.[0-9]\.[0-9])")
echo ""
echo "*** INSTALLING BlitzPy Version: ${blitzpy_version} ***"
sudo -H /usr/bin/python -m pip install "/home/admin/raspiblitz/home.admin/BlitzPy/dist/${blitzpy_wheel}" >/dev/null 2>&1
# make sure lndlibs are patched for compatibility for both Python2 and Python3
if ! grep -Fxq "from __future__ import absolute_import" /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py; then
sed -i -E '1 a from __future__ import absolute_import' /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py
fi
if ! grep -Eq "^from . import.*" /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py; then
sed -i -E 's/^(import.*_pb2)/from . \1/' /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py
fi
# add /sbin to path for all
sudo bash -c "echo 'PATH=\$PATH:/sbin' >> /etc/profile"
homeFile=/home/admin/.bashrc
autostart="automatically start main menu"
autostartDone=$(cat $homeFile|grep -c "$autostart")
if [ ${autostartDone} -eq 0 ]; then
# bash autostart for admin
sudo bash -c "echo '# shortcut commands' >> /home/admin/.bashrc"
sudo bash -c "echo 'source /home/admin/_commands.sh' >> /home/admin/.bashrc"
sudo bash -c "echo '# automatically start main menu for admin unless' >> /home/admin/.bashrc"
sudo bash -c "echo '# when running in a tmux session' >> /home/admin/.bashrc"
sudo bash -c "echo 'if [ -z \"\$TMUX\" ]; then' >> /home/admin/.bashrc"
sudo bash -c "echo ' ./00raspiblitz.sh' >> /home/admin/.bashrc"
sudo bash -c "echo 'fi' >> /home/admin/.bashrc"
echo "autostart added to $homeFile"
else
echo "autostart already in $homeFile"
fi
echo ""
echo "*** RASPIBLITZ EXTRAS ***"
# for background processes
sudo apt -y install screen
# for multiple (detachable/background) sessions when using SSH
# https://github.com/rootzoll/raspiblitz/issues/990
sudo apt -y install tmux
# optimization for torrent download
sudo bash -c "echo 'net.core.rmem_max = 4194304' >> /etc/sysctl.conf"
sudo bash -c "echo 'net.core.wmem_max = 1048576' >> /etc/sysctl.conf"
# install a command-line fuzzy finder (https://github.com/junegunn/fzf)
sudo apt -y install fzf
sudo bash -c "echo '' >> /home/admin/.bashrc"
sudo bash -c "echo '# https://github.com/rootzoll/raspiblitz/issues/1784' >> /home/admin/.bashrc"
sudo bash -c "echo 'NG_CLI_ANALYTICS=ci' >> /home/admin/.bashrc"
sudo bash -c "echo '' >> /home/admin/.bashrc"
sudo bash -c "echo '# Raspiblitz' >> /home/admin/.bashrc"
homeFile=/home/admin/.bashrc
keyBindings="source /usr/share/doc/fzf/examples/key-bindings.bash"
keyBindingsDone=$(cat $homeFile|grep -c "$keyBindings")
if [ ${keyBindingsDone} -eq 0 ]; then
sudo bash -c "echo 'source /usr/share/doc/fzf/examples/key-bindings.bash' >> /home/admin/.bashrc"
echo "key-bindings added to $homeFile"
else
echo "key-bindings already in $homeFile"
fi
echo ""
echo "*** SWAP FILE ***"
# based on https://github.com/Stadicus/guides/blob/master/raspibolt/raspibolt_20_pi.md#moving-the-swap-file
@ -519,15 +665,121 @@ sudo sed --in-place -i "23s/.*/session required pam_limits.so/" /etc/pam.d/commo
sudo sed --in-place -i "25s/.*/session required pam_limits.so/" /etc/pam.d/common-session-noninteractive
sudo bash -c "echo '# end of pam-auth-update config' >> /etc/pam.d/common-session-noninteractive"
# *** fail2ban ***
# based on https://stadicus.github.io/RaspiBolt/raspibolt_21_security.html
echo "*** HARDENING ***"
sudo apt install -y --no-install-recommends python3-systemd fail2ban
# *** CACHE DISK IN RAM ***
echo "Activating CACHE RAM DISK ... "
sudo /home/admin/config.scripts/blitz.cache.sh on
# *** Wifi & Bluetooth ***
if [ "${baseImage}" = "raspbian" ]||[ "${baseImage}" = "raspios_arm64" ]||\
[ "${baseImage}" = "debian_rpi64" ]; then
if [ "${modeWifi}" == "false" ]; then
echo ""
echo "*** DISABLE WIFI ***"
sudo systemctl disable wpa_supplicant.service
sudo ifconfig wlan0 down
fi
echo ""
echo "*** DISABLE BLUETOOTH ***"
configFile="/boot/config.txt"
disableBT="dtoverlay=disable-bt"
disableBTDone=$(cat $configFile|grep -c "$disableBT")
if [ ${disableBTDone} -eq 0 ]; then
# disable bluetooth module
sudo echo "" >> $configFile
sudo echo "# Raspiblitz" >> $configFile
echo 'dtoverlay=pi3-disable-bt' | sudo tee -a $configFile
echo 'dtoverlay=disable-bt' | sudo tee -a $configFile
else
echo "disable BT already in $configFile"
fi
# remove bluetooth services
sudo systemctl disable bluetooth.service
sudo systemctl disable hciuart.service
# remove bluetooth packages
sudo apt remove -y --purge pi-bluetooth bluez bluez-firmware
echo
echo "*** DISABLE AUDIO (snd_bcm2835) ***"
sudo sed -i "s/^dtparam=audio=on/# dtparam=audio=on/g" /boot/config.txt
echo
echo "*** DISABLE DRM VC4 V3D driver ***"
dtoverlay=vc4-fkms-v3d
sudo sed -i "s/^dtoverlay=vc4-fkms-v3d/# dtoverlay=vc4-fkms-v3d/g" /boot/config.txt
fi
# *** FATPACK *** (can be activated by parameter - see details at start of script)
if [ "${fatpack}" == "true" ]; then
echo "*** FATPACK ***"
echo "* Adding GO Framework ..."
sudo /home/admin/config.scripts/bonus.go.sh on
if [ "$?" != "0" ]; then
echo "FATPACK FAILED"
exit 1
fi
echo "* Adding nodeJS Framework ..."
sudo /home/admin/config.scripts/bonus.nodejs.sh on
if [ "$?" != "0" ]; then
echo "FATPACK FAILED"
exit 1
fi
echo "* Optional Packages (may be needed for extended features)"
sudo apt-get install -y qrencode
sudo apt-get install -y btrfs-tools
sudo apt-get install -y secure-delete
sudo apt-get install -y fbi
sudo apt-get install -y ssmtp
sudo apt-get install -y unclutter xterm python3-pyqt5
sudo apt-get install -y xfonts-terminus
sudo apt-get install -y nginx apache2-utils
sudo apt-get install -y nginx
sudo apt-get install -y python3-jinja2
sudo apt-get install -y socat
sudo apt-get install -y libatlas-base-dev
sudo apt-get install -y mariadb-server mariadb-client
sudo apt-get install -y hexyl
sudo apt-get install -y autossh
else
echo "* skipping FATPACK"
fi
# *** BOOTSTRAP ***
echo ""
echo "*** RASPI BOOTSTRAP SERVICE ***"
sudo chmod +x /home/admin/_bootstrap.sh
sudo cp /home/admin/assets/bootstrap.service /etc/systemd/system/bootstrap.service
sudo systemctl enable bootstrap
# *** BACKGROUND ***
echo ""
echo "*** RASPI BACKGROUND SERVICE ***"
sudo chmod +x /home/admin/_background.sh
sudo cp /home/admin/assets/background.service /etc/systemd/system/background.service
sudo systemctl enable background
# "*** BITCOIN ***"
# based on https://github.com/Stadicus/guides/blob/master/raspibolt/raspibolt_30_bitcoin.md#installation
echo ""
echo "*** PREPARING BITCOIN & Co ***"
echo "*** PREPARING BITCOIN ***"
# set version (change if update is available)
# https://bitcoincore.org/en/download/
bitcoinVersion="0.20.1"
bitcoinVersion="0.21.0"
# needed to check code signing
laanwjPGP="01EA5486DE18A882D4C2684590C8019E36C2E964"
@ -544,7 +796,7 @@ then
echo "!!! FAIL !!! Download laanwj-releases.asc not success."
exit 1
fi
gpg ./laanwj-releases.asc
gpg --import --import-options show-only ./laanwj-releases.asc
fingerprint=$(gpg ./laanwj-releases.asc 2>/dev/null | grep "${laanwjPGP}" -c)
if [ ${fingerprint} -lt 1 ]; then
echo ""
@ -590,32 +842,32 @@ echo ""
echo "*** BITCOIN v${bitcoinVersion} for ${bitcoinOSversion} ***"
# download resources
downloadOK=0
binaryName="bitcoin-${bitcoinVersion}-${bitcoinOSversion}.tar.gz"
if [ ! -f "./${binaryName}" ]; then
sudo -u admin wget https://bitcoin.org/bin/bitcoin-core-${bitcoinVersion}/${binaryName}
fi
if [ ! -f "./${binaryName}" ]; then
echo "!!! FAIL !!! Download BITCOIN BINARY not success."
exit 1
else
# check binary checksum test
echo "- checksum test"
binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1)
echo "Valid SHA256 checksum should be: ${bitcoinSHA256}"
echo "Downloaded binary SHA256 checksum: ${binaryChecksum}"
if [ "${binaryChecksum}" != "${bitcoinSHA256}" ]; then
echo "!!! FAIL !!! Downloaded BITCOIN BINARY not matching SHA256 checksum: ${bitcoinSHA256}"
rm -v ./${binaryName}
exit 1
else
downloadOK=1
echo ""
echo "****************************************"
echo "OK --> VERIFIED BITCOIN CHECKSUM CORRECT"
echo "****************************************"
sleep 10
echo ""
fi
fi
if [ downloadOK == 0 ]; then
exit 1
fi
echo ""
echo "****************************************"
echo "OK --> VERIFIED BITCOIN CHECKSUM CORRECT"
echo "****************************************"
echo ""
# install
sudo -u admin tar -xvf ${binaryName}
@ -627,19 +879,26 @@ if [ ${installed} -lt 1 ]; then
echo "!!! BUILD FAILED --> Was not able to install bitcoind version(${bitcoinVersion})"
exit 1
fi
echo "- Bitcoin install OK"
echo ""
echo "*** PREPARING LIGHTNING ***"
# "*** LND ***"
## based on https://github.com/Stadicus/guides/blob/master/raspibolt/raspibolt_40_lnd.md#lightning-lnd
## see LND releases: https://github.com/lightningnetwork/lnd/releases
lndVersion="0.11.1-beta"
lndVersion="0.12.1-beta"
# olaoluwa
#PGPauthor="roasbeef"
#PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
#PGPcheck="9769140D255C759B1EB77B46A96387A57CAAE94D"
# bitconner
PGPauthor="bitconner"
PGPpkeys="https://keybase.io/bitconner/pgp_keys.asc"
PGPcheck="9C8D61868A7C492003B2744EE7D737B67FA592C7"
# Joost Jager
#PGPauthor="joostjager"
#PGPpkeys="https://keybase.io/joostjager/pgp_keys.asc"
#PGPcheck="D146D0F68939436268FA9A130E26BB61B76C4D3A"
@ -650,9 +909,9 @@ cd /home/admin/download
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/manifest-v${lndVersion}.txt
# check if checksums are signed by lnd dev team
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/manifest-v${lndVersion}.txt.sig
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/manifest-${PGPauthor}-v${lndVersion}.sig
sudo -u admin wget --no-check-certificate -N -O "pgp_keys.asc" ${PGPpkeys}
gpg ./pgp_keys.asc
gpg --import --import-options show-only ./pgp_keys.asc
fingerprint=$(sudo gpg "pgp_keys.asc" 2>/dev/null | grep "${PGPcheck}" -c)
if [ ${fingerprint} -lt 1 ]; then
echo ""
@ -663,10 +922,10 @@ if [ ${fingerprint} -lt 1 ]; then
fi
gpg --import ./pgp_keys.asc
sleep 3
verifyResult=$(gpg --verify manifest-v${lndVersion}.txt.sig 2>&1)
verifyResult=$(gpg --verify manifest-${PGPauthor}-v${lndVersion}.sig manifest-v${lndVersion}.txt 2>&1)
goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c)
echo "goodSignature(${goodSignature})"
correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${GPGcheck}" -c)
correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${PGPcheck}" -c)
echo "correctKey(${correctKey})"
if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then
echo ""
@ -702,13 +961,22 @@ echo ""
# get LND binary
binaryName="lnd-linux-${lndOSversion}-v${lndVersion}.tar.gz"
if [ ! -f "./${binaryName}" ]; then
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/${binaryName}
lndDownloadUrl="https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/${binaryName}"
echo "- downloading lnd binary --> ${lndDownloadUrl}"
sudo -u admin wget ${lndDownloadUrl}
echo "- download done"
else
echo "- using existing lnd binary"
fi
# check binary was not manipulated (checksum test)
echo "- checksum test"
binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1)
if [ "${binaryChecksum}" != "${lndSHA256}" ]; then
echo "!!! FAIL !!! Downloaded LND BINARY not matching SHA256 checksum: ${lndSHA256}"
echo "Valid SHA256 checksum(s) should be: ${lndSHA256}"
echo "Downloaded binary SHA256 checksum: ${binaryChecksum}"
checksumCorrect=$(echo "${lndSHA256}" | grep -c "${binaryChecksum}")
if [ "${checksumCorrect}" != "1" ]; then
echo "!!! FAIL !!! Downloaded LND BINARY not matching SHA256 checksum in manifest: ${lndSHA256}"
rm -v ./${binaryName}
exit 1
else
@ -717,9 +985,11 @@ else
echo "OK --> VERIFIED LND CHECKSUM IS CORRECT"
echo "****************************************"
echo ""
sleep 10
fi
# install
echo "- install LND binary"
sudo -u admin tar -xzf ${binaryName}
sudo install -m 0755 -o root -g root -t /usr/local/bin lnd-linux-${lndOSversion}-v${lndVersion}/*
sleep 3
@ -729,106 +999,23 @@ if [ ${#installed} -eq 0 ]; then
echo "!!! BUILD FAILED --> Was not able to install LND"
exit 1
fi
correctVersion=$(sudo -u admin lnd --version | grep -c "${lndVersion}")
if [ ${correctVersion} -eq 0 ]; then
echo ""
echo "!!! BUILD FAILED --> installed LND is not version ${lndVersion}"
sudo -u admin lnd --version
exit 1
fi
sudo chown -R admin /home/admin
echo "*** Python DEFAULT libs & dependencies ***"
# for setup schell scripts
sudo apt -y install dialog bc python3-dialog
# libs (for global python scripts)
sudo -H python3 -m pip install grpcio==1.29.0
sudo -H python3 -m pip install googleapis-common-protos==1.51.0
sudo -H python3 -m pip install toml==0.10.1
sudo -H python3 -m pip install j2cli==0.3.10
sudo -H python3 -m pip install requests[socks]==2.21.0
echo "- OK install of LND done"
echo ""
echo "*** RASPIBLITZ EXTRAS ***"
# for background processes
sudo apt -y install screen
# for multiple (detachable/background) sessions when using SSH
# https://github.com/rootzoll/raspiblitz/issues/990
sudo apt -y install tmux
# optimization for torrent download
sudo bash -c "echo 'net.core.rmem_max = 4194304' >> /etc/sysctl.conf"
sudo bash -c "echo 'net.core.wmem_max = 1048576' >> /etc/sysctl.conf"
# install a command-line fuzzy finder (https://github.com/junegunn/fzf)
sudo apt -y install fzf
sudo bash -c "echo '' >> /home/admin/.bashrc"
sudo bash -c "echo '# https://github.com/rootzoll/raspiblitz/issues/1784' >> /home/admin/.bashrc"
sudo bash -c "echo 'NG_CLI_ANALYTICS=ci' >> /home/admin/.bashrc"
sudo bash -c "echo '' >> /home/admin/.bashrc"
sudo bash -c "echo '# Raspiblitz' >> /home/admin/.bashrc"
homeFile=/home/admin/.bashrc
keyBindings="source /usr/share/doc/fzf/examples/key-bindings.bash"
keyBindingsDone=$(cat $homeFile|grep -c "$keyBindings")
if [ ${keyBindingsDone} -eq 0 ]; then
sudo bash -c "echo 'source /usr/share/doc/fzf/examples/key-bindings.bash' >> /home/admin/.bashrc"
echo "key-bindings added to $homeFile"
else
echo "key-bindings already in $homeFile"
fi
# *** SHELL SCRIPTS AND ASSETS
# move files from gitclone
cd /home/admin/
sudo -u admin rm -rf /home/admin/raspiblitz
sudo -u admin git clone -b ${githubBranch} https://github.com/${githubUser}/raspiblitz.git
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/*.* /home/admin
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/.tmux.conf /home/admin
sudo -u admin chmod +x *.sh
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/assets /home/admin/
sudo -u admin cp -r /home/admin/raspiblitz/home.admin/config.scripts /home/admin/
sudo -u admin chmod +x /home/admin/config.scripts/*.sh
# install newest version of BlitzPy
blitzpy_wheel=$(ls -trR /home/admin/raspiblitz/home.admin/BlitzPy/dist | grep -E "*any.whl" | tail -n 1)
blitzpy_version=$(echo ${blitzpy_wheel} | grep -oE "([0-9]\.[0-9]\.[0-9])")
echo ""
echo "*** INSTALLING BlitzPy Version: ${blitzpy_version} ***"
sudo -H /usr/bin/python -m pip install "/home/admin/raspiblitz/home.admin/BlitzPy/dist/${blitzpy_wheel}" >/dev/null 2>&1
# make sure lndlibs are patched for compatibility for both Python2 and Python3
if ! grep -Fxq "from __future__ import absolute_import" /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py; then
sed -i -E '1 a from __future__ import absolute_import' /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py
fi
if ! grep -Eq "^from . import.*" /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py; then
sed -i -E 's/^(import.*_pb2)/from . \1/' /home/admin/config.scripts/lndlibs/rpc_pb2_grpc.py
fi
# add /sbin to path for all
sudo bash -c "echo 'PATH=\$PATH:/sbin' >> /etc/profile"
homeFile=/home/admin/.bashrc
autostart="automatically start main menu"
autostartDone=$(cat $homeFile|grep -c "$autostart")
if [ ${autostartDone} -eq 0 ]; then
# bash autostart for admin
sudo bash -c "echo '# shortcut commands' >> /home/admin/.bashrc"
sudo bash -c "echo 'source /home/admin/_commands.sh' >> /home/admin/.bashrc"
sudo bash -c "echo '# automatically start main menu for admin unless' >> /home/admin/.bashrc"
sudo bash -c "echo '# when running in a tmux session' >> /home/admin/.bashrc"
sudo bash -c "echo 'if [ -z \"\$TMUX\" ]; then' >> /home/admin/.bashrc"
sudo bash -c "echo ' ./00raspiblitz.sh' >> /home/admin/.bashrc"
sudo bash -c "echo 'fi' >> /home/admin/.bashrc"
echo "autostart added to $homeFile"
else
echo "autostart already in $homeFile"
fi
echo "*** DISPLAY OPTIONS ***"
# (do last - because makes a reboot)
# based on https://www.elegoo.com/tutorial/Elegoo%203.5%20inch%20Touch%20Screen%20User%20Manual%20V1.00.2017.10.09.zip
if [ "${lcdInstalled}" != "false" ]; then
# lcd preparations based on os
if [ "${baseImage}" = "raspbian" ]||[ "${baseImage}" = "raspios_arm64" ]||\
[ "${baseImage}" = "debian_rpi64" ]||[ "${baseImage}" = "armbian" ]||\
[ "${baseImage}" = "ubuntu" ]; then
@ -863,168 +1050,78 @@ if [ "${lcdInstalled}" != "false" ]; then
echo "autostart LCD already in $homeFile"
fi
fi
fi
echo ""
echo "*** HARDENING ***"
# based on https://stadicus.github.io/RaspiBolt/raspibolt_21_security.html
# fail2ban (no config required)
sudo apt install -y --no-install-recommends python3-systemd fail2ban
if [ "${baseImage}" = "raspbian" ]||[ "${baseImage}" = "raspios_arm64" ]||\
[ "${baseImage}" = "debian_rpi64" ]; then
if [ "${modeWifi}" == "false" ]; then
echo ""
echo "*** DISABLE WIFI ***"
sudo systemctl disable wpa_supplicant.service
sudo ifconfig wlan0 down
fi
echo ""
echo "*** DISABLE BLUETOOTH ***"
configFile="/boot/config.txt"
disableBT="dtoverlay=disable-bt"
disableBTDone=$(cat $configFile|grep -c "$disableBT")
if [ ${disableBTDone} -eq 0 ]; then
# disable bluetooth module
sudo echo "" >> $configFile
sudo echo "# Raspiblitz" >> $configFile
echo 'dtoverlay=pi3-disable-bt' | sudo tee -a $configFile
echo 'dtoverlay=disable-bt' | sudo tee -a $configFile
else
echo "disable BT already in $configFile"
fi
# remove bluetooth services
sudo systemctl disable bluetooth.service
sudo systemctl disable hciuart.service
# remove bluetooth packages
sudo apt remove -y --purge pi-bluetooth bluez bluez-firmware
echo
echo "*** DISABLE AUDIO (snd_bcm2835) ***"
sudo sed -i "s/^dtparam=audio=on/# dtparam=audio=on/g" /boot/config.txt
echo
echo "*** DISABLE DRM VC4 V3D driver ***"
dtoverlay=vc4-fkms-v3d
sudo sed -i "s/^dtoverlay=vc4-fkms-v3d/# dtoverlay=vc4-fkms-v3d/g" /boot/config.txt
fi
# *** FATPACK ***
if [ "${fatpack}" == "true" ]; then
echo "*** FATPACK ***"
echo "* Adding GO Framework ..."
sudo /home/admin/config.scripts/bonus.go.sh on
if [ "$?" != "0" ]; then
echo "FATPACK FAILED"
exit 1
fi
echo "* Adding nodeJS Framework ..."
sudo /home/admin/config.scripts/bonus.nodjs.sh on
if [ "$?" != "0" ]; then
echo "FATPACK FAILED"
exit 1
fi
else
echo "* skiping FATPACK"
fi
# *** CACHE DISK IN RAM ***
echo "Activating CACHE RAM DISK ... "
sudo /home/admin/config.scripts/blitz.cache.sh on
# *** BOOTSTRAP ***
# see background README for details
echo ""
echo "*** RASPI BOOTSTRAP SERVICE ***"
sudo chmod +x /home/admin/_bootstrap.sh
sudo cp ./assets/bootstrap.service /etc/systemd/system/bootstrap.service
sudo systemctl enable bootstrap
# *** BACKGROUND ***
echo ""
echo "*** RASPI BACKGROUND SERVICE ***"
sudo chmod +x /home/admin/_background.sh
sudo cp ./assets/background.service /etc/systemd/system/background.service
sudo systemctl enable background
# *** TOR Prepare ***
echo "*** Prepare TOR source+keys ***"
sudo /home/admin/config.scripts/internet.tor.sh prepare
echo ""
# *** RASPIBLITZ LCD DRIVER (do last - because makes a reboot) ***
# based on https://www.elegoo.com/tutorial/Elegoo%203.5%20inch%20Touch%20Screen%20User%20Manual%20V1.00.2017.10.09.zip
if [ "${lcdInstalled}" == "GPIO" ]; then
if [ "${baseImage}" = "raspbian" ] || [ "${baseImage}" = "dietpi" ]; then
echo "*** 32bit LCD DRIVER ***"
echo "--> Downloading LCD Driver from Github"
cd /home/admin/
sudo -u admin git clone https://github.com/MrYacha/LCD-show.git
sudo -u admin chmod -R 755 LCD-show
sudo -u admin chown -R admin:admin LCD-show
cd LCD-show/
sudo -u admin git reset --hard 53dd0bf || exit 1
# install xinput calibrator package
echo "--> install xinput calibrator package"
sudo apt install -y libxi6
sudo dpkg -i xinput-calibrator_0.7.5-1_armhf.deb
if [ "${lcdInstalled}" == "GPIO" ]; then
if [ "${baseImage}" = "raspbian" ] || [ "${baseImage}" = "dietpi" ]; then
echo "*** 32bit LCD DRIVER ***"
echo "--> Downloading LCD Driver from Github"
cd /home/admin/
sudo -u admin git clone https://github.com/MrYacha/LCD-show.git
sudo -u admin chmod -R 755 LCD-show
sudo -u admin chown -R admin:admin LCD-show
cd LCD-show/
sudo -u admin git reset --hard 53dd0bf || exit 1
# install xinput calibrator package
echo "--> install xinput calibrator package"
sudo apt install -y libxi6
sudo dpkg -i xinput-calibrator_0.7.5-1_armhf.deb
if [ "${baseImage}" = "dietpi" ]; then
echo "--> dietpi preparations"
sudo rm -rf /etc/X11/xorg.conf.d/40-libinput.conf
sudo mkdir /etc/X11/xorg.conf.d
sudo cp ./usr/tft35a-overlay.dtb /boot/overlays/
sudo cp ./usr/tft35a-overlay.dtb /boot/overlays/tft35a.dtbo
sudo cp -rf ./usr/99-calibration.conf-35 /etc/X11/xorg.conf.d/99-calibration.conf
sudo cp -rf ./usr/99-fbturbo.conf /usr/share/X11/xorg.conf.d/
sudo cp ./usr/cmdline.txt /DietPi/
sudo cp ./usr/inittab /etc/
sudo cp ./boot/config-35.txt /DietPi/config.txt
# make LCD screen rotation correct
sudo sed -i "s/dtoverlay=tft35a/dtoverlay=tft35a:rotate=270/" /DietPi/config.txt
if [ "${baseImage}" = "dietpi" ]; then
echo "--> dietpi preparations"
sudo rm -rf /etc/X11/xorg.conf.d/40-libinput.conf
sudo mkdir /etc/X11/xorg.conf.d
sudo cp ./usr/tft35a-overlay.dtb /boot/overlays/
sudo cp ./usr/tft35a-overlay.dtb /boot/overlays/tft35a.dtbo
sudo cp -rf ./usr/99-calibration.conf-35 /etc/X11/xorg.conf.d/99-calibration.conf
sudo cp -rf ./usr/99-fbturbo.conf /usr/share/X11/xorg.conf.d/
sudo cp ./usr/cmdline.txt /DietPi/
sudo cp ./usr/inittab /etc/
sudo cp ./boot/config-35.txt /DietPi/config.txt
# make LCD screen rotation correct
sudo sed -i "s/dtoverlay=tft35a/dtoverlay=tft35a:rotate=270/" /DietPi/config.txt
fi
elif [ "${baseImage}" = "raspios_arm64" ] || [ "${baseImage}" = "debian_rpi64" ]; then
echo "*** 64bit LCD DRIVER ***"
echo "--> Downloading LCD Driver from Github"
cd /home/admin/
sudo -u admin git clone https://github.com/tux1c/wavesharelcd-64bit-rpi.git
sudo -u admin chmod -R 755 wavesharelcd-64bit-rpi
sudo -u admin chown -R admin:admin wavesharelcd-64bit-rpi
cd /home/admin/wavesharelcd-64bit-rpi
sudo -u admin git reset --hard 5a206a7 || exit 1
# from https://github.com/tux1c/wavesharelcd-64bit-rpi/blob/master/install.sh
# prepare X11
rm -rf /etc/X11/xorg.conf.d/40-libinput.conf
mkdir -p /etc/X11/xorg.conf.d
cp -rf ./99-calibration.conf /etc/X11/xorg.conf.d/99-calibration.conf
# cp -rf ./99-fbturbo.conf /etc/X11/xorg.conf.d/99-fbturbo.conf # there is no such file
# load module on boot
cp ./waveshare35a.dtbo /boot/overlays/
echo "hdmi_force_hotplug=1" >> /boot/config.txt
# don't enable I2C, SPI and UART ports by default
# echo "dtparam=i2c_arm=on" >> /boot/config.txt
# echo "dtparam=spi=on" >> /boot/config.txt
# echo "enable_uart=1" >> /boot/config.txt
echo "dtoverlay=waveshare35a:rotate=90" >> /boot/config.txt
cp ./cmdline.txt /boot/
# touch screen calibration
apt-get install -y xserver-xorg-input-evdev
cp -rf /usr/share/X11/xorg.conf.d/10-evdev.conf /usr/share/X11/xorg.conf.d/45-evdev.conf
# TODO manual touchscreen calibration option
# https://github.com/tux1c/wavesharelcd-64bit-rpi#adapting-guide-to-other-lcds
fi
elif [ "${baseImage}" = "raspios_arm64" ]||[ "${baseImage}" = "debian_rpi64" ]; then
echo "*** 64bit LCD DRIVER ***"
echo "--> Downloading LCD Driver from Github"
cd /home/admin/
sudo -u admin git clone https://github.com/tux1c/wavesharelcd-64bit-rpi.git
sudo -u admin chmod -R 755 wavesharelcd-64bit-rpi
sudo -u admin chown -R admin:admin wavesharelcd-64bit-rpi
cd /home/admin/wavesharelcd-64bit-rpi
sudo -u admin git reset --hard 5a206a7 || exit 1
# from https://github.com/tux1c/wavesharelcd-64bit-rpi/blob/master/install.sh
# prepare X11
rm -rf /etc/X11/xorg.conf.d/40-libinput.conf
mkdir -p /etc/X11/xorg.conf.d
cp -rf ./99-calibration.conf /etc/X11/xorg.conf.d/99-calibration.conf
# cp -rf ./99-fbturbo.conf /etc/X11/xorg.conf.d/99-fbturbo.conf # there is no such file
# load module on boot
cp ./waveshare35a.dtbo /boot/overlays/
echo "hdmi_force_hotplug=1" >> /boot/config.txt
# don't enable I2C, SPI and UART ports by default
# echo "dtparam=i2c_arm=on" >> /boot/config.txt
# echo "dtparam=spi=on" >> /boot/config.txt
# echo "enable_uart=1" >> /boot/config.txt
echo "dtoverlay=waveshare35a:rotate=90" >> /boot/config.txt
cp ./cmdline.txt /boot/
# touch screen calibration
apt-get install -y xserver-xorg-input-evdev
cp -rf /usr/share/X11/xorg.conf.d/10-evdev.conf /usr/share/X11/xorg.conf.d/45-evdev.conf
# TODO manual touchscreen calibration option
# https://github.com/tux1c/wavesharelcd-64bit-rpi#adapting-guide-to-other-lcds
else
echo "FAIL: Unknown LCD-DRIVER: ${lcdInstalled}"
exit 1
fi
fi
else
echo "- LCD options are deactivated"
fi
# *** RASPIBLITZ IMAGE READY ***
echo ""
@ -1053,7 +1150,7 @@ echo "login once after reboot without external HDD/SSD and run 'XXprepareRelease
echo "REMEMBER for login now use --> user:admin password:raspiblitz"
echo ""
if [ "${lcdInstalled}" != "false" ]; then
if [ "${lcdInstalled}" == "GPIO" ]; then
# activate LCD and trigger reboot
# dont do this on dietpi to allow for automatic build
if [ "${baseImage}" = "raspbian" ]; then
@ -1061,7 +1158,12 @@ if [ "${lcdInstalled}" != "false" ]; then
cd /home/admin/LCD-show/
sudo apt-mark hold raspberrypi-bootloader
sudo ./LCD35-show
elif [ "${baseImage}" = "raspios_arm64" ] || [ "${baseImage}" = "debian_rpi64" ]; then
sudo chmod +x -R /home/admin/wavesharelcd-64bit-rpi
cd /home/admin/wavesharelcd-64bit-rpi
sudo apt-mark hold raspberrypi-bootloader
sudo ./install.sh
else
echo "Use 'sudo reboot' to restart manually."
fi
fi
fi

6
home.admin/00infoBlitz.sh
View File

@ -89,6 +89,7 @@ fi
# Bitcoin blockchain
btc_path=$(command -v ${network}-cli)
blockInfo="-"
if [ -n ${btc_path} ]; then
btc_title=$network
blockchaininfo="$(${network}-cli -datadir=${bitcoin_dir} getblockchaininfo 2>/dev/null)"
@ -99,6 +100,7 @@ if [ -n ${btc_path} ]; then
block_chain="$(${network}-cli -datadir=${bitcoin_dir} getblockcount 2>/dev/null)"
block_verified="$(echo "${blockchaininfo}" | jq -r '.blocks')"
block_diff=$(expr ${block_chain} - ${block_verified})
blockInfo="${block_verified}/${block_chain}"
progress="$(echo "${blockchaininfo}" | jq -r '.verificationprogress')"
sync_percentage=$(echo $progress | awk '{printf( "%.2f%%", 100 * $1)}')
@ -322,8 +324,8 @@ ${color_yellow} ,' / ${color_gray}%s, temp %s°C %s°F
${color_yellow} ,' /_____, ${color_gray}Free Mem ${color_ram}${ram} ${color_gray} HDDuse ${color_hdd}%s${color_gray}
${color_yellow} .'____ ,' ${color_gray}SSH admin@${color_green}${local_ip}${color_gray} d${network_rx} u${network_tx}
${color_yellow} / ,' ${color_gray}${webinterfaceInfo}
${color_yellow} / ,' ${color_gray}${network} ${color_green}${networkVersion} ${chain}net ${color_gray}Sync ${sync_color}${sync} %s
${color_yellow} /,' ${color_gray}${public_addr_pre}${public_color}${public_addr} ${public}${networkConnectionsInfo}
${color_yellow} / ,' ${color_gray}${network} ${color_green}${networkVersion} ${color_gray}${chain}net ${networkConnectionsInfo}
${color_yellow} /,' ${color_gray}Blocks ${blockInfo} ${color_gray}Sync ${sync_color}${sync} %s
${color_yellow} /' ${color_gray}
${color_yellow} ${color_gray}LND ${color_green}${ln_version} ${ln_baseInfo}
${color_yellow} ${color_gray}${ln_channelInfo} ${ln_peersInfo}

15
home.admin/20setupDialog.sh
View File

@ -74,14 +74,15 @@ dialog --backtitle "RaspiBlitz" --msgbox "OK - RPC password changed \n\nNow star
###################
# TOR BY DEFAULT
# https://github.com/rootzoll/raspiblitz/issues/592
#
###################
whiptail --title ' Privacy Level - How do you want to run your node? ' --yes-button='Public IP' --no-button='TOR NETWORK' --yesno "Running your Lightning node with your Public IP is common and faster, but might reveal your personal identity and location.\n
You can better protect your privacy with running your lightning node as a TOR Hidden Service from the start, but it can make it harder to connect with other non-TOR nodes and remote mobile apps later on.
" 12 75
if [ $? -eq 1 ]; then
echo "runBehindTor=on" >> /home/admin/raspiblitz.info
fi
echo "runBehindTor=on" >> /home/admin/raspiblitz.info
#whiptail --title ' Privacy Level - How do you want to run your node? ' --yes-button='Public IP' --no-button='TOR NETWORK' --yesno "Running your Lightning node with your Public IP is common and faster, but might reveal your personal identity and location.\n
#You can better protect your privacy with running your lightning node as a TOR Hidden Service from the start, but it can make it harder to connect with other non-TOR nodes and remote mobile apps later on.
# " 12 75
#if [ $? -eq 1 ]; then
# echo "runBehindTor=on" >> /home/admin/raspiblitz.info
#fi
# set SetupState
sudo sed -i "s/^setupStep=.*/setupStep=20/g" /home/admin/raspiblitz.info

1
home.admin/90finishSetup.sh
View File

@ -18,7 +18,6 @@ fi
####### FIREWALL - just install (not configure)
echo ""
echo "*** Setting and Activating Firewall ***"
sudo apt-get install -y ufw
echo "deny incoming connection on other ports"
sudo ufw default deny incoming
echo "allow outgoing connections"

3
home.admin/98repairMenu.sh
View File

@ -75,9 +75,6 @@ copyHost()
return
fi
echo "# install dependencies ..."
sudo apt-get install -y sshpass
sudo rm /root/.ssh/known_hosts 2>/dev/null
canLogin=$(sudo sshpass -p "${targetPassword}" ssh -t -o StrictHostKeyChecking=no bitcoin@${targetIP} "echo 'working'" 2>/dev/null | grep -c 'working')
if [ ${canLogin} -eq 0 ]; then

154
home.admin/config.scripts/internet.tor.sh
View File

@ -5,91 +5,20 @@
# https://bitcoin.stackexchange.com/questions/70069/how-can-i-setup-bitcoin-to-be-anonymous-with-tor
# https://github.com/lightningnetwork/lnd/blob/master/docs/configuring_tor.md
# INFO
# --------------------
# basic install of Tor is done by the build script now .. on/off will just switch service on/off
# also thats where the sources are set and the preparation is done
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "script to switch TOR on or off"
echo "internet.tor.sh [status|on|off|prepare|btcconf-on|btcconf-off|lndconf-on|update]"
echo "internet.tor.sh [status|on|off|btcconf-on|btcconf-off|lndconf-on|update]"
exit 1
fi
torrc="/etc/tor/torrc"
baseImage="?"
isDietPi=$(uname -n | grep -c 'DietPi')
isRaspbian=$(cat /etc/os-release 2>/dev/null | grep -c 'Raspbian')
isArmbian=$(cat /etc/os-release 2>/dev/null | grep -c 'Debian')
isUbuntu=$(cat /etc/os-release 2>/dev/null | grep -c 'Ubuntu')
if [ ${isRaspbian} -gt 0 ]; then
baseImage="raspbian"
fi
if [ ${isArmbian} -gt 0 ]; then
baseImage="armbian"
fi
if [ ${isUbuntu} -gt 0 ]; then
baseImage="ubuntu"
fi
if [ ${isDietPi} -gt 0 ]; then
baseImage="dietpi"
fi
if [ "${baseImage}" = "?" ]; then
cat /etc/os-release 2>/dev/null
echo "# !!! FAIL !!!"
echo "# Base Image cannot be detected or is not supported."
echo "error='unknown os'"
exit 1
else
echo "os='${baseImage}'"
fi
# function: install keys & sources
prepareTorSources()
{
# Prepare for TOR service
echo "*** INSTALL TOR REPO ***"
echo ""
echo "*** Install dirmngr ***"
sudo apt install dirmngr -y
echo ""
echo "*** Adding KEYS deb.torproject.org ***"
# fix for v1.6 base image https://github.com/rootzoll/raspiblitz/issues/1906#issuecomment-755299759
# force update keys
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | sudo gpg --import
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
torKeyAvailable=$(sudo gpg --list-keys | grep -c "A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89")
echo "torKeyAvailable=${torKeyAvailable}"
if [ ${torKeyAvailable} -eq 0 ]; then
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | sudo gpg --import
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
echo "OK"
else
echo "TOR key is available"
fi
echo ""
echo "*** Adding Tor Sources to sources.list ***"
torSourceListAvailable=$(sudo cat /etc/apt/sources.list | grep -c 'https://deb.torproject.org/torproject.org')
echo "torSourceListAvailable=${torSourceListAvailable}"
if [ ${torSourceListAvailable} -eq 0 ]; then
echo "Adding TOR sources ..."
if [ "${baseImage}" = "raspbian" ] || [ "${baseImage}" = "armbian" ] || [ "${baseImage}" = "dietpi" ]; then
echo "deb https://deb.torproject.org/torproject.org buster main" | sudo tee -a /etc/apt/sources.list
echo "deb-src https://deb.torproject.org/torproject.org buster main" | sudo tee -a /etc/apt/sources.list
elif [ "${baseImage}" = "ubuntu" ]; then
echo "deb https://deb.torproject.org/torproject.org focal main" | sudo tee -a /etc/apt/sources.list
echo "deb-src https://deb.torproject.org/torproject.org focal main" | sudo tee -a /etc/apt/sources.list
fi
echo "OK"
else
echo "TOR sources are available"
fi
echo ""
}
activateBitcoinOverTOR()
{
echo "*** Changing ${network} Config ***"
@ -184,12 +113,6 @@ EOF
}
# if started with prepare
if [ "$1" = "prepare" ] || [ "$1" = "-prepare" ]; then
prepareTorSources
exit 0
fi
# check and load raspiblitz config
# to know which network is running
if [ -f "/home/admin/raspiblitz.info" ]; then
@ -208,6 +131,7 @@ if [ "$1" = "status" ]; then
else
echo "activated=0"
fi
echo "config='${torrc}'"
exit 0
fi
@ -250,11 +174,13 @@ fi
# switch on
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "switching the TOR ON"
echo "# switching the TOR ON"
# make sure the network was set (by sourcing raspiblitz.conf)
if [ ${#network} -eq 0 ]; then
echo "FAIL - unknwon network due to missing /mnt/hdd/raspiblitz.conf"
echo "!! FAIL - unknwon network due to missing /mnt/hdd/raspiblitz.conf"
echo "# switching Tor config on for RaspiBlitz services is just possible after basic hdd/ssd setup"
echo "# but with new 'Tor by default' basic Tor socks will already be available from the start"
exit 1
fi
@ -275,29 +201,30 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo ""
fi
# check if TOR package is installed
# install package just in case it was deinstalled
packageInstalled=$(dpkg -s tor-arm | grep -c 'Status: install ok')
if [ ${packageInstalled} -eq 0 ]; then
# calling function from above
prepareTorSources
echo "*** Updating System ***"
sudo apt update -y
echo ""
echo "*** Install Tor & NYX ***"
sudo apt install tor tor-arm torsocks -y
fi
echo ""
echo "*** Tor Config ***"
# create tor data directory if it not exist
if [ ! -d "/mnt/hdd/tor" ]; then
echo "# - creating tor data directory"
sudo mkdir -p /mnt/hdd/tor
sudo mkdir -p /mnt/hdd/tor/sys
sudo chmod -R 700 /mnt/hdd/tor
sudo chown -R debian-tor:debian-tor /mnt/hdd/tor
else
echo "# - tor data directory exists"
fi
# make sure its the correct owner
sudo chmod -R 700 /mnt/hdd/tor
sudo chown -R debian-tor:debian-tor /mnt/hdd/tor
# create tor config .. if not exists or is old
isTorConfigOK=$(sudo cat /etc/tor/torrc 2>/dev/null | grep -c "BITCOIN")
if [ ${isTorConfigOK} -eq 0 ]; then
echo "# - updating Tor config ${torrc}"
PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
HASHED_PASSWORD=$(sudo -u debian-tor tor --hash-password "$PASSWORD_B")
cat > ./torrc <<EOF
### See 'man tor', or https://www.torproject.org/docs/tor-manual.html
@ -369,7 +296,7 @@ After=network.target nss-lookup.target mnt-hdd.mount
EOF
else
echo "TOR package/service is installed and was prepared earlier .. just activating again"
echo "# - Tor config ${torrc} is already updated"
fi
# ACTIVATE TOR SERVICE
@ -447,13 +374,13 @@ fi
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "switching TOR OFF"
echo "# switching TOR OFF"
# setting value in raspi blitz config
sudo sed -i "s/^runBehindTor=.*/runBehindTor=off/g" /mnt/hdd/raspiblitz.conf
# disable TOR service
echo "*** Disable TOR service ***"
echo "# *** Disable TOR service ***"
sudo systemctl disable tor@default
echo ""
@ -461,9 +388,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
deactivateBitcoinOverTOR
echo ""
echo "*** Removing TOR from LND ***"
echo "# *** Removing TOR from LND ***"
sudo systemctl disable lnd
echo "editing /etc/systemd/system/lnd.service"
echo "# editing /etc/systemd/system/lnd.service"
sudo sed -i "s/^ExecStart=\/usr\/local\/bin\/lnd.*/ExecStart=\/usr\/local\/bin\/lnd --externalip=\${publicIP}:\${lndPort} \${lndExtraParameter}/g" /etc/systemd/system/lnd.service
sudo sed -i '/\[Tor\]*/d' /mnt/hdd/lnd/lnd.conf
sudo sed -i '/^tor.password=*/d' /mnt/hdd/lnd/lnd.conf
@ -471,27 +398,26 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
sudo /home/admin/config.scripts/internet.sh update-publicip
sudo systemctl enable lnd
echo "OK"
echo "# OK"
echo ""
echo "*** Stop TOR service ***"
echo "# *** Stop TOR service ***"
sudo systemctl stop tor@default
echo ""
if [ "$2" == "clear" ]; then
echo "*** Deinstall Tor & Delete Data ***"
sudo apt remove tor tor-arm -y
sudo rm -r /mnt/hdd/tor 2>/dev/null
echo "# *** Deinstall Tor & Delete Data ***"
sudo rm -r /mnt/hdd/tor 2>/dev/null
sudo apt remove tor tor-arm -y
fi
echo "needs reboot to activate new setting"
echo "# needs reboot to activate new setting"
exit 0
fi
# update
if [ "$1" = "update" ]; then
# as in https://2019.www.torproject.org/docs/debian#source
prepareTorSources
echo "# Install the dependencies"
sudo apt update
sudo apt install -y build-essential fakeroot devscripts
@ -514,6 +440,6 @@ if [ "$1" = "update" ]; then
exit 0
fi
echo "FAIL - Unknown Parameter $1"
echo "may needs reboot to run normal again"
echo "# FAIL - Unknown Parameter $1"
echo "# may needs reboot to run normal again"
exit 1

2
home.admin/config.scripts/lnd.unlock.sh
View File

@ -58,7 +58,7 @@ while [ ${fallback} -eq 0 ]
loopCount=$(($loopCount +1))
echo "# calling: lncli unlock"
result=$(echo "$passwordC" | sudo -u bitcoin lncli --chain=${network} --network=${chain}net unlock --recovery_window=1000 --stdin 2>&1)
result=$(echo "$passwordC" | sudo -u bitcoin lncli --chain=${network} --network=${chain}net unlock --stdin 2>&1)
wasUnlocked=$(echo "${result}" | grep -c 'successfully unlocked')
wrongPassword=$(echo "${result}" | grep -c 'invalid passphrase')
if [ ${wasUnlocked} -gt 0 ]; then

17
home.admin/config.scripts/lnd.update.sh
View File

@ -18,23 +18,27 @@ mode="$1"
# RECOMMENDED UPDATE BY RASPIBLITZ TEAM
# comment will be shown as "BEWARE Info" when option is choosen (can be multiple lines)
lndUpdateVersion="0.11.1-beta"
lndUpdateComment="This is a main LND update with a database migration. You will not be able to downgrade again. Also not all additional apps are fully tested with the this update - but it looked good on first tests."
lndUpdateVersion="0.12.1-beta"
lndUpdateComment="Please keep in mind that downgrading afterwards is not tested. Also not all additional apps are fully tested with the this update - but it looked good on first tests."
# check who signed the release in https://github.com/lightningnetwork/lnd/releases
# olaoluwa
# PGPauthor="roasbeef"
# lndUpdatePGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
# lndUpdatePGPcheck="9769140D255C759B1EB77B46A96387A57CAAE94D"
#joostjager
# PGPauthor="joostjager"
# lndUpdatePGPpkeys="https://keybase.io/joostjager/pgp_keys.asc"
# lndUpdatePGPcheck="D146D0F68939436268FA9A130E26BB61B76C4D3A"
# bitconner
PGPauthor="bitconner"
lndUpdatePGPpkeys="https://keybase.io/bitconner/pgp_keys.asc"
lndUpdatePGPcheck="9C8D61868A7C492003B2744EE7D737B67FA592C7"
# wpaulino
# PGPauthor="wpaulino"
# lndUpdatePGPpkeys="https://keybase.io/wpaulino/pgp_keys.asc"
# lndUpdatePGPcheck="729E9D9D92C75A5FBFEEE057B5DD717BEF7CA5B1"
@ -142,10 +146,13 @@ if [ "${mode}" = "verified" ]; then
echo
echo "# check binary was not manipulated (checksum test)"
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndUpdateVersion}/manifest-v${lndUpdateVersion}.txt.sig
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndUpdateVersion}/manifest-${PGPauthor}-v${lndUpdateVersion}.sig
sudo -u admin wget --no-check-certificate -N -O "${downloadDir}/pgp_keys.asc" ${lndUpdatePGPpkeys}
binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1)
if [ "${binaryChecksum}" != "${lndSHA256}" ]; then
echo "# binary chdecksum: ${binaryChecksum}"
echo "# lndSHA256: ${lndSHA256}"
validSignature=$(echo "${lndSHA256}" | grep -c "${binaryChecksum}")
if [ ${validSignature} -eq 0 ]; then
echo "error='checksum not matching'"
exit 1
fi
@ -164,7 +171,7 @@ if [ "${mode}" = "verified" ]; then
echo "# checking gpg finger print"
gpg --import ./pgp_keys.asc
sleep 3
verifyResult=$(gpg --verify manifest-v${lndUpdateVersion}.txt.sig 2>&1)
verifyResult=$(gpg --verify manifest-${PGPauthor}-v${lndUpdateVersion}.sig manifest-v${lndUpdateVersion}.txt 2>&1)
goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c)
echo "goodSignature='${goodSignature}'"
correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${lndUpdatePGPcheck}" -c)

2
home.admin/config.scripts/lndlibs/README.md
View File

@ -6,7 +6,7 @@ See https://dev.lightning.community/guides/python-grpc/
To generate the lnd RPC libs - login as admin and run:
```
cd
python3 -m pip install grpcio grpcio-tools googleapis-common-protos pathlib2
sudo python3 -m pip install grpcio grpcio-tools googleapis-common-protos pathlib2
git clone https://github.com/googleapis/googleapis.git
mkdir protobuffs
curl -o ./rpc.proto -s https://raw.githubusercontent.com/lightningnetwork/lnd/master/lnrpc/rpc.proto

481
home.admin/config.scripts/lndlibs/rpc.proto
View File

@ -32,8 +32,9 @@ service Lightning {
rpc WalletBalance (WalletBalanceRequest) returns (WalletBalanceResponse);
/* lncli: `channelbalance`
ChannelBalance returns the total funds available across all open channels
in satoshis.
ChannelBalance returns a report on the total funds across all open channels,
categorized in local/remote, pending local/remote and unsettled local/remote
balances.
*/
rpc ChannelBalance (ChannelBalanceRequest) returns (ChannelBalanceResponse);
@ -140,6 +141,14 @@ service Lightning {
*/
rpc GetInfo (GetInfoRequest) returns (GetInfoResponse);
/** lncli: `getrecoveryinfo`
GetRecoveryInfo returns information concerning the recovery mode including
whether it's in a recovery mode, whether the recovery is finished, and the
progress made so far.
*/
rpc GetRecoveryInfo (GetRecoveryInfoRequest)
returns (GetRecoveryInfoResponse);
// TODO(roasbeef): merge with below with bool?
/* lncli: `pendingchannels`
PendingChannels returns a list of all the channels that are currently
@ -227,8 +236,10 @@ service Lightning {
/* lncli: `abandonchannel`
AbandonChannel removes all channel state from the database except for a
close summary. This method can be used to get rid of permanently unusable
channels due to bugs fixed in newer versions of lnd. Only available
when in debug builds of lnd.
channels due to bugs fixed in newer versions of lnd. This method can also be
used to remove externally funded channels where the funding transaction was
never broadcast. Only available for non-externally funded channels in dev
build.
*/
rpc AbandonChannel (AbandonChannelRequest) returns (AbandonChannelResponse);
@ -483,6 +494,26 @@ service Lightning {
offline.
*/
rpc BakeMacaroon (BakeMacaroonRequest) returns (BakeMacaroonResponse);
/* lncli: `listmacaroonids`
ListMacaroonIDs returns all root key IDs that are in use.
*/
rpc ListMacaroonIDs (ListMacaroonIDsRequest)
returns (ListMacaroonIDsResponse);
/* lncli: `deletemacaroonid`
DeleteMacaroonID deletes the specified macaroon ID and invalidates all
macaroons derived from that ID.
*/
rpc DeleteMacaroonID (DeleteMacaroonIDRequest)
returns (DeleteMacaroonIDResponse);
/* lncli: `listpermissions`
ListPermissions lists all RPC method URIs and their required macaroon
permissions to access them.
*/
rpc ListPermissions (ListPermissionsRequest)
returns (ListPermissionsResponse);
}
message Utxo {
@ -760,6 +791,58 @@ message ChannelAcceptResponse {
// The pending channel id to which this response applies.
bytes pending_chan_id = 2;
/*
An optional error to send the initiating party to indicate why the channel
was rejected. This field *should not* contain sensitive information, it will
be sent to the initiating party. This field should only be set if accept is
false, the channel will be rejected if an error is set with accept=true
because the meaning of this response is ambiguous. Limited to 500
characters.
*/
string error = 3;
/*
The upfront shutdown address to use if the initiating peer supports option
upfront shutdown script (see ListPeers for the features supported). Note
that the channel open will fail if this value is set for a peer that does
not support this feature bit.
*/
string upfront_shutdown = 4;
/*
The csv delay (in blocks) that we require for the remote party.
*/
uint32 csv_delay = 5;
/*
The reserve amount in satoshis that we require the remote peer to adhere to.
We require that the remote peer always have some reserve amount allocated to
them so that there is always a disincentive to broadcast old state (if they
hold 0 sats on their side of the channel, there is nothing to lose).
*/
uint64 reserve_sat = 6;
/*
The maximum amount of funds in millisatoshis that we allow the remote peer
to have in outstanding htlcs.
*/
uint64 in_flight_max_msat = 7;
/*
The maximum number of htlcs that the remote peer can offer us.
*/
uint32 max_htlc_count = 8;
/*
The minimum value in millisatoshis for incoming htlcs on the channel.
*/
uint64 min_htlc_in = 9;
/*
The number of confirmations we require before we consider the channel open.
*/
uint32 min_accept_depth = 10;
}
message ChannelPoint {
@ -832,6 +915,13 @@ message SendManyRequest {
// An optional label for the transaction, limited to 500 characters.
string label = 6;
// The minimum number of confirmations each one of your outputs used for
// the transaction must satisfy.
int32 min_confs = 7;
// Whether unconfirmed outputs should be used as inputs for the transaction.
bool spend_unconfirmed = 8;
}
message SendManyResponse {
// The id of the transaction
@ -862,6 +952,13 @@ message SendCoinsRequest {
// An optional label for the transaction, limited to 500 characters.
string label = 7;
// The minimum number of confirmations each one of your outputs used for
// the transaction must satisfy.
int32 min_confs = 8;
// Whether unconfirmed outputs should be used as inputs for the transaction.
bool spend_unconfirmed = 9;
}
message SendCoinsResponse {
// The transaction ID of the transaction
@ -939,6 +1036,12 @@ message ConnectPeerRequest {
/* If set, the daemon will attempt to persistently connect to the target
* peer. Otherwise, the call will be synchronous. */
bool perm = 2;
/*
The connection timeout value (in seconds) for this request. It won't affect
other requests.
*/
uint64 timeout = 3;
}
message ConnectPeerResponse {
}
@ -955,6 +1058,21 @@ message HTLC {
int64 amount = 2;
bytes hash_lock = 3;
uint32 expiration_height = 4;
// Index identifying the htlc on the channel.
uint64 htlc_index = 5;
// If this HTLC is involved in a forwarding operation, this field indicates
// the forwarding channel. For an outgoing htlc, it is the incoming channel.
// For an incoming htlc, it is the outgoing channel. When the htlc
// originates from this node or this node is the final destination,
// forwarding_channel will be zero. The forwarding channel will also be zero
// for htlcs that need to be forwarded but don't have a forwarding decision
// persisted yet.
uint64 forwarding_channel = 6;
// Index identifying the htlc on the forwarding channel.
uint64 forwarding_htlc_index = 7;
}
enum CommitmentType {
@ -985,6 +1103,30 @@ enum CommitmentType {
UNKNOWN_COMMITMENT_TYPE = 999;
}
message ChannelConstraints {
/*
The CSV delay expressed in relative blocks. If the channel is force closed,
we will need to wait for this many blocks before we can regain our funds.
*/
uint32 csv_delay = 1;
// The minimum satoshis this node is required to reserve in its balance.
uint64 chan_reserve_sat = 2;
// The dust limit (in satoshis) of the initiator's commitment tx.
uint64 dust_limit_sat = 3;
// The maximum amount of coins in millisatoshis that can be pending in this
// channel.
uint64 max_pending_amt_msat = 4;
// The smallest HTLC in millisatoshis that the initiator will accept.
uint64 min_htlc_msat = 5;
// The total number of incoming HTLC's that the initiator will accept.
uint32 max_accepted_htlcs = 6;
}
message Channel {
// Whether this channel is active or not
bool active = 1;
@ -1057,10 +1199,11 @@ message Channel {
repeated HTLC pending_htlcs = 15;
/*
The CSV delay expressed in relative blocks. If the channel is force closed,
we will need to wait for this many blocks before we can regain our funds.
Deprecated. The CSV delay expressed in relative blocks. If the channel is
force closed, we will need to wait for this many blocks before we can regain
our funds.
*/
uint32 csv_delay = 16;
uint32 csv_delay = 16 [deprecated = true];
// Whether this channel is advertised to the network or not.
bool private = 17;
@ -1071,13 +1214,15 @@ message Channel {
// A set of flags showing the current state of the channel.
string chan_status_flags = 19;
// The minimum satoshis this node is required to reserve in its balance.
int64 local_chan_reserve_sat = 20;
// Deprecated. The minimum satoshis this node is required to reserve in its
// balance.
int64 local_chan_reserve_sat = 20 [deprecated = true];
/*
The minimum satoshis the other node is required to reserve in its balance.
Deprecated. The minimum satoshis the other node is required to reserve in
its balance.
*/
int64 remote_chan_reserve_sat = 21;
int64 remote_chan_reserve_sat = 21 [deprecated = true];
// Deprecated. Use commitment_type.
bool static_remote_key = 22 [deprecated = true];
@ -1122,9 +1267,17 @@ message Channel {
frozen channel doest not allow a cooperative channel close by the
initiator. The thaw_height is the height that this restriction stops
applying to the channel. This field is optional, not setting it or using a
value of zero will mean the channel has no additional restrictions.
value of zero will mean the channel has no additional restrictions. The
height can be interpreted in two ways: as a relative height if the value is
less than 500,000, or as an absolute height otherwise.
*/
uint32 thaw_height = 28;
// List constraints for the local node.
ChannelConstraints local_constraints = 29;
// List constraints for the remote node.
ChannelConstraints remote_constraints = 30;
}
message ListChannelsRequest {
@ -1206,6 +1359,79 @@ message ChannelCloseSummary {
force closes, although only one party's close will be confirmed on chain.
*/
Initiator close_initiator = 12;
repeated Resolution resolutions = 13;
}
enum ResolutionType {
TYPE_UNKNOWN = 0;
// We resolved an anchor output.
ANCHOR = 1;
/*
We are resolving an incoming htlc on chain. This if this htlc is
claimed, we swept the incoming htlc with the preimage. If it is timed
out, our peer swept the timeout path.
*/
INCOMING_HTLC = 2;
/*
We are resolving an outgoing htlc on chain. If this htlc is claimed,
the remote party swept the htlc with the preimage. If it is timed out,
we swept it with the timeout path.
*/
OUTGOING_HTLC = 3;
// We force closed and need to sweep our time locked commitment output.
COMMIT = 4;
}
enum ResolutionOutcome {
// Outcome unknown.
OUTCOME_UNKNOWN = 0;
// An output was claimed on chain.
CLAIMED = 1;
// An output was left unclaimed on chain.
UNCLAIMED = 2;
/*
ResolverOutcomeAbandoned indicates that an output that we did not
claim on chain, for example an anchor that we did not sweep and a
third party claimed on chain, or a htlc that we could not decode
so left unclaimed.
*/
ABANDONED = 3;
/*
If we force closed our channel, our htlcs need to be claimed in two
stages. This outcome represents the broadcast of a timeout or success
transaction for this two stage htlc claim.
*/
FIRST_STAGE = 4;
// A htlc was timed out on chain.
TIMEOUT = 5;
}
message Resolution {
// The type of output we are resolving.
ResolutionType resolution_type = 1;
// The outcome of our on chain action that resolved the outpoint.
ResolutionOutcome outcome = 2;
// The outpoint that was spent by the resolution.
OutPoint outpoint = 3;
// The amount that was claimed by the resolution.
uint64 amount_sat = 4;
// The hex-encoded transaction ID of the sweep transaction that spent the
// output.
string sweep_txid = 5;
}
message ClosedChannelsRequest {
@ -1261,6 +1487,11 @@ message Peer {
Denotes that we are not receiving new graph updates from the peer.
*/
PASSIVE_SYNC = 2;
/*
Denotes that this peer is pinned into an active sync.
*/
PINNED_SYNC = 3;
}
// The type of sync we are currently performing with this peer.
@ -1277,6 +1508,20 @@ message Peer {
spamming us with errors at no cost.
*/
repeated TimestampedError errors = 12;
/*
The number of times we have recorded this peer going offline or coming
online, recorded across restarts. Note that this value is decreased over
time if the peer has not recently flapped, so that we can forgive peers
with historically high flap counts.
*/
int32 flap_count = 13;
/*
The timestamp of the last flap we observed for this peer. If this value is
zero, we have not observed any flaps for this peer.
*/
int64 last_flap_ns = 14;
}
message TimestampedError {
@ -1381,6 +1626,19 @@ message GetInfoResponse {
map<uint32, Feature> features = 19;
}
message GetRecoveryInfoRequest {
}
message GetRecoveryInfoResponse {
// Whether the wallet is in recovery mode
bool recovery_mode = 1;
// Whether the wallet recovery progress is finished
bool recovery_finished = 2;
// The recovery progress, ranging from 0 to 1.
double progress = 3;
}
message Chain {
// The blockchain the node is on (eg bitcoin, litecoin)
string chain = 1;
@ -1537,6 +1795,24 @@ message OpenChannelRequest {
carried out in an interactive manner (PSBT based).
*/
FundingShim funding_shim = 14;
/*
The maximum amount of coins in millisatoshi that can be pending within
the channel. It only applies to the remote party.
*/
uint64 remote_max_value_in_flight_msat = 15;
/*
The maximum number of concurrent HTLCs we will allow the remote party to add
to the commitment transaction.
*/
uint32 remote_max_htlcs = 16;
/*
Max local csv is the maximum csv delay we will allow for our own commitment
transaction.
*/
uint32 max_local_csv = 17;
}
message OpenStatusUpdate {
oneof update {
@ -1611,10 +1887,11 @@ message ChanPointShim {
bytes pending_chan_id = 5;
/*
This uint32 indicates if this channel is to be considered 'frozen'. A
frozen channel does not allow a cooperative channel close by the
initiator. The thaw_height is the height that this restriction stops
applying to the channel.
This uint32 indicates if this channel is to be considered 'frozen'. A frozen
channel does not allow a cooperative channel close by the initiator. The
thaw_height is the height that this restriction stops applying to the
channel. The height can be interpreted in two ways: as a relative height if
the value is less than 500,000, or as an absolute height otherwise.
*/
uint32 thaw_height = 6;
}
@ -1632,6 +1909,16 @@ message PsbtShim {
non-empty, it must be a binary serialized PSBT.
*/
bytes base_psbt = 2;
/*
If a channel should be part of a batch (multiple channel openings in one
transaction), it can be dangerous if the whole batch transaction is
published too early before all channel opening negotiations are completed.
This flag prevents this particular channel from broadcasting the transaction
after the negotiation with the remote peer. In a batch of channel openings
this flag should be set to true for every channel but the very last.
*/
bool no_publish = 3;
}
message FundingShim {
@ -1671,12 +1958,19 @@ message FundingPsbtFinalize {
/*
The funded PSBT that contains all witness data to send the exact channel
capacity amount to the PK script returned in the open channel message in a
previous step.
previous step. Cannot be set at the same time as final_raw_tx.
*/
bytes signed_psbt = 1;
// The pending channel ID of the channel to get the PSBT for.
bytes pending_chan_id = 2;
/*
As an alternative to the signed PSBT with all witness data, the final raw
wire format transaction can also be specified directly. Cannot be set at the
same time as signed_psbt.
*/
bytes final_raw_tx = 3;
}
message FundingTransitionMsg {
@ -1932,14 +2226,40 @@ message WalletBalanceResponse {
int64 unconfirmed_balance = 3;
}
message Amount {
// Value denominated in satoshis.
uint64 sat = 1;
// Value denominated in milli-satoshis.
uint64 msat = 2;
}
message ChannelBalanceRequest {
}
message ChannelBalanceResponse {
// Sum of channels balances denominated in satoshis
int64 balance = 1;
// Deprecated. Sum of channels balances denominated in satoshis
int64 balance = 1 [deprecated = true];
// Sum of channels pending balances denominated in satoshis
int64 pending_open_balance = 2;
// Deprecated. Sum of channels pending balances denominated in satoshis
int64 pending_open_balance = 2 [deprecated = true];
// Sum of channels local balances.
Amount local_balance = 3;
// Sum of channels remote balances.
Amount remote_balance = 4;
// Sum of channels local unsettled balances.
Amount unsettled_local_balance = 5;
// Sum of channels remote unsettled balances.
Amount unsettled_remote_balance = 6;
// Sum of channels pending local balances.
Amount pending_open_local_balance = 7;
// Sum of channels pending remote balances.
Amount pending_open_remote_balance = 8;
}
message QueryRoutesRequest {
@ -2379,9 +2699,15 @@ message GraphTopologyUpdate {
message NodeUpdate {
repeated string addresses = 1;
string identity_key = 2;
bytes global_features = 3;
bytes global_features = 3 [deprecated = true];
string alias = 4;
string color = 5;
/*
Features that the node has advertised in the init message, node
announcements and invoices.
*/
map<uint32, Feature> features = 6;
}
message ChannelEdgeUpdate {
/*
@ -2582,6 +2908,13 @@ message Invoice {
[EXPERIMENTAL].
*/
bool is_keysend = 25;
/*
The payment address of this invoice. This value will be used in MPP
payments, and also for newer invoies that always require the MPP paylaod
for added end-to-end security.
*/
bytes payment_addr = 26;
}
enum InvoiceHTLCState {
@ -2621,6 +2954,31 @@ message InvoiceHTLC {
// The total amount of the mpp payment in msat.
uint64 mpp_total_amt_msat = 10;
// Details relevant to AMP HTLCs, only populated if this is an AMP HTLC.
AMP amp = 11;
}
// Details specific to AMP HTLCs.
message AMP {
// An n-of-n secret share of the root seed from which child payment hashes
// and preimages are derived.
bytes root_share = 1;
// An identifier for the HTLC set that this HTLC belongs to.
bytes set_id = 2;
// A nonce used to randomize the child preimage and child hash from a given
// root_share.
uint32 child_index = 3;
// The payment hash of the AMP HTLC.
bytes hash = 4;
// The preimage used to settle this AMP htlc. This field will only be
// populated if the invoice is in InvoiceState_ACCEPTED or
// InvoiceState_SETTLED.
bytes preimage = 5;
}
message AddInvoiceResponse {
@ -2640,6 +2998,13 @@ message AddInvoiceResponse {
invoices with an add_index greater than this one.
*/
uint64 add_index = 16;
/*
The payment address of the generated invoice. This value should be used
in all payments for this invoice as we require it for end to end
security.
*/
bytes payment_addr = 17;
}
message PaymentHash {
/*
@ -2811,6 +3176,9 @@ message Payment {
}
message HTLCAttempt {
// The unique ID that is used for this attempt.
uint64 attempt_id = 7;
enum HTLCStatus {
IN_FLIGHT = 0;
SUCCEEDED = 1;
@ -2886,6 +3254,13 @@ message ListPaymentsResponse {
}
message DeleteAllPaymentsRequest {
// Only delete failed payments.
bool failed_payments_only = 1;
/*
Only delete failed HTLCs from payments, not the payment itself.
*/
bool failed_htlcs_only = 2;
}
message DeleteAllPaymentsResponse {
@ -2893,6 +3268,8 @@ message DeleteAllPaymentsResponse {
message AbandonChannelRequest {
ChannelPoint channel_point = 1;
bool pending_funding_shim_only = 2;
}
message AbandonChannelResponse {
@ -2944,6 +3321,12 @@ enum FeatureBit {
PAYMENT_ADDR_OPT = 15;
MPP_REQ = 16;
MPP_OPT = 17;
WUMBO_CHANNELS_REQ = 18;
WUMBO_CHANNELS_OPT = 19;
ANCHORS_REQ = 20;
ANCHORS_OPT = 21;
ANCHORS_ZERO_FEE_HTLC_REQ = 22;
ANCHORS_ZERO_FEE_HTLC_OPT = 23;
}
message Feature {
@ -3044,8 +3427,8 @@ message ForwardingHistoryRequest {
}
message ForwardingEvent {
// Timestamp is the time (unix epoch offset) that this circuit was
// completed.
uint64 timestamp = 1;
// completed. Deprecated by timestamp_ns.
uint64 timestamp = 1 [deprecated = true];
// The incoming channel ID that carried the HTLC that created the circuit.
uint64 chan_id_in = 2 [jstype = JS_STRING];
@ -3076,6 +3459,10 @@ message ForwardingEvent {
// the second half of the circuit.
uint64 amt_out_msat = 10;
// The number of nanoseconds elapsed since January 1, 1970 UTC when this
// circuit was completed.
uint64 timestamp_ns = 11;
// TODO(roasbeef): add settlement latency?
// * use FPE on the chan id?
// * also list failures?
@ -3181,12 +3568,46 @@ message MacaroonPermission {
message BakeMacaroonRequest {
// The list of permissions the new macaroon should grant.
repeated MacaroonPermission permissions = 1;
// The root key ID used to create the macaroon, must be a positive integer.
uint64 root_key_id = 2;
}
message BakeMacaroonResponse {
// The hex encoded macaroon, serialized in binary format.
string macaroon = 1;
}
message ListMacaroonIDsRequest {
}
message ListMacaroonIDsResponse {
// The list of root key IDs that are in use.
repeated uint64 root_key_ids = 1;
}
message DeleteMacaroonIDRequest {
// The root key ID to be removed.
uint64 root_key_id = 1;
}
message DeleteMacaroonIDResponse {
// A boolean indicates that the deletion is successful.
bool deleted = 1;
}
message MacaroonPermissionList {
// A list of macaroon permissions.
repeated MacaroonPermission permissions = 1;
}
message ListPermissionsRequest {
}
message ListPermissionsResponse {
/*
A map between all RPC method URIs and their required macaroon permissions to
access them.
*/
map<string, MacaroonPermissionList> method_permissions = 1;
}
message Failure {
enum FailureCode {
/*
@ -3219,6 +3640,7 @@ message Failure {
PERMANENT_CHANNEL_FAILURE = 21;
EXPIRY_TOO_FAR = 22;
MPP_TIMEOUT = 23;
INVALID_ONION_PAYLOAD = 24;
/*
An internal error occurred.
@ -3349,3 +3771,14 @@ message ChannelUpdate {
*/
bytes extra_opaque_data = 12;
}
message MacaroonId {
bytes nonce = 1;
bytes storageId = 2;
repeated Op ops = 3;
}
message Op {
string entity = 1;
repeated string actions = 2;
}

4902
home.admin/config.scripts/lndlibs/rpc_pb2.py
View File

File diff suppressed because one or more lines are too long

322
home.admin/config.scripts/lndlibs/rpc_pb2_grpc.py
View File

File diff suppressed because it is too large Load Diff

48
home.admin/config.scripts/lndlibs/walletunlocker.proto
View File

@ -141,8 +141,24 @@ message InitWalletRequest {
recover the funds in each channel from a remote force closed transaction.
*/
ChanBackupSnapshot channel_backups = 5;
/*
stateless_init is an optional argument instructing the daemon NOT to create
any *.macaroon files in its filesystem. If this parameter is set, then the
admin macaroon returned in the response MUST be stored by the caller of the
RPC as otherwise all access to the daemon will be lost!
*/
bool stateless_init = 6;
}
message InitWalletResponse {
/*
The binary serialized admin macaroon that can be used to access the daemon
after creating the wallet. If the stateless_init parameter was set to true,
this is the ONLY copy of the macaroon and MUST be stored safely by the
caller. Otherwise a copy of this macaroon is also persisted on disk by the
daemon, together with other macaroon files.
*/
bytes admin_macaroon = 1;
}
message UnlockWalletRequest {
@ -171,6 +187,12 @@ message UnlockWalletRequest {
recover the funds in each channel from a remote force closed transaction.
*/
ChanBackupSnapshot channel_backups = 3;
/*
stateless_init is an optional argument instructing the daemon NOT to create
any *.macaroon files in its file system.
*/
bool stateless_init = 4;
}
message UnlockWalletResponse {
}
@ -187,6 +209,30 @@ message ChangePasswordRequest {
daemon. When using REST, this field must be encoded as base64.
*/
bytes new_password = 2;
/*
stateless_init is an optional argument instructing the daemon NOT to create
any *.macaroon files in its filesystem. If this parameter is set, then the
admin macaroon returned in the response MUST be stored by the caller of the
RPC as otherwise all access to the daemon will be lost!
*/
bool stateless_init = 3;
/*
new_macaroon_root_key is an optional argument instructing the daemon to
rotate the macaroon root key when set to true. This will invalidate all
previously generated macaroons.
*/
bool new_macaroon_root_key = 4;
}
message ChangePasswordResponse {
}
/*
The binary serialized admin macaroon that can be used to access the daemon
after rotating the macaroon root key. If both the stateless_init and
new_macaroon_root_key parameter were set to true, this is the ONLY copy of
the macaroon that was created from the new root key and MUST be stored
safely by the caller. Otherwise a copy of this macaroon is also persisted on
disk by the daemon, together with other macaroon files.
*/
bytes admin_macaroon = 1;
}

156
home.admin/config.scripts/lndlibs/walletunlocker_pb2.py
View File

@ -1,7 +1,7 @@
# -*- coding: utf-8 -*-
# Generated by the protocol buffer compiler. DO NOT EDIT!
# source: walletunlocker.proto
"""Generated protocol buffer code."""
from google.protobuf import descriptor as _descriptor
from google.protobuf import message as _message
from google.protobuf import reflection as _reflection
@ -19,7 +19,8 @@ DESCRIPTOR = _descriptor.FileDescriptor(
package='lnrpc',
syntax='proto3',
serialized_options=b'Z%github.com/lightningnetwork/lnd/lnrpc',
serialized_pb=b'\n\x14walletunlocker.proto\x12\x05lnrpc\x1a\trpc.proto\"A\n\x0eGenSeedRequest\x12\x19\n\x11\x61\x65zeed_passphrase\x18\x01 \x01(\x0c\x12\x14\n\x0cseed_entropy\x18\x02 \x01(\x0c\"H\n\x0fGenSeedResponse\x12\x1c\n\x14\x63ipher_seed_mnemonic\x18\x01 \x03(\t\x12\x17\n\x0f\x65nciphered_seed\x18\x02 \x01(\x0c\"\xb2\x01\n\x11InitWalletRequest\x12\x17\n\x0fwallet_password\x18\x01 \x01(\x0c\x12\x1c\n\x14\x63ipher_seed_mnemonic\x18\x02 \x03(\t\x12\x19\n\x11\x61\x65zeed_passphrase\x18\x03 \x01(\x0c\x12\x17\n\x0frecovery_window\x18\x04 \x01(\x05\x12\x32\n\x0f\x63hannel_backups\x18\x05 \x01(\x0b\x32\x19.lnrpc.ChanBackupSnapshot\"\x14\n\x12InitWalletResponse\"{\n\x13UnlockWalletRequest\x12\x17\n\x0fwallet_password\x18\x01 \x01(\x0c\x12\x17\n\x0frecovery_window\x18\x02 \x01(\x05\x12\x32\n\x0f\x63hannel_backups\x18\x03 \x01(\x0b\x32\x19.lnrpc.ChanBackupSnapshot\"\x16\n\x14UnlockWalletResponse\"G\n\x15\x43hangePasswordRequest\x12\x18\n\x10\x63urrent_password\x18\x01 \x01(\x0c\x12\x14\n\x0cnew_password\x18\x02 \x01(\x0c\"\x18\n\x16\x43hangePasswordResponse2\xa5\x02\n\x0eWalletUnlocker\x12\x38\n\x07GenSeed\x12\x15.lnrpc.GenSeedRequest\x1a\x16.lnrpc.GenSeedResponse\x12\x41\n\nInitWallet\x12\x18.lnrpc.InitWalletRequest\x1a\x19.lnrpc.InitWalletResponse\x12G\n\x0cUnlockWallet\x12\x1a.lnrpc.UnlockWalletRequest\x1a\x1b.lnrpc.UnlockWalletResponse\x12M\n\x0e\x43hangePassword\x12\x1c.lnrpc.ChangePasswordRequest\x1a\x1d.lnrpc.ChangePasswordResponseB\'Z%github.com/lightningnetwork/lnd/lnrpcb\x06proto3'
create_key=_descriptor._internal_create_key,
serialized_pb=b'\n\x14walletunlocker.proto\x12\x05lnrpc\x1a\trpc.proto\"A\n\x0eGenSeedRequest\x12\x19\n\x11\x61\x65zeed_passphrase\x18\x01 \x01(\x0c\x12\x14\n\x0cseed_entropy\x18\x02 \x01(\x0c\"H\n\x0fGenSeedResponse\x12\x1c\n\x14\x63ipher_seed_mnemonic\x18\x01 \x03(\t\x12\x17\n\x0f\x65nciphered_seed\x18\x02 \x01(\x0c\"\xca\x01\n\x11InitWalletRequest\x12\x17\n\x0fwallet_password\x18\x01 \x01(\x0c\x12\x1c\n\x14\x63ipher_seed_mnemonic\x18\x02 \x03(\t\x12\x19\n\x11\x61\x65zeed_passphrase\x18\x03 \x01(\x0c\x12\x17\n\x0frecovery_window\x18\x04 \x01(\x05\x12\x32\n\x0f\x63hannel_backups\x18\x05 \x01(\x0b\x32\x19.lnrpc.ChanBackupSnapshot\x12\x16\n\x0estateless_init\x18\x06 \x01(\x08\",\n\x12InitWalletResponse\x12\x16\n\x0e\x61\x64min_macaroon\x18\x01 \x01(\x0c\"\x93\x01\n\x13UnlockWalletRequest\x12\x17\n\x0fwallet_password\x18\x01 \x01(\x0c\x12\x17\n\x0frecovery_window\x18\x02 \x01(\x05\x12\x32\n\x0f\x63hannel_backups\x18\x03 \x01(\x0b\x32\x19.lnrpc.ChanBackupSnapshot\x12\x16\n\x0estateless_init\x18\x04 \x01(\x08\"\x16\n\x14UnlockWalletResponse\"~\n\x15\x43hangePasswordRequest\x12\x18\n\x10\x63urrent_password\x18\x01 \x01(\x0c\x12\x14\n\x0cnew_password\x18\x02 \x01(\x0c\x12\x16\n\x0estateless_init\x18\x03 \x01(\x08\x12\x1d\n\x15new_macaroon_root_key\x18\x04 \x01(\x08\"0\n\x16\x43hangePasswordResponse\x12\x16\n\x0e\x61\x64min_macaroon\x18\x01 \x01(\x0c\x32\xa5\x02\n\x0eWalletUnlocker\x12\x38\n\x07GenSeed\x12\x15.lnrpc.GenSeedRequest\x1a\x16.lnrpc.GenSeedResponse\x12\x41\n\nInitWallet\x12\x18.lnrpc.InitWalletRequest\x1a\x19.lnrpc.InitWalletResponse\x12G\n\x0cUnlockWallet\x12\x1a.lnrpc.UnlockWalletRequest\x1a\x1b.lnrpc.UnlockWalletResponse\x12M\n\x0e\x43hangePassword\x12\x1c.lnrpc.ChangePasswordRequest\x1a\x1d.lnrpc.ChangePasswordResponseB\'Z%github.com/lightningnetwork/lnd/lnrpcb\x06proto3'
,
dependencies=[rpc__pb2.DESCRIPTOR,])
@ -32,6 +33,7 @@ _GENSEEDREQUEST = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='aezeed_passphrase', full_name='lnrpc.GenSeedRequest.aezeed_passphrase', index=0,
@ -39,14 +41,14 @@ _GENSEEDREQUEST = _descriptor.Descriptor(
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='seed_entropy', full_name='lnrpc.GenSeedRequest.seed_entropy', index=1,
number=2, type=12, cpp_type=9, label=1,
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
@ -70,6 +72,7 @@ _GENSEEDRESPONSE = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='cipher_seed_mnemonic', full_name='lnrpc.GenSeedResponse.cipher_seed_mnemonic', index=0,
@ -77,14 +80,14 @@ _GENSEEDRESPONSE = _descriptor.Descriptor(
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='enciphered_seed', full_name='lnrpc.GenSeedResponse.enciphered_seed', index=1,
number=2, type=12, cpp_type=9, label=1,
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
@ -108,6 +111,7 @@ _INITWALLETREQUEST = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='wallet_password', full_name='lnrpc.InitWalletRequest.wallet_password', index=0,
@ -115,35 +119,42 @@ _INITWALLETREQUEST = _descriptor.Descriptor(
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='cipher_seed_mnemonic', full_name='lnrpc.InitWalletRequest.cipher_seed_mnemonic', index=1,
number=2, type=9, cpp_type=9, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='aezeed_passphrase', full_name='lnrpc.InitWalletRequest.aezeed_passphrase', index=2,
number=3, type=12, cpp_type=9, label=1,
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='recovery_window', full_name='lnrpc.InitWalletRequest.recovery_window', index=3,
number=4, type=5, cpp_type=1, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='channel_backups', full_name='lnrpc.InitWalletRequest.channel_backups', index=4,
number=5, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='stateless_init', full_name='lnrpc.InitWalletRequest.stateless_init', index=5,
number=6, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
@ -157,7 +168,7 @@ _INITWALLETREQUEST = _descriptor.Descriptor(
oneofs=[
],
serialized_start=184,
serialized_end=362,
serialized_end=386,
)
@ -167,7 +178,15 @@ _INITWALLETRESPONSE = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='admin_macaroon', full_name='lnrpc.InitWalletResponse.admin_macaroon', index=0,
number=1, type=12, cpp_type=9, label=1,
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
@ -180,8 +199,8 @@ _INITWALLETRESPONSE = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=364,
serialized_end=384,
serialized_start=388,
serialized_end=432,
)
@ -191,6 +210,7 @@ _UNLOCKWALLETREQUEST = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='wallet_password', full_name='lnrpc.UnlockWalletRequest.wallet_password', index=0,
@ -198,21 +218,28 @@ _UNLOCKWALLETREQUEST = _descriptor.Descriptor(
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='recovery_window', full_name='lnrpc.UnlockWalletRequest.recovery_window', index=1,
number=2, type=5, cpp_type=1, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='channel_backups', full_name='lnrpc.UnlockWalletRequest.channel_backups', index=2,
number=3, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='stateless_init', full_name='lnrpc.UnlockWalletRequest.stateless_init', index=3,
number=4, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
@ -225,8 +252,8 @@ _UNLOCKWALLETREQUEST = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=386,
serialized_end=509,
serialized_start=435,
serialized_end=582,
)
@ -236,6 +263,7 @@ _UNLOCKWALLETRESPONSE = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
],
extensions=[
@ -249,8 +277,8 @@ _UNLOCKWALLETRESPONSE = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=511,
serialized_end=533,
serialized_start=584,
serialized_end=606,
)
@ -260,6 +288,7 @@ _CHANGEPASSWORDREQUEST = _descriptor.Descriptor(
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='current_password', full_name='lnrpc.ChangePasswordRequest.current_password', index=0,
@ -267,38 +296,28 @@ _CHANGEPASSWORDREQUEST = _descriptor.Descriptor(
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='new_password', full_name='lnrpc.ChangePasswordRequest.new_password', index=1,
number=2, type=12, cpp_type=9, label=1,
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR),
],
extensions=[
],
nested_types=[],
enum_types=[
],
serialized_options=None,
is_extendable=False,
syntax='proto3',
extension_ranges=[],
oneofs=[
],
serialized_start=535,
serialized_end=606,
)
_CHANGEPASSWORDRESPONSE = _descriptor.Descriptor(
name='ChangePasswordResponse',
full_name='lnrpc.ChangePasswordResponse',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='stateless_init', full_name='lnrpc.ChangePasswordRequest.stateless_init', index=2,
number=3, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
_descriptor.FieldDescriptor(
name='new_macaroon_root_key', full_name='lnrpc.ChangePasswordRequest.new_macaroon_root_key', index=3,
number=4, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
@ -312,7 +331,39 @@ _CHANGEPASSWORDRESPONSE = _descriptor.Descriptor(
oneofs=[
],
serialized_start=608,
serialized_end=632,
serialized_end=734,
)
_CHANGEPASSWORDRESPONSE = _descriptor.Descriptor(
name='ChangePasswordResponse',
full_name='lnrpc.ChangePasswordResponse',
filename=None,
file=DESCRIPTOR,
containing_type=None,
create_key=_descriptor._internal_create_key,
fields=[
_descriptor.FieldDescriptor(
name='admin_macaroon', full_name='lnrpc.ChangePasswordResponse.admin_macaroon', index=0,
number=1, type=12, cpp_type=9, label=1,
has_default_value=False, default_value=b"",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
serialized_options=None, file=DESCRIPTOR, create_key=_descriptor._internal_create_key),
],
extensions=[
],
nested_types=[],
enum_types=[
],
serialized_options=None,
is_extendable=False,
syntax='proto3',
extension_ranges=[],
oneofs=[
],
serialized_start=736,
serialized_end=784,
)
_INITWALLETREQUEST.fields_by_name['channel_backups'].message_type = rpc__pb2._CHANBACKUPSNAPSHOT
@ -392,8 +443,9 @@ _WALLETUNLOCKER = _descriptor.ServiceDescriptor(
file=DESCRIPTOR,
index=0,
serialized_options=None,
serialized_start=635,
serialized_end=928,
create_key=_descriptor._internal_create_key,
serialized_start=787,
serialized_end=1080,
methods=[
_descriptor.MethodDescriptor(
name='GenSeed',
@ -403,6 +455,7 @@ _WALLETUNLOCKER = _descriptor.ServiceDescriptor(
input_type=_GENSEEDREQUEST,
output_type=_GENSEEDRESPONSE,
serialized_options=None,
create_key=_descriptor._internal_create_key,
),
_descriptor.MethodDescriptor(
name='InitWallet',
@ -412,6 +465,7 @@ _WALLETUNLOCKER = _descriptor.ServiceDescriptor(
input_type=_INITWALLETREQUEST,
output_type=_INITWALLETRESPONSE,
serialized_options=None,
create_key=_descriptor._internal_create_key,
),
_descriptor.MethodDescriptor(
name='UnlockWallet',
@ -421,6 +475,7 @@ _WALLETUNLOCKER = _descriptor.ServiceDescriptor(
input_type=_UNLOCKWALLETREQUEST,
output_type=_UNLOCKWALLETRESPONSE,
serialized_options=None,
create_key=_descriptor._internal_create_key,
),
_descriptor.MethodDescriptor(
name='ChangePassword',
@ -430,6 +485,7 @@ _WALLETUNLOCKER = _descriptor.ServiceDescriptor(
input_type=_CHANGEPASSWORDREQUEST,
output_type=_CHANGEPASSWORDRESPONSE,
serialized_options=None,
create_key=_descriptor._internal_create_key,
),
])
_sym_db.RegisterServiceDescriptor(_WALLETUNLOCKER)

14
home.admin/config.scripts/lndlibs/walletunlocker_pb2_grpc.py
View File

@ -1,10 +1,10 @@
# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT!
"""Client and server classes corresponding to protobuf-defined services."""
from __future__ import absolute_import
import grpc
from . import walletunlocker_pb2 as walletunlocker__pb2
class WalletUnlockerStub(object):
"""
Comments in this file will be directly parsed into the API
@ -187,6 +187,7 @@ class WalletUnlocker(object):
options=(),
channel_credentials=None,
call_credentials=None,
insecure=False,
compression=None,
wait_for_ready=None,
timeout=None,
@ -195,7 +196,7 @@ class WalletUnlocker(object):
walletunlocker__pb2.GenSeedRequest.SerializeToString,
walletunlocker__pb2.GenSeedResponse.FromString,
options, channel_credentials,
call_credentials, compression, wait_for_ready, timeout, metadata)
insecure, call_credentials, compression, wait_for_ready, timeout, metadata)
@staticmethod
def InitWallet(request,
@ -203,6 +204,7 @@ class WalletUnlocker(object):
options=(),
channel_credentials=None,
call_credentials=None,
insecure=False,
compression=None,
wait_for_ready=None,
timeout=None,
@ -211,7 +213,7 @@ class WalletUnlocker(object):
walletunlocker__pb2.InitWalletRequest.SerializeToString,
walletunlocker__pb2.InitWalletResponse.FromString,
options, channel_credentials,
call_credentials, compression, wait_for_ready, timeout, metadata)
insecure, call_credentials, compression, wait_for_ready, timeout, metadata)
@staticmethod
def UnlockWallet(request,
@ -219,6 +221,7 @@ class WalletUnlocker(object):
options=(),
channel_credentials=None,
call_credentials=None,
insecure=False,
compression=None,
wait_for_ready=None,
timeout=None,
@ -227,7 +230,7 @@ class WalletUnlocker(object):
walletunlocker__pb2.UnlockWalletRequest.SerializeToString,
walletunlocker__pb2.UnlockWalletResponse.FromString,
options, channel_credentials,
call_credentials, compression, wait_for_ready, timeout, metadata)
insecure, call_credentials, compression, wait_for_ready, timeout, metadata)
@staticmethod
def ChangePassword(request,
@ -235,6 +238,7 @@ class WalletUnlocker(object):
options=(),
channel_credentials=None,
call_credentials=None,
insecure=False,
compression=None,
wait_for_ready=None,
timeout=None,
@ -243,4 +247,4 @@ class WalletUnlocker(object):
walletunlocker__pb2.ChangePasswordRequest.SerializeToString,
walletunlocker__pb2.ChangePasswordResponse.FromString,
options, channel_credentials,
call_credentials, compression, wait_for_ready, timeout, metadata)
insecure, call_credentials, compression, wait_for_ready, timeout, metadata)

2
home.admin/config.scripts/network.monitor.sh
View File

@ -19,7 +19,7 @@ if [ "$1" = "peer-status" ]; then
echo "#network.monitor.sh peer-status"
# number of peers connected
peerNum=$(${network}-cli getnetworkinfo | grep "connections" | tr -cd '[[:digit:]]')
peerNum=$(${network}-cli getnetworkinfo | grep "connections\"" | tr -cd '[[:digit:]]')
echo "peers=${peerNum}"
exit 0