From a0f7bedee01a8a13801551ca302a6ce6c328d6ef Mon Sep 17 00:00:00 2001 From: openoms <43343391+openoms@users.noreply.github.com> Date: Tue, 1 Nov 2022 15:47:54 +0000 Subject: [PATCH] Jam fix (#3321) * jam: fix nginx conf and rename to jam * rename script * correct capitalization Co-authored-by: Gigi <109058+dergigi@users.noreply.github.com> * joininbox update to v0.7.3, joinmarket v0.9.8 * correct websocket * add obwatcher for Jam * set random max_cj_fee_abs and max_cj_fee_rel * start the ob-watcher.service on Jam install * fix the websocket connection * display JMstats if maker_running with the api * rename to jam everywhere * rename in provision (recovery) * add jam to main menu * add Jam to SERVICES * remove legacy nginx confs * rename tor service * clearnet websocket fix * run joinmarket-api independent of bitcoind * add jam to the UPDATE menu * use dergigi's key to verify, install to jam user * fix update to commit * joininbox update to v0.7.4 * fix jam var in menu * joininbox: use tag to verify * add cleanup to uninstall in all cases * improve uninstall * fix path for jam uninstall * feat: move to the joininbox menu from JM info * jam update to v0.1.2 * remove old $APP_DIR on update --- CHANGES.md | 3 + home.admin/00infoBlitz.sh | 4 +- home.admin/00mainMenu.sh | 10 +- home.admin/00settingsMenuServices.sh | 31 +++ home.admin/99updateMenu.sh | 7 + home.admin/_provision_.sh | 12 +- ...joinmarket_webui_ssl.conf => jam_ssl.conf} | 29 ++- .../assets/nginx/sites-available/jam_tor.conf | 51 ++++ ...et_webui_tor_ssl.conf => jam_tor_ssl.conf} | 29 ++- .../sites-available/joinmarket_webui_tor.conf | 37 --- ...bonus.joinmarket-webui.sh => bonus.jam.sh} | 234 ++++++++++-------- home.admin/config.scripts/bonus.joinmarket.sh | 30 ++- 12 files changed, 296 insertions(+), 181 deletions(-) rename home.admin/assets/nginx/sites-available/{joinmarket_webui_ssl.conf => jam_ssl.conf} (55%) create mode 100644 home.admin/assets/nginx/sites-available/jam_tor.conf rename home.admin/assets/nginx/sites-available/{joinmarket_webui_tor_ssl.conf => jam_tor_ssl.conf} (55%) delete mode 100644 home.admin/assets/nginx/sites-available/joinmarket_webui_tor.conf rename home.admin/config.scripts/{bonus.joinmarket-webui.sh => bonus.jam.sh} (50%) mode change 100755 => 100644 diff --git a/CHANGES.md b/CHANGES.md index 1e8390d2b..14964a870 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -8,6 +8,9 @@ - Update: RTL v0.13.0 with update option [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.12.3) - Update: LNbits 0.9.4 [details](https://github.com/lnbits/lnbits-legend/releases/tag/0.9.2) - Update: ItchySats 0.7.0 [details](https://github.com/itchysats/itchysats/releases/tag/0.7.0) +- Update: Jam (JoinMarket Web UI) v0.1.2 [details](https://github.com/joinmarket-webui/joinmarket-webui/releases/tag/v0.1.0) +- Update: JoinMarket v0.9.8 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.8) +- Update: JoininBox v0.7.4 [details](https://github.com/openoms/joininbox/releases/tag/v0.7.3) - Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox) ## What's new in Version 1.8.0 of RaspiBlitz? diff --git a/home.admin/00infoBlitz.sh b/home.admin/00infoBlitz.sh index 829f9f16b..319cd31b5 100755 --- a/home.admin/00infoBlitz.sh +++ b/home.admin/00infoBlitz.sh @@ -275,7 +275,9 @@ ${color_yellow}${ln_publicColor}${ln_external}${color_gray}" if [ "${joinmarket}" = "on" ];then # show JoinMarket stats in place of the LND URI only if the Yield Generator is running - if [ $(sudo -u joinmarket pgrep -f "yg-privacyenhanced.py" 2>/dev/null | wc -l) -gt 2 ]; then + if [ $(sudo -u joinmarket pgrep -f "yg-privacyenhanced.py" 2>/dev/null | wc -l) -gt 2 ] || \ + [ $(curl -ksX GET https://127.0.0.1:28183/api/v1/session | jq .maker_running) = true ]; then + trap 'rm -f "$JMstats"' EXIT JMstats=$(mktemp -p /dev/shm) sudo -u joinmarket /home/joinmarket/info.stats.sh > $JMstats diff --git a/home.admin/00mainMenu.sh b/home.admin/00mainMenu.sh index 023558225..1e956636b 100755 --- a/home.admin/00mainMenu.sh +++ b/home.admin/00mainMenu.sh @@ -120,6 +120,9 @@ fi if [ "${joinmarket}" == "on" ]; then OPTIONS+=(JM "JoinMarket with JoininBox") fi +if [ "${jam}" == "on" ]; then + OPTIONS+=(JAM "Jam (JoinMarket WebUI)") +fi if [ "${faraday}" == "on" ]; then OPTIONS+=(FARADAY "Faraday Channel Management") fi @@ -217,7 +220,7 @@ case $CHOICE in echo "" echo -en "Screen is updating in a loop .... press 'x' now to get back to menu." read -n 1 -t 6 keyPressed - echo -en "\rGathering information to update info ... please wait. \n" + echo -en "\rGathering information to update info ... please wait. \n" # check if user wants to abort session if [ "${keyPressed}" = "x" ]; then @@ -286,6 +289,9 @@ case $CHOICE in JM) /home/admin/config.scripts/bonus.joinmarket.sh menu ;; + JAM) + /home/admin/config.scripts/bonus.jam.sh menu + ;; FARADAY) sudo /home/admin/config.scripts/bonus.faraday.sh menu ;; @@ -328,7 +334,7 @@ case $CHOICE in ;; TESTNETS) /home/admin/00parallelChainsMenu.sh - ;; + ;; SUBSCRIBE) /home/admin/config.scripts/blitz.subscriptions.py ;; diff --git a/home.admin/00settingsMenuServices.sh b/home.admin/00settingsMenuServices.sh index 9c1465ded..897cb5dab 100755 --- a/home.admin/00settingsMenuServices.sh +++ b/home.admin/00settingsMenuServices.sh @@ -15,6 +15,7 @@ if [ ${#BTCPayServer} -eq 0 ]; then BTCPayServer="off"; fi if [ ${#ElectRS} -eq 0 ]; then ElectRS="off"; fi if [ ${#lndmanage} -eq 0 ]; then lndmanage="off"; fi if [ ${#joinmarket} -eq 0 ]; then joinmarket="off"; fi +if [ ${#jam} -eq 0 ]; then jam="off"; fi if [ ${#LNBits} -eq 0 ]; then LNBits="off"; fi if [ ${#mempoolExplorer} -eq 0 ]; then mempoolExplorer="off"; fi if [ ${#bos} -eq 0 ]; then bos="off"; fi @@ -46,6 +47,7 @@ if [ "${network}" == "bitcoin" ]; then OPTIONS+=(s 'BTC Specter Desktop' ${specter}) OPTIONS+=(a 'BTC Mempool Space' ${mempoolExplorer}) OPTIONS+=(j 'BTC JoinMarket+JoininBox menu' ${joinmarket}) + OPTIONS+=(z 'BTC Jam (JoinMarket WebUI)' ${jam}) OPTIONS+=(w 'BTC Download Bitcoin Whitepaper' ${whitepaper}) OPTIONS+=(v 'BTC Install BitcoinMinds.org' ${bitcoinminds}) OPTIONS+=(u 'BTC Install ItchySats' ${itchysats}) @@ -483,6 +485,35 @@ else echo "JoinMarket not changed." fi +# Jam process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "z") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${jam}" != "${choice}" ]; then + echo "Jam setting changed .." + # check if TOR is installed + source /mnt/hdd/raspiblitz.conf + if [ "${choice}" = "on" ] && [ "${runBehindTor}" = "off" ]; then + whiptail --title " Use Tor with Jam" --msgbox "\ +It is highly recommended to use Tor with Jam.\n +Please activate TOR in SERVICES first.\n +Then try activating Jam again in SERVICES.\n +" 13 42 + else + anychange=1 + sudo /home/admin/config.scripts/bonus.jam.sh ${choice} + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + sudo /home/admin/config.scripts/bonus.jam.sh menu + else + whiptail --title 'FAIL' --msgbox "Jam installation is cancelled\nTry again from the menu or install from the terminal with:\nsudo /home/admin/config.scripts/bonus.jam.sh on" 9 65 + fi + fi + fi +else + echo "Jam not changed." +fi + # Mempool process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "a") if [ ${check} -eq 1 ]; then choice="on"; fi diff --git a/home.admin/99updateMenu.sh b/home.admin/99updateMenu.sh index 2b28594c5..a3ef80589 100755 --- a/home.admin/99updateMenu.sh +++ b/home.admin/99updateMenu.sh @@ -504,6 +504,10 @@ if [ "${mempoolExplorer}" == "on" ]; then OPTIONS+=(MEMPOOL "Update Mempool Explorer") fi +if [ "${jam}" == "on" ]; then + OPTIONS+=(JAM "Update Jam (JoinMarket WebUI)") +fi + if [ "${runBehindTor}" == "on" ]; then OPTIONS+=(TOR "Update Tor from the Torproject repo") fi @@ -567,6 +571,9 @@ case $CHOICE in MEMPOOL) /home/admin/config.scripts/bonus.mempool.sh update ;; + JAM) + /home/admin/config.scripts/bonus.jam.sh update + ;; ITCHYSATS) /home/admin/config.scripts/bonus.itchysats.sh update ;; diff --git a/home.admin/_provision_.sh b/home.admin/_provision_.sh index 0fce78d0d..404c1d1fd 100755 --- a/home.admin/_provision_.sh +++ b/home.admin/_provision_.sh @@ -579,13 +579,13 @@ else echo "Provisioning JoinMarket - keep default" >> ${logFile} fi -# JoinMarket Web UI -if [ "${joinmarketWebUI}" = "on" ]; then - echo "Provisioning JoinMarket Web UI - run config script" >> ${logFile} - /home/admin/_cache.sh set message "Setup JoinMarket Web UI" - sudo /home/admin/config.scripts/bonus.joinmarket-webui.sh on >> ${logFile} 2>&1 +# Jam +if [ "${jam}" = "on" ]; then + echo "Provisioning Jam - run config script" >> ${logFile} + /home/admin/_cache.sh set message "Setup Jam" + sudo /home/admin/config.scripts/bonus.jam.sh on >> ${logFile} 2>&1 else - echo "Provisioning JoinMarket Web UI - keep default" >> ${logFile} + echo "Provisioning Jam - keep default" >> ${logFile} fi # Specter diff --git a/home.admin/assets/nginx/sites-available/joinmarket_webui_ssl.conf b/home.admin/assets/nginx/sites-available/jam_ssl.conf similarity index 55% rename from home.admin/assets/nginx/sites-available/joinmarket_webui_ssl.conf rename to home.admin/assets/nginx/sites-available/jam_ssl.conf index 5e0e3f66c..1ebfee72f 100644 --- a/home.admin/assets/nginx/sites-available/joinmarket_webui_ssl.conf +++ b/home.admin/assets/nginx/sites-available/jam_ssl.conf @@ -1,4 +1,4 @@ -## joinmarket_webui_ssl.conf +## jam_ssl.conf server { listen 7501 ssl http2; @@ -8,15 +8,16 @@ server { include /etc/nginx/snippets/ssl-params.conf; include /etc/nginx/snippets/ssl-certificate-app-data.conf; - include /etc/nginx/snippets/gzip-params.conf; - - access_log /var/log/nginx/access_joinmarket_webui.log; - error_log /var/log/nginx/error_joinmarket_webui.log; + access_log /var/log/nginx/access_jam.log; + error_log /var/log/nginx/error_jam.log; gzip on; + gzip_vary on; + gzip_proxied any; + gzip_types *; gzip_types application/javascript application/json text/css image/svg+xml; - root /home/joinmarket/webui/build; + root /home/jam/webui/build; index index.html; location /api/ { @@ -28,11 +29,21 @@ server { proxy_pass https://127.0.0.1:28183; } - location /ws/ { + location /jmws { include /etc/nginx/snippets/proxy-params.conf; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $http_connection; - proxy_pass https://127.0.0.1:28183; + proxy_set_header Connection "upgrade"; + proxy_set_header Authorization ""; + proxy_pass https://127.0.0.1:28283/; + } + + location /obwatch/ { + include /etc/nginx/snippets/proxy-params.conf; + proxy_http_version 1.1; + proxy_set_header Connection ""; + # must proxy via "http" as ob-watcher does not make use of self-signed cert yet + proxy_pass http://127.0.0.1:62601/; } location / { diff --git a/home.admin/assets/nginx/sites-available/jam_tor.conf b/home.admin/assets/nginx/sites-available/jam_tor.conf new file mode 100644 index 000000000..d2f2375ca --- /dev/null +++ b/home.admin/assets/nginx/sites-available/jam_tor.conf @@ -0,0 +1,51 @@ +## jam_tor.conf + +server { + listen 7502; + listen [::1]:7502; + server_name _; + + access_log /var/log/nginx/access_jam.log; + error_log /var/log/nginx/error_jam.log; + + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_types *; + gzip_types application/javascript application/json text/css image/svg+xml; + + root /home/jam/webui/build; + index index.html; + + location /api/ { + include /etc/nginx/snippets/proxy-params.conf; + + proxy_set_header Authorization $http_x_jm_authorization; + proxy_set_header x-jm-authorization ""; + + proxy_pass https://127.0.0.1:28183; + } + + location /jmws { + include /etc/nginx/snippets/proxy-params.conf; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Authorization ""; + proxy_pass https://127.0.0.1:28283/; + } + + location /obwatch/ { + include /etc/nginx/snippets/proxy-params.conf; + proxy_http_version 1.1; + proxy_set_header Connection ""; + # must proxy via "http" as ob-watcher does not make use of self-signed cert yet + proxy_pass http://127.0.0.1:62601/; + } + + location / { + include /etc/nginx/snippets/proxy-params.conf; + try_files $uri $uri/ /index.html; + add_header Cache-Control no-cache; + } +} diff --git a/home.admin/assets/nginx/sites-available/joinmarket_webui_tor_ssl.conf b/home.admin/assets/nginx/sites-available/jam_tor_ssl.conf similarity index 55% rename from home.admin/assets/nginx/sites-available/joinmarket_webui_tor_ssl.conf rename to home.admin/assets/nginx/sites-available/jam_tor_ssl.conf index eccff6ca0..dabc0c9a0 100644 --- a/home.admin/assets/nginx/sites-available/joinmarket_webui_tor_ssl.conf +++ b/home.admin/assets/nginx/sites-available/jam_tor_ssl.conf @@ -1,4 +1,4 @@ -## joinmarket_webui_tor_ssl.conf +## jam_tor_ssl.conf server { listen 7503 ssl http2; @@ -8,15 +8,16 @@ server { include /etc/nginx/snippets/ssl-params.conf; include /etc/nginx/snippets/ssl-certificate-app-data-tor.conf; - include /etc/nginx/snippets/gzip-params.conf; - - access_log /var/log/nginx/access_joinmarket_webui.log; - error_log /var/log/nginx/error_joinmarket_webui.log; + access_log /var/log/nginx/access_jam.log; + error_log /var/log/nginx/error_jam.log; gzip on; + gzip_vary on; + gzip_proxied any; + gzip_types *; gzip_types application/javascript application/json text/css image/svg+xml; - root /home/joinmarket/webui/build; + root /home/jam/webui/build; index index.html; location /api/ { @@ -28,11 +29,21 @@ server { proxy_pass https://127.0.0.1:28183; } - location /ws/ { + location /jmws { include /etc/nginx/snippets/proxy-params.conf; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $http_connection; - proxy_pass https://127.0.0.1:28183; + proxy_set_header Connection "upgrade"; + proxy_set_header Authorization ""; + proxy_pass https://127.0.0.1:28283/; + } + + location /obwatch/ { + include /etc/nginx/snippets/proxy-params.conf; + proxy_http_version 1.1; + proxy_set_header Connection ""; + # must proxy via "http" as ob-watcher does not make use of self-signed cert yet + proxy_pass http://127.0.0.1:62601/; } location / { diff --git a/home.admin/assets/nginx/sites-available/joinmarket_webui_tor.conf b/home.admin/assets/nginx/sites-available/joinmarket_webui_tor.conf deleted file mode 100644 index d91bb5610..000000000 --- a/home.admin/assets/nginx/sites-available/joinmarket_webui_tor.conf +++ /dev/null @@ -1,37 +0,0 @@ -## joinmarket_webui_tor.conf - -server { - listen 7502; - listen [::1]:7502; - server_name _; - - access_log /var/log/nginx/access_joinmarket_webui.log; - error_log /var/log/nginx/error_joinmarket_webui.log; - - include /etc/nginx/snippets/gzip-params.conf; - - root /home/joinmarket/webui/build; - index index.html; - - location /api/ { - include /etc/nginx/snippets/proxy-params.conf; - - proxy_set_header Authorization $http_x_jm_authorization; - proxy_set_header x-jm-authorization ""; - - proxy_pass https://127.0.0.1:28183; - } - - location /ws/ { - include /etc/nginx/snippets/proxy-params.conf; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $http_connection; - proxy_pass https://127.0.0.1:28183; - } - - location / { - include /etc/nginx/snippets/proxy-params.conf; - try_files $uri $uri/ /index.html; - add_header Cache-Control no-cache; - } -} diff --git a/home.admin/config.scripts/bonus.joinmarket-webui.sh b/home.admin/config.scripts/bonus.jam.sh old mode 100755 new mode 100644 similarity index 50% rename from home.admin/config.scripts/bonus.joinmarket-webui.sh rename to home.admin/config.scripts/bonus.jam.sh index b95e32e92..66b295a44 --- a/home.admin/config.scripts/bonus.joinmarket-webui.sh +++ b/home.admin/config.scripts/bonus.jam.sh @@ -1,19 +1,23 @@ #!/bin/bash -# https://github.com/joinmarket-webui/joinmarket-webui +# https://github.com/joinmarket-webui/jam -USERNAME=joinmarket +WEBUI_VERSION=0.1.2 +REPO=joinmarket-webui/jam +USERNAME=jam HOME_DIR=/home/$USERNAME -REPO=joinmarket-webui/joinmarket-webui APP_DIR=webui RASPIBLITZ_INFO=/home/admin/raspiblitz.info RASPIBLITZ_CONF=/mnt/hdd/raspiblitz.conf -WEBUI_VERSION=0.0.9 + +PGPsigner="dergigi" +PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" +PGPpubkeyFingerprint="89C4A25E69A5DE7F" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "config script to switch joinmarket_webui on or off" - echo "bonus.joinmarket-webui.sh [on|off|menu|update|update commit|precheck]" + echo "config script to switch Jam on or off" + echo "bonus.jam.sh [on|off|menu|update|update commit|precheck]" exit 1 fi @@ -27,13 +31,13 @@ if [ "$1" = "menu" ]; then if [ ${isInstalled} -eq 1 ]; then # get network info localip=$(hostname -I | awk '{print $1}') - toraddress=$(sudo cat /mnt/hdd/tor/joinmarket-webui/hostname 2>/dev/null) + toraddress=$(sudo cat /mnt/hdd/tor/jam/hostname 2>/dev/null) fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then # Info with Tor sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}" - whiptail --title " JoinMarket Web UI " --msgbox "Open in your local web browser: + whiptail --title " Jam (JoinMarket Web UI) " --msgbox "Open in your local web browser: https://${localip}:7501\n with Fingerprint: ${fingerprint}\n @@ -42,7 +46,7 @@ Hidden Service address for Tor Browser (see LCD for QR):\n${toraddress} sudo /home/admin/config.scripts/blitz.display.sh hide else # Info without Tor - whiptail --title " JoinMarket Web UI " --msgbox "Open in your local web browser & accept self-signed cert: + whiptail --title " Jam (JoinMarket Web UI) " --msgbox "Open in your local web browser & accept self-signed cert: https://${localip}:7501\n with Fingerprint: ${fingerprint}\n @@ -51,7 +55,7 @@ Activate Tor to access the web interface from outside your local network. fi echo "please wait ..." else - echo "*** JOINMARKET WEB UI NOT INSTALLED ***" + echo "*** JAM NOT INSTALLED ***" fi exit 0 fi @@ -68,27 +72,28 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo /home/admin/config.scripts/bonus.joinmarket.sh on fi - echo "*** INSTALL JOINMARKET WEB UI ***" + echo "*** INSTALL JAM ***" + + echo "# Creating the ${USERNAME} user" + echo + sudo adduser --disabled-password --gecos "" ${USERNAME} # install nodeJS /home/admin/config.scripts/bonus.nodejs.sh on - # install JoinMarket Web UI + # install cd $HOME_DIR || exit 1 sudo -u $USERNAME git clone https://github.com/$REPO - cd joinmarket-webui || exit 1 + cd jam || exit 1 sudo -u $USERNAME git reset --hard v${WEBUI_VERSION} - GITHUB_SIGN_AUTHOR="web-flow" - GITHUB_SIGN_PUBKEYLINK="https://github.com/web-flow.gpg" - GITHUB_SIGN_FINGERPRINT="4AEE18F83AFDEB23" sudo -u $USERNAME /home/admin/config.scripts/blitz.git-verify.sh \ - "${GITHUB_SIGN_AUTHOR}" "${GITHUB_SIGN_PUBKEYLINK}" "${GITHUB_SIGN_FINGERPRINT}" || exit 1 + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "v${WEBUI_VERSION}" || exit 1 cd $HOME_DIR || exit 1 - sudo -u $USERNAME mv joinmarket-webui $APP_DIR + sudo -u $USERNAME mv jam $APP_DIR cd $APP_DIR || exit 1 sudo -u $USERNAME rm -rf docker if ! sudo -u $USERNAME npm install; then @@ -101,54 +106,55 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then ################## # NGINX ################## + # remove legacy nginx symlinks and configs + sudo rm -f /etc/nginx/sites-enabled/joinmarket_webui_* + sudo rm -f /etc/nginx/sites-available/joinmarket_webui_* # setup nginx symlinks - sudo cp -f /home/admin/assets/nginx/sites-available/joinmarket_webui_ssl.conf /etc/nginx/sites-available/joinmarket_webui_ssl.conf - sudo cp -f /home/admin/assets/nginx/sites-available/joinmarket_webui_tor.conf /etc/nginx/sites-available/joinmarket_webui_tor.conf - sudo cp -f /home/admin/assets/nginx/sites-available/joinmarket_webui_tor_ssl.conf /etc/nginx/sites-available/joinmarket_webui_tor_ssl.conf - sudo ln -sf /etc/nginx/sites-available/joinmarket_webui_ssl.conf /etc/nginx/sites-enabled/ - sudo ln -sf /etc/nginx/sites-available/joinmarket_webui_tor.conf /etc/nginx/sites-enabled/ - sudo ln -sf /etc/nginx/sites-available/joinmarket_webui_tor_ssl.conf /etc/nginx/sites-enabled/ + sudo cp -f /home/admin/assets/nginx/sites-available/jam_ssl.conf /etc/nginx/sites-available/jam_ssl.conf + sudo cp -f /home/admin/assets/nginx/sites-available/jam_tor.conf /etc/nginx/sites-available/jam_tor.conf + sudo cp -f /home/admin/assets/nginx/sites-available/jam_tor_ssl.conf /etc/nginx/sites-available/jam_tor_ssl.conf + sudo ln -sf /etc/nginx/sites-available/jam_ssl.conf /etc/nginx/sites-enabled/ + sudo ln -sf /etc/nginx/sites-available/jam_tor.conf /etc/nginx/sites-enabled/ + sudo ln -sf /etc/nginx/sites-available/jam_tor_ssl.conf /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx # open the firewall echo "*** Updating Firewall ***" - sudo ufw allow from any to any port 7500 comment 'allow JoinMarket Web UI HTTP' - sudo ufw allow from any to any port 7501 comment 'allow JoinMarket Web UI HTTPS' + sudo ufw allow from any to any port 7500 comment 'allow Jam HTTP' + sudo ufw allow from any to any port 7501 comment 'allow Jam HTTPS' echo "" + ######################### + ## JOINMARKET-API SERVICE + ######################### # SSL - if [ -d $HOME_DIR/.joinmarket/ssl ]; then - sudo -u $USERNAME rm -rf $HOME_DIR/.joinmarket/ssl + if [ -d /home/joinmarket/.joinmarket/ssl ]; then + sudo -u joinmarket rm -rf /home/joinmarket/.joinmarket/ssl fi subj="/C=US/ST=Utah/L=Lehi/O=Your Company, Inc./OU=IT/CN=example.com" - sudo -u $USERNAME mkdir -p $HOME_DIR/.joinmarket/ssl/ \ + sudo -u joinmarket mkdir -p /home/joinmarket/.joinmarket/ssl/ \ && pushd "$_" \ - && sudo -u $USERNAME openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out cert.pem -keyout key.pem -subj "$subj" \ + && sudo -u joinmarket openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out cert.pem -keyout key.pem -subj "$subj" \ && popd || exit 1 - ################## # SYSTEMD SERVICE - ################## - echo "# Install JoinMarket API systemd" echo "\ # Systemd unit for JoinMarket API [Unit] Description=JoinMarket API daemon -Requires=bitcoind.service -After=bitcoind.service [Service] -WorkingDirectory=$HOME_DIR/joinmarket-clientserver/scripts/ -ExecStartPre=/home/admin/config.scripts/bonus.joinmarket-webui.sh precheck -ExecStart=/bin/sh -c '. $HOME_DIR/joinmarket-clientserver/jmvenv/bin/activate && python jmwalletd.py' +WorkingDirectory=/home/joinmarket/joinmarket-clientserver/scripts/ +ExecStartPre=-/home/admin/config.scripts/bonus.jam.sh precheck +ExecStart=/bin/sh -c '. /home/joinmarket/joinmarket-clientserver/jmvenv/bin/activate && python jmwalletd.py' User=joinmarket Group=joinmarket Restart=always TimeoutSec=120 -RestartSec=30 +RestartSec=60 # Hardening measures PrivateTmp=true ProtectSystem=full @@ -160,13 +166,18 @@ WantedBy=multi-user.target " | sudo tee /etc/systemd/system/joinmarket-api.service sudo systemctl enable joinmarket-api + # remove legacy name + /home/admin/config.scripts/blitz.conf.sh delete joinmarketWebUI $RASPIBLITZ_CONF # setting value in raspiblitz config - sudo sed -i "s/^joinmarketWebUI=.*/joinmarketWebUI=on/g" $RASPIBLITZ_CONF + /home/admin/config.scripts/blitz.conf.sh set jam on $RASPIBLITZ_CONF - # Hidden Service for joinmarket-webui if Tor is active + # Hidden Service for jam if Tor is active if [ "${runBehindTor}" = "on" ]; then - # make sure to keep in sync with internet.tor.sh script - /home/admin/config.scripts/tor.onion-service.sh joinmarket-webui 80 7502 443 7503 + # remove legacy + /home/admin/config.scripts/tor.onion-service.sh off joinmarket-webui + # add jam + /home/admin/config.scripts/tor.onion-service.sh jam 80 7502 443 7503 + fi source $RASPIBLITZ_INFO if [ "${state}" == "ready" ]; then @@ -176,11 +187,14 @@ WantedBy=multi-user.target echo "# OK - the joinmarket-api.service is enabled, to start manually use: 'sudo systemctl start joinmarket-api'" fi else - echo "*** JOINMARKET WEB UI ALREADY INSTALLED ***" + echo "*** JAM IS ALREADY INSTALLED ***" fi echo + echo "# Start the joinmarket ob-watcher.service" + sudo -u joinmarket /home/joinmarket/menu.orderbook.sh startOrderBookService + echo echo "# For the connection details run:" - echo "/home/admin/config.scripts/bonus.joinmarket-webui.sh menu" + echo "/home/admin/config.scripts/bonus.jam.sh menu" echo exit 0 fi @@ -204,6 +218,11 @@ if [ "$1" = "precheck" ]; then echo "# The non-descriptor wallet.dat is loaded in bitcoind." fi fi + echo "# Make sure max_cj_fee_abs and max_cj_fee_rel are set" + # max_cj_fee_abs between 5000 - 10000 sats + sed -i "s/#max_cj_fee_abs = x/max_cj_fee_abs = $(shuf -i 5000-10000 -n1)/g" /home/joinmarket/.joinmarket/joinmarket.cfg + # max_cj_fee_rel between 0.01 - 0.03% + sed -i "s/#max_cj_fee_rel = x/max_cj_fee_rel = 0.000$((RANDOM%3+1))/g" /home/joinmarket/.joinmarket/joinmarket.cfg exit 0 fi @@ -211,51 +230,51 @@ fi # update if [ "$1" = "update" ]; then isInstalled=$(sudo ls $HOME_DIR 2>/dev/null | grep -c "$APP_DIR") - if [ ${isInstalled} -eq 1 ]; then - echo "*** UPDATE JOINMARKET WEB UI ***" - cd $HOME_DIR + if [ ${isInstalled} -gt 0 ]; then + echo "*** UPDATE JAM ***" + cd $HOME_DIR || exit 1 if [ "$2" = "commit" ]; then - echo "# Updating to the latest commit in the default branch" - sudo -u $USERNAME wget https://github.com/$REPO/archive/refs/heads/master.tar.gz - sudo -u $USERNAME tar -xzf master.tar.gz - sudo -u $USERNAME rm -rf master.tar.gz - sudo -u $USERNAME mv joinmarket-webui-master $APP_DIR-update + echo "# Remove old source code" + sudo rm -rf jam + sudo rm -rf $APP_DIR + echo "# Downloading the latest commit in the default branch of $REPO" + sudo -u $USERNAME git clone https://github.com/$REPO else version=$(curl --silent "https://api.github.com/repos/$REPO/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') - cd $APP_DIR + cd $APP_DIR || exit 1 current=$(node -p "require('./package.json').version") cd .. if [ "$current" = "$version" ]; then - echo "*** JOINMARKET WEB UI IS ALREADY UPDATED TO LATEST VERSION ***" + echo "*** JAM IS ALREADY UPDATED TO LATEST RELEASE ***" exit 0 fi - sudo -u $USERNAME wget https://github.com/$REPO/archive/refs/tags/v$version.tar.gz - sudo -u $USERNAME tar -xzf v$version.tar.gz - sudo -u $USERNAME rm v$version.tar.gz - sudo -u $USERNAME mv joinmarket-webui-$version $APP_DIR-update + + echo "# Remove old source code" + sudo rm -rf jam + sudo rm -rf $APP_DIR + sudo -u $USERNAME git clone https://github.com/$REPO + cd jam || exit 1 + sudo -u $USERNAME git reset --hard v${version} + + sudo -u $USERNAME /home/admin/config.scripts/blitz.git-verify.sh \ + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "v${version}" || exit 1 + + cd $HOME_DIR || exit 1 fi - cd $APP_DIR-update || exit 1 + sudo -u $USERNAME mv jam $APP_DIR + cd $APP_DIR || exit 1 sudo -u $USERNAME rm -rf docker - sudo -u $USERNAME npm install - if ! [ $? -eq 0 ]; then + if ! sudo -u $USERNAME npm install; then echo "FAIL - npm install did not run correctly, aborting" exit 1 fi sudo -u $USERNAME npm run build - if ! [ $? -eq 0 ]; then - echo "FAIL - npm run build did not run correctly, aborting" - exit 1 - fi - cd .. - sudo -u $USERNAME rm -rf $APP_DIR - sudo -u $USERNAME mv $APP_DIR-update $APP_DIR - - echo "*** JOINMARKET WEB UI UPDATED ***" + echo "*** JAM UPDATED to $version ***" else - echo "*** JOINMARKET WEB UI NOT INSTALLED ***" + echo "*** JAM IS NOT INSTALLED ***" fi exit 0 @@ -264,44 +283,47 @@ fi # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then - isInstalled=$(sudo ls $HOME_DIR 2>/dev/null | grep -c "$APP_DIR") - if [ "${isInstalled}" -eq 1 ]; then - echo "*** UNINSTALL JOINMARKET WEB UI ***" + echo "*** UNINSTALL JAM ***" - # remove systemd service - sudo systemctl stop joinmarket-api - sudo systemctl disable joinmarket-api - sudo rm -f /etc/systemd/system/joinmarket-api.service - - # close ports on firewall - sudo ufw delete allow from any to any port 7500 comment 'allow JoinMarket Web UI HTTP' - sudo ufw delete allow from any to any port 7501 comment 'allow JoinMarket Web UI HTTPS' - - # remove nginx symlinks - sudo rm -f /etc/nginx/sites-enabled/joinmarket_webui_* - sudo rm -f /etc/nginx/sites-available/joinmarket_webui_* - sudo nginx -t - sudo systemctl reload nginx - - # Hidden Service if Tor is active - if [ "${runBehindTor}" = "on" ]; then - /home/admin/config.scripts/tor.onion-service.sh off joinmarket-webui - fi - - # remove the app - sudo rm -rf $HOME_DIR/$APP_DIR - - # remove SSL - sudo rm -rf $HOME_DIR/.joinmarket/ssl - - # setting value in raspi blitz config - sudo sed -i "s/^joinmarketWebUI=.*/joinmarketWebUI=off/g" $RASPIBLITZ_CONF - - echo "OK JOINMARKET WEB UI removed." + if [ -d /home/$USERNAME ]; then + sudo userdel -rf $USERNAME 2>/dev/null + echo "Removed the $USERNAME user" else - echo "*** JOINMARKET WEB UI NOT INSTALLED ***" + echo "There is no /home/$USERNAME present" fi + echo "Cleaning up Jam install ..." + # remove systemd service + sudo systemctl stop joinmarket-api 2>/dev/null + sudo systemctl disable joinmarket-api 2>/dev/null + sudo rm -f /etc/systemd/system/joinmarket-api.service + + # close ports on firewall + sudo ufw delete allow from any to any port 7500 + sudo ufw delete allow from any to any port 7501 + + # remove nginx symlinks and configs + sudo rm -f /etc/nginx/sites-enabled/jam_* + sudo rm -f /etc/nginx/sites-available/jam_* + sudo nginx -t + sudo systemctl reload nginx + + # Hidden Service if Tor is active + if [ "${runBehindTor}" = "on" ]; then + /home/admin/config.scripts/tor.onion-service.sh off jam + fi + + # remove the app + sudo rm -rf $HOME_DIR/$APP_DIR 2>/dev/null + + # remove SSL + sudo rm -rf $HOME_DIR/.joinmarket/ssl + + # setting value in raspi blitz config + /home/admin/config.scripts/blitz.conf.sh delete jam $RASPIBLITZ_CONF + + echo "OK, Jam is removed" + exit 0 fi diff --git a/home.admin/config.scripts/bonus.joinmarket.sh b/home.admin/config.scripts/bonus.joinmarket.sh index 846e1ee67..4740d7e04 100755 --- a/home.admin/config.scripts/bonus.joinmarket.sh +++ b/home.admin/config.scripts/bonus.joinmarket.sh @@ -5,24 +5,31 @@ # https://github.com/openoms/bitcoin-tutorials/tree/master/joinmarket # https://github.com/openoms/joininbox -JBVERSION="v0.6.8" # installs JoinMarket v0.9.6 +# https://github.com/openoms/joininbox/tags +JBTAG="v0.7.4" # installs JoinMarket v0.9.8 # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "JoinMarket install script to switch JoinMarket on or off" echo "sudo /home/admin/config.scrips/bonus.joinmarket.sh on|off" - echo "Installs JoininBox $JBVERSION with JoinMarket v0.9.5" + echo "Installs JoininBox $JBTAG with JoinMarket v0.9.5" exit 1 fi # show info menu if [ "$1" = "menu" ]; then - whiptail --title " JoinMarket info " --msgbox " -Type: 'jm' in the command line to switch to the dedicated user -and start the JoininBox menu. -Notes on usage: + whiptail --title " JoinMarket info " \ + --yes-button "Start Joininbox" \ + --no-button "Cancel" \ + --yesno "Usage notes: https://github.com/openoms/bitcoin-tutorials/blob/master/joinmarket/README.md + +Can also type: 'jm' in the command line to switch to the dedicated user, +and start the JoininBox menu. " 11 81 + if [ $? -eq 0 ]; then + sudo su - joinmarket + fi exit 0 fi @@ -114,9 +121,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # check the latest at: cd /home/joinmarket/joininbox || exit 1 # https://github.com/openoms/joininbox/releases/ - sudo -u joinmarket git reset --hard $JBVERSION + sudo -u joinmarket git reset --hard ${JBTAG} sudo -u joinmarket /home/admin/config.scripts/blitz.git-verify.sh \ - "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" "${JBTAG}" || exit 1 # copy the scripts in place sudo -u joinmarket cp /home/joinmarket/joininbox/scripts/* /home/joinmarket/ @@ -216,14 +223,15 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then # setting value in raspi blitz config /home/admin/config.scripts/blitz.conf.sh set joinmarket "off" - if [ -f "/home/joinmarket/joinmarket-clientserver/jmvenv/bin/activate" ] ; then - echo "# REMOVING JOINMARKET" + if [ -d /home/joinmarket ]; then + echo "Removing the joinmarket user" sudo userdel -rf joinmarket 2>/dev/null - echo "# OK JoinMarket is removed" else echo "JoinMarket is not installed." fi + /home/admin/config.scripts/bonus.jam.sh off + exit 0 fi