diff --git a/CHANGES.md b/CHANGES.md index a575d374a..dd0617663 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,38 @@ # CHANGES between Releases +## What's new in Version 1.7.1 of RaspiBlitz? + +- New: C-lightning v0.10.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v0.10.1) +- New: C-lightningREST v0.5.1 [details](https://github.com/Ride-The-Lightning/c-lightning-REST/releases/tag/v0.5.1) +- New: CL Spark Wallet v0.3.0rc with BOLT12 offers [details](https://github.com/shesek/spark-wallet/releases) +- New: CL plugin: Sparko [details](https://github.com/fiatjaf/sparko) +- New: CL plugin: CLBOSS The C-Lightning Node Manager [details](https://github.com/ZmnSCPxj/clboss#clboss-the-c-lightning-node-manager) +- New: Refactored Setup-Process [details](https://github.com/rootzoll/raspiblitz/issues/1126#issuecomment-829757665) +- New: Suez - channel visualization for LND and CL [info](https://github.com/rootzoll/raspiblitz/issues/2366#issuecomment-939521302)[details](https://github.com/prusnak/suez) +- New: LND Static Channel Backup to Nextcloud +- New: Allow SphinxApp to connect over Tor +- New: Parallel TESTNET & SIGNET services +- Update: Bitcoin Core v22.0 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-22.0.md) +- Update: LND v0.13.3 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.13.3-beta) +- Update: Specter Desktop 1.6.0 [details](https://github.com/cryptoadvance/specter-desktop/blob/master/README.md) +- Update: JoinMarket v0.9.2 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.2) +- Update: JoininBox v0.6.1 [details](https://github.com/openoms/joininbox/releases/tag/v0.6.1) +- Update: Electrum Server in Rust (electrs) v0.9.0 [details](https://github.com/romanz/electrs/blob/v0.9.0/RELEASE-NOTES.md) +- Update: Mempool 2.2.2 [details](https://github.com/mempool/mempool) +- Update: BTC-RPC-Explorer v3.2.0 [details](https://github.com/janoside/btc-rpc-explorer/blob/master/CHANGELOG.md#v320) +- Update: stacking-sats-kraken 0.4.4 [details](https://github.com/dennisreimann/stacking-sats-kraken/blob/master/README.md) +- Update: BTCPayServer 1.2.3 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.2.3) +- Update: Lightning Terminal v0.5.1-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.5.1-alpha) +- Update: RTL 0.11.2 [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.11.2) +- Update: Lightning Terminal v0.5.0-alpha [details](https://github.com/lightninglabs/lightning-terminal/releases/tag/v0.5.0-alpha) +- Update: Thunderhub v0.12.30 [details](https://github.com/apotdevin/thunderhub/releases/tag/v0.12.30) +- Update: Pool CLI v0.5.1-alpha [details](https://github.com/lightninglabs/pool/releases/tag/v0.5.1-alpha) +- Update: Balance of Satoshis 10.7.8 (BOS) + keep data on reinstall [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#version-8010) +- Update: Channel Tools (chantools) v0.9.3 [details](https://github.com/guggero/chantools/blob/master/README.md) +- Update: Circuitbreaker v0.3.0 [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md) +- Remove: DropBox Backup (its recommended to change to Nextcloud Backup) +- Remove: Litecoin (fork recommended) [details](https://github.com/rootzoll/raspiblitz/issues/2542) + ## What's new in Version 1.7.0 of RaspiBlitz? - New: Raspberry Pi OS Base Image 64-bit (April 2021) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..f7fe0f643 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,86 @@ +# Community development +Everybody is welcome to join, improve, and extend the RaspiBlitz - it's a work in progress. Check the issues if you wanna help out or add new ideas. You can find the scripts used for RaspiBlitz interactions on the device at /home/admin or in this Git repo's subfolder home.admin. + +## Understanding Blitz project +RaspiBlitz is insipired by the [RaspiBolt guide](https://stadicus.github.io/RaspiBolt/). Tutorial on how to build a lightning node on the RaspberryPi. So much thx to Stadicus :) +To start your Deep Dive into the RaspiBlitz project, watch [this video](https://www.youtube.com/watch?v=QXUGg45CWLo). + +### Blitz philosophy + +* DIY community development, if you are unhappy with the code, fork and pull request, this will make you you DYOR instead of depending on the developers. +* If you ask when the next release will be available, we don't know, but if you contribute, it might be faster. +* Be sure to contribute back, every little help is wanted. + +## Getting started +Get all details on "How to contribute to RaspiBlitz Development" on [this video](https://www.youtube.com/watch?v=ZVtZepV3OfM). + +### Levels +All levels are important. Even advanced users help on basic levels for other Blitzers. Every help is welcome. +Not all enhancements needs to go through all levels, these are levels of difficulty, scalability depends on your skills. + +#### Basic +1. **Reporting user side** --> Open an issue to indicate a problem or make a feature request. +1. **Community support** --> Solve other people issues. +1. **Good first issue** --> The purpose of the good first issue label is to highlight which issues are suitable for a new contributor without a deep understanding of the codebase. + +#### Medium +1. **Sovereignty** --> Fork the repo to have the changes controlled by you. +1. **Experiment** --> Try things out on your RaspiBlitz. +1. **Executable** --> Turn your experiment into a basic shell script. + +#### Advanced +1. **Config script** --> Integrate your executable into the RaspiBlitz enviroment. +1. **SSH-GUI** --> Make it easier for others to use your config script. +1. **WEB-GUI** --> Turn your feature into customer ready + +### Workflow + +Use the `github` command from terminal to set your RaspiBlitz to your own forked repo and development branch and use the command `patch` to sync your RaspiBlitz quickly with your latest commits. + +**Solving issues** + +You do not need to request permission to start working on an issue. However, +you are encouraged to leave a comment if you are planning to work on it. This +will help other contributors monitor which issues are actively being addressed +and is also an effective way to request assistance if and when you need it. + +#### Pull Request + +1. Make sure it is compatible with Blitz philosophy. +1. Fork the repo +1. Commit changes on the new branch +1. Open a pull request (PR are made to the `dev` branch unless indicated otherwise by a collaborator. + +#### Review + +##### Conceptual review + +A review can be a conceptual review, where the reviewer leaves a comment + +* Concept (N)ACK, meaning "I do (not) agree with the general goal of this pull +request", +* Approach (N)ACK, meaning Concept ACK, but "I do (not) agree with the +approach of this change". + +A NACK needs to include a rationale why the change is not worthwhile. +NACKs without accompanying reasoning may be disregarded. + +##### Code review + +After conceptual agreement on the change, code review can be provided. A review begins with the urgent necessity of the changes. +Start from urgent to less important: +1. Security risk. +1. Code that breaks the enviroment. +1. Enhancing current services functionality. +1. Solving a common issue. +1. Adding new applications. + +Project maintainers reserve the right to weigh the opinions of peer reviewers using common sense judgement and may also weigh based on merit. +Reviewers that have demonstrated a deeper commitment and understanding of the project over time or who have clear domain expertise may naturally have more weight, as one would expect in all walks of life. + +## Release policy +The project leader is the release manager for each RaspiBlitz release. + +## Copyright +By contributing to this repository, you agree to license your work under the [MIT license](https://github.com/rootzoll/raspiblitz/blob/master/LICENSE). +Any work contributed where you are not the original author must contain its license header with the original author(s) and source. diff --git a/FAQ.cl.md b/FAQ.cl.md new file mode 100644 index 000000000..2fbe4278b --- /dev/null +++ b/FAQ.cl.md @@ -0,0 +1,701 @@ + +# C-lightning on the RaspiBlitz FAQ + +- [Common questions about the different Lightning Network implementations](#common-questions-about-the-different-lightning-network-implementations) + - [Can LND and C-lightning nodes open channels to each other and route payments?](#can-lnd-and-c-lightning-nodes-open-channels-to-each-other-and-route-payments) + - [Can I run LND and C-lightning connected to the same node?](#can-i-run-lnd-and-c-lightning-connected-to-the-same-node) + - [Can I convert an LND node to C-lightning (or the opposite)?](#can-i-convert-an-lnd-node-to-c-lightning-or-the-opposite) + - [Is there a table to quickly compare LND and C-Lightning?](#is-there-a-table-to-quickly-compare-lnd-and-c-lightning) +- [C-lightning official documentation](#c-lightning-official-documentation) +- [Commands and aliases](#commands-and-aliases) +- [Directories](#directories) +- [Config file](#config-file) + - [Default values](#default-values) + - [All possible config settings](#all-possible-config-settings) +- [Plug-ins](#plug-ins) + - [General info](#general-info) + - [Directories](#directories-1) + - [Implemented plugins](#implemented-plugins) + - [Add a custom plugin](#add-a-custom-plugin) + - [CLBOSS](#clboss) + - [Feeadjuster](#feeadjuster) + - [Dual funded channels](#dual-funded-channels) + - [Reading](#reading) + - [Setting up](#setting-up) + - [Open a dual funded channel](#open-a-dual-funded-channel) + - [Fundchannel syntax](#fundchannel-syntax) + - [Offers](#offers) + - [About the feature bits](#about-the-feature-bits) +- [Testnets](#testnets) +- [Backups](#backups) + - [Seed](#seed) + - [How to display the hsm_secret in a human-readable format?](#how-to-display-the-hsm_secret-in-a-human-readable-format) + - [Channel database](#channel-database) + - [Recovery](#recovery) +- [Script file help list](#script-file-help-list) + +--- +## Common questions about the different Lightning Network implementations + +### Can LND and C-lightning nodes open channels to each other and route payments? +* Yes, all [BOLT specification](https://github.com/lightningnetwork/lightning-rfc) compliant implementations can open channels to each other and route payments. + +### Can I run LND and C-lightning connected to the same node? +* Yes, both can run parallel on a RaspiBlitz and even have channels witch each other. + +### Can I convert an LND node to C-lightning (or the opposite)? +* No, currently there are no tools available to convert between the databases storing the channel states. +The channels would need to be closed to use the same funds in an other node. + +### Is there a table to quickly compare LND and C-Lightning? +* see [github.com/openoms/lightning-node-management/blob/master/node-types/comparison.md](https://github.com/openoms/lightning-node-management/blob/master/node-types/comparison.md) + +--- + +## C-lightning official documentation +* https://lightning.readthedocs.io/ + +## Commands and aliases + +* Check if the C-lightning daemon is running: + ``` + sudo systemctl status lightningd + ``` +* Follow it's system output for debugging: + ``` + sudo journalctl -fu lightningd + ``` +* The logs can be accessed in the menu `SYSTEM` - `CLLOG` +or with the alias: `cllog` +* The frequently used commands are shortened with alisases. Check them with the command `alias`: + ``` + alias cl='sudo -u bitcoin /usr/local/bin/lightning-cli --conf=/home/bitcoin/.lightning/config' + alias clconf='sudo nano /home/bitcoin/.lightning/config' + alias cllog='sudo tail -n 30 -f /home/bitcoin/.lightning/bitcoin/cl.log' + ``` +## Directories +* All data is stored on the disk in: +`/mnt/hdd/app-data/.lightningd` +* and symlinked to: +`/home/bitcoin/.lightningd` + +## Config file +* Edit in the menu `SYSTEM` - `CLNCONF` or use the alias `clconf` + +### Default values +* on the RaspiBlitz for mainnet + ``` + network=bitcoin + announce-addr=127.0.0.1:9736 + log-file=cl.log + log-level=info + plugin-dir=/home/bitcoin/cln-plugins-enabled + # Tor settings + proxy=127.0.0.1:9050 + bind-addr=127.0.0.1:9736 + addr=statictor:127.0.0.1:9051/torport=9736 + always-use-proxy=true + ``` +### All possible config settings + * can be shown by running: + `lightningd --help` + * Place the settings in the config file without the `--` and restart lightningd + ``` + Usage: lightningd + A bitcoin lightning daemon (default values shown for network: bitcoin). + --conf= Specify configuration file + --lightning-dir= Set base directory: network-specific subdirectory is + under here (default: "/home/admin/.lightning") + --network Select the network parameters (bitcoin, testnet, + signet, regtest, litecoin or litecoin-testnet) + (default: bitcoin) + --mainnet Alias for --network=bitcoin + --testnet Alias for --network=testnet + --signet Alias for --network=signet + --allow-deprecated-apis Enable deprecated options, JSONRPC commands, fields, + etc. (default: true) + --rpc-file Set JSON-RPC socket (or /dev/tty) + (default: "lightning-rpc") + --plugin Add a plugin to be run (can be used multiple times) + --plugin-dir Add a directory to load plugins from (can be used + multiple times) + --clear-plugins Remove all plugins added before this option + --disable-plugin Disable a particular plugin by filename/name + --important-plugin Add an important plugin to be run (can be used multiple + times). Die if the plugin dies. + --always-use-proxy Use the proxy always (default: false) + --daemon Run in the background, suppress stdout/stderr + --wallet Location of the wallet database. + --large-channels|--wumbo Allow channels larger than 0.16777215 BTC + --experimental-dual-fund experimental: Advertise dual-funding and allow peers to + establish channels via v2 channel open protocol. + --experimental-onion-messages EXPERIMENTAL: enable send, receive and relay of onion + messages + --experimental-offers EXPERIMENTAL: enable send and receive of offers (also + sets experimental-onion-messages) + --experimental-shutdown-wrong-funding EXPERIMENTAL: allow shutdown with alternate txids + --help|-h Print this message. + --rgb RRGGBB hex color for node + --alias Up to 32-byte alias for node + --pid-file= Specify pid file + (default: "/home/admin/.lightning/lightningd-bitcoin.pid") + --ignore-fee-limits (DANGEROUS) allow peer to set any feerate + (default: false) + --watchtime-blocks Blocks before peer can unilaterally spend funds + (default: 144) + --max-locktime-blocks Maximum blocks funds may be locked for (default: 2016) + --funding-confirms Confirmations required for funding transaction + (default: 3) + --cltv-delta Number of blocks for cltv_expiry_delta (default: 34) + --cltv-final Number of blocks for final cltv_expiry (default: 18) + --commit-time= Time after changes before sending out COMMIT + (default: 10) + --fee-base Millisatoshi minimum to charge for HTLC (default: 1000) + --rescan Number of blocks to rescan from the current head, or + absolute blockheight if negative (default: 15) + --fee-per-satoshi Microsatoshi fee for every satoshi in HTLC + (default: 10) + --max-concurrent-htlcs Number of HTLCs one channel can handle concurrently. + Should be between 1 and 483 (default: 30) + --min-capacity-sat Minimum capacity in satoshis for accepting channels + (default: 10000) + --addr Set an IP address (v4 or v6) to listen on and announce + to the network for incoming connections + --bind-addr Set an IP address (v4 or v6) to listen on, but not + announce + --announce-addr Set an IP address (v4 or v6) or .onion v3 to announce, + but not listen on + --offline Start in offline-mode (do not automatically reconnect + and do not accept incoming connections) + --autolisten If true, listen on default port and announce if it + seems to be a public interface (default: true) + --proxy Set a socks v5 proxy IP address and port + --tor-service-password Set a Tor hidden service password + --experimental-accept-extra-tlv-types Comma separated list of extra TLV types to accept. + --disable-dns Disable DNS lookups of peers + --encrypted-hsm Set the password to encrypt hsm_secret with. If no + password is passed through command line, you will be + prompted to enter it. + --rpc-file-mode Set the file mode (permissions) for the JSON-RPC socket + (default: "0600") + --force-feerates Set testnet/regtest feerates in sats perkw, + opening/mutual_close/unlateral_close/delayed_to_us/htlc_resolution/penalty: + if fewer specified, last number applies to remainder + --subdaemon Arg specified as SUBDAEMON:PATH. Specifies an alternate + subdaemon binary. If the supplied path is relative the + subdaemon binary is found in the working directory. + This option may be specified multiple times. For + example, --subdaemon=hsmd:remote_signer would use a + hypothetical remote signing subdaemon. + --log-level log level (io, debug, info, unusual, broken) [:prefix] + (default: info) + --log-timestamps prefix log messages with timestamp (default: true) + --log-prefix log prefix (default: lightningd) + --log-file= log to file instead of stdout + --version|-V Print version and exit + --autocleaninvoice-cycle Perform cleanup of expired invoices every given + seconds, or do not autoclean if 0 + --autocleaninvoice-expired-by If expired invoice autoclean enabled, invoices that + have expired for at least this given seconds are + cleaned + --fetchinvoice-noconnect Don't try to connect directly to fetch an invoice. + --bitcoin-datadir -datadir arg for bitcoin-cli + --bitcoin-cli bitcoin-cli pathname + --bitcoin-rpcuser bitcoind RPC username + --bitcoin-rpcpassword bitcoind RPC password + --bitcoin-rpcconnect bitcoind RPC host to connect to + --bitcoin-rpcport bitcoind RPC host's port + --bitcoin-retry-timeout how long to keep retrying to contact bitcoind before + fatally exiting + --commit-fee Percentage of fee to request for their commitment + --funder-policy Policy to use for dual-funding requests. [match, + available, fixed] + --funder-policy-mod Percent to apply policy at (match/available); or amount + to fund (fixed) + --funder-min-their-funding Minimum funding peer must open with to activate our + policy + --funder-max-their-funding Maximum funding peer may open with to activate our + policy + --funder-per-channel-min Minimum funding we'll add to a channel. If we can't + meet this, we don't fund + --funder-per-channel-max Maximum funding we'll add to a channel. We cap all + contributions to this + --funder-reserve-tank Amount of funds we'll always leave available. + --funder-fuzz-percent Percent to fuzz the policy contribution by. Defaults to + 5%. Max is 100% + --funder-fund-probability Percent of requests to consider. Defaults to 100%. + Setting to 0% will disable dual-funding + --funder-lease-requests-only Only fund lease requests. Defaults to true if channel + lease rates are being advertised + --lease-fee-base-msat Channel lease rates, base fee for leased funds, in + satoshi. + --lease-fee-basis Channel lease rates, basis charged for leased funds + (per 10,000 satoshi.) + --lease-funding-weight Channel lease rates, weight we'll ask opening peer to + pay for in funding transaction + --channel-fee-max-base-msat Channel lease rates, maximum channel fee base we'll + charge for funds routed through a leased channel. + --channel-fee-max-proportional-thousandths Channel lease rates, maximum proportional fee (in + thousandths, or ppt) we'll charge for funds routed + through a leased channel. Note: 1ppt = 1,000ppm + --disable-mpp Disable multi-part payments. + ``` + +## Plug-ins + +### General info +* https://lightning.readthedocs.io/PLUGINS.html#a-day-in-the-life-of-a-plugin +* https://github.com/lightningd/plugins/ + +### Directories +* The plugins are installed to: +`/home/bitcoin/cl-plugins-available` +* and symlinked to: +`/home/bitcoin/cl-plugins-enabled` +* All plugins in the `/home/bitcoin/cl-plugins-enabled` directory are loaded automatically as set in the config file: `/home/bitcoin/.lightningd/config` + +### Implemented plugins +* summary +* sparko +* clboss + +### Add a custom plugin +* Place the plugin in the `/home/bitcoin/cl-plugins-enabled` directory +* Make sure it is owned by the `bitcoin` user and is executable: + ``` + sudo chown bitcoin:bitcoin /home/bitcoin/cl-plugins-enabled/PLUGIN_NAME + sudo chmod +x /home/bitcoin/cl-plugins-enabled/PLUGIN_NAME + ``` +* start with + ``` + lightnign-cli plugin start /home/bitcoin/cl-plugins-enabled/PLUGIN_NAME + ``` +* or to load it automatically on restart: + ``` + sudo systemctl restart lightningd + ``` + From the directory `/home/bitcoin/cl-plugins-enabled` it will load auomatically after restarts. +* To just load it run it once store in (and start from): + `/home/bitcoin/cl-plugins-available/` + +### CLBOSS +A plugin for automatic LN node management. +CLBOSS only requires to have funds deposited to the onchain wallet of C-lightning. +The recommended amount to start is ~ 10 million satoshis (0.1 BTC). + +It does automatically: + +* generate outbound capacity - opens channels +* generate inbound capacity - submarine swaps through the boltz.exchange API +* aware of onchain fees and mempool through c-lightning and makes transactions when fees are low +* manages rebalancing - performs probing +* closes bad channels (inactive or low traffic) - this function needs to activated manually + +Overall it is a tool which makes users able to send and receive lightning payments with minimal interaction, basically setting up a routing node by itself. + +The transactions made by CLBOSS does cost money and running it requires a fair amount of trust in the (fully open-source - MIT) code. +Neither the CLBOSS nor the RaspiBlitz developers can take resposibility for lost sats, use at your own discretion! + +* Activate it in the menu - `SETTINGS` - `-CL CLBOSS` +* Discussion: https://github.com/rootzoll/raspiblitz/issues/2490 +* Advanced usage +https://github.com/ZmnSCPxj/clboss#clboss-status +* Stopping CLBOSS will leave the node in the last state. No channels will be closed or funds removed when CLBOSS is uninstalled. + +### Feeadjuster + +* Install: + +* to set the default fees in the config add: + ``` + fee-base=BASEFEE_IN_MILLISATS + fee-per-satoshi=PPM_FEE_IN_SATS + ``` +* more options for the feeadjuster to be set in the c-lightning config can be seen in the [code](https://github.com/lightningd/plugins/blob/c16c564c2c5549b8f7236815490260c49e9e9bf4/feeadjuster/feeadjuster.py#L318): + ``` + plugin.add_option( + "feeadjuster-deactivate-fuzz", + False, + "Deactivate update threshold randomization and hysterisis.", + "flag" + ) + plugin.add_option( + "feeadjuster-deactivate-fee-update", + False, + "Deactivate automatic fee updates for forward events.", + "flag" + ) + plugin.add_option( + "feeadjuster-threshold", + "0.05", + "Relative channel balance delta at which to trigger an update. Default 0.05 means 5%. " + "Note: it's also fuzzed by 1.5%", + "string" + ) + plugin.add_option( + "feeadjuster-threshold-abs", + "0.001btc", + "Absolute channel balance delta at which to always trigger an update. " + "Note: it's also fuzzed by 1.5%", + "string" + ) + plugin.add_option( + "feeadjuster-enough-liquidity", + "0msat", + "Beyond this liquidity do not adjust fees. " + "This also modifies the fee curve to achieve having this amount of liquidity. " + "Default: '0msat' (turned off).", + "string" + ) + plugin.add_option( + "feeadjuster-adjustment-method", + "default", + "Adjustment method to calculate channel fee" + "Can be 'default', 'soft' for less difference or 'hard' for higher difference" + "string" + ) + plugin.add_option( + "feeadjuster-imbalance", + "0.5", + "Ratio at which channel imbalance the feeadjuster should start acting. " + "Default: 0.5 (always). Set higher or lower values to limit feeadjuster's " + "activity to more imbalanced channels. " + "E.g. 0.3 for '70/30'% or 0.6 for '40/60'%.", + "string" + ) + plugin.add_option( + "feeadjuster-feestrategy", + "global", + "Sets the per channel fee selection strategy. " + "Can be 'global' to use global config or default values, " + "or 'median' to use the median fees from peers of peer " + "Default: 'global'.", + "string" + ``` + +* start the feeadjuster + ``` + cl plugin start /home/bitcoin/cl-plugins-available/plugins/feeadjuster/feeadjuster.py + ``` +* stop (best to run only periodically) + ``` + cl plugin stop /home/bitcoin/cl-plugins-available/plugins/feeadjuster/feeadjuster.py + ``` +* Can use menu - `CL` - `SUEZ` to visualize the channel balances and fee settings +* check the list of base fees + ``` + cl listpeers | grep fee_base_msat + ``` +* check the list of proportional fees + ``` + cl listpeers | grep fee_proportional_millionths + ``` +* set the fees to the defaults + ``` + cl setchannelfee all + ``` + +### Dual funded channels +#### Reading +* https://medium.com/blockstream/c-lightning-opens-first-dual-funded-mainnet-lightning-channel-ada6b32a527c +* https://medium.com/blockstream/setting-up-liquidity-ads-in-c-lightning-54e4c59c091d +* https://twitter.com/niftynei/status/1389328732377255938 +* lightning-rfc PR: https://github.com/lightningnetwork/lightning-rfc/pull/851/files +* represented by the feature bits 28/29 + +#### Setting up +* activate the feature on your node: +Type: `clconf` or use the menu `SYSTEM` - `CLCONF`. +Add the line: + ``` + experimental-dual-fund + ``` + Save and restart C-lightning. + +* set up a liquidity ad: + ``` + lightning-cli funderupdate -k policy=match policy_mod=100 + ``` + or set in the config for example - see the meaning of each line in https://medium.com/blockstream/setting-up-liquidity-ads-in-c-lightning-54e4c59c091d : + + ``` + experimental-dual-fund + funder-policy=match + funder-policy-mod=100 + lease-fee-base-msat=500sat + lease-fee-basis=50 + channel-fee-max-base-msat=100sat + channel-fee-max-proportional-thousandths=2 + ``` +* check the settings used currently on your node: + ``` + lightning-cli funderupdate + ``` +* check your advertised settings (needs some minutes to appear): + ``` + lightning-cli listnodes $(lightning-cli getinfo | jq .id) + ``` + +#### Open a dual funded channel +* check if a node has onchain liquidity on offer: + ``` + lightning-cli listnodes nodeid + ``` + + Example: + ``` + lightning-cli listnodes 02cca6c5c966fcf61d121e3a70e03a1cd9eeeea024b26ea666ce974d43b242e636 + ``` +* list all nodes known in the graph with active offers: + ``` + lightning-cli listnodes | grep option_will_fund -B20 -A7 + ``` +* note the node `id` and `compact_lease` + +* connect to the node + ``` + lightning-cli connect nodeID@IP_or.onion + ``` +#### Fundchannel syntax +* the amount is the own funds in the wallet contributed +use equal amounts to have a balanced channel from start +the amounts can be specified in `sat` or `btc` + ``` + lightning-cli fundchannel -k id=NODE_ID amount=OWN_AMOUNTsat request_amt=PEER_CONTRIBUTION_AMOUNTsat compact_lease=COMPACT_LEASE + ``` + It can fail if the offer changed or there are not enough funds available on either side. + +* open a dual funded channel with a chosen utxo and miner feerate +list the utxo-s with `lightning-cli listfunds`, can list multiple +the feerate is in `perkb` by default, e.g. use 1000 for 1 sat/byte + ``` + lightning-cli fundchannel feerate=PERKB_FEERATE utxos='["TRANSACTION_ID:INDDEX_NUMBER"]' -kid=NODE_ID amount=OWN_AMOUNTsat request_amt=PEER_CONTRIBUTION_AMOUNTsat compact_lease=COMPACT_LEASE + ``` + +### Offers +* Details at bolt12.org +* Create an offer to receive payments: +https://lightning.readthedocs.io/lightning-offer.7.html + ``` + lightning-cli offer amount description [vendor] [label] [quantity_min] [quantity_max] [absolute_expiry] [recurrence] [recurrence_base] [recurrence_paywindow] [recurrence_limit] [single_use] + ``` +* Example: +Create a reusable offer which can be paid with any amount for LN tips using a fixed string. + ``` + lightning-cli offer any tip + ``` + +* Create an offer to send payments: +https://lightning.readthedocs.io/lightning-offerout.7.html + ``` + lightning-cli offerout amount description [vendor] [label] [absolute_expiry] [refund_for] + ``` +* Fetch an invoice to pay an offer: +https://lightning.readthedocs.io/lightning-fetchinvoice.7.html +Will need at least one peer which supports onion the messages. For example: + ``` + lightning-cli connect 024b9a1fa8e006f1e3937f65f66c408e6da8e1ca728ea43222a7381df1cc449605@128.199.202.168:9735 + ``` +* Then use the command to fetch the BOLT12 invoice: + ``` + lightning-cli fetchinvoice offer [msatoshi] [quantity] [recurrence_counter] [recurrence_start] [recurrence_label] [timeout] [payer_note] + ``` +* decode a BOLT12 invoice: + ``` + lightning-cli decode bolt12_invoice + ``` +* pay a a BOLT12 invoice: +Will need to pay through a peer which supports the onion messages which means you need at least one channel with such a node. + ``` + lightning-cli pay bolt12_invoice + ``` +* see if there is a new invoice is paid with: + ``` + lightning-cli listinvoices + ``` + The `pay_index` will increase as the offer gets reused. + +### About the feature bits +* https://bitcoin.stackexchange.com/questions/107484/how-can-i-decode-the-feature-string-of-a-lightning-node-with-bolt-9 +* Convert the hex number from `lightning-cli listpeers` to binary: https://www.binaryhexconverter.com/hex-to-binary-converter and count the position of the bits from the right. + + +## Testnets +* for testnet and signet there are prefixes `t` and `s` used for the aliases, daemons and their own plugin directory names. +* Testnet + ``` + # alias: + tcl | tclconf | tcllog + + # daemon service name: + tlightningd + + # config file: + /home/bitcoin/.lightningd/testnet/config + + # plugin directory: + /home/bitcoin/tcl-plugins-enabled + ``` +* Signet + ``` + # aliases: + scl | sclconf | scllog + + # daemon service name: + slightningd + + # config file: + /home/bitcoin/.lightningd/signet/config + + # plugin directory: + /home/bitcoin/scl-plugins-enabled + ``` + +## Backups +* https://lightning.readthedocs.io/FAQ.html#how-to-backup-my-wallet +* General details: https://lightning.readthedocs.io/BACKUP.html +### Seed +### How to display the hsm_secret in a human-readable format? +* If there is no seed available it isbest is to save the hsm_secret as a file with `scp`. To display as text: + ``` + sudo cat /home/bitcoin/.lightning/bitcoin/hsm_secret | xxd + ``` + + + +### Channel database +* + +### Recovery +* https://lightning.readthedocs.io/FAQ.html#database-corruption-channel-state-lost +* https://lightning.readthedocs.io/FAQ.html#loss + +## Script file help list + +``` +# generate a list of help texts on a RaspiBlitz: +cd /home/admin/config.scripts/ +ls cl*.sh > clScriptList.txt +sed -i "s#cl#./cl#g" clScriptList.txt +sed -i "s#.sh#.sh -h#g" clScriptList.txt +bash -x clScriptList.txt +rm clScriptList.txt +``` + +``` ++ ./cl.backup.sh -h + +--------------------------------------------------- +CL RESCUE FILE (tar.gz of complete cl directory) +--------------------------------------------------- +cl.backup.sh cl-export +cl.backup.sh cl-export-gui +cl.backup.sh cl-import [file] +cl.backup.sh cl-import-gui [setup|production] [?resultfile] +--------------------------------------------------- +SEED WORDS +--------------------------------------------------- +cl.backup.sh seed-export-gui [lndseeddata] +cl.backup.sh seed-import-gui [resultfile] + ++ ./cl.hsmtool.sh -h + +Create new wallet or import seed +Unlock/lock, encrypt, decrypt, set autounlock or change password for the hsm_secret + +Usage: +Create new wallet: +cl.hsmtool.sh [new] [mainnet|testnet|signet] [?seedPassword] +cl.hsmtool.sh [new-force] [mainnet|testnet|signet] [?seedPassword] +There will be no seedPassword(passphrase) used by default +new-force will delete any old wallet and will work without dialog + +cl.hsmtool.sh [seed] [mainnet|testnet|signet] ["space-separated-seed-words"] [?seedPassword] +cl.hsmtool.sh [seed-force] [mainnet|testnet|signet] ["space-separated-seed-words"] [?seedPassword] +The new hsm_secret will be not encrypted if no NewPassword is given +seed-force will delete any old wallet and will work without dialog + +cl.hsmtool.sh [unlock|lock] +cl.hsmtool.sh [encrypt|decrypt] +cl.hsmtool.sh [autounlock-on|autounlock-off] + +cl.hsmtool.sh [change-password] + ++ ./cl.install-service.sh -h + +Script to set up or update the C-lightning systemd service +Usage: +/home/admin/config.scripts/cl.install-service.sh + ++ ./cl.install.sh -h + +C-lightning install script +The default version is: v0.10.1 +Setting up on mainnet unless otherwise specified +mainnet / testnet / signet instances can run parallel + +Usage: +cl.install.sh on +cl.install.sh off +cl.install.sh [update |testPR ] +cl.install.sh display-seed + ++ ./cl-plugin.backup.sh -h + +Install the backup plugin for C-lightning +Replicates the lightningd.sqlite3 database on the SDcard + +Usage: +cl-plugin.backup.sh [on|off] [testnet|mainnet|signet] +cl-plugin.backup.sh [restore] [testnet|mainnet|signet] [force] +cl-plugin.backup.sh [backup-compact] [testnet|mainnet|signet] + +https://github.com/lightningd/plugins/tree/master/backup + ++ ./cl-plugin.clboss.sh -h + +Install or remove the CLBOSS C-lightning plugin +version: v0.10 +Usage: +cl-plugin.clboss.sh [on|off] [testnet|mainnet|signet] + ++ ./cl-plugin.sparko.sh -h + +Install, remove, connect or get info about the Sparko plugin for C-lightning +version: v2.7 +Usage: +cl-plugin.sparko.sh [on|off|menu|connect] [testnet|mainnet|signet] + ++ ./cl-plugin.standard-python.sh -h + +Install and show the output of the chosen plugin for C-lightning +Usage: +cl-plugin.standard-python.sh on [plugin-name] [testnet|mainnet|signet] [runonce] + +tested plugins: +summary | helpme | feeadjuster + +find more at: +https://github.com/lightningd/plugins + ++ ./cl-plugin.summary.sh -h + +Install and show the output if the summary plugin for C-lightning +Usage: +cl-plugin.summary.sh [testnet|mainnet|signet] [runonce] + ++ ./cl.rest.sh -h + +C-lightning-REST install script +The default version is: v0.5.1 +mainnet | testnet | signet instances can run parallel +The same macaroon and certs will be used for the parallel networks + +Usage: +cl.rest.sh [on|off|connect] + ++ ./cl.setname.sh -h + +Config script to set the alias of the C-lightning node +cl.setname.sh [mainnet|testnet|signet] [?newName] +``` \ No newline at end of file diff --git a/FAQ.md b/FAQ.md index 523ae5d21..078fa8d57 100644 --- a/FAQ.md +++ b/FAQ.md @@ -192,7 +192,7 @@ If your RaspiBlitz is not working correctly and you like to get help from the co - SSH into your raspiblitz as admin user with your password A - If you see the menu - use CTRL+C to get to the terminal -- To generate debug report run: `./XXdebugLogs.sh` +- To generate debug report run: `debug` - Then copy all output beginning with `*** RASPIBLITZ LOGS ***` and share this *PLEASE NOTICE: It's possible that these logs can contain private information (like IPs, node IDs, ...) - just share publicly what you feel OK with.* @@ -239,7 +239,7 @@ If you still can SSH in and HDD is readable, we can try to rescue/export your LN To rescue/export your Lightning data from a RaspiBlitz (since v1.1): * SSH into your RaspiBlitz and EXIT to terminal from the menu. -* then run: `/home/admin/config.scripts/lnd.rescue.sh backup` +* then run: `/home/admin/config.scripts/lnd.backup.sh lnd-export-gui` * follow the instructions of the script. This will create a lnd-rescue file (ends on gz.tar) that contains all the data from the LND. The script offers you a command to transfer the lnd-rescue file to your laptop. If the transfer was successful you can now setup a fresh RaspiBlitz. Do all the setup until you have a clean new Lightning node running - just without any funding or channels. @@ -247,7 +247,7 @@ This will create a lnd-rescue file (ends on gz.tar) that contains all the data f Then to restore your old LND data and to recover your funds and channels: * SSH into your new RaspiBlitz and EXIT to terminal from the menu. -* then run: `/home/admin/config.scripts/lnd.rescue.sh restore` +* then run: `/home/admin/config.scripts/lnd.backup.sh lnd-import-gui` * follow the instructions of the script. This script will offer you a way to transfer the lnd-rescue file from your laptop to the new RaspiBlitz and will restore the old data. LND then gets restarted for you, and after some time it should show you the status screen again with your old funds and channels. @@ -418,13 +418,13 @@ For example if you want to make a build from the 'dev' branch you execute the fo If you fork the RaspiBlitz repo (much welcome) and you want to run that code on your RaspiBlitz, there are two ways to do that: -* The quick way: For small changes in scripts, go to `/home/admin` on your running RaspiBlitz, delete the old git with `sudo rm -r raspiblitz` then replace it with your code `git clone [YOURREPO]` and `/home/admin/XXsyncScripts.sh` +* The quick way: For small changes in scripts, go to `/home/admin` on your running RaspiBlitz, delete the old git with `sudo rm -r raspiblitz` then replace it with your code `git clone [YOURREPO]` and `patch` * The long way: If you like to install/remove/change services and system configurations you need to build a SD card from your own code. Prepare like in [Build the SD Card Image](README.md#build-the-sd-card-image) from the README but in the end run the command: `wget --no-cache https://raw.githubusercontent.com/[GITHUB-USERNAME]/raspiblitz/[BRANCH]/build_sdcard.sh && sudo bash build_sdcard.sh false false [GITHUB-USERNAME] [BRANCH] lcd true true` -If you are then working in your forked repo and want to update the scripts on your RaspiBlitz with your latest repo changes, run `/home/admin/XXsyncScripts.sh` - That's OK as long as you don't make changes to the SD card build script - for that you would need to build a fresh SD card again from your repo. +If you are then working in your forked repo and want to update the scripts on your RaspiBlitz with your latest repo changes, run `patch` - That's OK as long as you don't make changes to the SD card build script - for that you would need to build a fresh SD card again from your repo. ## How can I checkout a new branch from the RaspiBlitz repo to my forked repo? @@ -455,7 +455,7 @@ git remote set-url origin [THE-URL-OF-YOUR-FORKED-REPO] Now to sync your branch namend BRANCH on your forked repo with your RaspiBlitz, you always just run: ``` -/home/admin/XXsyncScripts.sh BRANCH +/home/admin/config.scripts/blitz.github.sh BRANCH ``` So your workflow can go like this: You write code on your local computer. Commit to your local repo, push it to your forked repo and use the sync-script above to get the code to your RaspiBlitz. @@ -476,14 +476,14 @@ cd /home/admin/raspiblitz git fetch origin pull/[PRNUMBER]/head:pr[PRNUMBER] git checkout pr[PRNUMBER] cd /home/admin -./XXsyncScripts.sh -justinstall +/home/admin/config.scripts/blitz.github.sh -justinstall ``` Now you have the code of the PR active - depending on what scripts are changed you might need to reboot. To change back to the code: ``` -./XXsyncScripts.sh master +/home/admin/config.scripts/blitz.github.sh master ``` ## How to attach the RaspberryPi to the HDD? @@ -520,6 +520,7 @@ The best way would be to build the SD card yourself. You use the script `build_s Work notes for the process of producing a new SD card image release: +* Make sure you have the "Versioning" final in your RaspiBlitz Source Code * Start [`Ubuntu LIVE`](http://releases.ubuntu.com/18.04.3/ubuntu-18.04.3-desktop-amd64.iso) from USB stick on the Build Computer (press F12 on startup) * Connect to a secure WiFi (hardware switch on) or LAN * Download the latest RaspiOS-64bit (zip & sig file) namend in the [build_sdcard.sh](./build_sdcard.sh) and note the SHA256 checksum @@ -543,7 +544,7 @@ Work notes for the process of producing a new SD card image release: * Run the following command BUT REPLACE `[BRANCH]` with the branch-string of your latest version * `wget --no-cache https://raw.githubusercontent.com/rootzoll/raspiblitz/[BRANCH]/build_sdcard.sh && sudo bash build_sdcard.sh false true rootzoll [BRANCH] lcd true true` * Monitor/Check outputs for warnings/errors - install LCD -* Login new with `ssh admin@[IP-OF-RASPIBLITZ]` (pw: raspiblitz) and run `./XXprepareRelease.sh` +* Login new with `ssh admin@[IP-OF-RASPIBLITZ]` (pw: raspiblitz) and run `release` * Disconnect WiFi/LAN on build laptop (hardware switch off) and shutdown * Remove `Ubuntu LIVE` USB stick and cut power from the RaspberryPi * Connect USB stick with latest `TAILS` (make it stay offline) @@ -841,13 +842,13 @@ https://seravo.fi/2015/using-raid-btrfs-recovering-broken-disks ## How do I fix a displayed Error in my Config? When the LCD display is telling you to do a config check: -- go to the RaspiBlitz terminal (X on main menu) and run './XXsyncScripts.sh' -- start reboot with command: './XXshutdown.sh reboot' +- go to the RaspiBlitz terminal (X on main menu) and run 'patch' +- start reboot with command: 'restart' - go to the RaspiBlitz terminal run the command: 'check' - now edit the RaspiBlitz config and get rid of the errors: 'nano /mnt/hdd/raspiblitz.conf' - save config with: CTRL+o - exit nano editor with: CTRL+x -- start reboot with command: './XXshutdown.sh reboot' +- start reboot with command: 'restart' ## How to fix my upside down LCD after update? @@ -956,3 +957,8 @@ If you can login into your local internet router it should show you the IP addre Another way is to use [Angry IP Scanner](https://angryip.org/) to find the IP address. You can also put an empty file just called `hdmi` (without any ending) onto the sd card when connected to your laptop and then start it up on the RaspberryPi. This will activate the HDMI port and if you connect a HDMI monitor to the RaspberryPi it will show you the RaspiBlitz status screen containing the local IP address. + +## How can I enforce UASP mode for my SSD controller? + +By default just tested & selected SSD encasings/controller are running enabled with UASP in RaspiBlitz. UASP brings a speed up for the SSD but also if not well supported by the SSD encasing/controller can lead to system halts. If you know for sure that your SSD encasing/controller is supporting UASP fully you can place a file called `uasp.force` on the sd card boot section after flashing the image with your laptop. See details or report errors on issue [#2488](https://github.com/rootzoll/raspiblitz/issues/2488) + diff --git a/README.md b/README.md index 801b042ef..e939a30f4 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,12 @@ ![RaspiBlitz](pictures/raspilogo_tile_400px.png) -*Build your own Lightning Node on a RaspberryPi with a nice Display.* +*Build your own Lightning & Bitcoin Fullnode on a RaspberryPi with a nice Display.* -`Version 1.7.0 with lnd 0.12.1 and bitcoin 0.21.0 (or litecoin 0.18.1)` +`Version 1.7.1 with lnd 0.13.3 & c-lightning 0.10.0 and bitcoin 22.0.0` ![RaspiBlitz](pictures/raspiblitz.jpg) -**The RaspiBlitz is a do-it-yourself Lightning Node based on LND running together with a Bitcoin-Fullnode on a RaspberryPi (1TB SSD) and a nice display for easy setup & monitoring.** +**The RaspiBlitz is a do-it-yourself Lightning Node (LND and/or c-lightning) running together with a Bitcoin-Fullnode on a RaspberryPi (1TB SSD) and a nice display for easy setup & monitoring.** RaspiBlitz is mainly targeted for learning how to run your own node decentralized from home - because: Not your Node, Not your Rules. Discover & develop the growing ecosystem of the Lightning Network by becoming a full part of it. Build it as part of a [workshop](WORKSHOP.md) or as a weekend project yourself. @@ -19,7 +19,7 @@ There are further Services that can be switched on: * **BTCPayServer** (Cryptocurrency Payment Processor) [details](https://btcpayserver.org) * **BTC-RPC-Explorer** (Bitcoin Blockchain Explorer) [details](https://github.com/janoside/btc-rpc-explorer) * **LNbits** (Lightning wallet/accounts System) [details](https://twitter.com/lnbits/status/1253700293440741377?s=20) -* **SpecterDesktop** (Multisig Trezor, Ledger, COLDCARDwallet & Specter-DIY) [details](https://github.com/cryptoadvance/specter-desktop) +* **SpecterDesktop** (Multisig Trezor, Ledger, COLDCARDwallet & Specter-DIY) [details](https://github.com/cryptoadvance/specter-desktop) [app connection guide](https://d11n.net/connect-specter-desktor-with-raspiblitz.html) * **Lightning Terminal (Loop, Pool & Faraday)** (Manage Channel Liquidity) [details](https://github.com/lightninglabs/lightning-terminal#lightning-terminal-lit) * **JoinMarket** (CoinJoin Service) [details](https://github.com/JoinMarket-Org/joinmarket-clientserver) * **ThunderHub** (Lightning Node Manager WebUI) [details](https://www.thunderhub.io/) @@ -32,6 +32,10 @@ There are further Services that can be switched on: * **Sphinx Chat Relay Server** [details](https://github.com/stakwork/sphinx-relay/blob/master/README.md) * **Telegraf metrics** [details](https://github.com/rootzoll/raspiblitz/issues/1369) * **Chantools** (Fund Rescue) [details](https://github.com/guggero/chantools/blob/master/README.md) +* **Suez** (Channel Visualization for LND & CL) [details](https://github.com/prusnak/suez#suez) +* **CL Spark Wallet** (WalletUI with BOLT12 offers) [details](https://github.com/shesek/spark-wallet#progressive-web-app) +* **CL plugin: Sparko** (WalletUI & HTTP-RPC bridge) [details](https://github.com/fiatjaf/sparko#the-sparko-plugin) +* **CL plugin: CLBOSS** (Automated Node Manager) [details](https://github.com/ZmnSCPxj/clboss#clboss-the-c-lightning-node-manager) You can connect the following Wallet-Apps to your RaspiBlitz: @@ -40,7 +44,7 @@ You can connect the following Wallet-Apps to your RaspiBlitz: * **SendMany** (Android) [details](https://github.com/fusion44/sendmany/blob/master/README.md) * **Sphinx Chat App** (Android & iOS) [details](https://sphinx.chat) -Also many more features like Touchscreen, Channels Autopilot, DynDNS, SSH-Tunneling, UPS Support, ... +Also many more features like Touchscreen, Channels Autopilot, Backup, DynDNS, SSH-Tunneling, UPS Support, ... ## DeepDive Video (July 2020) @@ -48,7 +52,7 @@ Also many more features like Touchscreen, Channels Autopilot, DynDNS, SSH-Tunnel ## Time Estimate to Set Up a RaspiBlitz -The RaspiBlitz is optimized for being setup during a workshop at a hackday or conference (see [detailed workshop tutorial](WORKSHOP.md)). When it comes fully assembled with an up-to-date synced blockchain, it's possible to have it ready in about 2 to 3 hours - most of it is waiting time. +The RaspiBlitz is optimized for being setup during a workshop at a hackday or conference (see [detailed workshop tutorial](WORKSHOP.md)). When it comes fully assembled with an up-to-date synced blockchain, it's possible to have it ready in about 2 to 3 hours. If you start at home ordering the parts from Amazon (see shopping list below) then it's a weekend project with a lot of downloading and syncing time where you can do other stuff while checking on the progress from time to time. @@ -60,9 +64,9 @@ All parts together cost around 180-250 USD - based on shops and location. ### Buy a ready-2-go RaspiBlitz (Germany, EU and International) -If you like to support the RaspiBlitz project you can order a ready-2-go RaspiBlitz or an all-you-need-hardware set for yourself or for your RaspiBlitz workshop from [raspiblitz.com](https://raspiblitz.com) +If you like to support the RaspiBlitz project you can order a plug&play RaspiBlitz from [raspiblitz.com](https://raspiblitz.com) -Find a list of other shops selling a Ready-2-Go RaspiBlitz in your area on [raspiblitz.org](https://raspiblitz.org/). +Find a list of other shops selling a plug&play RaspiBlitz in your area on [raspiblitz.org](https://raspiblitz.org). ### Amazon Shopping List (buy parts & build it yourself) @@ -103,30 +107,29 @@ In the end your RaspiBlitz should look like this: ## Downloading the Software -There are two ways how you can install the RaspiBlitz software on your RaspberryPi: +*PLEASE WAIT SOME MORE HOURS .. NEW RELEASE 1.7.1 IMAGE WILL BE POROVIDED VERY SOON* |Method|Install the image|Build the sd card| |------|-----------------|-----------------| |Philosophy|Trust|Sovereignty| |Difficulty level|Easy|Medium| |Pros|Make Blitz accessible to everyone|You don't need to trust us, build from your own forked repository| -|Cons|You have to trust the mantainer image binaries|You need to read the build_sdcard.sh parameters in order for the customization to suit your needs| -|Instructions|[Download image](https://raspiblitz.fulmo.org/images/raspiblitz-v1.7.0-2021-04-25.img.gz) and [Flash the sd card](README.md#write-the-sd-card-image-to-your-sd-card)|[Build your own sd card image](#build-the-sd-card-image)| -|Verify what?|[Signature file](https://raspiblitz.fulmo.org/images/raspiblitz-v1.7.0-2021-04-25.img.gz.sig) and [verify the Sig](FAQ.md#how-to-verify-the-sd-card-image-after-download) OR SHA-256 (below)|All of the code, don't trust, verify| +|Instructions|(NEW IMAGE WILL BE RELEASED SHORTLY) and [Flash the sd card](README.md#write-the-sd-card-image-to-your-sd-card)|[Build your own sd card image](#build-the-sd-card-image)| +|Verify what?|[Signature file]() and [verify the Sig](FAQ.md#how-to-verify-the-sd-card-image-after-download) OR SHA-256 (below)|All of the code, don't trust, verify| -If downloading the mantainer sd card image: +If downloading the maintainer sd card image: * GPG 64-bit: 1C73 060C 7C17 6461 -* SHA-256: e6d70ac1662af3e90e57bee8c50e9a7925239431892e1916c2be80e519befc3f +* SHA-256: (please wait) Which verification method should I used: Hash or Signature? * Signed file prove to you that the SD card image was actually built by the lead developer of the RaspiBlitz project. (Safest) * Hash function checks file integrity. (Secure) -The mantainer sd card image can also be downloaded via torrent: -* [assets/raspiblitz-v1.7.0-2021-04-25.img.gz.torrent](https://github.com/rootzoll/raspiblitz/raw/v1.7/home.admin/assets/raspiblitz-v1.7.0-2021-04-25.img.gz.torrent) +The maintainer sd card image can also be downloaded via torrent: +* [assets/raspiblitz-vXXX.img.gz.torrent](https://github.com/rootzoll/raspiblitz/raw/v1.7/home.admin/assets/raspiblitz-XXX.img.gz.torrent) Useful info: -* [What's new in Version 1.7 of RaspiBlitz?](CHANGES.md#whats-new-in-version-170-of-raspiblitz) +* [What's new in Version 1.7.1 of RaspiBlitz?](CHANGES.md#whats-new-in-version-171-of-raspiblitz) * [How to update my RaspiBlitz?](README.md#updating-raspiblitz-to-new-version) * [How to migrate to RaspiBlitz from Umbrel/myNode](#make-a-raspiblitz-out-of-your-umbrel-or-mynode) * [How to verify the SD card image after download?](FAQ.md#how-to-verify-the-sd-card-image-after-download) @@ -149,7 +152,7 @@ Insert the SD card and connect the power plug. * [Can I directly connect the RaspiBlitz with my laptop?](FAQ.md#can-i-directly-connect-the-raspiblitz-to-my-laptop) * [I connected my HDD, but it still says 'Connect HDD' on the display?](FAQ.md#i-connected-my-hdd-but-it-still-says-connect-hdd-on-the-display) -When everything boots up correctly, you should see the local IP address of your RaspiBlitz on the LCD panel. +When everything boots up correctly (one reboot is normal), you should finally see the local IP address of your RaspiBlitz on the LCD panel. - [How do I find the IP address when running without a display?](FAQ.md#how-do-i-find-the-ip-address-when-running-without-a-display) @@ -159,7 +162,9 @@ Now open up a terminal ([OSX](https://www.youtube.com/watch?v=5XgBd6rjuDQ)/[Win1 `ssh admin@[YOURIP]` → use password: `raspiblitz` -**Now follow the dialogue in your terminal. This can take some time (prepare some coffee) - but in the end you should have a running Lightning node on your RaspberryPi that you can start to learn and hack on.** +**Now follow the dialogue in your terminal.** + +*Further down you will find more [detailed documentation of the setup process](#setup-process-detailed-documentation).* * [I cannot connect per SSH to my RaspiBlitz. What to do?](FAQ.md#i-cannot-connect-per-ssh-to-my-raspiblitz-what-to-do) @@ -173,7 +178,7 @@ If you run into a problem or you have still a question, follow the steps below t 2. If you have a hardware problem, please check that your hardware parts are exactly the parts recommended in the shopping list above. Different screens or even SSD-casings can cause problems. -3. Please determine if your problem/question is about RaspiBlitz or for example with LND. For example if you can't route a payment or get an error when opening a channel that is an LND question/problem and is best answered by the LND dev community: https://dev.lightning.community +3. Please determine if your problem/question is about RaspiBlitz or for example with LND or c-lightning. For example if you can't route a payment or get an error when opening a channel that is an LND/c-lightning question/problem and is best answered by the [LND dev community](https://dev.lightning.community) or the [c-lightning documentation](https://lightning.readthedocs.io/) 4. Go to the GitHub issues of the RaspiBlitz: https://github.com/rootzoll/raspiblitz/issues Do a search there. Also check closed issues by removing 'is:open' from the filter/search-box. @@ -203,115 +208,53 @@ There are plenty off rooms you can find Raspiblitz users that can help you: ## Setup Process (Detailed Documentation) -*The goal is, that all information needed during setup is provided from the interaction with the RaspiBlitz itself during the setup. Documentation in this chapter is for background, comments for educators and to mention edge cases.* +*The following documentation will provide more detailed background information on the setup process.* If you are looking for a tutorial on how to organize a workshop to build the RaspiBlitz, [see here](WORKSHOP.md). -### Init +### Basic Setup -In the beginning you can choose how to setup your RaspiBlitz, by running on Bitcoin or Litecoin with Lightning. This is also the point where you can import a Migration file from an older RaspiBlitz - read about Migration [further down](README.md#import-a-migration-file). The default choice here is Bitcoin. + Everytime you start with a fresh sd card image you will get offerered different options. For example this is also the point where you can import a Migration file from an older RaspiBlitz - read about Migration [further down](README.md#import-a-migration-file). But because you are setting up a brand new RaspiBlitz you will choose here `FRESHSETUP`. ![SSH0](pictures/ssh0-welcome2.png) +Then you will be asked what todo with the connected harddrive/ssd. + +If there is already a blockchain on your hardrive/ssd - you will be asked if you want to use this pre-synced/validated data or if its OK to delete it. If there is no blockchain data - this question will be skipped. + +![SSH0](pictures/ssh0-askchain.png) + +Finally you have to agree that all (other) data will get deleted on the harddrive/ssd (except the blockchain if you choosed that before). This might take some seconds. + +![SSH0](pictures/ssh0-formathdd.png) + First thing to setup is giving your RaspiBlitz a name: ![SSH1](pictures/ssh1-name.png) This name is given to the RaspiBlitz as a public alias of the lightning node for everybody to see. -Then the user is requested to think of and write down 4 passwords: +Then you can choose which Lightning implementation you want to run on top of your Bitcoin Fullnode. RaspiBlitz started with `LND` from Lightning Labs which is used by most other RaspberryPi lightning nodes and works with most additional apps. But you can now also choose `CL` for c-lightning by Blockstream which is a good choice for already more experienced node operators & lightning developers that want to use the highly customizable plug-in structure that c-lightning offers. -![SSH2](pictures/ssh2-passwords.png) +Its also possible to use both in parallel on your RaspiBlitz later on - just pick one to start with or choose `NONE` is your only interested in running a Fullnode without Lightning. -You can use this [RaspiBlitz Password Sheet (PDF)](https://github.com/rootzoll/raspiblitz/raw/v1.4/home.admin/assets/RaspiBlitzRecoverySheet.pdf) to write those passwords down for save storage and also use it later on for your Seed Words. +![SSH1](pictures/ssh1-layer2.png) -*The password A,B,C & D idea is directly based on the [RaspiBolt Guide Preparations](https://stadicus.github.io/RaspiBolt/raspibolt_10_preparations.html#write-down-your-passwords) - check out for more background.* +*In the following we show the setup with LND - which is very similar to the steps with c-lightning.* -Then the user is asked to enter the Password A: +If you choosed one of the lightning implementations you will now be asked if you want to start a `NEW` wallet/lightning node or if you had an `OLD` lightning wallet/node that you want to re-create. -![SSH3a](pictures/ssh3a-password.png) +![SSH1](pictures/ssh1-oldnew.png) -This is the new password which has to be used for every SSH login after this screen with the user admin. It's also set for the existing user: root, bitcoin & pi. +Normally you just chose `NEW` here .. but to recover an old wallet you have the following options if you choose `OLD`: -*The bitcoin and lightning services will later run in the background (as daemon) and use the separate user “bitcoin” for security reasons. This user does not have admin rights and cannot change the system configuration.* - -Then the user is asked to enter the Password B - this is internally used for the bitcoin RPC interface. But also as login for additional apps like the RTL-WebGUI or the Blockexplorer: - -![SSH3b](pictures/ssh3b-password.png) - -*The other passwords C & D will be needed later on. They will be used during the lightning wallet setup.* - -After this the setup process will need some time and the user will see a lot of console outputs - just wait until it's finished: - -![SSH4](pictures/ssh4-scripts.png) - -### Getting the Blockchain - -*If you have a HDD/SSD with a prepared blockchain (e.g. a ready2go-set or you are at a workshop) you have the option to trust that data and skip to the [next chapter](#setup-lightning). If you started with an empty HDD - you will see the following screens:* - -If you connected a fresh Hard Drive or SSD to the RaspiBlitz, it might now ask you if it's OK to format it. - -format-HDD - -*Your HDD/SSD will get formatted with the linux standard file system EXT4. If you want to try out the experimental new [BTRFS](FAQ.md#why-use-btrfs-on-raspiblitz) that RaspiBlitz supports since v1.4 - you need to start the setup with an additional 32GB USB thumb drive connected to the second USB3 port of the RaspberryPi. Then you will unlock this new secret feature.* - -After formatting you need to get a copy of the blockchain; the RaspiBlitz offers the following options: - -blockchain-options - -The options - and when to choose which - will be explained here shortly: - -#### 1. SYNC - Selfvalidate all Blocks - -With the new RaspberryPi 4 (with SSD & min 2GB RAM) this is the best way to go. It will take around 2-3 days to sync & validate directly with the bitcoin network. With this option, you have done it the original `don't trust, verify` way. - -*For the old RaspberryPi 3 this is not recommended. A RaspberryPi 3 has a very low power CPU and syncing+validating the blockchain directly with the peer2peer network can take multiple weeks - that's why for a RP3 you should choose the COPY option .* - -#### 2. COPY - Copy from Laptop or another RaspiBlitz over Local Network - -First you need to download & validate the blockchain on your own computer/laptop. Todo so install bitcoin-core (0.18.1 or higher) from [bitcoin.org](https://bitcoin.org/en/download) and keep it running until blockchain is synced (will need around 320 GB). - -Then you can use the COPY option to copy the blockchain over to the RaspiBlitz. This will be done over the local network by SCP (SSH file transfer) - follow the instructions given in the dialogs. - -It's advised to keep a backup of the bitcoin-core & the blockchain data (e.g. on your laptop) in case you need to re-setup the RaspiBlitz. - -More details: [I have the full blockchain on another computer. How do I copy it to the RaspiBlitz?](FAQ.md#i-have-the-full-blockchain-on-another-computer-how-do-i-copy-it-to-the-raspiblitz) - -### Setup Lightning - -Lightning is installed and waiting for your setup if you see this screen. - -![SSH7](pictures/ssh7-lndinit.png) - -You can now decide if you want to setup a fresh new wallet or if you want to recover an old wallet from a RaspiBlitz you had before. - -#### Setup a NEW Wallet - -This is the default if you setup a RaspiBlitz the first time. - -![SSH8](pictures/ssh8-wallet.png) - -RaspiBlitz will ask you to set your wallet unlock password - use your chosen PASSWORD C here. Confirm by inputting it a second time. - -LND will now generate a fresh cipher seed (word list) for you. - -![SSH8](pictures/ssh8-walletb.png) - -WRITE YOUR PERSONAL WORDS DOWN before you continue - without it you limit your chances to recover funds in case of failing hardware etc. If you just want to try/experiment with the RaspiBlitz, at least take a photo with your smartphone just in case. If you plan to keep your RaspiBlitz running, store this word list offline or in a password safe. You can use the [RaspiBlitz Password Sheet (PDF)](https://github.com/rootzoll/raspiblitz/raw/v1.4/home.admin/assets/RaspiBlitzRecoverySheet.pdf) for this. - -#### Recover an OLD Wallet - -Choose this option if you had an old RaspiBlitz you want to recover. You have three options to do that: - -![SSH7](pictures/ssh7-lndrecover.png) - -The RaspiBlitz calling the LND wallet creation command for you: +![SSH1](pictures/ssh2-layer2old.png) ##### LNDRESCUE LND tar.gz-Backupfile (BEST) -Choose this option if you have made a complete backup of the LND data and have a tar.gz file starting with the word 'lnd-rescue' available. It will recover all your on-chain funds and open channels you had. But you have to make sure that the LND backup you have is really the latest version - otherwise you might lose channel funds. +Choose this option if you have made a complete backup of the LND or c-lightning data and have a tar.gz file starting with the word 'lnd-rescue' or 'cl-rescue' available. It will recover all your on-chain funds and open channels you had. But you have to make sure that the rescue backup you have is really the latest version - otherwise you might lose channel funds. -*If you have tar.gz file that starts with 'raspiblitz', that's a migration file. That also includes your old LND wallet, but you import it earlier in the setup process .. see further below for details.* +*If you have tar.gz file that starts with 'raspiblitz', that's a migration file. That also includes your old LND/c-lightning wallet, but you import that file at the beginning of the setup process with 'FROMBACKUP - Upload Migration Backup' instead choosing FRESHSETUP* ##### SEED+SCB Words Seed & channel.backup file (OK) @@ -321,55 +264,87 @@ Next best option is, if you have the channel.backup file and the word list seed. If you just have the word list (RaspiBlitz 1.1 and older) you can at least try to recover your on-chain funds. Recovery of channel funds is not very likely in this scenario. -### Final LND Setup +But normally you are setting up a new node - so simply choose `NEW` in the menu. -It will now make sure your wallet is initialized correctly and may ask you to unlock it with PASSWORD C. +![SSH2](pictures/ssh2-passwords.png) -![SSH9c](pictures/ssh9c-unlock.png) +Finally you have to set 3 passwords called A, B & C ... please choose here single strings (without spaces and special characters) that are at least 8 chars long. -*The LND wallet needs to get unlocked on every new start/reboot of the RaspiBlitz.* +You can use this [RaspiBlitz Recovery Sheet (PDF)](https://github.com/rootzoll/raspiblitz/raw/v1.7/home.admin/assets/RaspiBlitzRecoverySheet.pdf) to write those passwords down for save storage and also use it later on for your Seed Words. -The RaspiBlitz will now do final setup configuration, such as installing tools, moving the SWAP file to the HDD, or activating the firewall. You will see some text moving across the screen until this screen: +*The password A,B,C idea is based on the [RaspiBolt Guide Preparations](https://stadicus.github.io/RaspiBolt/raspibolt_10_preparations.html#write-down-your-passwords) - check out for more background.* -![SSH9b](pictures/ssh9b-reboot.png) +First Password A is requested - this is the new password which has to be used for every SSH login for now. It's also set for the existing users: admin, root, bitcoin & pi. -The basic setup is done - hooray ... but it may still take some time before everything is ready and you can play around with your new RaspiBlitz. Press 'OK' to reboot. Your terminal session will get disconnected and the raspberry pi restarts. +*The bitcoin and lightning services will later run in the background (as daemon) and use the separate user “bitcoin” for security reasons. This user does not have admin rights and cannot change the system configuration.* -### First Start: Syncing & Scanning +Then enter the Password B - this is internally used for the bitcoin RPC interface. But also as login for additional apps like the RTL-WebGUI or the Blockexplorer: -After the reboot is done, it will take a while for all services to start up - wait until you see on the LCD/display that LND wallet needs to get unlocked. Then SSH in again with the same command like in the beginning (check LCD/display) but this time (and every following login) use your PASSWORD A. +And finally enter the Password C - this is used to encrypt/lock the lightning wallet on the harddrive/ssd and is used by LND. Everytime a lightning node is started/rebooted LND needs load the wallet into memory to work with and ask you for the Password C to "unlock" the wallet. -After terminal login, LND will ask you (like on every start/reboot) to unlock the wallet again - use PASSWORD C: +*In the early RaspiBlitz versions there was also an additional Pasword D, that is no longer in use.* -![SSH9c](pictures/ssh9c-unlock.png) +After this the setup process will need some time to set everything up - just wait until it's finished - this can take from 10 to 30 minutes: -On first start, you will have a longer waiting time (between 10 minutes and 2-3 days, depending on your initial setup) ... but that's OK, just leave the RaspiBlitz running until it's done. +![SSH4](pictures/ssh4-scripts.png) -![SSH9d1](pictures/ssh9d-sync.png) +### Final Setup -*You can even close your terminal now and shutdown your laptop and ssh back in later on. You will see on the Blitz LCD/display that it is ready when the blue background screen is gone, and you see a status screen.* +Once the basic setup ran thru you lightning node & wallet was created and you get presented the important backup seed words which you need to write down on paper and store them in a secure location. You will need to confirm that you wrote the seed words down before you can continue. -To understand what is taking so long .. it's two things: +![SSH4](pictures/ssh4-seed.png) -1. Blockchain Sync +WRITE YOUR PERSONAL WORDS DOWN before you continue - you will need them to recover funds in case of failing hardware etc. If you just want to try/experiment with the RaspiBlitz, at least take a photo with your smartphone just in case. If you plan to keep your RaspiBlitz running, store this word list offline or in a password safe. -The blockchain on your HDD is not absolutely up-to-date. Depending on how you got it transferred to your RaspiBlitz it will be some hours, days, or even weeks behind. Now the RaspiBlitz needs to catch-up on the rest by directly syncing with the peer-2-peer network until it reaches almost 100%. Even if you see progress at 99.8%, there can still be waiting time - gaining 1% can take up to 4 hours (depending on network speed), so be patient here. +You can use this [RaspiBlitz Recovery Sheet (PDF)](https://github.com/rootzoll/raspiblitz/raw/v1.7/home.admin/assets/RaspiBlitzRecoverySheet.pdf) to write down those seed words for save storage. -2. Lightning Scanning +If you dont had a full copy of the blockchain pre-synced/validated on your harddrive/ssd then you will now be asked how you want to get your copy of the blockchain .. there are two basic options here: -Automatically if the Blockchain Sync is progressing LND will start to scan the blockchain and collect information. The Lightning scanning alone normally just takes around 1 hour until the waiting time is over. Can take much longer if you recover on old wallet from seed. +![SSH4](pictures/ssh4-blockchain.png) -* [Why is my "final sync" taking so long?](FAQ.md#why-is-my-final-sync-taking-so-long) +#### 1. SYNC - Selfvalidate all Blocks -Once all is done, you should see a status screen on the RaspiBlitz LCD/display like this: +With the new RaspberryPi 4 (with SSD & min 2GB RAM) this is the best way to go. It will take around 3-6 days to sync & validate directly with the bitcoin network. With this option, you have done it the original `don't trust, verify` way. -![SSH9dz](pictures/ssh9z-ready.png) +*For the old RaspberryPi 3 this is not recommended. A RaspberryPi 3 has a very low power CPU and syncing+validating the blockchain directly with the peer2peer network can take multiple weeks - that's why for a RP3 you should choose the COPY option .* + +#### 2. COPY - Copy from Laptop or another RaspiBlitz over Local Network + +If you have a friend that is already running a synced RaspiBlitz or you have a laptop with enough free space on the harddrive that can download & validate the Blockchain much faster you can also choose the `COPY` option. You can then delete existing blockchain your RaspiBlitz already started syncing for you. + +![SSH4](pictures/ssh4-copy.png) + +To copy from another RaspiBlitz choose `BLITZ` and follow the instructions. Know that the other Blitz will be offline to the lightning network during the copy that will take multiple hours. + +To copy from your laptop/computer (`WINDOWNS`, `MACOS` & `LINUX` options) you first need to download & validate the blockchain on your own computer/laptop. Todo so install latest bitcoin-core (0.18.1 or higher) from [bitcoin.org](https://bitcoin.org/en/download) and keep it running until blockchain is synced (will need around 400 GB). Then under the `COPY` option choose the Operating System. The copy will be done over the local network by SCP (SSH file transfer) - follow the instructions given in the dialogs. It's advised to keep a backup of the bitcoin-core & the blockchain data (e.g. on your laptop) in case you need to re-setup the RaspiBlitz. + +More details: [I have the full blockchain on another computer. How do I copy it to the RaspiBlitz?](FAQ.md#i-have-the-full-blockchain-on-another-computer-how-do-i-copy-it-to-the-raspiblitz) + +If you dont have the Bitcoin Blockchain already on another laptop or RaspiBlitz simply choose `SELFSYNC`. + +And hooray :D Your RaspiBlitz is ready to go! Welcome new node operator. + +![SSH4](pictures/ssh4-done.png) + +If you hit OK, the RaspiBlitz will go into a final reboot. + +![SSH5](pictures/ssh5-reboot.png) + +Just wait a bit and then the SSH command to login again. Dont forget to use this time your password A ... which is always for password for system login. + +![SSH5](pictures/ssh5-unlock.png) + +If you run LND you will be asked to unlock your wallet - thats always your password C. BTW under `SETTINGS` in the main menu you can activate the Auto-Unlock if you prefer. + +![SSH5](pictures/ssh5-blocksync.png) + +Remeber that now your RaspiBlitz might need a longer time to sync/validate the blockchain - this can be multiple days. In the beginnig you might see fast progress but its normal that this gets slower later on. Also your RaspberryPi CPU might get quite hot ... thats also OK during this inital sync time - the RaspberryPi has its own protection against overheating and will push thru. ### Main Menu -If you now login by SSH in your RaspiBlitz (or you are still logged in) you will see the Main Menu: +Once the Blockchain is synced you will enter the SSH Main Menu: -![SSH9e1](pictures/mainmenu.png) +![SSH5](pictures/ssh5-mainmenu.png) All options on the main menu will be explained below in the feature documentation. @@ -381,7 +356,7 @@ If you need an idea of what the most basic next steps to experience Lightning wo * Open a channel * Make a payment -If you would prefer to do this from a web browser with a dashboard UI, instead of an SSH terminal, go to `SERVICES`, activate the `RTL Webinterface`, and after the reboot you will see a new `RTL` option in the SSH main menu - it will give you all the information so that you can now open the RTL Webinterface in your browser. +If you would prefer to do this from a web browser with a dashboard UI, instead of an SSH terminal, go to `SERVICES`, activate the `RTL Webinterface`, and after install you will find a new menu option for RTL in the SSH main menu - it will give you all the information so that you can now open the RTL Webinterface in your browser. Have fun riding the lightning :D @@ -393,7 +368,7 @@ Have fun riding the lightning :D These are the features available through the RaspiBlitz SSH menus. They have the goal to offer some basic/fallback functionality & configurations. More complex or user-friendly tasks are best to be done with wallets, apps and scripts you connect to your Lightning Node via [APIs](#interface--apis) - because you have a full Bitcoin- and Lightning-Node on the RaspiBlitz. -So let's take a look at the SSH main in detail: +So let's take a look at the SSH main menu in detail: #### INFO: Raspiblitz Status Screen @@ -409,21 +384,21 @@ This is the screen that gets displayed on the LCD/display. It's useful to call i #### LIGHTNING (Basic Node Management) -Under `LIGHTNING` you find some basic steps to manage your Lightning node. Those are very simplified in the RaspiBlitz SSH menu for the reason of learning. For more advanced management of your Lightning node see additional apps under 'SERVICES'. +Under `LND/c-lightning Wallet options` you find some basic steps to manage your Lightning node. Those are very simplified in the RaspiBlitz SSH menu for the reason of learning. For more advanced management of your Lightning node see additional apps under `SERVICES`. ##### FUNDING: Fund your on-chain Wallet -Before you can open channels with other nodes you need to put some coins in your LND on-chain wallet. Use this option to generate an address to send funds to. +Before you can open channels with other nodes you need to put some coins in your on-chain wallet (managed by your lightning sofware). Use this option to generate an address to send funds to. -*Reminder: RaspiBlitz & LND is still experimental software. With funding your LND node you accept the risk of losing funds. So just play with small amounts - something in the area of 20 EUR/USD should be enough to make your first experiences. Also, it's a good privacy practice to [coinjoin your coins](https://bitcoin-only.com/privacy) before sending them to any Lightning Network wallet.* +*Reminder: RaspiBlitz is still experimental software. With funding your lightning node you accept the risk of losing funds. So just play with small amounts - something in the area of 20 EUR/USD should be enough to make your first experiences. Also, it's a good privacy practice to [coinjoin your coins](https://bitcoin-only.com/privacy) before sending them to any Lightning Network wallet.* -You can fund it multiple times - starting with small amounts first to test. LND will always generate a different address, but all funds you send will get into the same LND on-chain wallet. +You can fund it multiple times - starting with small amounts first to test. Your lightning node will always generate a different address, but all funds you send will get into the same LND on-chain wallet. ##### CONNECT: Connect to a Peer Before you can open a channel with another node on the network, you need to connect this node as a peer to your node. -Opening a channel with a peer is just optional. Having another node as peer helps your node to receive information about the network through the gossip protocol. It will help your node to find better routes through the network. +Opening a channel with a peer is just optional. Having another node as peer helps your node to receive information about the lightning network through the gossip protocol. It will help your node to find better routes through the network. ##### CHANNEL: Open a Channel with Peer @@ -449,20 +424,6 @@ Create an invoice to send to someone for a service to be paid through lightning. *This is just a very basic shell script. For more usability try the RTL Webinterface (under Services) or connect a (mobile) wallet with your RaspiBlitz.* -#### lnbalance: Detailed Wallet Balances - -bonus-lnbalance - -#### lnchannels: Lightning Channel List - -bonus-lnchannels - -#### lnfwdreport: Report on your earned fees for Forwarding Payments - -If you connected your node well within the Lightning Network you can become a "Routing Node". Other users might select your Node as part of a Lightning Payment and will pay you the fee you set on those channels. This menu point gives you a detailed report over the amount of days you set. - -Beware - earning fees as a routing node does not come automatic. It's a bit of hard work of building the right channels to be attractive for other people to route through. Check the internet for tutorials or use tools like "lndmanage" (see under RaspiBlitz SERVICES) to help you analyse and optimize your channel management. - ##### NAME: Change name of your Node Here you can change the alias name of your node as it is shown as part of the Lightning network. @@ -487,25 +448,6 @@ Here you will find basic settings for your RaspiBlitz: Activate/Deactivate settings with the space bar and then select 'OK' to activate changes. You can find more details about those options (top to down): -##### Run behind Tor - -You can run your Bitcoin- & Lightning-Node, as well as additional Apps, as a Tor hidden service - replacing your IP with an .onion-address - -![tor1](pictures/tor1.png) - -Running your node as a hidden service has some benefits: - -* You don't publish your IP running a node so it's much harder to resolve your real name and location. -* You tunnel through the NAT of your router and make Bitcoin and Lightning reachable to all other Tor nodes. -* By using a Tor address it's possible to move the node to a different IPv4 address and keep the existing (i.e. previously opened and funded) channels functional. - -But this can also come with the following side effects: - -* Some Mobile wallets don't support connecting to RaspiBlitz over Tor yet. -* Lightning nodes that don't run Tor cannot reach you (like behind NAT). - -To try it out, just switch on the service - you can deactivate it later on if it's not working for you. - ##### Touchscreen (experimental) Your RaspiBlitz has an LCD that is touchscreen capable. You can switch on this new feature that is still in development. @@ -523,7 +465,50 @@ It will give you 4 buttons on the right side. If you switch this on, you can rotate the LCD of your RaspiBlitz 180 degrees. This might make sense if you have a special case or wall mount. -##### Channels Autopilot +##### Run behind Tor + +You can run your Bitcoin- & Lightning-Node, as well as additional Apps, as a Tor hidden service - replacing your IP with an .onion-address + +![tor1](pictures/tor1.png) + +Running your node as a hidden service has some benefits: + +* You don't publish your IP running a node so it's much harder to resolve your real name and location. +* You tunnel through the NAT of your router and make Bitcoin and Lightning reachable to all other Tor nodes. +* By using a Tor address it's possible to move the node to a different IPv4 address and keep the existing (i.e. previously opened and funded) channels functional. + +But this can also come with the following side effects: + +* Some Mobile wallets don't support connecting to RaspiBlitz over Tor yet. +* Lightning nodes that don't run Tor cannot reach you (like behind NAT). + +*Using Tor hides your IP address but will possibly increase the [time](https://twitter.com/SeverinAlexB/status/1442138426740981761) it will take for your node to route a payment. Setting up over clearnet will give you a lower response time when routing but your IP address will be freely availible to the rest of the network like the node [tippin.me](https://1ml.com/node/03c2abfa93eacec04721c019644584424aab2ba4dff3ac9bdab4e9c97007491dda). If you need to be private and/or don't want to doxx your home network then Tor might be the option for you. However if privacy isn't something you need and/or want, or you are trying to set up a service that your node is the back end for then clearnet might be more advantageous choice.* + +To try it out, just switch on the service - you can deactivate it later on if it's not working for you. + +##### Parallel Testnet/Signet + +It is very convenient to learn and test to play around in a "sandbox" environment. RaspiBlitz allows this through activating "Testnet & Signet" that run in parallel to the "Mainnet". + +Once activated you will see an additional option in the SSH Main Menu that will give you more options to operate the Testnet & Signet. + +You can get Bitcoin Testnet coins you can use Faucets from different places on the internet, here are a few links: +* https://coinfaucet.eu/en/btc-testnet/ +* https://testnet-faucet.mempool.co/ +* https://kuttler.eu/en/bitcoin/btc/faucet/ +* https://faucet.lightning.community/ + +You can read more about TESTNET and Bitcoin Faucets here: https://kuttler.eu/code/bitcoin-testnet-blockchain-size-in-2020/ + +##### ZeroTier + +With ZeroTier you can add your RaspiBlitz to a software defined network - see for details: https://en.wikipedia.org/wiki/ZeroTier + +##### LND LIGHTNING LABS NODE + +This needs to switched on to see the sub-settings options for LND. If switched on it means the LND lightning node implementation is installed and running on your RaspiBlitz - it can run in parallel to c-lightning. If activated you will find an additional option in the SSH Main Menu that offers you more options to operate the LND node. Also under `SERVICES` some apps might just be available if LND is activated. + +##### LND Channel Autopilot The channels autopilot feature of LND allows to automatically uses around half of your on-chain funds (if available) to open new channels with other lightning nodes. Channels autopilot is very useful to get started transacting swiftly if you're a newbie as the channels are generated for you. @@ -531,34 +516,13 @@ It is very likely that after a while, once you will have a hang of the concept o Beware that presently toggling the Channels Autopilot setting will trigger a reboot of your Raspiblitz. It is not a problem per se, just a bit of waste of time [Improvement request #1953](https://github.com/rootzoll/raspiblitz/issues/1953) -##### Accept Keysend +##### LND Accept Keysend Keysend is a feature of LND that allows your node to accept payments without having created an invoice first. This needs to be activated, for example, if you want to use your nodes for experimental messaging over the Lightning Network (see RaspiBlitz MOBILE apps like SendMany). -##### Testnet +##### LND Circuitbreaker (Firewall for LND) -It is very convenient to learn and test to play around in a "sandbox" environment. RaspiBlitz allows this through the "Testnet" setting. -You can freely switch from prod environemt (running on BITCOIN MAINNET) to test environment (running on BITCOIN TESTNET) and back using this setting. -The state of your environments is restored everytime you switch (blockchain, wallets, channels) which is very convenient and safe. -Note however that switching from one environment to the other requires an auto resynchronisation with the corresponding blockchain (MAINNET or TESTNET) and can take some time (e.x. If you switch for the first time to "Testnet" the initial sync of the TESTNET blockchain may take several hours; also if you switch back and forth environment the corresponding blockchain must catchup from where it left before switching. - -Of course it would be much more fun and less scary if everyone could afford to own 2 distinct RaspiBlitz, one for each environment, this way your production RaspiBlitz remains online all the time and you can recklessly play around on the other one. - -Once in "TESTNET" environment go ahead! Get hold of some Bitcoin Testnet Faucets (these are worthless bitcoins on testnet) and start playing around with them! -You can get Bitcoin Testnet Faucets from different places on the internet, here are a few links: -* https://coinfaucet.eu/en/btc-testnet/ -* https://testnet-faucet.mempool.co/ -* https://kuttler.eu/en/bitcoin/btc/faucet/ -* https://faucet.lightning.community/ - -You can read more about TESTNET and Bitcoin Faucets here: https://kuttler.eu/code/bitcoin-testnet-blockchain-size-in-2020/ -Have fun. - -IMPORTANT: Presently BTCPay Server service is NOT supported on TESTNET (RPC connection error messages). Until this [issue #1724](https://github.com/rootzoll/raspiblitz/issues/1724) is resolved you can [play around with BTCPay Server on TESTNET](https://testnet.demo.btcpayserver.org) - -##### Circuitbreaker (LND Firewall) - -Not everybody is acting friendly in the Lightning network. Circuitbreaker is a background service you cann activate that acts similar to a firewall to protect your now better. For details see: https://github.com/lightningequipment/circuitbreaker/blob/master/README.md +Not everybody is acting friendly in the Lightning network. Circuitbreaker is a background service you can activate that acts similar to a firewall to protect your now better. For details see: https://github.com/lightningequipment/circuitbreaker/blob/master/README.md ##### LND Auto-Unlock @@ -570,21 +534,47 @@ It can be activated under "Services" -> "Auto-unlock LND". We recommend that it * [When using Auto-Unlock, how much security do I lose?](FAQ.md#when-using-auto-unlock-how-much-security-do-i-lose) -##### StaticChannelBackup on DropBox +##### LND StaticChannelBackup on Nextcloud -See [below on this README](README.md#backup-for-on-chain---channel-funds) for your Backup options to secure your funds against loss. Storing the encrypted Static Channel Backup file to your Dropbox account is an easy and secure way to do this. +See [below on this README](README.md#backup-for-on-chain---channel-funds) for your Backup options to secure your funds against loss. Storing the encrypted Static Channel Backup file to your Nextcloud account is an easy and secure way to do this. + +Nextcloud is an open-source project to host your own files: https://en.wikipedia.org/wiki/Nextcloud - in its basics its an open DropBox replacement ... but can do much much more. You can run it yourself or use a hosted Nextcloud server. Find free Nextcloud providers here to sign up: https://nextcloud.com/signup/ ##### StaticChannelBackup on USB Drive You can connect a small extra USB drive to your RaspiBlitz (choose a small one up to 32GB - don't use second HDD or SSD here, that would drain too much power from the RaspiBlitz). On that USB drive your latest StaticChannelBackup will be stored - just in case your HDD gets an error. -##### ZeroTier +##### StaticChannelBackup per SCP/SSH to other server -With ZeroTier you can add your RaspiBlitz to a software defined network - see for details: https://en.wikipedia.org/wiki/ZeroTier +An option for more advanced users that you only can set directly in the `raspiblitz.conf` is the automated backup of the Static Channel Backup to another server per SSH/SCP. For this you need to set the value: + +`scpBackupTarget='[USER]@[SERVER]:[DIRPATH-WITHOUT-ENDING-/]'` + +and you can optionally set custom options for the scp command (for example to set a non-default port) with: + +`scpBackupOptions='[YOUR-CUSTOM-OPTIONS]'` + +On target server add the root ssh public key of your RaspiBlitz to the authorized_keys for the user - how to do this see: https://www.linode.com/docs/security/authentication/use-public-key-authentication-with-ssh/ + +##### C-LIGHTNING NODE + +This needs to switched on to see the sub-settings options for c-lightning. If switched on it means the c-lighting node implementation is installed and running on your RaspiBlitz - it can run in parallel to LND. If activated you will find an additional option in the SSH Main Menu that offers you more options to operate the c-lightning node. Also under `SERVICES` some apps might just be available if c-lightning is activated. + +For more details on this lightning node implementation go to the [c-lightning FAQ page](FAQ.cl.md). + +##### CL CLBOSS Automatic Node Manager + +CLBOSS is an automated manager for C-Lightning routing payments nodes. CLBOSS is effectively a bunch of heuristics modules wired together to a regular clock to continuously monitor your node. + +Find more info at the [CLBOSS GitHub](https://github.com/ZmnSCPxj/clboss). + +##### CL Wallet Encryption + +You can protect your c-lightning wallet by encrypting it with your passwordC. On every restart/reboot you will need to decrypt/unlock with that password before c-lightning can use the wallet. This adds some physical security for example in case your node get stolen. #### SERVICES: Activate/Deactivate Services -The RaspiBlitz offers further Services, Apps and configuration (scroll down to see all options in the RaspiBlitz): +The RaspiBlitz offers further Services, Apps and configuration (scroll down to see all options in the RaspiBlitz) also some Apps & Services might just be available if you installed/activated LND or c-lightning: ![MainMenu-Services](pictures/services.png) @@ -606,9 +596,65 @@ Learn how you can use Electrum with your own Server over Tor: After install, you will see a new `ELECTRS` option in the SSH main menu - it will give you all the information you need to start using it. +##### BTCPayServer + +[BTCPay Server](https://github.com/btcpayserver) is a self-hosted, open-source cryptocurrency payment processor. It's secure, private, censorship-resistant and free. + +![BTCPAY](pictures/btcpay.png) + +Find all details on how to use the BTCPay Server on your RaspiBlitz in this great tutorial: https://coincharge.io/en/btcpay-server-on-the-raspiblitz/ + +After install, you will see a new `BTCPAY` option in the SSH main menu - it will give you all the information you need to start using it. + +##### BTC-RPC-Explorer + +BTC-RPC-Explorer is a blockchain explorer website you can run on your own RaspiBlitz. See an example running on: https://btc-explorer.com + +![EXPLORER](pictures/blockexplorer.png) + +[Details on Service](https://github.com/janoside/btc-rpc-explorer) + +After install, you will see a new `EXPLORE` option in the SSH main menu - it will give you all the information you need to start using it. + +##### Specter Desktop + +Bitcoin Core has a very powerful command line interface and a wonderful daemon. Using pre-signed bitcoin transactions (PSBT) and [Hardware Wallet Interface](https://github.com/bitcoin-core/HWI) (HWI), it can also work with hardware wallets. At the moment it is very Linux-focused. The same applies to multi-signature setups. + +The goal of Specter Desktop is to make a convenient and user-friendly GUI around Bitcoin Core, focusing on multi-signature setups with airgapped hardware wallets like Trezor, Ledger, COLDCARD or the Specter-DIY. + +![SPECTER](pictures/specter.jpg) + +After install, you will see a new `SPECTER` option in the SSH main menu - it will give you all the information you need to start using it. + +##### Mempool Space + +![MEMPOOL](pictures/mempool.png) + +Mempool Space is the fully featured visualizer, explorer, and API service running on mempool.space + +[Details on Service](https://github.com/mempool/mempool) + +After install, you will see a new `MEMPOOL` option in the SSH main menu - it will give you all the information you need to start using it. + +##### JoinMarket + +JoinMarket is software to create a special kind of bitcoin transaction called a CoinJoin transaction. Its aim is to improve the confidentiality and privacy of bitcoin transactions. + +Video Tutorial
--watch--> https://www.youtube.com/watch?v=uGHRjilMhwY + +A CoinJoin transaction requires other people to take part. The right resources (coins) have to be in the right place, at the right time, in the right quantity. This isn't a software or tech problem, it's an economic problem. JoinMarket works by creating a new kind of market that would allocate these resources in the best way. + +For more details see [here](https://github.com/JoinMarket-Org/joinmarket-clientserver). + +After install, you will see a new `JMARKET` option in the SSH main menu - it will give you all the information you need to start using it. + +##### Download Bitcoin Whitepaper + +Extract the original Bitcoin Whitepaper as PDF directly from the blockchain of your node. + ##### RTL Webinterface -The RTL Webinterface is an LND Control Dashboard you can run in your browser with a nice GUI - it offers much more control over your Lightning node than the RaspiBlitz SSH menus. It's recommended to give it a try. +The RTL Webinterface is available as an LND & c-lightning Control Dashboard you can run in your browser with a nice GUI - it offers much more control over your Lightning node than the RaspiBlitz SSH menus. It's recommended to give it a try. ![RTL](pictures/RTL-dashboard.png) @@ -624,7 +670,7 @@ After install, you will see a new `RTL` option in the SSH main menu - it will gi ##### ThunderHub -A Lightning Node Manager WebUI - similar to RTL. +A Lightning Node Manager WebUI - similar to RTL, but just available for LND. [Details on Service](https://www.thunderhub.io) @@ -632,7 +678,7 @@ After install, you will see a new `THUB` option in the SSH main menu - it will g ##### Lightning Terminal (LIT) with loop, pool & faraday -Lightning Terminal (LiT) is a browser-based interface for managing channel liquidity. It bundles the former single tools called loop, pool & faraday with an easy to use browser interface. +Lightning Terminal (LiT) is a browser-based interface for managing channel liquidity on LND. It bundles the former single tools called loop, pool & faraday with an easy to use browser interface. ![LIT](pictures/lit.png) @@ -640,16 +686,6 @@ Lightning Terminal (LiT) is a browser-based interface for managing channel liqui After install, you will see a new `LIT` option in the SSH main menu - it will give you all the information you need to start using it. -##### BTCPayServer - -[BTCPay Server](https://github.com/btcpayserver) is a self-hosted, open-source cryptocurrency payment processor. It's secure, private, censorship-resistant and free. - -![BTCPAY](pictures/btcpay.png) - -Find all details on how to use the BTCPay Server on your RaspiBlitz in this great tutorial: https://coincharge.io/en/btcpay-server-on-the-raspiblitz/ - -After install, you will see a new `BTCPAY` option in the SSH main menu - it will give you all the information you need to start using it. - ##### LNbits LNbits is a very simple server that sits on top of your Lightning Wallet. @@ -668,50 +704,6 @@ You can also develop your own extensions on it. After install, you will see a new `LNBITS` option in the SSH main menu - it will give you all the information you need to start using it. -##### BTC-RPC-Explorer - -BTC-RPC-Explorer is a blockchain explorer website you can run on your own RaspiBlitz. See an example running on: https://btc-explorer.com - -![EXPLORER](pictures/blockexplorer.png) - -[Details on Service](https://github.com/janoside/btc-rpc-explorer) - -After install, you will see a new `EXPLORE` option in the SSH main menu - it will give you all the information you need to start using it. - -##### Cryptoadvance Specter - -Bitcoin Core has a very powerful command line interface and a wonderful daemon. Using pre-signed bitcoin transactions (PSBT) and [Hardware Wallet Interface](https://github.com/bitcoin-core/HWI) (HWI), it can also work with hardware wallets. At the moment it is very Linux-focused. The same applies to multi-signature setups. - -The goal of SpecterDesktop is to make a convenient and user-friendly GUI around Bitcoin Core, focusing on multi-signature setups with airgapped hardware wallets like Trezor, Ledger, COLDCARD or the Specter-DIY. - -![SPECTER](pictures/specter.jpg) - -After install, you will see a new `SPECTER` option in the SSH main menu - it will give you all the information you need to start using it. - -As an alternative to runninf Specter on directly on the RaspiBlitz, there is a Specter Desktop version that runs on your laptop. Here is a [guide to connect the specter laptop app] (https://d11n.net/connect-specter-desktor-with-raspiblitz.html) to your RaspiBlitz Bitcoin fullnode. - -##### Mempool Explorer - -![MEMPOOL](pictures/mempool.png) - -Mempool is the fully featured visualizer, explorer, and API service running on mempool.space - -[Details on Service](https://github.com/mempool/mempool) - -After install, you will see a new `MEMPOOL` option in the SSH main menu - it will give you all the information you need to start using it. - -##### JoinMarket - -JoinMarket is software to create a special kind of bitcoin transaction called a CoinJoin transaction. Its aim is to improve the confidentiality and privacy of bitcoin transactions. - -Video Tutorial
--watch--> https://www.youtube.com/watch?v=uGHRjilMhwY - -A CoinJoin transaction requires other people to take part. The right resources (coins) have to be in the right place, at the right time, in the right quantity. This isn't a software or tech problem, it's an economic problem. JoinMarket works by creating a new kind of market that would allocate these resources in the best way. - -For more details see [here](https://github.com/JoinMarket-Org/joinmarket-clientserver). - -After install, you will see a new `JMARKET` option in the SSH main menu - it will give you all the information you need to start using it. - ##### Balance of Satoshi Balance of Satoshi gives you enhanced commands for working with LND balances. @@ -720,32 +712,48 @@ Balance of Satoshi gives you enhanced commands for working with LND balances. After install, you will see a new `BOS` option in the SSH main menu - it will give you all the information you need to start using it. +##### PyBlock + +Dashboard Bitcoin information program (needs LND). + +![PYBLOCK](pictures/pyblock.png) + +https://github.com/curly60e/pyblock/blob/master/README.md + +##### Channel Tools (chantools) + +This tool provides helper functions that can be used to rescue funds locked in LND channels in case lnd itself cannot run properly anymore. Also some other usefull command line features. + +https://github.com/guggero/chantools + ##### Sphinx Relay Server -The Sphinx App allows chat over the Lightning Network and ties into the idea of [Podcasting 2.0](https://u.today/father-of-podcasting-integrates-bitcoin-lightning-into-his-app). To use the mobile app with your own RaspiBlitz you need to install the [Sphinx Relay Server](https://github.com/stakwork/sphinx-relay/blob/master/README.md). +The Sphinx App allows chat over the Lightning Network with LND and ties into the idea of [Podcasting 2.0](https://u.today/father-of-podcasting-integrates-bitcoin-lightning-into-his-app). To use the mobile app with your own RaspiBlitz you need to install the [Sphinx Relay Server](https://github.com/stakwork/sphinx-relay/blob/master/README.md). ![SPHINX](https://github.com/stakwork/sphinx-relay/raw/master/public/relay.jpg) After install, you will see a new `SPHINX` option in the SSH main menu - it will give you all the information you need to start using it. -##### PyBlock +##### C-Lightning RTL Webinterface -![PYBLOCK](pictures/pyblock.png) +The same RTL as above but running with c-lightning node. Can run parrallel to the LND version. See deatils above. -https://github.com/curly60e/pyblock/blob/master/README.md +##### C-Lightning Sparko Webwallet -##### Channel Tools (chantools) +WalletUI & HTTP-RPC bridge for c-lightning -This tool provides helper functions that can be used to rescue funds locked in lnd channels in case lnd itself cannot run properly anymore. +https://github.com/fiatjaf/sparko#the-sparko-plugin -https://github.com/curly60e/pyblock/blob/master/README.md +##### C-Lightning Spark Webwallet -##### Download Bitcoin Whitepaper +WalletUI for c-lightning with BOLT12 offers -Extract the original Bitcoin Whitepaper as PDF directly from the blockchain of your node. +https://github.com/shesek/spark-wallet#progressive-web-app #### SYSTEM: Monitoring & Configuration +Different options to monitor & edit system services. + ![SYSTEM](pictures/system.png) #### CONNECT: Connect Apps & Credentials @@ -756,15 +764,21 @@ This feature should support connecting your RaspiBlitz to a mobile wallets or ot ##### MOBILE: Mobile Wallet Apps (Smartphone) -At the moment, the following mobile wallets are supported: +![MOBILE](pictures/mobile.png) -* [Zeus (iOS/Android)](https://github.com/ZeusLN/zeus) +At the moment, the following mobile wallets are supported - some are just available if LND or c-lightning is activated: + +* [Zeus (iOS/Android)](https://github.com/ZeusLN/zeus) (LND & c-lightning) * [Fully Noded (iOS over Tor)](https://apps.apple.com/us/app/fully-noded/id1436425586) -* [SendMany (Android)](https://github.com/fusion44/sendmany/blob/master/README.md) -* [Sphinx Chat App (iOS/Android)](https://sphinx.chat/) +* [SendMany (Android)](https://github.com/fusion44/sendmany/blob/master/README.md) (only LND) +* [Sphinx Chat App (iOS/Android)](https://sphinx.chat/) (only LND) Mobile wallets work as a remote control app for your RaspiBlitz. First you need to install the apps on your phone - a QR code with the links to the app stores are displayed. Then you need to `pair` them with your RaspiBlitz - also via a QR code displayed on the LCD. If you run your RaspiBlitz without an LCD, there is the fallback option to display that QR code on the terminal as ASCII code (which might involve lowering your terminal's font size). +##### Electrum Rust Server + +Information how to connect to Electrum Rust Server (if installed). + ##### BTCPAY: Get the connection string for the BTCPay Server To connect the payment processing BTCPay server to your Lightning node you find here the needed Connection string. @@ -801,7 +815,7 @@ Opens an ad-hoc webserver so that you can download the files in your local netwo *This is the least secure way to transfer those files - everybody in your local network has access to those file during download. Remember with the Admin-Macaroon somebody could take over your node and spend all your funds. Just use as last fallback.* -###### Hex-String +####### Hex-String The Macaroons and TLS.cert files can be copy+pasted as Hex-Strings from RaspiBlitz to any other app that supports that format. If you choose this option, RaspiBlitz will print all the files for you as Hex-String to do so. @@ -838,7 +852,7 @@ If you want a Webservice like BTCPay Server or LNbits available to the outside i Because you also need a domain name for that you will need to open a free account, the following are presently supported, would be good to add more with the help of the community: [DuckDNS.org](https://www.duckdns.org) -[DYNU.com](https://www.dynu.com) +[DYNU.com](https://www.dynu.com) (AT THE MOMENT NOT AVAILABLE) When you create a new LetsEncrypt subscription, you will be asked for your subdomain on DuckDNS and the Auth-Token of your DuckDNS account. Then RaspiBlitz tries to setup everything for you. If everything worked, you will find the subscription under `MAINMENU` > `SUBSCRIBE` > `LIST My Subscriptions`, where you can cancel it at any time if you wish. @@ -870,6 +884,19 @@ This stops your RaspiBlitz and creates an LND-Rescue ZIP file that you can downl *NOTICE: If you start your RaspiBlitz after this backup again the backup is outdated and using it can risk losing your channel funds.* +##### RESET-LND: Delete LND & start a node/wallet + +*THIS WILL DELETE ALL YOUR LND DATA AND CHANNEL FUNDS. +Use this only if you have closed all channels and removed all funds.* + +Use this option if you want to start with a fresh LND node id & wallet. + +##### REPAIR-CL: Repair/Backup C-Lightning + +Multiple options to repair/backup your c-lightning node: + +![RepairMenu](pictures/clrepair.png) + ##### MIGRATION: Migrate Blitz Data to new Hardware This stops your RaspiBlitz and creates a Migration ZIP file you can download/export per SCP to your laptop. This contains all important data of your RaspiBlitz including LND, your Blitz configuration and also data from your installed apps. Can be used to migrate your RaspiBlitz to a new hardware - for example if you want to replace the HDD with a SSD. How to import a Migration File [see here](README.md#import-a-migration-file). @@ -886,13 +913,6 @@ Make sure both RaspiBlitzes are connected to the same local network. During setu Use this option if your blockchain data got corrupted. It will keep your LND data. You can even keep your channels open. Just keep in mind that your Lightning node will appear offline to the network until you have re-downloaded the blockchain. -##### RESET-LND: Delete LND data & start new node/wallet - -*THIS WILL DELETE ALL YOUR LND DATA AND CHANNEL FUNDS. -Use this only if you have closed all channels and removed all funds.* - -Use this option if you want to start with a fresh LND node id & wallet. - ##### RESET-HDD: Delete HDD data but keep blockchain *THIS WILL DELETE ALL YOUR LND DATA AND CHANNEL FUNDS. @@ -917,12 +937,12 @@ If you had the Bitcoin Transaction Index activated you can use this option to ma #### UPDATE: Check/Prepare RaspiBlitz Update -The `UPDATE` menu gives you options to update your RaspiBlitz - -![UpdateMenu](pictures/update.png) +The `UPDATE` menu gives you options to update your RaspiBlitz and some apps you might have installed. The options are explained in detail: +![UpdateMenu](pictures/update.png) + *Please note that the RaspiBlitz does not support Auto-Update, to ensure that there is no remote control of your node from a central server.* ##### RELEASE: Update RaspiBlitz to a new Version @@ -951,37 +971,27 @@ A safe way to restart the RaspiBlitz ... have you tried turning it off and on ag A safe way to shutdown the RaspiBlitz. -#### X: Console Terminal +#### EXIT: Console Terminal -Closes the SSH main menu and exits to the terminal - where the user can make use of the CLI clients `bitcoin-cli` & `lncli` directly. +The `EXIT` option next to `OK` closes the SSH main menu and exits to the terminal - where the user can make use of the CLI clients `bitcoin-cli` & `lncli` directly. With the command `raspiblitz`, it's possible to return to the main menu. ## Import a Migration File -As mentioned above you can export a Migration File from your RaspiBlitz with MAINMENU > REPAIR > MIGRATION and store it on your laptop. +As mentioned above you can export a Migration File from your RaspiBlitz with `MAINMENU > REPAIR > MIGRATION` and store it on your laptop. A Migration file contains all the important data from your RaspiBlitz, like your LND data, Bitcoin Wallet, raspiblitz.config, Tor/SSH keys .. and also installed apps. You can use this to migrate your RaspiBlitz to new hardware. -If you want to import it again to a new RaspiBlitz (for example with an updated HDD/SSD), you can choose the `MIGRATION` option on the first setup dialog after the Hardware test (where you normally choose between Bitcoin & Litecoin). +If you want to import it again to a new RaspiBlitz (for example with an updated HDD/SSD), you can choose the `FROMBACKUP` option on the first setup dialog of a fresh sd card image. ![SSH0](pictures/ssh0-welcome2.png) -If you start MIGRATION you will need to format your HDD/SSD in the next step. +If you start MIGRATION you might get asked to use a existing blockchain on the harddrive/ssd and deleting the rest or even formatting the complete drive. Once thats done you get instructions how to upload the migration file (use the password `raspiblitz` when asked on executing the upload command): ![MIGRATION1](pictures/migration1.png) -Normally you choose here the EXT4 format. But you also have the option to choose the BTRFS format which is an experimental feature under RaspiBlitz - see [FAQ for details on BTRFS](FAQ.md#why-use-btrfs-on-raspiblitz). - -Then you will be asked to upload the Migration Zip file to the RaspiBlitz. Follow the instructions shown to you. - -Then you need to get a copy of the blockchain data again for your RaspiBlitz. - -![MIGRATION2](pictures/migration2.png) - -You have the two options: [SYNC](README.md#1-sync---selfvalidate-all-blocks) and [COPY](README.md#2-copy---copy-from-laptop-or-another-raspiblitz-over-local-network), as mentioned in the normal setup. - -RaspiBlitz will reboot and start the normal recovery process to install all the services defined by the raspiblitz.config from your Migration File. +After this you will be asked to set a new PasswordA and your RaspiBlitz will go into recovery/provision process Then RaspiBlitz might give you the option again to self-sync or copy the blockchain from another computer/blitz and after a final reboot. Then the blockchain needs to sync up and you should be back to normal. @@ -1076,7 +1086,7 @@ Go to your web browser, do the following: ![Dropbox API 3](https://github.com/rootzoll/raspiblitz/raw/v1.6/pictures/dropbox-3.png) - Now go back to the 'Settings' tab and under 'OAuth2' click the 'Generate' button. You will now see a long string of letters and numbers appear. This is your **Dropbox-Authtoken**. Make sure to copy the complete token string .. there might be more if you scroll to the right in the token field. + Now go back to the 'Settings' tab and under 'OAuth2', choose 'no expiration' under 'Access token expiration' then click the 'Generate' button. You will now see a long string of letters and numbers appear. This is your **Dropbox-Authtoken**. Make sure to copy the complete token string .. there might be more if you scroll to the right in the token field. To test it, try opening or closing a channel, and then check if you can find a copy of `channel.backup` in your Dropbox. You can check the background-script logs to see details on errors: `sudo journalctl -f -u background` @@ -1137,7 +1147,7 @@ Now you are ready to start the SD card build script (check the code to see if th As you can see from the URL, you can find the build script in this Git repo under `build_sdcard.sh`. You can check what gets installed and configured in detail. Feel free to post improvements as pull requests. -The whole build process takes a while. At the end the LCD drivers get installed and a reboot is needed. A user `admin` is created during the process. Remember the default password is now `raspiblitz`. You can login per SSH again - this time use admin: `ssh admin@[IP-OF-YOUR-RASPI]`. The install dialog of the RaspiBlitz should automatically start. If you do not want to continue with the installation at this moment and use this sd card as a template for setting up multiple RaspiBlitzes, click `Cancel` and run `/home/admin/XXprepareRelease.sh`. Once you see the LCD going white and the activity LED of the pi starts going dark, you can unplug power and remove the SD card. You have now built your own RaspiBlitz SD card image. +The whole build process takes a while. At the end the LCD drivers get installed and a reboot is needed. A user `admin` is created during the process. Remember the default password is now `raspiblitz`. You can login per SSH again - this time use admin: `ssh admin@[IP-OF-YOUR-RASPI]`. The install dialog of the RaspiBlitz schould automatically start. If you do not want to continue with the installation at this moment and use this sd card as a template for setting up multiple RaspiBlitzes, click `Cancel` and run `release`. Once you see the LCD going white and the activity LED of the pi starts going dark, you can unplug power and remove the SD card. You have now built your own RaspiBlitz SD card image. *Note: If you plan to use your self-build sd card as a MASTER copy and distribute it: Use a smaller 8GB card for that. This way it's ensured that it will fit on every 16 GB card recommended for RaspiBlitz later on.* @@ -1170,4 +1180,4 @@ Also get inspired for a deep-dive with the original "[RaspiBolt](https://stadicu Join me on twitter [@rootzoll](https://twitter.com/rootzoll), visit us at an upcoming [#lightninghackday](https://twitter.com/hashtag/LightningHackday?src=hash) or check by one of our bitcoin meetups in Berlin ... every 1st Thursday evening a month at the room77 bar - feel free to buy me a beer with lightning there :) -* [How can I get further help/support?](#support) +* [How can I get further help/support?](#support) \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md index b50c4860b..cfd1fd76f 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -49,6 +49,7 @@ Ensure that you put quotes around fingerprints containing spaces if importing wi # Physical Security * The lightning wallet and user interfaces are password protected by default so this has more privacy implications (in the case of physical theft) than security. +* Basic hardening measures are applied to all non-root systemd services * Optional log in through SSH using a hardware wallet. * LUKS encryption would be welcome in the future. diff --git a/alternative.platforms/amd64/packer/scripts/init_vagrant.sh b/alternative.platforms/amd64/packer/scripts/init_vagrant.sh index 606e7394d..ed01e8e74 100644 --- a/alternative.platforms/amd64/packer/scripts/init_vagrant.sh +++ b/alternative.platforms/amd64/packer/scripts/init_vagrant.sh @@ -4,11 +4,11 @@ echo "************* Vagrant Provisioning ********************" echo 'Syncing local code with RaspiBlitzVM' -# make sure the latest sync script is in place -cp /vagrant/home.admin/XXsyncScripts.sh /home/admin/XXsyncScripts.sh +# make sure the lastest sync script is in place +cp /vagrant/home.admin/config.scripts/blitz.github.sh /home/admin/config.scripts/blitz.github.sh # execute 'patch' command to sync laptop with VM -/home/admin/XXsyncScripts.sh -run +/home/admin/config.scripts/blitz.github.sh -run source <(/home/admin/config.scripts/internet.sh status) diff --git a/alternative.platforms/dietpi/Odroid_HC1_XU4.md b/alternative.platforms/dietpi/Odroid_HC1_XU4.md index dea739f7d..b2b87faa2 100644 --- a/alternative.platforms/dietpi/Odroid_HC1_XU4.md +++ b/alternative.platforms/dietpi/Odroid_HC1_XU4.md @@ -1,13 +1,13 @@ # ⚡️ RaspiBlitz-on-DietPi ⚡️ -# For the Odroid HC1 / HC2 / XU3 / XU4 +# For the Odroid HC1 / HC2 / XU3 / XU4 / MC1 ![](pictures/DroidBlitz.jpg) ## There are 3 options provided: * a trusted fully prebuilt SDcard image * Automated building process. -* Build your own SDcard from the image downloaded from [Dietpi.com](dietpi.com#download) +* Build your own SDcard from the image downloaded from [dietpi.com](https://dietpi.com/#download) --- ### Download the fully prebuilt RaspiBlitz-on-DietPi SDcard image @@ -30,15 +30,15 @@ The setup continues with the [RaspiBlitz Setup Process](https://github.com/rootz --- ### The automated building process: -1) Download the DietPi image for the Odroid HC1 / HC2 / XU3 / XU4: -https://dietpi.com/downloads/images/DietPi_OdroidXU4-ARMv7-Stretch.7z +1) Download the DietPi image for the Odroid HC1 / HC2 / XU3 / XU4 / MC1: +https://dietpi.com/downloads/images/DietPi_OdroidXU4-ARMv7-Buster.7z 2) Burn it to the SD card with [Etcher](https://www.balena.io/etcher/) -3) Right click and download the following two files: [DietPi.txt](https://raw.githubusercontent.com/rootzoll/raspiblitz/master/alternative.platforms/dietpi/boot/dietpi.txt), [Automation_Custom_Script.sh](https://raw.githubusercontent.com/rootzoll/raspiblitz/dev/alternative.platforms/dietpi/boot/Automation_Custom_Script.sh) +3) Right click and download the following two files: [dietpi.txt](https://raw.githubusercontent.com/rootzoll/raspiblitz/master/alternative.platforms/dietpi/boot/dietpi.txt), [Automation_Custom_Script.sh](https://raw.githubusercontent.com/rootzoll/raspiblitz/dev/alternative.platforms/dietpi/boot/Automation_Custom_Script.sh) 4) Copy them to the /boot directory of the DietPi SDcard - [DietPi.txt](https://raw.githubusercontent.com/rootzoll/raspiblitz/master/alternative.platforms/dietpi/boot/dietpi.txt): Overwrites the default dietpi.txt. Modified the settings to automate the DietPi setup. (see the details [here](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/dietpi#excerpts-from-the-customized-dietpitxt)) + [dietpi.txt](https://raw.githubusercontent.com/rootzoll/raspiblitz/master/alternative.platforms/dietpi/boot/dietpi.txt): Overwrites the default dietpi.txt. Modified the settings to automate the DietPi setup. (see the details [here](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/dietpi#excerpts-from-the-customized-dietpitxt)) [Automation_Custom_Script.sh](https://raw.githubusercontent.com/rootzoll/raspiblitz/dev/alternative.platforms/dietpi/boot/Automation_Custom_Script.sh): Runs after DietPi installation is completed. Contains the link to download and run the build_sdcard.sh from the dev branch of @rootzoll. (Optionally open the file with a text editor and uncomment (remove the `#` from the front of) the line with the branch you want to build the SDcard from.) @@ -53,14 +53,6 @@ https://dietpi.com/downloads/images/DietPi_OdroidXU4-ARMv7-Stretch.7z `tail -n1000 -f /tmp/DietPi-Update/dietpi-update.log` - follow the dietpi-update process `tail -n1000 -f /var/tmp/dietpi/logs/dietpi-automation_custom_script.log` follow the output of the build_sdcard.sh - Starting from a v6.14 DietPi image is causing a bootloop after the first restart. See the issue: https://github.com/MichaIng/DietPi/issues/2495. This will be sorted out once a new image version is uploaded for the Odroids to dietpi.com. - To get past it: - * Log in with root after the first restart (when the loop is ongoing - without any output to the HDMI screen) - * CTRL+C, run `dietpi-update` and update - * `reboot` once finished - * from then the Automation_Custom_Script.sh is carrying on - - 6) When the setup is finished log in as `admin`: `ssh admin@[IP-OF-RASPIBLITZ]` password: `raspiblitz` @@ -71,12 +63,8 @@ password: `raspiblitz` ### Build your own DietPi image: -Watch out this is an arduous process. -Updating from a v6.14 DietPi image is causing a bootloop after the first restart. See the issue: https://github.com/MichaIng/DietPi/issues/2495. -This will be sorted out once a new image version is uploaded for the Odroids to dietpi.com - -* For the Odroid HC1 / HC2 / XU3 / XU4 the start is this image: -https://dietpi.com/downloads/images/DietPi_OdroidXU4-ARMv7-Stretch.7z +* For the Odroid HC1 / HC2 / XU3 / XU4 / MC1 the start is this image: +https://dietpi.com/downloads/images/DietPi_OdroidXU4-ARMv7-Buster.7z * Burn it to the SD with [Etcher](https://www.balena.io/etcher/) * Insert the SD card, connect the HDD, the network cable and power supply to boot up the Odroid: @@ -84,50 +72,19 @@ https://dietpi.com/downloads/images/DietPi_OdroidXU4-ARMv7-Stretch.7z * In the desktop terminal on Linux / MacOS or Putty on Windows: `ssh root@[IP-OF-DIETPI]` password: `dietpi` -Getting started with DietPi: https://dietpi.com/phpbb/viewtopic.php?f=8&t=9#p9 +Getting started with DietPi: https://dietpi.com/docs/install/#4-first-logon-on-dietpi -* Ok > Cancel > Cancel -automatic apt update & apt upgrade and asks to reboot -![](pictures/dietpi_1st_reboot.png) - -* Log back in: -`ssh root@[IP-OF-DIETPI]` -password: `dietpi` -* after the update the ssh keys might change: -@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ -@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ -@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ -run (can be copied from the terminal output): -`ssh-keygen -f "/home/[your-linux-username]/.ssh/known_hosts" -R "dietpi.IP"` -`ssh root@[IP-OF-DIETPI]` -yes > -password: `dietpi` - -* At this point if the DietPi OS was not updated from 6.14 it does not manage to save settings going forward. -Exit the software installer (press Tab to jump to Exit) -![](pictures/dietpi-software_exit.png) - -* in the bash prompt run: -`dietpi-update` -Ok > Cancel the recovery point -update > Opt out of survey > Ok -Reboots - -* Log back in: -`ssh root@[IP-OF-DIETPI]` -password: `dietpi` * In the DietPi software menu install fail2ban and make OpenSSH server the default SSH server. Ok > Cancel > Cancel Search `fail2ban` > Space to select > Enter SSH server > switch from Dropbear to the OpenSSH-server Install > Ok -Opt out of survey > Ok Reboots again * Log back in: `ssh root@[IP-OF-DIETPI]` password: `dietpi` -Changing the SSH server will change the SSH keys again. To clear: +Changing the SSH server will change the SSH keys. To clear: `ssh-keygen -f "/home/[your-linux-username]/.ssh/known_hosts" -R "dietpi.IP"` diff --git a/alternative.platforms/dietpi/README.md b/alternative.platforms/dietpi/README.md index e250b154e..db32d9e34 100644 --- a/alternative.platforms/dietpi/README.md +++ b/alternative.platforms/dietpi/README.md @@ -87,7 +87,7 @@ During the RaspiBlitz setup process: `sudo tail -n100 /mnt/hdd/bitcoin/debug.log` - shows the last 100 lines `sudo systemctl status lnd` - status of the lnd service `sudo journalctl -f -u lnd` -`./home/admin/XXdebugLogs.sh` - debug log collection on the RaspiBlitz +`debug` - debug log collection on the RaspiBlitz --- diff --git a/build_sdcard.sh b/build_sdcard.sh index 292d513d1..93ccb311b 100755 --- a/build_sdcard.sh +++ b/build_sdcard.sh @@ -8,15 +8,17 @@ # setup fresh SD card with image above - login per SSH and run this script: ########################################################################## +defaultBranchVersion="v1.7" + echo "" echo "*****************************************" -echo "* RASPIBLITZ SD CARD IMAGE SETUP v1.7 *" +echo "* RASPIBLITZ SD CARD IMAGE SETUP ${defaultBranchVersion}.1 *" echo "*****************************************" echo "For details on optional parameters - see build script source code:" # 1st optional parameter: NO-INTERACTION # ---------------------------------------- -# When 'true' then no questions will be ask on building .. so it can be used in build scripts +# When 'true' then no questions will be asked on building .. so it can be used in build scripts # for containers or as part of other build scripts (default is false) noInteraction="$1" @@ -64,20 +66,23 @@ echo "3) will use GITHUB-USERNAME --> '${githubUser}'" # 4th optional parameter: GITHUB-BRANCH # ------------------------------------- -# could be any valid branch of the given GITHUB-USERNAME forked raspiblitz repo - 'dev' is default +# could be any valid branch of the given GITHUB-USERNAME forked raspiblitz repo - take ${defaultBranchVersion} is default githubBranch="$4" if [ ${#githubBranch} -eq 0 ]; then - githubBranch="dev" + githubBranch="${defaultBranchVersion}" fi echo "4) will use GITHUB-BRANCH --> '${githubBranch}'" # 5th optional parameter: DISPLAY-CLASS # ---------------------------------------- -# Could be 'hdmi', 'headless' or 'lcd' +# Could be 'hdmi', 'headless' or 'lcd' (lcd is default) # On 'false' the standard video output is used (HDMI) by default. # https://github.com/rootzoll/raspiblitz/issues/1265#issuecomment-813369284 displayClass="$5" -if [ ${#displayClass} -eq 0 ] || [ "${displayClass}" == "false" ]; then +if [ ${#displayClass} -eq 0 ]; then + displayClass="lcd" +fi +if [ "${displayClass}" == "false" ]; then displayClass="hdmi" fi if [ "${displayClass}" != "hdmi" ] && [ "${displayClass}" != "lcd" ] && [ "${displayClass}" != "headless" ]; then @@ -221,7 +226,7 @@ else fi echo "*** Install & Enable Tor ***" -sudo apt update +sudo apt update -y sudo apt install tor tor-arm torsocks -y echo "" @@ -257,11 +262,14 @@ if [ "${baseimage}" = "raspbian" ] || [ "${baseimage}" = "dietpi" ] || \ fi fi -# remove some (big) packages that are not needed +echo "*** Remove not needed packages ***" sudo apt remove -y --purge libreoffice* oracle-java* chromium-browser nuscratch scratch sonic-pi minecraft-pi plymouth python2 vlc sudo apt clean sudo apt -y autoremove +echo "" +echo "*** Python DEFAULT libs & dependencies ***" + if [ -f "/usr/bin/python3.7" ]; then # make sure /usr/bin/python exists (and calls Python3.7 in Buster) sudo update-alternatives --install /usr/bin/python python /usr/bin/python3.7 1 @@ -277,9 +285,19 @@ else exit 1 fi -# update debian +# for setup shell scripts +sudo apt -y install dialog bc python3-dialog + +# libs (for global python scripts) +sudo -H python3 -m pip install --upgrade pip +sudo -H python3 -m pip install grpcio==1.38.1 +sudo -H python3 -m pip install googleapis-common-protos==1.53.0 +sudo -H python3 -m pip install toml==0.10.1 +sudo -H python3 -m pip install j2cli==0.3.10 +sudo -H python3 -m pip install requests[socks]==2.21.0 + echo "" -echo "*** UPDATE ***" +echo "*** UPDATE Debian***" sudo apt update -y sudo apt upgrade -f -y @@ -299,6 +317,9 @@ fi # special prepare when Raspbian if [ "${baseimage}" = "raspbian" ]||[ "${baseimage}" = "raspios_arm64" ]||\ [ "${baseimage}" = "debian_rpi64" ]; then + + echo "" + echo "*** PREPARE RASPBIAN ***" sudo apt install -y raspi-config # do memory split (16MB) sudo raspi-config nonint do_memory_split 16 @@ -357,7 +378,7 @@ fi # special prepare when Nvidia Jetson Nano if [ ${isNvidia} -eq 1 ] ; then - # disable GUI on boot + echo "Nvidia --> disable GUI on boot" sudo systemctl set-default multi-user.target fi @@ -553,6 +574,7 @@ sudo chsh admin -s /bin/bash echo '%sudo ALL=(ALL) NOPASSWD:ALL' | sudo EDITOR='tee -a' visudo # WRITE BASIC raspiblitz.info to sdcard +# if further info gets added .. make sure to keep that on: blitz.preparerelease.sh echo "baseimage=${baseimage}" > /home/admin/raspiblitz.info echo "cpu=${cpu}" >> /home/admin/raspiblitz.info echo "displayClass=headless" >> /home/admin/raspiblitz.info @@ -580,20 +602,7 @@ sudo /usr/sbin/groupadd --force --gid 9706 lndwalletkit sudo /usr/sbin/groupadd --force --gid 9707 lndrouter echo "" -echo "*** Python DEFAULT libs & dependencies ***" - -# for setup shell scripts -sudo apt -y install dialog bc python3-dialog - -# libs (for global python scripts) -sudo -H python3 -m pip install grpcio==1.36.1 -sudo -H python3 -m pip install googleapis-common-protos==1.53.0 -sudo -H python3 -m pip install toml==0.10.1 -sudo -H python3 -m pip install j2cli==0.3.10 -sudo -H python3 -m pip install requests[socks]==2.21.0 - -echo "" -echo "*** SHELL SCRIPTS AND ASSETS ***" +echo "*** SHELL SCRIPTS & ASSETS ***" # copy raspiblitz repo from github cd /home/admin/ @@ -607,9 +616,10 @@ sudo -u admin chmod +x *.sh sudo -u admin cp -r /home/admin/raspiblitz/home.admin/assets /home/admin/ sudo -u admin cp -r /home/admin/raspiblitz/home.admin/config.scripts /home/admin/ sudo -u admin chmod +x /home/admin/config.scripts/*.sh +sudo -u admin chmod +x /home/admin/setup.scripts/*.sh # install newest version of BlitzPy -blitzpy_wheel=$(ls -trR /home/admin/raspiblitz/home.admin/BlitzPy/dist | grep -E "*any.whl" | tail -n 1) +blitzpy_wheel=$(ls -tR /home/admin/raspiblitz/home.admin/BlitzPy/dist | grep -E "*any.whl" | tail -n 1) blitzpy_version=$(echo ${blitzpy_wheel} | grep -oE "([0-9]\.[0-9]\.[0-9])") echo "" echo "*** INSTALLING BlitzPy Version: ${blitzpy_version} ***" @@ -626,6 +636,12 @@ fi # add /sbin to path for all sudo bash -c "echo 'PATH=\$PATH:/sbin' >> /etc/profile" +# replace boot splash image when raspbian +if [ "${baseimage}" == "raspbian" ]; then + echo "* replacing boot splash" + sudo cp /home/admin/raspiblitz/pictures/splash.png /usr/share/plymouth/themes/pix/splash.png +fi + echo "" echo "*** RASPIBLITZ EXTRAS ***" @@ -820,61 +836,53 @@ sudo cp /home/admin/assets/background.service /etc/systemd/system/background.ser sudo systemctl enable background # "*** BITCOIN ***" -# based on https://stadicus.github.io/RaspiBolt/raspibolt_30_bitcoin.html#installation -echo "" +echo echo "*** PREPARING BITCOIN ***" # set version (change if update is available) # https://bitcoincore.org/en/download/ -bitcoinVersion="0.21.0" +bitcoinVersion="22.0" # needed to check code signing -laanwjPGP="01EA5486DE18A882D4C2684590C8019E36C2E964" +# https://github.com/laanwj +laanwjPGP="71A3 B167 3540 5025 D447 E8F2 7481 0B01 2346 C9A6" # prepare directories sudo rm -rf /home/admin/download sudo -u admin mkdir /home/admin/download cd /home/admin/download -# download, check and import signer key -sudo -u admin wget https://bitcoin.org/laanwj-releases.asc -if [ ! -f "./laanwj-releases.asc" ] +# receive signer key +if ! gpg --keyserver hkp://keyserver.ubuntu.com --recv-key "71A3 B167 3540 5025 D447 E8F2 7481 0B01 2346 C9A6" then - echo "!!! FAIL !!! Download laanwj-releases.asc not success." + echo "!!! FAIL !!! Couldn't download Wladimir J. van der Laan's PGP pubkey" exit 1 fi -gpg --import --import-options show-only ./laanwj-releases.asc -fingerprint=$(gpg ./laanwj-releases.asc 2>/dev/null | grep "${laanwjPGP}" -c) -if [ ${fingerprint} -lt 1 ]; then - echo "" - echo "!!! BUILD WARNING --> Bitcoin PGP author not as expected" - echo "Should contain laanwjPGP: ${laanwjPGP}" - echo "PRESS ENTER to TAKE THE RISK if you think all is OK" - read key -fi -gpg --import ./laanwj-releases.asc + +# download signed binary sha256 hash sum file +sudo -u admin wget https://bitcoincore.org/bin/bitcoin-core-${bitcoinVersion}/SHA256SUMS # download signed binary sha256 hash sum file and check -sudo -u admin wget https://bitcoin.org/bin/bitcoin-core-${bitcoinVersion}/SHA256SUMS.asc +sudo -u admin wget https://bitcoincore.org/bin/bitcoin-core-${bitcoinVersion}/SHA256SUMS.asc verifyResult=$(gpg --verify SHA256SUMS.asc 2>&1) goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) echo "goodSignature(${goodSignature})" -correctKey=$(echo ${verifyResult} | grep "using RSA key ${laanwjPGP: -16}" -c) +correctKey=$(echo ${verifyResult} | grep "${laanwjPGP}" -c) echo "correctKey(${correctKey})" if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then echo "" echo "!!! BUILD FAILED --> PGP Verify not OK / signature(${goodSignature}) verify(${correctKey})" exit 1 else - echo "" + echo echo "****************************************" echo "OK --> BITCOIN MANIFEST IS CORRECT" echo "****************************************" - echo "" + echo fi -# get the sha256 value for the corresponding platform from signed hash sum file +# bitcoinOSversion if [ ${isARM} -eq 1 ] ; then bitcoinOSversion="arm-linux-gnueabihf" fi @@ -884,22 +892,24 @@ fi if [ ${isX86_64} -eq 1 ] ; then bitcoinOSversion="x86_64-linux-gnu" fi -bitcoinSHA256=$(grep -i "$bitcoinOSversion" SHA256SUMS.asc | cut -d " " -f1) -echo "" -echo "*** BITCOIN v${bitcoinVersion} for ${bitcoinOSversion} ***" +echo +echo "*** BITCOIN CORE v${bitcoinVersion} for ${bitcoinOSversion} ***" # download resources binaryName="bitcoin-${bitcoinVersion}-${bitcoinOSversion}.tar.gz" if [ ! -f "./${binaryName}" ]; then - sudo -u admin wget https://bitcoin.org/bin/bitcoin-core-${bitcoinVersion}/${binaryName} + sudo -u admin wget https://bitcoincore.org/bin/bitcoin-core-${bitcoinVersion}/${binaryName} fi if [ ! -f "./${binaryName}" ]; then - echo "!!! FAIL !!! Download BITCOIN BINARY not success." + echo "!!! FAIL !!! Could not download the BITCOIN BINARY" exit 1 else + # check binary checksum test echo "- checksum test" + # get the sha256 value for the corresponding platform from signed hash sum file + bitcoinSHA256=$(grep -i "${binaryName}" SHA256SUMS | cut -d " " -f1) binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1) echo "Valid SHA256 checksum should be: ${bitcoinSHA256}" echo "Downloaded binary SHA256 checksum: ${binaryChecksum}" @@ -908,12 +918,13 @@ else rm -v ./${binaryName} exit 1 else - echo "" - echo "****************************************" - echo "OK --> VERIFIED BITCOIN CHECKSUM CORRECT" - echo "****************************************" + echo + echo "********************************************" + echo "OK --> VERIFIED BITCOIN CORE BINARY CHECKSUM" + echo "********************************************" + echo sleep 10 - echo "" + echo fi fi @@ -935,20 +946,17 @@ echo "*** PREPARING LIGHTNING ***" # "*** LND ***" ## based on https://stadicus.github.io/RaspiBolt/raspibolt_40_lnd.html#lightning-lnd ## see LND releases: https://github.com/lightningnetwork/lnd/releases -lndVersion="0.12.1-beta" +## !!!! If you change here - make sure to also change interims version in lnd.update.sh !!! +lndVersion="0.13.3-beta" # olaoluwa -#PGPauthor="roasbeef" -#PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc" -#PGPcheck="9769140D255C759B1EB77B46A96387A57CAAE94D" +PGPauthor="roasbeef" +PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc" +PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696" # bitconner -PGPauthor="bitconner" -PGPpkeys="https://keybase.io/bitconner/pgp_keys.asc" -PGPcheck="9C8D61868A7C492003B2744EE7D737B67FA592C7" -# Joost Jager -#PGPauthor="joostjager" -#PGPpkeys="https://keybase.io/joostjager/pgp_keys.asc" -#PGPcheck="D146D0F68939436268FA9A130E26BB61B76C4D3A" +#PGPauthor="bitconner" +#PGPpkeys="https://keybase.io/bitconner/pgp_keys.asc" +#PGPcheck="9C8D61868A7C492003B2744EE7D737B67FA592C7" # get LND resources cd /home/admin/download @@ -1058,6 +1066,104 @@ fi sudo chown -R admin /home/admin echo "- OK install of LND done" +echo "*** C-lightning ***" +# https://github.com/ElementsProject/lightning/releases +CLVERSION=0.10.1 + +# https://github.com/ElementsProject/lightning/tree/master/contrib/keys +PGPsigner="rustyrussel" +PGPpkeys="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/rustyrussell.txt" +PGPcheck="D9200E6CD1ADB8F1" + +# prepare download dir +sudo rm -rf /home/admin/download/cl +sudo -u admin mkdir -p /home/admin/download/cl +cd /home/admin/download/cl || exit 1 + +sudo -u admin wget -O "pgp_keys.asc" ${PGPpkeys} +gpg --import --import-options show-only ./pgp_keys.asc +fingerprint=$(gpg "pgp_keys.asc" 2>/dev/null | grep "${PGPcheck}" -c) +if [ ${fingerprint} -lt 1 ]; then + echo + echo "!!! WARNING --> the PGP fingerprint is not as expected for ${PGPsigner}" + echo "Should contain PGP: ${PGPcheck}" + echo "PRESS ENTER to TAKE THE RISK if you think all is OK" + read key +fi +gpg --import ./pgp_keys.asc + +sudo -u admin wget https://github.com/ElementsProject/lightning/releases/download/v${CLVERSION}/SHA256SUMS +sudo -u admin wget https://github.com/ElementsProject/lightning/releases/download/v${CLVERSION}/SHA256SUMS.asc + +verifyResult=$(gpg --verify SHA256SUMS.asc 2>&1) + +goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) +echo "goodSignature(${goodSignature})" +correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${PGPcheck}" -c) +echo "correctKey(${correctKey})" +if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then + echo + echo "!!! BUILD FAILED --> PGP verification not OK / signature(${goodSignature}) verify(${correctKey})" + exit 1 +else + echo + echo "****************************************************************" + echo "OK --> the PGP signature of the C-lightning SHA256SUMS is correct" + echo "****************************************************************" + echo +fi + +sudo -u admin wget https://github.com/ElementsProject/lightning/releases/download/v${CLVERSION}/clightning-v${CLVERSION}.zip + +hashCheckResult=$(sha256sum -c SHA256SUMS 2>&1) +goodHash=$(echo ${hashCheckResult} | grep 'OK' -c) +echo "goodHash(${goodHash})" +if [ ${goodHash} -lt 1 ]; then + echo + echo "!!! BUILD FAILED --> Hash check not OK" + exit 1 +else + echo + echo "********************************************************************" + echo "OK --> the hash of the downloaded C-lightning source code is correct" + echo "********************************************************************" + echo +fi + +echo "- Install build dependencies" +sudo apt-get install -y \ + autoconf automake build-essential git libtool libgmp-dev \ + libsqlite3-dev python3 python3-mako net-tools zlib1g-dev libsodium-dev \ + gettext unzip + +sudo -u admin unzip clightning-v${CLVERSION}.zip +cd clightning-v${CLVERSION} || exit 1 + +echo "- Configuring EXPERIMENTAL_FEATURES enabled" +sudo -u admin ./configure --enable-experimental-features + +echo "- Building C-lightning from source" +sudo -u admin make + +echo "- Install to /usr/local/bin/" +sudo make install || exit 1 + +installed=$(sudo -u admin lightning-cli --version) +if [ ${#installed} -eq 0 ]; then + echo + echo "!!! BUILD FAILED --> Was not able to install C-lightning" + exit 1 +fi + +correctVersion=$(echo "${installed}" | grep -c "${CLVERSION}") +if [ ${correctVersion} -eq 0 ]; then + echo + echo "!!! BUILD FAILED --> installed C-lightning is not version ${CLVERSION}" + sudo -u admin lightning-cli --version + exit 1 +fi +echo "- OK the installation of C-lightning v${installed} is done" + echo "" echo "*** raspiblitz.info ***" sudo cat /home/admin/raspiblitz.info @@ -1073,7 +1179,7 @@ echo "Take the chance & look thru the output above if you can spot any errors or echo "" echo "IMPORTANT IF WANT TO MAKE A RELEASE IMAGE FROM THIS BUILD:" echo "1. login fresh --> user:admin password:raspiblitz" -echo "2. run --> ./XXprepareRelease.sh" +echo "2. run --> release" echo "" # (do last - because might trigger reboot) @@ -1081,4 +1187,7 @@ if [ "${displayClass}" != "headless" ] || [ "${baseimage}" = "raspbian" ] || [ " echo "*** ADDITIONAL DISPLAY OPTIONS ***" echo "- calling: blitz.display.sh set-display ${displayClass}" sudo /home/admin/config.scripts/blitz.display.sh set-display ${displayClass} + sudo /home/admin/config.scripts/blitz.display.sh rotate 1 fi + +echo "# BUILD DONE - see above" diff --git a/home.admin/00infoBlitz.sh b/home.admin/00infoBlitz.sh index 4d1395c60..ac81a2ae6 100755 --- a/home.admin/00infoBlitz.sh +++ b/home.admin/00infoBlitz.sh @@ -1,5 +1,7 @@ #!/bin/bash +# 00infoBlitz.sh + # load code software version source /home/admin/_version.info @@ -14,6 +16,8 @@ color_gray='\033[0;37m' source /home/admin/raspiblitz.info 2>/dev/null source /mnt/hdd/raspiblitz.conf 2>/dev/null +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) + ## get HDD/SSD info source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) hdd="${hddUsedInfo}" @@ -45,7 +49,7 @@ if [ ${#network} -eq 0 ]; then if [ ${litecoinActive} -eq 1 ]; then network="litecoin" else - network=`sudo cat /home/admin/.network 2>/dev/null` + network=$(sudo cat /home/admin/.network 2>/dev/null) fi if [ ${#network} -eq 0 ]; then network="bitcoin" @@ -62,7 +66,6 @@ if [ ${#chain} -eq 0 ]; then fi # set datadir -bitcoin_dir="/home/bitcoin/.${network}" lnd_dir="/home/bitcoin/.lnd" lnd_macaroon_dir="/home/bitcoin/.lnd/data/chain/${network}/${chain}net" @@ -74,9 +77,13 @@ cpu=0 if [ -d "/sys/class/thermal/thermal_zone0/" ]; then cpu=$(cat /sys/class/thermal/thermal_zone0/temp) fi -tempC=$((cpu/1000)) -tempF=$(((tempC * 18 + 325) / 10)) - +if [ $cpu = 0 ];then + tempC="" + tempF="" +else + tempC=$((cpu/1000)) + tempF=$(((tempC * 18 + 325) / 10)) +fi # get memory ram_avail=$(free -m | grep Mem | awk '{ print $7 }') ram=$(printf "%sM / %sM" "${ram_avail}" "$(free -m | grep Mem | awk '{ print $2 }')") @@ -90,17 +97,17 @@ fi # Bitcoin blockchain btc_path=$(command -v ${network}-cli) blockInfo="-" -if [ -n ${btc_path} ]; then +if [ -n "${btc_path}" ]; then btc_title=$network - blockchaininfo="$(${network}-cli -datadir=${bitcoin_dir} getblockchaininfo 2>/dev/null)" + blockchaininfo="$($bitcoincli_alias getblockchaininfo 2>/dev/null)" if [ ${#blockchaininfo} -gt 0 ]; then btc_title="${btc_title} (${chain}net)" # get sync status - block_chain="$(${network}-cli -datadir=${bitcoin_dir} getblockcount 2>/dev/null)" + headers="$(echo "${blockchaininfo}" | jq -r '.headers')" block_verified="$(echo "${blockchaininfo}" | jq -r '.blocks')" - block_diff=$(expr ${block_chain} - ${block_verified}) - blockInfo="${block_verified}/${block_chain}" + block_diff=$(expr ${headers} - ${block_verified}) + blockInfo="${block_verified}/${headers}" progress="$(echo "${blockchaininfo}" | jq -r '.verificationprogress')" sync_percentage=$(echo $progress | awk '{printf( "%.2f%%", 100 * $1)}') @@ -124,13 +131,12 @@ if [ -n ${btc_path} ]; then fi # get last known block - last_block="$(${network}-cli -datadir=${bitcoin_dir} getblockcount 2>/dev/null)" if [ ! -z "${last_block}" ]; then btc_line2="${btc_line2} ${color_gray}(block ${last_block})" fi # get mem pool transactions - mempool="$(${network}-cli -datadir=${bitcoin_dir} getmempoolinfo 2>/dev/null | jq -r '.size')" + mempool="$($bitcoincli_alias getmempoolinfo 2>/dev/null | jq -r '.size')" else btc_line2="${color_red}NOT RUNNING\t\t" @@ -138,7 +144,7 @@ if [ -n ${btc_path} ]; then fi # get IP address & port -networkInfo=$(${network}-cli -datadir=${bitcoin_dir} getnetworkinfo 2>/dev/null) +networkInfo=$($bitcoincli_alias getnetworkinfo 2>/dev/null) local_ip="${localip}" # from internet.sh public_ip="${cleanip}" public_port="$(echo ${networkInfo} | jq -r '.localaddresses [0] .port')" @@ -152,9 +158,14 @@ fi # check if RTL web interface is installed webinterfaceInfo="" -runningRTL=$(sudo ls /etc/systemd/system/RTL.service 2>/dev/null | grep -c 'RTL.service') +runningRTL=$(systemctl status ${netprefix}${typeprefix}RTL.service 2>/dev/null | grep -c active) if [ ${runningRTL} -eq 1 ]; then - webinterfaceInfo="Web admin --> ${color_green}http://${local_ip}:3000" + if [ "${lightning}" == "cl" ]; then + RTLHTTP=${portprefix}7000 + elif [ "${lightning}" == "lnd" ];then + RTLHTTP=${portprefix}3000 + fi + webinterfaceInfo="Web admin --> ${color_green}http://${local_ip}:${RTLHTTP}" fi # CHAIN NETWORK @@ -162,9 +173,8 @@ public_addr_pre="Public " public_addr="??" torInfo="" # Version -networkVersion=$(${network}-cli -datadir=${bitcoin_dir} -version 2>/dev/null | cut -d ' ' -f6) +networkVersion=$($bitcoincli_alias -version 2>/dev/null | cut -d ' ' -f6) # TOR or IP -networkInfo=$(${network}-cli -datadir=${bitcoin_dir} getnetworkinfo) networkConnections=$(echo ${networkInfo} | jq -r '.connections') networkConnectionsInfo="${color_green}${networkConnections} ${color_gray}connections" @@ -222,72 +232,187 @@ else fi # LIGHTNING NETWORK - -ln_baseInfo="-" -ln_channelInfo="\n" -ln_external="\n" -ln_alias="${hostname}" -ln_publicColor="" -ln_port=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep "^listen=*" | cut -f2 -d':') -if [ ${#ln_port} -eq 0 ]; then - ln_port="9735" -fi - -wallet_unlocked=$(sudo tail -n 1 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep -c unlock) -if [ "$wallet_unlocked" -gt 0 ] ; then - alias_color="${color_red}" - ln_alias="Wallet Locked" -else - ln_getInfo=$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert getinfo 2>/dev/null) - ln_external=$(echo "${ln_getInfo}" | grep "uris" -A 1 | tr -d '\n' | cut -d '"' -f4) - ln_tor=$(echo "${ln_external}" | grep -c ".onion") - if [ ${ln_tor} -eq 1 ]; then - ln_publicColor="${color_green}" - else - public_check=$(nc -z -w6 ${public_ip} ${ln_port} 2>/dev/null; echo $?) - if [ $public_check = "0" ] || [ "${ipv6}" == "on" ]; then - # only set yellow/normal because netcat can only say that the port is open - not that it points to this device for sure - ln_publicColor="${color_amber}" - else - ln_publicColor="${color_red}" - fi +if [ "${lightning}" == "cl" ]; then + ln_getInfo=$($lightningcli_alias getinfo 2>/dev/null) + ln_baseInfo="-" + ln_channelInfo="\n" + ln_external="\n" + ln_alias="$(sudo cat "${CLCONF}" | grep "^alias=*" | cut -f2 -d=)" + if [ ${#ln_alias} -eq 0 ];then + ln_alias=$(echo "${ln_getInfo}" | grep '"alias":' | cut -d '"' -f4) fi - alias_color="${color_grey}" - ln_sync=$(echo "${ln_getInfo}" | grep "synced_to_chain" | grep "true" -c) - ln_version=$(echo "${ln_getInfo}" | jq -r '.version' | cut -d' ' -f1) - if [ ${ln_sync} -eq 0 ]; then - if [ ${#ln_getInfo} -eq 0 ]; then - ln_baseInfo="${color_red} Not Started | Not Ready Yet" - else - ln_baseInfo="${color_amber} Waiting for Chain Sync" - fi + if [ ${#ln_alias} -eq 0 ];then + ln_alias=${hostname} + fi + ln_publicColor="" + ln_port=$(sudo cat "${CLCONF}" | grep "^bind-addr=*" | cut -f2 -d':') + if [ ${#ln_port} -eq 0 ]; then + ln_port=$(echo "${ln_getInfo}" | grep '"port":' | cut -d: -f2 | tail -1 | bc) + fi + wallet_unlocked=0 #TODO + if [ "$wallet_unlocked" -gt 0 ] ; then + ln_alias="Wallet Locked" + else + pubkey=$(echo "${ln_getInfo}" | grep '"id":' | cut -d '"' -f4) + address=$(echo "${ln_getInfo}" | grep '.onion' | cut -d '"' -f4) + if [ ${#address} -eq 0 ];then + address=$(echo "${ln_getInfo}" | grep '"ipv4"' -A 1 | tail -1 | cut -d '"' -f4) + fi + ln_external="${pubkey}@${address}" + ln_tor=$(echo "${ln_external}" | grep -c ".onion") + if [ ${ln_tor} -eq 1 ]; then + ln_publicColor="${color_green}" else - ln_walletbalance="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert walletbalance | jq -r '.confirmed_balance')" 2>/dev/null - ln_walletbalance_wait="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert walletbalance | jq -r '.unconfirmed_balance')" 2>/dev/null - if [ "${ln_walletbalance_wait}" = "0" ]; then ln_walletbalance_wait=""; fi - if [ ${#ln_walletbalance_wait} -gt 0 ]; then ln_walletbalance_wait="(+${ln_walletbalance_wait})"; fi - ln_channelbalance="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert channelbalance | jq -r '.balance')" 2>/dev/null - ln_channelbalance_pending="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert channelbalance | jq -r '.pending_open_balance')" 2>/dev/null - if [ "${ln_channelbalance_pending}" = "0" ]; then ln_channelbalance_pending=""; fi - if [ ${#ln_channelbalance_pending} -gt 0 ]; then ln_channelbalance_pending=" (+${ln_channelbalance_pending})"; fi - ln_channels_online="$(echo "${ln_getInfo}" | jq -r '.num_active_channels')" 2>/dev/null - ln_channels_total="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert listchannels | jq '.[] | length')" 2>/dev/null - ln_baseInfo="${color_gray}wallet ${ln_walletbalance} sat ${ln_walletbalance_wait}" - ln_peers="$(echo "${ln_getInfo}" | jq -r '.num_peers')" 2>/dev/null - ln_channelInfo="${ln_channels_online}/${ln_channels_total} Channels ${ln_channelbalance} sat${ln_channelbalance_pending}" - ln_peersInfo="${color_green}${ln_peers} ${color_gray}peers" - ln_dailyfees="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert feereport | jq -r '.day_fee_sum')" 2>/dev/null - ln_weeklyfees="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert feereport | jq -r '.week_fee_sum')" 2>/dev/null - ln_monthlyfees="$(sudo -u bitcoin /usr/local/bin/lncli --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert feereport | jq -r '.month_fee_sum')" 2>/dev/null - ln_feeReport="Fee Report (D-W-M): ${color_green}${ln_dailyfees}-${ln_weeklyfees}-${ln_monthlyfees} ${color_gray}sat" + public_check=$(nc -z -w6 ${public_ip} ${ln_port} 2>/dev/null; echo $?) + if [ $public_check = "0" ] || [ "${ipv6}" == "on" ]; then + # only set yellow/normal because netcat can only say that the port is open - not that it points to this device for sure + ln_publicColor="${color_amber}" + else + ln_publicColor="${color_red}" + fi fi + BLOCKHEIGHT=$(echo "$blockchaininfo"|grep blocks|awk '{print $2}'|cut -d, -f1) + CLHEIGHT=$(echo "${ln_getInfo}" | jq .blockheight) + if [ "$BLOCKHEIGHT" == "$CLHEIGHT" ];then + ln_sync=1 + else + ln_sync=0 + fi + ln_version=$($lightningcli_alias -V) + if [ ${ln_sync} -eq 0 ]; then + if [ ${#ln_getInfo} -eq 0 ]; then + ln_baseInfo="${color_red} Not Started | Not Ready Yet" + else + ln_baseInfo=" + ${color_amber}Scanning blocks: ${CLHEIGHT}/${BLOCKHEIGHT}" + fi + else + ln_walletbalance=0 + cl_listfunds=$($lightningcli_alias listfunds 2>/dev/null) + for i in $(echo "$cl_listfunds" \ + |jq .outputs[]|jq 'select(.status=="confirmed")'|grep value|awk '{print $2}'|cut -d, -f1);do + ln_walletbalance=$((ln_walletbalance+i)) + done + for i in $(echo "$cl_listfunds" \ + |jq .outputs[]|jq 'select(.status=="unconfirmed")'|grep value|awk '{print $2}'|cut -d, -f1);do + ln_walletbalance_wait=$((ln_walletbalance_wait+i)) + done + # ln_closedchannelbalance: "state": "ONCHAIN" funds in channels + for i in $(echo "$cl_listfunds" \ + |jq .channels[]|jq 'select(.state=="ONCHAIN")'|grep channel_sat|awk '{print $2}'|cut -d, -f1);do + ln_closedchannelbalance=$((ln_closedchannelbalance+i)) + done + # ln_pendingonchain: waiting onchain + waiting closed channel funds + ln_pendingonchain=$((ln_walletbalance_wait+ln_closedchannelbalance)) + if [ "${ln_pendingonchain}" = "0" ]; then ln_pendingonchain=""; fi + if [ ${#ln_pendingonchain} -gt 0 ]; then ln_pendingonchain="(+${ln_pendingonchain})"; fi + # ln_channelbalance: "state": "CHANNELD_NORMAL" funds in channels + for i in $(echo "$cl_listfunds" \ + |jq .channels[]|jq 'select(.state=="CHANNELD_NORMAL")'|grep channel_sat|awk '{print $2}'|cut -d, -f1);do + ln_channelbalance=$((ln_channelbalance+i)) + done + if [ ${#ln_channelbalance} -eq 0 ];then + ln_channelbalance=0 + fi + # ln_channelbalance_all: all funds in channels + for i in $(echo "$cl_listfunds" \ + |jq .channels[]|grep channel_sat|awk '{print $2}'|cut -d, -f1);do + ln_channelbalance_all=$((ln_channelbalance_all+i)) + done + ln_channelbalance_pending=$((ln_channelbalance_all-ln_channelbalance-ln_closedchannelbalance)) + if [ "${ln_channelbalance_pending}" = "0" ]; then ln_channelbalance_pending=""; fi + if [ ${#ln_channelbalance_pending} -gt 0 ]; then ln_channelbalance_pending=" (+${ln_channelbalance_pending})"; fi + # - **num_peers** (u32): The total count of peers, connected or with channels + # - **num_pending_channels** (u32): The total count of channels being opened + # - **num_active_channels** (u32): The total count of channels in normal state + # - **num_inactive_channels** (u32): The total count of channels waiting for opening or closing + ln_channels_online="$(echo "${ln_getInfo}" | jq -r '.num_active_channels')" 2>/dev/null + cl_num_pending_channels="$(echo "${ln_getInfo}" | jq -r '.num_pending_channels')" 2>/dev/null + cl_num_inactive_channels="$(echo "${ln_getInfo}" | jq -r '.num_inactive_channels')" 2>/dev/null + ln_channels_total=$((ln_channels_online+cl_num_pending_channels+cl_num_inactive_channels)) + ln_baseInfo="${color_gray}Wallet ${ln_walletbalance} ${netprefix}sat ${ln_pendingonchain}" + ln_peers="$(echo "${ln_getInfo}" | jq -r '.num_peers')" 2>/dev/null + ln_channelInfo="${ln_channels_online}/${ln_channels_total} Channels ${ln_channelbalance} ${netprefix}sat${ln_channelbalance_pending}" + ln_peersInfo="${color_green}${ln_peers} ${color_gray}peers" + # - **fees_collected_msat** (msat): Total routing fees collected by this node + #ln_dailyfees="$($lncli_alias feereport | jq -r '.day_fee_sum')" 2>/dev/null + #ln_weeklyfees="$($lncli_alias feereport | jq -r '.week_fee_sum')" 2>/dev/null + #ln_monthlyfees="$($lncli_alias feereport | jq -r '.month_fee_sum')" 2>/dev/null + #ln_feeReport="Fee Report (D-W-M): ${color_green}${ln_dailyfees}-${ln_weeklyfees}-${ln_monthlyfees} ${color_gray}sat" + ln_feeReport="Fees collected: $(echo "${ln_getInfo}" | jq -r '.fees_collected_msat')" + fi + fi + +elif [ "${lightning}" == "lnd" ];then + ln_baseInfo="-" + ln_channelInfo="\n" + ln_external="\n" + ln_alias="$(sudo cat /mnt/hdd/lnd/${netprefix}lnd.conf | grep "^alias=*" | cut -f2 -d=)" + if [ ${#ln_alias} -eq 0 ];then + ln_alias=${hostname} + fi + ln_publicColor="" + ln_port=$(sudo cat /mnt/hdd/lnd/${netprefix}lnd.conf | grep "^listen=*" | cut -f2 -d':') + if [ ${#ln_port} -eq 0 ]; then + ln_port="9735" + fi + wallet_unlocked=$(sudo tail -n 1 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep -c unlock) + if [ "$wallet_unlocked" -gt 0 ] ; then + ln_alias="Wallet Locked" + else + ln_getInfo=$($lncli_alias --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert getinfo 2>/dev/null) + ln_external=$(echo "${ln_getInfo}" | grep "uris" -A 1 | tr -d '\n' | cut -d '"' -f4) + ln_tor=$(echo "${ln_external}" | grep -c ".onion") + if [ ${ln_tor} -eq 1 ]; then + ln_publicColor="${color_green}" + else + public_check=$(nc -z -w6 ${public_ip} ${ln_port} 2>/dev/null; echo $?) + if [ $public_check = "0" ] || [ "${ipv6}" == "on" ]; then + # only set yellow/normal because netcat can only say that the port is open - not that it points to this device for sure + ln_publicColor="${color_amber}" + else + ln_publicColor="${color_red}" + fi + fi + ln_sync=$(echo "${ln_getInfo}" | grep "synced_to_chain" | grep "true" -c) + ln_version=$(echo "${ln_getInfo}" | jq -r '.version' | cut -d' ' -f1) + if [ ${ln_sync} -eq 0 ]; then + if [ ${#ln_getInfo} -eq 0 ]; then + ln_baseInfo="${color_red} Not Started | Not Ready Yet" + else + ln_baseInfo="${color_amber} Waiting for Chain Sync" + fi + else + lnd_walletbalance=$($lncli_alias --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert walletbalance 2>/dev/null) + ln_walletbalance="$(echo "$lnd_walletbalance" | jq -r '.confirmed_balance')" 2>/dev/null + ln_walletbalance_wait="$(echo "$lnd_walletbalance" | jq -r '.unconfirmed_balance')" 2>/dev/null + if [ "${ln_walletbalance_wait}" = "0" ]; then ln_walletbalance_wait=""; fi + if [ ${#ln_walletbalance_wait} -gt 0 ]; then ln_walletbalance_wait="(+${ln_walletbalance_wait})"; fi + lnd_channelbalance=$($lncli_alias --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert channelbalance 2>/dev/null) + ln_channelbalance="$(echo "$lnd_channelbalance" | jq -r '.balance')" 2>/dev/null + ln_channelbalance_pending="$(echo "$lnd_channelbalance" | jq -r '.pending_open_balance')" 2>/dev/null + if [ "${ln_channelbalance_pending}" = "0" ]; then ln_channelbalance_pending=""; fi + if [ ${#ln_channelbalance_pending} -gt 0 ]; then ln_channelbalance_pending=" (+${ln_channelbalance_pending})"; fi + ln_channels_online="$(echo "${ln_getInfo}" | jq -r '.num_active_channels')" 2>/dev/null + ln_channels_total="$($lncli_alias --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert listchannels | jq '.[] | length')" 2>/dev/null + ln_baseInfo="${color_gray}wallet ${ln_walletbalance} ${netprefix}sat ${ln_walletbalance_wait}" + ln_peers="$(echo "${ln_getInfo}" | jq -r '.num_peers')" 2>/dev/null + ln_channelInfo="${ln_channels_online}/${ln_channels_total} Channels ${ln_channelbalance} ${netprefix}sat${ln_channelbalance_pending}" + ln_peersInfo="${color_green}${ln_peers} ${color_gray}peers" + lnd_feereport=$($lncli_alias --macaroonpath=${lnd_macaroon_dir}/readonly.macaroon --tlscertpath=${lnd_dir}/tls.cert feereport 2>/dev/null) + ln_dailyfees="$(echo "$lnd_feereport" | jq -r '.day_fee_sum')" 2>/dev/null + ln_weeklyfees="$(echo "$lnd_feereport" | jq -r '.week_fee_sum')" 2>/dev/null + ln_monthlyfees="$(echo "$lnd_feereport" | jq -r '.month_fee_sum')" 2>/dev/null + ln_feeReport="Fee Report (D-W-M): ${color_green}${ln_dailyfees}-${ln_weeklyfees}-${ln_monthlyfees} ${color_gray}sat" + fi + fi fi # show JoinMarket stats in place of the LND URI only if the Yield Generator is running - source /home/joinmarket/joinin.conf 2>/dev/null if [ "${joinmarket}" = "on" ] && [ $(sudo -u joinmarket pgrep -f "python yg-privacyenhanced.py $YGwallet --wallet-password-stdin" 2>/dev/null | wc -l) -gt 2 ]; then - JMstats=$(mktemp 2>/dev/null) + trap 'rm -f "$JMstats"' EXIT + JMstats=$(mktemp -p /dev/shm) sudo -u joinmarket /home/joinmarket/info.stats.sh > $JMstats JMstatsL1=$(sed -n 1p < "$JMstats") JMstatsL2=$(sed -n 2p < "$JMstats") @@ -305,19 +430,38 @@ ${color_yellow} ${color_yellow}${ln_publicColor}${ln_external}${color_gray}" fi +if [ "${lightning}" == "cl" ];then + LNline="C-LIGHTNING ${color_green}${ln_version}\n ${ln_baseInfo}" +elif [ "${lightning}" == "lnd" ];then + LNline="LND ${color_green}${ln_version} ${ln_baseInfo}" +fi + +if [ $cpu = 0 ];then + templine="on $(uname -m) VM%s%s" +else + templine="temp %s°C %s°F" +fi sleep 5 +LNinfo=" + Lightning Network" +if [ "${lightning}" == "" ]; then + LNinfo="" +fi + ## get uptime and current date & time uptime=$(uptime --pretty) datetime=$(date -R) +stty sane +sleep 1 clear + printf " ${color_yellow} ${color_yellow} ${color_yellow} ${color_yellow} ${color_amber}%s ${color_green} ${ln_alias} ${upsInfo} -${color_yellow} ${color_gray}${network^} Fullnode + Lightning Network ${torInfo} +${color_yellow} ${color_gray}${network^} Fullnode${LNinfo} ${torInfo} ${color_yellow} ,/ ${color_yellow}%s ${color_yellow} ,'/ ${color_gray}%s ${color_yellow} ,' / ${color_gray}%s, temp %s°C %s°F @@ -327,7 +471,7 @@ ${color_yellow} / ,' ${color_gray}${webinterfaceInfo} ${color_yellow} / ,' ${color_gray}${network} ${color_green}${networkVersion} ${color_gray}${chain}net ${networkConnectionsInfo} ${color_yellow} /,' ${color_gray}Blocks ${blockInfo} ${color_gray}Sync ${sync_color}${sync} %s ${color_yellow} /' ${color_gray} -${color_yellow} ${color_gray}LND ${color_green}${ln_version} ${ln_baseInfo} +${color_yellow} ${color_gray}${LNline} ${color_yellow} ${color_gray}${ln_channelInfo} ${ln_peersInfo} ${color_yellow} ${color_gray}${ln_feeReport} $lastLine @@ -373,57 +517,4 @@ else fi -# if running as user "pi": -# - write results to a JSON file on RAM disk -# - update info.html file -if [ "${EUID}" = "$(id -u pi)" ]; then - - json_ln_baseInfo=$(echo "${ln_baseInfo}" | cut -c 11-) - - cat < /var/cache/raspiblitz/info.json -{ - "uptime": "${uptime}", - "datetime": "${datetime}", - "codeVersion": "${codeVersion}", - "hostname": "${hostname}", - "network": "${network}", - "torInfo": "${torInfo}", - "load": "${load}", - "tempC": "${tempC}", - "tempF": "${tempF}", - "ram": "${ram}", - "hddUsedInfo": "${hddUsedInfo}", - "local_ip": "${local_ip}", - "network_rx": "${network_rx}", - "network_tx": "${network_tx}", - "runningRTL": "${runningRTL}", - "networkVersion": "${networkVersion}", - "chain": "${chain}", - "progress": "${progress}", - "sync_percentage": "${sync_percentage}", - "public_addr_pre": "${public_addr_pre}", - "public_addr": "${public_addr}", - "public": "${public}", - "networkConnections": "${networkConnections}", - "mempool": "${mempool}", - "ln_sync": "${ln_sync}", - "ln_version": "${ln_version}", - "ln_baseInfo": "${json_ln_baseInfo}", - "ln_peers": "${ln_peers}", - "ln_channelInfo": "${ln_channelInfo}", - "ln_external": "${ln_external}" -} -EOF - - # use Jinja2 and apply json data to template to produce static html file - templateExists=$(sudo ls /var/cache/raspiblitz/info.json 2>/dev/null | grep -c 'info.json') - if [ ${templateExists} -gt 0 ]; then - res=$(/usr/local/bin/j2 /var/www/blitzweb/info/info.j2 /var/cache/raspiblitz/info.json -o /var/cache/raspiblitz/info.html) - if ! [ $? -eq 0 ]; then - echo "an error occurred.. maybe JSON syntax is wrong..!" - echo "${res}" - fi - fi - -fi # EOF diff --git a/home.admin/00infoLCD.sh b/home.admin/00infoLCD.sh index d3a711f24..7289431a3 100755 --- a/home.admin/00infoLCD.sh +++ b/home.admin/00infoLCD.sh @@ -18,8 +18,10 @@ function usage() { # Default Values verbose=0 -pause=12 +pause=3 +# this is used by touchscreen and command 'status' +# TODO: remove on v1.8 while [[ "$1" == -* ]]; do case "$1" in -h|--help) @@ -82,244 +84,40 @@ while : # CHECK BASIC DATA ########################### - # get the local network IP to be displayed on the lCD - source <(sudo /home/admin/config.scripts/internet.sh status) - - # waiting for IP in general - if [ ${#localip} -eq 0 ]; then - l1="Waiting for Network ...\n" - l2="Not able to get local IP.\n" - l3="LAN cable connected? WIFI lost?\n" - dialog --backtitle "RaspiBlitz ${codeVersion}" --infobox "$l1$l2$l3" 5 40 - sleep 3 - continue - fi - - # waiting for Internet connection - if [ ${online} -eq 0 ]; then - l1="Waiting for Internet ...\n" - l2="Local Network seems OK but no Internet.\n" - l3="Is router still online?\n" - dialog --backtitle "RaspiBlitz ${codeVersion} ${localip}" --infobox "$l1$l2$l3" 5 45 - sleep 3 - continue - fi - # get config info if already available (with state value) source ${infoFile} configExists=$(ls ${configFile} 2>/dev/null | grep -c '.conf') if [ ${configExists} -eq 1 ]; then source ${configFile} + source <(/home/admin/config.scripts/network.aliases.sh getvars) fi - # reboot info - if [ "${state}" = "reboot" ]; then - dialog --backtitle "RaspiBlitz ${codeVersion}" --infobox "Waiting for Reboot ..." 3 30 - sleep 20 - continue - fi + if [ "${setupPhase}" != "done" ] || [ "${state}" == "reboot" ] || [ "${state}" == "shutdown" ] || [ "${state}" == "copytarget" ] || [ "${state}" == "copysource" ] || [ "${state}" == "copystation" ]; then - # shutdown info - if [ "${state}" = "shutdown" ]; then - dialog --backtitle "RaspiBlitz ${codeVersion}" --infobox "Waiting for Shutdown ..." 3 30 - sleep 20 - continue - fi - - # waiting for DHCP in general - if [ "${state}" = "noDHCP" ]; then - l1="Waiting for DHCP ...\n" - l2="Not able to get local IP.\n" - l3="Check you router if constant.\n" - dialog --backtitle "RaspiBlitz ${codeVersion} (${localip})" --infobox "$l1$l2$l3" 5 40 + # show status info during boot & setup & repair on LCD + /home/admin/setup.scripts/eventInfoWait.sh "${state}" "${message}" lcd sleep 1 continue + fi - # if no information available from files - set default - if [ ${#setupStep} -eq 0 ]; then - setupStep=0 - fi - - # before setup even started - if [ ${setupStep} -eq 0 ]; then - - # check for internet connection - online=$(ping 1.0.0.1 -c 1 -W 2 | grep -c '1 received') - if [ ${online} -eq 0 ]; then - # re-test with other server - online=$(ping 8.8.8.8 -c 1 -W 2 | grep -c '1 received') - fi - if [ ${online} -eq 0 ]; then - # re-test with other server - online=$(ping 208.67.222.222 -c 1 -W 2 | grep -c '1 received') - fi - - if [ ${online} -eq 0 ]; then - message="no internet connection" - - # when in presync - get more info on progress - elif [ "${state}" = "presync" ]; then - blockchaininfo="$(sudo -u root bitcoin-cli --conf=/home/admin/assets/bitcoin.conf getblockchaininfo 2>/dev/null)" - message="starting" - if [ ${#blockchaininfo} -gt 0 ]; then - message="$(echo "${blockchaininfo}" | jq -r '.verificationprogress')" - message=$(echo $message | awk '{printf( "%.2f%%", 100 * $1)}') - fi - - # when old data - improve message - elif [ "${state}" = "sdtoosmall" ]; then - message="SDCARD TOO SMALL - min 16GB" - - # when no HDD - improve message - elif [ "${state}" = "noHDD" ]; then - message="Connect external HDD/SSD" - fi - - # setup process has not started yet - l1="Login to your RaspiBlitz with:\n" - l2="ssh admin@${localip}\n" - l3="Use password: raspiblitz\n" - - if [ "${state}" = "recovering" ]; then - l1="Recovering please wait ..\n" - fi - - boxwidth=$((${#localip} + 24)) - sleep 3 - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) - ${message}" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 5 - continue - fi - - # check if recovering/upgrade is running - if [ "${state}" = "recovering" ]; then - if [ ${#message} -eq 0 ]; then - message="Setup in Progress" - fi - l1="Upgrade/Recover/Provision\n" - l2="---> ${message}\n" - l3="Please keep running until reboot." - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) ${setupStep} ${localip}" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 3 - continue - fi - - # if freshly recovered - recoveredInfoExists=$(sudo ls /home/admin/recover.flag 2>/dev/null | grep -c '.flag') - if [ ${recoveredInfoExists} -gt 0 ]; then - l1="FINAL RECOVER LOGIN NEEDED:\n" - l2="ssh admin@${localip}\n" - l3="Use password: raspiblitz\n" - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state})" --infobox "$l1$l2$l3" 5 ${boxwidth} + # TODO: ALSO SEPARATE GUI/ACTION FOR THE SCANNING / WALLET UNLOCK / ERROR DETECTION + # if lightning is syncing or scanning + source <(sudo /home/admin/config.scripts/blitz.statusscan.sh $lightning) + if [ "${walletLocked}" == "1" ] || [ "${CLwalletLocked}" == "1" ]; then + /home/admin/setup.scripts/eventInfoWait.sh "walletlocked" "" lcd sleep 3 continue fi - # if re-indexing - if [ "${state}" = "reindex" ]; then - l1="REINDEXING BLOCKCHAIN\n" - l2="To monitor & detect finish:\n" - l3="ssh admin@${localip}\n" - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state})" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 3 - continue - fi - - # when setup is in progress - password has been changed - if [ ${setupStep} -lt 100 ]; then - l1="Login to your RaspiBlitz with:\n" - l2="ssh admin@${localip}\n" - l3="Use your Password A\n" - boxwidth=$((${#localip} + 24)) - sleep 3 - dialog --backtitle "RaspiBlitz ${codeVersion} ${localip} - Welcome (${setupStep})" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 7 - continue - fi - - ########################### - # DISPLAY AFTER SETUP - ########################### - - if [ "${state}" = "repair" ]; then - l1="Repair Mode\n" - l2="ssh admin@${localip}\n" - l3="Use password: PasswordA\n" - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) ${setupStep} ${localip}" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 3 - continue - fi - - if [ "${state}" = "reboot" ]; then - l1="Reboot needed.\n" - l2="ssh admin@${localip}\n" - l3="Use password: PasswordA\n" - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) ${setupStep} ${localip}" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 3 - continue - fi - - if [ "${state}" = "retorrent" ]; then - l1="Repair Mode- TORRENT\n" - l2="ssh admin@${localip}\n" - l3="Use password: PasswordA\n" - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) ${setupStep} ${localip}" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 3 - continue - fi - - if [ "${state}" = "recopy" ]; then - l1="Repair Mode - COPY\n" - l2="ssh admin@${localip}\n" - l3="Use password: PasswordA\n" - boxwidth=$((${#localip} + 28)) - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) ${setupStep} ${localip}" --infobox "$l1$l2$l3" 5 ${boxwidth} - sleep 3 - continue - fi - - if [ "${state}" = "copystation" ]; then - l1="COPY STATION MODE\n" - l2="${message}" - dialog --backtitle "RaspiBlitz ${codeVersion} ${localip}" --infobox "$l1$l2" 6 56 - sleep 2 - continue - fi - - # if LND is syncing or scanning - lndSynced=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net getinfo 2>/dev/null | jq -r '.synced_to_chain' | grep -c true) - if [ ${lndSynced} -eq 0 ]; then - /home/admin/80scanLND.sh - sleep 20 - continue - fi - - # perform config check - configCheck=$(/home/admin/config.scripts/blitz.configcheck.py) - if [ $? -eq 0 ]; then - configValid=1 - # echo "Config Valid!" - else - configValid=0 - # echo "Config Not Valid!" - l1="POTENTIAL CONFIG ERROR FOUND\n" - l2="ssh admin@${localip}\n" - l3="use Password A\n" - l4="Run on Terminal command: check" - dialog --backtitle "RaspiBlitz ${codeVersion} cfg-err ${localip}" --infobox "$l1$l2$l3$l4" 6 50 - sleep 20 + if [ "${syncedToChain}" != "1" ]; then + /home/admin/setup.scripts/eventBlockchainSync.sh lcd + sleep 10 continue fi # no special case - show status display - /home/admin/00infoBlitz.sh + /home/admin/00infoBlitz.sh $lightning ${chain}net sleep 5 done diff --git a/home.admin/00mainMenu.sh b/home.admin/00mainMenu.sh index 674a35664..e7d9c850e 100755 --- a/home.admin/00mainMenu.sh +++ b/home.admin/00mainMenu.sh @@ -40,143 +40,136 @@ confirmation() # get the local network IP to be displayed on the LCD source <(/home/admin/config.scripts/internet.sh status local) +if [ ${chain} = test ];then + netprefix="t" +elif [ ${chain} = sig ];then + netprefix="s" +elif [ ${chain} = main ];then + netprefix="" +fi + # BASIC MENU INFO -HEIGHT=19 -WIDTH=64 -CHOICE_HEIGHT=12 +WIDTH=66 BACKTITLE="RaspiBlitz" TITLE="" MENU="Choose one of the following options:" OPTIONS=() plus="" if [ "${runBehindTor}" = "on" ]; then - plus=" / TOR" + plus="/ tor" fi if [ ${#dynDomain} -gt 0 ]; then - plus="${plus} / ${dynDomain}" + plus="/ ${dynDomain} ${plus}" fi -BACKTITLE="${localip} / ${hostname} / ${network} / ${chain}${plus}" - -if [ "${rtlWebinterface}" == "on" ]; then - TITLE="Webinterface: http://${localip}:3000" -fi - -# Put Activated Apps on top -if [ "${rtlWebinterface}" == "on" ]; then - OPTIONS+=(RTL "RTL Web Node Manager") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${BTCPayServer}" == "on" ]; then - OPTIONS+=(BTCPAY "BTCPay Server Info") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${lit}" == "on" ]; then - OPTIONS+=(LIT "LIT (loop, pool, faraday)") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${ElectRS}" == "on" ]; then - OPTIONS+=(ELECTRS "Electrum Rust Server") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${BTCRPCexplorer}" == "on" ]; then - OPTIONS+=(EXPLORE "BTC RPC Explorer") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${LNBits}" == "on" ]; then - OPTIONS+=(LNBITS "LNbits Server") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${lndmanage}" == "on" ]; then - OPTIONS+=(LNDMANAGE "LND Manage Script") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${loop}" == "on" ]; then - OPTIONS+=(LOOP "Loop In/Out Service") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${mempoolExplorer}" == "on" ]; then - OPTIONS+=(MEMPOOL "Mempool Space") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${specter}" == "on" ]; then - OPTIONS+=(SPECTER "Cryptoadvance Specter") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${joinmarket}" == "on" ]; then - OPTIONS+=(JMARKET "JoinMarket") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${faraday}" == "on" ]; then - OPTIONS+=(FARADAY "Faraday Channel Management") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${bos}" == "on" ]; then - OPTIONS+=(BOS "Balance of Satoshis") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${pyblock}" == "on" ]; then - OPTIONS+=(PYBLOCK "PyBlock") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${thunderhub}" == "on" ]; then - OPTIONS+=(THUB "ThunderHub") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${zerotier}" == "on" ]; then - OPTIONS+=(ZEROTIER "ZeroTier") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${pool}" == "on" ]; then - OPTIONS+=(POOL "Lightning Pool") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${sphinxrelay}" == "on" ]; then - OPTIONS+=(SPHINX "Sphinx Chat Relay") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${chantools}" == "on" ]; then - OPTIONS+=(CHANTOOLS "ChannelTools (Fund Rescue)") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${circuitbreaker}" == "on" ]; then - OPTIONS+=(CIRCUIT "Circuitbreaker (LND firewall)") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) +if [ ${#lightning} -gt 0 ]; then + plus="/ ${lightning} ${plus}" fi +BACKTITLE="${localip} / ${hostname} / ${network} ${plus}" # Basic Options OPTIONS+=(INFO "RaspiBlitz Status Screen") -OPTIONS+=(LIGHTNING "LND Wallet Options") + +# if LND is active +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(LND "LND Wallet Options") +fi + +# if C-Lightning is active +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + OPTIONS+=(CL "C-lightning Wallet Options") +fi + +# Activated Apps/Services +if [ "${rtlWebinterface}" == "on" ]; then + OPTIONS+=(LRTL "LND RTL Webinterface") +fi +if [ "${crtlWebinterface}" == "on" ]; then + OPTIONS+=(CRTL "C-Lightning RTL Webinterface") +fi +if [ "${BTCPayServer}" == "on" ]; then + OPTIONS+=(BTCPAY "BTCPay Server Info") +fi +if [ "${lit}" == "on" ]; then + OPTIONS+=(LIT "LIT (loop, pool, faraday)") +fi +if [ "${sparko}" == "on" ]; then + OPTIONS+=(SPARKO "Sparko Webwallet") +fi +if [ "${spark}" == "on" ]; then + OPTIONS+=(SPARK "Spark Wallet") +fi +if [ "${ElectRS}" == "on" ]; then + OPTIONS+=(ELECTRS "Electrum Rust Server") +fi +if [ "${BTCRPCexplorer}" == "on" ]; then + OPTIONS+=(EXPLORE "BTC RPC Explorer") +fi +if [ "${LNBits}" == "on" ]; then + OPTIONS+=(LNBITS "LNbits Server") +fi +if [ "${lndmanage}" == "on" ]; then + OPTIONS+=(LNDMANAGE "LND Manage Script") +fi +if [ "${loop}" == "on" ]; then + OPTIONS+=(LOOP "Loop In/Out Service") +fi +if [ "${mempoolExplorer}" == "on" ]; then + OPTIONS+=(MEMPOOL "Mempool Space") +fi +if [ "${specter}" == "on" ]; then + OPTIONS+=(SPECTER "Specter Desktop") +fi +if [ "${joinmarket}" == "on" ]; then + OPTIONS+=(JM "JoinMarket with JoininBox") +fi +if [ "${faraday}" == "on" ]; then + OPTIONS+=(FARADAY "Faraday Channel Management") +fi +if [ "${bos}" == "on" ]; then + OPTIONS+=(BOS "Balance of Satoshis") +fi +if [ "${pyblock}" == "on" ]; then + OPTIONS+=(PYBLOCK "PyBlock") +fi +if [ "${thunderhub}" == "on" ]; then + OPTIONS+=(THUB "ThunderHub") +fi +if [ "${zerotier}" == "on" ]; then + OPTIONS+=(ZEROTIER "ZeroTier") +fi +if [ "${pool}" == "on" ]; then + OPTIONS+=(POOL "Lightning Pool") +fi +if [ "${sphinxrelay}" == "on" ]; then + OPTIONS+=(SPHINX "Sphinx Chat Relay") +fi +if [ "${chantools}" == "on" ]; then + OPTIONS+=(CHANTOOLS "ChannelTools (Fund Rescue)") +fi +if [ "${circuitbreaker}" == "on" ]; then + OPTIONS+=(CIRCUIT "Circuitbreaker (LND firewall)") +fi + +# dont offer to switch to "testnet view for now" - so no wswitch back to mainnet needed +#if [ ${chain} != "main" ]; then +# OPTIONS+=(MAINNET "Mainnet Service Options") +#fi + +if [ "${testnet}" == "on" ]; then + OPTIONS+=(TESTNETS "Testnet/Signet Options") +fi + OPTIONS+=(SETTINGS "Node Settings & Options") OPTIONS+=(SERVICES "Additional Apps & Services") OPTIONS+=(SYSTEM "Monitoring & Configuration") OPTIONS+=(CONNECT "Connect Apps & Show Credentials") -OPTIONS+=(SUBSCRIBE "Manage Subscriptions") +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(SUBSCRIBE "Manage Subscriptions") +fi OPTIONS+=(PASSWORD "Change Passwords") if [ "${touchscreen}" == "1" ]; then OPTIONS+=(SCREEN "Touchscreen Calibration") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi # final Options @@ -185,6 +178,8 @@ OPTIONS+=(UPDATE "Check/Prepare RaspiBlitz Update") OPTIONS+=(REBOOT "Reboot RaspiBlitz") OPTIONS+=(OFF "PowerOff RaspiBlitz") +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) CHOICE=$(dialog --clear \ --backtitle "$BACKTITLE" \ --title "$TITLE" \ @@ -198,49 +193,48 @@ CHOICE=$(dialog --clear \ case $CHOICE in INFO) echo "Gathering Information (please wait) ..." - walletLocked=$(lncli getinfo 2>&1 | grep -c "Wallet is encrypted") - if [ ${walletLocked} -eq 0 ]; then - while : - do + while : + do - # show the same info as on LCD screen - /home/admin/00infoBlitz.sh + # show the same info as on LCD screen + /home/admin/00infoBlitz.sh ${lightning} ${chain}net - # wait 6 seconds for user exiting loop + # wait 6 seconds for user exiting loop + echo "" + echo -en "Screen is updating in a loop .... press 'x' now to get back to menu." + read -n 1 -t 6 keyPressed + echo -en "\rGathering information to update info ... please wait. \n" + + # check if user wants to abort session + if [ "${keyPressed}" = "x" ]; then echo "" - echo -en "Screen is updating in a loop .... press 'x' now to get back to menu." - read -n 1 -t 6 keyPressed - echo -en "\rGathering information to update info ... please wait. \n" - - # check if user wants to abort session - if [ "${keyPressed}" = "x" ]; then - echo "" - echo "Returning to menu ....." - sleep 4 - break - fi - done - - else - /home/admin/00raspiblitz.sh - exit 0 - fi + echo "Returning to menu ....." + sleep 4 + break + fi + done ;; - LIGHTNING) - /home/admin/99lightningMenu.sh + LND) + /home/admin/99lndMenu.sh + ;; + CL) + /home/admin/99clMenu.sh ${chain}net ;; CONNECT) /home/admin/99connectMenu.sh ;; SYSTEM) - /home/admin/99systemMenu.sh + /home/admin/99systemMenu.sh ${chain}net ;; SCREEN) dialog --title 'Touchscreen Calibration' --msgbox 'Choose OK and then follow the instructions on touchscreen for calibration.\n\nBest is to use a stylus for accurate touchscreen interaction.' 9 48 /home/admin/config.scripts/blitz.touchscreen.sh calibrate ;; - RTL) - /home/admin/config.scripts/bonus.rtl.sh menu + LRTL) + /home/admin/config.scripts/bonus.rtl.sh menu lnd mainnet + ;; + CRTL) + /home/admin/config.scripts/bonus.rtl.sh menu cl mainnet ;; BTCPAY) /home/admin/config.scripts/bonus.btcpayserver.sh menu @@ -254,6 +248,12 @@ case $CHOICE in LIT) /home/admin/config.scripts/bonus.lit.sh menu ;; + SPARKO) + /home/admin/config.scripts/cl-plugin.sparko.sh menu mainnet + ;; + SPARK) + /home/admin/config.scripts/cl.spark.sh menu mainnet + ;; LNBITS) /home/admin/config.scripts/bonus.lnbits.sh menu ;; @@ -267,9 +267,9 @@ case $CHOICE in /home/admin/config.scripts/bonus.mempool.sh menu ;; SPECTER) - /home/admin/config.scripts/bonus.cryptoadvance-specter.sh menu + /home/admin/config.scripts/bonus.specter.sh menu ;; - JMARKET) + JM) sudo /home/admin/config.scripts/bonus.joinmarket.sh menu ;; FARADAY) @@ -298,7 +298,10 @@ case $CHOICE in ;; CIRCUIT) sudo /home/admin/config.scripts/bonus.circuitbreaker.sh menu - ;; + ;; + TESTNETS) + /home/admin/00parallelChainsMenu.sh + ;; SUBSCRIBE) /home/admin/config.scripts/blitz.subscriptions.py ;; @@ -310,9 +313,6 @@ case $CHOICE in ;; REPAIR) /home/admin/98repairMenu.sh - if [ $? -eq 99 ]; then - exit 1 - fi ;; PASSWORD) sudo /home/admin/config.scripts/blitz.setpassword.sh @@ -321,44 +321,41 @@ case $CHOICE in /home/admin/99updateMenu.sh ;; REBOOT) - clear - confirmation "Are you sure?" "Reboot" "Cancel" true 7 40 - confirmationReboot=$? - if [ $confirmationReboot -eq 0 ]; then + clear + confirmation "Are you sure?" "Reboot" "Cancel" true 7 40 + confirmationReboot=$? + if [ $confirmationReboot -eq 0 ]; then clear echo "" - sudo /home/admin/XXshutdown.sh reboot - exit 0 - fi + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot + exit 1 + fi ;; OFF) - clear - confirmation "Are you sure?" "PowerOff" "Cancel" true 7 40 - confirmationShutdown=$? - if [ $confirmationShutdown -eq 0 ]; then + clear + confirmation "Are you sure?" "PowerOff" "Cancel" true 7 40 + confirmationShutdown=$? + if [ $confirmationShutdown -eq 0 ]; then clear echo "" - sudo /home/admin/XXshutdown.sh - exit 0 - fi + sudo /home/admin/config.scripts/blitz.shutdown.sh + exit 1 + fi ;; DELETE) sudo /home/admin/XXcleanHDD.sh - sudo /home/admin/XXshutdown.sh reboot - exit 0 + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot + exit 1 ;; *) clear - echo "***********************************" - echo "* RaspiBlitz Commandline" - echo "* Here be dragons .. have fun :)" - echo "***********************************" - echo "Bitcoin command line options: bitcoin-cli help" - echo "LND command line options: lncli -h" - echo "Back to main menu use command: raspiblitz" - echo - exit 0 + exit 1 esac -# go into loop - start script from beginning to load config/sate fresh -/home/admin/00mainMenu.sh +# forward exit code of submenu to outside loop +# 0 = continue loop / everything else = break loop and exit to terminal +exitCodeOfSubmenu=$? +if [ "${exitCodeOfSubmenu}" != "0" ]; then + echo "# submenu signaled exit code '${exitCodeOfSubmenu}' --> forward to outside loop" +fi +exit ${exitCodeOfSubmenu} \ No newline at end of file diff --git a/home.admin/00parallelChainsMenu.sh b/home.admin/00parallelChainsMenu.sh new file mode 100644 index 000000000..3a392ba38 --- /dev/null +++ b/home.admin/00parallelChainsMenu.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +# For now just list all testnet/signet options available +# injecting specific perspectives can be done later + +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf + +# get the local network IP to be displayed on the LCD +source <(/home/admin/config.scripts/internet.sh status local) + +# BASIC MENU INFO +WIDTH=64 +BACKTITLE="RaspiBlitz" +TITLE=" Testnet/Signet Options " +MENU="Choose one of the following options:" +OPTIONS=() +plus="" + +if [ "${testnet}" == "on" ]; then + OPTIONS+=(tSYS "TESTNET Monitoring & Configuration") + if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then OPTIONS+=(tLND "TESTNET LND Wallet Options"); fi + if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then OPTIONS+=(tCL "TESTNET C-Lightning Wallet Options"); fi +fi + +# just an optical splitter - ignored on select +OPTIONS+=(--- "----------------------------------") + +if [ "${signet}" == "on" ]; then + OPTIONS+=(sSYS "SIGNET Monitoring & Configuration") + if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then OPTIONS+=(sCL "SIGNET C-Lightning Wallet Options"); fi +fi + +# DONT OFFER SERVICES FOR TESTNET RIGHT NOW +# OPTIONS+=(RTL "RTL Web Node Manager for LND ${CHAIN}") +# OPTIONS+=(SERVICES "Additional Apps & Services on ${CHAIN}") + +# MAYBE LATER +# OPTIONS+=(CONNECT "Connect Apps & Show Credentials") + +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) +CHOICE=$(dialog --clear \ + --backtitle "$BACKTITLE" \ + --title "$TITLE" \ + --ok-label "Select" \ + --cancel-label "Back" \ + --menu "$MENU" \ + $HEIGHT $WIDTH $CHOICE_HEIGHT \ + "${OPTIONS[@]}" \ + 2>&1 >/dev/tty) + +case $CHOICE in + tSYS) + /home/admin/99systemMenu.sh testnet + ;; + sSYS) + /home/admin/99systemMenu.sh signet + ;; + tLND) + /home/admin/99lndMenu.sh testnet + ;; + sLND) + /home/admin/99lndMenu.sh signet + ;; + tCL) + /home/admin/99clMenu.sh testnet + ;; + sCL) + /home/admin/99clMenu.sh signet + ;; +esac \ No newline at end of file diff --git a/home.admin/00parallelMainnetServices.sh b/home.admin/00parallelMainnetServices.sh new file mode 100644 index 000000000..3a0483701 --- /dev/null +++ b/home.admin/00parallelMainnetServices.sh @@ -0,0 +1,203 @@ +#!/bin/bash + +# get raspiblitz config +echo "get raspiblitz config" +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf + +CHAIN=mainnet + +# for testnet +echo "services default values" +if [ ${#rtlWebinterface} -eq 0 ]; then rtlWebinterface="off"; fi +if [ ${#lnd} -eq 0 ]; then lnd="off"; fi +if [ ${#cl} -eq 0 ]; then cl="off"; fi +if [ ${#crtlWebinterface} -eq 0 ]; then crtlWebinterface="off"; fi +if [ ${#sparko} -eq 0 ]; then sparko="off"; fi +if [ ${#spark} -eq 0 ]; then spark="off"; fi + +# show select dialog +echo "run dialog ..." + +OPTIONS=() +OPTIONS+=(l "LND on $CHAIN" ${lnd}) +OPTIONS+=(r "RTL for LND $CHAIN" ${rtlWebinterface}) +OPTIONS+=(c "C-lightning on $CHAIN" ${cl}) +OPTIONS+=(t "RTL for CL on $CHAIN" ${crtlWebinterface}) +OPTIONS+=(s "Sparko for CL on $CHAIN" ${sparko}) +OPTIONS+=(m "Spark for CL on $CHAIN" ${spark}) + +CHOICES=$(dialog --title ' Additional Services ' \ + --checklist ' use spacebar to activate/de-activate ' \ + 12 45 5 "${OPTIONS[@]}" 2>&1 >/dev/tty) + +dialogcancel=$? +echo "done dialog" +clear + +# check if user canceled dialog +echo "dialogcancel(${dialogcancel})" +if [ ${dialogcancel} -eq 1 ]; then + echo "user canceled" + exit 0 +elif [ ${dialogcancel} -eq 255 ]; then + echo "ESC pressed" + exit 0 +fi + +needsReboot=0 +anychange=0 + +# lnd process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "l") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${lnd}" != "${choice}" ]; then + echo "# LND on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/lnd.install.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + echo "# Successfully installed LND on $CHAIN" + else + l1="# !!! FAIL on LND on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/lnd.install.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# LND on $CHAIN Setting unchanged." +fi + +# cl process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "c") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${cl}" != "${choice}" ]; then + echo "# CL on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/cl.install.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + echo "# Successfully installed CL on $CHAIN" + else + l1="# !!! FAIL on CL on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl.install.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# CL on $CHAIN Setting unchanged." +fi + +# RTL process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "r") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${rtlWebinterface}" != "${choice}" ]; then + echo "# RTL for LND $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/bonus.rtl.sh ${choice} lnd $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + sudo systemctl start RTL + echo "# waiting 10 secs .." + sleep 10 + /home/admin/config.scripts/bonus.rtl.sh menu lnd $CHAIN + else + l1="# !!! FAIL on RTL for LND $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/bonus.rtl.sh on lnd $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# RTL for LND $CHAIN Setting unchanged." +fi + +# cRTL process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "t") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${crtlWebinterface}" != "${choice}" ]; then + echo "RTL for CL $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/bonus.rtl.sh ${choice} cl $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + sudo systemctl start cRTL + echo "waiting 10 secs .." + sleep 10 + /home/admin/config.scripts/bonus.rtl.sh menu cl $CHAIN + else + l1="!!! FAIL on RTL for CL $CHAIN install !!!" + l2="Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/bonus.rtl.sh on cl $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "RTL for CL $CHAIN Setting unchanged." +fi + +# sparko process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "s") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${sparko}" != "${choice}" ]; then + echo "# Sparko on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/cl-plugin.sparko.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + /home/admin/config.scripts/cl-plugin.sparko.sh menu $CHAIN + else + l1="# !!! FAIL on Sparko on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl-plugin.sparko.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# Sparko on $CHAIN Setting unchanged." +fi + +# spark process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "m") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${spark}" != "${choice}" ]; then + echo "# Spark Wallet on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/cl.spark.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + /home/admin/config.scripts/cl.spark.sh menu $CHAIN + else + l1="# !!! FAIL on Spark Wallet on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl.spark.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# Spark Wallet on $CHAIN Setting unchanged." +fi + +if [ ${anychange} -eq 0 ]; then + dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58 + exit 0 +fi + +if [ ${needsReboot} -eq 1 ]; then + sleep 2 + dialog --pause "OK. System will reboot to activate changes." 8 58 8 + clear + echo "rebooting .. (please wait)" + # stop bitcoind + sudo -u bitcoin ${network}-cli stop + sleep 4 + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot +fi \ No newline at end of file diff --git a/home.admin/00parallelTestnetServices.sh b/home.admin/00parallelTestnetServices.sh new file mode 100644 index 000000000..3c751286e --- /dev/null +++ b/home.admin/00parallelTestnetServices.sh @@ -0,0 +1,203 @@ +#!/bin/bash + +# get raspiblitz config +echo "get raspiblitz config" +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf + +CHAIN=testnet + +# for testnet +echo "services default values" +if [ ${#trtlWebinterface} -eq 0 ]; then trtlWebinterface="off"; fi +if [ ${#tlnd} -eq 0 ]; then tlnd="off"; fi +if [ ${#tcrtlWebinterface} -eq 0 ]; then tcrtlWebinterface="off"; fi +if [ ${#tcl} -eq 0 ]; then tcl="off"; fi +if [ ${#tsparko} -eq 0 ]; then tsparko="off"; fi +if [ ${#tspark} -eq 0 ]; then tspark="off"; fi + +# show select dialog +echo "run dialog ..." + +OPTIONS=() +OPTIONS+=(l "LND on $CHAIN" ${tlnd}) +OPTIONS+=(r "RTL for LND $CHAIN" ${trtlWebinterface}) +OPTIONS+=(c "C-lightning on $CHAIN" ${tcl}) +OPTIONS+=(t "RTL for CL on $CHAIN" ${tcrtlWebinterface}) +OPTIONS+=(s "Sparko for CL on $CHAIN" ${tsparko}) +OPTIONS+=(m "Spark Wallet fro CL on $CHAIN" ${tspark}) + +CHOICES=$(dialog --title ' Additional Services ' \ + --checklist ' use spacebar to activate/de-activate ' \ + 12 45 5 "${OPTIONS[@]}" 2>&1 >/dev/tty) + +dialogcancel=$? +echo "done dialog" +clear + +# check if user canceled dialog +echo "dialogcancel(${dialogcancel})" +if [ ${dialogcancel} -eq 1 ]; then + echo "user canceled" + exit 0 +elif [ ${dialogcancel} -eq 255 ]; then + echo "ESC pressed" + exit 0 +fi + +needsReboot=0 +anychange=0 + +# tlnd process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "l") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${tlnd}" != "${choice}" ]; then + echo "# LND on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/lnd.install.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + echo "# Successfully installed LND on $CHAIN" + else + l1="# !!! FAIL on LND on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/lnd.install.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# LND on $CHAIN Setting unchanged." +fi + +# tcl process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "c") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${tcl}" != "${choice}" ]; then + echo "# CL on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/cl.install.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + echo "# Successfully installed CL on $CHAIN" + else + l1="# !!! FAIL on CL on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl.install.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# CL on $CHAIN Setting unchanged." +fi + +# tRTL process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "r") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${trtlWebinterface}" != "${choice}" ]; then + echo "# RTL for LND $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/bonus.rtl.sh ${choice} lnd $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + sudo systemctl start tRTL + echo "# waiting 10 secs .." + sleep 10 + /home/admin/config.scripts/bonus.rtl.sh menu lnd $CHAIN + else + l1="# !!! FAIL on RTL for LND $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/bonus.rtl.sh on lnd $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# RTL for LND $CHAIN Setting unchanged." +fi + +# ctRTL process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "t") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${tcrtlWebinterface}" != "${choice}" ]; then + echo "RTL for CL $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/bonus.rtl.sh ${choice} cl $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + sudo systemctl start tcRTL + echo "waiting 10 secs .." + sleep 10 + /home/admin/config.scripts/bonus.rtl.sh menu cl $CHAIN + else + l1="!!! FAIL on RTL for CL $CHAIN install !!!" + l2="Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/bonus.rtl.sh on cl $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "RTL for CL $CHAIN Setting unchanged." +fi + +# tsparko process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "s") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${tsparko}" != "${choice}" ]; then + echo "# Sparko on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/cl-plugin.sparko.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + /home/admin/config.scripts/cl-plugin.sparko.sh menu $CHAIN + else + l1="# !!! FAIL on Sparko on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl-plugin.sparko.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# Sparko on $CHAIN Setting unchanged." +fi + +# tspark process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "m") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${tspark}" != "${choice}" ]; then + echo "# Spark Wallet on $CHAIN Setting changed .." + anychange=1 + /home/admin/config.scripts/cl.spark.sh ${choice} $CHAIN + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + /home/admin/config.scripts/cl.spark.sh menu $CHAIN + else + l1="# !!! FAIL on Spark Wallet on $CHAIN install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl.spark.sh on $CHAIN" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# Spark Wallet on $CHAIN Setting unchanged." +fi + +if [ ${anychange} -eq 0 ]; then + dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58 + exit 0 +fi + +if [ ${needsReboot} -eq 1 ]; then + sleep 2 + dialog --pause "OK. System will reboot to activate changes." 8 58 8 + clear + echo "rebooting .. (please wait)" + # stop bitcoind + sudo -u bitcoin ${network}-cli stop + sleep 4 + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot +fi \ No newline at end of file diff --git a/home.admin/00raspiblitz.sh b/home.admin/00raspiblitz.sh index 2e571a09d..8b38499e1 100755 --- a/home.admin/00raspiblitz.sh +++ b/home.admin/00raspiblitz.sh @@ -1,29 +1,237 @@ #!/bin/bash -echo "For debug logs CTRL+C and: tail -n1000 -f raspiblitz.log" -echo "or call the command 'debug' to see bigger report." -echo "Starting the main menu ..." + +####################################### +# SSH USER INTERFACE +# gets called when user logins per SSH +# or calls 'raspiblitz' on the terminal +####################################### +echo "Starting SSH user interface ... (please wait)" # CONFIGFILE - configuration of RaspiBlitz configFile="/mnt/hdd/raspiblitz.conf" +source ${configFile} 2>/dev/null # INFOFILE - state data from bootstrap infoFile="/home/admin/raspiblitz.info" -# use blitz.datadrive.sh to analyse HDD situation -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) -if [ "${error}" != "" ]; then - echo "# FAIL blitz.datadrive.sh status --> ${error}" - echo "# Please report issue to the raspiblitz github." +# check if raspiblitz.info exists +systemInfoExists=$(ls ${infoFile} | grep -c "${infoFile}") +if [ "${systemInfoExists}" != "1" ]; then + echo "systemInfoExists(${systemInfoExists})" + echo "FAIL: ${infoFile} does not exist .. which it should at this point." + echo "Check logs & bootstrap.service for errors and report to devs." exit 1 fi -# check if HDD is connected -if [ "${isMounted}" == "0" ] && [ ${#hddCandidate} -eq 0 ]; then +# get system state information raspiblitz.info +source ${infoFile} + +# check that basic system phase/state information is available +if [ "${setupPhase}" == "" ] || [ "${state}" == "" ]; then + echo "setupPhase(${setupPhase}) state(${state})" + echo "FAIL: ${infoFile} does not exist or missing state." + echo "Check logs & bootstrap.service for errors and report to devs." + exit 1 +fi + +# special state: copysource +if [ "${state}" = "stop" ]; then + echo "OK ready for manual provision - run 'release' at the end." + exit +fi + +# special state: copysource +if [ "${state}" = "copysource" ]; then + echo "***********************************************************" + echo "INFO: You lost connection during copying the blockchain" + echo "You have the following options:" + echo "a) continue/check progress with command: sourcemode" + echo "b) return to normal mode with command: restart" + echo "***********************************************************" + exit +fi + +# special state: copytarget +source <(/home/admin/config.scripts/blitz.copychain.sh status) +if [ "${copyInProgress}" = "1" ]; then + echo "Detected interrupted COPY blochain process ..." + /home/admin/config.scripts/blitz.copychain.sh target + exit +fi + +# special state: reindex was triggered +if [ "${state}" = "reindex" ]; then + echo "Re-Index in progress ... start monitoring:" + /home/admin/config.scripts/network.reindex.sh + exit +fi + +# special state: copystation +if [ "${state}" = "copystation" ]; then + echo "Copy Station is Running ..." + echo "reboot to return to normal" + sudo /home/admin/XXcopyStation.sh + exit +fi + +# prepare status file +# TODO: this is to be replaced and unified together with raspiblitz.info +# when we move to a background monitoring thread & redis for WebUI with v1.8 +sudo touch /var/cache/raspiblitz/raspiblitz.status +sudo chown admin:admin /var/cache/raspiblitz/raspiblitz.status +sudo chmod 740 /var/cache/raspiblitz/raspiblitz.status + +##################################### +# SSH MENU LOOP +# this loop runs until user exits or +# an error drops user to terminal +##################################### + +echo "# start ssh menu loop" +exitMenuLoop=0 +doneIBD=0 +while [ ${exitMenuLoop} -eq 0 ] +do + + ##################################### + # Access fresh system info on every loop + + # refresh system state information + source ${infoFile} + + # gather fresh status scan and store results in memory + # TODO: move this into background loop and unify with redis data storage later + #echo "# blitz.statusscan.sh" + + firstStatusScanExists=$(ls /var/cache/raspiblitz/raspiblitz.status | grep -c "raspiblitz.status") + #echo "firstStatusScanExists(${firstStatusScanExists})" + if [ ${firstStatusScanExists} -eq 1 ]; then + + # run statusscan with timeout - if status scan was not killed it will copy over the + timeout 15 /home/admin/config.scripts/blitz.statusscan.sh ${lightning} > /var/cache/raspiblitz/raspiblitz.status.tmp + result=$? + #echo "result(${result})" + if [ "${result}" == "0" ]; then + # statusscan finished in under 10 seconds - use results + cp /var/cache/raspiblitz/raspiblitz.status.tmp /var/cache/raspiblitz/raspiblitz.status + else + # statusscan blocked and was killed - fallback to old results + echo "statusscan blocked (${result}) - fallback to old results" + sleep 1 + fi + + else + + # first time run statusscan without timeout + echo "# running statusscan for the first time ... can take time" + /home/admin/config.scripts/blitz.statusscan.sh ${lightning} > /var/cache/raspiblitz/raspiblitz.status + + fi + + # load statusscan results + source /var/cache/raspiblitz/raspiblitz.status 2>/dev/null + + ##################################### + # ALWAYS: Handle System States + ##################################### + + ############################ + # LND Wallet Unlock + + if [ "${lndActive}" == "1" ] && [ "${walletLocked}" == "1" ] && [ "${state}" == "ready" ] && [ "${setupPhase}" == "done" ]; then + #echo "# lnd.unlock.sh" + /home/admin/config.scripts/lnd.unlock.sh + fi + + # CL Wallet Unlock + if [ "${CLwalletLocked}" == "1" ] && [ "${state}" == "ready" ] && [ "${setupPhase}" == "done" ]; then + /home/admin/config.scripts/cl.hsmtool.sh unlock + sleep 5 + fi + + ##################################### + # SETUP MENU + ##################################### + + # when is needed & bootstrap process signals that it waits for user dialog + if [ "${setupPhase}" != "done" ] && [ "${state}" == "waitsetup" ]; then + # push user to main menu + echo "# controlSetupDialog.sh" + /home/admin/setup.scripts/controlSetupDialog.sh + # use the exit code from setup menu as signal if menu loop should exited + # 0 = continue loop / everything else = break loop and exit to terminal + exitMenuLoop=$? + if [ "${exitMenuLoop}" != "0" ]; then break; fi + fi + + ##################################### + # SETUP DONE DIALOGS + ##################################### + + # when is needed & bootstrap process signals that it waits for user dialog + if [ "${setupPhase}" != "done" ] && [ "${state}" == "waitfinal" ]; then + # push to final setup gui dialogs + #echo "# controlFinalDialog.sh" + /home/admin/setup.scripts/controlFinalDialog.sh + # exit because controller will reboot at the end + exit 0 + fi + + # exit loop/script in case if system shutting down + if [ "${state}" == "reboot" ] || [ "${state}" == "shutdown" ]; then + dialog --pause " Prepare Reboot ..." 8 58 4 + clear echo "***********************************************************" - echo "WARNING: NO HDD FOUND -> Shutdown, connect HDD and restart." + echo "RaspiBlitz going to ${state}" echo "***********************************************************" - vagrant=$(df | grep -c "/vagrant") - if [ ${vagrant} -gt 0 ]; then + if [ "${state}" == "reboot" ]; then + echo "SSH again into system with:" + echo "ssh admin@${localip}" + echo "Use your password A" + echo "***********************************************************" + fi + sleep 10 + exit 0 + fi + + ##################################### + # INITIAL BLOCKCHAIN SYNC (SUBLOOP) + ##################################### + if [ "${lightning}" == "" ]; then syncedToChain=1; fi + if [ "${setupPhase}" == "done" ] && [ "${state}" == "ready" ] && [ "${syncedToChain}" != "1" ]; then + /home/admin/setup.scripts/eventBlockchainSync.sh ssh + sleep 10 + continue + fi + + ##################################### + # MAIN MENU or BLOCKCHAIN SYNC + ##################################### + + # when setup is done & state is ready .. jump to main menu + if [ "${setupPhase}" == "done" ] && [ "${state}" == "ready" ]; then + # MAIN MENU + echo "# 00mainMenu.sh" + /home/admin/00mainMenu.sh + # use the exit code from main menu as signal if menu loop should exited + # 0 = continue loop / everything else = break loop and exit to terminal + exitMenuLoop=$? + if [ "${exitMenuLoop}" != "0" ]; then break; fi + fi + + ##################################### + # DURING SETUP: Handle System States + ##################################### + + if [ "${setupPhase}" != "done" ]; then + + #echo "# DURING SETUP: Handle System State (${state})" + + # when no HDD on Vagrant - just print info & exit (admin info & exit) + if [ "${state}" == "noHDD" ] && [ ${vagrant} -gt 0 ]; then + echo "***********************************************************" + echo "VAGRANT INFO" + echo "***********************************************************" echo "To connect a HDD data disk to your VagrantVM:" echo "- shutdown VM with command: off" echo "- open your VirtualBox GUI and select RaspiBlitzVM" @@ -35,436 +243,91 @@ if [ "${isMounted}" == "0" ] && [ ${#hddCandidate} -eq 0 ]; then echo "a VDI with a presynced blockchain to speed up setup. If you dont have 900GB" echo "space on your laptop you can store the VDI file on an external drive." echo "***********************************************************" - fi - exit -fi - -# check if HDD is from another fullnode OS and offer migration -if [ "${hddGotMigrationData}" != "" ] && [ "${hddGotMigrationData}" != "none" ]; then - nodenameUpperCase=$(echo "${hddGotMigrationData}" | tr "[a-z]" "[A-Z]") - whiptail --title " ${nodenameUpperCase} --> RASPIBLITZ " --yes-button "Start Migration" --no-button "Ignore" --yesno "RaspiBlitz found data from ${nodenameUpperCase} - -You can migrate your blockchain & LND data (funds & channels) over to RaspiBlitz. - -Please make sure to have your ${nodenameUpperCase} seed words & static channel backup file (just in case). Also any data of additional apps you had installed on ${nodenameUpperCase} might get lost. - -Do you want to start migration to RaspiBlitz now? - " 16 58 - if [ $? -eq 0 ]; then - err="" - echo "**************************************************" - echo "MIGRATION FROM ${nodenameUpperCase} TO RASPIBLITZ" - echo "**************************************************" - echo "- started ..." - source <(sudo /home/admin/config.scripts/blitz.migration.sh migration-${hddGotMigrationData}) - if [ "${err}" != "" ]; then - echo "MIGRATION FAILED: ${err}" - echo "Format data disk on laptop & recover funds with fresh sd card using seed words + static channel backup." exit 1 fi - # if free space is lower than 100GB (100000000) delete backup files - if [ "${hddDataFreeKB}" != "" ] && [ ${hddDataFreeKB} -lt 407051412 ]; then - echo "- free space of data disk is low ... deleting 'backup_migration'" - sudo rm -R /mnt/hdd/backup_migration + # for all critical errors (admin info & exit) + if [ "${state}" == "error" ] || [ "${state}" == "errorHDD" ]; then + clear + echo "###########################################################" + echo "# /home/admin/raspiblitz.log" + cat /home/admin/raspiblitz.log + if [ "${state}" == "errorHDD" ]; then + # print some debug detail info on HDD/SSD error + echo "###########################################################" + echo "# blitz.datadrive.sh status" + sudo /home/admin/config.scripts/blitz.datadrive.sh status + fi + if [ "${message}" == "_provision.setup.sh fail" ]; then + echo "# /home/admin/raspiblitz.provision-setup.log" + cat /home/admin/raspiblitz.provision-setup.log + fi + echo "***********************************************************" + echo "ERROR - please report to development team" + echo "***********************************************************" + echo "state(${state}) message(${message})" + echo "https://github.com/rootzoll/raspiblitz#support" + echo "command to shutdown --> off" + exit 1 else - echo "- old data of ${nodenameUpperCase} can be found in '/mnt/hdd/backup_migration'" + # every other state just push as event to SSH frontend + /home/admin/setup.scripts/eventInfoWait.sh "${state}" "${message}" fi - sleep 3 - # kick into reboot - echo "******************************************************" - echo "OK MIGRATION --> will now reboot and update/recover" - echo "******************************************************" - sudo shutdown -h -r now - sleep 100 - exit 0 - else - echo "******************************************************" - echo "MIGRATION SKIPPED ... starting fresh RaspiBlitz Setup" - echo "******************************************************" - sleep 6 fi -fi -# check data from _bootstrap.sh that was running on device setup -bootstrapInfoExists=$(ls $infoFile | grep -c '.info') -if [ ${bootstrapInfoExists} -eq 0 ]; then - echo "***********************************************************" - echo "WARNING: NO raspiblitz.info FOUND -> bootstrap not running?" - echo "***********************************************************" - exit -fi +done -# load the data from the info file (will get produced on every startup) -source ${infoFile} - -if [ "${state}" = "recovering" ]; then - echo "***********************************************************" - echo "WARNING: bootstrap still updating - close SSH, login later" - echo "To monitor progress --> tail -n1000 -f raspiblitz.log" - echo "***********************************************************" - exit -fi - -if [ "${state}" = "copysource" ]; then - echo "***********************************************************" - echo "INFO: You lost connection during copying the blockchain" - echo "You have the following options:" - echo "a) continue/check progress with command: sourcemode" - echo "b) return to normal mode with command: restart" - echo "***********************************************************" - exit -fi - -# check if copy blockchain over LAN to this RaspiBlitz was running -source <(/home/admin/config.scripts/blitz.copyblockchain.sh status) -if [ "${copyInProgress}" = "1" ]; then - echo "Detected interrupted COPY blockchain process ..." - /home/admin/50copyHDD.sh - exit -fi - -# signal that after bootstrap recover user dialog is needed -recoveredInfoExists=$(sudo ls /home/admin/recover.flag 2>/dev/null | grep -c '.flag') -if [ ${recoveredInfoExists} -gt 0 ]; then - echo "System recovered - needs final user settings" - /home/admin/20recoverDialog.sh - exit 1 -fi - -# signal that a reindex was triggered -if [ "${state}" = "reindex" ]; then - echo "Re-Index in progress ... start monitoring:" - /home/admin/config.scripts/network.reindex.sh - exit 1 -fi - -# signal that copystation is running -if [ "${state}" = "copystation" ]; then - echo "Copy Station is Running ..." - echo "reboot to return to normal" - sudo /home/admin/XXcopyStation.sh - exit -fi - -# if state=ready -> setup is done or started -if [ "${state}" = "ready" ]; then - configExists=$(ls ${configFile} | grep -c '.conf') - if [ ${configExists} -eq 1 ]; then - echo "loading config data" - source ${configFile} - else - echo "setup still in progress - setupStep(${setupStep})" +echo "# menu loop received exit code ${exitMenuLoop} --> exit to terminal" +echo +echo " -==@@@====@===-- --===@====@@@==- " +echo " -@@=====-----=-===@@=====@@=====-----=====@@- -==@- " +echo " -@@------==---------@@@@@=--------==------@@- --=@@@@= " +echo " @@=------======-----@@@-----======------=@@=@@===@@= " +echo " =@@=---------=======@@@=======-----===@@@==- =@@- " +echo " -=@@==@@=----------=@@@@@@@@@=----==@@@==-- -=@@- " +echo " -@@@=----=@@===--====@@@@@@@@@@@@@@@@=-- -=@@@@= " +echo " =@@=--------@@@@@@@@@@@@@@@@@@@@@=-- -@@=---=@@- " +echo " -@@=-------=@@@=====@@@@@@@@@@=-- =@@=-------@@@ " +echo " =@@=-------=@@====@@@@@@@@==- -=@@@@=--------=@@- " +echo " =@@---------@@==@@@@@@==- -=@@@=@@@---------=@@ " +echo " -@@=--------=@@@@@@=- -@@@@@@@@@@=---------=@@ " +echo " @@=-------@@@@@@@@@=- =@@@===@@@@=@@@@--------@@- " +echo " -@@=------@@====@@@=@@@=- -=@@@======@@====@@@-------=@@ " +echo " -@@------@@@====@@@====@@@=- =@@@======@@@=====@@=------=@@ " +echo " -@@------=@@====@@@@@=====@@@=- -=@@@=@@@@@@===@@@=------=@@ " +echo " -@@-------@@@=@@@@@@@@@@@@@@@=- -=@@@@@@@@=@@@=-------=@@ " +echo " @@=-------=@@@@@@@@@@@@@@@= -=@@@=@@@@=--------@@= " +echo " -@@--------=@@======@@@@- -=@@@@@@=--------=@@ " +echo " =@@--------@@@===@@@=- --=@@@@@@=@@@--------=@@- " +echo " =@@--------@@@@@@=- -==@@@@@=====@@@--------=@@- " +echo " =@@=-------@@@= -==@@@@@@@=====@@@@=--------=@@- " +echo " -@@=----=@@- -==@@@@@@@@@@@@@@@@@==---------=@@= " +echo " =@@==@@- -==@@@@@=========@@@@@=-----------=@@@- " +echo " -@@=- --=@@@==-=@@@@@@@@@@@@@=-------------=@@=- " +echo " -@@= --=@@@==----------=======-------------==@@@= " +echo " -@@=-==@==-=@@@===------------------------==@@@@= " +echo " =@@@@==- -==@@@@@======----======@@@@@=-- " +echo " =@@=-- --===@@@@@@@@@@@===-- " +echo +echo "***********************************" +echo "* RaspiBlitz Commandline" +echo "* Here be dragons .. have fun :)" +echo "***********************************" +if [ "${setupPhase}" == "done" ]; then + echo "Bitcoin command line options: ${network}-cli help" + if [ "${lightning}" == "lnd" ]; then + echo "LND command line options: lncli -h" + fi + if [ "${lightning}" == "cl" ]; then + echo "C-Lightning command line options: lightning-cli help" fi -fi - -## default menu settings -# to fit the main menu without scrolling: -HEIGHT=13 -WIDTH=64 -CHOICE_HEIGHT=6 -BACKTITLE="RaspiBlitz" -TITLE="" -MENU="Choose one of the following options:" -OPTIONS=() - -# check if RTL web interface is installed -runningRTL=$(sudo ls /etc/systemd/system/RTL.service 2>/dev/null | grep -c 'RTL.service') - -# function to use later -waitUntilChainNetworkIsReady() -{ - source ${configFile} - echo "checking ${network}d - please wait .." - echo "can take longer if device was off or first time" - - # check for error on network - sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 1>/dev/null 2>error.tmp - clienterror=`cat error.tmp` - rm error.tmp - - # check for missing blockchain data - if [ "${network}" = "bitcoin" ]; then - if [ "${chain}" = "main" ]; then - minSize=210000000000 - else - minSize=27000000000 - fi - elif [ "${network}" = "litecoin" ]; then - if [ "${chain}" = "main" ]; then - minSize=20000000000 - else - minSize=27000000000 - fi - else - minSize=210000000000000 - fi - isSyncing=$(sudo ls -la /mnt/hdd/${network}/blocks/.selfsync 2>/dev/null | grep -c '.selfsync') - blockchainsize=$(sudo du -shbc /mnt/hdd/${network}/ 2>/dev/null | head -n1 | awk '{print $1;}') - if [ ${#blockchainsize} -gt 0 ]; then - if [ ${blockchainsize} -lt ${minSize} ]; then - if [ ${isSyncing} -eq 0 ]; then - echo "blockchainsize(${blockchainsize})" - echo "Missing Blockchain Data (<${minSize}) ..." - clienterror="missing blockchain" - sleep 3 - fi - fi - fi - - if [ ${#clienterror} -gt 0 ]; then - #echo "clienterror(${clienterror})" - - # analyse LOGS for possible reindex - reindex=$(sudo cat /mnt/hdd/${network}/debug.log 2>/dev/null | grep -c 'Please restart with -reindex or -reindex-chainstate to recover') - if [ ${reindex} -gt 0 ]; then - # dismiss if its just a date thing - futureBlock=$(sudo tail /mnt/hdd/${network}/debug.log 2>/dev/null | grep "Please restart with -reindex or -reindex-chainstate to recover" | grep -c "block database contains a block which appears to be from the future") - if [ ${futureBlock} -gt 0 ]; then - blockchainBroken=0 - echo "-> Ignore reindex - its just a future block" - fi - if [ ${isSyncing} -gt 0 ]; then - reindex=0 - fi - fi - if [ ${reindex} -gt 0 ] || [ "${clienterror}" = "missing blockchain" ]; then - - if [ ${reindex} -gt 0 ]; then - echo "!! DETECTED NEED FOR RE-INDEX in debug.log ... starting repair options." - sudo sed -i "s/^state=.*/state=repair/g" /home/admin/raspiblitz.info - sleep 3 - fi - - whiptail --title "Blockchain not Complete" --yes-button "DELETE+REPAIR" --no-button "Continue Sync" --yesno "Your blockchain data is not complete (yet). - -You can try to sync the chain further but if your stuck -this can be due to power problems or a failing HDD. -For more info see: https://raspiblitz.org -> FAQ - -If you choose to DELETE+REPAIR the old blockchain gets -deleted but your Lightning funds & channel not be touched. - -How do you want to continue? -" 15 65 - if [ $? -eq 0 ]; then - #delete+repair - clear - echo "***********************************************************" - echo "DELETE+REPAIR blockchain ..." - echo "***********************************************************" - /home/admin/XXcleanHDD.sh -blockchain -force - /home/admin/98repairBlockchain.sh - /home/admin/00raspiblitz.sh - exit - else - # ignore - just delete blockchain logfile - clear - echo "***********************************************************" - echo "CONTINUE SYNC blockchain ..." - echo "***********************************************************" - fi - - fi - - # let 80scanLND script to the info to use - /home/admin/80scanLND.sh - if [ $? -gt 0 ]; then - echo "${network} error: ${clienterror}" - exit 0 - fi - fi - - while : - do - - locked=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net getinfo 2>&1 | grep -c unlock) - if [ ${locked} -gt 0 ]; then - uptime=$(awk '{printf("%d\n",$1 + 0.5)}' /proc/uptime) - if [ "${autoUnlock}" == "on" ] && [ ${uptime} -lt 300 ]; then - # give autounlock 5 min after startup to react - sleep 1 - else - # check how many times LND was restarted - source <(sudo /home/admin/config.scripts/blitz.statusscan.sh) - if [ ${startcountLightning} -lt 4 ]; then - /home/admin/config.scripts/lnd.unlock.sh - echo "Starting up Wallet ... (10sec)" - sleep 5 - sleep 5 - echo "please wait ... update to next screen can be slow" - else - /home/admin/80scanLND.sh lightning-error - sudo rm /home/admin/systemd.lightning.log - echo "(exit after too much restarts/unlocks - restart to try again)" - exit 0 - fi - fi - fi - lndSynced=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net getinfo 2>/dev/null | jq -r '.synced_to_chain' | grep -c true) - if [ ${lndSynced} -eq 0 ]; then - /home/admin/80scanLND.sh - if [ $? -gt 0 ]; then - exit 0 - fi - else - # everything is ready - return from loop - return - fi - sleep 5 - done -} - -if [ ${#setupStep} -eq 0 ]; then - echo "WARN: no setup step found in raspiblitz.info" - setupStep=0 -fi -if [ ${setupStep} -eq 0 ]; then - - - # start setup - BACKTITLE="RaspiBlitz - Setup" - TITLE="⚡ Welcome to your RaspiBlitz ⚡" - MENU="\nChoose how you want to setup your RaspiBlitz: \n " - OPTIONS+=(BITCOIN "Setup BITCOIN and Lightning (DEFAULT)" \ - LITECOIN "Setup LITECOIN and Lightning (EXPERIMENTAL)" \ - MIGRATION "Upload a Migration File from old RaspiBlitz" ) - HEIGHT=12 - -elif [ ${setupStep} -lt 100 ]; then - - # continue setup - BACKTITLE="${hostname} / ${network} / ${chain}" - TITLE="⚡ Welcome to your RaspiBlitz ⚡" - MENU="\nThe setup process is not finished yet: \n " - OPTIONS+=(CONTINUE "Continue Setup of your RaspiBlitz") - HEIGHT=10 - else - - # check if LND needs re-setup - source <(sudo /home/admin/config.scripts/lnd.check.sh basic-setup) - if [ "${wallet}" == "0" ] || [ "${macaroon}" == "0" ] || [ "${config}" == "0" ] || [ "${tls}" == "0" ]; then - echo "WARN: LND needs re-setup" - /home/admin/70initLND.sh - exit 0 - fi - - # wait all is synced and ready - waitUntilChainNetworkIsReady - - # check if there is a channel.backup to activate - gotSCB=$(ls /home/admin/channel.backup 2>/dev/null | grep -c 'channel.backup') - if [ ${gotSCB} -eq 1 ]; then - - echo "*** channel.backup Recovery ***" - lncli --chain=${network} restorechanbackup --multi_file=/home/admin/channel.backup 2>/home/admin/.error.tmp - error=`cat /home/admin/.error.tmp` - rm /home/admin/.error.tmp 2>/dev/null - - if [ ${#error} -gt 0 ]; then - - # output error message - echo "" - echo "!!! FAIL !!! SOMETHING WENT WRONG:" - echo "${error}" - - # check if its possible to give background info on the error - notMachtingSeed=$(echo $error | grep -c 'unable to unpack chan backup') - if [ ${notMachtingSeed} -gt 0 ]; then - echo "--> ERROR BACKGROUND:" - echo "The WORD SEED is not matching the channel.backup file." - echo "Either there was an error in the word seed list or" - echo "or the channel.backup file is from another RaspiBlitz." - echo - fi - - # basic info on error - echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo - echo "You can try after full setup to restore channel.backup file again with:" - echo "lncli --chain=${network} restorechanbackup --multi_file=/home/admin/channel.backup" - echo - echo "Press ENTER to continue for now ..." - read key - else - mv /home/admin/channel.backup /home/admin/channel.backup.done - dialog --title " OK channel.backup IMPORT " --msgbox " -LND accepted the channel.backup file you uploaded. -It will now take around a hour until you can see, -if LND was able to recover funds from your channels. - " 9 56 - fi - - fi - - # check if DNS is working (if not it will trigger dialog) - sudo /home/admin/config.scripts/internet.dns.sh test - - #forward to main menu - /home/admin/00mainMenu.sh - exit 0 - + echo "Your setup is not finished." + echo "For setup logs: cat raspiblitz.log" + echo "or call the command 'debug' to see bigger report." fi - -CHOICE=$(dialog --clear \ - --backtitle "$BACKTITLE" \ - --title "$TITLE" \ - --menu "$MENU" \ - $HEIGHT $WIDTH $CHOICE_HEIGHT \ - "${OPTIONS[@]}" \ - 2>&1 >/dev/tty) - -clear -case $CHOICE in - CLOSE) - exit 1; - ;; - BITCOIN) - # set network info - sed -i "s/^network=.*/network=bitcoin/g" ${infoFile} - sed -i "s/^chain=.*/chain=main/g" ${infoFile} - ###### OPTIMIZE IF RAM >1GB - kbSizeRAM=$(cat /proc/meminfo | grep "MemTotal" | sed 's/[^0-9]*//g') - if [ ${kbSizeRAM} -gt 1500000 ]; then - echo "Detected RAM >1GB --> optimizing ${network}.conf" - sudo sed -i "s/^dbcache=.*/dbcache=512/g" /home/admin/assets/bitcoin.conf - sudo sed -i "s/^maxmempool=.*/maxmempool=300/g" /home/admin/assets/bitcoin.conf - fi - /home/admin/10setupBlitz.sh - exit 1; - ;; - LITECOIN) - /home/admin/config.scripts/blitz.litecoin.sh on - /home/admin/10setupBlitz.sh - exit 1; - ;; - MANUAL) - echo "************************************************************************************" - echo "PLEASE go to RaspiBlitz FAQ:" - echo "https://github.com/rootzoll/raspiblitz" - echo "And check: How can I recover my coins from a failing RaspiBlitz?" - echo "************************************************************************************" - exit 0 - ;; - MIGRATION) - sudo /home/admin/config.scripts/blitz.migration.sh "import-gui" - # on error clean & repeat - if [ "$?" = "1" ]; then - echo - echo "# clean and unmount for next try" - sudo rm -f ${defaultZipPath}/raspiblitz-*.tar.gz 2>/dev/null - sudo umount /mnt/hdd 2>/dev/null - sudo umount /mnt/storage 2>/dev/null - sudo umount /mnt/temp 2>/dev/null - sleep 2 - /home/admin/00raspiblitz.sh - fi - exit 0 - ;; - CONTINUE) - /home/admin/10setupBlitz.sh - exit 1; - ;; -esac +echo "Blitz command line options: blitzhelp" +echo "Back to menus use command: raspiblitz" +echo +exit 0 diff --git a/home.admin/00settingsMenuBasics.sh b/home.admin/00settingsMenuBasics.sh index 9715dce11..a3c9701d7 100755 --- a/home.admin/00settingsMenuBasics.sh +++ b/home.admin/00settingsMenuBasics.sh @@ -9,31 +9,47 @@ echo "services default values" if [ ${#autoPilot} -eq 0 ]; then autoPilot="off"; fi if [ ${#autoUnlock} -eq 0 ]; then autoUnlock="off"; fi if [ ${#runBehindTor} -eq 0 ]; then runBehindTor="off"; fi -if [ ${#chain} -eq 0 ]; then chain="main"; fi if [ ${#autoNatDiscovery} -eq 0 ]; then autoNatDiscovery="off"; fi if [ ${#networkUPnP} -eq 0 ]; then networkUPnP="off"; fi if [ ${#touchscreen} -eq 0 ]; then touchscreen=0; fi if [ ${#lcdrotate} -eq 0 ]; then lcdrotate=0; fi if [ ${#zerotier} -eq 0 ]; then zerotier="off"; fi if [ ${#circuitbreaker} -eq 0 ]; then circuitbreaker="off"; fi +if [ ${#clboss} -eq 0 ]; then clboss="off"; fi +if [ ${#clEncryptedHSM} -eq 0 ]; then clEncryptedHSM="off"; fi +if [ ${#clAutoUnlock} -eq 0 ]; then clAutoUnlock="off"; fi -echo "map dropboxbackup to on/off" -DropboxBackup="off" -if [ ${#dropboxBackupTarget} -gt 0 ]; then DropboxBackup="on"; fi +echo "# map LND to on/off" +lndNode="off" +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + lndNode="on" +fi -echo "map localbackup to on/off" +echo "# map CL to on/off" +clNode="off" +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + clNode="on" +fi + +echo "map nextcloudbackup to on/off" +NextcloudBackup="off" +if [ $nextcloudBackupServer ] && [ $nextcloudBackupUser ] && [ $nextcloudBackupPassword ]; then NextcloudBackup="on"; fi + +echo "# map localbackup to on/off" LocalBackup="off" if [ ${#localBackupDeviceUUID} -gt 0 ] && [ "${localBackupDeviceUUID}" != "off" ]; then LocalBackup="on"; fi -echo "map zerotier to on/off" +echo "# map zerotier to on/off" zerotierSwitch="off" if [ "${zerotier}" != "off" ]; then zerotierSwitch="on"; fi -echo "map chain to on/off" -chainValue="off" -if [ "${chain}" = "test" ]; then chainValue="on"; fi +echo "# map parallel testnets to on/off" +parallelTestnets="off" +if [ "${testnet}" == "on" ] || [ "${signet}" == "on" ]; then + parallelTestnets="on" +fi -echo "map domain to on/off" +echo "# map domain to on/off" domainValue="off" dynDomainMenu='DynamicDNS' if [ ${#dynDomain} -gt 0 ]; then @@ -41,175 +57,118 @@ if [ ${#dynDomain} -gt 0 ]; then dynDomainMenu="${dynDomain}" fi -echo "map lcdrotate to on/off" +echo "# map lcdrotate to on/off" lcdrotateMenu='off' if [ ${lcdrotate} -gt 0 ]; then lcdrotateMenu='on' fi -echo "map touchscreen to on/off" +echo "# map touchscreen to on/off" touchscreenMenu='off' if [ ${touchscreen} -gt 0 ]; then touchscreenMenu='on' fi -echo "check autopilot by lnd.conf" -lndAutoPilotOn=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep -c 'autopilot.active=1') +echo "# map autopilot to on/off" +lndAutoPilotOn=$(sudo cat /mnt/hdd/lnd/lnd.conf 2>/dev/null | grep -c 'autopilot.active=1') if [ ${lndAutoPilotOn} -eq 1 ]; then autoPilot="on" else autoPilot="off" fi -echo "map keysend to on/off" +echo "# map keysend to on/off" keysend="on" source <(sudo /home/admin/config.scripts/lnd.keysend.sh status) if [ ${keysendOn} -eq 0 ]; then keysend="off" fi +echo "# map clboss to on/off" +clbossMenu='off' +if [ "${clboss}" == "on" ]; then + clbossMenu='on' +fi + +echo "# map clEncryptedHSM to on/off" +clEncryptedHSMMenu='off' +if [ "${clEncryptedHSM}" == "on" ]; then + clEncryptedHSMMenu='on' +fi + +echo "# map clAutoUnlock to on/off" +clAutoUnlockMenu='off' +if [ "${clAutoUnlock}" == "on" ]; then + clAutoUnlockMenu='on' +fi + # show select dialog echo "run dialog ..." - # BASIC MENU INFO -HEIGHT=19 # add 6 to CHOICE_HEIGHT + MENU lines -WIDTH=45 -CHOICE_HEIGHT=11 # 1 line / OPTIONS OPTIONS=() -OPTIONS+=(t 'Run behind TOR' ${runBehindTor}) +# LCD options (only when running with LCD screen) if [ "${displayClass}" == "lcd" ]; then OPTIONS+=(s 'Touchscreen' ${touchscreenMenu}) OPTIONS+=(r 'LCD Rotate' ${lcdrotateMenu}) fi -OPTIONS+=(a 'Channel Autopilot' ${autoPilot}) -OPTIONS+=(k 'Accept Keysend' ${keysend}) -OPTIONS+=(n 'Testnet' ${chainValue}) -OPTIONS+=(c 'Circuitbreaker (LND firewall)' ${circuitbreaker}) -OPTIONS+=(u 'LND Auto-Unlock' ${autoUnlock}) -OPTIONS+=(d 'StaticChannelBackup on DropBox' ${DropboxBackup}) -OPTIONS+=(e 'StaticChannelBackup on USB Drive' ${LocalBackup}) + +# Important basic options +OPTIONS+=(t 'Run behind Tor' ${runBehindTor}) OPTIONS+=(z 'ZeroTier' ${zerotierSwitch}) if [ ${#runBehindTor} -eq 0 ] || [ "${runBehindTor}" = "off" ]; then OPTIONS+=(y ${dynDomainMenu} ${domainValue}) OPTIONS+=(b 'BTC UPnP (AutoNAT)' ${networkUPnP}) - OPTIONS+=(l 'LND UPnP (AutoNAT)' ${autoNatDiscovery}) -fi +fi +OPTIONS+=(p 'Parallel Testnet/Signet' ${parallelTestnets}) -CHOICES=$(dialog \ - --title ' Node Settings & Options ' \ - --checklist ' use spacebar to activate/de-activate ' \ - $HEIGHT $WIDTH $CHOICE_HEIGHT \ - "${OPTIONS[@]}" 2>&1 >/dev/tty) +# LND & options (only when running LND) +OPTIONS+=(m 'LND LIGHTNING LABS NODE' ${lndNode}) +if [ "${lndNode}" == "on" ]; then + OPTIONS+=(a '-LND Channel Autopilot' ${autoPilot}) + OPTIONS+=(k '-LND Accept Keysend' ${keysend}) + OPTIONS+=(c '-LND Circuitbreaker (firewall)' ${circuitbreaker}) + OPTIONS+=(u '-LND Auto-Unlock' ${autoUnlock}) + OPTIONS+=(x '-LND StaticChannelBackup on Nextcloud' ${NextcloudBackup}) + OPTIONS+=(e '-LND StaticChannelBackup USB Drive' ${LocalBackup}) + OPTIONS+=(l '-LND UPnP (AutoNAT)' ${autoNatDiscovery}) +fi +# C-Lightning & options/PlugIns +OPTIONS+=(n 'CL C-LIGHTNING NODE' ${clNode}) +if [ "${clNode}" == "on" ]; then + OPTIONS+=(o '-CL CLBOSS Automatic Node Manager' ${clbossMenu}) + OPTIONS+=(h '-CL Wallet Encryption' ${clEncryptedHSMMenu}) + if [ "${clEncryptedHSM}" == "on" ]; then + OPTIONS+=(q '-CL Auto-Unlock' ${clAutoUnlockMenu}) + fi +fi + +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) +CHOICES=$(dialog --title ' Node Settings & Options ' --checklist ' use spacebar to activate/de-activate ' $HEIGHT 55 $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty) dialogcancel=$? -echo "done dialog" clear # check if user canceled dialog -echo "dialogcancel(${dialogcancel})" +echo "dialogcancel(${dialogcancel}) (${CHOICE_HEIGHT})" if [ ${dialogcancel} -eq 1 ]; then echo "user canceled" - exit 1 + exit 0 elif [ ${dialogcancel} -eq 255 ]; then echo "ESC pressed" - exit 1 + exit 0 fi needsReboot=0 anychange=0 -# TESTNET process choice - KEEP FIRST IN ORDER -choice="main"; check=$(echo "${CHOICES}" | grep -c "n") -if [ ${check} -eq 1 ]; then choice="test"; fi -if [ "${chain}" != "${choice}" ]; then - if [ "${network}" = "litecoin" ] && [ "${choice}"="test" ]; then - dialog --title 'FAIL' --msgbox 'Litecoin-Testnet not available.' 5 25 - elif [ "${BTCRPCexplorer}" = "on" ]; then - dialog --title 'NOTICE' --msgbox 'Please turn off BTC-RPC-Explorer FIRST\nbefore changing testnet.' 6 45 - exit 1 - elif [ "${BTCPayServer}" = "on" ]; then - dialog --title 'NOTICE' --msgbox 'Please turn off BTC-Pay-Server FIRST\nbefore changing testnet.' 6 45 - exit 1 - elif [ "${ElectRS}" = "on" ]; then - dialog --title 'NOTICE' --msgbox 'Please turn off Electrum-Rust-Server FIRST\nbefore changing testnet.' 6 48 - exit 1 - elif [ "${loop}" = "on" ]; then - dialog --title 'NOTICE' --msgbox 'Please turn off Loop-Service FIRST\nbefore changing testnet.' 6 48 - exit 1 - else - echo "Testnet Setting changed .." - anychange=1 - sudo /home/admin/config.scripts/network.chain.sh ${choice}net - walletExists=$(sudo ls /mnt/hdd/lnd/data/chain/${network}/${choice}net/wallet.db 2>/dev/null | grep -c 'wallet.db') - if [ ${walletExists} -eq 0 ]; then - echo "Need to creating a new wallet ... wait 20secs" - sudo systemctl start lnd - sleep 20 - tryAgain=1 - while [ ${tryAgain} -eq 1 ] - do - echo "****************************************************************************" - echo "Creating a new LND Wallet for ${network}/${choice}net" - echo "****************************************************************************" - echo "A) For 'Wallet Password' use your PASSWORD C --> !! minimum 8 characters !!" - echo "B) Answer 'n' because you don't have a 'cipher seed mnemonic' (24 words) yet" - echo "C) For 'passphrase' to encrypt your 'cipher seed' use PASSWORD D (optional)" - echo "****************************************************************************" - sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net create 2>error.out - error=`sudo cat error.out` - if [ ${#error} -eq 0 ]; then - sleep 2 - # WIN - tryAgain=0 - echo "!!! Make sure to write down the 24 words (cipher seed mnemonic) !!!" - echo "If you are ready. Press ENTER." - else - # FAIL - tryAgain=1 - echo "!!! FAIL ---> SOMETHING WENT WRONG !!!" - echo "${error}" - echo "Press ENTER to retry ... or CTRL-c to EXIT" - fi - read key - done - echo "Check for Macaroon .. (10sec)" - sleep 10 - macaroonExists=$(sudo ls /home/bitcoin/.lnd/data/chain/${network}/${choice}net/admin.macaroon | grep -c 'admin.macaroon') - if [ ${macaroonExists} -eq 0 ]; then - echo "*** PLEASE UNLOCK your wallet with PASSWORD C to create macaroon" - lncli unlock 2>/dev/null - sleep 6 - fi - macaroonExists=$(sudo ls /home/bitcoin/.lnd/data/chain/${network}/${choice}net/admin.macaroon | grep -c 'admin.macaroon') - if [ ${macaroonExists} -eq 0 ]; then - echo "FAIL --> Was not able to create macaroon" - echo "Please report problem." - exit 1 - fi - echo "stopping lnd again" - sleep 5 - sudo systemctl stop lnd - fi - - echo "Update Admin Macaroon" - sudo rm -r /home/admin/.lnd/data/chain/${network}/${choice}net 2>/dev/null - sudo mkdir /home/admin/.lnd/data/chain/${network}/${choice}net - sudo cp /home/bitcoin/.lnd/data/chain/${network}/${choice}net/admin.macaroon /home/admin/.lnd/data/chain/${network}/${choice}net - sudo chown -R admin:admin /home/admin/.lnd/ - - needsReboot=1 - fi -else - echo "Testnet Setting unchanged." -fi - -# AUTOPILOT process choice +# LND AUTOPILOT process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "a") if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${autoPilot}" != "${choice}" ]; then +if [ "${autoPilot}" != "${choice}" ] && [ "${lndNode}" == "on" ]; then echo "Autopilot Setting changed .." anychange=1 sudo /home/admin/config.scripts/lnd.autopilot.sh ${choice} @@ -251,10 +210,10 @@ else echo "BTC UPnP Setting unchanged." fi -# AutoNAT +# LND AutoNAT choice="off"; check=$(echo "${CHOICES}" | grep -c "l") if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${autoNatDiscovery}" != "${choice}" ]; then +if [ "${autoNatDiscovery}" != "${choice}" ] && [ "${lndNode}" == "on" ]; then echo "AUTO NAT Setting changed .." anychange=1 if [ "${choice}" = "on" ]; then @@ -272,20 +231,20 @@ else echo "LND AUTONAT Setting unchanged." fi -# TOR process choice +# Tor process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "t") if [ ${check} -eq 1 ]; then choice="on"; fi if [ "${runBehindTor}" != "${choice}" ]; then - echo "TOR Setting changed .." + echo "Tor Setting changed .." - # special actions if TOR is turned on + # special actions if Tor is turned on if [ "${choice}" = "on" ]; then # inform user about privacy risk whiptail --title " PRIVACY NOTICE " --msgbox " -RaspiBlitz will now install/activate TOR & after reboot run behind it. +RaspiBlitz will now install/activate Tor & after reboot run behind it. -Please keep in mind that thru your LND node id & your previous IP history with your internet provider your lightning node could still be linked to your personal id even when running behind TOR. To unlink you from that IP history its recommended that after the switch/reboot to TOR you also use the REPAIR > RESET-LND option to create a fresh LND wallet. That might involve closing all channels & move your funds out of RaspiBlitz before that RESET-LND. +Please keep in mind that thru your LND node id & your previous IP history with your internet provider your lightning node could still be linked to your personal id even when running behind Tor. To unlink you from that IP history its recommended that after the switch/reboot to Tor you also use the REPAIR > RESET-LND option to create a fresh LND wallet. That might involve closing all channels & move your funds out of RaspiBlitz before that RESET-LND. " 16 76 # make sure AutoNAT & UPnP is off @@ -293,19 +252,19 @@ Please keep in mind that thru your LND node id & your previous IP history with y /home/admin/config.scripts/network.upnp.sh off fi - # change TOR + # change Tor anychange=1 sudo /home/admin/config.scripts/internet.tor.sh ${choice} needsReboot=1 else - echo "TOR Setting unchanged." + echo "Tor Setting unchanged." fi # LND Auto-Unlock choice="off"; check=$(echo "${CHOICES}" | grep -c "u") if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${autoUnlock}" != "${choice}" ]; then +if [ "${autoUnlock}" != "${choice}" ] && [ "${lndNode}" == "on" ]; then echo "LND Autounlock Setting changed .." anychange=1 sudo /home/admin/config.scripts/lnd.autounlock.sh ${choice} @@ -348,10 +307,10 @@ else echo "Touchscreen Setting unchanged." fi -# circuitbreaker +# LND circuitbreaker choice="off"; check=$(echo "${CHOICES}" | grep -c "c") if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${circuitbreaker}" != "${choice}" ]; then +if [ "${circuitbreaker}" != "${choice}" ] && [ "${lndNode}" == "on" ]; then echo "Circuitbreaker Setting changed .." anychange=1 sudo /home/admin/config.scripts/bonus.circuitbreaker.sh ${choice} @@ -359,20 +318,20 @@ else echo "Circuitbreaker Setting unchanged." fi -# DropBox process choice -choice="off"; check=$(echo "${CHOICES}" | grep -c "d") +# Nextcloud process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "x") if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${DropboxBackup}" != "${choice}" ]; then - echo "DropBox Setting changed .." +if [ "${NextcloudBackup}" != "${choice}" ]; then + echo "Nextcloud Setting changed .." anychange=1 - sudo -u admin /home/admin/config.scripts/dropbox.upload.sh ${choice} + sudo -u admin /home/admin/config.scripts/nextcloud.upload.sh ${choice} if [ "${choice}" = "on" ]; then # doing initial upload so that user can see result source /mnt/hdd/raspiblitz.conf - sudo /home/admin/config.scripts/dropbox.upload.sh upload ${dropboxBackupTarget} /mnt/hdd/lnd/data/chain/${network}/${chain}net/channel.backup + sudo /home/admin/config.scripts/nextcloud.upload.sh upload /mnt/hdd/lnd/data/chain/${network}/${chain}net/channel.backup fi else - echo "Dropbox backup setting unchanged." + echo "Nextcloud backup setting unchanged." fi # LocalBackup process choice @@ -386,15 +345,16 @@ else echo "BackupdDevice setting unchanged." fi -# Keysend process choice +# LND Keysend process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "k") if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${keysend}" != "${choice}" ]; then +if [ "${keysend}" != "${choice}" ] && [ "${lndNode}" == "on" ]; then echo "keysend setting changed .." anychange=1 - needsReboot=1 sudo -u admin /home/admin/config.scripts/lnd.keysend.sh ${choice} - dialog --msgbox "Accept Keysend is now ${choice} after Reboot." 5 46 + sudo systemctl restart lnd + dialog --msgbox "Accept Keysend on LND mainnet is now ${choice}.\n\nLND restarted - you might need to unlock wallet." 7 52 + sudo -u admin /home/admin/config.scripts/lnd.unlock.sh else echo "keysend setting unchanged." fi @@ -423,6 +383,134 @@ else echo "ZeroTier setting unchanged." fi +# LND choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "m") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${lndNode}" != "${choice}" ]; then + anychange=1 + echo "# LND NODE Setting changed .." + if [ "${choice}" = "on" ]; then + echo "# turning ON" + /home/admin/config.scripts/lnd.install.sh on mainnet initwallet + sudo /home/admin/config.scripts/lnd.install.sh display-seed mainnet delete + if [ "${testnet}" == "on" ]; then + /home/admin/config.scripts/lnd.install.sh on testnet initwallet + fi + if [ "${signet}" == "on" ]; then + /home/admin/config.scripts/lnd.install.sh on signet initwallet + fi + else + echo "# turning OFF" + /home/admin/config.scripts/lnd.install.sh off mainnet + /home/admin/config.scripts/lnd.install.sh off testnet + /home/admin/config.scripts/lnd.install.sh off signet + fi +else + echo "LND NODE setting unchanged." +fi + +# CL choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "n") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${clNode}" != "${choice}" ]; then + anychange=1 + echo "# C-Lightning NODE Setting changed .." + if [ "${choice}" = "on" ]; then + echo "# turning ON" + /home/admin/config.scripts/cl.install.sh on mainnet + sudo /home/admin/config.scripts/cl.install.sh display-seed mainnet + if [ "${testnet}" == "on" ]; then + /home/admin/config.scripts/cl.install.sh on testnet + fi + if [ "${signet}" == "on" ]; then + /home/admin/config.scripts/cl.install.sh on signet + fi + else + echo "# turning OFF" + /home/admin/config.scripts/cl.install.sh off mainnet + /home/admin/config.scripts/cl.install.sh off testnet + /home/admin/config.scripts/cl.install.sh off signet + fi +else + echo "C-Lightning NODE setting unchanged." +fi + +# CLBOSS process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "o") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${clboss}" != "${choice}" ] && [ "${clNode}" == "on" ]; then + echo "CLBOSS Setting changed .." + anychange=1 + sudo /home/admin/config.scripts/cl-plugin.clboss.sh ${choice} + needsReboot=0 +else + echo "CLBOSS Setting unchanged." +fi + +# clEncryptedHSM process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "h") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${clEncryptedHSM}" != "${choice}" ] && [ "${clNode}" == "on" ]; then + echo "clEncryptedHSM Setting changed .." + anychange=1 + if [ "${choice}" == "on" ]; then + /home/admin/config.scripts/cl.hsmtool.sh encrypt mainnet + else + /home/admin/config.scripts/cl.hsmtool.sh decrypt mainnet + fi + needsReboot=0 +else + echo "clEncryptedHSM Setting unchanged." +fi + +# clAutoUnlock process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "q") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${clAutoUnlock}" != "${choice}" ] && [ "${clNode}" == "on" ]; then + echo "clAutoUnlock Setting changed .." + anychange=1 + if [ "${choice}" == "on" ]; then + /home/admin/config.scripts/cl.hsmtool.sh autounlock-on mainnet + else + /home/admin/config.scripts/cl.hsmtool.sh autounlock-off mainnet + fi + needsReboot=0 +else + echo "clAutoUnlock Setting unchanged." +fi + +# parallel testnet process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "p") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${testnet}" != "${choice}" ]; then + echo "# Parallel Testnets Setting changed .." + anychange=1 + if [ "${choice}" = "on" ]; then + /home/admin/config.scripts/bitcoin.install.sh on testnet + /home/admin/config.scripts/bitcoin.install.sh on signet + if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + /home/admin/config.scripts/lnd.install.sh on testnet initwallet + /home/admin/config.scripts/lnd.install.sh on signet initwallet + fi + if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + /home/admin/config.scripts/cl.install.sh on testnet + /home/admin/config.scripts/cl.install.sh on signet + fi + else + # just turn al lightning testnets off (even if not on before) + /home/admin/config.scripts/lnd.install.sh off testnet + /home/admin/config.scripts/lnd.install.sh off signet + /home/admin/config.scripts/cl.install.sh off testnet + /home/admin/config.scripts/cl.install.sh off signet + /home/admin/config.scripts/bitcoin.install.sh off testnet + /home/admin/config.scripts/bitcoin.install.sh off signet + fi + # make sure to reboot - nodes that people activate testnets can take a reboot + needsReboot=1 +else + echo "# Testnet Setting unchanged." +fi + if [ ${anychange} -eq 0 ]; then dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58 exit 0 @@ -436,5 +524,5 @@ if [ ${needsReboot} -eq 1 ]; then # stop bitcoind sudo -u bitcoin ${network}-cli stop sleep 4 - sudo /home/admin/XXshutdown.sh reboot + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot fi diff --git a/home.admin/00settingsMenuServices.sh b/home.admin/00settingsMenuServices.sh index 899ae2fa6..b00855705 100755 --- a/home.admin/00settingsMenuServices.sh +++ b/home.admin/00settingsMenuServices.sh @@ -6,7 +6,9 @@ source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf echo "services default values" +if [ ${#runBehindTor} -eq 0 ]; then runBehindTor="off"; fi if [ ${#rtlWebinterface} -eq 0 ]; then rtlWebinterface="off"; fi +if [ ${#crtlWebinterface} -eq 0 ]; then crtlWebinterface="off"; fi if [ ${#BTCRPCexplorer} -eq 0 ]; then BTCRPCexplorer="off"; fi if [ ${#specter} -eq 0 ]; then specter="off"; fi if [ ${#BTCPayServer} -eq 0 ]; then BTCPayServer="off"; fi @@ -22,30 +24,47 @@ if [ ${#sphinxrelay} -eq 0 ]; then sphinxrelay="off"; fi if [ ${#lit} -eq 0 ]; then lit="off"; fi if [ ${#whitepaper} -eq 0 ]; then whitepaper="off"; fi if [ ${#chantools} -eq 0 ]; then chantools="off"; fi +if [ ${#sparko} -eq 0 ]; then sparko="off"; fi +if [ ${#spark} -eq 0 ]; then spark="off"; fi # show select dialog echo "run dialog ..." OPTIONS=() -OPTIONS+=(e 'Electrum Rust Server' ${ElectRS}) -OPTIONS+=(r 'RTL Webinterface' ${rtlWebinterface}) -OPTIONS+=(t 'ThunderHub' ${thunderhub}) -OPTIONS+=(l 'LIT (loop, pool, faraday)' ${lit}) -OPTIONS+=(p 'BTCPayServer' ${BTCPayServer}) -OPTIONS+=(i 'LNbits' ${LNBits}) -OPTIONS+=(b 'BTC-RPC-Explorer' ${BTCRPCexplorer}) -OPTIONS+=(s 'Cryptoadvance Specter' ${specter}) -OPTIONS+=(a 'Mempool Space' ${mempoolExplorer}) -OPTIONS+=(j 'JoinMarket' ${joinmarket}) -OPTIONS+=(o 'Balance of Satoshis' ${bos}) -OPTIONS+=(x 'Sphinx-Relay' ${sphinxrelay}) -OPTIONS+=(y 'PyBLOCK' ${pyblock}) -OPTIONS+=(c 'ChannelTools (Fund Rescue)' ${chantools}) -OPTIONS+=(w 'Download Bitcoin Whitepaper' ${whitepaper}) -CHOICES=$(dialog --title ' Additional Services ' \ +# just available for BTC +if [ "${network}" == "bitcoin" ]; then + OPTIONS+=(e 'BTC Electrum Rust Server' ${ElectRS}) + OPTIONS+=(p 'BTC PayServer' ${BTCPayServer}) + OPTIONS+=(b 'BTC RPC-Explorer' ${BTCRPCexplorer}) + OPTIONS+=(s 'BTC Specter Desktop' ${specter}) + OPTIONS+=(a 'BTC Mempool Space' ${mempoolExplorer}) + OPTIONS+=(j 'BTC JoinMarket+JoininBox menu' ${joinmarket}) + OPTIONS+=(w 'BTC Download Bitcoin Whitepaper' ${whitepaper}) +fi + +# just available for LND +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(r 'LND RTL Webinterface' ${rtlWebinterface}) + OPTIONS+=(t 'LND ThunderHub' ${thunderhub}) + OPTIONS+=(l 'LND LIT (loop, pool, faraday)' ${lit}) + OPTIONS+=(i 'LND LNbits' ${LNBits}) + OPTIONS+=(o 'LND Balance of Satoshis' ${bos}) + OPTIONS+=(y 'LND PyBLOCK' ${pyblock}) + OPTIONS+=(h 'LND ChannelTools (Fund Rescue)' ${chantools}) + OPTIONS+=(x 'LND Sphinx-Relay' ${sphinxrelay}) +fi + +# just available for CL +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + OPTIONS+=(c 'C-Lightning RTL Webinterface' ${crtlWebinterface}) + OPTIONS+=(k 'C-Lightning Sparko WebWallet' ${sparko}) + OPTIONS+=(n 'C-Lightning Spark Wallet' ${spark}) +fi + +CHOICES=$(dialog --title ' Additional Mainnet Services ' \ --checklist ' use spacebar to activate/de-activate ' \ - 22 45 15 "${OPTIONS[@]}" 2>&1 >/dev/tty) + 25 55 18 "${OPTIONS[@]}" 2>&1 >/dev/tty) dialogcancel=$? echo "done dialog" @@ -55,38 +74,64 @@ clear echo "dialogcancel(${dialogcancel})" if [ ${dialogcancel} -eq 1 ]; then echo "user canceled" - exit 1 + exit 0 elif [ ${dialogcancel} -eq 255 ]; then echo "ESC pressed" - exit 1 + exit 0 fi needsReboot=0 anychange=0 -# RTL process choice +# RTL process choice (LND) choice="off"; check=$(echo "${CHOICES}" | grep -c "r") if [ ${check} -eq 1 ]; then choice="on"; fi + if [ "${rtlWebinterface}" != "${choice}" ]; then - echo "RTL Webinterface Setting changed .." + echo "RTL-lnd Webinterface Setting changed .." anychange=1 - /home/admin/config.scripts/bonus.rtl.sh ${choice} + /home/admin/config.scripts/bonus.rtl.sh ${choice} lnd mainnet errorOnInstall=$? if [ "${choice}" = "on" ]; then if [ ${errorOnInstall} -eq 0 ]; then sudo systemctl start RTL echo "waiting 10 secs .." sleep 10 - /home/admin/config.scripts/bonus.rtl.sh menu + /home/admin/config.scripts/bonus.rtl.sh menu lnd mainnet else - l1="!!! FAIL on RTL install !!!" + l1="!!! FAIL on RTL lnd install !!!" l2="Try manual install on terminal after reboot with:" - l3="/home/admin/config.scripts/bonus.rtl.sh on" + l3="/home/admin/config.scripts/bonus.rtl.sh on lnd mainnet" dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 fi fi else - echo "RTL Webinterface Setting unchanged." + echo "RTL-lnd Webinterface Setting unchanged." +fi + +# RTL process choice (C-Lightning) +choice="off"; check=$(echo "${CHOICES}" | grep -c "c") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${crtlWebinterface}" != "${choice}" ]; then + echo "RTL-cl Webinterface Setting changed .." + anychange=1 + /home/admin/config.scripts/bonus.rtl.sh ${choice} cl mainnet + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + sudo systemctl start RTL + echo "waiting 10 secs .." + sleep 10 + /home/admin/config.scripts/bonus.rtl.sh menu cl mainnet + else + l1="!!! FAIL on RTL C-Lightning install !!!" + l2="Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/bonus.rtl.sh on cl mainnet" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "RTL-cl Webinterface Setting unchanged." fi # BTC-RPC-Explorer process choice @@ -99,7 +144,7 @@ if [ "${BTCRPCexplorer}" != "${choice}" ]; then errorOnInstall=$? if [ "${choice}" = "on" ]; then if [ ${errorOnInstall} -eq 0 ]; then - sudo sytemctl start btc-rpc-explorer + sudo systemctl start btc-rpc-explorer whiptail --title " Installed BTC-RPC-Explorer " --msgbox "\ The txindex may need to be created before BTC-RPC-Explorer can be active.\n This can take ~7 hours on a RPi4 with SSD. Monitor the progress on the LCD.\n @@ -117,27 +162,27 @@ else echo "BTC-RPC-Explorer Setting unchanged." fi -# cryptoadvance Specter process choice +# Specter Desktop process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "s") if [ ${check} -eq 1 ]; then choice="on"; fi if [ "${specter}" != "${choice}" ]; then - echo "Cryptoadvance Specter Setting changed .." + echo "Specter Desktop Setting changed .." anychange=1 - /home/admin/config.scripts/bonus.cryptoadvance-specter.sh ${choice} + /home/admin/config.scripts/bonus.specter.sh ${choice} errorOnInstall=$? if [ "${choice}" = "on" ]; then if [ ${errorOnInstall} -eq 0 ]; then - sudo systemctl start cryptoadvance-specter - /home/admin/config.scripts/bonus.cryptoadvance-specter.sh menu + sudo systemctl start specter + /home/admin/config.scripts/bonus.specter.sh menu else - l1="!!! FAIL on Cryptoadvance Specter install !!!" + l1="!!! FAIL on Specter Desktop install !!!" l2="Try manual install on terminal after reboot with:" - l3="/home/admin/config.scripts/bonus.cryptoadvance-specter.sh on" + l3="/home/admin/config.scripts/bonus.specter.sh on" dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 fi fi else - echo "Cryptoadvance Specter Setting unchanged." + echo "Specter Desktop Setting unchanged." fi # ElectRS process choice @@ -166,7 +211,7 @@ The index database needs to be created before Electrum Server can be used.\n This can take hours/days depending on your RaspiBlitz. Monitor the progress on the LCD.\n When finished use the new 'ELECTRS' entry in Main Menu for more info.\n " 14 50 - needsReboot=1 + needsReboot=0 else l1="!!! FAIL on ElectRS install !!!" l2="Try manual install on terminal after reboot with:" @@ -242,7 +287,7 @@ else fi # CHANTOOLS process choice -choice="off"; check=$(echo "${CHOICES}" | grep -c "c") +choice="off"; check=$(echo "${CHOICES}" | grep -c "h") if [ ${check} -eq 1 ]; then choice="on"; fi if [ "${chantools}" != "${choice}" ]; then echo "chantools Setting changed .." @@ -431,6 +476,50 @@ else echo "Whitepaper setting unchanged." fi +# sparko process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "k") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${sparko}" != "${choice}" ]; then + echo "# Sparko on mainnet Setting changed .." + anychange=1 + /home/admin/config.scripts/cl-plugin.sparko.sh ${choice} mainnet + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + /home/admin/config.scripts/cl-plugin.sparko.sh menu mainnet + else + l1="# !!! FAIL on Sparko on mainnet install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl-plugin.sparko.sh on mainnet" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# Sparko on mainnet Setting unchanged." +fi + +# spark wallet process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "n") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${spark}" != "${choice}" ]; then + echo "# Spark Wallet on mainnet Setting changed .." + anychange=1 + /home/admin/config.scripts/cl.spark.sh ${choice} mainnet + errorOnInstall=$? + if [ "${choice}" = "on" ]; then + if [ ${errorOnInstall} -eq 0 ]; then + /home/admin/config.scripts/cl.spark.sh menu mainnet + else + l1="# !!! FAIL on Spark Wallet on mainnet install !!!" + l2="# Try manual install on terminal after reboot with:" + l3="/home/admin/config.scripts/cl.spark.sh on mainnet" + dialog --title 'FAIL' --msgbox "${l1}\n${l2}\n${l3}" 7 65 + fi + fi +else + echo "# Spark Wallet on mainnet Setting unchanged." +fi + if [ ${anychange} -eq 0 ]; then dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58 exit 0 @@ -444,5 +533,5 @@ if [ ${needsReboot} -eq 1 ]; then # stop bitcoind sudo -u bitcoin ${network}-cli stop sleep 4 - sudo /home/admin/XXshutdown.sh reboot + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot fi diff --git a/home.admin/10setupBlitz.sh b/home.admin/10setupBlitz.sh deleted file mode 100755 index 3f066361e..000000000 --- a/home.admin/10setupBlitz.sh +++ /dev/null @@ -1,267 +0,0 @@ -#!/bin/bash - -# CHECK WHAT IS ALREADY WORKING -# check list from top down - so ./10setupBlitz.sh -# and re-enters the setup process at the correct spot -# in case it got interrupted -echo "checking setup script" - -# INFOFILE on SD - state data from bootstrap & setup -infoFile="/home/admin/raspiblitz.info" -source ${infoFile} - -echo "network(${network})" -echo "chain(${chain})" -echo "setupStep(${setupStep})" - -if [ ${#network} -eq 0 ]; then - echo "FAIL: Something is wrong. There is no value for network in ${infoFile}." - echo "Should be at least default value. EXIT" - exit 1 -fi - -# if no setup step in info file init with 0 -if [ ${#setupStep} -eq 0 ];then - echo "Init setupStep=0" - echo "setupStep=0" >> ${infoFile} - setupStep=0 -fi - -# check if LND needs re-setup -if [ ${setupStep} -gt 79 ];then - source <(sudo /home/admin/config.scripts/lnd.check.sh basic-setup) - if [ ${wallet} -eq 0 ] || [ ${macaroon} -eq 0 ] || [ ${config} -eq 0 ] || [ ${tls} -eq 0 ]; then - echo "WARN: LND needs re-setup" - sudo /home/admin/70initLND.sh - exit 0 - fi -fi - -# if setup if ready --> REBOOT -if [ ${setupStep} -gt 89 ];then - echo "FINISH by setupstep(${setupStep})" - sleep 3 - sudo /home/admin/90finishSetup.sh - sudo /home/admin/95finalSetup.sh - exit 0 -fi - -# check if lightning is running -lndRunning=$(systemctl status lnd.service 2>/dev/null | grep -c running) -if [ ${lndRunning} -eq 1 ]; then - - echo "LND is running ..." - sleep 1 - - # check if LND wallet exists and if locked - walletExists=$(sudo ls /mnt/hdd/lnd/data/chain/${network}/${chain}net/wallet.db 2>/dev/null | grep wallet.db -c) - walletLocked=0 - # only when a wallet exists - it can be locked - if [ ${walletExists} -eq 1 ];then - echo "lnd wallet exists ... checking if locked" - sleep 2 - walletLocked=$(sudo -u bitcoin /usr/local/bin/lncli getinfo 2>&1 | grep -c unlock) - fi - if [ ${walletLocked} -gt 0 ]; then - # LND wallet is locked - /home/admin/config.scripts/lnd.unlock.sh - /home/admin/10setupBlitz.sh - exit 0 - fi - - # check if blockchain still syncing (during sync sometimes CLI returns with error at this point) - chainInfo=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | grep 'initialblockdownload') - chainSyncing=1 - if [ ${#chainInfo} -gt 0 ];then - echo "check chaininfo" - chainSyncing=$(echo "${chainInfo}" | grep "true" -c) - else - echo "chaininfo is zero" - fi - if [ ${chainSyncing} -eq 1 ]; then - echo "Sync Chain ..." - sleep 3 - /home/admin/70initLND.sh - exit 0 - fi - - # check if lnd is scanning blockchain - lndInfo=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} getinfo 2>/dev/null | grep "synced_to_chain") - lndSyncing=1 - if [ ${#lndInfo} -gt 0 ];then - lndSyncing=$(echo "${chainInfo}" | grep "false" -c) - fi - if [ ${lndSyncing} -eq 1 ]; then - echo "Sync LND ..." - sleep 3 - /home/admin/70initLND.sh - exit 0 - fi - - # if unlocked, blockchain synced and LND synced to chain .. finish Setup - echo "FINSIH ... " - sleep 3 - sudo /home/admin/90finishSetup.sh - sudo /home/admin/95finalSetup.sh - exit 0 - -fi #end - when lighting is running - -# check if bitcoin is running -bitcoinRunning=$(systemctl status ${network}d.service 2>/dev/null | grep -c running) -if [ ${bitcoinRunning} -eq 0 ]; then - # double check - seconds=120 - if [ ${setupStep} -lt 60 ]; then - seconds=10 - fi - dialog --pause " Double checking for ${network}d - please wait .." 8 58 ${seconds} - clear - bitcoinRunning=$(${network}-cli getblockchaininfo 2>/dev/null | grep "initialblockdownload" -c) -else - echo "${network} is running" -fi -if [ ${bitcoinRunning} -eq 1 ]; then - echo "OK - ${network}d is running" - echo "Next step run Lightning" - /home/admin/70initLND.sh - exit 1 -else - echo "${network} still not running" -fi #end - when bitcoin is running - -# --- so neither bitcoin or lnd or running yet --> find the earlier step in the setup process: - -# use blitz.datadrive.sh to analyse HDD situation -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status ${network}) -if [ ${#error} -gt 0 ]; then - echo "# FAIL blitz.datadrive.sh status --> ${error}" - echo "# Please report issue to the raspiblitz github." - exit 1 -fi - -# check if HDD is auto-mounted -if [ ${isMounted} -eq 1 ]; then - - # FAILSAFE: check if raspiblitz.conf is available - configExists=$(ls /mnt/hdd/raspiblitz.conf | grep -c '.conf') - if [ ${configExists} -eq 0 ]; then - echo "" - echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "FAIL: /mnt/hdd/raspiblitz.conf should exists at this point, but not found!" - echo "Please report to: https://github.com/rootzoll/raspiblitz/issues/293" - echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "Press ENTER to EXIT." - read key - exit 1 - fi - - # are there any signs of blockchain data and activity - # setup running with admin user, but has no permission to read /mnt/hdd/bitcoin/blocks/, sudo needed - blockchainDataExists=$(sudo ls /mnt/hdd/${network}/blocks 2>/dev/null | grep -c '.dat') - configExists=$(sudo ls /mnt/hdd/${network}/${network}.conf | grep -c '.conf') - - if [ ${blockchainDataExists} -gt 0 ]; then - if [ ${configExists} -eq 1 ]; then - /home/admin/XXdebugLogs.sh - echo "UNKOWN STATE - there is blockchain data config, but blockchain service is not running" - echo "It seems that something went wrong during sync/download/copy of the blockchain." - echo "Or something with the config is not correct." - echo "Sometimes a reboot helps - use command: restart" - echo "Or try to repair blockchain - use command: repair" - exit 1 - else - echo "Got mounted blockchain, but no config and running service yet --> finish HDD" - /home/admin/60finishHDD.sh - exit 1 - fi - fi - - # HDD is empty - get Blockchain - - # detect hardware version of RaspberryPi - # https://www.unixtutorial.org/command-to-confirm-raspberry-pi-model - raspberryPi=$(cat /proc/device-tree/model | cut -d " " -f 3 | sed 's/[^0-9]*//g') - if [ ${#raspberryPi} -eq 0 ]; then - raspberryPi=0 - fi - - # Bitcoin on older/weak RaspberryPi3 (LEGACY) - if [ ${network} = "bitcoin" ] && [ ${raspberryPi} -eq 3 ]; then - echo "Bitcoin-RP3 Options" - menuitem=$(dialog --clear --beep --backtitle "RaspiBlitz" --title " Getting the Blockchain " \ - --menu "You need a copy of the Bitcoin Blockchain - choose method:" 13 75 5 \ - C "COPY --> Copy from laptop/node over LAN (±6hours)" \ - S "SYNC --> Selfvalidate all Blocks (VERY SLOW ±2month)" 2>&1 >/dev/tty) - - # Bitcoin on stronger RaspberryPi4 (new DEFAULT) - elif [ ${network} = "bitcoin" ]; then - echo "Bitcoin-RP4 Options" - menuitem=$(dialog --clear --beep --backtitle "RaspiBlitz" --title " Getting the Blockchain " \ - --menu "You need a copy of the Bitcoin Blockchain - choose method:" 13 75 5 \ - S "SYNC --> Selfvalidate all Blocks (DEFAULT ±2days)" \ - C "COPY --> Copy from laptop/node over LAN (±6hours)" 2>&1 >/dev/tty) - - # Litecoin - elif [ ${network} = "litecoin" ]; then - echo "Litecoin Options" - menuitem=$(dialog --clear --beep --backtitle "RaspiBlitz" --title " Getting the Blockchain " \ - --menu "You need a copy of the Litecoin Blockchain:" 13 75 4 \ - S "SYNC --> Selfvalidate all Blocks (±1day)" 2>&1 >/dev/tty) - - # error - else - echo "FAIL Unknown network(${network})" - exit 1 - fi - - # set SetupState - sudo sed -i "s/^setupStep=.*/setupStep=50/g" ${infoFile} - - clear - case $menuitem in - C) - /home/admin/50copyHDD.sh - ;; - S) - /home/admin/50syncHDD.sh - /home/admin/10setupBlitz.sh - ;; - *) - echo "Use 'raspiblitz' command to return to setup ..." - ;; - esac - exit 1 - -fi # end HDD is already auto-mounted - - -# --- the HDD is not auto-mounted --> very early stage of setup - -# if the script is called for the first time -if [ ${setupStep} -eq 0 ]; then - # run initial user dialog - /home/admin/20setupDialog.sh -fi - -# if the script is called for the first time -if [ ${setupStep} -eq 20 ]; then - # run initial user dialog - /home/admin/30initHDD.sh - exit 1 -fi - -# the HDD is already ext4 formatted and contains blockchain data -if [ "${hddFormat}" = "ext4" ] || [ "${hddFormat}" = "btrfs" ]; then - if [ ${hddGotBlockchain} -eq 1 ]; then - echo "HDD was already initialized/prepared" - echo "Now needs to be mounted" - /home/admin/40addHDD.sh - exit 1 - fi -fi - -# the HDD had no init yet -echo "init HDD ..." -/home/admin/30initHDD.sh -exit 1 \ No newline at end of file diff --git a/home.admin/20recoverDialog.sh b/home.admin/20recoverDialog.sh deleted file mode 100755 index 784c27869..000000000 --- a/home.admin/20recoverDialog.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf - -# show password info dialog -resetAlsoPasswordB=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf 2>/dev/null | grep -c "rpcpassword=passwordB") -resetAlsoPasswordC=$(sudo ls /mnt/hdd/passwordc.flag 2>/dev/null | grep -c ".flag") - -if [ ${resetAlsoPasswordC} -gt 0 ]; then - - # password A + B + C - dialog --backtitle "RaspiBlitz - Migration Setup" --msgbox "Your migration to RaspiBlitz is almost done. - -You need to set a new Password A, B & C: -A) Main User Password (SSH, WebUI, ..) -B) RPC & APP Password (Additional Apps, ..) -C) Lightning Wallet Unlock Password - -Follow Password Rules: Minimal of 8 chars, -no spaces and only special characters - or . -Write them down & store them in a safe place. -" 17 52 - - # call set password a script - sudo /home/admin/config.scripts/blitz.setpassword.sh a - dialog --backtitle "RaspiBlitz" --msgbox "OK - password A was set\nfor all users pi, admin, root & bitcoin" 6 52 - - sudo /home/admin/config.scripts/blitz.setpassword.sh b - dialog --backtitle "RaspiBlitz" --msgbox "OK - password B was set\nit will be used by additional apps you install." 6 52 - - oldPasswordC=$(sudo cat /mnt/hdd/passwordc.flag) - sudo /home/admin/config.scripts/blitz.setpassword.sh c $oldPasswordC - if [ "$?" != "0" ]; then - dialog --backtitle "RaspiBlitz - Setup" --msgbox "Please write down your Password C:\n${oldPasswordC}" 10 52 - else - dialog --backtitle "RaspiBlitz" --msgbox "OK - password C was set\nuse it to unlock your Lightning Wallet after restarts." 8 52 - fi - -elif [ ${resetAlsoPasswordB} -gt 0 ]; then - - # password A + B - dialog --backtitle "RaspiBlitz - Migration Setup" --msgbox "Your migration to RaspiBlitz is almost done. - -You need to set a new Password A & B: -A) Main User Password (SSH, WebUI, ..) -B) RPC & APP Password (Additional Apps, ..) - -Passwords C (for your Lightning wallet) stays to the password you set before. - -Follow Password Rules: Minimal of 8 chars, -no spaces and only special characters - or . -Write them down & store them in a safe place. -" 17 52 - - # call set password a script - sudo /home/admin/config.scripts/blitz.setpassword.sh a - dialog --backtitle "RaspiBlitz" --msgbox "OK - password A was set\nfor all users pi, admin, root & bitcoin" 6 52 - - sudo /home/admin/config.scripts/blitz.setpassword.sh b - dialog --backtitle "RaspiBlitz" --msgbox "OK - password B was set\nit will be used by additional apps you install." 6 52 - -else - - # just password A - dialog --backtitle "RaspiBlitz - Recover Setup" --msgbox "Your previous RaspiBlitz config was recovered. - -You need to set a new Password A: -A) Master User Password - -Passwords B & C stay as before. - -Follow Password Rules: Minimal of 8 chars, -no spaces and only special characters - or . -Write them down & store them in a safe place. -" 14 52 - - # call set password a script - sudo /home/admin/config.scripts/blitz.setpassword.sh a - -# success info dialog -dialog --backtitle "RaspiBlitz" --msgbox "OK - password A was set\nfor all users pi, admin, root & bitcoin" 6 52 - -fi - -# activate lnd & bitcoin service -echo "Enabling Services" -sudo systemctl daemon-reload -sudo systemctl enable lnd.service -sudo systemctl enable ${network}d.service -if [ "${rtlWebinterface}" = "on" ]; then - sudo systemctl enable RTL -fi -if [ "${loop}" = "on" ]; then - sudo systemctl enable loopd -fi -if [ "${BTCRPCexplorer}" = "on" ]; then - sudo systemctl enable btc-rpc-explorer -fi -if [ "${ElectRS}" = "on" ]; then - sudo systemctl enable electrs -fi - -# remove flag that freshly recovered -sudo rm /home/admin/recover.flag - -# when auto-unlock is activated then Password C is needed to be restored on SD card -if [ "${autoUnlock}" = "on" ]; then - - # reset auto-unlock feature - dialog --backtitle "RaspiBlitz - Setup" --msgbox "You had the Auto-Unlock feature enabled. - -In the next dialog you need to re-enter your -ACTUAL/OLD Password C to re-activate the -Auto-Unlock feature. Enter a empty password -to deactivate the Auto-Unlock feature. -" 10 52 - echo "Activating Auto-Unlock (please wait) .." - sudo /home/admin/config.scripts/lnd.autounlock.sh on - dialog --backtitle "RaspiBlitz" --pause " FINAL REBOOT IS NEEDED." 8 52 5 - -else - dialog --backtitle "RaspiBlitz" --pause " OK - Passwords set.\n FINAL REBOOT IS NEEDED." 9 52 5 -fi - -sudo /home/admin/XXshutdown.sh reboot \ No newline at end of file diff --git a/home.admin/20setupDialog.sh b/home.admin/20setupDialog.sh deleted file mode 100755 index 7fbf341fd..000000000 --- a/home.admin/20setupDialog.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/bash -_temp=$(mktemp -p /dev/shm/) - -## get basic info -source /home/admin/raspiblitz.info 2>/dev/null - -################### -# CHECK IF DNS NEEDS SETTING DURING SETUP -# https://github.com/rootzoll/raspiblitz/issues/787 -################### -sudo /home/admin/config.scripts/internet.dns.sh test - -################### -# ENTER NAME -################### - -# welcome and ask for name of RaspiBlitz -result="" -while [ ${#result} -eq 0 ] - do - l1="Please enter the name of your new RaspiBlitz:\n" - l2="one word, keep characters basic & not too long" - dialog --backtitle "RaspiBlitz - Setup (${network}/${chain})" --inputbox "$l1$l2" 11 52 2>$_temp - result=$( cat $_temp | tr -dc '[:alnum:]-.' | tr -d ' ' ) - shred -u $_temp - echo "processing ..." - sleep 3 - done - -# set lightning alias -sed -i "s/^alias=.*/alias=${result}/g" /home/admin/assets/lnd.${network}.conf - -# store hostname for later - to be set right before the next reboot -# work around - because without a reboot the hostname seems not updates in the whole system -valueExistsInInfoFile=$(sudo cat /home/admin/raspiblitz.info | grep -c "hostname=") -if [ ${valueExistsInInfoFile} -eq 0 ]; then - # add - echo "hostname=${result}" >> /home/admin/raspiblitz.info -else - # update - sed -i "s/^hostname=.*/hostname=${result}/g" /home/admin/raspiblitz.info -fi - -################### -# ENTER PASSWORDS -################### - -# show password info dialog -dialog --backtitle "RaspiBlitz - Setup (${network}/${chain})" --msgbox "RaspiBlitz uses 4 different passwords. -Referenced as password A, B, C and D. - -A) Master User Password -B) Blockchain RPC Password -C) LND Wallet Password -D) LND Seed Password - -Choose now 4 new passwords - all min 8 chars, -no spaces and only special characters - or . -Write them down & store them in a safe place. -" 15 52 - -# call set password a script -sudo /home/admin/config.scripts/blitz.setpassword.sh a - -# success info dialog -dialog --backtitle "RaspiBlitz" --msgbox "OK - password A was set\nfor all users pi, admin, root & bitcoin" 6 52 - -# call set password b script -sudo /home/admin/config.scripts/blitz.setpassword.sh b - -# success info dialog -dialog --backtitle "RaspiBlitz" --msgbox "OK - RPC password changed \n\nNow starting the Setup of your RaspiBlitz." 7 52 - -################### -# TOR BY DEFAULT -# https://github.com/rootzoll/raspiblitz/issues/592 -# -################### -echo "runBehindTor=on" >> /home/admin/raspiblitz.info -#whiptail --title ' Privacy Level - How do you want to run your node? ' --yes-button='Public IP' --no-button='TOR NETWORK' --yesno "Running your Lightning node with your Public IP is common and faster, but might reveal your personal identity and location.\n -#You can better protect your privacy with running your lightning node as a TOR Hidden Service from the start, but it can make it harder to connect with other non-TOR nodes and remote mobile apps later on. -# " 12 75 -#if [ $? -eq 1 ]; then -# echo "runBehindTor=on" >> /home/admin/raspiblitz.info -#fi - -# set SetupState -sudo sed -i "s/^setupStep=.*/setupStep=20/g" /home/admin/raspiblitz.info - -clear \ No newline at end of file diff --git a/home.admin/30initHDD.sh b/home.admin/30initHDD.sh deleted file mode 100755 index b2c1ac3f3..000000000 --- a/home.admin/30initHDD.sh +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info - -clear -echo "" -echo "# *** 30initHDD.sh ***" -echo -echo "# --> Checking HDD/SSD status..." - -# use blitz.datadrive.sh to analyse HDD situation -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status ${network}) -if [ ${#error} -gt 0 ]; then - echo "# FAIL blitz.datadrive.sh status --> ${error}" - echo "# Please report issue to the raspiblitz github." - exit 1 -fi - -# check if HDD is mounted (secure against formatting a mounted disk with data) -echo "isMounted=${isMounted}" -if [ ${isMounted} -eq 1 ]; then - echo "# FAIL HDD/SSD is mounted - please unmount and call ./30initHDD.sh again" - exit 1 -fi - -# check if HDD contains old RaspiBlitz data (secure against wrongly formatting) -echo "hddRaspiData=${hddRaspiData}" -if [ ${hddRaspiData} -eq 1 ]; then - echo "# FAIL HDD/SSD contains old data - please delete manual and call ./30initHDD.sh again" - exit 1 -fi - -# check if there is a HDD connected to use as data drive -echo "hddCandidate=${hddCandidate}" -if [ ${#hddCandidate} -eq 0 ]; then - echo "# FAIL please connect a HDD and call ./30initHDD.sh again" - exit 1 -fi -echo "OK" - -# check minimal size of data drive needed -echo -echo "# --> Check HDD/SSD for Size ..." -# bitcoin: 400 GB -# litecoin: 120 GB -minSize=400 -if [ "${network}" = "litecoin" ]; then - minSize=120 -fi -if [ ${hddGigaBytes} -lt ${minSize} ]; then - echo "# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "# WARNING: HDD is too small" - echo "# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "" - echo "# HDD was detected with the size of ${hddGigaBytes} GB" - echo "# For ${network} at least ${minSize} GB is needed" - echo "" - echo "# If you want to change to a bigger HDD:" - echo "# * Unplug power of RaspiBlitz" - echo "# * Make a fresh SD card again" - echo "# * Start again with bigger HDD" - exit 1 -fi -echo " OK" - -# format drive if it does not have any blockchain or blitz data on it -# to be sure that HDD has no faulty partitions, etc. -echo -echo "# --> Check HDD/SSD for Blockchain ..." -echo "# hddGotBlockchain=${hddGotBlockchain}" -raidSizeGB=$(echo "${raidCandidate[0]}" | cut -d " " -f 2) -echo "# raidCandidates=${raidCandidates}" -echo "# raidSizeGB=${raidSizeGB}" -if [ "${hddGotBlockchain}" == "" ] || [ ${hddGotBlockchain} -eq 0 ]; then - - format="ext4" - - # test feature: if there is a USB stick as a raid connected, then format in BTRFS an not in EXT4 - if [ ${raidCandidates} -eq 1 ] && [ ${raidSizeGB} -gt 14 ]; then - - echo - echo "# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "# EXPERIMENTAL FEATURE: BTRFS + RAID" - echo "# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "# You connected an extra USB thumb drive to your RaspiBlitz." - echo "# This activates the experimental feature of running BTRFS" - echo "# instead of EXT4 and is still unstable but needs testing." - echo "# PRESS ENTER to continue with BTRFS+RAID setup or press" - echo "# CTRL+C, remove device & call ./30initHDD.sh again." - read key - format="btrfs" - - # check that raid candidate is big enough - # a 32GB drive gets shown with 28GB in my tests - if [ ${raidSizeGB} -lt 27 ]; then - echo "# FAIL the raid device needs to be at least a 32GB thumb drive." - echo "# Please remove or replace and call ./30initHDD.sh again" - exit 1 - fi - - elif [ ${raidCandidates} -gt 1 ]; then - echo "# FAIL more then one USB raid drive candidate connected." - echo "# Please max one extra USB drive and the call ./30initHDD.sh again" - exit 1 - fi - - - # now partition/format HDD - echo - if (whiptail --title "FORMAT HDD/SSD" --yesno "The connected hard drive needs to get formatted.\nIMPORTANT: This will delete all data on that drive." 8 56); then - clear - echo "# --> Formatting HDD/SSD ..." - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh format ${format} ${hddCandidate}) - if [ ${#error} -gt 0 ]; then - echo "# FAIL blitz.datadrive.sh format --> ${error}" - echo "# Please report issue to the raspiblitz github." - exit 1 - fi - else - clear - echo "# Not formatting the HDD/SSD - Setup Process stopped." - echo "# Rearrange your hardware and restart with a fresh sd card again." - exit 1 - fi - -fi -echo "# OK" - -# set SetupState -sudo sed -i "s/^setupStep=.*/setupStep=30/g" /home/admin/raspiblitz.info - -# automatically now add the HDD to the system -./40addHDD.sh - - diff --git a/home.admin/40addHDD.sh b/home.admin/40addHDD.sh deleted file mode 100755 index 261bdcb23..000000000 --- a/home.admin/40addHDD.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info - -echo "" -echo "# *** 40addHDD.sh ***" - -# use blitz.datadrive.sh to analyse HDD situation -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status ${network}) -if [ ${#error} -gt 0 ]; then - echo "FAIL blitz.datadrive.sh status --> ${error}" - echo "Please report issue to the raspiblitz github." - exit 1 -fi - -# temp mount -if [ "$hddFormat" == "btrfs" ]; then - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddCandidate}) -else - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) -fi - -if [ ${#error} -gt 0 ]; then - echo "FAIL blitz.datadrive.sh tempmount --> ${error}" - echo "Please report issue to the raspiblitz github." - exit 1 -fi - -# linking drives/directories -echo -echo "# --> Linking drives/directories" -echo "# hddCandidate='${hddCandidate}'" -echo "# hddPartitionCandidate='${hddPartitionCandidate}'" -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh link) -if [ ${#error} -gt 0 ]; then - echo "FAIL blitz.datadrive.sh link --> ${error}" - echo "Please report issue to the raspiblitz github." - exit 1 -fi - -# adding drives to fstab for permanent mount -echo -echo "# --> Adding the data drive to OS ..." -echo "# hddCandidate='${hddCandidate}'" -echo "# hddPartitionCandidate='${hddPartitionCandidate}'" -echo "# hddFormat='${hddFormat}'" -if [ "$hddFormat" == "btrfs" ]; then - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh fstab ${hddCandidate}) -else - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh fstab ${hddPartitionCandidate}) -fi - -if [ ${#error} -gt 0 ]; then - echo "FAIL blitz.datadrive.sh fstab --> ${error}" - echo "Please report issue to the raspiblitz github." - exit 1 -fi - -# adding RAID drive -echo "# isBTRFS=${isBTRFS}" -echo "# raidCandidates=${raidCandidates}" -if [ ${isBTRFS} -eq 1 ] && [ ${raidCandidates} -eq 1 ]; then - - # example string: 'sdb 28 GB SanDisk' - raidDevice=$(echo "${raidCandidate[0]}" | cut -d " " -f 1) - raidSizeGB=$(echo "${raidCandidate[0]}" | cut -d " " -f 2) - - echo - echo "# --> Adding Raid Drive ..." - echo "# raidDevice='${raidDevice}'" - echo "# raidSizeGB=${raidSizeGB}" - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh raid on ${raidDevice}) - if [ ${#error} -gt 0 ]; then - echo "# FAIL blitz.datadrive.sh raid on --> ${error}" - echo "# Please report issue to the raspiblitz github." - exit 1 - fi - - fi - -# init the RASPIBLITZ Config -echo -echo "# --> Init raspiblitz.conf ..." -configFile="/mnt/hdd/raspiblitz.conf" -configExists=$(sudo ls ${configFile} 2>/dev/null | grep -c 'raspiblitz.conf') -if [ ${configExists} -eq 1 ]; then - - # config exists - nothing much to do - echo "# config file already exists on HDD/SSD" - sudo chmod 777 ${configFile} - -else - - # create file and use init values from raspiblitz.info - echo "# CREATING new ${configFile}" - source /home/admin/_version.info - echo "# RASPIBLITZ CONFIG FILE" > /home/admin/raspiblitz.conf - echo "raspiBlitzVersion='${codeVersion}'" >> /home/admin/raspiblitz.conf - echo "network=${network}" >> /home/admin/raspiblitz.conf - echo "chain=${chain}" >> /home/admin/raspiblitz.conf - echo "hostname=${hostname}" >> /home/admin/raspiblitz.conf - echo "displayClass=${displayClass}" >> /home/admin/raspiblitz.conf - echo "displayType=${displayType}" >> /home/admin/raspiblitz.conf - echo "lcdrotate=1" >> /home/admin/raspiblitz.conf - - sudo mv /home/admin/raspiblitz.conf $configFile - sudo chown root:root ${configFile} - sudo chmod 777 ${configFile} - sleep 3 - - # try to determine publicIP and make sure its in raspiblitz.conf - # https://github.com/rootzoll/raspiblitz/issues/312#issuecomment-462675101 - /home/admin/config.scripts/internet.sh update-publicip - -fi - -# link ssh directory from SD card to HDD -echo "# --> SSH key settings" -echo "# copying SSH pub keys to HDD" -sudo cp -r /etc/ssh /mnt/hdd/ssh -# just copy dont link anymore -# see: https://github.com/rootzoll/raspiblitz/issues/1798 -#sudo rm -rf /etc/ssh -#sudo ln -s /mnt/hdd/ssh /etc/ssh -#sudo /home/admin/config.scripts/blitz.systemd.sh update-sshd -echo "# OK" -echo "" - -# set SetupState -sudo sed -i "s/^setupStep=.*/setupStep=40/g" /home/admin/raspiblitz.info - -# check if HDD contains a blockchain to work with -echo "hddGotBlockchain=${hddGotBlockchain}" -if [ ${hddGotBlockchain} -eq 1 ]; then - - echo "# Looks like the HDD is prepared with the Blockchain." - - # ask user if prepared blockchain is to use or self-validate - whiptail --title ' Use Blockchain from HDD/SSD? ' --yes-button='Continue' --no-button='DELETE' --yesno " -On the HDD/SSD Blockchain data was found.\n -Continue if you trust that data to be valid.\n -If you dont trust that data you can now choose to delete it - but keep in mind that this can add multiple days of waiting time to your setup process to regain or self-validate the initial blockchain data. - " 14 75 - if [ $? -eq 1 ]; then - # DELETE - echo "# Deleting old blockchain data .." - sudo rm -R /mnt/hdd/bitcoin 2>/dev/null - sudo rm -R /mnt/hdd/litecoin 2>/dev/null - # HDD is now empty - let setupBlitz - display next options - echo "# HDD now empty --> follow further setup" - ./10setupBlitz.sh - else - # CONTINUE - echo "# Continuing with finishing the system setup ..." - ./60finishHDD.sh - fi - -else - - # HDD is empty - let setupBlitz - display next options - echo "# HDD empty --> follow further setup" - ./10setupBlitz.sh - -fi diff --git a/home.admin/50copyHDD.sh b/home.admin/50copyHDD.sh deleted file mode 100755 index 3808359eb..000000000 --- a/home.admin/50copyHDD.sh +++ /dev/null @@ -1,256 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info - -# get local ip -localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') - -# Basic Options -OPTIONS=(WINDOWS "Windows" \ - MACOS "Apple MacOSX" \ - LINUX "Linux" \ - BLITZ "RaspiBlitz" - ) - -CHOICE=$(dialog --clear --title " Copy Blockchain from another laptop/node over LAN " --menu "\nWhich system is running on the other laptop/node you want to copy the blockchain from?\n " 14 60 9 "${OPTIONS[@]}" 2>&1 >/dev/tty) - -clear -case $CHOICE in - MACOS) echo "Steve";; - LINUX) echo "Linus";; - WINDOWS) echo "Bill";; - BLITZ) echo "Satoshi";; - *) exit 1;; -esac - -# additional prep if this is used to replace corrupted blockchain -if [ "${setupStep}" = "100" ]; then - # make sure services are not running - echo "stopping services ..." - sudo systemctl stop background - sudo systemctl stop lnd - sudo systemctl stop bitcoind - sudo cp -f /mnt/hdd/bitcoin/bitcoin.conf /home/admin/assets/bitcoin.conf -else - # make sure bitcoind is not running - sudo systemctl stop background <2 /dev/null - sudo systemctl stop bitcoind <2 /dev/null -fi - -# check if old blockchain data exists -hasOldBlockchainData=0 -sizeBlocks=$(sudo du -s /mnt/hdd/bitcoin/blocks 2>/dev/null | tr -dc '[0-9]') -if [ ${#sizeBlocks} -gt 0 ] && [ ${sizeBlocks} -gt 0 ]; then - hasOldBlockchainData=1 -fi -sizeChainstate=$(sudo du -s /mnt/hdd/bitcoin/chainstate 2>/dev/null | tr -dc '[0-9]') -if [ ${#sizeChainstate} -gt 0 ] && [ ${sizeChainstate} -gt 0 ]; then - hasOldBlockchainData=1 -fi - -if [ ${hasOldBlockchainData} -eq 1 ] && [ "$1" != "stop-after-script" ]; then - dialog --title " Old Blockchain Data Found " --yesno "\nDo you want to delete the existing blockchain data now?" 7 60 - response=$? - echo "response(${response})" - if [ "${response}" = "1" ]; then - echo "OK - keep old blockchain - just try to repair by copying over it" - sleep 3 - else - echo "OK - delete old blockchain" - sudo rm -rfv /mnt/hdd/bitcoin/blocks/* 2>/dev/null - sudo rm -rfv /mnt/hdd/bitcoin/chainstate/* 2>/dev/null - sleep 3 - fi -fi - -# make sure /mnt/hdd/bitcoin exists -sudo mkdir /mnt/hdd/bitcoin 2>/dev/null - -# allow all users write to it -sudo chmod 777 /mnt/hdd/bitcoin - -echo -clear -if [ "${CHOICE}" = "WINDOWS" ]; then - echo "****************************************************************************" - echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from a WINDOWS computer" - echo "****************************************************************************" - echo "" - echo "ON YOUR WINDOWS COMPUTER download and validate the blockchain with the Bitcoin" - echo "Core wallet software (>=0.17.1) from: bitcoincore.org/en/download" - echo "If the Bitcoin Blockchain is synced up - make sure that your Windows computer &" - echo "your RaspiBlitz are in the same local network." - echo "" - echo "Open a fresh terminal on your Windows computer & change into the directory that" - echo "contains the blockchain data - should see folders named 'blocks' & 'chainstate'" - echo "there. Normally on Windows thats: C:\Users\YourUserName\Appdata\Roaming\Bitcoin" - echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." - echo "" - echo "COPY, PASTE & EXECUTE the following command on your Windows computer terminal:" - echo "scp -r ./chainstate ./blocks bitcoin@${localip}:/mnt/hdd/bitcoin" - echo "" - echo "If asked for a password use PASSWORD A (or 'raspiblitz')." -fi -if [ "${CHOICE}" = "MACOS" ]; then - echo "****************************************************************************" - echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from a MacOSX computer" - echo "****************************************************************************" - echo "" - echo "ON YOUR MacOSX COMPUTER download and validate the blockchain with the Bitcoin" - echo "Core wallet software (>=0.17.1) from: bitcoincore.org/en/download" - echo "If the Bitcoin Blockchain is synced up - make sure that your MacOSX computer &" - echo "your RaspiBlitz are in the same local network." - echo "" - echo "Open a fresh terminal on your MacOSX computer and change into the directory that" - echo "contains the blockchain data - should see folders named 'blocks' & 'chainstate'" - echo "there. Normally on MacOSX thats: cd ~/Library/Application Support/Bitcoin/" - echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." - echo "" - echo "COPY, PASTE & EXECUTE the following command on your MacOSX terminal:" - echo "sudo rsync -avhW --progress ./chainstate ./blocks bitcoin@${localip}:/mnt/hdd/bitcoin" - echo "" - echo "You will be asked for passwords. First can be the user password of your MacOSX" - echo "computer and the last is the PASSWORD A (or 'raspiblitz') of this RaspiBlitz." -fi -if [ "${CHOICE}" = "LINUX" ]; then - echo "****************************************************************************" - echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from a LINUX computer" - echo "****************************************************************************" - echo "" - echo "ON YOUR LINUX COMPUTER download and validate the blockchain with the Bitcoin" - echo "Core wallet software (>=0.17.1) from: bitcoincore.org/en/download" - echo "If the Bitcoin Blockchain is synced up - make sure that your Linux computer &" - echo "your RaspiBlitz are in the same local network." - echo "" - echo "Open a fresh terminal on your Linux computer and change into the directory that" - echo "contains the blockchain data - should see folders named 'blocks' & 'chainstate'" - echo "there. Normally on Linux thats: cd ~/.bitcoin/" - echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." - echo "" - echo "COPY, PASTE & EXECUTE the following command on your Linux terminal:" - echo "sudo rsync -avhW --progress ./chainstate ./blocks bitcoin@${localip}:/mnt/hdd/bitcoin" - echo "" - echo "You will be asked for passwords. First can be the user password of your Linux" - echo "computer and the last is the PASSWORD A (or 'raspiblitz') of this RaspiBlitz." -fi -if [ "${CHOICE}" = "BLITZ" ]; then - echo "****************************************************************************" - echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from another RaspiBlitz" - echo "****************************************************************************" - echo "" - echo "The other RaspiBlitz needs a minimum version of 1.6 (if lower, update first)." - echo "Make sure that the other RaspiBlitz is on the same local network." - echo "" - echo "Open a fresh terminal and login per SSH into that other RaspiBlitz." - echo "Once in the main menu go: MAINMENU > REPAIR > COPY-SOURCE" - echo "Follow the given instructions ..." - echo "" - echo "The LOCAL IP of this target RaspiBlitz is: ${localip}" -fi -echo "" -echo "It can take multiple hours until transfer is complete - be patient." -echo "****************************************************************************" -echo "PRESS ENTER if transfers is done OR if you want to choose another option." -sleep 2 -read key - -# make quick check if data is there -anyDataAtAll=0 -quickCheckOK=1 -count=$(sudo find /mnt/hdd/bitcoin/ -iname *.dat -type f | wc -l) -if [ ${count} -gt 0 ]; then - echo "Found data in /mnt/hdd/bitcoin/blocks" - anyDataAtAll=1 -fi -if [ ${count} -lt 300 ]; then - echo "FAIL: transfer seems invalid - less then 300 .dat files (${count})" - quickCheckOK=0 -fi -count=$(sudo find /mnt/hdd/bitcoin/ -iname *.ldb -type f | wc -l) -if [ ${count} -gt 0 ]; then - echo "Found data in /mnt/hdd/bitcoin/chainstate" - anyDataAtAll=1 -fi -if [ ${count} -lt 700 ]; then - echo "FAIL: transfer seems invalid - less then 700 .ldb files (${count})" - quickCheckOK=0 -fi - -echo "*********************************************" -echo "QUICK CHECK RESULT" -echo "*********************************************" - -# just if any data transferred .. -if [ ${anyDataAtAll} -eq 1 ]; then - - # data was invalid - ask user to keep? - if [ ${quickCheckOK} -eq 0 ]; then - - echo "FAIL -> DATA seems incomplete." - - else - - echo "OK -> DATA LOOKS GOOD :D" - sudo rm /mnt/hdd/bitcoin/debug.log 2>/dev/null - - fi - -else - - echo "CANCEL -> NO DATA was copied." - quickCheckOK=0 - -fi -echo "*********************************************" - -# if started with parameter "stop-after-script" - quit here -if [ "$1" == "stop-after-script" ]; then - echo "DONE Copy" - exit 0 -fi - -# if started after initial setup - quit here -if [ "${setupStep}" = "100" ]; then - sudo cp /home/admin/assets/bitcoin.conf /mnt/hdd/bitcoin/bitcoin.conf - sudo systemctl enable bitcoind - echo "DONE - rebooting: sudo shutdown -r now" - sudo shutdown -r now - exit 0 -fi - -# REACT ON QUICK CHECK DURING INITAL SETUP - -if [ ${quickCheckOK} -eq 0 ]; then - - echo "*********************************************" - echo "There seems to be an invalid transfer." - - echo "Wait 5 secs ..." - sleep 5 - - dialog --title " INVALID TRANSFER - TRY AGAIN?" --yesno "Quickcheck shows the data you transferred is invalid/incomplete. Maybe transfer was interrupted and not completed.\n\nDo you want retry/proceed the copy process?" 8 70 - response=$? - echo "response(${response})" - if [ "${response}" == "0" ]; then - /home/admin/50copyHDD.sh - exit 0 - fi - - dialog --title " INVALID TRANSFER - DELETE DATA?" --yesno "Quickcheck shows the data you transferred is invalid/incomplete. This can lead further RaspiBlitz setup to get stuck in error state.\nDo you want to reset/delete data?" 8 60 - response=$? - echo "response(${response})" - case $response in - 1) quickCheckOK=1 ;; - esac - -fi - -if [ ${quickCheckOK} -eq 0 ]; then - echo "Deleting invalid Data ... " - sudo rm -rf /mnt/hdd/bitcoin - sleep 2 -fi - -# setup script will decide the next logical step -/home/admin/10setupBlitz.sh diff --git a/home.admin/50syncHDD.sh b/home.admin/50syncHDD.sh deleted file mode 100755 index 3c3ad1c31..000000000 --- a/home.admin/50syncHDD.sh +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info - -# only show warning when bitcoin -if [ "$network" = "bitcoin" ]; then - - # detect hardware version of RaspberryPi - # https://www.unixtutorial.org/command-to-confirm-raspberry-pi-model - raspberryPi=$(cat /proc/device-tree/model | cut -d " " -f 3 | sed 's/[^0-9]*//g') - if [ ${#raspberryPi} -eq 0 ]; then - raspberryPi=0 - fi - echo "RaspberryPi Model Version: ${raspberryPi}" - if [ ${raspberryPi} -lt 4 ]; then - # raspberryPi 3 and lower - msg=" This old RaspberryPi has very limited CPU power.\n" - msg="$msg To sync & validate the complete blockchain\n" - msg="$msg can take multiple days - even weeks\n" - msg="$msg Its recommended to use another option.\n" - msg="$msg \n" - msg="$msg So do you really want start syncing now?" - dialog --title " WARNING " --yesno "${msg}" 11 57 - response=$? - case $response in - 0) echo "--> OK";; - 1) exit 1;; - 255) exit 1;; - esac - fi -fi - -# ask if really sync behind TOR -# if [ "${runBehindTor}" = "on" ]; then -# whiptail --title ' Sync Blockchain from behind TOR? ' --yes-button='Public-Sync' --no-button='TOR-Sync' --yesno "You decided to run your node behind TOR and validate the blockchain with your RaspiBlitz - thats good. But downloading the complete blockchain thru TOR can add some extra time (maybe a day) to the process and adds a heavy load on the TOR network.\n -#Your RaspiBlitz can just run the initial blockchain download with your public IP (Public-Sync) but keep your Lighting node safe behind TOR. -#It would speed up the self-validation while not revealing your Lightning node identity. But for most privacy choose (TOR-Sync). -# " 15 76 -# if [ $? -eq 0 ]; then -# # set flag to not run bitcoin behind TOR during IDB -# echo "ibdBehindTor=off" >> /home/admin/raspiblitz.info -# fi -#fi - -echo "**********************************" -echo "Dont Trust, verify - starting sync" -echo "**********************************" -echo "" -sleep 3 - - -echo "*** Optimizing RAM for Sync ***" - -kbSizeRAM=$(cat /proc/meminfo | grep "MemTotal" | sed 's/[^0-9]*//g') -echo "dont forget to reduce dbcache once IBD is done" > "/home/admin/selfsync.flag" -# RP4 4GB -if [ ${kbSizeRAM} -gt 3500000 ]; then - echo "Detected RAM >=4GB --> optimizing ${network}.conf" - sudo sed -i "s/^dbcache=.*/dbcache=3072/g" /home/admin/assets/${network}.conf -# RP4 2GB -elif [ ${kbSizeRAM} -gt 1500000 ]; then - echo "Detected RAM >=2GB --> optimizing ${network}.conf" - sudo sed -i "s/^dbcache=.*/dbcache=1536/g" /home/admin/assets/${network}.conf -# RP3/4 1GB -else - echo "Detected RAM <=1GB --> optimizing ${network}.conf" - sudo sed -i "s/^dbcache=.*/dbcache=512/g" /home/admin/assets/${network}.conf -fi - -echo "" -echo "*** Activating Blockain Sync ***" - -sudo mkdir /mnt/hdd/${network} 2>/dev/null -sudo /home/admin/XXcleanHDD.sh -blockchain -force -sudo -u bitcoin mkdir /mnt/hdd/${network}/blocks 2>/dev/null -sudo -u bitcoin mkdir /mnt/hdd/${network}/chainstate 2>/dev/null - -# set so that 10raspiblitz.sh has a flag to see that resync is running -sudo touch /mnt/hdd/${network}/blocks/.selfsync -sudo sed -i "s/^state=.*/state=sync/g" /home/admin/raspiblitz.info - -echo "OK - sync is activated" - -if [ "${setupStep}" = "100" ]; then - - # start services - echo "reboot needed: shutdown -r now" - -else - - # set SetupState - sudo sed -i "s/^setupStep=.*/setupStep=50/g" /home/admin/raspiblitz.info - - # continue setup - ./60finishHDD.sh - -fi diff --git a/home.admin/60finishHDD.sh b/home.admin/60finishHDD.sh deleted file mode 100755 index 02564cc27..000000000 --- a/home.admin/60finishHDD.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf - -echo "" -echo "*** 60finishHDD.sh ***" - -# use blitz.datadrive.sh to analyse HDD situation -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status ${network}) -if [ ${#error} -gt 0 ]; then - echo "# FAIL blitz.datadrive.sh status --> ${error}" - echo "# Please report issue to the raspiblitz github." - exit 1 -fi - -# check that data drive is mounted -if [ ${isMounted} -eq 0 ]; then - echo "# FAIL - HDD is not mounted." - exit 1 -fi - -###### COPY BASIC NETWORK CONFIG - -echo "" -echo "*** Prepare ${network} ***" -sudo cp /home/admin/assets/${network}.conf /mnt/hdd/${network}/${network}.conf -sudo mkdir /home/admin/.${network} 2>/dev/null -sudo cp /home/admin/assets/${network}.conf /home/admin/.${network}/${network}.conf - -# make sure all files are linked correct -sudo /home/admin/config.scripts/blitz.datadrive.sh link - -# BLITZ WEB SERVICE -/home/admin/config.scripts/blitz.web.sh on - -###### ACTIVATE TOR IF SET DURING SETUP -if [ "${runBehindTor}" = "on" ]; then - - echo "runBehindTor --> ON" - sudo /home/admin/config.scripts/internet.tor.sh on - - # but if IBD is allowed to be public switch off TOR just fro bitcoin - # until IBD is done. background service will after that switch TOR on - if [ "${ibdBehindTor}" = "off" ]; then - echo "ibdBehindTor --> OFF" - sudo /home/admin/config.scripts/internet.tor.sh btcconf-off - else - echo "ibdBehindTor --> ON" - fi - -else - echo "runBehindTor --> OFF" -fi - -###### START NETWORK SERVICE -echo "" -echo "*** Start ${network} ***" -echo "- This can take a while .." -sudo cp /home/admin/assets/${network}d.service /etc/systemd/system/${network}d.service -#sudo chmod +x /etc/systemd/system/${network}d.service -sudo systemctl daemon-reload -sudo systemctl enable ${network}d.service -sudo systemctl start ${network}d.service - -# check if bitcoin has started -bitcoinRunning=0 -loopcount=0 -while [ ${bitcoinRunning} -eq 0 ] -do - >&2 echo "# (${loopcount}/200) checking if ${network}d is running ... " - bitcoinRunning=$(${network}-cli getblockchaininfo 2>/dev/null | grep "initialblockdownload" -c) - sleep 2 - sync - loopcount=$(($loopcount +1)) - if [ ${loopcount} -gt 200 ]; then - /home/admin/XXdebugLogs.sh - echo "***********************************" - echo "FAIL: ${network} failed to start :(" - echo "Get support or try again the command: raspiblitz" - exit 1 - fi -done - -# set SetupState -sudo sed -i "s/^setupStep=.*/setupStep=60/g" /home/admin/raspiblitz.info - -./10setupBlitz.sh \ No newline at end of file diff --git a/home.admin/70initLND.sh b/home.admin/70initLND.sh deleted file mode 100755 index 88b2f239a..000000000 --- a/home.admin/70initLND.sh +++ /dev/null @@ -1,489 +0,0 @@ -#!/bin/bash - -## get basic info -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf - -echo "" -echo "*** 70initLND.sh ***" - -# CHECK ######### - -echo "*** Check Basic Config ***" -if [ ${#network} -eq 0 ]; then - echo "FAIL - missing: network" - exit 1 -fi -if [ ${#chain} -eq 0 ]; then - echo "FAIL - missing: chain" - exit 1 -fi - -# CHECK ######### - -echo "*** Check ${network} Running ***" -bitcoinRunning=$(systemctl status ${network}d.service 2>/dev/null | grep -c running) -if [ ${bitcoinRunning} -eq 0 ]; then - bitcoinRunning=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo | grep -c verificationprogress) -fi -if [ ${bitcoinRunning} -eq 0 ]; then - whiptail --title "70initLND - WARNING" --yes-button "Retry" --no-button "EXIT+Logs" --yesno "Service ${network}d is not running." 8 50 - if [ $? -eq 0 ]; then - /home/admin/70initLND.sh - else - /home/admin/XXdebugLogs.sh - fi - exit 1 -fi - -# CHECK ######### - -echo "*** Check ${network} Responding *** (can take a while)" -chainIsReady=0 -loopCount=0 -while [ ${chainIsReady} -eq 0 ] - do - loopCount=$(($loopCount +1)) - result=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 2>error.out) - error=$(cat error.out) - rm error.out - if [ ${#error} -gt 0 ]; then - if [ ${loopCount} -gt 33 ]; then - echo "*** TAKES LONGER THEN EXCEPTED ***" - date +%s - echo "result(${result})" - echo "error(${error})" - testnetAdd="" - if [ "${chain}" = "test" ]; then - testnetAdd="testnet3/" - fi - sudo tail -n 5 /mnt/hdd/${network}/${testnetAdd}debug.log - echo "If you see an error -28 relax, just give it some time." - echo "Waiting 1 minute and then trying again ..." - sleep 60 - else - echo "(${loopCount}/33) still waiting .." - sleep 10 - fi - else - echo "OK - chainnetwork is working" - echo "" - chainIsReady=1 - break - fi - done - -# CHECK ######### - -echo "*** Check LND Config ***" -configExists=$( sudo ls /mnt/hdd/lnd/lnd.conf 2>/dev/null | grep -c lnd.conf ) -if [ ${configExists} -eq 0 ]; then - echo "Creating LND config ..." - sudo mkdir /mnt/hdd/lnd 2> /dev/null - sudo chown -R bitcoin:bitcoin /mnt/hdd/lnd - sudo cp /home/admin/assets/lnd.${network}.conf /mnt/hdd/lnd/lnd.conf - sudo chown bitcoin:bitcoin /mnt/hdd/lnd/lnd.conf - if [ -d /home/bitcoin/.lnd ]; then - echo "OK - LND config written" - else - echo "FAIL - Was not able to setup LND" - exit 1 - fi -else - echo "OK - exists" -fi -echo "" - -###### Init LND service & start - -echo "*** Init LND Service & Start ***" -lndRunning=$(sudo systemctl status lnd.service 2>/dev/null | grep -c running) -if [ ${lndRunning} -eq 0 ]; then - - echo "stopping lnd .." - sudo systemctl stop lnd 2>/dev/null - sudo systemctl disable lnd 2>/dev/null - - sed -i "5s/.*/Wants=${network}d.service/" /home/admin/assets/lnd.service - sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service - sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service - #sudo chmod +x /etc/systemd/system/lnd.service - - ###### ACTIVATE TOR IF SET DURING SETUP - if [ "${runBehindTor}" = "on" ]; then - echo "TOR was selected" - sudo /home/admin/config.scripts/internet.tor.sh lndconf-on - else - echo "TOR was not selected" - fi - - echo "Starting LND Service ..." - sudo systemctl enable lnd - sudo systemctl start lnd - - echo "" - echo "waiting ." - sleep 10 - echo "waiting .." - sleep 10 - echo "waiting ..." - sleep 10 - dialog --pause " Starting LND - please wait .." 8 58 90 -fi - -###### Check LND starting - -while [ ${lndRunning} -eq 0 ] -do - lndRunning=$(sudo systemctl status lnd.service | grep -c running) - if [ ${lndRunning} -eq 0 ]; then - date +%s - echo "LND not ready yet ... waiting another 60 seconds." - echo "If this takes too long (more then 10min total) --> CTRL+c and report Problem" - sleep 60 - fi -done -echo "OK - LND is running" -echo "" - -###### Check LND health/fails (to be extended) -fail="" -tlsExists=$(sudo ls /mnt/hdd/lnd/tls.cert 2>/dev/null | grep -c "tls.cert") -if [ ${tlsExists} -eq 0 ]; then - fail="LND was starting, but missing /mnt/hdd/lnd/tls.cert" -fi -if [ ${#fail} -gt 0 ]; then - whiptail --title "70initLND - WARNING" --yes-button "Retry" --no-button "EXIT+Logs" --yesno "${fail}" 8 50 - if [ $? -eq 0 ]; then - /home/admin/70initLND.sh - else - /home/admin/XXdebugLogs.sh - fi - exit 1 -fi - -###### Instructions on Creating/Restoring LND Wallet -walletExists=$(sudo ls /mnt/hdd/lnd/data/chain/${network}/${chain}net/wallet.db 2>/dev/null | grep wallet.db -c) -echo "walletExists(${walletExists})" -sleep 2 -if [ ${walletExists} -eq 0 ]; then - - # UI: Ask if user wants NEW wallet or RECOVER a wallet - OPTIONS=(NEW "Setup a brand new Lightning Node (DEFAULT)" \ - OLD "I had an old Node I want to recover/restore") - CHOICE=$(dialog --backtitle "RaspiBlitz" --clear --title "LND Setup" --menu "LND Data & Wallet" 11 60 6 "${OPTIONS[@]}" 2>&1 >/dev/tty) - echo "choice($CHOICE)" - - if [ "${CHOICE}" == "NEW" ]; then - -############################ -# NEW WALLET -############################ - - # let user enter password c - sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null - sudo touch /var/cache/raspiblitz/.pass.tmp - sudo chown admin:admin /var/cache/raspiblitz/.pass.tmp - sudo /home/admin/config.scripts/blitz.setpassword.sh x "Set your Password C for the LND Wallet Unlock" /var/cache/raspiblitz/.pass.tmp - passwordC=$(sudo cat /var/cache/raspiblitz/.pass.tmp) - sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null - - # make sure passwordC is set - if [ ${#passwordC} -eq 0 ]; then - /home/admin/70initLND.sh - exit 1 - fi - - # generate wallet with seed and set passwordC - clear - echo "Generating new Wallet ...." - sudo touch /var/cache/raspiblitz/.seed.tmp - sudo chown admin:admin /var/cache/raspiblitz/.seed.tmp - python3 /home/admin/config.scripts/lnd.initwallet.py new ${passwordC} > /var/cache/raspiblitz/.seed.tmp - source /var/cache/raspiblitz/.seed.tmp - sudo shred -u /var/cache/raspiblitz/.seed.tmp 2>/dev/null - - # in case of error - retry - if [ ${#err} -gt 0 ]; then - whiptail --title "lnd.initwallet.py - ERROR" --msgbox "${err}" 8 50 - /home/admin/70initLND.sh - exit 1 - else - if [ ${#seedwords} -eq 0 ]; then - echo "FAIL!! -> MISSING seedwords data - but also no err data ?!?" - echo "CHECK output data above - PRESS ENTER to restart 70initLND.sh" - read key - /home/admin/70initLND.sh - exit 1 - fi - fi - - if [ ${#seedwords6x4} -eq 0 ]; then - seedwords6x4="${seedwords}" - fi - - ack=0 - while [ ${ack} -eq 0 ] - do - whiptail --title "IMPORTANT SEED WORDS - PLEASE WRITE DOWN" --msgbox "LND Wallet got created. Store these numbered words in a safe location:\n\n${seedwords6x4}" 12 76 - whiptail --title "Please Confirm" --yes-button "Show Again" --no-button "CONTINUE" --yesno " Are you sure that you wrote down the word list?" 8 55 - if [ $? -eq 1 ]; then - ack=1 - fi - done - - if [ ${setupStep} -lt 100 ]; then - sudo sed -i "s/^setupStep=.*/setupStep=65/g" /home/admin/raspiblitz.info - fi - - echo "waiting ." - sleep 10 - - else - -############################ -# RECOVER OLD WALLET -############################ - - OPTIONS=(LNDRESCUE "LND tar.gz-Backupfile (BEST)" \ - SEED+SCB "Seed & channel.backup file (OK)" \ - ONLYSEED "Only Seed Word List (FALLBACK)") - CHOICE=$(dialog --backtitle "RaspiBlitz" --clear --title "RECOVER LND DATA & WALLET" --menu "Data you have to recover from?" 11 60 6 "${OPTIONS[@]}" 2>&1 >/dev/tty) - - # LND RESCUE - if [ "${CHOICE}" == "LNDRESCUE" ]; then - sudo /home/admin/config.scripts/lnd.rescue.sh restore - echo "" - echo "PRESS ENTER to continue." - read key - /home/admin/70initLND.sh - exit 1 - fi - - # WARNING ON ONLY SEED - if [ "${CHOICE}" == "ONLYSEED" ]; then - - # let people know about the difference between SEED & SEED+SCB - whiptail --title "IMPORTANT INFO" --yes-button "Continue" --no-button "Go Back" --yesno " -Using JUST SEED WORDS will only recover your on-chain funds. -To also try to recover the open channel funds you need the -channel.backup file (since RaspiBlitz v1.2 / LND 0.6-beta) -or having a complete LND rescue-backup from your old node. - " 11 65 - if [ $? -eq 1 ]; then - /home/admin/70initLND.sh - exit 1 - fi - fi - - # IF SEED and SCB - make user upload channel.backup file now - # and it will get automated activated after syncs are ready - # TODO: later activate directly with call to lnd.iniwallet.py - if [ "${CHOICE}" == "SEED+SCB" ]; then - - # let lnd.rescue script do the upload process - /home/admin/config.scripts/lnd.rescue.sh scb-up - - # check exit code of script - if [ $? -eq 1 ]; then - echo "USER CANCEL --> back to menu" - /home/admin/70initLND.sh - exit 1 - else - clear - echo "channel.backup will get checked/activated after blockchain/lightning is synced" - sleep 2 - echo "NEXT --> Set password for new LND wallet" - sleep 3 - fi - fi - - clear - - # let user enter password c - sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null - sudo touch /var/cache/raspiblitz/.pass.tmp - sudo chown admin:admin /var/cache/raspiblitz/.pass.tmp - sudo /home/admin/config.scripts/blitz.setpassword.sh x "Set your Password C for the LND Wallet Unlock" /var/cache/raspiblitz/.pass.tmp - passwordC=$(sudo cat /var/cache/raspiblitz/.pass.tmp) - sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null - - # get seed word list - if [ "${CHOICE}" == "SEED+SCB" ] || [ "${CHOICE}" == "ONLYSEED" ]; then - - wordsCorrect=0 - while [ ${wordsCorrect} -eq 0 ] - do - # dialog to enter - sudo touch /var/cache/raspiblitz/.seed.tmp - sudo chown admin:admin /var/cache/raspiblitz/.seed.tmp - dialog --backtitle "RaspiBlitz - LND Recover" --inputbox "Please enter/paste the SEED WORD LIST:\n(just the words, separated by spaces, in correct order as numbered)" 9 78 2>/var/cache/raspiblitz/.seed.tmp - wordstring=$( cat /var/cache/raspiblitz/.seed.tmp | sed 's/[^a-zA-Z0-9 ]//g' ) - shred -u /var/cache/raspiblitz/.seed.tmp - echo "processing ... ${wordstring}" - - # check correct number of words - wordcount=$(echo "${wordstring}" | wc -w) - if [ ${wordcount} -eq 24 ]; then - echo "OK - 24 words" - wordsCorrect=1 - else - whiptail --title " WARNING " \ - --yes-button "Try Again" \ - --no-button "Cancel" \ - --yesno " -The word list has ${wordcount} words. But it must be 24. -Please check your list and try again. - -Best is to write words in external editor -and then copy and paste them into dialog. - -The Word list should look like this: -wordone wordtwo wordthree ... - -" 16 52 - - if [ $? -eq 1 ]; then - /home/admin/70initLND.sh - exit 1 - fi - fi - done - - # ask if seed was protected by password D - passwordD="" - dialog --title "SEED PASSWORD" --yes-button "No extra Password" --no-button "Yes" --yesno " -Are your seed words protected by an extra password? - -During wallet creation LND offers to set an extra password -to protect the seed words. Most users did not set this. - " 11 65 - if [ $? -eq 1 ]; then - sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null - sudo touch /var/cache/raspiblitz/.pass.tmp - sudo chown admin:admin /var/cache/raspiblitz/.pass.tmp - sudo /home/admin/config.scripts/blitz.setpassword.sh x "Enter extra Password D" /var/cache/raspiblitz/.pass.tmp empty-allowed - passwordD=$(sudo cat /var/cache/raspiblitz/.pass.tmp) - sudo shred -u /var/cache/raspiblitz/.pass.tmp 2>/dev/null - fi - - fi - - # FOR NOW: let channel.backup file get activated by lncli after syncs - # LATER: make different call to lnd.initwallet.py - if [ "${CHOICE}" == "SEED+SCB" ] || [ "${CHOICE}" == "ONLYSEED" ]; then - - # trigger wallet recovery - source <(python3 /home/admin/config.scripts/lnd.initwallet.py seed ${passwordC} "${wordstring}" ${passwordD} 2>/dev/null) - - # check if wallet was created for real - if [ ${#err} -eq 0 ]; then - walletExists=$(sudo ls /mnt/hdd/lnd/data/chain/${network}/${chain}net/wallet.db 2>/dev/null | grep wallet.db -c) - if [ ${walletExists} -eq 0 ]; then - err="Was not able to create wallet (unknown error)." - fi - fi - - # set fundRecovery=1 in raspiblitz.info - sed -i "s/^fundRecovery=.*/fundRecovery=1/g" /home/admin/raspiblitz.info - - # user feedback - if [ ${#err} -eq 0 ]; then - dialog --title " SUCCESS " --msgbox " -Looks good :) LND was able to recover the wallet. - -IMPORTANT: LND needs now to scan the blockchain -for your funds - this can take some extra time. - " 10 60 - clear - - else - whiptail --title " FAIL " --msgbox " -Something went wrong - see info below: - -${err} -${errMore} - " 13 72 - clear - echo "Restarting LND Wallet Setup .." - sleep 2 - echo - /home/admin/70initLND.sh - exit 1 - fi - fi - - fi # END OLD WALLET - -else - echo "OK - LND wallet already exists." -fi - - -echo "waiting .." -sleep 10 -dialog --pause " Waiting for LND - please wait .." 8 58 45 - -############################ -# Copy LND macaroons to admin -############################ - -clear -echo "" -echo "*** Copy LND Macaroons to user admin ***" - -# check if macaroon exists and if not try to unlock LND wallet first -macaroonExists=$(sudo -u bitcoin ls -la /home/bitcoin/.lnd/data/chain/${network}/${chain}net/admin.macaroon 2>/dev/null | grep -c admin.macaroon) -if [ ${macaroonExists} -eq 0 ]; then - /home/admin/config.scripts/lnd.unlock.sh - sleep 3 -fi - -# check if macaroon exists now - if not fail -macaroonExists=$(sudo -u bitcoin ls -la /home/bitcoin/.lnd/data/chain/${network}/${chain}net/admin.macaroon 2>/dev/null | grep -c admin.macaroon) -if [ ${macaroonExists} -eq 0 ]; then - sudo -u bitcoin ls -la /home/bitcoin/.lnd/data/chain/${network}/${chain}net/admin.macaroon - echo "" - echo "FAIL - LND Macaroons not created" - echo "Please check the following LND issue:" - echo "https://github.com/lightningnetwork/lnd/issues/890" - echo "You may want try again with starting ./70initLND.sh" - exit 1 -fi - -# copy macaroons to all needed users -sudo /home/admin/config.scripts/lnd.credentials.sh sync -echo "OK - LND Macaroons created and copied" -echo "" - -###### Unlock Wallet (if needed) -echo "*** Check Wallet Lock ***" -locked=$(sudo tail -n 1 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2>/dev/null | grep -c unlock) -if [ ${locked} -gt 0 ]; then - echo "OK - Wallet is locked ... starting unlocking dialog" - /home/admin/config.scripts/lnd.unlock.sh -else - echo "OK - Wallet is already unlocked" -fi -echo "" - -if [ ${setupStep} -lt 100 ]; then - - # set SetupState (scan is done - so its 80%) - sudo sed -i "s/^setupStep=.*/setupStep=80/g" /home/admin/raspiblitz.info - - ###### finishSetup - sudo /home/admin/90finishSetup.sh - sudo /home/admin/95finalSetup.sh - -else - - # its important that RaspiBlitz dont get rebooted - # before LND rescan is finished - whiptail --title "RESET DONE" --msgbox " -OK LND Reset is done. -You may now give it -extra time to rescan. -" 10 25 - -fi diff --git a/home.admin/80scanLND.sh b/home.admin/80scanLND.sh deleted file mode 100755 index e269d0a49..000000000 --- a/home.admin/80scanLND.sh +++ /dev/null @@ -1,274 +0,0 @@ -#!/bin/bash - -source /home/admin/_version.info -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf - -# all system/service info gets detected by blitz.statusscan.sh -source <(sudo /home/admin/config.scripts/blitz.statusscan.sh) -source <(sudo /home/admin/config.scripts/internet.sh status) - -# when admin and no other error found run LND setup check -if [ "$USER" == "admin" ] && [ ${#lndErrorFull} -eq 0 ]; then - lndErrorFull=$(sudo /home/admin/config.scripts/lnd.check.sh basic-setup | grep "err=" | tail -1) -fi - -# set follow up info different for LCD and ADMIN -adminStr="ssh admin@${localip} ->Password A" -if [ "$USER" == "admin" ]; then - adminStr="Use CTRL+c to EXIT to Terminal" -fi - -# waiting for Internet connection -if [ "${state}" = "nointernet" ]; then - l1="Waiting for Internet ...\n" - l2="Please check infrastructure:\n" - l3="Router online? Network connected?\n" - dialog --backtitle "RaspiBlitz ${codeVersion} ${localip}" --infobox "$l1$l2$l3" 5 45 - sleep 3 - exit 0 -fi - -# bitcoin errors always first -if [ ${bitcoinActive} -eq 0 ] || [ ${#bitcoinErrorFull} -gt 0 ] || [ "${1}" == "blockchain-error" ]; then - - #################### - # Copy Blockchain Source Mode - # https://github.com/rootzoll/raspiblitz/issues/1081 - #################### - - if [ "${state}" = "copysource" ]; then - l1="Copy Blockchain Source Modus\n" - l2="May needs restart node when done.\n" - l3="Restart from Terminal: restart" - dialog --backtitle "RaspiBlitz ${codeVersion} (${state}) ${localIP}" --infobox "$l1$l2$l3" 5 45 - sleep 3 - exit 1 - fi - - #################### - # On Bitcoin Error - #################### - - height=6 - width=43 - title="Blockchain Info" - - if [ ${#bitcoinErrorShort} -eq 0 ]; then - bitcoinErrorShort="Initial Startup - Please Wait" - fi - - if [ "$USER" != "admin" ]; then - - if [ ${uptime} -gt 600 ]; then - if [ ${uptime} -gt 1000 ] || [ ${#bitcoinErrorFull} -gt 0 ] || [ "${1}" == "blockchain-error" ]; then - infoStr=" The ${network}d service is NOT RUNNING!\n ${bitcoinErrorShort}\n Login for more details & options:" - else - infoStr=" The ${network}d service is running:\n ${bitcoinErrorShort}\n Login with SSH for more details:" - fi - else - infoStr=" The ${network}d service is starting:\n ${bitcoinErrorShort}\n Login with SSH for more details:" - fi - - else - - # output when user login in as admin and bitcoind is not running - if [ ${uptime} -lt 600 ]; then - infoStr=" The ${network}d service is starting:\n ${bitcoinErrorShort}\n Please wait at least 10min ..." - elif [[ "${bitcoinErrorFull}" == *"error code: -28"* ]]; then - infoStr=" The ${network}d service is warming up:\n ${bitcoinErrorShort}\n Please wait ..." - elif [ ${#bitcoinErrorFull} -gt 0 ] || [ "${bitcoinErrorShort}" == "Error found in Logs" ] || [ "${1}" == "blockchain-error" ]; then - clear - echo "" - echo "*****************************************" - echo "* The ${network}d service is not running." - echo "*****************************************" - echo "If you just started some config/setup, this might be OK." - echo - if [ ${startcountBlockchain} -gt 1 ]; then - echo "${startcountBlockchain} RESTARTS DETECTED - ${network}d might be in a error loop" - cat /home/admin/systemd.blockchain.log | grep "ERROR" | tail -n -1 - echo - fi - if [ ${#bitcoinErrorFull} -gt 0 ]; then - echo "More Error Detail:" - echo ${bitcoinErrorFull} - echo - fi - - echo "POSSIBLE OPTIONS:" - source <(/home/admin/config.scripts/network.txindex.sh status) - if [ "${txindex}" == "1" ]; then - echo "-> Use command 'repair' and then choose 'DELETE-INDEX' to try rebuilding transaction index." - fi - echo "-> Use command 'repair' and then choose 'RESET-CHAIN' to try downloading new blockchain." - echo "-> Use command 'debug' for more log output you can use for getting support." - echo "-> Use command 'menu' to open main menu." - echo "-> Have you tried to turn it off and on again? Use command 'restart'" - echo "" - exit 1 - fi - - fi - -# LND errors second -elif [ ${lndActive} -eq 0 ] || [ ${#lndErrorFull} -gt 0 ] || [ "${1}" == "lightning-error" ]; then - - #################### - # On LND Error - #################### - - height=6 - width=43 - title="Lightning Info" - if [ ${uptime} -gt 600 ] || [ "${1}" == "lightning-error" ]; then - if [ ${#lndErrorShort} -gt 0 ]; then - height=6 - lndErrorShort=" ${lndErrorShort}\n" - fi - if [ ${lndActive} -eq 0 ]; then - infoStr=" The LND service is not running.\n${lndErrorShort} Login for more details:" - else - infoStr=" The LND service is running with error.\n${lndErrorShort} Login for more details:" - fi - if [ "$USER" == "admin" ]; then - clear - echo "" - echo "****************************************" - if [ ${lndActive} -eq 0 ]; then - echo "* The LND service is not running." - else - echo "* The LND service is running with error." - fi - echo "****************************************" - echo "If you just started some config/setup, this might be OK." - echo - if [ ${startcountLightning} -gt 1 ]; then - echo "${startcountLightning} RESTARTS DETECTED - LND might be in a error loop" - cat /home/admin/systemd.lightning.log | grep "ERROR" | tail -n -1 - fi - sudo journalctl -u lnd -b --no-pager -n14 | grep "lnd\[" - sudo /home/admin/config.scripts/lnd.check.sh basic-setup | grep "err=" - if [ ${#lndErrorFull} -gt 0 ]; then - echo "More Error Detail:" - echo ${lndErrorFull} - fi - echo - echo "-> Use command 'repair' and then choose 'BACKUP-LND' to make a just in case backup." - echo "-> Use command 'debug' for more log output you can use for getting support." - echo "-> Use command 'menu' to open main menu." - echo "-> Have you tried to turn it off and on again? Use command 'restart'" - echo "" - exit 1 - else - source <(sudo /home/admin/config.scripts/lnd.check.sh basic-setup) - if [ ${wallet} -eq 0 ] || [ ${macaroon} -eq 0 ] || [ ${config} -eq 0 ] || [ ${tls} -eq 0 ]; then - infoStr=" The LND service needs RE-SETUP.\n Login with SSH to continue:" - fi - fi - else - infoStr=" The LND service is starting.\n Login for more details:" - if [ "$USER" == "admin" ]; then - infoStr=" The LND service is starting.\n Please wait up to 5min ..." - fi - fi - -# if LND wallet is locked -elif [ ${walletLocked} -gt 0 ]; then - - height=5 - width=43 - - if [ "${autoUnlock}" = "on" ]; then - title="Auto Unlock" - infoStr=" Waiting for Wallet Auto-Unlock.\n Please wait up to 5min ..." - else - - if [ "$USER" == "admin" ]; then - /home/admin/config.scripts/lnd.unlock.sh - else - title="Action Required" - infoStr=" LND WALLET IS LOCKED !!!\n" - if [ "${rtlWebinterface}" = "on" ]; then - height=6 - infoStr="${infoStr} Browser: http://${localip}:3000\n PasswordB=login / PasswordC=unlock" - else - infoStr="${infoStr} Please use SSH to unlock:" - fi - if [ ${startcountLightning} -gt 1 ]; then - width=45 - height=$((height+3)) - infoStr=" LIGHTNING RESTARTED - login for details\n${infoStr}" - adminStr="${adminStr}\n or choose 'INFO' in main menu\n or type 'raspiblitz' on terminal" - fi - fi - - fi - -else - - #################### - # Sync Progress - #################### - - # check number of peers - source <(sudo -u admin /home/admin/config.scripts/network.monitor.sh peer-status) - - # basic dialog info - height=6 - width=45 - title="Node is Syncing" - actionString="Please wait - this can take some time" - - # formatting BLOCKCHAIN SYNC PROGRESS - if [ ${#syncProgress} -eq 0 ]; then - if [ ${startcountBlockchain} -lt 2 ]; then - syncProgress="waiting" - else - syncProgress="${startcountBlockchain} restarts" - actionString="Login with SSH for more details:" - fi - elif [ ${#syncProgress} -lt 6 ]; then - syncProgress=" ${syncProgress} % ${peers} peers" - else - syncProgress="${syncProgress} % ${peers} peers" - fi - - # formatting LIGHTNING SCAN PROGRESS - if [ ${#scanProgress} -eq 0 ]; then - - # in case of LND RPC is not ready yet - if [ ${scanTimestamp} -eq -2 ]; then - - scanProgress="prepare sync" - - # in case LND restarting >2 - elif [ ${startcountLightning} -gt 2 ]; then - - scanProgress="${startcountLightning} restarts" - actionString="Login with SSH for more details:" - - # check if a specific error can be identified for restarts - lndSetupErrorCount=$(sudo /home/admin/config.scripts/lnd.check.sh basic-setup | grep -c "err=") - if [ ${lndSetupErrorCount} -gt 0 ]; then - scanProgress="possible error" - fi - - # unkown cases - else - scanProgress="waiting" - fi - - elif [ ${#scanProgress} -lt 6 ]; then - scanProgress=" ${scanProgress} % ${lndPeers} peers" - else - scanProgress="${scanProgress} % ${lndPeers} peers" - fi - - # setting info string - infoStr=" Blockchain Progress : ${syncProgress}\n Lightning Progress : ${scanProgress}\n ${actionString}" - -fi - -# display info to user -dialog --title " ${title} " --backtitle "RaspiBlitz ${codeVersion} ${hostname} / ${network} / ${chain} / ${tempCelsius}°C" --infobox "${infoStr}\n ${adminStr}" ${height} ${width} diff --git a/home.admin/90finishSetup.sh b/home.admin/90finishSetup.sh deleted file mode 100755 index e1356f8f1..000000000 --- a/home.admin/90finishSetup.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash -echo "" - -# add bonus scripts (auto install deactivated to reduce third party repos) -/home/admin/91addBonus.sh - -###### SWAP File -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) -if [ ${isSwapExternal} -eq 0 ]; then - - echo "No external SWAP found - creating ... " - sudo /home/admin/config.scripts/blitz.datadrive.sh swap on - -else - echo "SWAP already OK" -fi - -####### FIREWALL - just install (not configure) -echo "" -echo "*** Setting and Activating Firewall ***" -echo "deny incoming connection on other ports" -sudo ufw default deny incoming -echo "allow outgoing connections" -sudo ufw default allow outgoing -echo "allow: ssh" -sudo ufw allow ssh -echo "allow: bitcoin testnet" -sudo ufw allow 18333 comment 'bitcoin testnet' -echo "allow: bitcoin mainnet" -sudo ufw allow 8333 comment 'bitcoin mainnet' -echo "allow: litecoin mainnet" -sudo ufw allow 9333 comment 'litecoin mainnet' -echo 'allow: lightning testnet' -sudo ufw allow 19735 comment 'lightning testnet' -echo "allow: lightning mainnet" -sudo ufw allow 9735 comment 'lightning mainnet' -echo "allow: lightning gRPC" -sudo ufw allow 10009 comment 'lightning gRPC' -echo "allow: lightning REST API" -sudo ufw allow 8080 comment 'lightning REST API' -echo "allow: transmission" -sudo ufw allow 49200:49250/tcp comment 'rtorrent' -echo "allow: public web HTTP" -sudo ufw allow from any to any port 80 comment 'allow public web HTTP' -echo "allow: local web admin HTTPS" -sudo ufw allow from 10.0.0.0/8 to any port 443 comment 'allow local LAN HTTPS' -sudo ufw allow from 172.16.0.0/12 to any port 443 comment 'allow local LAN HTTPS' -sudo ufw allow from 192.168.0.0/16 to any port 443 comment 'allow local LAN HTTPS' -echo "open firewall for auto nat discover (see issue #129)" -sudo ufw allow proto udp from 10.0.0.0/8 port 1900 to any comment 'allow local LAN SSDP for UPnP discovery' -sudo ufw allow proto udp from 172.16.0.0/12 port 1900 to any comment 'allow local LAN SSDP for UPnP discovery' -sudo ufw allow proto udp from 192.168.0.0/16 port 1900 to any comment 'allow local LAN SSDP for UPnP discovery' -echo "enable lazy firewall" -sudo ufw --force enable -echo "" - -# update system -echo "" -echo "*** Update System ***" -sudo apt-mark hold raspberrypi-bootloader -sudo apt-get update -y -echo "OK - System is now up to date" - -# mark setup is done -sudo sed -i "s/^setupStep=.*/setupStep=100/g" /home/admin/raspiblitz.info diff --git a/home.admin/91addBonus.sh b/home.admin/91addBonus.sh deleted file mode 100755 index 9287c512d..000000000 --- a/home.admin/91addBonus.sh +++ /dev/null @@ -1,12 +0,0 @@ - -mkdir /home/admin/tmpScriptDL -cd /home/admin/tmpScriptDL -echo "installing bash completion for bitcoin-cli and lncli" -wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/bitcoin-cli.bash-completion -wget https://raw.githubusercontent.com/lightningnetwork/lnd/master/contrib/lncli.bash-completion -sudo cp *.bash-completion /etc/bash_completion.d/ -echo "OK - bash completion available after next login" -echo "type \"bitcoin-cli getblockch\", press [Tab] → bitcoin-cli getblockchaininfo" -rm -r /home/admin/tmpScriptDL - -cd diff --git a/home.admin/95finalSetup.sh b/home.admin/95finalSetup.sh deleted file mode 100755 index 61f655c2b..000000000 --- a/home.admin/95finalSetup.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -echo "" - -# load setup config -source /home/admin/raspiblitz.info - -# in case the config already exists -source /mnt/hdd/raspiblitz.conf 2>/dev/null - -# load version -source /home/admin/_version.info - -# show info to user -sudo sed -i "s/^state=.*/state=reboot/g" /home/admin/raspiblitz.info -dialog --backtitle "RaspiBlitz - Setup" --title " RaspiBlitz Setup is done :) " --msgbox " - After reboot RaspiBlitz - needs to be unlocked and - sync with the network. - - Press OK for a final reboot. -" 10 42 - -# let migration/init script do the rest -/home/admin/_bootstrap.migration.sh - -# copy logfile to analyse setup -cp $logFile /home/admin/raspiblitz.setup.log - -# set the name of the node -echo "Setting the Name/Alias/Hostname .." -sudo /home/admin/config.scripts/lnd.setname.sh ${hostname} - -# expanding the root of the sd card -if [ "${baseimage}" = "raspbian" ] || [ "${baseimage}" = "raspios_arm64" ]; then - sudo raspi-config --expand-rootfs - sudo sed -i "s/^fsexpanded=.*/fsexpanded=1/g" /home/admin/raspiblitz.info -elif [ "${baseimage}" = "armbian" ]; then - sudo /usr/lib/armbian/armbian-resize-filesystem start - sudo sed -i "s/^fsexpanded=.*/fsexpanded=1/g" /home/admin/raspiblitz.info -fi - -# mark setup is done -sudo sed -i "s/^setupStep=.*/setupStep=100/g" /home/admin/raspiblitz.info - -clear -echo "Setup done. Rebooting now." -sudo -u bitcoin ${network}-cli stop - -sleep 3 -sudo /home/admin/XXshutdown.sh reboot \ No newline at end of file diff --git a/home.admin/97addMobileWallet.sh b/home.admin/97addMobileWallet.sh index e67fc0e49..b3651c916 100755 --- a/home.admin/97addMobileWallet.sh +++ b/home.admin/97addMobileWallet.sh @@ -4,9 +4,19 @@ source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf +if [ "$1" = "-h" ] || [ "$1" = "-help" ];then + echo "Usage:" + echo "97addMobileWallet.sh " + echo "defaults from the configs are:" + echo "ligthning=${lightning}" + echo "chain=${chain}" +fi + justLocal=1 aks4IP2TOR=0 +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) + # if TOR is activated then outside reach is possible (no notice) if [ "${runBehindTor}" = "on" ]; then echo "# runBehindTor ON" @@ -131,23 +141,30 @@ checkIP2TOR() fi } -# Also Zap-Android deactivated for now - see: https://github.com/rootzoll/raspiblitz/issues/2198#issuecomment-822808428 -#OPTIONS=(ZAP_ANDROID "Zap Wallet (Android)" \ -# ZAP_IOS "Zap Wallet (iOS)" \ -OPTIONS=(ZEUS_IOS "Zeus Wallet (iOS)" \ - ZEUS_ANDROID "Zeus Wallet (Android)" \ - SPHINX "Sphinx Chat (Android or iOS)" - ) +OPTIONS=() -# add SEND MANY APP -OPTIONS+=(SENDMANY_ANDROID "SendMany (Android)") - -# Additional Options with TOR -if [ "${runBehindTor}" = "on" ]; then - OPTIONS+=(FULLY_NODED "Fully Noded (IOS+TOR)") +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + # Zap deactivated for now - see: https://github.com/rootzoll/raspiblitz/issues/2198#issuecomment-822808428 + OPTIONS+=(ZEUS_IOS "Zeus to LND (iOS)") + OPTIONS+=(ZEUS_ANDROID "Zeus to LND (Android)") + OPTIONS+=(SPHINX "Sphinx Chat to LND (Android/iOS)") + OPTIONS+=(SENDMANY_ANDROID "SendMany to LND (Android)") + OPTIONS+=(FULLYNODED_LND "Fully Noded to LND REST (iOS+Tor)") fi -CHOICE=$(whiptail --clear --title "Choose Mobile Wallet" --menu "" 14 50 8 "${OPTIONS[@]}" 2>&1 >/dev/tty) +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + OPTIONS+=(ZEUS_CLREST "Zeus to C-lightningREST (Android or iOS)") + OPTIONS+=(ZEUS_SPARK "Zeus to Sparko (Android or iOS)") + OPTIONS+=(SPARK "Spark Wallet to Sparko (Android - EXPERIMENTAL)" ) + OPTIONS+=(FULLYNODED_CL "Fully Noded to CL REST (iOS+Tor)") +fi + +# Additional Options with Tor +if [ "${runBehindTor}" = "on" ]; then + OPTIONS+=(FULLYNODED_BTC "Fully Noded to bitcoinRPC (iOS+Tor)") +fi + +CHOICE=$(whiptail --clear --title "Choose Mobile Wallet" --menu "" 16 75 10 "${OPTIONS[@]}" 2>&1 >/dev/tty) /home/admin/config.scripts/blitz.display.sh hide @@ -155,7 +172,7 @@ clear echo "creating install info ..." case $CHOICE in CLOSE) - exit 1; + exit 0; ;; SPHINX) if [ "${sphinxrelay}" != "on" ]; then @@ -173,16 +190,16 @@ case $CHOICE in fi # make pairing thru sphinx relay script /home/admin/config.scripts/bonus.sphinxrelay.sh menu - exit 1; + exit 0; ;; ZAP_IOS) appstoreLink="https://apps.apple.com/us/app/zap-bitcoin-lightning-wallet/id1406311960" #/home/admin/config.scripts/blitz.display.sh qr ${appstoreLink} #whiptail --title "Install Testflight and Zap on your iOS device" \ - # --yes-button "continue" \ - # --no-button "link as QR code" \ - # --yesno "Search for 'Zap Bitcoin' in Apple Appstore for basic version\nOr join public beta test for latest features:\n${appstoreLink}\n\nJoin testing and follow ALL instructions.\n\nWhen installed and started -> continue" 11 65 - # if [ $? -eq 1 ]; then + # --yes-button "continue" \ + # --no-button "link as QR code" \ + # --yesno "Search for 'Zap Bitcoin' in Apple Appstore for basic version\nOr join public beta test for latest features:\n${appstoreLink}\n\nJoin testing and follow ALL instructions.\n\nWhen installed and started -> continue" 11 65 + # if [ $? -eq 1 ]; then # /home/admin/config.scripts/blitz.display.sh qr-console ${appstoreLink} #fi @@ -206,7 +223,7 @@ Or scan the qr code on the LCD with your mobile phone. choose_IP_or_TOR fi /home/admin/config.scripts/bonus.lndconnect.sh zap-ios ${connect} - exit 1; + exit 0; ;; ZAP_ANDROID) appstoreLink="https://play.google.com/store/apps/details?id=zapsolutions.zap" @@ -229,7 +246,7 @@ Or scan the qr code on the LCD with your mobile phone. choose_IP_or_TOR fi /home/admin/config.scripts/bonus.lndconnect.sh zap-android ${connect} - exit 1; + exit 0; ;; SENDMANY_ANDROID) @@ -241,7 +258,7 @@ To use the chat feature of the SendMany app, you need to activate the Keysend fe Please go to MAINMENU > SERVICES and activate KEYSEND first. " 12 65 - exit 1 + exit 0 fi appstoreLink="https://github.com/fusion44/sendmany/releases" @@ -256,22 +273,22 @@ Please go to MAINMENU > SERVICES and activate KEYSEND first. /home/admin/config.scripts/blitz.display.sh hide checkIP2TOR LND-GRPC-API /home/admin/config.scripts/bonus.lndconnect.sh sendmany-android ${connect} - exit 1; + exit 0; ;; ZEUS_IOS) - appstoreLink="https://testflight.apple.com/join/gpVFzEHN" + appstoreLink="https://apps.apple.com/us/app/zeus-ln/id1456038895" /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_zeus.png - whiptail --title "Install Testflight and Zeus on your iOS device" \ + whiptail --title "Install Zeus on your iOS device" \ --yes-button "Continue" \ - --no-button "Link as QR Code" \ - --yesno "At the moment this app is in public beta testing.\nFirst open Apple Apstore, search & install 'TestFlight' app.\n\nThen open the following link on your mobile:\n${appstoreLink}\n\nUse 'Open In TestFlight' option of your mobile browser.\nWhen Zeus is installed and started --> Continue." 14 65 + --no-button "Link as QRcode" \ + --yesno "Open the Apple App Store on your mobile phone.\n\nSearch for --> 'zeus ln'\n\nCheck that logo is like on LCD and author is: Zeus LN LLC\nWhen the app is installed and started --> Continue." 12 65 if [ $? -eq 1 ]; then /home/admin/config.scripts/blitz.display.sh qr ${appstoreLink} /home/admin/config.scripts/blitz.display.sh qr-console ${appstoreLink} fi /home/admin/config.scripts/blitz.display.sh hide /home/admin/config.scripts/bonus.lndconnect.sh zeus-ios tor - exit 1; + exit 0; ;; ZEUS_ANDROID) appstoreLink="https://play.google.com/store/apps/details?id=app.zeusln.zeus" @@ -279,7 +296,7 @@ Please go to MAINMENU > SERVICES and activate KEYSEND first. whiptail --title "Install Zeus on your Android Phone" \ --yes-button "Continue" \ --no-button "StoreLink" \ - --yesno "Open the Android Play Store on your mobile phone.\n\nSearch for --> 'zeus bitcoin app'\n\nCheck that logo is like on LCD and author is: Evan Kaloudis\nWhen app is installed and started --> Continue." 12 65 + --yesno "Open the Android Play Store on your mobile phone.\n\nSearch for --> 'zeus ln'\n\nCheck that logo is like on LCD and author is: Evan Kaloudis\nWhen app is installed and started --> Continue." 12 65 if [ $? -eq 1 ]; then /home/admin/config.scripts/blitz.display.sh qr ${appstoreLink} whiptail --title " App Store Link " --msgbox "\ @@ -290,9 +307,10 @@ Or scan the qr code on the LCD with your mobile phone. fi /home/admin/config.scripts/blitz.display.sh hide /home/admin/config.scripts/bonus.lndconnect.sh zeus-android tor - exit 1; + exit 0; ;; - FULLY_NODED) + + FULLYNODED_BTC) appstoreLink="https://apps.apple.com/us/app/fully-noded/id1436425586" /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_fullynoded.png whiptail --title "Install Fully Noded on your iOS device" \ @@ -309,6 +327,96 @@ Or scan the qr code on the LCD with your mobile phone. fi /home/admin/config.scripts/blitz.display.sh hide /home/admin/config.scripts/bonus.fullynoded.sh - exit 1; + exit 0; ;; + + FULLYNODED_LND) + appstoreLink="https://apps.apple.com/us/app/fully-noded/id1436425586" + /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_fullynoded.png + whiptail --title "Install Fully Noded on your iOS device" \ + --yes-button "Continue" \ + --no-button "StoreLink" \ + --yesno "Open the Apple App Store on your mobile phone.\n\nSearch for --> 'fully noded'\n\nCheck that logo is like on LCD and author is: Denton LLC\nWhen app is installed and started --> Continue." 12 65 + if [ $? -eq 1 ]; then + /home/admin/config.scripts/blitz.display.sh qr ${appstoreLink} + whiptail --title " App Store Link " --msgbox "\ +To install app open the following link:\n +${appstoreLink}\n +Or scan the qr code on the LCD with your mobile phone. +" 11 70 + fi + /home/admin/config.scripts/blitz.display.sh hide + /home/admin/config.scripts/bonus.lndconnect.sh fullynoded-lnd tor + exit 0; + ;; + + FULLYNODED_CL) + if [ ! -L /home/bitcoin/cl-plugins-enabled/c-lightning-http-plugin ];then + /home/admin/config.scripts/cl-plugin.http.sh on + fi + appstoreLink="https://apps.apple.com/us/app/fully-noded/id1436425586" + /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_fullynoded.png + whiptail --title "Install Fully Noded on your iOS device" \ + --yes-button "Continue" \ + --no-button "StoreLink" \ + --yesno "Open the Apple App Store on your mobile phone.\n\nSearch for --> 'fully noded'\n\nCheck that logo is like on LCD and author is: Denton LLC\nWhen app is installed and started --> Continue." 12 65 + if [ $? -eq 1 ]; then + /home/admin/config.scripts/blitz.display.sh qr ${appstoreLink} + whiptail --title " App Store Link " --msgbox "\ +To install app open the following link:\n +${appstoreLink}\n +Or scan the qr code on the LCD with your mobile phone. +" 11 70 + fi + /home/admin/config.scripts/blitz.display.sh hide + /home/admin/config.scripts/cl-plugin.http.sh connect + exit 0; + ;; + +ZEUS_CLREST) + /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_zeus.png + whiptail --title "Install Zeus on your Android or iOS Phone" \ + --yes-button "Continue" \ + --no-button "Cancel" \ + --yesno "Open the https://zeusln.app/ on your mobile phone to find the App Store link or binary for your phone.\n\nWhen the app is installed and started --> Continue." 12 65 + if [ $? -eq 1 ]; then + exit 0 + fi + /home/admin/config.scripts/blitz.display.sh hide + /home/admin/config.scripts/cl.rest.sh connect + exit 0; + ;; +ZEUS_SPARK) + /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_zeus.png + whiptail --title "Install Zeus on your Android or iOS Phone" \ + --yes-button "Continue" \ + --no-button "Cancel" \ + --yesno "Open the https://zeusln.app/ on your mobile phone to find the App Store link or binary for your phone.\n\nWhen the app is installed and started --> Continue." 12 65 + if [ $? -eq 1 ]; then + exit 0 + fi + /home/admin/config.scripts/blitz.display.sh hide + /home/admin/config.scripts/cl-plugin.sparko.sh connect + exit 0; + ;; +SPARK) + appstoreLink="https://github.com/shesek/spark-wallet#mobile-app" + /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_zeus.png + whiptail --title "Install Zeus on your Android Phone" \ + --yes-button "Continue" \ + --no-button "GitHub link" \ + --yesno "Open the ${appstoreLink} on Android to find the App Store link or binary for your phone.\n\nWhen the app is installed and started --> Continue." 12 65 + if [ $? -eq 1 ]; then + /home/admin/config.scripts/blitz.display.sh qr ${appstoreLink} + whiptail --title " GitHub link " --msgbox "\ +To install app open the following link:\n +${appstoreLink}\n +Or scan the QR code on the LCD with your mobile phone. +" 11 70 + fi + /home/admin/config.scripts/blitz.display.sh hide + /home/admin/config.scripts/cl-plugin.sparko.sh connect + exit 0; +;; + esac diff --git a/home.admin/98repairBlockchain.sh b/home.admin/98repairBlockchain.sh index e31dcad59..c4c101903 100755 --- a/home.admin/98repairBlockchain.sh +++ b/home.admin/98repairBlockchain.sh @@ -26,14 +26,14 @@ elif [ "${CHOICE}" = "RESYNC" ]; then dialog --pause "OK. System will reboot to activate changes." 8 58 8 clear echo "rebooting .. (please wait)" - sudo /home/admin/XXshutdown.sh reboot + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot elif [ "${CHOICE}" = "REINDEX" ]; then echo "Starting REINDEX ..." sudo /home/admin/config.scripts/network.reindex.sh elif [ "${CHOICE}" = "BACKUP" ]; then - sudo /home/admin/config.scripts/lnd.rescue.sh backup + sudo /home/admin/config.scripts/lnd.backup.sh lnd-export-gui echo "PRESS ENTER to continue." read key diff --git a/home.admin/98repairMenu.sh b/home.admin/98repairMenu.sh index afcfe5bd4..0336383c3 100755 --- a/home.admin/98repairMenu.sh +++ b/home.admin/98repairMenu.sh @@ -20,7 +20,7 @@ Download LND Data Backup now? echo "*************************************" echo "please wait .." sleep 2 - /home/admin/config.scripts/lnd.rescue.sh backup + /home/admin/config.scripts/lnd.backup.sh lnd-export-gui echo echo "PRESS ENTER to continue once you are done downloading." read key @@ -31,7 +31,7 @@ Download LND Data Backup now? echo "*************************************" echo "please wait .." sleep 2 - /home/admin/config.scripts/lnd.rescue.sh backup no-download + /home/admin/config.scripts/lnd.backup.sh lnd-export fi } @@ -46,136 +46,23 @@ RaspiBlitz image to your SD card. " 12 40 } -copyHost() -{ - clear - echo - echo "# *** Copy Blockchain Source Modus ***" - - echo "# get IP of RaspiBlitz to copy to ..." - targetIP=$(whiptail --inputbox "\nPlease enter the LOCAL IP of the\nRaspiBlitz to copy Blockchain to:" 10 38 "" --title " Target IP " --backtitle "RaspiBlitz - Copy Blockchain" 3>&1 1>&2 2>&3) - targetIP=$(echo "${targetIP[0]}") - localIP=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') - if [ ${#targetIP} -eq 0 ]; then - return - fi - if [ "${localIP}" == "${targetIP}" ]; then - whiptail --msgbox "Dont type in the local IP of this RaspiBlitz,\nthe LOCAL IP of the other RaspiBlitz is needed." 8 54 "" --title " Testing Target IP " --backtitle "RaspiBlitz - Copy Blockchain" - return - fi - canPingIP=$(ping ${targetIP} -c 1 | grep -c "1 received") - if [ ${canPingIP} -eq 0 ]; then - whiptail --msgbox "Was not able to contact/ping: ${targetIP}\n\n- check if IP of target RaspiBlitz is correct.\n- check to be on the same local network.\n- try again ..." 11 58 "" --title " Testing Target IP " --backtitle "RaspiBlitz - Copy Blockchain" - return - fi - - echo "# get Password of RaspiBlitz to copy to ..." - targetPassword=$(whiptail --passwordbox "\nPlease enter the PASSWORD A of the\nRaspiBlitz to copy Blockchain to:" 10 38 "" --title "Target Password" --backtitle "RaspiBlitz - Copy Blockchain" 3>&1 1>&2 2>&3) - if [ ${#targetPassword} -eq 0 ]; then - return - fi - - sudo rm /root/.ssh/known_hosts 2>/dev/null - canLogin=$(sudo sshpass -p "${targetPassword}" ssh -t -o StrictHostKeyChecking=no bitcoin@${targetIP} "echo 'working'" 2>/dev/null | grep -c 'working') - if [ ${canLogin} -eq 0 ]; then - whiptail --msgbox "Password was not working for IP: ${targetIP}\n\n- check thats the correct IP for correct RaspiBlitz\n- check that you used PASSWORD A and had no typo\n- If you tried too often, wait 1h try again" 11 58 "" --title " Testing Target Password " --backtitle "RaspiBlitz - Copy Blockchain" - return - fi - - echo "# stopping services ..." - sudo systemctl stop background - sudo systemctl stop lnd - sudo systemctl stop ${network}d - sudo systemctl disable ${network}d - sleep 5 - sudo systemctl stop bitcoind 2>/dev/null - - clear - echo - echo "# Starting copy over LAN (around 4-6 hours) ..." - sed -i "s/^state=.*/state=copysource/g" /home/admin/raspiblitz.info - cd /mnt/hdd/${network} - - # transfer beginning flag - date +%s > /home/admin/copy_begin.time - sudo sshpass -p "${targetPassword}" rsync -avhW -e 'ssh -o StrictHostKeyChecking=no -p 22' /home/admin/copy_begin.time bitcoin@${targetIP}:/mnt/hdd/bitcoin - sudo rm -f /home/admin/copy_begin.time - - # repeat the syncing of directories until - # a) there are no files left to transfer (be robust against failing connections, etc) - # b) the user hits a key to break loop after report - - - while : - do - - # transfer blockchain data - rm -f ./transferred.rsync - sudo sshpass -p "${targetPassword}" rsync -avhW -e 'ssh -o StrictHostKeyChecking=no -p 22' --info=progress2 --log-file=./transferred.rsync ./chainstate ./blocks bitcoin@${targetIP}:/mnt/hdd/bitcoin - - # check result - # the idea is even after successful transfer the loop will run a second time - # but on the second time there will be no files transferred (log lines are below 4) - # thats the signal that its done - linesInLogFile=$(wc -l ./transferred.rsync | cut -d " " -f 1) - if [ ${linesInLogFile} -lt 4 ]; then - echo "" - echo "OK all files transferred. DONE" - sleep 2 - break - fi - - # wait 20 seconds for user exiting loop - echo "" - echo -en "OK on sync loop done ... will test in another if all was transferred." - echo -en "PRESS X TO MANUALLY FINISH SYNCING" - read -n 1 -t 6 keyPressed - if [ "${keyPressed}" = "x" ]; then - echo "" - echo "Ending Sync ..." - sleep 2 - break - fi - - done - - # transfer end flag - sed -i "s/^state=.*/state=/g" /home/admin/raspiblitz.info - date +%s > /home/admin/copy_end.time - sudo sshpass -p "${targetPassword}" rsync -avhW -e 'ssh -o StrictHostKeyChecking=no -p 22' /home/admin/copy_end.time bitcoin@${targetIP}:/mnt/hdd/bitcoin - sudo rm -f /home/admin/copy_end.time - - echo "# start services again ..." - sudo systemctl enable ${network}d - sudo systemctl start ${network}d - sudo systemctl start lnd - sudo systemctl start background - - echo "# show final message" - whiptail --msgbox "OK - Copy Process Finished.\n\nNow check on the target RaspiBlitz if it was successful." 10 40 "" --title " DONE " --backtitle "RaspiBlitz - Copy Blockchain" - -} - -# when called with parameter "sourcemode" -if [ "$1" == "sourcemode" ]; then - copyHost - raspiblitz - exit 0 +OPTIONS=() +#OPTIONS+=(HARDWARE "Run Hardwaretest") +OPTIONS+=(SOFTWARE "Run Softwaretest (DebugReport)") +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(BACKUP-LND "Backup your LND data (Rescue-File)") + OPTIONS+=(RESET-LND "Delete LND & start new node/wallet") fi - -# Basic Options -#OPTIONS=(HARDWARE "Run Hardwaretest" \ -OPTIONS=(SOFTWARE "Run Softwaretest (DebugReport)" \ - BACKUP-LND "Backup your LND data (Rescue-File)" \ - MIGRATION "Migrate Blitz Data to new Hardware" \ - COPY-SOURCE "Copy Blockchain Source Modus" \ - RESET-CHAIN "Delete Blockchain & Re-Download" \ - RESET-LND "Delete LND & start new node/wallet" \ - RESET-HDD "Delete HDD Data but keep Blockchain" \ - RESET-ALL "Delete HDD completely to start fresh" \ - DELETE-ELEC "Delete Electrum Index" \ - DELETE-INDEX "Delete Bitcoin Transaction-Index" - ) +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + OPTIONS+=(REPAIR-CL "Repair/Backup C-Lightning") +fi +OPTIONS+=(MIGRATION "Migrate Blitz Data to new Hardware") +OPTIONS+=(COPY-SOURCE "Copy Blockchain Source Modus") +OPTIONS+=(RESET-CHAIN "Delete Blockchain & Re-Download") +OPTIONS+=(RESET-HDD "Delete HDD Data but keep Blockchain") +OPTIONS+=(RESET-ALL "Delete HDD completely to start fresh") +OPTIONS+=(DELETE-ELEC "Delete Electrum Index") +OPTIONS+=(DELETE-INDEX "Delete Bitcoin Transaction-Index") CHOICE=$(whiptail --clear --title "Repair Options" --menu "" 18 62 11 "${OPTIONS[@]}" 2>&1 >/dev/tty) @@ -184,16 +71,22 @@ case $CHOICE in # HARDWARE) # ;; SOFTWARE) - sudo /home/admin/XXdebugLogs.sh + sudo /home/admin/config.scripts/blitz.debug.sh echo "Press ENTER to return to main menu." read key ;; BACKUP-LND) - sudo /home/admin/config.scripts/lnd.rescue.sh backup + sudo /home/admin/config.scripts/lnd.backup.sh lnd-export-gui echo echo "Press ENTER when your backup download is done to shutdown." read key - /home/admin/XXshutdown.sh + /home/admin/config.scripts/blitz.shutdown.sh + ;; + REPAIR-CL) + sudo /home/admin/99clRepairMenu.sh + echo + echo "Press ENTER to return to main menu." + read key ;; MIGRATION) sudo /home/admin/config.scripts/blitz.migration.sh "export-gui" @@ -212,20 +105,20 @@ case $CHOICE in result="" while [ ${#result} -eq 0 ] do + trap 'rm -f "$_temp"' EXIT _temp=$(mktemp -p /dev/shm/) l1="Please enter the new name of your LND node:\n" l2="different name is better for a fresh identity\n" l3="one word, keep characters basic & not too long" dialog --backtitle "RaspiBlitz - Setup (${network}/${chain})" --inputbox "$l1$l2$l3" 13 52 2>$_temp result=$( cat $_temp | tr -dc '[:alnum:]-.' | tr -d ' ' ) - shred -u $_temp echo "processing ..." sleep 3 done # make sure host is named like in the raspiblitz config echo "Setting the Name/Alias/Hostname .." - sudo /home/admin/config.scripts/lnd.setname.sh ${result} + sudo /home/admin/config.scripts/lnd.setname.sh mainnet ${result} sudo sed -i "s/^hostname=.*/hostname=${result}/g" /mnt/hdd/raspiblitz.conf echo "stopping lnd ..." @@ -235,7 +128,7 @@ case $CHOICE in # go back to main menu (and show) /home/admin/00raspiblitz.sh - exit 1; + exit 0; ;; RESET-HDD) askBackupCopy @@ -253,14 +146,14 @@ case $CHOICE in ;; DELETE-ELEC) /home/admin/config.scripts/bonus.electrs.sh off deleteindex - exit 1; + exit 0; ;; DELETE-INDEX) /home/admin/config.scripts/network.txindex.sh delete - exit 1; + exit 0; ;; COPY-SOURCE) - copyHost + /home/admin/config.scripts/blitz.copychain.sh source /home/admin/config.scripts/lnd.unlock.sh ;; esac diff --git a/home.admin/99clMenu.sh b/home.admin/99clMenu.sh new file mode 100644 index 000000000..1e8a0e9ce --- /dev/null +++ b/home.admin/99clMenu.sh @@ -0,0 +1,119 @@ +#!/bin/bash + +# get raspiblitz config +echo "# get raspiblitz config" +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf + +source <(/home/admin/config.scripts/network.aliases.sh getvars cl $1) + +# get the local network IP to be displayed on the LCD +source <(/home/admin/config.scripts/internet.sh status local) + +# BASIC MENU INFO +WIDTH=64 +BACKTITLE="RaspiBlitz" +TITLE=" C-Lightning Options (${CHAIN})" +MENU="" +OPTIONS=() + OPTIONS+=(FUNDING "Fund the C-lightning wallet onchain") + OPTIONS+=(PEERING "Connect to a peer") + OPTIONS+=(CHANNEL "Open a channel with peer") + OPTIONS+=(SEND "Pay an invoice / payment request") + OPTIONS+=(RECEIVE "Create an invoice / payment request") + OPTIONS+=(SUMMARY "Information about this node") + OPTIONS+=(NAME "Change the name / alias of the node") +ln_getInfo=$($lightningcli_alias getinfo 2>/dev/null) +ln_channels_online="$(echo "${ln_getInfo}" | jq -r '.num_active_channels')" 2>/dev/null +cl_num_inactive_channels="$(echo "${ln_getInfo}" | jq -r '.num_inactive_channels')" 2>/dev/null +openChannels=$((ln_channels_online+cl_num_inactive_channels)) +if [ ${#openChannels} -gt 0 ] && [ ${openChannels} -gt 0 ]; then + OPTIONS+=(SUEZ "Visualize channels") + OPTIONS+=(CLOSEALL "Close all open channels on $CHAIN") +fi + OPTIONS+=(CASHOUT "Withdraw all funds onchain ($CHAIN)") + OPTIONS+=(SEED "Show Wallet Seed Words") + OPTIONS+=(REPAIR-CL "Repair options for C-lightning") +if [ "${lightning}" != "cl" ] && [ "${CHAIN}" == "mainnet" ]; then + OPTIONS+=(SWITCHLN "Use C-lightning as default") +fi + +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) +CHOICE=$(dialog --clear \ + --backtitle "$BACKTITLE" \ + --title "$TITLE" \ + --ok-label "Select" \ + --cancel-label "Main menu" \ + --menu "$MENU" \ + $HEIGHT $WIDTH $CHOICE_HEIGHT \ + "${OPTIONS[@]}" \ + 2>&1 >/dev/tty) + +case $CHOICE in + SUMMARY) + clear + /home/admin/config.scripts/cl-plugin.summary.sh $CHAIN + echo "Press ENTER to return to main menu." + read key + ;; + PEERING) + /home/admin/BBconnectPeer.sh cl $CHAIN + ;; + FUNDING) + /home/admin/BBfundWallet.sh cl $CHAIN + ;; + CASHOUT) + /home/admin/BBcashoutWallet.sh cl $CHAIN + ;; + CHANNEL) + /home/admin/BBopenChannel.sh cl $CHAIN + ;; + SEND) + /home/admin/BBpayInvoice.sh cl $CHAIN + ;; + RECEIVE) + /home/admin/BBcreateInvoice.sh cl $CHAIN + ;; + SEED) + sudo /home/admin/config.scripts/cl.install.sh display-seed $CHAIN + ;; + NAME) + sudo /home/admin/config.scripts/cl.setname.sh $CHAIN + ;; + SUEZ) + clear + if [ ! -f /home/bitcoin/suez/suez ];then + /home/admin/config.scripts/bonus.suez.sh on + fi + cd /home/bitcoin/suez || exit 0 + command="sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez --client=c-lightning --client-args=--conf=${CLCONF}" + echo "# Running the command:" + echo "${command}" + echo + $command + echo + echo "Press ENTER to return to main menu." + read key + ;; + CLOSEALL) + /home/admin/BBcloseAllChannels.sh cl $CHAIN + echo "Press ENTER to return to main menu." + read key + ;; + REPAIR-CL) + /home/admin/99clRepairMenu.sh $CHAIN + ;; + SWITCHLN) + clear + echo + # setting value in the raspiblitz.conf + sudo sed -i "s/^lightning=.*/lightning=cl/g" /mnt/hdd/raspiblitz.conf + echo "# OK - lightning=cl is set in /mnt/hdd/raspiblitz.conf" + echo + echo "Press ENTER to return to main menu." + read key + ;; +esac + +exit 0 \ No newline at end of file diff --git a/home.admin/99clRepairMenu.sh b/home.admin/99clRepairMenu.sh new file mode 100644 index 000000000..c94588a02 --- /dev/null +++ b/home.admin/99clRepairMenu.sh @@ -0,0 +1,180 @@ +#!/bin/bash + +# get raspiblitz config +echo "# get raspiblitz config" +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf + +source <(/home/admin/config.scripts/network.aliases.sh getvars cl $1) + +# get the local network IP to be displayed on the LCD +source <(/home/admin/config.scripts/internet.sh status local) +NETclEncryptedHSM="${netprefix}clEncryptedHSM" + +# BASIC MENU INFO +WIDTH=64 +BACKTITLE="RaspiBlitz" +TITLE="C-lightning repair options for $CHAIN" +MENU="" +OPTIONS=() + +if [ "$(eval echo \$${netprefix}clEncryptedHSM)" = "off" ];then + OPTIONS+=(ENCRYPT "Encrypt the hsm_secret") +elif [ "$(eval echo \$${netprefix}clEncryptedHSM)" = "on" ];then + OPTIONS+=(PASSWORD_C "Change the hsm_secret encryption password") + OPTIONS+=(DECRYPT "Decrypt the hsm_secret") + if [ ! -f "/root/.${netprefix}cl.pw" ]; then + OPTIONS+=(AUTOUNLOCK-ON "Auto-decrypt the hsm_secret after boot") + else + OPTIONS+=(AUTOUNLOCK-OFF "Do not auto-decrypt the hsm_secret after boot") + fi +fi + OPTIONS+=(BACKUP "Full backup (hsm_secret + lightningd.sqlite3") + OPTIONS+=(RESET "Reset the wallet and create new") + OPTIONS+=(FILERESTORE "Restore from a rescue file") + OPTIONS+=(SEEDRESTORE "Restore from a seed (onchain funds only)") + +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) +CHOICE=$(dialog --clear \ + --backtitle "$BACKTITLE" \ + --title "$TITLE" \ + --ok-label "Select" \ + --cancel-label "Main menu" \ + --menu "$MENU" \ + $HEIGHT $WIDTH $CHOICE_HEIGHT \ + "${OPTIONS[@]}" \ + 2>&1 >/dev/tty) + +case $CHOICE in + ENCRYPT) + /home/admin/config.scripts/cl.hsmtool.sh encrypt $CHAIN + source /mnt/hdd/raspiblitz.conf + ;; + + DECRYPT) + /home/admin/config.scripts/cl.hsmtool.sh decrypt $CHAIN + source /mnt/hdd/raspiblitz.conf + ;; + + PASSWORD_C) + /home/admin/config.scripts/cl.hsmtool.sh change-password $CHAIN + ;; + + AUTOUNLOCK-ON) + /home/admin/config.scripts/cl.hsmtool.sh autounlock-on $CHAIN + ;; + + AUTOUNLOCK-OFF) + /home/admin/config.scripts/cl.hsmtool.sh autounlock-off $CHAIN + ;; + + BACKUP) + ## from dialogLightningWallet.sh + # run upload dialog and get result + _temp="/var/cache/raspiblitz/temp/.temp.tmp" + clear + /home/admin/config.scripts/cl.backup.sh cl-export-gui production $_temp + source $_temp 2>/dev/null + sudo rm $_temp 2>/dev/null + echo + echo "Press ENTER when finished downloading." + read key + ;; + + RESET) + # backup + ## from dialogLightningWallet.sh + _temp="/var/cache/raspiblitz/temp/.temp.tmp" + clear + /home/admin/config.scripts/cl.backup.sh cl-export-gui production $_temp + source $_temp 2>/dev/null + sudo rm $_temp 2>/dev/null + echo + echo "The rescue file is stored on the SDcard named cl-rescue.*.tar.gz just in case." + echo + echo "The next step will overwrite the old C-lighthning $CHAIN wallet" + echo "Press ENTER to continue or CTRL+C to abort" + read key + # reset + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.* + # make sure the new hsm_secret is treated as unencrypted and clear autounlock + sudo sed -i \ + "s/^${netprefix}clEncryptedHSM=.*/${netprefix}clEncryptedHSM=off/g" \ + /mnt/hdd/raspiblitz.conf + sudo sed -i \ + "s/^${netprefix}clAutoUnlock=.*/${netprefix}clEncryptedHSM=off/g" \ + /mnt/hdd/raspiblitz.conf + # new + /home/admin/config.scripts/cl.hsmtool.sh new $CHAIN + # set the lightningd service file on each active network + if [ "${cl}" == "on" ] || [ "${cl}" == "1" ]; then + /home/admin/config.scripts/cl.install-service.sh mainnet + fi + if [ "${tcl}" == "on" ] || [ "${tcl}" == "1" ]; then + /home/admin/config.scripts/cl.install-service.sh testnet + fi + if [ "${scl}" == "on" ] || [ "${scl}" == "1" ]; then + /home/admin/config.scripts/cl.install-service.sh signet + fi + ;; + + FILERESTORE) + # backup + ## from dialogLightningWallet.sh + _temp="/var/cache/raspiblitz/temp/.temp.tmp" + clear + /home/admin/config.scripts/cl.backup.sh cl-export-gui production $_temp + source $_temp 2>/dev/null + sudo rm $_temp 2>/dev/null + echo + echo "The rescue file is stored on the SDcard named cl-rescue.*.tar.gz just in case." + echo + echo "The next step will overwrite the old C-lighthning $CHAIN wallet" + echo "Press ENTER to continue or CTRL+C to abort" + read key + # reset + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.* + # import file + _temp="/var/cache/raspiblitz/temp/.temp.tmp" + clear + /home/admin/config.scripts/cl.backup.sh cl-import-gui production $_temp + source $_temp 2>/dev/null + sudo rm $_temp 2>/dev/null + ;; + + SEEDRESTORE) + # backup + ## from dialogLightningWallet.sh + _temp="/var/cache/raspiblitz/temp/.temp.tmp" + clear + /home/admin/config.scripts/cl.backup.sh cl-export-gui production $_temp + source $_temp 2>/dev/null + sudo rm $_temp 2>/dev/null + echo + echo "The rescue file is stored on the SDcard named cl-rescue.*.tar.gz just in case." + echo + echo "The next step will overwrite the old C-lighthning $CHAIN wallet" + echo "Press ENTER to continue or CTRL+C to abort" + read key + # reset + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/config + sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.* + # import seed + _temp="/var/cache/raspiblitz/.temp.tmp" + /home/admin/config.scripts/cl.backup.sh seed-import-gui $_temp + source $_temp + /home/admin/config.scripts/cl.hsmtool.sh seed-force "$CHAIN" "${seedWords}" + sudo rm $_temp 2>/dev/null + # regenerate config + /home/admin/config.scripts/cl.hsmtool.sh autounlock-off + /home/admin/config.scripts/cl.hsmtool.sh decrypt + /home/admin/config.scripts/cl.install.sh on $CHAIN + ;; + +esac + +exit 0 \ No newline at end of file diff --git a/home.admin/99connectMenu.sh b/home.admin/99connectMenu.sh index 1c619af6a..cce5fe81b 100644 --- a/home.admin/99connectMenu.sh +++ b/home.admin/99connectMenu.sh @@ -9,9 +9,7 @@ source /mnt/hdd/raspiblitz.conf source <(/home/admin/config.scripts/internet.sh status local) # BASIC MENU INFO -HEIGHT=12 WIDTH=64 -CHOICE_HEIGHT=6 BACKTITLE="RaspiBlitz" TITLE="Connect Options" MENU="" @@ -20,20 +18,20 @@ OPTIONS=() OPTIONS+=(MOBILE "Connect Mobile Wallet") if [ "${ElectRS}" == "on" ]; then OPTIONS+=(ELECTRS "Electrum Rust Server") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi if [ "${BTCPayServer}" == "on" ]; then OPTIONS+=(BTCPAY "Show LND connection string") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi OPTIONS+=(${network}RPC "Connect Specter Desktop or JoinMarket") OPTIONS+=(BISQ "Connect Bisq to this node") -OPTIONS+=(EXPORT "Get Macaroons and TLS.cert") -OPTIONS+=(RESET "Recreate LND Macaroons & tls.cert") -OPTIONS+=(SYNC "Sync Macaroons & tls.cert with Apps/Users") +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(EXPORT "Get Macaroons and TLS.cert") + OPTIONS+=(RESET "Recreate LND Macaroons & tls.cert") + OPTIONS+=(SYNC "Sync Macaroons & tls.cert with Apps/Users") +fi +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) CHOICE=$(dialog --clear \ --backtitle "$BACKTITLE" \ --title "$TITLE" \ @@ -58,7 +56,7 @@ case $CHOICE in RESET) sudo /home/admin/config.scripts/lnd.credentials.sh reset sudo /home/admin/config.scripts/lnd.credentials.sh sync - sudo /home/admin/XXshutdown.sh reboot + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot exit 0;; SYNC) sudo /home/admin/config.scripts/lnd.credentials.sh sync @@ -78,7 +76,7 @@ case $CHOICE in if [ $(grep -c "peerbloomfilters=1" < /mnt/hdd/bitcoin/bitcoin.conf) -gt 0 ]&&\ [ $(grep -c Bisq < /etc/tor/torrc) -gt 0 ];then OPTIONS+=(SHOWBISQ "Show the Hidden Service to connect Bisq") - OPTIONS+=(REMOVEBISQ "Remove the Hidden Service for bisq") + OPTIONS+=(REMOVEBISQ "Remove the Hidden Service for Bisq") fi CHOICE=$(dialog --clear \ --backtitle "" \ @@ -105,12 +103,12 @@ case $CHOICE in if [ $(grep -c Bisq < /etc/tor/torrc) -eq 0 ];then echo "# Creating the Hidden Service for Bisq" echo " -# Hidden Service for Bisq (bitcoin RPC v2) +# Hidden Service for Bisq (bitcoin P2P v3) HiddenServiceDir /mnt/hdd/tor/bisq -HiddenServiceVersion 2 +HiddenServiceVersion 3 HiddenServicePort 8333 127.0.0.1:8333" | sudo tee -a /etc/tor/torrc - echo "# Restarting Tor" - sudo systemctl restart tor + echo "# Reloading Tor" + sudo systemctl reload tor@default sleep 10 TOR_ADDRESS=$(sudo cat /mnt/hdd/tor/bisq/hostname) if [ -z "$TOR_ADDRESS" ]; then @@ -137,7 +135,7 @@ HiddenServicePort 8333 127.0.0.1:8333" | sudo tee -a /etc/tor/torrc REMOVEBISQ) sudo sed -i '/Bisq/{N;N;N;d}' /etc/tor/torrc echo "# Restarting Tor" - sudo systemctl restart tor;; + sudo systemctl reload tor@default;; SHOWBISQ) clear TOR_ADDRESS=$(sudo cat /mnt/hdd/tor/bisq/hostname) @@ -166,12 +164,11 @@ HiddenServicePort 8333 127.0.0.1:8333" | sudo tee -a /etc/tor/torrc echo "# Running on ${chain}net" echo localIPrange=$(ip addr | grep 'state UP' -A2 | grep -E -v 'docker0|veth' |\ - grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' |\ + grep 'eth0\|wlan0\|enp0\|inet' | tail -n1 | awk '{print $2}' |\ awk -F. '{print $1"."$2"."$3".0/24"}') - localIP=$(ip addr | grep 'state UP' -A2 | grep -E -v 'docker0|veth' |\ - grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localIP=$(hostname -I | awk '{print $1}') allowIPrange=$(grep -c "rpcallowip=$localIPrange" < /mnt/hdd/${network}/${network}.conf) - bindIP=$(grep -c "rpcbind=$localIP" < /mnt/hdd/${network}/${network}.conf) + bindIP=$(grep -c "${chain}.rpcbind=$localIP" < /mnt/hdd/${network}/${network}.conf) rpcTorService=$(grep -c "HiddenServicePort ${BITCOINRPCPORT} 127.0.0.1:${BITCOINRPCPORT}" < /etc/tor/torrc) TorRPCaddress=$(sudo cat /mnt/hdd/tor/bitcoin${BITCOINRPCPORT}/hostname) @@ -239,7 +236,7 @@ HiddenServicePort 8333 127.0.0.1:8333" | sudo tee -a /etc/tor/torrc restartCore=1 fi if [ $bindIP -eq 0 ]; then - echo "rpcbind=$localIP" | sudo tee -a /mnt/hdd/${network}/${network}.conf + echo "${chain}.rpcbind=$localIP" | sudo tee -a /mnt/hdd/${network}/${network}.conf restartCore=1 fi if [ $restartCore = 1 ];then @@ -286,7 +283,7 @@ HiddenServicePort 8333 127.0.0.1:8333" | sudo tee -a /etc/tor/torrc restartCore=1 fi if [ $bindIP -gt 0 ]; then - sudo sed -i "/^rpcbind=$localIP/d" /mnt/hdd/${network}/${network}.conf + sudo sed -i "/^${chain}.rpcbind=$localIP/d" /mnt/hdd/${network}/${network}.conf restartCore=1 fi if [ $restartCore = 1 ];then diff --git a/home.admin/99lightningMenu.sh b/home.admin/99lightningMenu.sh deleted file mode 100644 index 63ea9d920..000000000 --- a/home.admin/99lightningMenu.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/bash - -# get raspiblitz config -echo "get raspiblitz config" -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf - -# get the local network IP to be displayed on the LCD -source <(/home/admin/config.scripts/internet.sh status local) - -# BASIC MENU INFO -HEIGHT=13 -WIDTH=64 -CHOICE_HEIGHT=7 -BACKTITLE="RaspiBlitz" -TITLE="Lightning Options" -MENU="" -OPTIONS=() - -OPTIONS+=(FUNDING "Fund your LND Wallet") -OPTIONS+=(PEERING "Connect to a Peer") -OPTIONS+=(CHANNEL "Open a Channel with Peer") -OPTIONS+=(SEND "Pay an Invoice/PaymentRequest") -OPTIONS+=(RECEIVE "Create Invoice/PaymentRequest") - -if [ "${chain}" = "main" ]; then - OPTIONS+=(lnbalance "Detailed Wallet Balances") - OPTIONS+=(lnchannels "Lightning Channel List") - OPTIONS+=(lnfwdreport "Lightning Forwarding Events Report") - HEIGHT=$((HEIGHT+3)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+3)) -fi - -OPTIONS+=(NAME "Change Name/Alias of Node") - -openChannels=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net listchannels 2>/dev/null | jq '.[] | length') -if [ ${#openChannels} -gt 0 ] && [ ${openChannels} -gt 0 ]; then - OPTIONS+=(CLOSEALL "Close all open Channels") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi - -OPTIONS+=(CASHOUT "Remove Funds from LND") - -CHOICE=$(dialog --clear \ - --backtitle "$BACKTITLE" \ - --title "$TITLE" \ - --ok-label "Select" \ - --cancel-label "Main menu" \ - --menu "$MENU" \ - $HEIGHT $WIDTH $CHOICE_HEIGHT \ - "${OPTIONS[@]}" \ - 2>&1 >/dev/tty) - -case $CHOICE in - lnbalance) - clear - echo "*** YOUR SATOSHI BALANCES ***" - /home/admin/config.scripts/lnd.balance.sh ${network} - echo "Press ENTER to return to main menu." - read key - ;; - lnchannels) - clear - echo "*** YOUR LIGHTNING CHANNELS ***" - echo "" - echo "Capacity -> total sats in the channel (their side + your side)" - echo "Commit-Fee -> the fee that's charged if either side of the channel closes" - echo "Balance-Local -> sats on your side of the channel (outbound liquidity)" - echo "Balance-Remote -> sats on their side of the channel (inbound liquidity)" - echo "Fee-Base -> fixed fee (in millisatoshis) per forwarding on channel" - echo "Fee-PerMil -> amount based fee (millisatoshis per 1 satoshi) on forwarding" - /home/admin/config.scripts/lnd.channels.sh ${network} - echo "Press ENTER to return to main menu." - read key - ;; - lnfwdreport) - /home/admin/config.scripts/lnd.fwdreport.sh -menu - echo "Press ENTER to return to main menu." - read key - ;; - PEERING) - /home/admin/BBconnectPeer.sh - ;; - FUNDING) - /home/admin/BBfundWallet.sh - ;; - CASHOUT) - /home/admin/BBcashoutWallet.sh - ;; - CHANNEL) - /home/admin/BBopenChannel.sh - ;; - SEND) - /home/admin/BBpayInvoice.sh - ;; - RECEIVE) - /home/admin/BBcreateInvoice.sh - ;; - NAME) - sudo /home/admin/config.scripts/lnd.setname.sh - noreboot=$? - if [ "${noreboot}" = "0" ]; then - sudo -u bitcoin ${network}-cli stop - echo "Press ENTER to Reboot." - read key - sudo /home/admin/XXshutdown.sh reboot - exit 0 - fi - ;; - CLOSEALL) - /home/admin/BBcloseAllChannels.sh - echo "Press ENTER to return to main menu." - read key - ;; -esac diff --git a/home.admin/99lndMenu.sh b/home.admin/99lndMenu.sh new file mode 100644 index 000000000..4632c35f8 --- /dev/null +++ b/home.admin/99lndMenu.sh @@ -0,0 +1,145 @@ +#!/bin/bash + +# get raspiblitz config +echo "get raspiblitz config" +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf + +# get the local network IP to be displayed on the LCD +source <(/home/admin/config.scripts/internet.sh status local) + +source <(/home/admin/config.scripts/network.aliases.sh getvars lnd $1) + +# make sure lnd wallet is unlocked +/home/admin/config.scripts/lnd.unlock.sh chain-unlock ${CHAIN} + +# BASIC MENU INFO +WIDTH=64 +BACKTITLE="RaspiBlitz" +TITLE=" LND Lightning Options (${CHAIN}) " +MENU="" +OPTIONS=() + +OPTIONS+=(FUNDING "Fund your LND Wallet") +OPTIONS+=(PEERING "Connect to a Peer") +OPTIONS+=(CHANNEL "Open a Channel with Peer") +OPTIONS+=(SEND "Pay an Invoice/PaymentRequest") +OPTIONS+=(RECEIVE "Create Invoice/PaymentRequest") + +if [ "${chain}" = "main" ]; then + OPTIONS+=(lnbalance "Detailed Wallet Balances") + OPTIONS+=(lnchannels "Lightning Channel List") + OPTIONS+=(lnfwdreport "Lightning Forwarding Events Report") +fi + +OPTIONS+=(NAME "Change Name/Alias of Node") + +openChannels=$($lncli_alias listchannels 2>/dev/null | jq '.[] | length') +if [ ${#openChannels} -gt 0 ] && [ ${openChannels} -gt 0 ]; then + OPTIONS+=(SUEZ "Visualize channels") + OPTIONS+=(CLOSEALL "Close all open Channels on $CHAIN") +fi + +OPTIONS+=(CASHOUT "Withdraw all funds from LND on $CHAIN") + +if [ "${lightning}" != "lnd" ]; then + OPTIONS+=(SWITCHLN "Use LND as default") +fi + +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) +CHOICE=$(dialog --clear \ + --backtitle "$BACKTITLE" \ + --title "$TITLE" \ + --ok-label "Select" \ + --cancel-label "Main menu" \ + --menu "$MENU" \ + $HEIGHT $WIDTH $CHOICE_HEIGHT \ + "${OPTIONS[@]}" \ + 2>&1 >/dev/tty) + +case $CHOICE in + lnbalance) + clear + echo "*** YOUR SATOSHI BALANCES ***" + /home/admin/config.scripts/lnd.balance.sh ${network} + echo "Press ENTER to return to main menu." + read key + ;; + lnchannels) + clear + echo "*** YOUR LIGHTNING CHANNELS ***" + echo "" + echo "Capacity -> total sats in the channel (their side + your side)" + echo "Commit-Fee -> the fee that's charged if either side of the channel closes" + echo "Balance-Local -> sats on your side of the channel (outbound liquidity)" + echo "Balance-Remote -> sats on their side of the channel (inbound liquidity)" + echo "Fee-Base -> fixed fee (in millisatoshis) per forwarding on channel" + echo "Fee-PerMil -> amount based fee (millisatoshis per 1 satoshi) on forwarding" + /home/admin/config.scripts/lnd.channels.sh ${network} + echo "Press ENTER to return to main menu." + read key + ;; + lnfwdreport) + /home/admin/config.scripts/lnd.fwdreport.sh -menu + echo "Press ENTER to return to main menu." + read key + ;; + PEERING) + /home/admin/BBconnectPeer.sh lnd $CHAIN + ;; + FUNDING) + /home/admin/BBfundWallet.sh lnd $CHAIN + ;; + CASHOUT) + /home/admin/BBcashoutWallet.sh lnd $CHAIN + ;; + CHANNEL) + /home/admin/BBopenChannel.sh lnd $CHAIN + ;; + SEND) + /home/admin/BBpayInvoice.sh lnd $CHAIN + ;; + RECEIVE) + /home/admin/BBcreateInvoice.sh lnd $CHAIN + ;; + NAME) + sudo /home/admin/config.scripts/lnd.setname.sh $CHAIN + noreboot=$? + if [ "${noreboot}" = "0" ]; then + sudo -u bitcoin ${network}-cli stop + echo "Press ENTER to Reboot." + read key + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot + exit 0 + fi + ;; + SUEZ) + clear + if [ ! -f /home/bitcoin/suez/suez ];then + /home/admin/config.scripts/bonus.suez.sh on + fi + cd /home/bitcoin/suez || exit 1 + sudo -u bitcoin /home/bitcoin/.local/bin/poetry run ./suez \ + --client-args=-n=${CHAIN} \ + --client-args=--rpcserver=localhost:1${L2rpcportmod}009 + echo + echo "Press ENTER to return to main menu." + read key + ;; + CLOSEALL) + /home/admin/BBcloseAllChannels.sh lnd $CHAIN + echo "Press ENTER to return to main menu." + read key + ;; + SWITCHLN) + clear + echo + # setting value in raspi blitz config + sudo sed -i "s/^lightning=.*/lightning=lnd/g" /mnt/hdd/raspiblitz.conf + echo "# OK - lightning=lnd is set in /mnt/hdd/raspiblitz.conf" + echo + echo "Press ENTER to return to main menu." + read key + ;; +esac diff --git a/home.admin/99systemMenu.sh b/home.admin/99systemMenu.sh index 00ff764a9..62a272f16 100644 --- a/home.admin/99systemMenu.sh +++ b/home.admin/99systemMenu.sh @@ -5,28 +5,39 @@ echo "get raspiblitz config" source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf +# source <(/home/admin/config.scripts/network.aliases.sh getvars ) +source <(/home/admin/config.scripts/network.aliases.sh getvars cl $1) + # BASIC MENU INFO -HEIGHT=12 # add 6 to CHOICE_HEIGHT + MENU lines WIDTH=64 -CHOICE_HEIGHT=6 # 1 line / OPTIONS BACKTITLE="RaspiBlitz" -TITLE="System Options" +TITLE=" ${CHAIN} System Options " MENU="" # adds lines to HEIGHT OPTIONS=() # adds lines to HEIGHt + CHOICE_HEIGHT -OPTIONS+=(${network}LOG "Monitor the debug.log") +OPTIONS+=(${network}LOG "Monitor the debug.log for ${CHAIN}") OPTIONS+=(${network}CONF "Edit the bitcoin.conf") -OPTIONS+=(LNDLOG "Monitor the lnd.log") -OPTIONS+=(LNDCONF "Edit the lnd.conf") -if [ "${runBehindTor}" == "on" ]; then +if grep "^${netprefix}lnd=on" /mnt/hdd/raspiblitz.conf;then + OPTIONS+=(LNDLOG "Monitor the lnd.log for ${CHAIN}") + OPTIONS+=(LNDCONF "Edit the lnd.conf for ${CHAIN}") +fi + +if grep "^${netprefix}cl=on" /mnt/hdd/raspiblitz.conf;then + OPTIONS+=(CLLOG "Monitor the CL log for ${CHAIN}") + OPTIONS+=(CLCONF "Edit the CL config for ${CHAIN}") +fi + +if [ "${runBehindTor}" == "on" ] && [ "${netprefix}" == "" ]; then OPTIONS+=(TORLOG "Monitor the Tor Service with Nyx") OPTIONS+=(TORRC "Edit the Tor Configuration") - HEIGHT=$((HEIGHT+2)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+2)) fi + OPTIONS+=(CUSTOMLOG "Monitor a custom service") OPTIONS+=(CUSTOMRESTART "Restart a custom service") + +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) CHOICE=$(dialog --clear \ --backtitle "$BACKTITLE" \ --title "$TITLE" \ @@ -39,26 +50,33 @@ CHOICE=$(dialog --clear \ case $CHOICE in ${network}LOG) + if [ ${CHAIN} = signet ]; then + bitcoinlogpath="/mnt/hdd/bitcoin/signet/debug.log" + elif [ ${CHAIN} = testnet ]; then + bitcoinlogpath="/mnt/hdd/bitcoin/testnet3/debug.log" + elif [ ${CHAIN} = mainnet ]; then + bitcoinlogpath="/mnt/hdd/bitcoin/debug.log" + fi clear echo - echo "Will follow the /mnt/hdd/${network}/debug.log" - echo "running: 'sudo tail -n 30 -f /mnt/hdd/${network}/debug.log'" + echo "Will follow the ${bitcoinlogpath}" + echo "running: 'sudo tail -n 30 -f ${bitcoinlogpath}'" echo echo "Press ENTER to continue" echo "use CTRL+C any time to abort .. then use command 'raspiblitz' to return to menu" echo "###############################################################################" read key - sudo tail -n 30 -f /mnt/hdd/${network}/debug.log;; + sudo tail -n 30 -f ${bitcoinlogpath};; ${network}CONF) if /home/admin/config.scripts/blitz.setconf.sh "/mnt/hdd/${network}/${network}.conf" "root" then whiptail \ --title "Restart" --yes-button "Restart" --no-button "Not now" \ - --yesno "To apply the new settings ${network}d needs to restart. - Do you want to restart ${network}d now?" 10 55 + --yesno "To apply the new settings ${netprefix}${network}d needs to restart. + Do you want to restart ${netprefix}${network}d now?" 10 55 if [ $? -eq 0 ]; then - echo "# Restarting ${network}d" - sudo systemctl restart ${network}d + echo "# Restarting ${netprefix}${network}d" + sudo systemctl restart ${netprefix}${network}d else echo "# Continue without restarting." fi @@ -77,7 +95,7 @@ case $CHOICE in read key sudo tail -n 30 -f /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log;; LNDCONF) - if /home/admin/config.scripts/blitz.setconf.sh "/mnt/hdd/lnd/lnd.conf" "root" + if /home/admin/config.scripts/blitz.setconf.sh "/mnt/hdd/lnd/${netprefix}lnd.conf" "root" then whiptail \ --title "Restart" --yes-button "Restart" --no-button "Not now" \ @@ -85,25 +103,52 @@ case $CHOICE in Do you want to restart LND now?" 10 55 if [ $? -eq 0 ]; then echo "# Restarting LND" - sudo systemctl restart lnd + sudo systemctl restart ${netprefix}lnd else echo "# Continue without restarting." fi else echo "# No change made" - fi;; + fi;; + CLLOG) + clear + echo + echo "Will follow the /home/bitcoin/.lightning/${CLNETWORK}/cl.log" + echo "running 'sudo tail -n 30 -f /home/bitcoin/.lightning/${CLNETWORK}/cl.log'" + echo + echo "Press ENTER to continue" + echo "use CTRL+C any time to abort .. then use command 'raspiblitz' to return to menu" + echo "###############################################################################" + read key + sudo tail -n 30 -f /home/bitcoin/.lightning/${CLNETWORK}/cl.log;; + CLCONF) + if /home/admin/config.scripts/blitz.setconf.sh "${CLCONF}" "root" + then + whiptail \ + --title "Restart" --yes-button "Restart" --no-button "Not now" \ + --yesno "To apply the new settings C-lightning needs to restart. + Do you want to restart C-lightning now?" 0 0 + if [ $? -eq 0 ]; then + echo "# Restarting C-lightning" + sudo systemctl restart ${netprefix}lightningd + else + echo "# Continue without restarting." + fi + else + echo "# No change made" + fi;; TORLOG) sudo -u debian-tor nyx;; TORRC) if /home/admin/config.scripts/blitz.setconf.sh "/etc/tor/torrc" "debian-tor" then whiptail \ - --title "Restart" --yes-button "Restart" --no-button "Not now" \ - --yesno "To apply the new settings Tor needs to restart. + --title "Reload" --yes-button "Reload" --no-button "Not now" \ + --yesno "To apply the new settings need to reload Tor. Do you want to restart Tor now?" 10 55 if [ $? -eq 0 ]; then echo "# Restarting tor" - sudo systemctl restart tor@default + sudo systemctl reload tor@default else echo "# Continue without restarting." fi @@ -115,9 +160,9 @@ case $CHOICE in echo echo "Example list: btc-rpc-explorer, btcpayserver, circuitbreaker, -cryptoadvance-specter, getty@tty1, electrs, litd, +specter, getty@tty1, electrs, litd, lnbits, mempool, nbxlorer, nginx, RTL, telegraf, -thunderhub, tor@default, tor@lnd, tor +thunderhub, tor@default, tor " echo "Type the name of the service you would like to monitor:" read SERVICE @@ -133,9 +178,9 @@ thunderhub, tor@default, tor@lnd, tor echo echo "Example list: btc-rpc-explorer, btcpayserver, circuitbreaker, -cryptoadvance-specter, getty@tty1, electrs, litd, +specter, getty@tty1, electrs, litd, lnbits, mempool, nbxlorer, nginx, RTL, telegraf, -thunderhub, tor@default, tor@lnd, tor +thunderhub, tor@default, tor " echo "Type the name of the service you would like to restart:" read SERVICE diff --git a/home.admin/99updateMenu.sh b/home.admin/99updateMenu.sh index cc9cf0637..296dddbae 100755 --- a/home.admin/99updateMenu.sh +++ b/home.admin/99updateMenu.sh @@ -1,9 +1,9 @@ #!/bin/bash # load raspiblitz config data -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf source /home/admin/_version.info +source /home/admin/raspiblitz.info +source /mnt/hdd/raspiblitz.conf 2>/dev/null ## PROCEDURES @@ -21,35 +21,51 @@ No need to close channels or download blockchain again. Do you want to start the Update now? " 16 62 if [ $? -eq 0 ]; then - exit 1 + exit 0 fi - whiptail --title "LND Data Backup" --yes-button "Download Backup" --no-button "Skip" --yesno " -Before we start the RaspiBlitz Update process, -its recommended to make a backup of all your LND Data -and download that file to your laptop. + if [ "${lightning}" != "" ]; then -Do you want to download LND Data Backup now? + whiptail --title "Lightning Data Backup" --yes-button "Download Backup" --no-button "Skip" --yesno " +Before we start the RaspiBlitz Update process, +its recommended to make a backup of all your Lightning +Channel Data and download that file to your laptop. + +Do you want to download Lightning Data Backup now? " 12 58 - if [ $? -eq 0 ]; then - clear - echo "*************************************" - echo "* PREPARING LND BACKUP DOWNLOAD" - echo "*************************************" - echo "please wait .." - sleep 2 - /home/admin/config.scripts/lnd.rescue.sh backup - echo - echo "PRESS ENTER to continue once you're done downloading." - read key - else - clear - echo "*************************************" - echo "* JUST MAKING BACKUP TO OLD SD CARD" - echo "*************************************" - echo "please wait .." - sleep 2 - /home/admin/config.scripts/lnd.rescue.sh backup no-download + if [ $? -eq 0 ]; then + clear + echo "*************************************" + echo "* PREPARING LIGHTNING BACKUP DOWNLOAD" + echo "*************************************" + echo "please wait .." + sleep 2 + if [ "${lightning}" == "lnd" ]; then + /home/admin/config.scripts/lnd.backup.sh lnd-export-gui + elif [ "${lightning}" == "cl" ]; then + /home/admin/config.scripts/cl.backup.sh cl-export-gui + else + echo "TODO: Implement Data Backup for '${lightning}'" + fi + echo + echo "PRESS ENTER to continue once you're done downloading." + read key + else + clear + echo "*************************************" + echo "* JUST MAKING BACKUP TO OLD SD CARD" + echo "*************************************" + echo "please wait .." + sleep 2 + if [ "${lightning}" == "lnd" ]; then + /home/admin/config.scripts/lnd.backup.sh lnd-export + elif [ "${lightning}" == "cl" ]; then + /home/admin/config.scripts/cl.backup.sh cl-export + else + echo "TODO: Implement Data Backup for '${lightning}'" + sleep 3 + fi + fi fi whiptail --title "READY TO UPDATE?" --yes-button "START UPDATE" --no-button "Cancel" --yesno "If you start the update: The RaspiBlitz will power down. @@ -68,8 +84,9 @@ and do you WANT TO START UPDATE NOW? dialog --title " Update Canceled " --msgbox " OK. RaspiBlitz will NOT update now. " 7 39 - sudo systemctl start lnd - exit 1 + sudo systemctl start lnd 2>/dev/null + sudo systemctl start lightningd 2>/dev/null + exit 0 fi clear @@ -93,7 +110,7 @@ hotfix the code and might compromise your security. Do you want to Patch your RaspiBlitz now? " 18 58 if [ $? -eq 0 ]; then - exit 1 + exit 0 fi } @@ -101,7 +118,7 @@ patch() { # get sync info - source <(sudo /home/admin/XXsyncScripts.sh info) + source <(sudo /home/admin/config.scripts/blitz.github.sh info) # Patch Options OPTIONS=(PATCH "Patch/Sync RaspiBlitz with GitHub Repo" \ @@ -115,7 +132,7 @@ patch() clear case $CHOICE in PATCH) - sudo -u admin /home/admin/XXsyncScripts.sh -run + sudo -u admin /home/admin/config.scripts/blitz.github.sh -run sleep 4 whiptail --title " Patching/Syncing " --yes-button "Reboot" --no-button "Skip Reboot" --yesno " OK patching/syncing done. @@ -126,12 +143,13 @@ patch() if [ $? -eq 0 ]; then clear echo "REBOOT .." - /home/admin/XXshutdown.sh reboot + /home/admin/config.scripts/blitz.shutdown.sh reboot sleep 8 + exit 1 else echo "SKIP REBOOT .." + exit 0 fi - exit 1 ;; REPO) clear @@ -142,13 +160,13 @@ patch() newGitHubUser=$(echo "${newGitHubUser}" | cut -d " " -f1) echo "--> " ${newGitHubUser} error="" - source <(sudo -u admin /home/admin/XXsyncScripts.sh -clean ${activeBranch} ${newGitHubUser}) + source <(sudo -u admin /home/admin/config.scripts/blitz.github.sh -clean ${activeBranch} ${newGitHubUser}) if [ ${#error} -gt 0 ]; then whiptail --title "ERROR" --msgbox "${error}" 8 30 fi fi patch - exit 1 + exit 0 ;; BRANCH) clear @@ -159,13 +177,13 @@ patch() newGitHubBranch=$(echo "${newGitHubBranch}" | cut -d " " -f1) echo "--> " $newGitHubBranch error="" - source <(sudo -u admin /home/admin/XXsyncScripts.sh ${newGitHubBranch}) + source <(sudo -u admin /home/admin/config.scripts/blitz.github.sh ${newGitHubBranch}) if [ ${#error} -gt 0 ]; then whiptail --title "ERROR" --msgbox "${error}" 8 30 fi fi patch - exit 1 + exit 0 ;; PR) clear @@ -178,15 +196,15 @@ patch() cd /home/admin/raspiblitz git fetch origin pull/${pullRequestID}/head:pr${pullRequestID} error="" - source <(sudo -u admin /home/admin/XXsyncScripts.sh pr${pullRequestID}) + source <(sudo -u admin /home/admin/config.scripts/blitz.github.sh pr${pullRequestID}) if [ ${#error} -gt 0 ]; then whiptail --title "ERROR" --msgbox "${error}" 8 30 else echo "# update installs .." - /home/admin/XXsyncScripts.sh -justinstall + /home/admin/config.scripts/blitz.github.sh -justinstall fi fi - exit 1 + exit 0 ;; esac @@ -212,7 +230,7 @@ lnd() VERIFIED) if [ ${lndUpdateInstalled} -eq 1 ]; then whiptail --title "ALREADY INSTALLED" --msgbox "The LND version ${lndUpdateVersion} is already installed." 8 30 - exit 1 + exit 0 fi whiptail --title "OPTIONAL LND UPDATE" --yes-button "Cancel" --no-button "Update" --yesno "BEWARE on updating to LND v${lndUpdateVersion}: @@ -222,7 +240,7 @@ Do you really want to update LND now? " 16 58 if [ $? -eq 0 ]; then echo "# cancel update" - exit 1 + exit 0 fi # if loop is installed remove if [ "${loop}" == "on" ]; then @@ -238,7 +256,7 @@ Do you really want to update LND now? if [ "${loop}" == "on" ]; then sudo -u admin /home/admin/config.scripts/bonus.loop.sh on fi - /home/admin/XXshutdown.sh reboot + /home/admin/config.scripts/blitz.shutdown.sh reboot sleep 8 fi ;; @@ -255,20 +273,89 @@ Do you really want to update LND now? " 16 58 if [ $? -eq 0 ]; then echo "# cancel update" - exit 1 + exit 0 fi error="" source <(sudo -u admin /home/admin/config.scripts/lnd.update.sh reckless) if [ ${#error} -gt 0 ]; then whiptail --title "ERROR" --msgbox "${error}" 8 30 else - /home/admin/XXshutdown.sh reboot + /home/admin/config.scripts/blitz.shutdown.sh reboot sleep 8 fi ;; esac } +cl() +{ + + # get cl info + source <(sudo -u admin /home/admin/config.scripts/cl.update.sh info) + + # C-lightning Update Options + OPTIONS=() + if [ ${clUpdateInstalled} -eq 0 ]; then + OPTIONS+=(VERIFIED "Optional C-lightning update to ${clUpdateVersion}") + fi + OPTIONS+=(RECKLESS "Experimental C-lightning update to ${clLatestVersion}") + + CHOICE=$(whiptail --clear --title "Update C-lightning Options" --menu "" 9 60 2 "${OPTIONS[@]}" 2>&1 >/dev/tty) + + clear + case $CHOICE in + VERIFIED) + if [ ${clUpdateInstalled} -eq 1 ]; then + whiptail --title "ALREADY INSTALLED" --msgbox "The C-lightning version ${clUpdateVersion} is already installed." 8 30 + exit 0 + fi + whiptail --title "OPTIONAL C-lightning UPDATE" --yes-button "Cancel" --no-button "Update" --yesno "BEWARE on updating to C-lightning v${clUpdateVersion}: + +${clUpdateComment} + +Do you really want to update C-lightning now? + " 16 58 + if [ $? -eq 0 ]; then + echo "# cancel update" + exit 0 + fi + error="" + warn="" + source <(sudo -u admin /home/admin/config.scripts/cl.update.sh verified) + if [ ${#error} -gt 0 ]; then + whiptail --title "ERROR" --msgbox "${error}" 8 30 + else + echo "# C-lightning was updated successfully" + exit 0 + fi + ;; + RECKLESS) + whiptail --title "RECKLESS C-lightning UPDATE to ${clLatestVersion}" --yes-button "Cancel" --no-button "Update" --yesno "Using the 'RECKLESS' C-lightning update will simply +grab the latest C-lightning release published on the C-lightning GitHub page (also release candidates). + +There will be no security checks on signature, etc. + +This update mode is only recommended for testing and +development nodes with no serious funding. + +Do you really want to update C-lightning now? + " 16 58 + if [ $? -eq 0 ]; then + echo "# cancel update" + exit 0 + fi + error="" + source <(sudo -u admin /home/admin/config.scripts/cl.update.sh reckless) + if [ ${#error} -gt 0 ]; then + whiptail --title "ERROR" --msgbox "${error}" 8 30 + else + echo "# C-lightning was updated successfully" + exit 0 + fi + ;; + esac +} + bitcoinUpdate() { # get bitcoin info source <(sudo -u admin /home/admin/config.scripts/bitcoin.update.sh info) @@ -296,7 +383,7 @@ bitcoinUpdate() { if [ ${bitcoinUpdateInstalled} -eq 1 ]; then whiptail --title "ALREADY INSTALLED" \ --msgbox "The Bitcoin Core version ${bitcoinUpdateVersion} is already installed." 8 30 - exit 1 + exit 0 fi whiptail --title "OPTIONAL Bitcoin Core update" --yes-button "Cancel" --no-button "Update" \ --yesno "Info on updating to Bitcoin Core v${bitcoinVersion}: @@ -308,7 +395,7 @@ Do you really want to update Bitcoin Core now? " 12 58 if [ $? -eq 0 ]; then echo "# cancel update" - exit 1 + exit 0 fi error="" @@ -332,7 +419,7 @@ Do you really want to update Bitcoin Core now? " 16 58 if [ $? -eq 0 ]; then echo "# cancel update" - exit 1 + exit 0 fi error="" source <(sudo -u admin /home/admin/config.scripts/bitcoin.update.sh reckless) @@ -355,58 +442,53 @@ if [ "$1" == "github" ]; then fi # Basic Options Menu -HEIGHT=10 # add 6 to CHOICE_HEIGHT + MENU lines WIDTH=55 -CHOICE_HEIGHT=4 # 1 line / OPTIONS -OPTIONS=( -RELEASE "RaspiBlitz Release Update/Recovery" -PATCH "Patch RaspiBlitz v${codeVersion}" -LND "Interim LND Update Options" -BITCOIN "Bitcoin Core Update Options" -) +OPTIONS=() +OPTIONS+=(RELEASE "RaspiBlitz Release Update/Recovery") +OPTIONS+=(PATCH "Patch RaspiBlitz v${codeVersion}") +OPTIONS+=(BITCOIN "Bitcoin Core Update Options") + +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(LND "Interim LND Update Options") +fi + +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + OPTIONS+=(CL "Interim C-lightning Update Options") +fi if [ "${bos}" == "on" ]; then OPTIONS+=(BOS "Update Balance of Satoshis") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi + if [ "${thunderhub}" == "on" ]; then OPTIONS+=(THUB "Update ThunderHub") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi + if [ "${specter}" == "on" ]; then - OPTIONS+=(SPECTER "Update Cryptoadvance Specter") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) -fi -if [ "${rtlWebinterface}" == "on" ]; then - OPTIONS+=(RTL "Update RTL") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) + OPTIONS+=(SPECTER "Update Specter Desktop") fi + if [ "${sphinxrelay}" == "on" ]; then OPTIONS+=(SPHINX "Update Sphinx Server Relay") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi + if [ "${pyblock}" == "on" ]; then OPTIONS+=(PYBLOCK "Update PyBLOCK") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi + if [ "${mempoolExplorer}" == "on" ]; then OPTIONS+=(MEMPOOL "Update Mempool Explorer") fi + if [ "${runBehindTor}" == "on" ]; then OPTIONS+=(TOR "Update Tor from the source code") - HEIGHT=$((HEIGHT+1)) - CHOICE_HEIGHT=$((CHOICE_HEIGHT+1)) fi +CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) +HEIGHT=$((CHOICE_HEIGHT+6)) CHOICE=$(dialog --clear \ --backtitle "" \ - --title "Update Options" \ + --title " Update Options " \ --ok-label "Select" \ --cancel-label "Main menu" \ --menu "" \ @@ -424,6 +506,9 @@ case $CHOICE in LND) lnd ;; + CL) + cl + ;; BITCOIN) bitcoinUpdate ;; @@ -434,10 +519,7 @@ case $CHOICE in /home/admin/config.scripts/bonus.thunderhub.sh update ;; SPECTER) - /home/admin/config.scripts/bonus.cryptoadvance-specter.sh update - ;; - RTL) - /home/admin/config.scripts/bonus.rtl.sh update + /home/admin/config.scripts/bonus.specter.sh update ;; SPHINX) /home/admin/config.scripts/bonus.sphinxrelay.sh update diff --git a/home.admin/AAunlockLND.sh b/home.admin/AAunlockLND.sh deleted file mode 100755 index fd3c45b09..000000000 --- a/home.admin/AAunlockLND.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -# load raspiblitz config data (with backup from old config) -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi -if [ ${#network} -eq 0 ]; then network="bitcoin"; fi -if [ ${#chain} -eq 0 ]; then - echo "gathering chain info ... please wait" - chain=$(${network}-cli getblockchaininfo | jq -r '.chain') -fi - -clear -echo "" -echo "****************************************************************************" -echo "Unlock LND Wallet --> lncli --chain=${network} unlock" -echo "****************************************************************************" -echo "HELP: Enter your PASSWORD C" -echo "You may wait some seconds until you get asked for password." -echo "****************************************************************************" -while : - do - sudo -u bitcoin /usr/local/bin/lncli --chain=${network} unlock - sleep 4 - locked=$(sudo tail -n 1 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2>/dev/null | grep -c unlock) - if [ ${locked} -eq 0 ]; then - break - fi - - echo "" - echo "network(${network}) chain(${chain})" - sudo tail -n 1 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log - echo "Wallet still locked - please try again or" - echo "Cancel with CTRL+C - back to setup with command: raspiblitz" - done diff --git a/home.admin/BBcashoutWallet.sh b/home.admin/BBcashoutWallet.sh index 5be7e514b..55b137832 100755 --- a/home.admin/BBcashoutWallet.sh +++ b/home.admin/BBcashoutWallet.sh @@ -1,4 +1,6 @@ #!/bin/bash +trap 'rm -f "$_temp"' EXIT +trap 'rm -f "$_error"' EXIT _temp=$(mktemp -p /dev/shm/) _error=$(mktemp -p /dev/shm/) @@ -7,40 +9,59 @@ echo "please wait ..." # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then - chain=$(${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo | jq -r '.chain') + chain=$($bitcoincli_alias getblockchaininfo | jq -r '.chain') fi +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) + # check if user has money in lightning channels - info about close all -openChannels=$(lncli --chain=${network} --network=${chain}net listchannels 2>/dev/null | jq '.[] | length') +if [ $LNTYPE = cl ];then + ln_getInfo=$($lightningcli_alias getinfo 2>/dev/null) + ln_channels_online="$(echo "${ln_getInfo}" | jq -r '.num_active_channels')" 2>/dev/null + cl_num_inactive_channels="$(echo "${ln_getInfo}" | jq -r '.num_inactive_channels')" 2>/dev/null + openChannels=$((ln_channels_online+cl_num_inactive_channels)) +elif [ $LNTYPE = lnd ];then + openChannels=$($lncli_alias listchannels 2>/dev/null | jq '.[] | length') +fi if [ ${#openChannels} -eq 0 ]; then clear echo "*** IMPORTANT **********************************" - echo "It looks like LND is not responding." + echo "It looks like $LNTYPE is not responding." echo "Still starting up, is locked or is not running?" - echo "Try later, try reboot or check ./XXdebugLogs.sh" + echo "Try later, try reboot or run command: debug" echo "************************************************" echo "Press ENTER to return to main menu." read key - exit 1 + exit 0 fi if [ ${openChannels} -gt 0 ]; then whiptail --title 'Info' --yes-button='Cashout Anyway' --no-button='Go Back' --yesno 'You still have funds in open Lightning Channels.\nUse CLOSEALL first if you want to cashout all funds.\nNOTICE: Just confirmed on-chain funds can be moved.' 10 56 if [ $? -eq 1 ]; then - exit 1 + exit 0 fi echo "..." fi # check if money is waiting to get confirmed -unconfirmed=$(lncli --chain=${network} --network=${chain}net walletbalance | grep '"unconfirmed_balance"' | cut -d '"' -f4) +if [ $LNTYPE = cl ];then + ln_walletbalance_wait=0 + cl_listfunds=$($lightningcli_alias listfunds 2>/dev/null) + for i in $(echo "$cl_listfunds" \ + |jq .outputs[]|jq 'select(.status=="unconfirmed")'|grep value|awk '{print $2}'|cut -d, -f1);do + ln_walletbalance_wait=$((ln_walletbalance_wait+i)) + done + unconfirmed=$ln_walletbalance_wait +elif [ $LNTYPE = lnd ];then + unconfirmed=$($lncli_alias walletbalance | grep '"unconfirmed_balance"' | cut -d '"' -f4) +fi if [ ${unconfirmed} -gt 0 ]; then whiptail --title 'Info' --yes-button='Cashout Anyway' --no-button='Go Back' --yesno "Still waiting confirmation for (some of) your funds.\nNOTICE: Just confirmed on-chain funds can be moved." 8 58 if [ $? -eq 1 ]; then - exit 1 + exit 0 fi echo "..." fi @@ -53,7 +74,7 @@ then echo "ok pressed" else echo "cancel pressed" - exit 1 + exit 0 fi address=$(cat $_temp | xargs) shred -u $_temp @@ -61,7 +82,7 @@ if [ ${#address} -eq 0 ]; then echo "FAIL - not a valid address (${address})" echo "Press ENTER to return to main menu." read key - exit 1 + exit 0 fi clear @@ -70,22 +91,27 @@ echo "Sweep all possible Funds" echo "******************************" # execute command -command="lncli --chain=${network} --network=${chain}net sendcoins --sweepall --addr=${address} --conf_target=36" +if [ ${LNTYPE} = "cl" ];then + # withdraw destination satoshi [feerate] [minconf] [utxos] + command="$lightningcli_alias withdraw ${address} all slow" +elif [ ${LNTYPE} = "lnd" ];then + command="$lncli_alias sendcoins --sweepall --addr=${address} --conf_target=36" +fi echo "$command" result=$($command 2>$_error) -error=`cat ${_error}` -echo "" +error=$(cat ${_error}) +echo if [ ${#error} -gt 0 ]; then echo "FAIL: $error" - echo "" + echo echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "FAIL --> Was not able to send transaction (see error above)" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" else echo "Result: $result" - echo "" + echo echo "********************************************************************" fi -echo "" +echo echo "Press ENTER to return to main menu." read key \ No newline at end of file diff --git a/home.admin/BBcloseAllChannels.sh b/home.admin/BBcloseAllChannels.sh index af849a1a6..3437ec416 100755 --- a/home.admin/BBcloseAllChannels.sh +++ b/home.admin/BBcloseAllChannels.sh @@ -3,42 +3,88 @@ # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then chain=$(${network}-cli getblockchaininfo | jq -r '.chain') fi -# precheck: AutoPilot -if [ "${autoPilot}" = "on" ]; then - dialog --title 'Info' --msgbox 'You need to turn OFF the LND AutoPilot first,\nso that closed channels are not opening up again.\nYou find the AutoPilot -----> SERVICES section' 7 55 - exit 1 -fi +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) -command="lncli --chain=${network} --network=${chain}net closeallchannels --force" +if [ $LNTYPE = cl ];then + # https://lightning.readthedocs.io/lightning-close.7.html + peerlist=$($lightningcli_alias listpeers|grep '"id":'|awk '{print $2}'|cut -d, -f1) + # to display + function cl_closeall_command { + for i in $peerlist; do + # close id [unilateraltimeout] [destination] [fee_negotiation_step] [*wrong_funding*] + echo "$lightningcli_alias close $i 30;" + done + } + command=$(cl_closeall_command) + # to run + function cl_closeall { + for i in $peerlist; do + # close id [unilateraltimeout] [destination] [fee_negotiation_step] [*wrong_funding*] + echo "# Attempting a mutual close one-by-one with a 30 seconds timeout" + $lightningcli_alias close $i 30 + done + } +elif [ $LNTYPE = lnd ];then + # precheck: AutoPilot + if [ "${autoPilot}" = "on" ]; then + dialog --title 'Info' --msgbox 'You need to turn OFF the LND AutoPilot first,\nso that closed channels are not opening up again.\nYou find the AutoPilot -----> SERVICES section' 7 55 + exit 0 + fi + command="$lncli_alias closeallchannels --force" +fi clear -echo "***********************************" -echo "Closing All Channels (EXPERIMENTAL)" -echo "***********************************" -echo "" -echo "COMMAND LINE: " -echo $command -echo "" -echo "RESULT:" - -# PRECHECK) check if chain is in sync -chainInSync=$(lncli --chain=${network} --network=${chain}net getinfo | grep '"synced_to_chain": true' -c) -if [ ${chainInSync} -eq 0 ]; then - command="" - result="FAIL PRECHECK - lncli getinfo shows 'synced_to_chain': false - wait until chain is sync " +echo +echo "# Precheck" # PRECHECK) check if chain is in sync +if [ $LNTYPE = cl ];then + BLOCKHEIGHT=$($bitcoincli_alias getblockchaininfo|grep blocks|awk '{print $2}'|cut -d, -f1) + CLHEIGHT=$($lightningcli_alias getinfo | jq .blockheight) + if [ $BLOCKHEIGHT -eq $CLHEIGHT ];then + chainOutSync=0 + else + chainOutSync=1 + fi +elif [ $LNTYPE = lnd ];then + chainOutSync=$($lncli_alias getinfo | grep '"synced_to_chain": false' -c) fi +if [ ${chainOutSync} -eq 1 ]; then + if [ $LNTYPE = cl ];then + echo "# FAIL PRECHECK - '${netprefix}lightning-cli getinfo' blockheight is different from '${netprefix}bitcoind getblockchaininfo' - wait until chain is sync " + elif [ $LNTYPE = lnd ];then + echo "# FAIL PRECHECK - ${netprefix}lncli getinfo shows 'synced_to_chain': false - wait until chain is sync " + fi + echo + echo "# PRESS ENTER to return to menu" + read key + exit 0 +else + echo "# OK - the chain is synced" +fi + +echo "#####################################" +echo "# Closing All Channels (EXPERIMENTAL)" +echo "#####################################" +echo +echo "# COMMAND LINE: " +echo $command +echo +echo "# RESULT:" # execute command if [ ${#command} -gt 0 ]; then - ${command} + if [ $LNTYPE = cl ];then + cl_closeall + elif [ $LNTYPE = lnd ];then + ${command} + fi fi - -echo "" -echo "OK - please recheck if channels really closed" -sleep 5 + +echo +echo "# OK - please recheck if channels really closed" +sleep 5 \ No newline at end of file diff --git a/home.admin/BBconnectPeer.sh b/home.admin/BBconnectPeer.sh index 96ece91e9..75edfb964 100755 --- a/home.admin/BBconnectPeer.sh +++ b/home.admin/BBconnectPeer.sh @@ -1,30 +1,29 @@ #!/bin/bash +trap 'rm -f "$_temp"' EXIT +trap 'rm -f "$_error"' EXIT _temp=$(mktemp -p /dev/shm/) _error=$(mktemp -p /dev/shm/) # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then echo "gathering chain info ... please wait" chain=$(${network}-cli getblockchaininfo | jq -r '.chain') fi -# set ntwork map info -networkMap="https://lnmainnet.gaben.win" -if [ "$network" = "litecoin" ]; then - networkMap="https://lnexplorer.hcwong.me" -fi -if [ "$chain" = "test" ]; then - networkMap="https://explorer.acinq.co" -fi +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) # let user enter a @host l1="Enter the node pubkey address with host information:" l2="example -----> 024ddf33[...]1f5f9f3@91.65.1.38:9735" -l3="node directory -> 1ml.com" +if [ "$chain" = "main" ]; then + l3="node directory -> https://1ml.com" +elif [ "$chain" = "test" ]; then + l3="node directory -> https://1ml.com/testnet" +fi dialog --title "Open a Connection to a Peer" \ --backtitle "Lightning ( ${network} | ${chain} )" \ --inputbox "$l1\n$l2\n$l3" 10 60 2>$_temp @@ -35,21 +34,29 @@ if [ ${#_input} -eq 0 ]; then echo echo "no peer entered - returning to menu ..." sleep 2 - exit 1 + exit 0 fi +pubkey=$(echo "${_input}"|cut -d@ -f1) +# address=$(echo "${_input}"|cut -d@ -f2|cut -d: -f1) +# port=$(echo "${_input}"|cut -d: -f2) # build command -command="lncli --chain=${network} --network=${chain}net connect ${_input}" +if [ $LNTYPE = cl ];then + # connect id [host port] + command="$lightningcli_alias connect ${_input}" +elif [ $LNTYPE = lnd ];then + command="$lncli_alias connect ${_input}" +fi # info output clear echo "******************************" -echo "Connect to A Lightning Node" +echo "Connect to a Lightning Node" echo "******************************" -echo "" +echo echo "COMMAND LINE: " echo $command -echo "" +echo echo "RESULT (might have to wait for timeout):" win=1 @@ -59,7 +66,7 @@ info="" if [ ${#_input} -lt 10 ]; then win=0 info="node pubkey@host info is too short" -else +elif [ $LNTYPE = lnd ];then gotAt=$(echo $_input | grep '@' -c) if [ ${gotAt} -eq 0 ]; then win=0 @@ -82,13 +89,13 @@ if [ ${#result} -eq 0 ]; then info="No return value. Error not known." # try to get error output - result=`cat ${_error}` + result=$(cat "${_error}") echo "$result" # basic cli error cliError=$(echo "${result}" | grep "[lncli]" -c ) if [ ${cliError} -gt 0 ]; then - info="Its possible that LND daemon is not running, not configured correct or not connected to the lncli." + info="It's possible that the lightning daemon is not running, not configured correct or not connected to the cli." fi else @@ -97,8 +104,11 @@ else echo "$result" # check if the node is now in peer list - pubkey=$(echo $_input | cut -d '@' -f1) - isPeer=$(lncli --chain=${network} --network=${chain}net listpeers 2>/dev/null| grep "${pubkey}" -c) + if [ $LNTYPE = cl ];then + isPeer=$($lightningcli_alias listpeers 2>/dev/null| grep "${pubkey}" -c) + elif [ $LNTYPE = lnd ];then + isPeer=$($lncli_alias listpeers 2>/dev/null| grep "${pubkey}" -c) + fi if [ ${isPeer} -eq 0 ]; then # basic error message @@ -108,20 +118,21 @@ else # TODO: try to find out more details from cli output else + win=1 info="Perfect - a connection to that node got established :)" fi fi # output info -echo "" +echo if [ ${win} -eq 1 ]; then echo "******************************" echo "WIN" echo "******************************" echo "${info}" - echo "" - echo "Whats next? --> Open a channel with that node." + echo + echo "What's next? --> Open a channel with that node." else echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "FAIL" @@ -129,6 +140,6 @@ else echo "${info}" fi -echo "" +echo echo "Press ENTER to return to main menu." read key \ No newline at end of file diff --git a/home.admin/BBcreateInvoice.sh b/home.admin/BBcreateInvoice.sh index a291bf1a7..66374a50c 100755 --- a/home.admin/BBcreateInvoice.sh +++ b/home.admin/BBcreateInvoice.sh @@ -1,5 +1,7 @@ #!/bin/bash clear +trap 'rm -f "$_temp"' EXIT +trap 'rm -f "$_error"' EXIT _temp=$(mktemp -p /dev/shm/) _error=$(mktemp -p /dev/shm/) sudo chmod 7777 ${_error} 2>/dev/null @@ -7,23 +9,64 @@ sudo chmod 7777 ${_error} 2>/dev/null # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then echo "gathering chain info ... please wait" chain=$(${network}-cli getblockchaininfo | jq -r '.chain') fi -# Check if ready (chain in sync and channels open) -./XXchainInSync.sh $network $chain -if [ $? != 0 ]; then - exit 1 +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) + +source <(/home/admin/config.scripts/network.aliases.sh getvars $LNTYPE ${chain}net) + +# check if chain is in sync +if [ $LNTYPE = cl ];then + lncommand="${netprefix}lightning-cli" + BLOCKHEIGHT=$($bitcoincli_alias getblockchaininfo|grep blocks|awk '{print $2}'|cut -d, -f1) + CLHEIGHT=$($lightningcli_alias getinfo | jq .blockheight) + if [ $BLOCKHEIGHT -eq $CLHEIGHT ];then + cmdChainInSync=1 + else + cmdChainInSync=0 + fi +elif [ $LNTYPE = lnd ];then + lncommand="${netprefix}lncli" + cmdChainInSync="$lncli_alias getinfo | grep '"synced_to_chain": true' -c" +fi +chainInSync=${cmdChainInSync} +while [ "${chainInSync}" == "0" ]; do + dialog --title "Fail: not in sync" \ + --ok-label "Try now" \ + --cancel-label "Give up" \ + --pause "\n\n'$lncommand getinfo' shows 'synced_to_chain': false\n\nTry again in a few seconds." 15 60 5 + + if [ $? -gt 0 ]; then + exit 0 + fi + chainInSync=${cmdChainInSync} +done + +# check number of connected peers +echo "check for open channels" +if [ $LNTYPE = cl ];then + openChannels=$($lightningcli_alias listpeers | grep -c "CHANNELD_NORMAL") +elif [ $LNTYPE = lnd ];then + openChannels=$($lncli_alias listchannels 2>/dev/null | grep chan_id -c) +fi +if [ ${openChannels} -eq 0 ]; then + echo + echo "!!!!!!!!!!!!!!!!!!!" + echo "FAIL - You have NO ESTABLISHED CHANNELS .. open a channel first." + echo "!!!!!!!!!!!!!!!!!!!" + sleep 3 + exit 0 fi # let user enter the invoice -l1="Enter the AMOUNT IN SATOSHI of the invoice:" +l1="Enter the AMOUNT IN SATOSHIS to invoice:" l2="1 ${network} = 100 000 000 SAT" -dialog --title "Pay thru Lightning Network" \ +dialog --title "Request payment through Lightning" \ --inputbox "$l1\n$l2" 9 50 2>$_temp amount=$(cat $_temp | xargs | tr -dc '0-9') shred -u $_temp @@ -31,30 +74,37 @@ if [ ${#amount} -eq 0 ]; then clear echo echo "no amount entered - returning to menu ..." - sleep 2 - exit 1 + sleep 3 + exit 0 fi # TODO let user enter a description # build command -command="lncli --chain=${network} --network=${chain}net addinvoice ${amount}" +if [ $LNTYPE = cl ];then + label=$(date +%s) # seconds since 1970-01-01 00:00:00 UTC + # invoice msatoshi label description [expiry] [fallbacks] [preimage] [exposeprivatechannels] [cltv] + command="$lightningcli_alias invoice ${amount}sat $label ''" + # TODO warn about insufficient liquidity +elif [ $LNTYPE = lnd ];then + command="$lncli_alias addinvoice ${amount}" +fi # info output clear echo "******************************" echo "Create Invoice / Payment Request" echo "******************************" -echo "" +echo echo "COMMAND LINE: " echo $command -echo "" +echo echo "RESULT:" sleep 2 # execute command result=$($command 2>$_error) -error=`cat ${_error} 2>/dev/null` +error=$(cat ${_error} 2>/dev/null) #echo "result(${result})" #echo "error(${error})" @@ -65,9 +115,12 @@ if [ ${#error} -gt 0 ]; then echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "${error}" else - - rhash=$(echo "$result" | grep r_hash | cut -d '"' -f4) - payReq=$(echo "$result" | grep payment_request | cut -d '"' -f4) + if [ $LNTYPE = cl ];then + payReq=$(echo "$result" | grep bolt11 | cut -d '"' -f4) + elif [ $LNTYPE = lnd ];then + rhash=$(echo "$result" | grep r_hash | cut -d '"' -f4) + payReq=$(echo "$result" | grep payment_request | cut -d '"' -f4) + fi /home/admin/config.scripts/blitz.display.sh qr "${payReq}" if [ $(sudo dpkg-query -l | grep "ii qrencode" | wc -l) = 0 ]; then @@ -86,19 +139,27 @@ else echo "${payReq}" echo echo "Monitoring the Incoming Payment with:" - echo "lncli --chain=${network} --network=${chain}net lookupinvoice ${rhash}" + if [ $LNTYPE = cl ];then + echo "$lightningcli_alias waitinvoice $label" + elif [ $LNTYPE = lnd ];then + echo "$lncli_alias lookupinvoice ${rhash}" + fi echo "Press x and hold to skip to menu." while : do - - result=$(lncli --chain=${network} --network=${chain}net lookupinvoice ${rhash}) - wasPayed=$(echo $result | grep -c '"settled": true') + if [ $LNTYPE = cl ];then + result=$($lightningcli_alias waitinvoice $label) + wasPayed=$(echo $result | grep -c 'paid') + elif [ $LNTYPE = lnd ];then + result=$($lncli_alias lookupinvoice ${rhash}) + wasPayed=$(echo $result | grep -c '"settled": true') + fi if [ ${wasPayed} -gt 0 ]; then echo echo $result echo - echo "Returning to menu - OK Invoice payed." + echo "OK the Invoice was paid - returning to menu." /home/admin/config.scripts/blitz.display.sh hide /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/ok.png sleep 2 diff --git a/home.admin/BBfundWallet.sh b/home.admin/BBfundWallet.sh index 3425089a2..81cb922d9 100755 --- a/home.admin/BBfundWallet.sh +++ b/home.admin/BBfundWallet.sh @@ -4,41 +4,68 @@ clear # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then echo "gathering chain info ... please wait" chain=$(${network}-cli getblockchaininfo | jq -r '.chain') fi +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) + # PRECHECK) check if chain is in sync -chainOutSync=$(lncli --chain=${network} --network=${chain}net getinfo | grep '"synced_to_chain": false' -c) +if [ $LNTYPE = cl ];then + BLOCKHEIGHT=$($bitcoincli_alias getblockchaininfo|grep blocks|awk '{print $2}'|cut -d, -f1) + CLHEIGHT=$($lightningcli_alias getinfo | jq .blockheight) + if [ $BLOCKHEIGHT -eq $CLHEIGHT ];then + chainOutSync=0 + else + chainOutSync=1 + fi +elif [ $LNTYPE = lnd ];then + chainOutSync=$($lncli_alias getinfo | grep '"synced_to_chain": false' -c) +fi if [ ${chainOutSync} -eq 1 ]; then - echo "FAIL PRECHECK - lncli getinfo shows 'synced_to_chain': false - wait until chain is sync " - echo "" - echo "PRESS ENTER to return to menu" + if [ $LNTYPE = cl ];then + echo "# FAIL PRECHECK - lncli getinfo shows 'synced_to_chain': false - wait until chain is sync " + else + echo "# FAIL PRECHECK - 'lightning-cli getinfo' blockheight is different from 'bitcoind getblockchaininfo' - wait until chain is sync " + fi + echo + echo "# PRESS ENTER to return to menu" read key - exit 1 + exit 0 +else + echo "# OK - the chain is synced" fi # execute command -echo "calling lncli ... please wait" -command="lncli --chain=${network} --network=${chain}net newaddress p2wkh" +if [ $LNTYPE = cl ];then + command="$lightningcli_alias newaddr bech32" +elif [ $LNTYPE = lnd ];then + command="$lncli_alias newaddress p2wkh" +fi +echo "# Calling:" echo "${command}" +echo result=$($command) echo "$result" # on no result if [ ${#result} -eq 0 ]; then - echo "Empty result - sorry something went wrong - thats unusual." - echo "" - echo "PRESS ENTER to return to menu" + echo "# Empty result - sorry something went wrong - that is unusual." + echo + echo "# Press ENTER to return to menu" read key exit 1 fi - + # parse address from result -address=$( echo "$result" | grep "address" | cut -d '"' -f4) +if [ $LNTYPE = cl ];then + address=$( echo "$result" | grep "bech32" | cut -d '"' -f4) +elif [ $LNTYPE = lnd ];then + address=$( echo "$result" | grep "address" | cut -d '"' -f4) +fi # prepare coin info coininfo="Bitcoin" @@ -58,7 +85,7 @@ echo "generating QR code ... please wait" /home/admin/config.scripts/blitz.display.sh qr "$network:${address}" # dialog with instructions while QR code is shown on LCD -whiptail --backtitle "Fund your on chain wallet" \ +whiptail --backtitle "Fund your onchain wallet" \ --title "Send ${coininfo}" \ --yes-button "DONE" \ --no-button "Console QRcode" \ @@ -73,6 +100,11 @@ fi /home/admin/config.scripts/blitz.display.sh hide # follow up info -whiptail --backtitle "Fund your on chain wallet" \ +if [ $LNTYPE = cl ];then + string="Wait for confirmations." +elif [ $LNTYPE = lnd ];then + string="Wait for confirmations. \n\nYou can use info on LCD to check if funds have arrived. \n\nIf you want your lightning node to open channels automatically, activate the 'Autopilot' under 'Activate/Deactivate Services'" +fi +whiptail --backtitle "Fund your onchain wallet" \ --title "What's next?" \ - --msgbox "Wait for confirmations. \n\nYou can use info on LCD to check if funds have arrived. \n\nIf you want your lighting node to open channels automatically, activate the 'Autopilot' under 'Activate/Deactivate Services'" 0 0 \ No newline at end of file + --msgbox "$string" 0 0 \ No newline at end of file diff --git a/home.admin/BBopenChannel.sh b/home.admin/BBopenChannel.sh index 43ef1e100..a050b6a27 100755 --- a/home.admin/BBopenChannel.sh +++ b/home.admin/BBopenChannel.sh @@ -1,62 +1,101 @@ #!/bin/bash +trap 'rm -f "$_temp"' EXIT +trap 'rm -f "$_error"' EXIT _temp=$(mktemp -p /dev/shm/) _error=$(mktemp -p /dev/shm/) # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then echo "gathering chain info ... please wait" chain=$(${network}-cli getblockchaininfo | jq -r '.chain') fi -echo "" -echo "*** Precheck ***" +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) -# check if chain is in sync -chainInSync=$(lncli --chain=${network} --network=${chain}net getinfo | grep '"synced_to_chain": true' -c) -if [ ${chainInSync} -eq 0 ]; then - echo "FAIL - 'lncli getinfo' shows 'synced_to_chain': false" - echo "Wait until chain is sync with LND and try again." - echo "" - echo "Press ENTER to return to main menu." +echo +echo "# Precheck" # PRECHECK) check if chain is in sync +if [ $LNTYPE = cl ];then + BLOCKHEIGHT=$($bitcoincli_alias getblockchaininfo|grep blocks|awk '{print $2}'|cut -d, -f1) + CLHEIGHT=$($lightningcli_alias getinfo | jq .blockheight) + if [ $BLOCKHEIGHT -eq $CLHEIGHT ];then + chainOutSync=0 + else + chainOutSync=1 + fi +elif [ $LNTYPE = lnd ];then + chainOutSync=$($lncli_alias getinfo | grep '"synced_to_chain": false' -c) +fi +if [ ${chainOutSync} -eq 1 ]; then + if [ $LNTYPE = cl ];then + echo "# FAIL PRECHECK - 'lightning-cli getinfo' blockheight is different from 'bitcoind getblockchaininfo' - wait until chain is sync " + elif [ $LNTYPE = lnd ];then + echo "# FAIL PRECHECK - lncli getinfo shows 'synced_to_chain': false - wait until chain is sync " + fi + echo + echo "# PRESS ENTER to return to menu" read key - exit 1 + exit 0 +else + echo "# OK - the chain is synced" fi # check available funding -confirmedBalance=$(lncli --chain=${network} --network=${chain}net walletbalance | grep '"confirmed_balance"' | cut -d '"' -f4) +if [ $LNTYPE = cl ];then + for i in $($lightningcli_alias \ + listfunds|jq .outputs[]|jq 'select(.status=="confirmed")'|grep value|awk '{print $2}'|cut -d, -f1);do + confirmedBalance=$((confirmedBalance+i)) + done +elif [ $LNTYPE = lnd ];then + confirmedBalance=$($lncli_alias walletbalance | grep '"confirmed_balance"' | cut -d '"' -f4) +fi + if [ ${confirmedBalance} -eq 0 ]; then echo "FAIL - You have 0 SATOSHI in your confirmed LND On-Chain Wallet." echo "Please fund your on-chain wallet first and wait until confirmed." - echo "" + echo echo "Press ENTER to return to main menu." read key - exit 1 + exit 0 fi # check number of connected peers -numConnectedPeers=$(lncli --chain=${network} --network=${chain}net listpeers | grep pub_key -c) +if [ $LNTYPE = cl ];then + numConnectedPeers=$($lightningcli_alias listpeers | grep -c '"id":') +elif [ $LNTYPE = lnd ];then + numConnectedPeers=$($lncli_alias listpeers | grep pub_key -c) +fi + if [ ${numConnectedPeers} -eq 0 ]; then - echo "FAIL - no peers connected on lightning network" + echo "FAIL - no peers connected on the lightning network" echo "You can only open channels to peer nodes to connected to first." echo "Use CONNECT peer option in main menu first." - echo "" + echo echo "Press ENTER to return to main menu." read key - exit 1 + exit 0 fi # let user pick a peer to open a channels with OPTIONS=() -while IFS= read -r grepLine -do - pubKey=$(echo ${grepLine} | cut -d '"' -f4) - #echo "grepLine(${pubKey})" - OPTIONS+=(${pubKey} "") -done < <(lncli --chain=${network} --network=${chain}net listpeers | grep pub_key) +if [ $LNTYPE = cl ];then + while IFS= read -r grepLine + do + pubKey=$(echo ${grepLine} | cut -d '"' -f4) + # echo "grepLine(${pubKey})" + OPTIONS+=(${pubKey} "") + done < <($lightningcli_alias listpeers | grep '"id":') +elif [ $LNTYPE = lnd ];then + while IFS= read -r grepLine + do + pubKey=$(echo ${grepLine} | cut -d '"' -f4) + # echo "grepLine(${pubKey})" + OPTIONS+=(${pubKey} "") + done < <($lncli_alias listpeers | grep pub_key) +fi TITLE="Open (Payment) Channel" MENU="\nChoose a peer you connected to, to open the channel with: \n " pubKey=$(dialog --clear \ @@ -68,11 +107,11 @@ pubKey=$(dialog --clear \ clear if [ ${#pubKey} -eq 0 ]; then - clear - echo - echo "no channel selected - returning to menu ..." - sleep 4 - exit 1 + clear + echo + echo "no channel selected - returning to menu ..." + sleep 4 + exit 0 fi # find out what is the minimum amount @@ -82,15 +121,17 @@ minSat=20000 if [ "${network}" = "bitcoin" ]; then minSat=50000 fi -_error="./.error.out" -lncli --chain=${network} openchannel --network=${chain}net ${CHOICE} 1 0 2>$_error -error=`cat ${_error}` -if [ $(echo "${error}" | grep "channel is too small" -c) -eq 1 ]; then - minSat=$(echo "${error}" | tr -dc '0-9') +if [ $LNTYPE = lnd ];then + _error="./.error.out" + $lncli_alias openchannel ${pubkey} 1 0 2>$_error + error=$(cat ${_error}) + if [ $(echo "${error}" | grep "channel is too small" -c) -eq 1 ]; then + minSat=$(echo "${error}" | tr -dc '0-9') + fi fi # let user enter an amount -l1="Amount in SATOSHI to fund this channel:" +l1="Amount in satoshis to fund this channel:" l2="min required : ${minSat}" l3="max available : ${confirmedBalance}" dialog --title "Funding of Channel" \ @@ -101,7 +142,7 @@ if [ ${#amount} -eq 0 ]; then echo echo "no valid amount entered - returning to menu ..." sleep 4 - exit 1 + exit 0 fi # let user enter a confirmation target @@ -115,26 +156,31 @@ if [ ${#conf_target} -eq 0 ]; then echo echo "no valid target entered - returning to menu ..." sleep 4 - exit 1 + exit 0 fi # build command -command="lncli --chain=${network} --network=${chain}net openchannel --conf_target=${conf_target} ${pubKey} ${amount} 0" - +if [ $LNTYPE = cl ];then + # fundchannel id amount [feerate] [announce] [minconf] [utxos] [push_msat] [close_to] + feerate=$($bitcoincli_alias estimatesmartfee $conf_target |grep feerate|awk '{print $2}'|cut -c 5-7|bc) + command="$lightningcli_alias fundchannel ${pubKey} ${amount} $feerate" +elif [ $LNTYPE = lnd ];then + command="$lncli_alias openchannel --conf_target=${conf_target} ${pubKey} ${amount} 0" +fi # info output clear echo "******************************" echo "Open Channel" echo "******************************" -echo "" +echo echo "COMMAND LINE: " echo $command -echo "" +echo echo "RESULT:" # execute command -result=$($command 2>$_error) -error=`cat ${_error}` +result=$(eval $command 2>$_error) +error=$(cat ${_error}) #echo "result(${result})" #echo "error(${error})" @@ -149,20 +195,33 @@ else echo "WIN" echo "******************************" echo "${result}" - echo "" - echo "Whats next? --> You need to wait 3 confirmations, for the channel to be ready." - fundingTX=$(echo "${result}" | grep 'funding_txid' | cut -d '"' -f4) + echo + echo "What's next? --> You need to wait 3 confirmations for the channel to be ready." + if [ $LNTYPE = cl ];then + fundingTX=$(echo "${result}" | grep 'txid' | cut -d '"' -f4) + elif [ $LNTYPE = lnd ];then + fundingTX=$(echo "${result}" | grep 'funding_txid' | cut -d '"' -f4) + fi + echo if [ "${network}" = "bitcoin" ]; then if [ "${chain}" = "main" ]; then - echo "https://live.blockcypher.com/btc/tx/${fundingTX}" - else - echo "https://live.blockcypher.com/btc-testnet/tx/${fundingTX}" + #echo "https://live.blockcypher.com/btc/tx/${fundingTX}" + echo "https://mempool.space/tx/${fundingTX}" + elif [ "${chain}" = "test" ]||[ "${chain}" = "sig" ]; then + echo "https://mempool.space/${chain}net/tx/${fundingTX}" + fi + echo + echo "In the Tor Browser:" + if [ "${chain}" = "main" ]; then + echo "http://mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad.onion/tx/${fundingTX}" + elif [ "${chain}" = "test" ]||[ "${chain}" = "sig" ]; then + echo "http://mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad.onion/${chain}net/tx/${fundingTX}" fi fi if [ "${network}" = "litecoin" ]; then echo "https://live.blockcypher.com/ltc/tx/${fundingTX}/" fi fi -echo "" +echo echo "Press ENTER to return to main menu." read key \ No newline at end of file diff --git a/home.admin/BBpayInvoice.sh b/home.admin/BBpayInvoice.sh index aafcc8418..51616bc64 100755 --- a/home.admin/BBpayInvoice.sh +++ b/home.admin/BBpayInvoice.sh @@ -1,5 +1,7 @@ #!/bin/bash clear +trap 'rm -f "$_temp"' EXIT +trap 'rm -f "$_error"' EXIT _temp=$(mktemp -p /dev/shm/) _error=$(mktemp -p /dev/shm/) sudo chmod 7777 ${_error} 2>/dev/null @@ -7,17 +9,59 @@ sudo chmod 7777 ${_error} 2>/dev/null # load raspiblitz config data (with backup from old config) source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then network=`cat .network`; fi +if [ ${#network} -eq 0 ]; then network=$(cat .network); fi if [ ${#network} -eq 0 ]; then network="bitcoin"; fi if [ ${#chain} -eq 0 ]; then echo "gathering chain info ... please wait" chain=$(${network}-cli getblockchaininfo | jq -r '.chain') fi -# Check if ready (chain in sync and channels open) -./XXchainInSync.sh $network $chain -if [ $? != 0 ]; then - exit 1 +source <(/home/admin/config.scripts/network.aliases.sh getvars $1 $2) + +source <(/home/admin/config.scripts/network.aliases.sh getvars $LNTYPE ${chain}net) + +# check if chain is in sync +if [ $LNTYPE = cl ];then + lncommand="${netprefix}lightning-cli" + BLOCKHEIGHT=$($bitcoincli_alias getblockchaininfo|grep blocks|awk '{print $2}'|cut -d, -f1) + CLHEIGHT=$($lightningcli_alias getinfo | jq .blockheight) + if [ $BLOCKHEIGHT -eq $CLHEIGHT ];then + cmdChainInSync=1 + else + cmdChainInSync=0 + fi +elif [ $LNTYPE = lnd ];then + lncommand="${netprefix}lncli" + cmdChainInSync="$lncli_alias getinfo | grep '"synced_to_chain": true' -c" +fi +chainInSync=${cmdChainInSync} +while [ "${chainInSync}" == "0" ]; do + dialog --title "Fail: not in sync" \ + --ok-label "Try now" \ + --cancel-label "Give up" \ + --pause "\n\n'$lncommand getinfo' shows 'synced_to_chain': false\n\nTry again in a few seconds." 15 60 5 + + if [ $? -gt 0 ]; then + exit 0 + fi + chainInSync=${cmdChainInSync} +done + +# check number of connected peers +echo "check for open channels" +if [ $LNTYPE = cl ];then + openChannels=$($lightningcli_alias listpeers | grep -c "CHANNELD_NORMAL") +elif [ $LNTYPE = lnd ];then + openChannels=$($lncli_alias listchannels 2>/dev/null | grep chan_id -c) +fi +if [ ${openChannels} -eq 0 ]; then + echo + echo "!!!!!!!!!!!!!!!!!!!" + echo "FAIL - You have NO ESTABLISHED CHANNELS .. open a channel first." + echo "!!!!!!!!!!!!!!!!!!!" + sleep 3 + echo + exit 0 fi paymentRequestStart="???" @@ -36,7 +80,7 @@ if [ "${network}" = "bitcoin" ]; then if [ "${chain}" = "main" ]; then testSite="https://satoshis.place" else - testSite="https://testnet.satoshis.place" + testSite="https://starblocks.acinq.co/" fi elif [ "${network}" = "litecoin" ]; then testSite="https://millionlitecoinhomepage.net" @@ -46,7 +90,7 @@ fi l1="Copy the LightningInvoice/PaymentRequest into here:" l2="Its a long string starting with '${paymentRequestStart}'" l3="To try it out go to: ${testSite}" -dialog --title "Pay thru Lightning Network" \ +dialog --title "Pay through the Lightning Network" \ --inputbox "$l1\n$l2\n$l3" 10 70 2>$_temp invoice=$(cat $_temp | xargs) shred -u $_temp @@ -54,36 +98,45 @@ if [ ${#invoice} -eq 0 ]; then clear echo echo "no invoice entered - returning to menu ..." - sleep 2 - exit 1 + sleep 3 + exit 0 fi # TODO: maybe try/show the decoded info first by using https://api.lightning.community/#decodepayreq # build command -command="lncli --chain=${network} --network=${chain}net sendpayment --force --pay_req=${invoice}" +if [ $LNTYPE = cl ];then + # pay bolt11 [msatoshi] [label] [riskfactor] [maxfeepercent] [retry_for] [maxdelay] [exemptfee] + command="$lightningcli_alias pay ${invoice}" +elif [ $LNTYPE = lnd ];then + command="$lncli_alias sendpayment --force --pay_req=${invoice}" +fi # info output clear echo "************************************************************" echo "Pay Invoice / Payment Request" -echo "This script is as an example how to use the lncli interface." -echo "Its not optimized for performance or error handling." +echo "This script is an example using lightning in the command line." +echo "It is not optimized for performance or error handling." echo "************************************************************" -echo "" +echo echo "COMMAND LINE: " echo $command -echo "" +echo echo "RESULT (may wait in case of timeout):" # execute command result=$($command 2>$_error) -error=`cat ${_error}` +error=$(cat ${_error}) #echo "result(${result})" #echo "error(${error})" -resultIsError=$(echo "${result}" | grep -c "payment_error") +if [ $LNTYPE = cl ];then + resultIsError=$(echo "${result}" | grep -c '"code":') +elif [ $LNTYPE = lnd ];then + resultIsError=$(echo "${result}" | grep -c "payment_error") +fi if [ ${resultIsError} -gt 0 ]; then error="${result}" fi @@ -99,8 +152,8 @@ else echo "******************************" echo "WIN" echo "******************************" - echo "It worked :) - check out the service you were paying." + echo "It worked :) - check the service you were paying." fi -echo "" +echo echo "Press ENTER to return to main menu." read key diff --git a/home.admin/BlitzTUI/blitztui/main.py b/home.admin/BlitzTUI/blitztui/main.py index 70493268c..b24e5b987 100644 --- a/home.admin/BlitzTUI/blitztui/main.py +++ b/home.admin/BlitzTUI/blitztui/main.py @@ -522,7 +522,7 @@ class AppWindow(QMainWindow): process = QProcess(self) process.start('uxterm', ['-fa', 'Terminus', '-fs', '9', '-fn', 'fixed', '-into', str(int(self.ui.widget.winId())), - '+sb', '-hold', '-e', 'bash -c \"sudo /home/admin/XXshutdown.sh\"']) + '+sb', '-hold', '-e', 'bash -c \"sudo /home/admin/config.scripts/blitz.shutdown.sh\"']) def b4_restart(self): log.info("restart") @@ -532,7 +532,7 @@ class AppWindow(QMainWindow): process = QProcess(self) process.start('uxterm', ['-fa', 'Terminus', '-fs', '9', '-fn', 'fixed', '-into', str(int(self.ui.widget.winId())), - '+sb', '-hold', '-e', 'bash -c \"sudo /home/admin/XXshutdown.sh reboot\"']) + '+sb', '-hold', '-e', 'bash -c \"sudo /home/admin/config.scripts/blitz.shutdown.sh reboot\"']) def create_new_invoice(self, memo="Pay to RaspiBlitz", amt=0): if IS_DEV_ENV: diff --git a/home.admin/XXchainInSync.sh b/home.admin/XXchainInSync.sh deleted file mode 100755 index 9e102072e..000000000 --- a/home.admin/XXchainInSync.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash - -# Check if lnd is synced to chain and channels are open -# If it isn't, wait until it is -# exits with 1 if it isn't. - -network=$1 -chain=$2 - -# check if chain is in sync -cmdChainInSync="lncli --chain=${network} --network=${chain}net getinfo | grep '"synced_to_chain": true' -c" -chainInSync=${cmdChainInSync} -while [ "${chainInSync}" == "0" ]; do - dialog --title "Fail: not in sync" \ - --ok-label "Try now" \ - --cancel-label "Give up" \ - --pause "\n\n'lncli getinfo' shows 'synced_to_chain': false\n\nTry again in a few seconds." 15 60 5 - - if [ $? -gt 0 ]; then - exit 1 - fi - chainInSync=${cmdChainInSync} -done - -# check number of connected peers -echo "check for open channels" -openChannels=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net listchannels 2>/dev/null | grep chan_id -c) -if [ ${openChannels} -eq 0 ]; then - echo "" - echo "!!!!!!!!!!!!!!!!!!!" - echo "FAIL - You have NO ESTABLISHED CHANNELS .. open a channel first." - echo "!!!!!!!!!!!!!!!!!!!" - echo "" - exit 1 -fi - -exit 0 diff --git a/home.admin/XXdebugLogs.sh b/home.admin/XXdebugLogs.sh deleted file mode 100755 index 6d15acb94..000000000 --- a/home.admin/XXdebugLogs.sh +++ /dev/null @@ -1,220 +0,0 @@ -#!/bin/bash - -# USE THIS SCRIPT FOR BASIC SYSTEM STATUS DEBUG INFO - -# load code software version -source /home/admin/_version.info - -## get basic info (its OK if not set yet) -source /home/admin/raspiblitz.info 2>/dev/null -source /mnt/hdd/raspiblitz.conf 2>/dev/null - -# for old nodes -if [ ${#network} -eq 0 ]; then - echo "backup info: network" - network="bitcoin" - litecoinActive=$(sudo ls /mnt/hdd/litecoin/litecoin.conf | grep -c 'litecoin.conf') - if [ ${litecoinActive} -eq 1 ]; then - network="litecoin" - fi -fi - -# for non final config nodes -if [ ${#chain} -eq 0 ]; then - echo "backup info: chain" - chain="test" - isMainChain=$(sudo cat /mnt/hdd/${network}/${network}.conf 2>/dev/null | grep "testnet=0" -c) - if [ ${isMainChain} -gt 0 ];then - chain="main" - fi -fi - -clear -echo "" -echo "***************************************************************" -echo "* RASPIBLITZ DEBUG LOGS " -echo "***************************************************************" -echo "blitzversion: ${codeVersion}" -echo "chainnetwork: ${network} / ${chain}" -uptime -echo "" - -echo "*** BLOCKCHAIN SYSTEMD STATUS ***" -sudo systemctl status ${network}d -n2 --no-pager -echo "" - -echo "*** LAST BLOCKCHAIN ERROR LOGS ***" -echo "sudo journalctl -u ${network}d -b --no-pager -n8" -sudo journalctl -u ${network}d -b --no-pager -n8 -cat /home/admin/systemd.blockchain.log | grep "ERROR" | tail -n -2 -echo "" -echo "*** LAST BLOCKCHAIN 20 INFO LOGS ***" -pathAdd="" -if [ "${chain}" = "test" ]; then - pathAdd="/testnet3" -fi -echo "sudo tail -n 20 /mnt/hdd/${network}${pathAdd}/debug.log" -sudo tail -n 20 /mnt/hdd/${network}${pathAdd}/debug.log -echo "" - -echo "*** LND SYSTEMD STATUS ***" -sudo systemctl status lnd -n2 --no-pager -echo "" - -echo "*** LAST LND ERROR LOGS ***" -echo "sudo journalctl -u lnd -b --no-pager -n12" -sudo journalctl -u lnd -b --no-pager -n12 -cat /home/admin/systemd.lightning.log | grep "ERROR" | tail -n -1 -echo "" -echo "*** LAST 30 LND INFO LOGS ***" -echo "sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log" -sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log -echo "" - -echo "*** NGINX SYSTEMD STATUS ***" -sudo systemctl status nginx -n2 --no-pager -echo "" - -echo "*** LAST NGINX LOGS ***" -echo "sudo journalctl -u nginx -b --no-pager -n20" -sudo journalctl -u nginx -b --no-pager -n20 -echo "--> CHECK CONFIG: sudo nginx -t" -sudo nginx -t -echo "" - -if [ "${touchscreen}" = "0" ]; then - echo "- TOUCHSCREEN is OFF by config" -else - echo "" - echo "*** LAST 20 TOUCHSCREEN LOGS ***" - echo "sudo tail -n 20 /home/pi/.cache/lxsession/LXDE-pi/run.log" - sudo tail -n 20 /home/pi/.cache/lxsession/LXDE-pi/run.log - echo "" -fi - -if [ "${loop}" = "off" ]; then - echo "- Loop is OFF by config" -else - echo "" - echo "*** LAST 20 LOOP LOGS ***" - echo "sudo journalctl -u loopd -b --no-pager -n20" - sudo journalctl -u loopd -b --no-pager -n20 - echo "" -fi - -if [ "${rtlWebinterface}" = "off" ]; then - echo "- RTL is OFF by config" -else - echo "" - echo "*** LAST 20 RTL LOGS ***" - echo "sudo journalctl -u RTL -b --no-pager -n20" - sudo journalctl -u RTL -b --no-pager -n20 - echo "" -fi - -if [ "${ElectRS}" = "off" ]; then - echo "- Electrum Rust Server is OFF by config" -else - echo "" - echo "*** LAST 20 ElectRS LOGS ***" - echo "sudo journalctl -u electrs -b --no-pager -n20" - sudo journalctl -u electrs -b --no-pager -n20 - echo "" - echo "*** ElectRS Status ***" - sudo /home/admin/config.scripts/bonus.electrs.sh status - echo "" -fi - -if [ "${lit}" = "off" ]; then - echo "- LIT is OFF by config" -else - echo "" - echo "*** LAST 20 LIT LOGS ***" - echo "sudo journalctl -u litd -b --no-pager -n20" - sudo journalctl -u litd -b --no-pager -n20 - echo "" -fi - -if [ "${BTCPayServer}" = "off" ]; then - echo "- BTCPayServer is OFF by config" -else - echo "" - echo "*** LAST 20 BTCPayServer LOGS ***" - echo "sudo journalctl -u btcpayserver -b --no-pager -n20" - sudo journalctl -u btcpayserver -b --no-pager -n20 - echo "" -fi - -if [ "${LNBits}" = "off" ]; then - echo "- LNbits is OFF by config" -else - echo "" - echo "*** LAST 20 LNbits LOGS ***" - echo "sudo journalctl -u lnbits -b --no-pager -n20" - sudo journalctl -u lnbits -b --no-pager -n20 - echo "" -fi - -if [ "${thunderhub}" = "off" ]; then - echo "- Thunderhub is OFF by config" -else - echo "" - echo "*** LAST 20 Thunderhub LOGS ***" - echo "sudo journalctl -u thunderhub -b --no-pager -n20" - sudo journalctl -u thunderhub -b --no-pager -n20 - echo "" -fi - -if [ "${specter}" = "off" ]; then - echo "- SPECTER is OFF by config" -else - echo "" - echo "*** LAST 20 SPECTER LOGS ***" - echo "sudo journalctl -u cryptoadvance-specter -b --no-pager -n20" - sudo journalctl -u cryptoadvance-specter -b --no-pager -n20 - echo "" -fi - -if [ "${sphinxrelay}" = "off" ]; then - echo "- SPHINX is OFF by config" -else - echo "" - echo "*** LAST 20 SPHINX LOGS ***" - echo "sudo journalctl -u sphinxrelay -b --no-pager -n20" - sudo journalctl -u sphinxrelay -b --no-pager -n20 - echo "" -fi - -echo "" -echo "*** MOUNTED DRIVES ***" -df -T -h -echo "" - -echo "" -echo "*** DATADRIVE ***" -sudo /home/admin/config.scripts/blitz.datadrive.sh status -echo "" - -echo "*** NETWORK ***" -sudo /home/admin/config.scripts/internet.sh status | grep 'network_device\|localip\|dhcp' -echo "" - -echo "*** HARDWARE TEST RESULTS ***" -showImproveInfo=0 -if [ ${#undervoltageReports} -gt 0 ]; then - echo "UndervoltageReports in Logs: ${undervoltageReports}" - if [ ${undervoltageReports} -gt 0 ]; then - showImproveInfo=1 - fi -fi -echo "" - -echo "*** SYSTEM STATUS (can take some seconds to gather) ***" -sudo /home/admin/config.scripts/blitz.statusscan.sh -echo "" - -echo "*** OPTION: SHARE THIS DEBUG OUTPUT ***" -echo "An easy way to share this debug output on GitHub or on a support chat" -echo "use the following command and share the resulting link:" -echo "/home/admin/XXdebugLogs.sh | nc termbin.com 9999" -echo "" diff --git a/home.admin/_background.sh b/home.admin/_background.sh index 4e4528958..552c377b9 100755 --- a/home.admin/_background.sh +++ b/home.admin/_background.sh @@ -37,20 +37,52 @@ do # count up counter=$(($counter+1)) + # limit counter to max seconds per week: + # 604800 = 60sec * 60min * 24hours * 7days + if [ ${counter} -gt 604800 ]; then + counter=0 + echo "counter zero reset" + fi + # gather the uptime seconds upSeconds=$(cat /proc/uptime | grep -o '^[0-9]\+') - # prevent restart if COPY OVER LAN is running - # see: https://github.com/rootzoll/raspiblitz/issues/1179#issuecomment-646079467 - source ${infoFile} - if [ "${state}" == "copysource" ]; then - echo "copysource mode: skipping background loop" - sleep 10 + # source info file fresh on every loop + source ${infoFile} 2>/dev/null + + #################################################### + # SKIP BACKGROUND TASK LOOP ON CERTAIN SYSTEM STATES + # https://github.com/rootzoll/raspiblitz/issues/160 + #################################################### + + if [ "${state}" == "" ] || [ "${state}" == "copysource" ] || [ "${state}" == "copytarget" ]; then + echo "skipping background loop (${counter}) - state(${state})" + sleep 1 continue fi #################################################### - # RECHECK DHCP-SERVER + # CHECK IF LOCAL IP CHANGED + #################################################### + oldLocalIP="${localip}"; + source <(/home/admin/config.scripts/internet.sh status) + if [ "${oldLocalIP}" != "${localip}" ]; then + echo "local IP changed old(${oldLocalIP}) new(${localip}) - updating in raspiblitz.info" + sed -i "s/^localip=.*/localip='${localip}'/g" ${infoFile} + fi + + #################################################### + # SKIP REST OF THE TASKS IF STILL IN SETUP PHASE + #################################################### + + if [ "${setupPhase}" != "done" ]; then + echo "skipping rest of tasks because still in setupPhase(${setupPhase})" + sleep 1 + continue + fi + + #################################################### + # RECHECK DHCP-SERVER # https://github.com/rootzoll/raspiblitz/issues/160 #################################################### @@ -60,13 +92,13 @@ do echo "*** RECHECK DHCP-SERVER ***" # get the local network IP - localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localip=$(hostname -I | awk '{print $1}') echo "localip(${localip})" - # detect a missing DHCP config + # detect a missing DHCP config if [ "${localip:0:4}" = "169." ]; then echo "Missing DHCP detected ... trying emergency reboot" - sudo /home/admin/XXshutdown.sh reboot + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot else echo "DHCP OK" fi @@ -127,42 +159,57 @@ do if [ ${publicIPChanged} -gt 0 ]; then echo "*** change of public IP detected ***" - echo " old: ${publicIP}" + + # store the old IP address + publicIP_Old="${publicIP}" # refresh data source /mnt/hdd/raspiblitz.conf - echo " new: ${publicIP}" + # store the new IP address + publicIP_New="${publicIP}" + # some log output + echo " old: ${publicIP_Old}" + echo " new: ${publicIP_New}" # if we run on IPv6 only, the global IPv6 address at the current network device (e.g: eth0) is the public IP if [ "${ipv6}" = "on" ]; then - # restart bitcoind as the global IP is stored in the node configuration - # and we will get more connections if this matches our real IP address - # otherwise the bitcoin-node connections will slowly decline - echo "IPv6 only is enabled => restart bitcoind to pickup up new publicIP as local IP" - sudo systemctl stop bitcoind - sleep 3 - sudo systemctl start bitcoind - - # if BTCRPCexplorer is currently running - # it needs to be restarted to pickup the new IP for its "Node Status Page" - # but this is only needed in IPv6 only mode - breIsRunning=$(sudo systemctl status btc-rpc-explorer 2>/dev/null | grep -c 'active (running)') - if [ ${breIsRunning} -eq 1 ]; then - echo "BTCRPCexplorer is running => restart BTCRPCexplorer to pickup up new publicIP for the bitcoin node" - sudo systemctl stop btc-rpc-explorer - sudo systemctl start btc-rpc-explorer - else - echo "new publicIP but no BTCRPCexplorer restart because not running" - fi + # if the old or the new IPv6 address is "::1" something has gone wrong in "internet.sh update-publicip" => no need to restart services + if [ "${publicIP_Old}" != "::1" ] && [ "${publicIP_New}" != "::1" ]; then + # restart bitcoind as the global IP is stored in the node configuration + # and we will get more connections if this matches our real IP address + # otherwise the bitcoin-node connections will slowly decline + echo "IPv6 only is enabled => restart bitcoind to pickup up new publicIP as local IP" + sudo systemctl stop bitcoind + sleep 3 + sudo systemctl start bitcoind + # if BTCRPCexplorer is currently running + # it needs to be restarted to pickup the new IP for its "Node Status Page" + # but this is only needed in IPv6 only mode + breIsRunning=$(sudo systemctl status btc-rpc-explorer 2>/dev/null | grep -c 'active (running)') + if [ ${breIsRunning} -eq 1 ]; then + echo "BTCRPCexplorer is running => restart BTCRPCexplorer to pickup up new publicIP for the bitcoin node" + sudo systemctl stop btc-rpc-explorer + sudo systemctl start btc-rpc-explorer + else + echo "new publicIP but no BTCRPCexplorer restart because not running" + fi + else + echo "IPv6 only is ON, but publicIP_Old OR publicIP_New is equal ::1 => no need to restart bitcoind nor BTCRPCexplorer" + fi else echo "IPv6 only is OFF => no need to restart bitcoind nor BTCRPCexplorer" - fi + fi # only restart LND if auto-unlock is activated + # AND neither the old nor the new IPv6 address is "::1" if [ "${autoUnlock}" = "on" ]; then - echo "restart LND to pickup up new publicIP" - sudo systemctl stop lnd - sudo systemctl start lnd + if [ "${publicIP_Old}" != "::1" ] && [ "${publicIP_New}" != "::1" ]; then + echo "restart LND to pickup up new publicIP" + sudo systemctl stop lnd + sudo systemctl start lnd + else + echo "publicIP_Old OR publicIP_New is equal ::1 => no need to restart LND" + fi else echo "new publicIP but no LND restart because no auto-unlock" fi @@ -183,9 +230,9 @@ do # check every 1min recheckSync=$(($counter % 60)) if [ ${recheckSync} -eq 1 ]; then - source <(sudo -u admin /home/admin/config.scripts/network.monitor.sh peer-status) + source <(sudo /home/admin/config.scripts/network.monitor.sh peer-status) echo "Blockchain Sync Monitoring: peers=${peers}" - if [ "${peers}" == "0" ]; then + if [ "${peers}" == "0" ] && [ "${running}" == "1" ]; then echo "Blockchain Sync Monitoring: ZERO PEERS DETECTED .. doing out-of-band kickstart" sudo /home/admin/config.scripts/network.monitor.sh peer-kickstart fi @@ -221,7 +268,7 @@ do fi blitzTUIHeartBeatLine="${latestHeartBeatLine}" fi - + ############################### # SCB Monitoring ############################### @@ -282,14 +329,19 @@ do # check if a SCP backup target is set # parameter in raspiblitz.conf: # scpBackupTarget='[USER]@[SERVER]:[DIRPATH-WITHOUT-ENDING-/]' + # optionally a custom option string for the scp command can be set with + # scpBackupOptions='[YOUR-CUSTOM-OPTIONS]' # On target server add the public key of your RaspiBlitz to the authorized_keys for the user # https://www.linode.com/docs/security/authentication/use-public-key-authentication-with-ssh/ if [ ${#scpBackupTarget} -gt 0 ]; then echo "--> Offsite-Backup SCP Server" + if [ "${scpBackupOptions}" == "" ]; then + scpBackupOptions="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + fi # its ok to ignore known host, because data is encrypted (worst case of MiM would be: no offsite channel backup) # but its more likely that without ignoring known host, script might not run thru and that way: no offsite channel backup - sudo scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${localBackupPath} ${scpBackupTarget}/ - sudo scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${localTimestampedPath} ${scpBackupTarget}/ + sudo scp ${scpBackupOptions} ${localBackupPath} ${scpBackupTarget}/ + sudo scp ${scpBackupOptions} ${localTimestampedPath} ${scpBackupTarget}/ result=$? if [ ${result} -eq 0 ]; then echo "OK - SCP Backup exited with 0" @@ -314,6 +366,18 @@ do fi fi + # check if Nextcloud backups are enabled + if [ $nextcloudBackupServer ] && [ $nextcloudBackupUser ] && [ $nextcloudBackupPassword ]; then + echo "--> Offsite-Backup Nextcloud" + source <(sudo /home/admin/config.scripts/nextcloud.upload.sh upload ${localBackupPath}) + source <(sudo /home/admin/config.scripts/nextcloud.upload.sh upload ${localTimestampedPath}) + if [ ${#err} -gt 0 ]; then + echo "FAIL - ${err}" + else + echo "OK - ${upload}" + fi + fi + #else # echo "Channel Backup File not changed." fi @@ -341,7 +405,7 @@ do # check every hour recheckRAID=$((($counter % 3600)+1)) if [ ${recheckRAID} -eq 1 ]; then - + # check if raid is active source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) if [ ${isRaid} -eq 1 ]; then @@ -354,7 +418,6 @@ do fi - ############################### # LND AUTO-UNLOCK ############################### @@ -367,12 +430,12 @@ do if [ "${autoUnlock}" = "on" ]; then # check if lnd is locked - locked=$(sudo -u bitcoin /usr/local/bin/lncli --chain=${network} --network=${chain}net getinfo 2>&1 | grep -c unlock) - if [ ${locked} -gt 0 ]; then + source <(/home/admin/config.scripts/lnd.unlock.sh status) + if [ "${locked}" != "0" ]; then echo "STARTING AUTO-UNLOCK ..." sudo /home/admin/config.scripts/lnd.unlock.sh - + fi fi fi @@ -406,9 +469,10 @@ do recheckIBD=$((($counter % 60)+1)) if [ ${recheckIBD} -eq 1 ]; then # check if flag exists (got created on 50syncHDD.sh) - flagExists=$(ls /home/admin/selfsync.flag 2>/dev/null | grep -c "selfsync.flag") + flagExists=$(ls /mnt/hdd/${network}/blocks/selfsync.flag 2>/dev/null | grep -c "selfsync.flag") if [ ${flagExists} -eq 1 ]; then - finishedIBD=$(sudo -u bitcoin ${network}-cli getblockchaininfo | grep "initialblockdownload" | grep -c "false") + source <(/home/admin/config.scripts/network.aliases.sh getvars) + finishedIBD=$($bitcoincli_alias getblockchaininfo | grep "initialblockdownload" | grep -c "false") if [ ${finishedIBD} -eq 1 ]; then echo "CHECK FOR END OF IBD --> reduce RAM, check TOR and restart ${network}d" @@ -444,18 +508,6 @@ do fi fi - ############################### - # Set the address API use for BTC-RPC-Explorer depending on Electrs status - ############################### - - # check every 10 minutes - electrsExplorer=$((($counter % 600)+1)) - if [ ${electrsExplorer} -eq 1 ]; then - if [ "${BTCRPCexplorer}" = "on" ]; then - /home/admin/config.scripts/bonus.electrsexplorer.sh - fi - fi - ############################### # Prepare next loop ############################### @@ -463,12 +515,5 @@ do # sleep 1 sec sleep 1 - # limit counter to max seconds per week: - # 604800 = 60sec * 60min * 24hours * 7days - if [ ${counter} -gt 604800 ]; then - counter=0 - echo "counter zero reset" - fi - done diff --git a/home.admin/_bootstrap.migration.sh b/home.admin/_bootstrap.migration.sh deleted file mode 100755 index f211d3261..000000000 --- a/home.admin/_bootstrap.migration.sh +++ /dev/null @@ -1,252 +0,0 @@ -#!/bin/bash - -# LOGFILE - store debug logs of bootstrap -logFile="/home/admin/raspiblitz.log" - -# INFOFILE - state data from bootstrap -infoFile="/home/admin/raspiblitz.info" - -# CONFIGFILE - configuration of RaspiBlitz -configFile="/mnt/hdd/raspiblitz.conf" - -# debug info -echo "STARTED Migration/Init --> see logs in ${logFile}" -echo "STARTED Migration/Init" >> ${logFile} -sudo sed -i "s/^message=.*/message='Running Data Migration'/g" ${infoFile} - -# HDD BTRFS RAID REPAIR IF NEEDED -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) -if [ ${isBTRFS} -eq 1 ] && [ ${isMounted} -eq 1 ]; then - echo "CHECK BTRFS RAID" >> ${logFile} - if [ ${isRaid} -eq 1 ] && [ ${#raidUsbDev} -eq 0 ]; then - echo "HDD was set to work in RAID, but RAID drive is not connected" >> ${logFile} - echo "Trying to set HDD back to single mode." >> ${logFile} - sudo /home/admin/config.scripts/blitz.datadrive.sh raid off >> ${logFile} - else - echo "OK" >> ${logFile} - fi -fi - -# LOAD DATA & PRECHECK - -# check if there is a config file -configExists=$(ls ${configFile} 2>/dev/null | grep -c '.conf') -if [ ${configExists} -eq 0 ]; then - echo "FAIL see ${logFile}" - echo "FAIL: no config file (${configFile}) found to init or upgrade!" >> ${logFile} - exit 1 -fi - -# load old or init raspiblitz config -source ${configFile} - -# check if config files contains basic: hostname -if [ ${#hostname} -eq 0 ]; then - echo "FAIL see ${logFile}" - echo "FAIL: missing hostname in (${configFile})!" >> ${logFile} - exit 1 -fi - -# load codeVersion -source /home/admin/_version.info - -# check if code version was loaded -if [ ${#codeVersion} -eq 0 ]; then - echo "FAIL see ${logFile}" - echo "FAIL: no code version (/home/admin/_version.info) found!" >> ${logFile} - exit 1 -fi - -echo "prechecks OK" >> ${logFile} - -# DEFAULT VALUES - MISSING data fields on init or update - -# AUTOPILOT -# autoPilot=off|on -if [ ${#autoPilot} -eq 0 ]; then - echo "autoPilot=off" >> $configFile -fi - -# AUTO NAT DISCOVERY -# autoNatDiscovery=off|on -if [ ${#autoNatDiscovery} -eq 0 ]; then - echo "autoNatDiscovery=off" >> $configFile -fi - -# TOR -# runBehindTor=off|on -if [ ${#runBehindTor} -eq 0 ]; then - echo "runBehindTor=off" >> $configFile -fi - -# RideTheLightning RTL -# rtlWebinterface=off|on -if [ ${#rtlWebinterface} -eq 0 ]; then - echo "rtlWebinterface=off" >> $configFile -fi - -echo "default values OK" >> ${logFile} - -# MIGRATION - DATA CONVERSION when updating config -# this is the place if on a future version change -# a conversion of config data or app data is needed - -# if old bitcoin.conf exists ... -configExists=$(sudo ls /mnt/hdd/bitcoin/bitcoin.conf | grep -c '.conf') -if [ ${configExists} -eq 1 ]; then - echo "Checking old bitcoin.conf ..." >> ${logFile} - - # make sure to fix bitcoind RPC port if not done in old version - # https://github.com/rootzoll/raspiblitz/issues/217 - # https://github.com/rootzoll/raspiblitz/issues/950 - - if ! grep -Eq "^rpcallowip=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #217 -> adding rpcallowip=127.0.0.1" >> ${logFile} - echo "rpcallowip=127.0.0.1" >> /mnt/hdd/${network}/${network}.conf - else - echo "check issue #217 -> ok rpcallow exists" >> ${logFile} - fi - - # check whether "main." needs to be added to rpcport and rpcbind - if grep -Eq "^rpcport=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #950 -> change rpcport to main.rpcport" >> ${logFile} - sudo sed -i -E 's/^(rpcport=.*)/main.\1/g' /mnt/hdd/${network}/${network}.conf - else - echo "check issue #950 -> ok ^rpcport does not exist" >> ${logFile} - fi - - if grep -Eq "^rpcbind=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #950 -> change rpcbind to main.rpcbind" >> ${logFile} - sudo sed -i -E 's/^(rpcbind=.*)/main.\1/g' /mnt/hdd/${network}/${network}.conf - else - echo "check issue #950 -> ok ^rpcbind does not exist" >> ${logFile} - fi - - # check whether right settings are there ("main.") - if ! grep -Eq "^main.rpcport=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #217 -> adding main.rpcport=8332" >> ${logFile} - echo "main.rpcport=8332" >> /mnt/hdd/${network}/${network}.conf - else - echo "check issue #217 -> ok main.rpcport exists" >> ${logFile} - fi - - if ! grep -Eq "^main.rpcbind=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #217 -> adding main.rpcbind=127.0.0.1:8332" >> ${logFile} - echo "main.rpcbind=127.0.0.1:8332" >> /mnt/hdd/${network}/${network}.conf - else - echo "check issue #217 -> ok main.rpcbind exists" >> ${logFile} - fi - - # same for testnet - if ! grep -Eq "^test.rpcport=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #950 -> adding test.rpcport=18332" >> ${logFile} - echo "test.rpcport=18332" >> /mnt/hdd/${network}/${network}.conf - else - echo "check issue #950 -> ok test.rpcport exists" >> ${logFile} - fi - - if ! grep -Eq "^test.rpcbind=.*" /mnt/hdd/${network}/${network}.conf; then - echo "fix issue #950 -> adding test.rpcbind=127.0.0.1:18332" >> ${logFile} - echo "test.rpcbind=127.0.0.1:18332" >> /mnt/hdd/${network}/${network}.conf - else - echo "check issue #950 -> ok test.rpcbind exists" >> ${logFile} - fi - -else - echo "WARN: /mnt/hdd/bitcoin/bitcoin.conf not found" >> ${logFile} -fi - -# if old lnd.conf exists ... -configExists=$(sudo ls /mnt/hdd/lnd/lnd.conf | grep -c '.conf') -if [ ${configExists} -eq 1 ]; then - - # remove RPC user & pass from lnd.conf ... since v1.7 - # https://github.com/rootzoll/raspiblitz/issues/2160 - echo "- #2160 lnd.conf --> make sure contains no RPC user/pass for bitcoind" >> ${logFile} - sudo sed -i '/^\[Bitcoind\]/d' /mnt/hdd/lnd/lnd.conf - sudo sed -i '/^bitcoind.rpchost=/d' /mnt/hdd/lnd/lnd.conf - sudo sed -i '/^bitcoind.rpcpass=/d' /mnt/hdd/lnd/lnd.conf - sudo sed -i '/^bitcoind.rpcuser=/d' /mnt/hdd/lnd/lnd.conf - sudo sed -i '/^bitcoind.zmqpubrawblock=/d' /mnt/hdd/lnd/lnd.conf - sudo sed -i '/^bitcoind.zmqpubrawtx=/d' /mnt/hdd/lnd/lnd.conf - - # make sure additional values are added to [Application Options] since v1.7 - echo "- lnd.conf --> checking additional [Application Options] since v1.7" >> ${logFile} - applicationOptionsLineNumber=$(sudo grep -n "\[Application Options\]" /mnt/hdd/lnd/lnd.conf | cut -d ":" -f1) - if [ "${applicationOptionsLineNumber}" != "" ]; then - applicationOptionsLineNumber="$(($applicationOptionsLineNumber+1))" - - # Avoid historical graph data sync - # ignore-historical-gossip-filters=1 - configParamExists=$(sudo grep -c "^ignore-historical-gossip-filters=" /mnt/hdd/lnd/lnd.conf) - if [ "${configParamExists}" == "0" ]; then - echo " - ADDING 'ignore-historical-gossip-filters'" >> ${logFile} - sudo sed -i "${applicationOptionsLineNumber}iignore-historical-gossip-filters=1" /mnt/hdd/lnd/lnd.conf - else - echo " - OK 'ignore-historical-gossip-filters' exists (${configParamExists})" >> ${logFile} - fi - - # Avoid slow startup time - # sync-freelist=1 - configParamExists=$(sudo grep -c "^sync-freelist=" /mnt/hdd/lnd/lnd.conf) - if [ "${configParamExists}" == "0" ]; then - echo " - ADDING 'sync-freelist'" >> ${logFile} - sudo sed -i "${applicationOptionsLineNumber}isync-freelist=1" /mnt/hdd/lnd/lnd.conf - else - echo " - OK 'sync-freelist' exists (${configParamExists})" >> ${logFile} - fi - - # Avoid high startup overhead - # stagger-initial-reconnect=1 - configParamExists=$(sudo grep -c "^stagger-initial-reconnect=" /mnt/hdd/lnd/lnd.conf) - if [ "${configParamExists}" == "0" ]; then - echo " - ADDING 'stagger-initial-reconnect'" >> ${logFile} - sudo sed -i "${applicationOptionsLineNumber}istagger-initial-reconnect=1" /mnt/hdd/lnd/lnd.conf - else - echo " - OK 'stagger-initial-reconnect' exists (${configParamExists})" >> ${logFile} - fi - - # Delete and recreate RPC TLS certificate when details change or cert expires - # tlsautorefresh=1 - configParamExists=$(sudo grep -c "^tlsautorefresh=" /mnt/hdd/lnd/lnd.conf) - if [ "${configParamExists}" == "0" ]; then - echo " - ADDING 'tlsautorefresh'" >> ${logFile} - sudo sed -i "${applicationOptionsLineNumber}itlsautorefresh=1" /mnt/hdd/lnd/lnd.conf - else - echo " - OK 'tlsautorefresh' exists (${configParamExists})" >> ${logFile} - fi - - # Do not include IPs in the RPC TLS certificate - # tlsdisableautofill=1 - configParamExists=$(sudo grep -c "^tlsdisableautofill=" /mnt/hdd/lnd/lnd.conf) - if [ "${configParamExists}" == "0" ]; then - echo " - ADDING 'tlsdisableautofill'" >> ${logFile} - sudo sed -i "${applicationOptionsLineNumber}itlsdisableautofill=1" /mnt/hdd/lnd/lnd.conf - else - echo " - OK 'tlsdisableautofill' exists (${configParamExists})" >> ${logFile} - fi - - else - echo " - WARN: section '[Application Options]' not found in lnd.conf" >> ${logFile} - fi - -else - echo "WARN: /mnt/hdd/lnd/lnd.conf not found" >> ${logFile} -fi - -echo "Version Code: ${codeVersion}" >> ${logFile} -echo "Version Data: ${raspiBlitzVersion}" >> ${logFile} - -if [ "${raspiBlitzVersion}" != "${codeVersion}" ]; then - echo "detected version change ... starting migration script" >> ${logFile} - # nothing specific here yet - echo "OK Done - Updating version in config" - sudo sed -i "s/^raspiBlitzVersion=.*/raspiBlitzVersion='${codeVersion}'/g" ${configFile} -else - echo "OK - version of config data is up to date" >> ${logFile} -fi - -echo "END Migration/Init" >> ${logFile} - -exit 0 - diff --git a/home.admin/_bootstrap.sh b/home.admin/_bootstrap.sh index 2d3076562..4b24a9a32 100755 --- a/home.admin/_bootstrap.sh +++ b/home.admin/_bootstrap.sh @@ -1,8 +1,7 @@ #!/bin/bash -# This script runs on every start called by bootstrap.service -# It makes sure that the system is configured like the -# default values or as in the config. +# This script runs on every start called by boostrap.service +# see logs with --> tail -n 100 /home/admin/raspiblitz.log ################################ # BASIC SETTINGS @@ -14,8 +13,6 @@ source /home/admin/_version.info # CONFIGFILE - configuration of RaspiBlitz # used by fresh SD image to recover configuration # and delivers basic config info for scripts -# make raspiblitz.conf if not there -sudo touch /mnt/hdd/raspiblitz.conf configFile="/mnt/hdd/raspiblitz.conf" # LOGFILE - store debug logs of bootstrap @@ -26,37 +23,11 @@ logFile="/home/admin/raspiblitz.log" # used by display and later setup steps infoFile="/home/admin/raspiblitz.info" +# SETUPFILE +# this key/value file contains the state during the setup process +setupFile="/var/cache/raspiblitz/temp/raspiblitz.setup" -# FUNCTIONS to be used later on in the script - -# wait until raspberry pi gets a local IP -function wait_for_local_network() { - gotLocalIP=0 - until [ ${gotLocalIP} -eq 1 ] - do - localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | egrep -i '(*[eth|ens|enp|eno|wlan|wlp][0-9]$)' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') - if [ ${#localip} -eq 0 ]; then - configWifiExists=$(sudo cat /etc/wpa_supplicant/wpa_supplicant.conf 2>/dev/null| grep -c "network=") - if [ ${configWifiExists} -eq 0 ]; then - # display user to connect LAN - sed -i "s/^state=.*/state=noIP/g" ${infoFile} - sed -i "s/^message=.*/message='Connect the LAN/WAN'/g" ${infoFile} - else - # display user that wifi settings are not working - sed -i "s/^state=.*/state=noIP/g" ${infoFile} - sed -i "s/^message=.*/message='WIFI Settings not working'/g" ${infoFile} - fi - elif [ "${localip:0:4}" = "169." ]; then - # display user waiting for DHCP - sed -i "s/^state=.*/state=noDCHP/g" ${infoFile} - sed -i "s/^message=.*/message='Waiting for DHCP'/g" ${infoFile} - else - gotLocalIP=1 - fi - sleep 1 - done -} - +# Init boostrap log file echo "Writing logs to: ${logFile}" echo "" > $logFile echo "***********************************************" >> $logFile @@ -68,76 +39,207 @@ echo "***********************************************" >> $logFile network="" chain="" setupStep=0 +setupPhase='boot' fsexpanded=0 # see https://github.com/rootzoll/raspiblitz/issues/1265#issuecomment-813369284 displayClass="lcd" displayType="" fundRecovery=0 +############################################## +# check raspiblitz.conf for outdated variables +############################################## + +# change all cln to cl +# https://github.com/rootzoll/raspiblitz/pull/2575#issuecomment-927261596 +if [ $(grep -c cln < /mnt/hdd/raspiblitz.conf) -gt 0 ];then + sudo sed -i 's/cln/cl/g' /mnt/hdd/raspiblitz.conf + sudo sed -i 's/cln/cl/g' _aliases + + sudo sed -i 's/cln/cl/g' /home/bitcoin/.lightning/config + sudo sed -i 's/cln/cl/g' /home/bitcoin/.lightning/testnet/config + sudo sed -i 's/cln/cl/g' /home/bitcoin/.lightning/signet/config + + sudo -u bitcoin mv /home/bitcoin/cln-plugins-available /home/bitcoin/cl-plugins-available + sudo -u bitcoin mv /home/bitcoin/cln-plugins-enabled /home/bitcoin/cl-plugins-enabled + sudo -u bitcoin mv /home/bitcoin/tcln-plugins-enabled /home/bitcoin/tcl-plugins-enabled + sudo -u bitcoin mv /home/bitcoin/scln-plugins-enabled /home/bitcoin/scl-plugins-enabled + + sudo sed -i 's/cln/cl/g' /etc/systemd/system/lightningd.service + sudo sed -i 's/cln/cl/g' /etc/systemd/system/tlightningd.service + sudo sed -i 's/cln/cl/g' /etc/systemd/system/slightningd.service + + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot +fi + +################################ +# INIT raspiblitz.info +################################ + # try to load old values if available (overwrites defaults) source ${infoFile} 2>/dev/null # try to load config values if available (config overwrites info) source ${configFile} 2>/dev/null +# get first basic network info +source <(/home/admin/config.scripts/internet.sh status) + +# get basic hardware info +source <(/home/admin/config.scripts/blitz.hardware.sh status) + +# get basic dns info +source <(sudo /home/admin/config.scripts/internet.dns.sh test nodialog) + # resetting info file echo "Resetting the InfoFile: ${infoFile}" echo "state=starting" > $infoFile echo "message=" >> $infoFile echo "baseimage=${baseimage}" >> $infoFile echo "cpu=${cpu}" >> $infoFile +echo "board=${board}" >> $infoFile +echo "ramMB=${ramMB}" >> $infoFile +echo "ramGB=${ramGB}" >> $infoFile echo "network=${network}" >> $infoFile echo "chain=${chain}" >> $infoFile +echo "localip='${localip}'" >> $infoFile +echo "online='${online}'" >> $infoFile +echo "dnsworking=${dnsworking}" >> $infoFile echo "fsexpanded=${fsexpanded}" >> $infoFile echo "displayClass=${displayClass}" >> $infoFile echo "displayType=${displayType}" >> $infoFile echo "setupStep=${setupStep}" >> $infoFile +echo "setupPhase=${setupPhase}" >> $infoFile echo "fundRecovery=${fundRecovery}" >> $infoFile if [ "${setupStep}" != "100" ]; then echo "hostname=${hostname}" >> $infoFile fi -sudo chmod 777 ${infoFile} +sudo chmod 664 ${infoFile} -# resetting start count files -echo "SYSTEMD RESTART LOG: blockchain (bitcoind/litecoind)" > /home/admin/systemd.blockchain.log -echo "SYSTEMD RESTART LOG: lightning (LND)" > /home/admin/systemd.lightning.log -sudo chmod 777 /home/admin/systemd.blockchain.log -sudo chmod 777 /home/admin/systemd.lightning.log +###################################### +# CHECK SD CARD INCONSISTENT STATE -# Emergency cleaning logs when over 1GB (to prevent SD card filling up) -# see https://github.com/rootzoll/raspiblitz/issues/418#issuecomment-472180944 -echo "*** Checking Log Size ***" -logsMegaByte=$(sudo du -c -m /var/log | grep "total" | awk '{print $1;}') -if [ ${logsMegaByte} -gt 1000 ]; then - echo "WARN !! Logs /var/log in are bigger then 1GB" - echo "ACTION --> DELETED ALL LOGS" - if [ -d "/var/log/nginx" ]; then - nginxLog=1 - echo "/var/log/nginx is present" - fi - sudo rm -r /var/log/* - if [ $nginxLog == 1 ]; then - sudo mkdir /var/log/nginx - echo "Recreated /var/log/nginx" - fi - sleep 3 - echo "WARN !! Logs in /var/log in were bigger then 1GB and got emergency delete to prevent fillup." - echo "If you see this in the logs please report to the GitHub issues, so LOG config needs to be optimized." -else - echo "OK - logs are at ${logsMegaByte} MB - within safety limit" +# make sure SSH server is configured & running +sudo /home/admin/config.scripts/blitz.ssh.sh checkrepair >> ${logFile} + +# when a file 'stop' is on the sd card boot partition - stop for manual provision +flagExists=$(sudo ls /boot/stop | grep -c 'stop') +if [ "${flagExists}" == "1" ]; then + sudo rm /boot/stop + sed -i "s/^state=.*/state=stop/g" ${infoFile} + sed -i "s/^message=.*/message='stopped for manual provision'/g" ${infoFile} + echo "INFO: 'bootstrap stopped - run release after manual provison'" >> ${logFile} + exit 0 fi -echo "" -############################### -# RAID data check (BRTFS) -############################### -# see https://github.com/rootzoll/raspiblitz/issues/360#issuecomment-467698260 +# when the provision did not ran thru without error (ask user for fresh sd card) +provisionFlagExists=$(sudo ls /home/admin/provision.flag | grep -c 'provision.flag') +if [ "${provisionFlagExists}" == "1" ]; then + sudo systemctl stop ${network}d 2>/dev/null + sudo systemctl stop lnd 2>/dev/null + sed -i "s/^state=.*/state=inconsistentsystem/g" ${infoFile} + sed -i "s/^message=.*/message='provision did not ran thru'/g" ${infoFile} + echo "FAIL: 'provision did not ran thru' - need fresh sd card!" >> ${logFile} + exit 1 +fi -source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) -if [ ${isRaid} -eq 1 ]; then - echo "TRIGGERING BTRFS RAID DATA CHECK ..." - echo "Check status with: sudo btrfs scrub status /mnt/hdd/" - sudo btrfs scrub start /mnt/hdd/ +###################################### +# SECTION FOR POSSIBLE REBOOT ACTIONS +systemInitReboot=0 + +################################ +# FORCED SWITCH TO HDMI +# if a file called 'hdmi' gets +# placed onto the boot part of +# the sd card - switch to hdmi +################################ + +forceHDMIoutput=$(sudo ls /boot/hdmi* 2>/dev/null | grep -c hdmi) +if [ ${forceHDMIoutput} -eq 1 ]; then + # delete that file (to prevent loop) + sudo rm /boot/hdmi* + # switch to HDMI what will trigger reboot + echo "HDMI switch found ... activating HDMI display output & reboot" >> $logFile + sudo /home/admin/config.scripts/blitz.display.sh set-display hdmi >> $logFile + systemInitReboot=1 + sed -i "s/^message=.*/message='HDMI'/g" ${infoFile} +else + echo "No HDMI switch found. " >> $logFile +fi + +################################ +# FS EXPAND +# if a file called 'ssh.reset' gets +# placed onto the boot part of +# the sd card - delete old ssh data +################################ + +source <(sudo /home/admin/config.scripts/blitz.bootdrive.sh status) +if [ "${needsExpansion}" == "1" ] && [ "${fsexpanded}" == "0" ]; then + echo "FSEXPAND needed ... starting process" >> $logFile + sudo /home/admin/config.scripts/blitz.bootdrive.sh status >> $logFile + sudo /home/admin/config.scripts/blitz.bootdrive.sh fsexpand >> $logFile + systemInitReboot=1 + sed -i "s/^message=.*/message='FSEXPAND'/g" ${infoFile} +elif [ "${tooSmall}" == "1" ]; then + echo "!!! FAIL !!!!!!!!!!!!!!!!!!!!" >> $logFile + echo "SDCARD TOO SMALL 16G minimum" >> $logFile + echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" >> $logFile + sed -i "s/^state=.*/state=sdtoosmall/g" ${infoFile} + echo "System stopped. Please cut power." >> $logFile + sleep 6000 + sudo shutdown -r now + slepp 100 + exit 1 +else + echo "No FS EXPAND needed. needsExpansion(${needsExpansion}) fsexpanded(${fsexpanded})" >> $logFile +fi + +################################ +# SSH SERVER CERTS RESET +# if a file called 'ssh.reset' gets +# placed onto the boot part of +# the sd card - delete old ssh data +################################ + +sshReset=$(sudo ls /boot/ssh.reset* 2>/dev/null | grep -c reset) +if [ ${sshReset} -eq 1 ]; then + # delete that file (to prevent loop) + sudo rm /boot/ssh.reset* >> $logFile + # delete ssh certs + echo "SSHRESET switch found ... stopping SSH and deleting old certs" >> $logFile + sudo /home/admin/config.scripts/blitz.ssh.sh renew >> $logFile + sudo /home/admin/config.scripts/blitz.ssh.sh backup >> $logFile + systemInitReboot=1 + sed -i "s/^message=.*/message='SSHRESET'/g" ${infoFile} +else + echo "No SSHRESET switch found. " >> $logFile +fi + +################################ +# UASP FIX - first try +# if HDD is connected on start +################################ +source <(sudo /home/admin/config.scripts/blitz.datadrive.sh uasp-fix) +if [ "${neededReboot}" == "1" ]; then + echo "UASP FIX applied (1st-try) ... reboot needed." >> $logFile + sed -i "s/^message=.*/message='UASP'/g" ${infoFile} + systemInitReboot=1 +else + echo "No UASP FIX needed (1st-try)." >> $logFile +fi + +###################################### +# CHECK IF REBOOT IS NEEDED +# from actions above + +if [ "${systemInitReboot}" == "1" ]; then + sudo cp ${logFile} /home/admin/raspiblitz.systeminit.log + sudo sed -i "s/^state=.*/state=reboot/g" ${infoFile} + sleep 8 + sudo shutdown -r now + sleep 100 + exit 0 fi ################################ @@ -154,122 +256,151 @@ sleep 5 /home/admin/config.scripts/blitz.display.sh hide ################################ -# GENERATE UNIQUE SSH PUB KEYS -# on first boot up +# CLEANING BOOT SYSTEM ################################ -numberOfPubKeys=$(sudo ls /etc/ssh/ | grep -c 'ssh_host_') -if [ ${numberOfPubKeys} -eq 0 ]; then - echo "*** Generating new SSH PubKeys" >> $logFile - sudo dpkg-reconfigure openssh-server - echo "OK" >> $logFile +# resetting start count files +echo "SYSTEMD RESTART LOG: blockchain (bitcoind/litecoind)" > /home/admin/systemd.blockchain.log +echo "SYSTEMD RESTART LOG: lightning (LND)" > /home/admin/systemd.lightning.log +sudo chmod 666 /home/admin/systemd.blockchain.log +sudo chmod 666 /home/admin/systemd.lightning.log + +# Emergency cleaning logs when over 1GB (to prevent SD card filling up) +# see https://github.com/rootzoll/raspiblitz/issues/418#issuecomment-472180944 +echo "*** Checking Log Size ***" +logsMegaByte=$(sudo du -c -m /var/log | grep "total" | awk '{print $1;}') +if [ ${logsMegaByte} -gt 1000 ]; then + echo "WARN !! Logs /var/log in are bigger then 1GB" + echo "ACTION --> DELETED ALL LOGS" + if [ -d "/var/log/nginx" ]; then + nginxLog=1 + echo "/var/log/nginx is present" + fi + sudo rm -r /var/log/* + sudo service rsyslog restart + if [ $nginxLog == 1 ]; then + sudo mkdir /var/log/nginx + echo "Recreated /var/log/nginx" + fi + sleep 3 + echo "WARN !! Logs in /var/log in were bigger then 1GB and got emergency delete to prevent fillup." + echo "If you see this in the logs please report to the GitHub issues, so LOG config needs to be optimized." +else + echo "OK - logs are at ${logsMegaByte} MB - within safety limit" fi +echo "" + +############################### +# WAIT FOR ALL SERVICES + +# get the state of data drive +source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) ################################ -# AFTER BOOT SCRIPT -# when a process needs to -# execute stuff after a reboot -# it should in file -# /home/admin/setup.sh +# WAIT LOOP: HDD CONNECTED ################################ -# check for after boot script -afterSetupScriptExists=$(ls /home/admin/setup.sh 2>/dev/null | grep -c setup.sh) -if [ ${afterSetupScriptExists} -eq 1 ]; then - echo "*** SETUP SCRIPT DETECTED ***" - # LCD info - sudo sed -i "s/^state=.*/state=recovering/g" ${infoFile} - sudo sed -i "s/^message=.*/message='After Boot Setup (takes time)'/g" ${infoFile} - # echo out script to journal logs - sudo cat /home/admin/setup.sh - # execute the after boot script - echo "Logs in stored to: /home/admin/raspiblitz.log.recover" - echo "\n***** RUNNING AFTER BOOT SCRIPT ******** " >> ${logFile} - sudo /home/admin/setup.sh >> ${logFile} - # delete the after boot script - sudo rm /home/admin/setup.sh - # reboot again - echo "DONE wait 10 secs ... one more reboot needed ... " >> ${logFile} - sudo cp ${logFile} ${logFile}.afterboot - sudo shutdown -r now - sleep 100 - exit 0 -fi +echo "Waiting for HDD/SSD ..." >> $logFile +sudo ls -la /etc/ssh >> $logFile +until [ ${isMounted} -eq 1 ] || [ ${#hddCandidate} -gt 0 ] +do + + # recheck HDD/SSD + source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) + echo "isMounted: $isMounted" + echo "hddCandidate: $hddCandidate" + + # in case of HDD analyse ERROR + if [ "${hddError}" != "" ]; then + echo "FAIL - error on HDD analysis: ${hddError}" >> $logFile + sed -i "s/^state=.*/state=errorHDD/g" ${infoFile} + sed -i "s/^message=.*/message='${hddError}'/g" ${infoFile} + elif [ "${isMounted}" == "0" ] && [ "${hddCandidate}" == "" ]; then + sed -i "s/^state=.*/state=noHDD/g" ${infoFile} + sed -i "s/^message=.*/message='>=1TB'/g" ${infoFile} + fi + + # wait for next check + sleep 2 + +done +echo "HDD/SSD connected: ${$hddCandidate}" >> $logFile + +# write info for LCD +sed -i "s/^state=.*/state=system-init/g" ${infoFile} +sed -i "s/^message=.*/message='please wait'/g" ${infoFile} + +#################################### +# WIFI RESTORE from HDD works with +# mem copy from datadrive inspection +#################################### + +# check if there is a WIFI configuration to backup or restore +/home/admin/config.scripts/internet.wifi.sh backup-restore >> $logFile ################################ -# FORCED SWITCH TO HDMI -# if a file called 'hdmi' gets -# placed onto the boot part of -# the sd card - switch to hdmi +# UASP FIX - second try +# when HDD gets connected later ################################ - -forceHDMIoutput=$(sudo ls /boot/hdmi* 2>/dev/null | grep -c hdmi) -if [ ${forceHDMIoutput} -eq 1 ]; then - # delete that file (to prevent loop) - sudo rm /boot/hdmi* - # switch to HDMI what will trigger reboot - echo "Yes HDMI switch found ... activating HDMI display output & reboot" >> $logFile - sudo /home/admin/config.scripts/blitz.display.sh set-display hdmi >> $logFile - sudo cp ${logFile} ${logFile}.hdmiswitch +sed -i "s/^message=.*/message='checking HDD'/g" ${infoFile} +source <(sudo /home/admin/config.scripts/blitz.datadrive.sh uasp-fix) +if [ "${neededReboot}" == "1" ]; then + echo "UASP FIX applied (2nd-try) ... reboot needed." >> $logFile + sudo cp ${logFile} ${logFile}.uasp + sudo sed -i "s/^state=.*/state=reboot/g" ${infoFile} + sleep 8 sudo shutdown -r now sleep 100 exit 0 else - echo "No HDMI switch found. " >> $logFile + echo "No UASP FIX needed (2nd-try)." >> $logFile fi -################################ -# SSH SERVER CERTS RESET -# if a file called 'ssh.reset' gets -# placed onto the boot part of -# the sd card - delete old ssh data -################################ - -sshReset=$(sudo ls /boot/ssh.reset* 2>/dev/null | grep -c reset) -if [ ${sshReset} -eq 1 ]; then - # delete that file (to prevent loop) - sudo rm /boot/ssh.reset* >> $logFile - # show info ssh reset - sed -i "s/^state=.*/state=sshreset/g" ${infoFile} - sed -i "s/^message=.*/message='resetting SSH & reboot'/g" ${infoFile} - # delete ssh certs - sudo systemctl stop sshd >> $logFile - sudo rm /mnt/hdd/ssh/ssh_host* >> $logFile - sudo ssh-keygen -A >> $logFile - echo "SSH SERVER CERTS RESET ... (reboot) " >> $logFile - sudo cp ${logFile} ${logFile}.sshcerts - sudo shutdown -r now - sleep 100 - exit 0 -fi - -################################ -# HDD CHECK & PRE-INIT -################################ - -# Without LCD message needs to be printed -# wait loop until HDD is connected -echo "" -until [ ${isMounted} -eq 1 ] || [ ${#hddCandidate} -gt 0 ] +################################### +# WAIT LOOP: LOCALNET / INTERNET +# after HDD > can contain WIFI conf +################################### +gotLocalIP=0 +until [ ${gotLocalIP} -eq 1 ] do - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) - echo "isMounted: $isMounted" >> $logFile - echo "hddCandidate: $hddCandidate" >> $logFile - message="Connect the Hard Drive" - echo $message - if [ ${isMounted} -eq 0 ] && [ ${#hddCandidate} -eq 0 ]; then - sed -i "s/^state=.*/state=noHDD/g" ${infoFile} - sed -i "s/^message=.*/message='$message'/g" ${infoFile} + + # get latest network info & update raspiblitz.info + source <(/home/admin/config.scripts/internet.sh status) + sed -i "s/^localip=.*/localip='${localip}'/g" ${infoFile} + + # check state of network + if [ ${dhcp} -eq 0 ]; then + # display user waiting for DHCP + sed -i "s/^state=.*/state=noDHCP/g" ${infoFile} + sed -i "s/^message=.*/message='Waiting for DHCP'/g" ${infoFile} + elif [ ${#localip} -eq 0 ]; then + configWifiExists=$(sudo cat /etc/wpa_supplicant/wpa_supplicant.conf 2>/dev/null| grep -c "network=") + if [ ${configWifiExists} -eq 0 ]; then + # display user to connect LAN + sed -i "s/^state=.*/state=noIP-LAN/g" ${infoFile} + sed -i "s/^message=.*/message='Connect the LAN/WAN'/g" ${infoFile} + else + # display user that wifi settings are not working + sed -i "s/^state=.*/state=noIP-WIFI/g" ${infoFile} + sed -i "s/^message=.*/message='WIFI Settings not working'/g" ${infoFile} + fi + elif [ ${online} -eq 0 ]; then + # display user that wifi settings are not working + sed -i "s/^state=.*/state=noInternet/g" ${infoFile} + sed -i "s/^message=.*/message='No connection to Internet'/g" ${infoFile} + else + gotLocalIP=1 fi - sleep 2 + sleep 1 done # write info for LCD -sed -i "s/^state=.*/state=booting/g" ${infoFile} +sed -i "s/^state=.*/state=inspect-hdd/g" ${infoFile} sed -i "s/^message=.*/message='please wait'/g" ${infoFile} # get fresh info about data drive to continue source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) + echo "isMounted: $isMounted" >> $logFile # check if UASP is already deactivated (on RaspiOS) @@ -299,120 +430,334 @@ else fi # check if the HDD is auto-mounted ( auto-mounted = setup-done) +echo "HDD already part of system: $isMounted" >> $logFile + +############################ +############################ +# WHEN SETUP IS NEEDED +############################ + if [ ${isMounted} -eq 0 ]; then - echo "HDD is there but not AutoMounted yet - checking Setup" >> $logFile - - # when format is not EXT4 or BTRFS - stop bootstrap and await user setup - if [ "${hddFormat}" != "ext4" ] && [ "${hddFormat}" != "btrfs" ]; then - echo "HDD is NOT formatted in ${hddFormat} .. awaiting user setup." >> $logFile - sed -i "s/^state=.*/state=waitsetup/g" ${infoFile} - sed -i "s/^message=.*/message='HDD needs SetUp (1)'/g" ${infoFile} - exit 0 - fi - - # when error on analysing HDD - stop bootstrap and await user setup - if [ ${#hddError} -gt 0 ]; then - echo "FAIL - error on HDD analysis: ${hddError}" >> $logFile - sed -i "s/^state=.*/state=waitsetup/g" ${infoFile} - sed -i "s/^message=.*/message='${hddError}'/g" ${infoFile} - exit 0 - fi - # temp mount the HDD - echo "Temp mounting data drive ($hddCandidate)" >> $logFile + echo "Temp mounting (1) data drive ($hddCandidate)" >> $logFile + if [ "${hddFormat}" != "btrfs" ]; then + source <(/home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) + else + source <(/home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddCandidate}) + fi + echo "Temp mounting (1) result: ${isMounted}" >> $logFile + + # write data needed for setup process into raspiblitz.info + echo "hddCandidate='${hddCandidate}'" >> ${infoFile} + echo "hddGigaBytes=${hddGigaBytes}" >> ${infoFile} + echo "hddBlocksBitcoin=${hddBlocksBitcoin}" >> ${infoFile} + echo "hddBlocksLitecoin=${hddBlocksLitecoin}" >> ${infoFile} + echo "hddGotMigrationData=${hddGotMigrationData}" >> ${infoFile} + echo "" + echo "HDD is there but not AutoMounted yet - Waiting for user Setup/Update" >> $logFile + + # add some debug info to logfile + echo "# df " >> ${logFile} + df >> ${logFile} + echo "# lsblk -o NAME,FSTYPE,LABEL " >> ${logFile} + lsblk -o NAME,FSTYPE,LABEL >> ${logFile} + echo "# /home/admin/config.scripts/blitz.datadrive.sh status" + /home/admin/config.scripts/blitz.datadrive.sh status >> ${logFile} + + # determine correct setup phase + infoMessage="Please Login for Setup" + setupPhase="setup" + if [ "${hddGotMigrationData}" != "" ]; then + infoMessage="Please Login for Migration" + setupPhase="migration" + elif [ "${hddRaspiData}" == "1" ]; then + + # INIT OLD SSH HOST KEYS on Update/Recovery to prevent "Unknown Host" on ssh client + echo "COPY und Activating old SSH host keys" >> $logFile + /home/admin/config.scripts/blitz.ssh.sh restore >> $logFile + + # determine if this is a recovery or an update + # TODO: improve version/update detection later + isRecovery=$(echo "${hddRaspiVersion}" | grep -c "${codeVersion}") + if [ "${isRecovery}" == "1" ]; then + infoMessage="Please Login for Recovery" + setupPhase="recovery" + else + infoMessage="Please Login for Update" + setupPhase="update" + fi + + fi + + # signal "WAIT LOOP: SETUP" to LCD, SSH & WEBAPI + echo "Displaying Info Message: ${infoMessage}" >> $logFile + sed -i "s/^state=.*/state=waitsetup/g" ${infoFile} + sed -i "s/^message=.*/message='${infoMessage}'/g" ${infoFile} + sed -i "s/^setupPhase=.*/setupPhase='${setupPhase}'/g" ${infoFile} + + ############################################# + # WAIT LOOP: USER SETUP/UPDATE/MIGRATION + # until SSH or WEBUI setup data is available + ############################################# + + echo "## WAIT LOOP: USER SETUP/UPDATE/MIGRATION" >> ${logFile} + until [ "${state}" == "waitprovision" ] + do + + # get fresh info about data drive (in case the hdd gets disconnected) + source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) + if [ "${hddCandidate}" == "" ]; then + echo "!!! WARNING !!! Lost HDD connection .. triggering reboot, to restart system-init." >> ${logFile} + sed -i "s/^state=.*/state=errorHDD/g" ${infoFile} + sed -i "s/^message=.*/message='lost HDD - rebooting'/g" ${infoFile} + sudo cp ${logFile} ${logFile}.error + sleep 8 + sudo shutdown -r now + sleep 100 + exit 0 + fi + + # detect if network get deconnected again + # --> "removing network cable" can be used as signal to shutdown clean on test startup + source <(/home/admin/config.scripts/internet.sh status) + if [ "${localip}" == "" ]; then + sed -i "s/^state=.*/state=errorNetwork/g" ${infoFile} + sleep 8 + sudo shutdown now + sleep 100 + exit 0 + fi + + # give the loop a little bed time + sleep 4 + + # check info file for updated values + # especially the state for checking loop + source ${infoFile} + + done + + ############################################# + # PROVISION PROCESS + ############################################# + + # refresh data from info file + source ${infoFile} + echo "# PROVISION PROCESS with setupPhase(${setupPhase})" >> ${logFile} + + # mark system on sd card as in setup process + echo "the provision process was started but did not finish yet" > /home/admin/provision.flag + + # make sure HDD is mounted (could be freshly formatted by user on last loop) + source <(/home/admin/config.scripts/blitz.datadrive.sh status) + echo "Temp mounting (2) data drive ($hddCandidate)" >> ${logFile} if [ "${hddFormat}" != "btrfs" ]; then source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) else source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddCandidate}) fi - if [ ${#error} -gt 0 ]; then - echo "Failed to tempmount the HDD .. awaiting user setup." >> $logFile - sed -i "s/^state=.*/state=waitsetup/g" ${infoFile} - sed -i "s/^message=.*/message='${error}'/g" ${infoFile} - exit 0 + echo "Temp mounting (2) result: ${isMounted}" >> ${logFile} + + # check that HDD was temp mounted + if [ "${isMounted}" != "1"]; then + sed -i "s/^state=.*/state=errorHDD/g" ${infoFile} + sed -i "s/^message=.*/message='Was not able to mount HDD (2)'/g" ${infoFile} + exit 1 fi # make sure all links between directories/drives are correct - echo "Refreshing links between directories/drives .." >> $logFile + echo "Refreshing links between directories/drives .." >> ${logFile} sudo /home/admin/config.scripts/blitz.datadrive.sh link - # check if there is a WIFI configuration to backup or restore - sudo /home/admin/config.scripts/internet.wifi.sh backup-restore + # copy over the raspiblitz.conf created from setup to HDD + configExists=$(ls /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "raspiblitz.conf") + if [ "${configExists}" != "1" ]; then + sudo cp /var/cache/raspiblitz/temp/raspiblitz.conf ${configFile} + fi - # make sure at this point local network is connected - wait_for_local_network + # kick-off provision process + sed -i "s/^state=.*/state=provision/g" ${infoFile} + sed -i "s/^message=.*/message='Starting Provision'/g" ${infoFile} - # make sure before update/recovery that a internet connection is working - wait_for_local_internet + # load setup data + echo "# Sourcing ${configFile} " >> ${logFile} + source ${configFile} + cat ${configFile} >> ${logFile} + echo "# Sourcing ${setupFile} " >> ${logFile} + source ${setupFile} + sed -e '/^password/d' ${setupFile} >> ${logFile} - # check if HDD contains already a configuration - configExists=$(ls ${configFile} | grep -c '.conf') - echo "HDD contains already a configuration: ${configExists}" >> $logFile - if [ ${configExists} -eq 1 ]; then - echo "Found existing configuration" >> $logFile - source ${configFile} - # check if config files contains basic: version - if [ ${#raspiBlitzVersion} -eq 0 ]; then - echo "Invalid Config: missing raspiBlitzVersion in (${configFile})!" >> ${logFile} - configExists=0 + # add some debug info to logfile + echo "# df " >> ${logFile} + df >> ${logFile} + echo "# lsblk -o NAME,FSTYPE,LABEL " >> ${logFile} + lsblk -o NAME,FSTYPE,LABEL >> ${logFile} + + # make sure basic info is in raspiblitz.info + echo "# Update ${infoFile} " >> ${logFile} + sudo sed -i "s/^network=.*/network=${network}/g" ${infoFile} + sudo sed -i "s/^chain=.*/chain=${chain}/g" ${infoFile} + sudo sed -i "s/^lightning=.*/lightning=${lightning}/g" ${infoFile} + cat ${infoFile} >> ${logFile} + + # if migrationFile was uploaded - now import it + echo "# migrationFile(${migrationFile})" >> ${logFile} + if [ "${migrationFile}" != "" ]; then + sed -i "s/^message=.*/message='Unpacking Migration Data'/g" ${infoFile} + /home/admin/config.scripts/blitz.migration.sh import "${migrationFile}" >> ${logFile} + sed -i "s/^setupPhase=.*/setupPhase='recovery'/g" ${infoFile} + setupPhase="recovery" + fi + + ################################### + # Set Password A (in all cases) + + if [ "${passwordA}" == "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='config: missing passwordA'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: missing passwordA in (${setupFile})!" >> ${logFile} + exit 1 + fi + + echo "# setting PASSWORD A" >> ${logFile} + sudo /home/admin/config.scripts/blitz.setpassword.sh a "${passwordA}" >> ${logFile} + + # if setup - run provision setup first + if [ "${setupPhase}" == "setup" ]; then + echo "Calling _provision.setup.sh for basic setup tasks .." >> $logFile + sed -i "s/^message=.*/message='Provision Setup'/g" ${infoFile} + /home/admin/_provision.setup.sh + errorState=$? + sudo cat /home/admin/raspiblitz.provision-setup.log + if [ "$errorState" != "0" ]; then + echo "EXIT _provision.setup.sh BECAUSE OF ERROR STATE ($errorState)" >> $logFile + echo "This can also happen if _provision.setup.sh has syntax errors" >> $logFile + sed -i "s/^state=.*/state='error'/g" ${infoFile} + sed -i "s/^message=.*/message='_provision.setup.sh fail'/g" ${infoFile} + exit 1 fi - # check if config files contains basic: network - if [ ${#network} -eq 0 ]; then - echo "Invalid Config: missing network in (${configFile})!" >> ${logFile} - configExists=0 + fi + + # if migration from other nodes - run the migration provision first + if [ "${setupPhase}" == "migration" ]; then + echo "Calling _provision.migration.sh for possible migrations .." >> $logFile + sed -i "s/^message=.*/message='Provision migration'/g" ${infoFile} + /home/admin/_provision.migration.sh + errorState=$? + cat /home/admin/raspiblitz.provision-migration.log + if [ "$errorState" != "0" ]; then + echo "EXIT _provision.migration.sh BECAUSE OF ERROR STATE ($errorState)" >> $logFile + echo "This can also happen if _provision.migration.sh has syntax errros" >> $logFile + sed -i "s/^state=.*/state='error'/g" ${infoFile} + sed -i "s/^message=.*/message='_provision.migration.sh fail'/g" ${infoFile} + exit 1 fi - # check if config files contains basic: chain - if [ ${#chain} -eq 0 ]; then - echo "Invalid Config: missing chain in (${configFile})!" >> ${logFile} - configExists=0 - fi - if [ ${configExists} -eq 0 ]; then - echo "Moving invalid config to raspiblitz.invalid.conf" >> ${logFile} - sudo mv ${configFile} /mnt/hdd/raspiblitz.invalid.conf 2>/dev/null + fi + + # if update/recovery/migration-followup + if [ "${setupPhase}" == "update" ] || [ "${setupPhase}" == "recovery" ] || [ "${setupPhase}" == "migration" ]; then + echo "Calling _provision.update.sh .." >> $logFile + sed -i "s/^message=.*/message='Provision Update/Recovery/Migration'/g" ${infoFile} + /home/admin/_provision.update.sh + errorState=$? + cat /home/admin/raspiblitz.provision-update.log + if [ "$errorState" != "0" ]; then + echo "EXIT _provision.update.sh BECAUSE OF ERROR STATE ($errorState)" >> $logFile + echo "This can also happen if _provision.update.sh has syntax errors" >> $logFile + sed -i "s/^state=.*/state='error'/g" ${infoFile} + sed -i "s/^message=.*/message='_provision.update.sh fail'/g" ${infoFile} + exit 1 fi fi - # UPDATE MIGRATION & CONFIG PROVISIONING - if [ ${configExists} -eq 1 ]; then - echo "Found valid configuration" >> $logFile - sed -i "s/^state=.*/state=recovering/g" ${infoFile} - sed -i "s/^message=.*/message='Starting Recover'/g" ${infoFile} - sed -i "s/^chain=.*/chain=${chain}/g" ${infoFile} - sed -i "s/^network=.*/network=${network}/g" ${infoFile} - echo "Calling Data Migration .." >> $logFile - sudo /home/admin/_bootstrap.migration.sh - echo "Calling Provisioning .." >> $logFile - sudo /home/admin/_bootstrap.provision.sh - sed -i "s/^state=.*/state=reboot/g" ${infoFile} - sed -i "s/^message=.*/message='Done Recover'/g" ${infoFile} - echo "rebooting" >> $logFile - # set flag that system is freshly recovered and needs setup dialogs - sudo touch /home/admin/recover.flag - echo "state=recovered" >> /home/admin/recover.flag - echo "shutdown in 1min" >> $logFile - # save log file for inspection before reboot - echo "REBOOT FOR SSH CERTS RESET ..." >> $logFile - sudo cp ${logFile} ${logFile}.recover - sync - sudo shutdown -r -F -t 60 - exit 0 - else - echo "OK - No config file found: ${configFile}" >> $logFile + # finalize provisioning + echo "Calling _bootstrap.provision.sh for general system provisioning (${setupPhase}) .." >> $logFile + sed -i "s/^message=.*/message='Provision Basics'/g" ${infoFile} + /home/admin/_provision_.sh + errorState=$? + if [ "$errorState" != "0" ]; then + echo "EXIT _provision_.sh BECAUSE OF ERROR STATE ($errorState)" >> $logFile + echo "This can also happen if _provision_.sh has syntax errors" >> $logFile + sed -i "s/^state=.*/state='error'/g" ${infoFile} + sed -i "s/^message=.*/message='_provision_.sh fail'/g" ${infoFile} + exit 1 fi - # if it got until here: HDD is empty ext4 - echo "Waiting for SetUp." >> $logFile - sed -i "s/^state=.*/state=waitsetup/g" ${infoFile} - sed -i "s/^message=.*/message='HDD needs SetUp (2)'/g" ${infoFile} - # unmount HDD to be ready for auto-mount during setup - sudo umount -l /mnt/hdd - exit 0 + # everyone can read the config but it can only be + # edited/written by root ot admin user (part of group sudo) + sudo chown root:sudo ${configFile} + sudo chmod 664 ${configFile} -fi # END - no automount - after this HDD is mounted + # delete provision in progress flag + sudo rm /home/admin/provision.flag -# make sure at this point local network is connected -wait_for_local_network + # mark provision process done + sed -i "s/^message=.*/message='Provision Done'/g" ${infoFile} + + # wait until syncProgress is available (neeed for final dialogs) + while [ "${syncProgress}" == "" ] + do + echo "# Waiting for blockchain sync progress info ..." >> $logFile + source <(sudo /home/admin/config.scripts/blitz.statusscan.sh) + sed -i "s/^state=.*/state=waitsync/g" ${infoFile} + sleep 2 + done + + ################################################### + # HANDOVER TO FINAL SETUP CONTROLLER + ################################################### + + echo "# HANDOVER TO FINAL SETUP CONTROLLER ..." >> $logFile + sed -i "s/^state=.*/state=waitfinal/g" ${infoFile} + sed -i "s/^message=.*/message='Setup Done'/g" ${infoFile} + + # system has to wait before reboot to present like seed words and other info/options to user + echo "BOOTSTRAP EXIT ... waiting for final setup controller to initiate final reboot." >> $logFile + exit 1 + +else + + ############################ + ############################ + # NORMAL START BOOTSTRAP (not executed after setup) + # Blockchain & Lightning not running + ############################ + + ################################# + # FIX BLOCKCHAINDATA OWNER (just in case) + # https://github.com/rootzoll/raspiblitz/issues/239#issuecomment-450887567 + ################################# + sudo chown bitcoin:bitcoin -R /mnt/hdd/bitcoin 2>/dev/null + + ################################# + # FIX BLOCKING FILES (just in case) + # https://github.com/rootzoll/raspiblitz/issues/1901#issue-774279088 + # https://github.com/rootzoll/raspiblitz/issues/1836#issue-755342375 + sudo rm -f /mnt/hdd/bitcoin/bitcoind.pid 2>/dev/null + sudo rm -f /mnt/hdd/bitcoin/.lock 2>/dev/null + + ################################ + # DELETE LOG & LOCK FILES + ################################ + # LND and Blockchain Errors will be still in systemd journals + + # /mnt/hdd/bitcoin/debug.log + sudo rm /mnt/hdd/${network}/debug.log 2>/dev/null + # /mnt/hdd/lnd/logs/bitcoin/mainnet/lnd.log + sudo rm /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2>/dev/null + # https://github.com/rootzoll/raspiblitz/issues/1700 + sudo rm /mnt/storage/app-storage/electrs/db/mainnet/LOCK 2>/dev/null + +fi + +############################## +############################## +# BOOSTRAP IN EVERY SITUATION +############################## + +sed -i "s/^setupPhase=.*/setupPhase='starting'/g" ${infoFile} # if a WIFI config exists backup to HDD configWifiExists=$(sudo cat /etc/wpa_supplicant/wpa_supplicant.conf 2>/dev/null| grep -c "network=") @@ -421,86 +766,38 @@ if [ ${configWifiExists} -eq 1 ]; then sudo cp /etc/wpa_supplicant/wpa_supplicant.conf /mnt/hdd/app-data/wpa_supplicant.conf fi -# config should exist now -configExists=$(ls ${configFile} | grep -c '.conf') -if [ ${configExists} -eq 0 ]; then - sed -i "s/^state=.*/state=waitsetup/g" ${infoFile} - sed -i "s/^message=.*/message='no config'/g" ${infoFile} - exit 0 +# make sure lndAddress & lndPort exist in configfile +valueExists=$(cat ${configFile} | grep -c 'lndPort=') +if [ ${valueExists} -eq 0 ]; then + lndPort=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep "^listen=*" | cut -f2 -d':') + if [ ${#lndPort} -eq 0 ]; then + lndPort="9735" + fi + echo "lndPort='${lndPort}'" >> ${configFile} +fi +valueExists=$(cat ${configFile} | grep -c 'lndAddress=') +if [ ${valueExists} -eq 0 ]; then + echo "lndAddress=''" >> ${configFile} fi -##################################### -# UPDATE HDD CONFIG FILE (if exists) -# needs to be done before starting LND -# so that environment info is fresh -##################################### +# load data from config file fresh +echo "load configfile data" >> $logFile +source ${configFile} -echo "Check if HDD contains configuration .." >> $logFile -configExists=$(ls ${configFile} | grep -c '.conf') -if [ ${configExists} -eq 1 ]; then +# update public IP on boot - set to domain if available +/home/admin/config.scripts/internet.sh update-publicip ${lndAddress} - # make sure lndAddress & lndPort exist - valueExists=$(cat ${configFile} | grep -c 'lndPort=') - if [ ${valueExists} -eq 0 ]; then - lndPort=$(sudo cat /mnt/hdd/lnd/lnd.conf | grep "^listen=*" | cut -f2 -d':') - if [ ${#lndPort} -eq 0 ]; then - lndPort="9735" - fi - echo "lndPort='${lndPort}'" >> ${configFile} +# make constant UASP entry in raspiblitz.conf if still done by flag file +# uaspForced comes from blitz.datadrive.sh status +if [ ${uaspForced} -eq 1 ]; then + entryExists=$(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c 'forceUasp=on') + if [ ${entryExists} -eq 0 ]; then + sudo sed -i '/forceUasp=.*/d' /mnt/hdd/raspiblitz.conf + echo "forceUasp=on" >> /mnt/hdd/raspiblitz.conf + echo "DONE forceUasp=on recorded in raspiblitz.conf" >> $logFile fi - valueExists=$(cat ${configFile} | grep -c 'lndAddress=') - if [ ${valueExists} -eq 0 ]; then - echo "lndAddress=''" >> ${configFile} - fi - - # load values - echo "load and update publicIP" >> $logFile - source ${configFile} - - # if not running TOR before starting LND internet connection with a valid public IP is needed - waitForPublicIP=1 - if [ "${runBehindTor}" = "on" ] || [ "${runBehindTor}" = "1" ]; then - echo "# no need to wait for internet - public Tor address already known" >> $logFile - waitForPublicIP=0 - fi - while [ ${waitForPublicIP} -eq 1 ] - do - source <(/home/admin/config.scripts/internet.sh status) - if [ ${online} -eq 0 ]; then - echo "# (loop) waiting for internet ... " >> $logFile - sed -i "s/^state=.*/state=nointernet/g" ${infoFile} - sed -i "s/^message=.*/message='Waiting for Internet'/g" ${infoFile} - sleep 4 - else - echo "# OK internet detected ... continue" >> $logFile - waitForPublicIP=0 - fi - done - - # update public IP on boot - set to domain is available - /home/admin/config.scripts/internet.sh update-publicip ${lndAddress} - fi -###################################################################### -# MAKE SURE LND RPC/REST ports are standard & open to all connections -###################################################################### -sudo sed -i "s/^rpclisten=.*/rpclisten=0.0.0.0:10009/g" /mnt/hdd/lnd/lnd.conf -sudo sed -i "s/^restlisten=.*/restlisten=0.0.0.0:8080/g" /mnt/hdd/lnd/lnd.conf - -################################# -# FIX BLOCKCHAINDATA OWNER (just in case) -# https://github.com/rootzoll/raspiblitz/issues/239#issuecomment-450887567 -################################# -sudo chown bitcoin:bitcoin -R /mnt/hdd/bitcoin 2>/dev/null - -################################# -# FIX BLOCKING FILES (just in case) -# https://github.com/rootzoll/raspiblitz/issues/1901#issue-774279088 -# https://github.com/rootzoll/raspiblitz/issues/1836#issue-755342375 -sudo rm -f /mnt/hdd/bitcoin/bitcoind.pid 2>/dev/null -sudo rm -f /mnt/hdd/bitcoin/.lock 2>/dev/null - ################################# # MAKE SURE USERS HAVE LATEST LND CREDENTIALS ################################# @@ -528,58 +825,6 @@ else echo "No additional backup device was configured." >> $logFile fi -################################ -# DETECT FRESHLY RECOVERED SD -################################ - -recoveredInfoExists=$(ls /home/admin/recover.flag | grep -c '.flag') -if [ ${recoveredInfoExists} -eq 1 ]; then - sed -i "s/^state=.*/state=recovered/g" ${infoFile} - sed -i "s/^message=.*/message='login to finish'/g" ${infoFile} - exit 0 -fi - -################################ -# SD INFOFILE BASICS -################################ - -# state info -sed -i "s/^state=.*/state=ready/g" ${infoFile} -sed -i "s/^message=.*/message='waiting login'/g" ${infoFile} - -# determine network and chain from system - -# check for BITCOIN -loaded=$(sudo systemctl status bitcoind | grep -c 'loaded') -if [ ${loaded} -gt 0 ]; then - sed -i "s/^network=.*/network=bitcoin/g" ${infoFile} - source /mnt/hdd/bitcoin/bitcoin.conf >/dev/null 2>&1 - if [ ${testnet} -gt 0 ]; then - sed -i "s/^chain=.*/chain=test/g" ${infoFile} - else - sed -i "s/^chain=.*/chain=main/g" ${infoFile} - fi -fi - -# check for LITECOIN -loaded=$(sudo systemctl status litecoind | grep -c 'loaded') -if [ ${loaded} -gt 0 ]; then - sed -i "s/^network=.*/network=litecoin/g" ${infoFile} - sed -i "s/^chain=.*/chain=main/g" ${infoFile} -fi - -################################ -# DELETE LOG & LOCK FILES -################################ -# LND and Blockchain Errors will be still in systemd journals - -# /mnt/hdd/bitcoin/debug.log -sudo rm /mnt/hdd/${network}/debug.log 2>/dev/null -# /mnt/hdd/lnd/logs/bitcoin/mainnet/lnd.log -sudo rm /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2>/dev/null -# https://github.com/rootzoll/raspiblitz/issues/1700 -sudo rm /mnt/storage/app-storage/electrs/db/mainnet/LOCK 2>/dev/null - ##################################### # CLEAN HDD TEMP ##################################### @@ -592,6 +837,17 @@ else echo "OK: Temp cleaned" >> $logFile fi +############################### +# RAID data check (BRTFS) +############################### +# see https://github.com/rootzoll/raspiblitz/issues/360#issuecomment-467698260 + +if [ ${isRaid} -eq 1 ]; then + echo "TRIGGERING BTRFS RAID DATA CHECK ..." + echo "Check status with: sudo btrfs scrub status /mnt/hdd/" + sudo btrfs scrub start /mnt/hdd/ +fi + ###################################### # PREPARE SUBSCRIPTIONS DATA DIRECTORY ###################################### @@ -604,12 +860,14 @@ else sudo chown admin:admin /mnt/hdd/app-data/subscriptions fi -# mark that node is ready now -sed -i "s/^state=.*/state=ready/g" ${infoFile} -sed -i "s/^message=.*/message='Node Running'/g" ${infoFile} - # make sure that bitcoin service is active sudo systemctl enable ${network}d +# make sure setup/provision is marked as done +sudo rm /home/admin/provision.flag +sed -i "s/^setupPhase=.*/setupPhase='done'/g" ${infoFile} +sed -i "s/^state=.*/state=ready/g" ${infoFile} +sed -i "s/^message=.*/message='Node Running'/g" ${infoFile} + echo "DONE BOOTSTRAP" >> $logFile exit 0 diff --git a/home.admin/_commands.sh b/home.admin/_commands.sh index cb1ccf744..23b28e633 100755 --- a/home.admin/_commands.sh +++ b/home.admin/_commands.sh @@ -1,13 +1,11 @@ #!/bin/bash -# SHORTCUT COMMANDS you can call as user 'admin' from terminal +# source aliases from /home/admin/_aliases +if [ -f /home/admin/_aliases ];then + source /home/admin/_aliases +fi -# command: raspiblitz -# calls the the raspiblitz mainmenu (legacy) -function raspiblitz() { - cd /home/admin - ./00raspiblitz.sh -} +# SHORTCUT COMMANDS you can call as user 'admin' from terminal # command: blitz # calls the the raspiblitz mainmenu (shortcut) @@ -16,6 +14,65 @@ function blitz() { ./00raspiblitz.sh } +# command: blitzhelp +# gives overview of commands +function blitzhelp() { + echo + echo "Blitz commands are consolidated here." + echo + echo "Menu access:" + echo " raspiblitz menu" + echo " menu menu" + echo " bash menu" + echo " repair menu > repair" + echo + echo "Checks:" + echo " status informational Blitz status screen" + echo " sourcemode copy blockchain source modus" + echo " check check if Blitz configuration files are correct" + echo " debug print debug logs" + echo " debug -l print debug logs with bin link" + echo " patch sync scripts with latest set github and branch" + echo " github jumping directly into the options to change branch/repo/pr" + echo + echo "Power:" + echo " restart restart the node" + echo " off shutdown the node" + echo + echo "Display:" + echo " hdmi switch video output to HDMI" + echo " lcd switch video output to LCD" + echo " headless switch video output to HEADLESS" + echo + echo "BTC tx:" + echo " torthistx broadcast transaction through Tor to Blockstreams API and into the network" + echo " gettx retrieve transaction from mempool or blockchain and print as JSON" + echo " watchtx retrieve transaction from mempool or blockchain until certain confirmation target" + echo + echo "LND:" + echo " balance your satoshi balance" + echo " channels your lightning channels" + echo " fwdreport show forwarding report" + echo + echo "Users:" + echo " bos Balance of Satoshis" + echo " chantools ChanTools" + echo " lit Lightning Terminal" + echo " jm JoinMarket" + echo " pyblock PyBlock" + echo + echo "Extras:" + echo " whitepaper download the whitepaper from the blockchain to /home/admin/bitcoin.pdf" + echo " notifyme wrapper for blitz.notify.sh that will send a notification using the configured method and settings" +} + +# command: raspiblitz +# calls the the raspiblitz mainmenu (legacy) +function raspiblitz() { + cd /home/admin + ./00raspiblitz.sh +} + # command: menu # calls directly the main menu function menu() { @@ -32,14 +89,12 @@ function repair() { # command: restart function restart() { - cd /home/admin - ./XXshutdown.sh reboot + /home/admin/config.scripts/blitz.shutdown.sh reboot } # command: sourcemode function sourcemode() { - cd /home/admin - ./98repairMenu.sh sourcemode + /home/admin/config.scripts/blitz.copychain.sh source } # command: check @@ -47,23 +102,31 @@ function check() { /home/admin/config.scripts/blitz.configcheck.py } +# command: release +function release() { + /home/admin/config.scripts/blitz.preparerelease.sh +} + # command: debug function debug() { - cd /home/admin - ./XXdebugLogs.sh + echo "Printing debug logs. Be patient, this should take maximum 2 minutes ..." + if [[ $1 = "-l" ]]; then + /home/admin/config.scripts/blitz.debug.sh > /var/cache/raspiblitz/debug.log && cat /var/cache/raspiblitz/debug.log | torsocks nc termbin.com 9999 + else + /home/admin/config.scripts/blitz.debug.sh > /var/cache/raspiblitz/debug.log && cat /var/cache/raspiblitz/debug.log + fi } # command: patch # syncs script with latest set github and branch function patch() { cd /home/admin - ./XXsyncScripts.sh -run + /home/admin/config.scripts/blitz.github.sh -run } # command: off function off() { - cd /home/admin - ./XXshutdown.sh + /home/admin/config.scripts/blitz.shutdown.sh } # command: github @@ -94,20 +157,6 @@ function headless() { restart } -# command: manage -function manage() { - if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "lndmanage=on") -eq 1 ]; then - cd /home/admin/lndmanage - source venv/bin/activate - echo "NOTICE: Needs at least one active channel to run without error." - echo "to exit (venv) enter ---> deactivate" - lndmanage - else - echo "lndmanage not installed - to install run:" - echo "sudo /home/admin/config.scripts/bonus.lndmanage.sh on" - fi -} - # command: torthistx function torthistx() { if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "runBehindTor=on") -eq 1 ]; then @@ -123,7 +172,24 @@ function torthistx() { # start the status screen in the terminal function status() { echo "Gathering data - please wait a moment..." - sudo -u pi /home/admin/00infoLCD.sh --pause 0 + while : + do + # show the same info as on LCD screen + # 00infoBlitz.sh + /home/admin/00infoBlitz.sh $1 $2 + # wait 6 seconds for user exiting loop + #echo + #echo -en "Screen is updating in a loop .... press 'x' now to get back to menu." + read -n 1 -t 6 keyPressed + #echo -en "\rGathering information to update info ... please wait. \n" + # check if user wants to abort session + if [ "${keyPressed}" = "x" ]; then + echo + echo "Returning to menu ....." + sleep 4 + break + fi + done } # command: lnbalance @@ -204,21 +270,6 @@ function jm() { fi } -# command: faraday -# switch to the faraday user for the Faraday Service -function faraday() { - if [ $(grep -c "faraday=on" < /mnt/hdd/raspiblitz.conf) -eq 1 ]; then - echo "# switching to the faraday user with the command: 'sudo su - faraday'" - echo "# use command 'exit' and then 'raspiblitz' to return to menu" - echo "# use command 'frcli --help' now to get more info" - sudo su - faraday - echo "# use command 'raspiblitz' to return to menu" - else - echo "Faraday is not installed - to install run:" - echo "/home/admin/config.scripts/bonus.faraday.sh on" - fi -} - # command: lit # switch to the lit user for the loop, pool & faraday services function lit() { @@ -250,36 +301,6 @@ if [ -f "/mnt/hdd/raspiblitz.conf" ] && [ $(grep -c "lit=on" < /mnt/hdd/raspibl --macaroonpath=/home/lit/.pool/${chain}net/pool.macaroon" fi -# command: loop -# switch to the loop user for the Lightning Loop Service -function loop() { - if [ $(grep -c "loop=on" < /mnt/hdd/raspiblitz.conf) -eq 1 ]; then - echo "# switching to the loop user with the command: 'sudo su - loop'" - echo "# use command 'exit' and then 'raspiblitz' to return to menu" - echo "# use command 'loop --help' now to get more info" - sudo su - loop - echo "# use command 'raspiblitz' to return to menu" - else - echo "Lightning Loop is not installed - to install run:" - echo "/home/admin/config.scripts/bonus.loop.sh on" - fi -} - -# command: pool -# switch to the pool user for the Pool Service -function pool() { - if [ $(grep -c "pool=on" < /mnt/hdd/raspiblitz.conf) -gt 0 ]; then - echo "# switching to the pool user with the command: 'sudo su - pool'" - echo "# use command 'exit' and then 'raspiblitz' to return to menu" - echo "# use command 'pool --help' now to get more info" - sudo su - pool - echo "# use command 'raspiblitz' to return to menu" - else - echo "Pool is not installed - to install run:" - echo "/home/admin/config.scripts/bonus.pool.sh on" - fi -} - # command: gettx # retrieve transaction from mempool or blockchain and print as JSON # $ gettx "f4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831e9e16" @@ -341,6 +362,21 @@ function notifyme() { # command: whitepaper # downloads the whitepaper from the blockchain to /home/admin/bitcoin.pdf function whitepaper() { - cd /home/admin/config.scripts - ./bonus.whitepaper.sh on -} \ No newline at end of file + cd /home/admin + ./config.scripts/bonus.whitepaper.sh on +} + +# command: qr ["string"] +# shows a QR code from the string +function qr() { + if [ ${#1} -eq 0 ]; then + echo "# Error='missing string'" + fi + echo + echo "Displaying the text:" + echo "$1" + echo + qrencode -t ANSIUTF8 "${1}" + echo "(To shrink QR code: MacOS press CMD- / Linux press CTRL-)" + echo +} diff --git a/home.admin/_provision.migration.sh b/home.admin/_provision.migration.sh new file mode 100755 index 000000000..2c9cd0ee3 --- /dev/null +++ b/home.admin/_provision.migration.sh @@ -0,0 +1,76 @@ +#!/bin/bash + +# LOGFILE - store debug logs of bootstrap +logFile="/home/admin/raspiblitz.provision-migration.log" + +# INFOFILE - state data from bootstrap +infoFile="/home/admin/raspiblitz.info" +source ${infoFile} + +# SETUPFILE - data from setup process +source /var/cache/raspiblitz/temp/raspiblitz.setup + +# CONFIGFILE - configuration of RaspiBlitz +configFile="/mnt/hdd/raspiblitz.conf" + +# log header +echo "" > ${logFile} +echo "###################################" >> ${logFile} +echo "# _provision.migration.sh" >> ${logFile} +echo "###################################" >> ${logFile} +sudo sed -i "s/^message=.*/message='Provision Migration'/g" ${infoFile} + +if [ "${hddGotMigrationData}" == "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='config: missing hddGotMigrationData'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: missing hddGotMigrationData in (${infoFile})!" >> ${logFile} + exit 2 +fi + +source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) + +err="" +nodenameUpperCase=$(echo "${hddGotMigrationData}" | tr "[a-z]" "[A-Z]") +echo "**************************************************" >> ${logFile} +echo "MIGRATION FROM ${nodenameUpperCase} TO RASPIBLITZ" >> ${logFile} +echo "**************************************************" >> ${logFile} +echo "- started ..." >> ${logFile} +source <(sudo /home/admin/config.scripts/blitz.migration.sh migration-${hddGotMigrationData}) +if [ "${err}" != "" ]; then + echo "MIGRATION FAILED: ${err}" >> ${logFile} + echo "Format data disk on laptop & recover funds with fresh sd card using seed words + static channel backup." >> ${logFile} + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='migration failed'/g" ${infoFile} + exit 3 +fi + +# make sure for the rest of the seup info is set correctly +sudo sed -i "s/^network=.*/network=bitcoin/g" ${infoFile} +sudo sed -i "s/^chain=.*/chain=main/g" ${infoFile} + +# set Password B +echo "## SETTING PASSWORD B" >> ${logFile} +if [ "${setPasswordB}" == "1" ]; then + if [ "${passwordB}" != "" ]; then + # set password B as RPC password + echo "# setting PASSWORD B" >> ${logFile} + /home/admin/config.scripts/blitz.setpassword.sh b "${passwordB}" >> ${logFile} + else + echo "FAIL: Password B should be set but was empty! Running with default." >> ${logFile} + fi +else + echo "WARN: setPasswordB!=1 this not normal on migration! Running with default." >> ${logFile} +fi + +# if free space is lower than 100GB (100000000) delete backup files +if [ "${hddDataFreeKB}" != "" ] && [ ${hddDataFreeKB} -lt 407051412 ]; then + echo "- free space of data disk is low ... deleting 'backup_migration'" >> ${logFile} + sudo rm -R /mnt/hdd/backup_migration +else + echo "- old data of ${nodenameUpperCase} can be found in '/mnt/hdd/backup_migration'" >> ${logFile} +fi +echo "OK MIGRATION" >> ${logFile} +echo "END Migration" >> ${logFile} +exit 0 + diff --git a/home.admin/_provision.setup.sh b/home.admin/_provision.setup.sh new file mode 100755 index 000000000..3de937619 --- /dev/null +++ b/home.admin/_provision.setup.sh @@ -0,0 +1,417 @@ +#!/bin/bash + +# this provision file is just executed on fresh setups +# not on recoveries or updates + +# LOGFILE - store debug logs of bootstrap +logFile="/home/admin/raspiblitz.provision-setup.log" + +# INFOFILE - state data from bootstrap +infoFile="/home/admin/raspiblitz.info" +source ${infoFile} + +# SETUPFILE - setup data of RaspiBlitz +setupFile="/var/cache/raspiblitz/temp/raspiblitz.setup" +source ${setupFile} + +# CONFIGFILE - configuration of RaspiBlitz +configFile="/mnt/hdd/raspiblitz.conf" +source ${configFile} + +# log header +echo "" > ${logFile} +echo "###################################" >> ${logFile} +echo "# _provision.setup.sh" >> ${logFile} +echo "###################################" >> ${logFile} +sudo sed -i "s/^message=.*/message='Provision Setup'/g" ${infoFile} + +################################### +# Preserve SSH keys +# just copy dont link anymore +# see: https://github.com/rootzoll/raspiblitz/issues/1798 +sed -i "s/^message=.*/message='SSH Keys'/g" ${infoFile} + +# link ssh directory from SD card to HDD +/home/admin/config.scripts/blitz.ssh.sh backup + +################################### +# Prepare Blockchain Service +sed -i "s/^message=.*/message='Blockchain Setup'/g" ${infoFile} + +if [ "${network}" == "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='config: missing network'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: missing network in (${setupFile})!" >> ${logFile} + exit 20 +fi + +if [ "${chain}" == "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='config: missing chain'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: missing chain in (${setupFile})!" >> ${logFile} + exit 2 +fi + +# copy configs files and directories +echo "" +echo "*** Prepare ${network} ***" >> ${logFile} +mkdir /mnt/hdd/${network} >>${logFile} 2>&1 +chown -R bitcoin:bitcoin /mnt/hdd/${network} >>${logFile} 2>&1 +sudo -u bitcoin mkdir /mnt/hdd/${network}/blocks >>${logFile} 2>&1 +sudo -u bitcoin mkdir /mnt/hdd/${network}/chainstate >>${logFile} 2>&1 +cp /home/admin/assets/${network}.conf /mnt/hdd/${network}/${network}.conf +chown bitcoin:bitcoin /mnt/hdd/${network}/${network}.conf >>${logFile} 2>&1 +mkdir /home/admin/.${network} >>${logFile} 2>&1 +cp /home/admin/assets/${network}.conf /home/admin/.${network}/${network}.conf +chown -R admin:admin /home/admin/.${network} >>${logFile} 2>&1 + +# make sure all directories are linked +/home/admin/config.scripts/blitz.datadrive.sh link >> ${logFile} + +# test bitcoin config +confExists=$(sudo ls /mnt/hdd/${network}/${network}.conf | grep -c "${network}.conf") +echo "File Exists: /mnt/hdd/${network}/${network}.conf --> ${confExists}" >> ${logFile} + +# set password B as RPC password +echo "# setting PASSWORD B" >> ${logFile} +/home/admin/config.scripts/blitz.setpassword.sh b "${passwordB}" >> ${logFile} + +# optimize RAM for blockchain validation (bitcoin only) +if [ "${network}" == "bitcoin" ] && [ "${hddBlocksBitcoin}" == "0" ]; then + echo "*** Optimizing RAM for Sync ***" >> ${logFile} + kbSizeRAM=$(cat /proc/meminfo | grep "MemTotal" | sed 's/[^0-9]*//g') + echo "kbSizeRAM(${kbSizeRAM})" >> ${logFile} + echo "dont forget to reduce dbcache once IBD is done" > "/mnt/hdd/${network}/blocks/selfsync.flag" + # RP4 4GB + if [ ${kbSizeRAM} -gt 3500000 ]; then + echo "Detected RAM >=4GB --> optimizing ${network}.conf" >> ${logFile} + sed -i "s/^dbcache=.*/dbcache=2560/g" /mnt/hdd/${network}/${network}.conf + # RP4 2GB + elif [ ${kbSizeRAM} -gt 1500000 ]; then + echo "Detected RAM >=2GB --> optimizing ${network}.conf" >> ${logFile} + sed -i "s/^dbcache=.*/dbcache=1536/g" /mnt/hdd/${network}/${network}.conf + #RP3/4 1GB + else + echo "Detected RAM <=1GB --> optimizing ${network}.conf" >> ${logFile} + sed -i "s/^dbcache=.*/dbcache=512/g" /mnt/hdd/${network}/${network}.conf + fi +fi + +# start network service +echo "" +echo "*** Start ${network} (SETUP) ***" >> ${logFile} +sed -i "s/^message=.*/message='Blockchain Testrun'/g" ${infoFile} +echo "- This can take a while .." >> ${logFile} +cp /home/admin/assets/${network}d.service /etc/systemd/system/${network}d.service +systemctl enable ${network}d.service +systemctl start ${network}d.service + +# check if bitcoin has started +bitcoinRunning=0 +loopcount=0 +while [ ${bitcoinRunning} -eq 0 ] +do + >&2 echo "# (${loopcount}/50) checking if ${network}d is running ... " >> ${logFile} + bitcoinRunning=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | grep "initialblockdownload" -c) + sleep 8 + sync + loopcount=$(($loopcount +1)) + if [ ${loopcount} -gt 50 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: failed ${network}'/g" ${infoFile} + echo "FAIL: setup: failed ${network}" >> ${logFile} + exit 4 + fi +done +echo "OK ${network} startup successful " >> ${logFile} + + +################################### +# Prepare Lightning +echo "Prepare Lightning (${lightning})" >> ${logFile} + +if [ "${lightning}" != "lnd" ]; then + + ################################### + # Remove LND from systemd + echo "Remove LND" >> ${logFile} + sudo sed -i "s/^message=.*/message='Deactivate Lightning'/g" ${infoFile} + sudo systemctl disable lnd + sudo rm /etc/systemd/system/lnd.service 2>/dev/null + sudo systemctl daemon-reload +fi + +if [ "${lightning}" == "lnd" ]; then + + ################################### + # LND + echo "############## Setup LND" >> ${logFile} + sudo sed -i "s/^message=.*/message='LND Setup'/g" ${infoFile} + + if [ "${passwordC}" == "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='config: missing passwordC'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: missing passwordC in (${setupFile})!" >> ${logFile} + exit 5 + fi + + # if user uploaded an LND rescue file + if [ "${lndrescue}" != "" ]; then + echo "Restore LND data from uploaded rescue file ${lndrescue} ..." >> ${logFile} + source <(sudo /home/admin/config.scripts/lnd.backup.sh lnd-import ${lndrescue}) + if [ "${error}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd import backup failed'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: lnd import backup failed" >> ${logFile} + echo "${error}" >> ${logFile} + exit 6 + fi + else + # preparing new LND config + echo "Creating new LND config ..." >> ${logFile} + sudo -u bitcoin mkdir /mnt/hdd/lnd 2> /dev/null + sudo cp /home/admin/assets/lnd.${network}.conf /mnt/hdd/lnd/lnd.conf + sudo chown bitcoin:bitcoin /mnt/hdd/lnd/lnd.conf + sudo /home/admin/config.scripts/lnd.install.sh on mainnet + sudo /home/admin/config.scripts/lnd.setname.sh mainnet ${hostname} + fi + + # make sure all directories are linked + sudo /home/admin/config.scripts/blitz.datadrive.sh link + + # check if now a config exists + configLinkedCorrectly=$(sudo ls sudo ls /home/bitcoin/.lnd/lnd.conf | grep -c "lnd.conf") + if [ "${configLinkedCorrectly}" != "1" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd conf link broken'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: lnd conf link broken" >> ${logFile} + exit 7 + fi + + # Init LND service & start + echo "*** Init LND Service & Start ***" >> ${logFile} + sudo sed -i "s/^message=.*/message='LND Testrun'/g" ${infoFile} + + # just in case + sudo systemctl stop lnd 2>/dev/null + sudo systemctl disable lnd 2>/dev/null + + # make sure lnd gets started after blockchain service + sed -i "5s/.*/Wants=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} + sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} + sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service >> ${logFile} + + # start lnd up + echo "Starting LND Service ..." >> ${logFile} + sudo systemctl enable lnd >> ${logFile} + sudo systemctl start lnd >> ${logFile} + + # check that lnd started + lndRunning=0 + loopcount=0 + while [ ${lndRunning} -eq 0 ] + do + lndRunning=$(sudo systemctl status lnd.service | grep -c running) + if [ ${lndRunning} -eq 0 ]; then + date +%s >> ${logFile} + echo "LND not ready yet ... waiting another 60 seconds." >> ${logFile} + sleep 10 + fi + loopcount=$(($loopcount +1)) + if [ ${loopcount} -gt 100 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: failed lnd start'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: failed lnd start" >> ${logFile} + exit 8 + fi + done + echo "OK - LND is running" ${logFile} + sleep 10 + + # Check LND health/fails (to be extended) + tlsExists=$(sudo ls /mnt/hdd/lnd/tls.cert 2>/dev/null | grep -c "tls.cert") + if [ ${tlsExists} -eq 0 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: missing lnd tls'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: missing lnd tls" >> ${logFile} + exit 9 + fi + + # import static channel backup if was uploaded + if [ "${staticchannelbackup}" != "" ]; then + echo "Preparing static channel backup file ${staticchannelbackup} ..." >> ${logFile} + source <(sudo /home/admin/config.scripts/lnd.backup.sh scb-import ${staticchannelbackup}) + if [ "${error}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd import SCB failed'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: lnd import SCB failed" >> ${logFile} + echo "${error}" >> ${logFile} + exit 10 + fi + fi + + # WALLET --> SEED + SCB + if [ "${seedWords}" != "" ] && [ "${staticchannelbackup}" != "" ]; then + + echo "WALLET --> SEED + SCB " >> ${logFile} + sudo sed -i "s/^message=.*/message='LND Wallet (SEED & SCB)'/g" ${infoFile} + sudo /home/admin/config.scripts/lnd.initwallet.py scb mainnet ${passwordC} "${seedWords}" "${staticchannelbackup}" ${seedPassword} + if [ "${err}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd wallet SCB failed'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: lnd wallet SCB failed" >> ${logFile} + echo "${err}" >> ${logFile} + echo "${errMore}" >> ${logFile} + exit 11 + fi + + # WALLET --> SEED + elif [ "${seedWords}" != "" ]; then + + echo "WALLET --> SEED" >> ${logFile} + sudo sed -i "s/^message=.*/message='LND Wallet (SEED)'/g" ${infoFile} + sudo /home/admin/config.scripts/lnd.initwallet.py seed mainnet ${passwordC} "${seedWords}" ${seedPassword} + if [ "${err}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd wallet SEED failed'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: lnd wallet SEED failed" >> ${logFile} + echo "${err}" >> ${logFile} + echo "${errMore}" >> ${logFile} + exit 12 + fi + + # WALLET --> NEW + else + + echo "WALLET --> NEW" >> ${logFile} + sudo sed -i "s/^message=.*/message='LND Wallet (NEW)'/g" ${infoFile} + source <(sudo /home/admin/config.scripts/lnd.initwallet.py new mainnet ${passwordC}) + if [ "${err}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd wallet SEED failed'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: lnd wallet SEED failed" >> ${logFile} + echo "${err}" >> ${logFile} + echo "${errMore}" >> ${logFile} + exit 13 + fi + + # write created seedwords into SETUPFILE to be displayed to user on final setup later + echo "seedwordsNEW='${seedwords}'" >> ${setupFile} + echo "seedwords6x4NEW='${seedwords6x4}'" >> ${setupFile} + + fi + + # sync macaroons & TLS to other users + echo "*** Copy LND Macaroons to user admin ***" >> ${logFile} + sudo sed -i "s/^message=.*/message='LND Credentials'/g" ${infoFile} + + # check if macaroon exists now - if not fail + macaroonExists=$(sudo -u bitcoin ls -la /home/bitcoin/.lnd/data/chain/${network}/${chain}net/admin.macaroon 2>/dev/null | grep -c admin.macaroon) + if [ ${macaroonExists} -eq 0 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd no macaroons'/g" ${infoFile} + echo "FAIL: setup: lnd no macaroons" >> ${logFile} + exit 14 + fi + + # now sync macaroons & TLS zo other users + sudo /home/admin/config.scripts/lnd.credentials.sh sync >> ${logFile} + + # make a final lnd check + source <(/home/admin/config.scripts/lnd.check.sh basic-setup) + if [ "${err}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: lnd wallet SEED failed'/g" ${infoFile} + echo "FAIL: setup: lnd wallet SEED failed" >> ${logFile} + echo "${err}" >> ${logFile} + exit 15 + fi + +fi + +if [ "${lightning}" == "cl" ]; then + + ################################### + # c-lightning + echo "############## c-lightning" >> ${logFile} + + sudo sed -i "s/^message=.*/message='C-Lightning Install'/g" ${infoFile} + sudo /home/admin/config.scripts/cl.install.sh on mainnet >> ${logFile} + sudo sed -i "s/^message=.*/message='C-Lightning Setup'/g" ${infoFile} + + # OLD WALLET FROM CLIGHTNING RESCUE + if [ "${clrescue}" != "" ]; then + + echo "Restore CL data from uploaded rescue file ${clrescue} ..." >> ${logFile} + source <(sudo /home/admin/config.scripts/cl.backup.sh cl-import ${clrescue}) + if [ "${error}" != "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: cl import backup failed'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: setup: cl import backup failed" >> ${logFile} + echo "${error}" >> ${logFile} + exit 16 + fi + + # OLD WALLET FROM SEEDWORDS + elif [ "${seedWords}" != "" ]; then + + echo "Restore CL wallet from seedWords ..." >> ${logFile} + source <(sudo /home/admin/config.scripts/cl.hsmtool.sh seed-force mainnet "${seedWords}" "${seedPassword}") + + # check if wallet really got created + walletExistsNow=$(sudo ls /home/bitcoin/.lightning/bitcoin/hsm_secret 2>/dev/null | grep -c "hsm_secret") + if [ $walletExistsNow -eq 0 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: seed maybe wrong'/g" ${infoFile} + echo "FAIL: setup: no cl wallet created - seed maybe wrong" >> ${logFile} + exit 17 + fi + + # NEW WALLET + else + + echo "Generate new CL wallet ..." >> ${logFile} + + # generate new wallet + source <(sudo /home/admin/config.scripts/cl.hsmtool.sh new-force mainnet) + + # check if got new seedwords + if [ "${seedwords}" == "" ] || [ "${seedwords6x4}" == "" ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: no cl seedwords'/g" ${infoFile} + echo "FAIL: setup: no cl seedwords" >> ${logFile} + exit 18 + fi + + # check if wallet really got created + walletExistsNow=$(sudo ls /home/bitcoin/.lightning/bitcoin/hsm_secret 2>/dev/null | grep -c "hsm_secret") + if [ $walletExistsNow -eq 0 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='setup: no cl wallet created'/g" ${infoFile} + echo "FAIL: setup: no cl wallet created" >> ${logFile} + exit 19 + fi + + # write created seedwords into SETUPFILE to be displayed to user on final setup later + echo "seedwordsNEW='${seedwords}'" >> ${setupFile} + echo "seedwords6x4NEW='${seedwords6x4}'" >> ${setupFile} + + fi + +fi + +sudo sed -i "s/^message=.*/message='Provision Setup Finish'/g" ${infoFile} +echo "END Setup" >> ${logFile} +exit 0 \ No newline at end of file diff --git a/home.admin/_provision.update.sh b/home.admin/_provision.update.sh new file mode 100755 index 000000000..348f269a1 --- /dev/null +++ b/home.admin/_provision.update.sh @@ -0,0 +1,278 @@ +#!/bin/bash + +# LOGFILE - store debug logs of bootstrap +logFile="/home/admin/raspiblitz.provision-update.log" + +# INFOFILE - state data from bootstrap +infoFile="/home/admin/raspiblitz.info" + +# CONFIGFILE - configuration of RaspiBlitz +configFile="/mnt/hdd/raspiblitz.conf" + +# SETUPFILE - - setup data of RaspiBlitz +setupFile="/var/cache/raspiblitz/temp/raspiblitz.setup" +source ${setupFile} + +# log header +echo "" > ${logFile} +echo "###################################" >> ${logFile} +echo "# _provision.update.sh" >> ${logFile} +echo "###################################" >> ${logFile} +sudo sed -i "s/^message=.*/message='Running Data Update'/g" ${infoFile} + +# HDD BTRFS RAID REPAIR IF NEEDED +source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) +if [ ${isBTRFS} -eq 1 ] && [ ${isMounted} -eq 1 ]; then + echo "CHECK BTRFS RAID" >> ${logFile} + if [ ${isRaid} -eq 1 ] && [ ${#raidUsbDev} -eq 0 ]; then + echo "HDD was set to work in RAID, but RAID drive is not connected" >> ${logFile} + echo "Trying to set HDD back to single mode." >> ${logFile} + sudo /home/admin/config.scripts/blitz.datadrive.sh raid off >> ${logFile} + else + echo "OK" >> ${logFile} + fi +fi + +# LOAD DATA & PRECHECK + +# load old or init raspiblitz config +source ${configFile} + +# check if config files contains basic: hostname +if [ ${#hostname} -eq 0 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='config: missing hostname'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: missing hostname in (${configFile})!" >> ${logFile} + exit 1 +fi + +# check if config files contain lightning (lnd is default) +if [ "${lightning}" == "" ]; then + lightning="lnd" + echo "lightning=${lightning}" >> ${configFile} +fi + +# load codeVersion +source /home/admin/_version.info + +# check if code version was loaded +if [ ${#codeVersion} -eq 0 ]; then + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='missing /home/admin/_version.info'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: no code version (/home/admin/_version.info) found!" >> ${logFile} + exit 1 +fi + +echo "prechecks OK" >> ${logFile} + +# MIGRATION - DATA CONVERSION when updating config +# this is the place if on a future version change +# a conversion of config data or app data is needed + +# if old bitcoin.conf exists ... +configExists=$(sudo ls /mnt/hdd/bitcoin/bitcoin.conf | grep -c '.conf') +if [ ${configExists} -eq 1 ]; then + echo "Checking old bitcoin.conf ..." >> ${logFile} + + # make sure to fix bitcoind RPC port if not done in old version + # https://github.com/rootzoll/raspiblitz/issues/217 + # https://github.com/rootzoll/raspiblitz/issues/950 + + if ! grep -Eq "^rpcallowip=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #217 -> adding rpcallowip=127.0.0.1" >> ${logFile} + echo "rpcallowip=127.0.0.1" >> /mnt/hdd/${network}/${network}.conf + else + echo "check issue #217 -> ok rpcallow exists" >> ${logFile} + fi + + # check whether "main." needs to be added to rpcport and rpcbind + if grep -Eq "^rpcport=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #950 -> change rpcport to main.rpcport" >> ${logFile} + sudo sed -i -E 's/^(rpcport=.*)/main.\1/g' /mnt/hdd/${network}/${network}.conf + else + echo "check issue #950 -> ok ^rpcport does not exist" >> ${logFile} + fi + + if grep -Eq "^rpcbind=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #950 -> change rpcbind to main.rpcbind" >> ${logFile} + sudo sed -i -E 's/^(rpcbind=.*)/main.\1/g' /mnt/hdd/${network}/${network}.conf + else + echo "check issue #950 -> ok ^rpcbind does not exist" >> ${logFile} + fi + + # check whether right settings are there ("main.") + if ! grep -Eq "^main.rpcport=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #217 -> adding main.rpcport=8332" >> ${logFile} + echo "main.rpcport=8332" >> /mnt/hdd/${network}/${network}.conf + else + echo "check issue #217 -> ok main.rpcport exists" >> ${logFile} + fi + + if ! grep -Eq "^main.rpcbind=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #217 -> adding main.rpcbind=127.0.0.1:8332" >> ${logFile} + echo "main.rpcbind=127.0.0.1:8332" >> /mnt/hdd/${network}/${network}.conf + else + echo "check issue #217 -> ok main.rpcbind exists" >> ${logFile} + fi + + # same for testnet + if ! grep -Eq "^test.rpcport=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #950 -> adding test.rpcport=18332" >> ${logFile} + echo "test.rpcport=18332" >> /mnt/hdd/${network}/${network}.conf + else + echo "check issue #950 -> ok test.rpcport exists" >> ${logFile} + fi + + if ! grep -Eq "^test.rpcbind=.*" /mnt/hdd/${network}/${network}.conf; then + echo "fix issue #950 -> adding test.rpcbind=127.0.0.1:18332" >> ${logFile} + echo "test.rpcbind=127.0.0.1:18332" >> /mnt/hdd/${network}/${network}.conf + else + echo "check issue #950 -> ok test.rpcbind exists" >> ${logFile} + fi + +else + echo "WARN: /mnt/hdd/bitcoin/bitcoin.conf not found" >> ${logFile} +fi + +echo "Version Code: ${codeVersion}" >> ${logFile} +echo "Version Data: ${raspiBlitzVersion}" >> ${logFile} + +if [ "${raspiBlitzVersion}" != "${codeVersion}" ]; then + echo "detected version change ... starting migration script" >> ${logFile} + # nothing specific here yet + echo "OK Done - Updating version in config" + sudo sed -i "s/^raspiBlitzVersion=.*/raspiBlitzVersion='${codeVersion}'/g" ${configFile} +else + echo "OK - version of config data is up to date" >> ${logFile} +fi + +# start network service +echo "" +echo "*** Start ${network} (UPDATE) ***" >> ${logFile} +sudo sed -i "s/^message=.*/message='Blockchain Testrun'/g" ${infoFile} +echo "- This can take a while .." >> ${logFile} +sudo chown -R bitcoin:bitcoin /mnt/hdd/${network} >>${logFile} 2>&1 +sudo cp /home/admin/assets/${network}d.service /etc/systemd/system/${network}d.service +sudo systemctl daemon-reload >> ${logFile} +sudo systemctl enable ${network}d.service >> ${logFile} +sudo systemctl start ${network}d.service >> ${logFile} + +# INSTALL LND on Upadte/Recovery +if [ "${lightning}" == "lnd" ]; then + + # prepare lnd service + sed -i "5s/.*/Wants=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} 2>&1 + sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} 2>&1 + sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service >> ${logFile} 2>&1 + + # convert old keysend by lndExtraParameter to raspiblitz.conf setting (will be enforced by lnd.check.sh prestart) since 1.7.1 + if [ "${lndExtraParameter}" == "--accept-keysend" ]; then + echo "# MIGRATION KEYSEND from lndExtraParameter --> raspiblitz.conf" >> ${logFile} + sudo sed -i '/lndKeysend=.*/d' /mnt/hdd/raspiblitz.conf + echo "lndKeysend=on" >> /mnt/hdd/raspiblitz.conf + sudo sed -i "/^lndExtraParameter=/d" /mnt/hdd/raspiblitz.conf 2>/dev/null + fi + + # if old lnd.conf exists ... + configExists=$(sudo ls /mnt/hdd/lnd/lnd.conf | grep -c '.conf') + if [ ${configExists} -eq 1 ]; then + + # make sure correct file permisions are set + sudo chown bitcoin:bitcoin /mnt/hdd/lnd/lnd.conf + sudo chmod 664 /mnt/hdd/lnd/lnd.conf + + # make sure additional values are added to [Application Options] since v1.7 + echo "- lnd.conf --> checking additional [Application Options] since v1.7" >> ${logFile} + applicationOptionsLineNumber=$(sudo grep -n "\[Application Options\]" /mnt/hdd/lnd/lnd.conf | cut -d ":" -f1) + if [ "${applicationOptionsLineNumber}" != "" ]; then + applicationOptionsLineNumber="$(($applicationOptionsLineNumber+1))" + + # Avoid historical graph data sync + # ignore-historical-gossip-filters=1 + configParamExists=$(sudo grep -c "^ignore-historical-gossip-filters=" /mnt/hdd/lnd/lnd.conf) + if [ "${configParamExists}" == "0" ]; then + echo " - ADDING 'ignore-historical-gossip-filters'" >> ${logFile} + sudo sed -i "${applicationOptionsLineNumber}iignore-historical-gossip-filters=1" /mnt/hdd/lnd/lnd.conf + else + echo " - OK 'ignore-historical-gossip-filters' exists (${configParamExists})" >> ${logFile} + fi + + # Avoid slow startup time + # sync-freelist=1 + configParamExists=$(sudo grep -c "^sync-freelist=" /mnt/hdd/lnd/lnd.conf) + if [ "${configParamExists}" == "0" ]; then + echo " - ADDING 'sync-freelist'" >> ${logFile} + sudo sed -i "${applicationOptionsLineNumber}isync-freelist=1" /mnt/hdd/lnd/lnd.conf + else + echo " - OK 'sync-freelist' exists (${configParamExists})" >> ${logFile} + fi + + # Avoid high startup overhead + # stagger-initial-reconnect=1 + configParamExists=$(sudo grep -c "^stagger-initial-reconnect=" /mnt/hdd/lnd/lnd.conf) + if [ "${configParamExists}" == "0" ]; then + echo " - ADDING 'stagger-initial-reconnect'" >> ${logFile} + sudo sed -i "${applicationOptionsLineNumber}istagger-initial-reconnect=1" /mnt/hdd/lnd/lnd.conf + else + echo " - OK 'stagger-initial-reconnect' exists (${configParamExists})" >> ${logFile} + fi + + # Delete and recreate RPC TLS certificate when details change or cert expires + # tlsautorefresh=1 + configParamExists=$(sudo grep -c "^tlsautorefresh=" /mnt/hdd/lnd/lnd.conf) + if [ "${configParamExists}" == "0" ]; then + echo " - ADDING 'tlsautorefresh'" >> ${logFile} + sudo sed -i "${applicationOptionsLineNumber}itlsautorefresh=1" /mnt/hdd/lnd/lnd.conf + else + echo " - OK 'tlsautorefresh' exists (${configParamExists})" >> ${logFile} + fi + + # Do not include IPs in the RPC TLS certificate + # tlsdisableautofill=1 + configParamExists=$(sudo grep -c "^tlsdisableautofill=" /mnt/hdd/lnd/lnd.conf) + if [ "${configParamExists}" == "0" ]; then + echo " - ADDING 'tlsdisableautofill'" >> ${logFile} + sudo sed -i "${applicationOptionsLineNumber}itlsdisableautofill=1" /mnt/hdd/lnd/lnd.conf + else + echo " - OK 'tlsdisableautofill' exists (${configParamExists})" >> ${logFile} + fi + + else + echo " - WARN: section '[Application Options]' not found in lnd.conf" >> ${logFile} + fi + else + echo "WARN: /mnt/hdd/lnd/lnd.conf not found" >> ${logFile} + fi + + # start LND service + echo "Starting LND Service ..." >> ${logFile} + sudo systemctl enable lnd >> ${logFile} + sudo systemctl start lnd >> ${logFile} + +elif [ "${lightning}" == "cl" ]; then + + echo "Install C-lightning on update" >> ${logFile} + sudo sed -i "s/^message=.*/message='C-Lightning Install'/g" ${infoFile} + sudo /home/admin/config.scripts/cl.install.sh on mainnet >> ${logFile} + sudo sed -i "s/^message=.*/message='C-Lightning Setup'/g" ${infoFile} + +elif [ "${lightning}" == "none" ]; then + + echo "No Lightning" >> ${logFile} + +else + + sed -i "s/^state=.*/state=error/g" ${infoFile} + sed -i "s/^message=.*/message='unknown lightning (${lightning})'/g" ${infoFile} + echo "FAIL see ${logFile}" + echo "FAIL: unknown lightning (${lightning}) in (${configFile})!" >> ${logFile} + exit 1 + +fi + +echo "END Migration/Init" >> ${logFile} + +exit 0 + diff --git a/home.admin/_bootstrap.provision.sh b/home.admin/_provision_.sh similarity index 66% rename from home.admin/_bootstrap.provision.sh rename to home.admin/_provision_.sh index 9e40f7c82..c4bbd605d 100755 --- a/home.admin/_bootstrap.provision.sh +++ b/home.admin/_provision_.sh @@ -10,13 +10,21 @@ logFile="/home/admin/raspiblitz.log" # INFOFILE - state data from bootstrap infoFile="/home/admin/raspiblitz.info" +infoFileDisplayClass="${displayClass}" # CONFIGFILE - configuration of RaspiBlitz configFile="/mnt/hdd/raspiblitz.conf" -# debug info -echo "STARTED Provisioning --> see logs in ${logFile}" -echo "STARTED Provisioning from preset config file" >> ${logFile} +# SETUPFILE +# this key/value file contains the state during the setup process +setupFile="/var/cache/raspiblitz/temp/raspiblitz.setup" +source ${setupFile} + +# log header +echo "" >> ${logFile} +echo "###################################" >> ${logFile} +echo "# _provision_.sh" >> ${logFile} +echo "###################################" >> ${logFile} sudo sed -i "s/^message=.*/message='Provisioning from Config'/g" ${infoFile} # check if there is a config file @@ -26,86 +34,7 @@ if [ ${configExists} -eq 0 ]; then exit 1 fi -# check that default parameter exist in config -parameterExists=$(cat /mnt/hdd/raspiblitz.conf | grep -c "lndExtraParameter=") -if [ ${parameterExists} -eq 0 ]; then - echo "lndExtraParameter=''" >> ${configFile} -fi - -# check if file system was expanded to full capacity and sd card is bigger than 8GB -# see: https://github.com/rootzoll/raspiblitz/issues/936 -echo "CHECK IF SD CARD NEEDS EXPANSION" >> ${logFile} -source ${infoFile} - -# remember the DisplayClass from info file - before its gets overwritten by raspiblitz.conf to detect change -infoFileDisplayClass="${displayClass}" - -minimumSizeByte=8192000000 -rootPartition=$(sudo mount | grep " / " | cut -d " " -f 1 | cut -d "/" -f 3) -rootPartitionBytes=$(lsblk -b -o NAME,SIZE | grep "${rootPartition}" | tr -s ' ' | cut -d " " -f 2) - -echo "rootPartition(${rootPartition})" >> ${logFile} -echo "rootPartitionBytes(${rootPartitionBytes})" >> ${logFile} - -if [ ${#rootPartition} -gt 0 ]; then - echo "### CHECKING ROOT PARTITION SIZE ###" >> ${logFile} - sudo sed -i "s/^message=.*/message='Checking Disk size'/g" ${infoFile} - echo "Size in Bytes is: ${rootPartitionBytes} bytes on ($rootPartition)" >> ${logFile} - if [ $rootPartitionBytes -lt $minimumSizeByte ]; then - echo "Disk filesystem is smaller than ${minimumSizeByte} byte." >> ${logFile} - if [ ${fsexpanded} -eq 1 ]; then - echo "There was already an attempt to expand the fs, but still not bigger than 8GB." >> ${logFile} - echo "SD card seems to small - at least a 16GB disk is needed. Display on LCD to user." >> ${logFile} - sudo sed -i "s/^state=.*/state=sdtoosmall/g" ${infoFile} - sudo sed -i "s/^message=.*/message='Min 16GB SD card needed'/g" ${infoFile} - exit 1 - else - echo "Try to expand SD card FS, display info and reboot." >> ${logFile} - sudo sed -i "s/^state=.*/state=reboot/g" ${infoFile} - sudo sed -i "s/^message=.*/message='Expanding SD Card'/g" ${infoFile} - sudo sed -i "s/^fsexpanded=.*/fsexpanded=1/g" ${infoFile} - sleep 4 - if [ "${cpu}" == "x86_64" ]; then - echo "Please expand disk size." >> ${logFile} - # TODO: Expand disk size on x86_64 - elif [ "${baseimage}" = "raspbian" ] || [ "${baseimage}" = "raspios_arm64" ]; then - resizeRaspbian="/usr/bin/raspi-config" - if [ -x ${resizeRaspbian} ]; then - echo "RUNNING EXPAND RASPBERRYPI: ${resizeRaspbian}" >> ${logFile} - sudo $resizeRaspbian --expand-rootfs - echo "going into reboot" >> ${logFile} - sudo cp ${logFile} ${logFile}.fsexpand.recover - sudo shutdown -r now - exit 0 - else - echo "FAIL to execute: ${resizeRaspbian}" >> ${logFile} - fi - elif [ "${baseimage}" = "armbian" ]; then - resizeArmbian="/usr/lib/armbian/armbian-resize-filesystem" - if [ -x ${resizeArmbian} ]; then - echo "RUNNING EXPAND ARMBIAN: ${resizeArmbian}" >> ${logFile} - sudo $resizeArmbian start - echo "going into reboot" >> ${logFile} - sudo cp ${logFile} ${logFile}.fsexpand.recover - sudo shutdown -r now - sleep 100 - exit 0 - else - echo "FAIL to execute: ${resizeArmbian}" >> ${logFile} - fi - else - echo "WARN on provision - Not known system expand-rootfs OS: ${baseimage}" >> ${logFile} - fi - fi - else - echo "Size looks good. Bigger than ${minimumSizeByte} byte disk is used." >> ${logFile} - fi -else - echo "Disk of root partition ('$rootPartition') not detected, skipping the size check." >> ${logFile} -fi - # import config values -sudo chmod 777 ${configFile} source ${configFile} ########################## @@ -175,30 +104,31 @@ if [ "${network}" = "litecoin" ]; then /home/admin/config.scripts/blitz.litecoin.sh on >> ${logFile} fi +echo "# Make sure the user bitcoin is in the debian-tor group" +sudo usermod -a -G debian-tor bitcoin + +echo "# Optimizing log files: rotate daily, keep 2 weeks & compress old days " >> ${logFile} +sudo sed -i "s/^weekly/daily/g" /etc/logrotate.conf >> ${logFile} 2>&1 +sudo sed -i "s/^rotate 4/rotate 14/g" /etc/logrotate.conf >> ${logFile} 2>&1 +sudo sed -i "s/^#compress/compress/g" /etc/logrotate.conf >> ${logFile} 2>&1 +sudo systemctl restart logrotate + +# make sure to have bitcoin core >=22 is backwards comp +# see https://github.com/rootzoll/raspiblitz/issues/2546 +sed -i '/^deprecatedrpc=.*/d' /mnt/hdd/bitcoin/bitcoin.conf 2>/dev/null +echo "deprecatedrpc=addresses" >> /mnt/hdd/bitcoin/bitcoin.conf 2>/dev/null + # set hostname data echo "Setting lightning alias: ${hostname}" >> ${logFile} sudo sed -i "s/^alias=.*/alias=${hostname}/g" /home/admin/assets/lnd.${network}.conf >> ${logFile} 2>&1 -# link old SSH PubKeys -# so that client ssh_known_hosts is not complaining after update -if [ -d "/mnt/hdd/ssh" ]; then - echo "Old SSH PubKey exists on HDD > copy them HDD to SD card for next start" >> ${logFile} - sudo cp -r /mnt/hdd/ssh/* /etc/ssh/ >> ${logFile} 2>&1 -else - echo "No SSH PubKey exists on HDD > copy from SD card to HDD as backup" >> ${logFile} - sudo cp -r /etc/ssh /mnt/hdd/ssh >> ${logFile} 2>&1 -fi -# just copy - dont link anymore so that sshd will also start without HDD connected -# see: https://github.com/rootzoll/raspiblitz/issues/1798 -#sudo rm -rf /etc/ssh >> ${logFile} 2>&1 -#sudo ln -s /mnt/hdd/ssh /etc/ssh >> ${logFile} 2>&1 -#sudo /home/admin/config.scripts/blitz.systemd.sh update-sshd >> ${logFile} 2>&1 +# backup SSH PubKeys +sudo /home/admin/config.scripts/blitz.ssh.sh backup -# optimize if RAM >1GB +# optimze mempool if RAM >1GB kbSizeRAM=$(cat /proc/meminfo | grep "MemTotal" | sed 's/[^0-9]*//g') if [ ${kbSizeRAM} -gt 1500000 ]; then echo "Detected RAM >1GB --> optimizing ${network}.conf" - sudo sed -i "s/^dbcache=.*/dbcache=1024/g" /mnt/hdd/${network}/${network}.conf sudo sed -i "s/^maxmempool=.*/maxmempool=300/g" /mnt/hdd/${network}/${network}.conf fi if [ ${kbSizeRAM} -gt 3500000 ]; then @@ -218,32 +148,109 @@ sudo cp -r /mnt/hdd/lnd/data/chain /home/admin/.lnd/data/chain >> ${logFile} 2>& sudo chown -R admin:admin /home/admin/.${network} >> ${logFile} 2>&1 sudo chown -R admin:admin /home/admin/.lnd >> ${logFile} 2>&1 sudo cp /home/admin/assets/${network}d.service /etc/systemd/system/${network}d.service >> ${logFile} 2>&1 -sed -i "5s/.*/Wants=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} 2>&1 -sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} 2>&1 -sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service >> ${logFile} 2>&1 - sudo cp /home/admin/assets/tmux.conf.local /mnt/hdd/.tmux.conf.local >> ${logFile} 2>&1 sudo chown admin:admin /mnt/hdd/.tmux.conf.local >> ${logFile} 2>&1 sudo ln -s -f /mnt/hdd/.tmux.conf.local /home/admin/.tmux.conf.local >> ${logFile} 2>&1 -# backup LND dir (especially for macaroons and tlscerts) -# https://github.com/rootzoll/raspiblitz/issues/324 -echo "*** Make backup of LND directory" >> ${logFile} -sudo rm -r /mnt/hdd/backup_lnd -sudo cp -r /mnt/hdd/lnd /mnt/hdd/backup_lnd >> ${logFile} 2>&1 -numOfDiffers=$(sudo diff -arq /mnt/hdd/lnd /mnt/hdd/backup_lnd | grep -c "differ") -if [ ${numOfDiffers} -gt 0 ]; then - echo "FAIL: Backup was not successful" >> ${logFile} - sudo diff -arq /mnt/hdd/lnd /mnt/hdd/backup_lnd >> ${logFile} 2>&1 - echo "removing backup dir to prevent false override" >> ${logFile} -else - echo "OK Backup is valid." >> ${logFile} + +# PREPARE LND (if activated) +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + + echo "### PREPARE LND" >> ${logFile} + + # backup LND dir (especially for macaroons and tlscerts) + # https://github.com/rootzoll/raspiblitz/issues/324 + echo "*** Make backup of LND directory" >> ${logFile} + sudo rm -r /mnt/hdd/backup_lnd 2>/dev/null + sudo cp -r /mnt/hdd/lnd /mnt/hdd/backup_lnd >> ${logFile} 2>&1 + numOfDiffers=$(sudo diff -arq /mnt/hdd/lnd /mnt/hdd/backup_lnd | grep -c "differ") + if [ ${numOfDiffers} -gt 0 ]; then + echo "FAIL: Backup was not successful" >> ${logFile} + sudo diff -arq /mnt/hdd/lnd /mnt/hdd/backup_lnd >> ${logFile} 2>&1 + echo "removing backup dir to prevent false override" >> ${logFile} + else + echo "OK Backup is valid." >> ${logFile} + fi + fi echo "" >> ${logFile} +########################## +# FINISH SETUP +########################## + # finish setup (SWAP, Benus, Firewall, Update, ..) sudo sed -i "s/^message=.*/message='Setup System ..'/g" ${infoFile} -/home/admin/90finishSetup.sh >> ${logFile} 2>&1 + +# add bonus scripts (auto install deactivated to reduce third party repos) +mkdir /home/admin/tmpScriptDL +cd /home/admin/tmpScriptDL +echo "installing bash completion for bitcoin-cli and lncli" +wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/bitcoin-cli.bash-completion +wget https://raw.githubusercontent.com/lightningnetwork/lnd/master/contrib/lncli.bash-completion +sudo cp *.bash-completion /etc/bash_completion.d/ +echo "OK - bash completion available after next login" +echo "type \"bitcoin-cli getblockch\", press [Tab] → bitcoin-cli getblockchaininfo" +rm -r /home/admin/tmpScriptDL +cd + +###### SWAP File +source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) +if [ ${isSwapExternal} -eq 0 ]; then + echo "No external SWAP found - creating ... " + sudo /home/admin/config.scripts/blitz.datadrive.sh swap on +else + echo "SWAP already OK" +fi + +####### FIREWALL - just install (not configure) +echo "" +echo "*** Setting and Activating Firewall ***" +echo "deny incoming connection on other ports" +sudo ufw default deny incoming +echo "allow outgoing connections" +sudo ufw default allow outgoing +echo "allow: ssh" +sudo ufw allow ssh +echo "allow: bitcoin testnet" +sudo ufw allow 18333 comment 'bitcoin testnet' +echo "allow: bitcoin mainnet" +sudo ufw allow 8333 comment 'bitcoin mainnet' +echo "allow: litecoin mainnet" +sudo ufw allow 9333 comment 'litecoin mainnet' +echo 'allow: lightning testnet' +sudo ufw allow 19735 comment 'lightning testnet' +echo "allow: lightning mainnet" +sudo ufw allow 9735 comment 'lightning mainnet' +echo "allow: lightning gRPC" +sudo ufw allow 10009 comment 'lightning gRPC' +echo "allow: lightning REST API" +sudo ufw allow 8080 comment 'lightning REST API' +echo "allow: transmission" +sudo ufw allow 49200:49250/tcp comment 'rtorrent' +echo "allow: public web HTTP" +sudo ufw allow from any to any port 80 comment 'allow public web HTTP' +echo "allow: local web admin HTTPS" +sudo ufw allow from 10.0.0.0/8 to any port 443 comment 'allow local LAN HTTPS' +sudo ufw allow from 172.16.0.0/12 to any port 443 comment 'allow local LAN HTTPS' +sudo ufw allow from 192.168.0.0/16 to any port 443 comment 'allow local LAN HTTPS' +echo "open firewall for auto nat discover (see issue #129)" +sudo ufw allow proto udp from 10.0.0.0/8 port 1900 to any comment 'allow local LAN SSDP for UPnP discovery' +sudo ufw allow proto udp from 172.16.0.0/12 port 1900 to any comment 'allow local LAN SSDP for UPnP discovery' +sudo ufw allow proto udp from 192.168.0.0/16 port 1900 to any comment 'allow local LAN SSDP for UPnP discovery' +echo "enable lazy firewall" +sudo ufw --force enable +echo "" + +# update system +echo "" +echo "*** Update System ***" +sudo apt-mark hold raspberrypi-bootloader +sudo apt-get update -y +echo "OK - System is now up to date" + +# mark setup is done +sudo sed -i "s/^setupStep=.*/setupStep=100/g" /home/admin/raspiblitz.info ########################## # PROVISIONING SERVICES @@ -292,17 +299,94 @@ else echo "Provisioning LND interims update - keep default" >> ${logFile} fi -# TESTNET -if [ "${chain}" = "test" ]; then - echo "Provisioning TESTNET - run config script" >> ${logFile} - sudo sed -i "s/^message=.*/message='Provisioning Testnet'/g" ${infoFile} - sudo /home/admin/config.scripts/network.chain.sh testnet >> ${logFile} 2>&1 +# CL INTERIMS UPDATE +if [ ${#clInterimsUpdate} -gt 0 ]; then + sudo sed -i "s/^message=.*/message='Provisioning CL update'/g" ${infoFile} + if [ "${clInterimsUpdate}" == "reckless" ]; then + # recklessly update CL to latest release on GitHub (just for test & dev nodes) + echo "Provisioning CL reckless interims update" >> ${logFile} + sudo /home/admin/config.scripts/cl.update.sh reckless >> ${logFile} + else + # when installing the same sd image - this will re-trigger the secure interims update + # if this a update with a newer RaspiBlitz version .. interims update will be ignored + # because standard CL version is most more up to date + echo "Provisioning CL verified interims update" >> ${logFile} + sudo /home/admin/config.scripts/cl.update.sh verified ${clInterimsUpdate} >> ${logFile} + fi else - echo "Provisioning TESTNET - keep default" >> ${logFile} + echo "Provisioning CL interims update - keep default" >> ${logFile} +fi + +# Bitcoin Testnet +if [ "${testnet}" == "on" ]; then + echo "Provisioning ${network} Testnet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/bitcoin.install.sh on testnet >> ${logFile} 2>&1 + sudo systemctl start tbitcoind >> ${logFile} 2>&1 +else + echo "Provisioning ${network} Testnet - not active" >> ${logFile} +fi + +# Bitcoin Signet +if [ "${signet}" == "on" ]; then + echo "Provisioning ${network} Signet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/bitcoin.install.sh on signet >> ${logFile} 2>&1 + sudo systemctl start sbitcoind >> ${logFile} 2>&1 +else + echo "Provisioning ${network} Signet - not active" >> ${logFile} +fi + +# LND Mainnet (when not main instance) +if [ "${lnd}" == "on" ] && [ "${lightning}" != "lnd" ]; then + echo "Provisioning LND Mainnet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/lnd.install.sh on mainnet >> ${logFile} 2>&1 +else + echo "Provisioning LND Mainnet - not active as secondary option" >> ${logFile} +fi + +# LND Testnet +if [ "${tlnd}" == "on" ]; then + echo "Provisioning LND Testnet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/lnd.install.sh on testnet >> ${logFile} 2>&1 + sudo systemctl start tlnd >> ${logFile} 2>&1 +else + echo "Provisioning LND Testnet - not active" >> ${logFile} +fi + +# LND Signet +if [ "${slnd}" == "on" ]; then + echo "Provisioning LND Signet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/lnd.install.sh on signet >> ${logFile} 2>&1 + sudo systemctl start slnd >> ${logFile} 2>&1 +else + echo "Provisioning LND Signet - not active" >> ${logFile} +fi + +# CL Mainnet (when not main instance) +if [ "${cl}" == "on" ] && [ "${lightning}" != "cl" ]; then + echo "Provisioning CL Mainnet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/cl.install.sh on mainnet >> ${logFile} 2>&1 +else + echo "Provisioning CL Mainnet - not active as secondary option" >> ${logFile} +fi + +# CL Testnet +if [ "${tcl}" == "on" ]; then + echo "Provisioning CL Testnet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/cl.install.sh on testnet >> ${logFile} 2>&1 +else + echo "Provisioning CL Testnet - not active" >> ${logFile} +fi + +# CL Signet +if [ "${scl}" == "on" ]; then + echo "Provisioning CL Signet - run config script" >> ${logFile} + sudo /home/admin/config.scripts/cl.install.sh on signet >> ${logFile} 2>&1 +else + echo "Provisioning CL Signet - not active" >> ${logFile} fi # TOR -if [ "${runBehindTor}" = "on" ]; then +if [ "${runBehindTor}" == "on" ]; then echo "Provisioning TOR - run config script" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup Tor (takes time)'/g" ${infoFile} sudo /home/admin/config.scripts/internet.tor.sh on >> ${logFile} 2>&1 @@ -346,22 +430,56 @@ else echo "Provisioning DYNAMIC DOMAIN - keep default" >> ${logFile} fi -# RTL +# RTL (LND) if [ "${rtlWebinterface}" = "on" ]; then - echo "Provisioning RTL - run config script" >> ${logFile} + echo "Provisioning RTL LND - run config script" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup RTL (takes time)'/g" ${infoFile} - sudo -u admin /home/admin/config.scripts/bonus.rtl.sh on >> ${logFile} 2>&1 - sudo systemctl disable RTL # will get enabled after recover dialog + sudo -u admin /home/admin/config.scripts/bonus.rtl.sh on lnd mainnet >> ${logFile} 2>&1 else - echo "Provisioning RTL - keep default" >> ${logFile} + echo "Provisioning RTL LND - keep default" >> ${logFile} fi -#LOOP -if [ "${loop}" = "on" ]; then +# RTL (CL) +if [ "${crtlWebinterface}" = "on" ]; then + echo "Provisioning RTL CL - run config script" >> ${logFile} + sudo sed -i "s/^message=.*/message='Setup RTL (takes time)'/g" ${infoFile} + sudo -u admin /home/admin/config.scripts/bonus.rtl.sh on cl mainnet >> ${logFile} 2>&1 +else + echo "Provisioning RTL CL - keep default" >> ${logFile} +fi + +# SPARKO +if [ "${sparko}" = "on" ]; then + echo "Provisioning Sparko - run config script" >> ${logFile} + sudo sed -i "s/^message=.*/message='Setup SPARKO'/g" ${infoFile} + sudo -u admin /home/admin/config.scripts/cl-plugin.sparko.sh on mainnet >> ${logFile} 2>&1 +else + echo "Provisioning Sparko - keep default" >> ${logFile} +fi + +# clHTTPplugin +if [ "${clHTTPplugin}" = "on" ]; then + echo "Provisioning clHTTPplugin - run config script" >> ${logFile} + sudo sed -i "s/^message=.*/message='Setup clHTTPplugin'/g" ${infoFile} + sudo -u admin /home/admin/config.scripts/cl-plugin.http.sh on >> ${logFile} 2>&1 +else + echo "Provisioning clHTTPplugin - keep default" >> ${logFile} +fi + +# SPARK +if [ "${spark}" = "on" ]; then + echo "Provisioning Spark Wallet - run config script" >> ${logFile} + sudo sed -i "s/^message=.*/message='Setup SPARK WALLET'/g" ${infoFile} + sudo -u admin /home/admin/config.scripts/cl.spark.sh on mainnet >> ${logFile} 2>&1 +else + echo "Provisioning Spark Wallet - keep default" >> ${logFile} +fi + +#LOOP - install only if LiT won't be installed +if [ "${loop}" = "on" ] && [ "${lit}" != "on" ]; then echo "Provisioning Lightning Loop - run config script" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup Lightning Loop'/g" ${infoFile} sudo -u admin /home/admin/config.scripts/bonus.loop.sh on >> ${logFile} 2>&1 - sudo systemctl disable loopd # will get enabled after recover dialog else echo "Provisioning Lightning Loop - keep default" >> ${logFile} fi @@ -371,7 +489,6 @@ if [ "${BTCRPCexplorer}" = "on" ]; then echo "Provisioning BTCRPCexplorer - run config script" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup BTCRPCexplorer (takes time)'/g" ${infoFile} sudo -u admin /home/admin/config.scripts/bonus.btc-rpc-explorer.sh on >> ${logFile} 2>&1 - sudo systemctl disable btc-rpc-explorer # will get enabled after recover dialog else echo "Provisioning BTCRPCexplorer - keep default" >> ${logFile} fi @@ -381,7 +498,6 @@ if [ "${ElectRS}" = "on" ]; then echo "Provisioning ElectRS - run config script" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup ElectRS (takes time)'/g" ${infoFile} sudo -u admin /home/admin/config.scripts/bonus.electrs.sh on >> ${logFile} 2>&1 - sudo systemctl disable electrs # will get enabled after recover dialog else echo "Provisioning ElectRS - keep default" >> ${logFile} fi @@ -392,13 +508,7 @@ if [ "${BTCPayServer}" = "on" ]; then echo "Provisioning BTCPAYSERVER on TOR - running setup" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup BTCPay (takes time)'/g" ${infoFile} sudo -u admin /home/admin/config.scripts/bonus.btcpayserver.sh on >> ${logFile} 2>&1 - - #echo "Provisioning BTCPAYSERVER on TOR - run on after bootup script" >> ${logFile} - # because BTCPAY server freezes during recovery .. it will get installed after reboot - #echo "sudo -u admin /home/admin/config.scripts/bonus.btcpayserver.sh on" >> /home/admin/setup.sh - #sudo chmod +x /home/admin/setup.sh >> ${logFile} - #sudo ls -la /home/admin/setup.sh >> ${logFile} - + else echo "Provisioning BTCPayServer - keep default" >> ${logFile} fi @@ -445,17 +555,6 @@ else echo "Provisioning chantools - keep default" >> ${logFile} fi -# ROOT SSH KEYS -# check if a backup on HDD exists – if so, restore it -backupRootSSH=$(sudo ls /mnt/hdd/ssh/root_backup 2>/dev/null | grep -c "id_rsa") -if [ ${backupRootSSH} -gt 0 ]; then - echo "Provisioning Root SSH Keys - RESTORING from HDD" >> ${logFile} - sudo cp -r /mnt/hdd/ssh/root_backup /root/.ssh - sudo chown -R root:root /root/.ssh -else - echo "Provisioning Root SSH Keys - keep default" >> ${logFile} -fi - # SSH TUNNEL if [ "${#sshtunnel}" -gt 0 ]; then echo "Provisioning SSH Tunnel - run config script" >> ${logFile} @@ -475,13 +574,17 @@ else fi # LCD ROTATE -if [ "${#lcdrotate}" -eq 0 ]; then +if [ ${#lcdrotate} -eq 0 ]; then # when upgrading from an old raspiblitz - enforce lcdrotate = 0 lcdrotate=0 fi -echo "Provisioning LCD rotate - run config script" >> ${logFile} -sudo sed -i "s/^message=.*/message='LCD Rotate'/g" ${infoFile} -sudo /home/admin/config.scripts/blitz.display.sh rotate ${lcdrotate} >> ${logFile} 2>&1 +if [ "${lcdrotate}" == "0" ]; then + echo "Provisioning LCD rotate - run config script" >> ${logFile} + sudo sed -i "s/^message=.*/message='LCD Rotate'/g" ${infoFile} + sudo /home/admin/config.scripts/blitz.display.sh rotate ${lcdrotate} >> ${logFile} 2>&1 +else + echo "Provisioning LCD rotate - not needed, keep default rotate on" >> ${logFile} +fi # TOUCHSCREEN if [ "${#touchscreen}" -gt 0 ]; then @@ -523,7 +626,7 @@ fi if [ "${specter}" = "on" ]; then echo "Provisioning Specter - run config script" >> ${logFile} sudo sed -i "s/^message=.*/message='Setup Specter'/g" ${infoFile} - sudo -u admin /home/admin/config.scripts/bonus.cryptoadvance-specter.sh on >> ${logFile} 2>&1 + sudo -u admin /home/admin/config.scripts/bonus.specter.sh on >> ${logFile} 2>&1 else echo "Provisioning Specter - keep default" >> ${logFile} fi @@ -600,6 +703,15 @@ else echo "Provisioning Stacking Sats Kraken - keep default" >> ${logFile} fi +# Pool - install only if LiT won't be installed +if [ "${pool}" = "on" ] && [ "${lit}" != "on" ]; then + echo "Provisioning Pool - run config script" >> ${logFile} + sudo sed -i "s/^message=.*/message='Setup Pool'/g" ${infoFile} + sudo -u admin /home/admin/config.scripts/bonus.pool.sh on >> ${logFile} 2>&1 +else + echo "Provisioning Pool - keep default" >> ${logFile} +fi + # lit (make sure to be installed after RTL) if [ "${lit}" = "on" ]; then echo "Provisioning LIT - run config script" >> ${logFile} @@ -609,15 +721,6 @@ else echo "Provisioning LIT - keep default" >> ${logFile} fi -# pool -if [ "${pool}" = "on" ]; then - echo "Provisioning Pool - run config script" >> ${logFile} - sudo sed -i "s/^message=.*/message='Setup Pool'/g" ${infoFile} - sudo -u admin /home/admin/config.scripts/bonus.pool.sh on >> ${logFile} 2>&1 -else - echo "Provisioning Pool - keep default" >> ${logFile} -fi - # sphinxrelay if [ "${sphinxrelay}" = "on" ]; then echo "Sphinx-Relay - run config script" >> ${logFile} @@ -720,7 +823,27 @@ else sudo /home/admin/config.scripts/blitz.datadrive.sh fstab ${datadisk} >> ${logFile} fi +# MAKE SURE SERVICES ARE RUNNING +echo "Make sure main services are running .." >> ${logFile} +sudo systemctl start ${network}d +if [ "${lightning}" == "lnd" ];then + sudo systemctl start lnd + # set password c if given in flag from migration prep + passwordFlagExists=$(sudo ls /mnt/hdd/passwordc.flag | grep -c "passwordc.flag") + if [ "${passwordFlagExists}" == "1" ]; then + echo "Found /mnt/hdd/passwordc.flag .. changing password" >> ${logFile} + oldPasswordC=$(sudo cat /mnt/hdd/passwordc.flag) + sudo /home/admin/config.scripts/lnd.initwallet.py change-password mainnet "${oldPasswordC}" "${passwordC}" >> ${logFile} + sudo shred -u /mnt/hdd/passwordc.flag + else + echo "No /mnt/hdd/passwordc.flag" >> ${logFile} + fi +elif [ "${lightning}" == "cl" ];then + sudo systemctl start lightningd +fi + echo "DONE - Give raspi some cool off time after hard building .... 5 secs sleep" >> ${logFile} sleep 5 echo "END Provisioning" >> ${logFile} +exit 0 diff --git a/home.admin/_version.info b/home.admin/_version.info index 7d5f23197..91e469bb3 100644 --- a/home.admin/_version.info +++ b/home.admin/_version.info @@ -1,2 +1,2 @@ # RaspiBlitz Version - always [major].[main].[sub] (sub can be a string like '2rc1') -codeVersion="1.7.0" +codeVersion="1.7.1" diff --git a/home.admin/assets/RaspiBlitzRecoverySheet.docx b/home.admin/assets/RaspiBlitzRecoverySheet.docx index 0f36242ee..346ea934f 100644 Binary files a/home.admin/assets/RaspiBlitzRecoverySheet.docx and b/home.admin/assets/RaspiBlitzRecoverySheet.docx differ diff --git a/home.admin/assets/RaspiBlitzRecoverySheet.pdf b/home.admin/assets/RaspiBlitzRecoverySheet.pdf index 823afe60e..b053360a8 100644 Binary files a/home.admin/assets/RaspiBlitzRecoverySheet.pdf and b/home.admin/assets/RaspiBlitzRecoverySheet.pdf differ diff --git a/home.admin/assets/background.service b/home.admin/assets/background.service index bf6e14992..5286d61ed 100644 --- a/home.admin/assets/background.service +++ b/home.admin/assets/background.service @@ -3,8 +3,8 @@ [Unit] Description=RaspiBlitz Background Monitoring Service -Wants=bootstrap.service -After=bootstrap.service +Wants=network.target +After=network.target # for use with sendmail alert (coming soon) #OnFailure=systemd-sendmail@%n @@ -14,11 +14,10 @@ User=root Group=root Type=simple ExecStart=/home/admin/_background.sh -KillMode=process Restart=always TimeoutSec=10 RestartSec=10 StandardOutput=journal [Install] -WantedBy=multi-user.target +WantedBy=multi-user.target \ No newline at end of file diff --git a/home.admin/assets/bitcoin.conf b/home.admin/assets/bitcoin.conf index 6c92fbf6e..045ac3ce3 100755 --- a/home.admin/assets/bitcoin.conf +++ b/home.admin/assets/bitcoin.conf @@ -1,4 +1,5 @@ # bitcoind configuration +# some values might be overruled directly systemd-service exec call parameters # mainnet/testnet testnet=0 @@ -9,13 +10,16 @@ daemon=1 txindex=0 disablewallet=1 peerbloomfilters=1 +datadir=/mnt/hdd/bitcoin # Connection settings rpcuser=raspibolt rpcpassword=passwordB -rpcport=8332 +main.rpcport=8332 +test.rpcport=18332 rpcallowip=127.0.0.1 -rpcbind=127.0.0.1:8332 +main.rpcbind=127.0.0.1:8332 +test.rpcbind=127.0.0.1:18332 zmqpubrawblock=tcp://127.0.0.1:28332 zmqpubrawtx=tcp://127.0.0.1:28333 @@ -26,4 +30,10 @@ maxmempool=300 maxconnections=40 maxuploadtarget=5000 -datadir=/mnt/hdd/bitcoin +# tor by default +onlynet=onion +proxy=127.0.0.1:9050 +main.bind=127.0.0.1 +test.bind=127.0.0.1 +dnsseed=0 +dns=0 diff --git a/home.admin/assets/bitcoind.service b/home.admin/assets/bitcoind.service index 550d23ad6..aab1f6279 100644 --- a/home.admin/assets/bitcoind.service +++ b/home.admin/assets/bitcoind.service @@ -1,11 +1,10 @@ # RaspiBlitz: systemd unit for bitcoind - [Unit] -Description=Bitcoin daemon -Wants=bootstrap.service -After=bootstrap.service +Description=Bitcoin-Daemon +Wants=network.target +After=network.target -# for use with sendmail alert (coming soon) +# for use with sendmail alert #OnFailure=systemd-sendmail@%n [Service] @@ -14,13 +13,18 @@ Group=bitcoin Type=forking PIDFile=/mnt/hdd/bitcoin/bitcoind.pid ExecStartPre=-/home/admin/config.scripts/blitz.systemd.sh log blockchain STARTED -ExecStart=/usr/local/bin/bitcoind -daemon -conf=/home/bitcoin/.bitcoin/bitcoin.conf -pid=/mnt/hdd/bitcoin/bitcoind.pid -KillMode=process +ExecStart=/usr/local/bin/bitcoind -daemon -conf=/mnt/hdd/bitcoin/bitcoin.conf -pid=/mnt/hdd/bitcoin/bitcoind.pid -debuglogfile=/mnt/hdd/bitcoin/debug.log Restart=always TimeoutSec=120 RestartSec=30 StandardOutput=null StandardError=journal +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target \ No newline at end of file diff --git a/home.admin/assets/blitzweb.conf b/home.admin/assets/blitzweb.conf deleted file mode 100644 index 43e0bbcf5..000000000 --- a/home.admin/assets/blitzweb.conf +++ /dev/null @@ -1,44 +0,0 @@ -## RaspiBlitz NGINX config: blitzweb.conf - -server { - - # localhost only - listen 127.0.0.1:443 ssl default_server; - listen [::1]:443 ssl default_server; - # any interface - #listen 443 ssl default_server; - #listen [::]:443 ssl default_server; - - server_name _; - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_prefer_server_ciphers on; - ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED"; - - add_header Strict-Transport-Security "max-age=31536000"; - - # ToDo(frennkie) if /mnt/hdd/app-data is missing (e.g. no disk) this will cause nginx to fail! - ssl_certificate /mnt/hdd/app-data/nginx/tls.cert; - ssl_certificate_key /mnt/hdd/app-data/nginx/tls.key; - - ## - # Logging Settings - ## - - access_log /var/log/nginx/access_raspiblitz.log; - error_log /var/log/nginx/error_raspiblitz.log; - - root /var/www/blitzweb; - - location / { - # First attempt to serve request as file, then - # as directory, then fall back to displaying a 404. - try_files $uri $uri/ =404; - } - - location /info/ { - auth_basic "BlitzWeb (admin:Password B)"; - auth_basic_user_file /etc/nginx/.htpasswd; - } - -} diff --git a/home.admin/assets/litecoin.conf b/home.admin/assets/litecoin.conf index 24b9bbfab..3065d25cf 100755 --- a/home.admin/assets/litecoin.conf +++ b/home.admin/assets/litecoin.conf @@ -1,4 +1,5 @@ # litecoind configuration +# some values might be overruled directly systemd-service exec call parameters # mainnet/testnet testnet=0 @@ -8,6 +9,7 @@ server=1 daemon=1 txindex=0 disablewallet=1 +datadir=/mnt/hdd/litecoin # Connection settings rpcuser=raspibolt @@ -26,4 +28,11 @@ maxuploadtarget=5000 discardfee=0.00000001 mintxfee=0.00000001 minrelaytxfee=0.00000001 -datadir=/mnt/hdd/litecoin + +# tor by default +onlynet=onion +proxy=127.0.0.1:9050 +main.bind=127.0.0.1 +test.bind=127.0.0.1 +dnsseed=0 +dns=0 diff --git a/home.admin/assets/litecoind.service b/home.admin/assets/litecoind.service index 5584fbe66..203b36afa 100644 --- a/home.admin/assets/litecoind.service +++ b/home.admin/assets/litecoind.service @@ -1,7 +1,8 @@ +# RaspiBlitz: systemd unit for bitcoind [Unit] -Description=Litecoin daemon -Wants=bootstrap.service -After=bootstrap.service +Description=Litecoin-Daemon +Wants=network.target +After=network.target # for use with sendmail alert (coming soon) #OnFailure=systemd-sendmail@%n @@ -12,13 +13,18 @@ Group=bitcoin Type=forking PIDFile=/home/bitcoin/.litecoin/litecoind.pid ExecStartPre=-/home/admin/config.scripts/blitz.systemd.sh log blockchain STARTED -ExecStart=/usr/local/bin/litecoind -daemon -conf=/home/bitcoin/.litecoin/litecoin.conf -pid=/home/bitcoin/.litecoin/litecoind.pid -KillMode=process +ExecStart=/usr/local/bin/litecoind -daemon -conf=/home/bitcoin/.litecoin/litecoin.conf -pid=/home/bitcoin/.litecoin/litecoind.pid -debuglogfile=/mnt/hdd/litecoin/debug.log Restart=always TimeoutSec=120 RestartSec=30 StandardOutput=null StandardError=journal +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target \ No newline at end of file diff --git a/home.admin/assets/lnd.bitcoin.conf b/home.admin/assets/lnd.bitcoin.conf index 525d43864..eb9e6eaa9 100755 --- a/home.admin/assets/lnd.bitcoin.conf +++ b/home.admin/assets/lnd.bitcoin.conf @@ -1,4 +1,4 @@ -# lnd configuration +# lnd configuration - some values might be overruled directly systemd-service exec call parameters [Application Options] debuglevel=debug diff --git a/home.admin/assets/lnd.litecoin.conf b/home.admin/assets/lnd.litecoin.conf index 89f86b343..0d9c20f5d 100755 --- a/home.admin/assets/lnd.litecoin.conf +++ b/home.admin/assets/lnd.litecoin.conf @@ -1,4 +1,4 @@ -# lnd configuration +# lnd configuration - some values might be overruled directly systemd-service exec call parameters [Application Options] debuglevel=debug diff --git a/home.admin/assets/lnd.service b/home.admin/assets/lnd.service index 7e74bf2d0..523bc7940 100644 --- a/home.admin/assets/lnd.service +++ b/home.admin/assets/lnd.service @@ -9,20 +9,24 @@ After=bitcoind.service #OnFailure=systemd-sendmail@%n [Service] -EnvironmentFile=/mnt/hdd/raspiblitz.conf -ExecStartPre=-/home/admin/config.scripts/blitz.systemd.sh log lightning STARTED -ExecStart=/usr/local/bin/lnd --externalip=${publicIP}:${lndPort} ${lndExtraParameter} +ExecStartPre=-/home/admin/config.scripts/lnd.check.sh prestart mainnet +ExecStart=/usr/local/bin/lnd --configfile=/home/bitcoin/.lnd/lnd.conf PIDFile=/home/bitcoin/.lnd/lnd.pid User=bitcoin Group=bitcoin LimitNOFILE=128000 Type=simple -KillMode=process TimeoutSec=180 Restart=always RestartSec=60 StandardOutput=null StandardError=journal +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target \ No newline at end of file diff --git a/home.admin/assets/nginx/sites-available/lnbits_tor.conf b/home.admin/assets/nginx/sites-available/lnbits_tor.conf index 84578c245..83a187938 100644 --- a/home.admin/assets/nginx/sites-available/lnbits_tor.conf +++ b/home.admin/assets/nginx/sites-available/lnbits_tor.conf @@ -15,7 +15,7 @@ server { location / { proxy_pass http://127.0.0.1:5000; - include /etc/nginx/snippets/ssl-proxy-params.conf; + include /etc/nginx/snippets/proxy-params.conf; } } diff --git a/home.admin/assets/nginx/sites-available/public.conf b/home.admin/assets/nginx/sites-available/public.conf index 9becc451d..2e018f325 100644 --- a/home.admin/assets/nginx/sites-available/public.conf +++ b/home.admin/assets/nginx/sites-available/public.conf @@ -4,17 +4,23 @@ server { listen 80 default_server; listen [::]:80 default_server; + root /var/www/public; + index index.html; + server_name _; + + # proxy for API + location /api/ { + proxy_pass http://127.0.0.1:11111/; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Host $host; + } + + # directory for acme challenge location ^~ /.well-known/acme-challenge/ { default_type "text/plain"; root /var/www/letsencrypt; } - root /var/www/public; - - index index.html; - - server_name _; - location / { # make sure to have https link to exact same host that was called sub_filter ' - - - - RaspiBlitz Status - - - - -
-
-

Info Dashboard (Updated: {{ datetime }})

-
- - - -
-

RaspiBlitz v{{ codeVersion }} {{ hostname }}

-

{{ network }} Fullnode + Lightning Network {{ torInfo }}

-

 

-

CPU load {{ load }}, temp {{ tempC }}°C {{ tempF }}°F

-

Free Mem {{ ram }} HDDuse {{ hddUsedInfo }}

-

{{ uptime }}

-

ssh admin@{{ local_ip }} ▼{{ network_rx }} ▲{{ network_tx }}

- {% if runningRTL == '1' %} -

web admin --> http://{{ local_ip }}:3000

- {% endif %} -

 

-

{{ network }} {{ networkVersion }} {{ chain }}net Sync OK {{ sync_percentage }}

-

{{ public_addr_pre }} {{ public_addr }} {{ networkConnections }} peers

-

 

-

LND {{ ln_version }} {{ ln_baseInfo }}

- {% if ln_version|length %} -

{{ ln_channelInfo }} {{ ln_peers }} peers

- {% endif %} -

- -
- {% if ln_version|length %} -

{{ ln_external }}

- {% endif %} -
-
- - - diff --git a/home.admin/assets/nginx/www_blitzweb/info/status.css b/home.admin/assets/nginx/www_blitzweb/info/status.css deleted file mode 100644 index e239afcc4..000000000 --- a/home.admin/assets/nginx/www_blitzweb/info/status.css +++ /dev/null @@ -1,48 +0,0 @@ -#regular { - /* The size of the LCD on shopping list */ - width: 920px; - height: 440px; -} - -.header { - grid-area: header; - text-align: center; -} - -.logo { - grid-area: logo; - text-align: center; -} - -.main { - grid-area: main; -} - -.footer { - grid-area: footer; -} - -.grid-container { - display: grid; - grid-template-areas: 'header header header header' 'logo main main main' 'footer footer footer footer'; - grid-gap: 1px; - background-color: #02192b; - padding: 1px; -} - -.grid-container > div { - background-color: rgba(0, 0, 0, 0.8); - padding: 4px 8px; - font-size: 30px; -} - -body { - background-color: black; - font-family: monospace, monospace; - color: LightSteelBlue; -} - -p { - font-size: 12px; - margin: 4px; -} diff --git a/home.admin/assets/nginx/www_public/index.html b/home.admin/assets/nginx/www_public/index.html index 5167fa05a..7d0eba5bc 100644 --- a/home.admin/assets/nginx/www_public/index.html +++ b/home.admin/assets/nginx/www_public/index.html @@ -17,9 +17,23 @@

- Welcome + Welcome Node Operator

+

Please Wait ...

+ +

Use one the following link to access your RaspiBlitz

Please be aware about HTTPS Certificate Warning! Here is some useful information on that... diff --git a/home.admin/assets/nginx/www_blitzweb/index.html b/home.admin/assets/nginx/www_public/ui/index.html similarity index 88% rename from home.admin/assets/nginx/www_blitzweb/index.html rename to home.admin/assets/nginx/www_public/ui/index.html index 2da139ae5..f4fb2b5eb 100644 --- a/home.admin/assets/nginx/www_blitzweb/index.html +++ b/home.admin/assets/nginx/www_public/ui/index.html @@ -4,7 +4,7 @@ - RaspiBlitz Welcome + WebUI diff --git a/home.admin/assets/telegraf/etc-telegraf/getraspiblitzipinfo.sh b/home.admin/assets/telegraf/etc-telegraf/getraspiblitzipinfo.sh index 17564c09b..071ebf4af 100644 --- a/home.admin/assets/telegraf/etc-telegraf/getraspiblitzipinfo.sh +++ b/home.admin/assets/telegraf/etc-telegraf/getraspiblitzipinfo.sh @@ -13,7 +13,7 @@ debugLevel=0 writeMemoryfile=1 # if "logFile" points to an existing file => logging enabled -logFile=/mnt/hdd/temp/raspiblitzipinfo.log +logFile=/var/cache/raspiblitz/raspiblitzipinfo.log # get the ISO timestamp for log output @@ -77,7 +77,7 @@ if [ ${debugLevel} -gt 10 ]; then for i in $( seq 0 4 ); do printf " %2d: %-10s # get the values from a prior run, that file will not be changes as long as all the values stay the same -memoryFile=/mnt/hdd/temp/raspiblitzipinfo.out +memoryFile=/var/cache/raspiblitz/raspiblitzipinfo.out source ${memoryFile} 2>/dev/null # prepare to count the changes diff --git a/home.admin/config.scripts/bitcoin.install.sh b/home.admin/config.scripts/bitcoin.install.sh new file mode 100644 index 000000000..6b8b3e498 --- /dev/null +++ b/home.admin/config.scripts/bitcoin.install.sh @@ -0,0 +1,222 @@ +#!/bin/bash + +# command info +if [ $# -lt 2 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then + echo + echo "Install or remove parallel chains for Bitcoin Core" + echo "network.bitcoinchains.sh [on|off] [signet|testnet|mainnet]" + echo + exit 1 +fi + +# CHAIN is signet | testnet | mainnet +CHAIN=$2 +if [ "${CHAIN}" != signet ]&&[ "${CHAIN}" != testnet ]&&[ "${CHAIN}" != mainnet ];then + echo "# ${CHAIN} is not supported" + exit 1 +fi + +# prefix for parallel services +if [ ${CHAIN} = testnet ];then + prefix="t" + bitcoinprefix="test" + zmqprefix=21 # zmqpubrawblock=21332 zmqpubrawtx=21333 + rpcprefix=1 # rpcport=18332 +elif [ ${CHAIN} = signet ];then + prefix="s" + bitcoinprefix="signet" + zmqprefix=23 + rpcprefix=3 +elif [ ${CHAIN} = mainnet ];then + prefix="" + bitcoinprefix="main" + zmqprefix=28 + rpcprefix="" +fi + +function removeParallelService() { + if [ -f "/etc/systemd/system/${prefix}bitcoind.service" ];then + if [ ${CHAIN} != mainnet ];then + /usr/local/bin/bitcoin-cli -${CHAIN} stop + else + /usr/local/bin/bitcoin-cli stop + fi + sudo systemctl stop ${prefix}bitcoind + sudo systemctl disable ${prefix}bitcoind + sudo rm /etc/systemd/system/${prefix}bitcoind.service 2>/dev/null + if [ ${bitcoinprefix} = signet ];then + # check for signet service set up by joininbox + if [ -f "/etc/systemd/system/signetd.service" ];then + sudo systemctl stop signetd + sudo systemctl disable signetd + echo "# The signetd.service is stopped and disabled" + fi + fi + echo "# Bitcoin Core on ${CHAIN} service is stopped and disabled" + fi +} + +function installParallelService() { + echo "# Installing Bitcoin Core instance on ${CHAIN}" + # bitcoin.conf + if [ ! -f /home/bitcoin/.bitcoin/bitcoin.conf ];then + # add minimal config + randomRPCpass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8) + echo " +# bitcoind configuration for ${CHAIN} + +# Connection settings +rpcuser=raspiblitz +rpcpassword=$randomRPCpass +${bitcoinprefix}.zmqpubrawblock=tcp://127.0.0.1:${zmqprefix}332 +${bitcoinprefix}.zmqpubrawtx=tcp://127.0.0.1:${zmqprefix}333 + +onlynet=onion +proxy=127.0.0.1:9050 + +datadir=/mnt/hdd/bitcoin +" | sudo -u bitcoin tee /home/bitcoin/.bitcoin/bitcoin.conf + else + echo "# /home/bitcoin/.bitcoin/bitcoin.conf is present" + fi + + # make sure rpcbind is correctly configured + sudo sed -i s/^rpcbind=/main.rpcbind=/g /mnt/hdd/${network}/${network}.conf + if [ $(grep -c "rpcallowip" < /mnt/hdd/${network}/${network}.conf) -gt 0 ];then + if [ $(grep -c "${bitcoinprefix}.rpcbind=" < /mnt/hdd/${network}/${network}.conf) -eq 0 ];then + echo "\ +${bitcoinprefix}.rpcbind=127.0.0.1"|\ + sudo tee -a /mnt/hdd/${network}/${network}.conf + fi + fi + + # correct rpcport entry + sudo sed -i s/^rpcport=/main.rpcport=/g /mnt/hdd/${network}/${network}.conf + if [ $(grep -c "${bitcoinprefix}.rpcport" < /mnt/hdd/${network}/${network}.conf) -eq 0 ];then + echo "\ +${bitcoinprefix}.rpcport=${rpcprefix}8332"|\ + sudo tee -a /mnt/hdd/${network}/${network}.conf + fi + + # correct zmq entry + sudo sed -i s/^zmqpubraw/main.zmqpubraw/g /mnt/hdd/${network}/${network}.conf + if [ $(grep -c "${bitcoinprefix}.zmqpubrawblock" < /mnt/hdd/${network}/${network}.conf) -eq 0 ];then + echo "\ +${bitcoinprefix}.zmqpubrawblock=tcp://127.0.0.1:${zmqprefix}332 +${bitcoinprefix}.zmqpubrawtx=tcp://127.0.0.1:${zmqprefix}333"|\ + sudo tee -a /mnt/hdd/${network}/${network}.conf + fi + + # addnode + if [ ${bitcoinprefix} = signet ];then + if [ $(grep -c "${bitcoinprefix}.addnode" < /mnt/hdd/${network}/${network}.conf) -eq 0 ];then + echo "\ +signet.addnode=s7fcvn5rblem7tiquhhr7acjdhu7wsawcph7ck44uxyd6sismumemcyd.onion:38333 +signet.addnode=6megrst422lxzsqvshkqkg6z2zhunywhyrhy3ltezaeyfspfyjdzr3qd.onion:38333 +signet.addnode=jahtu4veqnvjldtbyxjiibdrltqiiighauai7hmvknwxhptsb4xat4qd.onion:38333 +signet.addnode=f4kwoin7kk5a5kqpni7yqe25z66ckqu6bv37sqeluon24yne5rodzkqd.onion:38333 +signet.addnode=nsgyo7begau4yecc46ljfecaykyzszcseapxmtu6adrfagfrrzrlngyd.onion:38333"|\ + sudo tee -a /mnt/hdd/${network}/${network}.conf + fi + fi + + removeParallelService + if [ ${CHAIN} = mainnet ];then + sudo cp /home/admin/assets/${network}d.service /etc/systemd/system/${network}d.service + else + # /etc/systemd/system/${prefix}bitcoind.service + echo " +[Unit] +Description=Bitcoin daemon on ${CHAIN} + +[Service] +User=bitcoin +Group=bitcoin +Type=forking +PIDFile=/mnt/hdd/bitcoin/${prefix}bitcoind.pid +ExecStart=/usr/local/bin/bitcoind -${CHAIN} -daemon -pid=/mnt/hdd/bitcoin/${prefix}bitcoind.pid -debuglogfile=/mnt/hdd/bitcoin/${prefix}debug.log +Restart=always +TimeoutSec=120 +RestartSec=30 +StandardOutput=null +StandardError=journal + +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + +[Install] +WantedBy=multi-user.target +" | sudo tee /etc/systemd/system/${prefix}bitcoind.service + fi + sudo systemctl daemon-reload + sudo systemctl enable ${prefix}bitcoind + echo "# OK - the bitcoin daemon on ${CHAIN} service is now enabled" + + # add aliases + if [ ${CHAIN} != mainnet ];then + if [ $(alias | grep -c ${prefix}bitcoin) -eq 0 ];then + bash -c "echo 'alias ${prefix}bitcoin-cli=\"/usr/local/bin/bitcoin-cli\ + -rpcport=${rpcprefix}8332\"' \ + >> /home/admin/_aliases" + bash -c "echo 'alias ${prefix}bitcoind=\"/usr/local/bin/bitcoind\ + -${CHAIN}\"' \ + >> /home/admin/_aliases" + fi + sudo chown admin:admin /home/admin/_aliases + fi + + source /home/admin/raspiblitz.info + if [ "${state}" == "ready" ]; then + echo "# OK - the ${prefix}bitcoind.service is enabled, system is ready so starting service" + sudo systemctl start ${prefix}bitcoind + else + echo "# OK - the ${prefix}bitcoindservice is enabled, to start manually use:" + echo "sudo systemctl start ${prefix}bitcoind" + fi + + isInstalled=$(systemctl status ${prefix}bitcoind | grep -c active) + if [ $isInstalled -gt 0 ];then + echo "# Installed $(bitcoind --version | grep version)" + echo + echo "# Monitor the ${prefix}bitcoind with:" + echo "# sudo tail -f /mnt/hdd/bitcoin/${prefix}debug.log" + echo + else + echo "# Installation failed" + echo "# See:" + echo "# sudo journalctl -fu ${prefix}bitcoind" + exit 1 + fi +} + +source /mnt/hdd/raspiblitz.conf + +# add default value to raspi config if needed +if ! grep -Eq "^${CHAIN}=" /mnt/hdd/raspiblitz.conf; then + NEWENTRY="${CHAIN}=off" + sudo /bin/sh -c "echo '$NEWENTRY' >> /mnt/hdd/raspiblitz.conf" +fi + +# switch on +if [ "$1" = "1" ] || [ "$1" = "on" ]; then + installParallelService + # setting value in raspi blitz config + sudo sed -i "s/^${CHAIN}=.*/${CHAIN}=on/g" /mnt/hdd/raspiblitz.conf + exit 0 +fi + +# switch off +if [ "$1" = "0" ] || [ "$1" = "off" ]; then + echo "# Uninstall Bitcoin Core instance on ${CHAIN}" + removeParallelService + # setting value in raspi blitz config + sudo sed -i "s/^${CHAIN}=.*/${CHAIN}=off/g" /mnt/hdd/raspiblitz.conf + exit 0 +fi + +echo "# FAIL - Unknown Parameter $1" +echo "# may need reboot to run" +exit 1 \ No newline at end of file diff --git a/home.admin/config.scripts/bitcoin.update.sh b/home.admin/config.scripts/bitcoin.update.sh index 2b4984548..feae86234 100755 --- a/home.admin/config.scripts/bitcoin.update.sh +++ b/home.admin/config.scripts/bitcoin.update.sh @@ -19,15 +19,16 @@ source /home/admin/raspiblitz.info mode="$1" # RECOMMENDED UPDATE BY RASPIBLITZ TEAM -# comment will be shown as "BEWARE Info" when option is chosen (can be multiple lines) -bitcoinVersion="0.21.0" +# comment will be shown as "BEWARE Info" when option is choosen (can be multiple lines) +bitcoinVersion="" # example: 22.0 .. keep empty if no newer version as sd card build is available # needed to check code signing -laanwjPGP="01EA5486DE18A882D4C2684590C8019E36C2E964" +# https://github.com/laanwj +laanwjPGP="71A3 B167 3540 5025 D447 E8F2 7481 0B01 2346 C9A6" # GATHER DATA -# setting download directory -downloadDir="/home/admin/download" +# setting download directory to the current user +downloadDir="/home/$(whoami)/download/bitcoin.update" # detect CPU architecture & fitting download link if [ $(uname -m | grep -c 'arm') -eq 1 ] ; then @@ -105,14 +106,15 @@ elif [ "${mode}" = "custom" ]; then echo "# Update Bitcoin Core to a chosen version." echo echo "# Input the version you would like to install and press ENTER." - echo "# Examples:" - echo "0.21.1rc1" - echo "0.21.0" + echo "# Examples (versions below 22 are not supported):" + echo "22.0rc3" + echo "22.0" echo read bitcoinVersion if [ $(echo ${bitcoinVersion} | grep -c "rc") -gt 0 ];then cutVersion=$(echo ${bitcoinVersion} | awk -F"r" '{print $1}') rcVersion=$(echo ${bitcoinVersion} | awk -F"r" '{print $2}') + # https://bitcoincore.org/bin/bitcoin-core-22.0/test.rc3/ pathVersion=${cutVersion}/test.r${rcVersion} else pathVersion=${bitcoinVersion} @@ -145,34 +147,42 @@ if [ "${mode}" = "tested" ]||[ "${mode}" = "reckless" ]||[ "${mode}" = "custom" echo echo "# clean & change into download directory" - sudo rm -r ${downloadDir}/* + sudo rm -rf "${downloadDir}" + mkdir -p "${downloadDir}" cd "${downloadDir}" || exit 1 - echo - # download, check and import signer key - sudo -u admin wget https://bitcoin.org/laanwj-releases.asc - if [ ! -f "./laanwj-releases.asc" ] + # download signed binary sha256 hash sum file + wget https://bitcoincore.org/bin/bitcoin-core-${pathVersion}/SHA256SUMS + # download signed binary sha256 hash sum file and check + wget https://bitcoincore.org/bin/bitcoin-core-${pathVersion}/SHA256SUMS.asc + + echo "# Paste the PGP pubkey fingerprint of a signer." + echo "# Example for W. J. van der Laan (https://github.com/laanwj):" + echo "71A3 B167 3540 5025 D447 E8F2 7481 0B01 2346 C9A6" + echo "" + read customKey + + if [ ${#customKey} -eq 0 ];then + customKey=$laanwjPGP + fi + + # receive signer key + if ! gpg --recv-key "$customKey" then - echo "# !!! FAIL !!! Download laanwj-releases.asc not success." + echo + echo "!!! FAIL !!! Could not download the PGP pubkey" + echo + echo "See the signers of this release:" + echo + gpg --verify SHA256SUMS.asc + echo exit 1 fi - gpg --import-options show-only --import ./laanwj-releases.asc - fingerprint=$(gpg ./laanwj-releases.asc 2>/dev/null | grep -c "${laanwjPGP}") - if [ ${fingerprint} -eq 0 ]; then - echo - echo "# !!! BUILD WARNING --> Bitcoin PGP author not as expected" - echo "# Should contain laanwjPGP: ${laanwjPGP}" - echo "# PRESS ENTER to TAKE THE RISK if you think all is OK" - read key - fi - gpg --import ./laanwj-releases.asc - - # download signed binary sha256 hash sum file and check - sudo -u admin wget https://bitcoincore.org/bin/bitcoin-core-${pathVersion}/SHA256SUMS.asc + verifyResult=$(gpg --verify SHA256SUMS.asc 2>&1) goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) echo "goodSignature(${goodSignature})" - correctKey=$(echo ${verifyResult} | grep "using RSA key ${laanwjPGP: -16}" -c) + correctKey=$(echo ${verifyResult} | grep "${customKey}" -c) echo "correctKey(${correctKey})" if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then echo @@ -186,7 +196,7 @@ if [ "${mode}" = "tested" ]||[ "${mode}" = "reckless" ]||[ "${mode}" = "custom" echo "# Downloading Bitcoin Core v${bitcoinVersion} for ${bitcoinOSversion} ..." binaryName="bitcoin-${bitcoinVersion}-${bitcoinOSversion}.tar.gz" - sudo -u admin wget https://bitcoincore.org/bin/bitcoin-core-${pathVersion}/${binaryName} + wget https://bitcoincore.org/bin/bitcoin-core-${pathVersion}/${binaryName} if [ ! -f "./${binaryName}" ] then echo "# !!! FAIL !!! Downloading BITCOIN BINARY did not succeed." @@ -194,11 +204,11 @@ if [ "${mode}" = "tested" ]||[ "${mode}" = "reckless" ]||[ "${mode}" = "custom" fi echo "# Checking binary checksum ..." - checksumTest=$(sha256sum -c --ignore-missing SHA256SUMS.asc ${binaryName} 2>/dev/null \ + checksumTest=$(sha256sum -c --ignore-missing SHA256SUMS ${binaryName} 2>/dev/null \ | grep -c "${binaryName}: OK") if [ "${checksumTest}" -eq 0 ]; then # get the sha256 value for the corresponding platform from signed hash sum file - bitcoinSHA256=$(grep -i "$bitcoinOSversion" SHA256SUMS.asc | cut -d " " -f1) + bitcoinSHA256=$(grep -i "${binaryName}}" SHA256SUMS | cut -d " " -f1) echo "!!! FAIL !!! Downloaded BITCOIN BINARY CHECKSUM:" echo "$(sha256sum ${binaryName})" echo "NOT matching SHA256 checksum:" @@ -206,10 +216,9 @@ if [ "${mode}" = "tested" ]||[ "${mode}" = "reckless" ]||[ "${mode}" = "custom" exit 1 else echo - echo "# OK --> VERIFIED BITCOIN CHECKSUM IS CORRECT" + echo "# OK --> VERIFIED BITCOIN CORE BINARY CHECKSUM IS CORRECT" echo fi - fi if [ "${mode}" = "tested" ]||[ "${mode}" = "custom" ]; then @@ -227,10 +236,10 @@ if [ "${mode}" = "tested" ]||[ "${mode}" = "reckless" ]||[ "${mode}" = "custom" sudo systemctl stop bitcoind echo echo "# Installing Bitcoin Core v${bitcoinVersion}" - sudo -u admin tar -xvf ${binaryName} + tar -xvf ${binaryName} sudo install -m 0755 -o root -g root -t /usr/local/bin/ bitcoin-${bitcoinVersion}/bin/* sleep 3 - installed=$(sudo -u admin bitcoind --version | grep "${bitcoinVersion}" -c) + installed=$(bitcoind --version | grep "${bitcoinVersion}" -c) if [ ${installed} -lt 1 ]; then echo echo "# !!! BUILD FAILED --> Was not able to install bitcoind version(${bitcoinVersion})" diff --git a/home.admin/config.scripts/blitz.bootdrive.sh b/home.admin/config.scripts/blitz.bootdrive.sh new file mode 100644 index 000000000..217510285 --- /dev/null +++ b/home.admin/config.scripts/blitz.bootdrive.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +# basic background on this feature +# see: https://github.com/rootzoll/raspiblitz/issues/936 + +# get basic system information +# these are the same set of infos the WebGUI dialog/controler has +source /home/admin/raspiblitz.info &2 + echo "# DONE - please reboot" + else + echo "# FAIL to execute on ${baseimage}: ${resizeRaspbian}" + echo "err='expand failed'" + exit 1 + fi + elif [ "${baseimage}" = "armbian" ]; then + resizeArmbian="/usr/lib/armbian/armbian-resize-filesystem" + if [ -x ${resizeArmbian} ]; then + echo "# RUNNING EXPAND ARMBIAN: ${resizeArmbian}" + sudo $resizeArmbian start 1>&2 + echo "# DONE - please reboot" + else + echo "# FAIL to execute on ${baseimage}: ${resizeArmbian}" + echo "err='expand failed'" + exit 1 + fi + else + echo "#FAIL no implementation for: ${baseimage}" + echo "err='missing implementation'" + exit 1 + fi + exit 0 +fi + +echo "err='unknown parameter'" +exit 1 \ No newline at end of file diff --git a/home.admin/config.scripts/blitz.copyblockchain.sh b/home.admin/config.scripts/blitz.copyblockchain.sh deleted file mode 100755 index 9829b7652..000000000 --- a/home.admin/config.scripts/blitz.copyblockchain.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "# managing the copy of blockchain data over LAN" - echo "# blitz.copyblockchain.sh [status]" - echo "error='missing parameters'" - exit 1 -fi - -# load basic system settings -source /home/admin/raspiblitz.info 2>/dev/null -source /mnt/hdd/raspiblitz.conf 2>/dev/null - -# check that blockchain is set & supported -if [ "${network}" != "bitcoin" ] && [ "${network}" != "litecoin" ]; then - echo "blockchain='{$network}'" - echo "error='blockchain type missing or not supported'" - exit 1 -fi - -# check that HDD is available -isMounted=$(sudo df | grep -c /mnt/hdd) -if [ "${isMounted}" != "1" ]; then - echo "error='no datadrive is mounted'" - exit 1 -fi - -################### -# STATUS -################### - -# check if copy is in progress -copyBeginTime=$(cat /mnt/hdd/${network}/copy_begin.time 2>/dev/null | tr -cd '[[:digit:]]') -if [ ${#copyBeginTime} -eq 0 ]; then - copyBeginTime=0 -fi -copyEndTime=$(cat /mnt/hdd/${network}/copy_end.time 2>/dev/null | tr -cd '[[:digit:]]') -if [ ${#copyEndTime} -eq 0 ]; then - copyEndTime=0 -fi -copyInProgress=0 -if [ ${copyBeginTime} -gt ${copyEndTime} ]; then - copyInProgress=1 -fi - -# output status data & exit -if [ "$1" = "status" ]; then - echo "# blitz.copyblockchain.sh" - echo "copyInProgress=${copyInProgress}" - echo "copyBeginTime=${copyBeginTime}" - echo "copyEndTime=${copyEndTime}" - exit 1 -fi - -# if no other -echo "error='unknown command'" -exit 1 diff --git a/home.admin/config.scripts/blitz.copychain.sh b/home.admin/config.scripts/blitz.copychain.sh new file mode 100644 index 000000000..5af7ec414 --- /dev/null +++ b/home.admin/config.scripts/blitz.copychain.sh @@ -0,0 +1,399 @@ +#!/bin/bash + +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "# managing the copy of blockchain data over LAN" + echo "# blitz.copychain.sh [status|target|source]" + echo "error='missing parameters'" + exit 1 +fi + +# load basic system settings +source /home/admin/raspiblitz.info 2>/dev/null +source /mnt/hdd/raspiblitz.conf 2>/dev/null + +# check that blockchain is set & supported +if [ "${network}" != "bitcoin" ] && [ "${network}" != "litecoin" ]; then + echo "blockchain='{$network}'" + echo "error='blockchain type missing or not supported'" + exit 1 +fi + +# check that HDD is available +isMounted=$(sudo df | grep -c /mnt/hdd) +if [ "${isMounted}" != "1" ]; then + echo "error='no datadrive is mounted'" + exit 1 +fi + +################### +# STATUS +################### + +# check if copy is in progress +copyBeginTime=$(cat /mnt/hdd/${network}/copy_begin.time 2>/dev/null | tr -cd '[[:digit:]]') +if [ ${#copyBeginTime} -eq 0 ]; then + copyBeginTime=0 +fi +copyEndTime=$(cat /mnt/hdd/${network}/copy_end.time 2>/dev/null | tr -cd '[[:digit:]]') +if [ ${#copyEndTime} -eq 0 ]; then + copyEndTime=0 +fi +copyInProgress=0 +if [ ${copyBeginTime} -gt ${copyEndTime} ]; then + copyInProgress=1 +fi + +# output status data & exit +if [ "$1" = "status" ]; then + echo "# blitz.copychain.sh" + echo "copyInProgress=${copyInProgress}" + echo "copyBeginTime=${copyBeginTime}" + echo "copyEndTime=${copyEndTime}" + exit 1 +fi + +################### +# COPYTARGET +################### + +# output status data & exit +if [ "$1" = "target" ]; then + + # Basic Options + OPTIONS=(WINDOWS "Windows" \ + MACOS "Apple MacOSX" \ + LINUX "Linux" \ + BLITZ "RaspiBlitz" + ) + CHOICE=$(dialog --clear --title " Copy Blockchain from another laptop/node over LAN " --menu "\nWhich system is running on the other laptop/node you want to copy the blockchain from?\n " 14 60 9 "${OPTIONS[@]}" 2>&1 >/dev/tty) + + clear + case $CHOICE in + MACOS) echo "Steve";; + LINUX) echo "Linus";; + WINDOWS) echo "Bill";; + BLITZ) echo "Satoshi";; + *) exit 1;; + esac + + # setting copy state + sed -i "s/^state=.*/state=copytarget/g" /home/admin/raspiblitz.info + sed -i "s/^message=.*/message='Receiving Blockchain over LAN'/g" /home/admin/raspiblitz.info + + echo "stopping services ..." + sudo systemctl stop bitcoind 2>/dev/null + sudo systemctl disable bitcoind 2>/dev/null + + # check if old blockchain data exists + hasOldBlockchainData=0 + sizeBlocks=$(sudo du -s /mnt/hdd/bitcoin/blocks 2>/dev/null | tr -dc '[0-9]') + if [ ${#sizeBlocks} -gt 0 ] && [ ${sizeBlocks} -gt 0 ]; then + hasOldBlockchainData=1 + fi + sizeChainstate=$(sudo du -s /mnt/hdd/bitcoin/chainstate 2>/dev/null | tr -dc '[0-9]') + if [ ${#sizeChainstate} -gt 0 ] && [ ${sizeChainstate} -gt 0 ]; then + hasOldBlockchainData=1 + fi + + dialog --title " Old Blockchain Data Found " --yesno "\nDo you want to delete the existing blockchain data now?" 7 60 + response=$? + clear + echo "response(${response})" + if [ "${response}" = "1" ]; then + echo "OK - keep old blockchain - just try to repair by copying over it" + sleep 3 + else + echo "OK - delete old blockchain" + sudo rm -rfv /mnt/hdd/bitcoin/blocks/* 2>/dev/null + sudo rm -rfv /mnt/hdd/bitcoin/chainstate/* 2>/dev/null + sleep 3 + fi + + # make sure /mnt/hdd/bitcoin exists + sudo mkdir /mnt/hdd/bitcoin 2>/dev/null + + # allow all users write to it + sudo chmod 777 /mnt/hdd/bitcoin + + echo + clear + if [ "${CHOICE}" = "WINDOWS" ]; then + echo "****************************************************************************" + echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from a WINDOWS computer" + echo "****************************************************************************" + echo "" + echo "ON YOUR WINDOWS COMPUTER download and validate the blockchain with the Bitcoin" + echo "Core wallet software (>=0.17.1) from: bitcoincore.org/en/download" + echo "If the Bitcoin Blockchain is synced up - make sure that your Windows computer &" + echo "your RaspiBlitz are in the same local network." + echo "" + echo "Open a fresh terminal on your Windows computer & change into the directory that" + echo "contains the blockchain data - should see folders named 'blocks' & 'chainstate'" + echo "there. Normally on Windows thats: C:\Users\YourUserName\Appdata\Roaming\Bitcoin" + echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." + echo "" + echo "COPY, PASTE & EXECUTE the following command on your Windows computer terminal:" + echo "scp -r ./chainstate ./blocks bitcoin@${localip}:/mnt/hdd/bitcoin" + echo "" + echo "If asked for a password use PASSWORD A (or 'raspiblitz')." + fi + if [ "${CHOICE}" = "MACOS" ]; then + echo "****************************************************************************" + echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from a MacOSX computer" + echo "****************************************************************************" + echo "" + echo "ON YOUR MacOSX COMPUTER download and validate the blockchain with the Bitcoin" + echo "Core wallet software (>=0.17.1) from: bitcoincore.org/en/download" + echo "If the Bitcoin Blockchain is synced up - make sure that your MacOSX computer &" + echo "your RaspiBlitz are in the same local network." + echo "" + echo "Open a fresh terminal on your MacOSX computer and change into the directory that" + echo "contains the blockchain data - should see folders named 'blocks' & 'chainstate'" + echo "there. Normally on MacOSX thats: cd ~/Library/Application Support/Bitcoin/" + echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." + echo "" + echo "COPY, PASTE & EXECUTE the following command on your MacOSX terminal:" + echo "sudo rsync -avhW --progress ./chainstate ./blocks bitcoin@${localip}:/mnt/hdd/bitcoin" + echo "" + echo "You will be asked for passwords. First can be the user password of your MacOSX" + echo "computer and the last is the PASSWORD A (or 'raspiblitz') of this RaspiBlitz." + fi + if [ "${CHOICE}" = "LINUX" ]; then + echo "****************************************************************************" + echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from a LINUX computer" + echo "****************************************************************************" + echo "" + echo "ON YOUR LINUX COMPUTER download and validate the blockchain with the Bitcoin" + echo "Core wallet software (>=0.17.1) from: bitcoincore.org/en/download" + echo "If the Bitcoin Blockchain is synced up - make sure that your Linux computer &" + echo "your RaspiBlitz are in the same local network." + echo "" + echo "Open a fresh terminal on your Linux computer and change into the directory that" + echo "contains the blockchain data - should see folders named 'blocks' & 'chainstate'" + echo "there. Normally on Linux thats: cd ~/.bitcoin/" + echo "Make sure that the Bitcoin Core Wallet is not running in the background anymore." + echo "" + echo "COPY, PASTE & EXECUTE the following command on your Linux terminal:" + echo "sudo rsync -avhW --progress ./chainstate ./blocks bitcoin@${localip}:/mnt/hdd/bitcoin" + echo "" + echo "You will be asked for passwords. First can be the user password of your Linux" + echo "computer and the last is the PASSWORD A (or 'raspiblitz') of this RaspiBlitz." + fi + if [ "${CHOICE}" = "BLITZ" ]; then + echo "****************************************************************************" + echo "Instructions to COPY/TRANSFER SYNCED BLOCKCHAIN from another RaspiBlitz" + echo "****************************************************************************" + echo "" + echo "The other RaspiBlitz needs a minimum version of 1.6 (if lower, update first)." + echo "Make sure that the other RaspiBlitz is on the same local network." + echo "" + echo "Open a fresh terminal and login per SSH into that other RaspiBlitz." + echo "Once in the main menu go: MAINMENU > REPAIR > COPY-SOURCE" + echo "Follow the given instructions ..." + echo "" + echo "The LOCAL IP of this target RaspiBlitz is: ${localip}" + fi + echo "" + echo "It can take multiple hours until transfer is complete - be patient." + echo "****************************************************************************" + echo "PRESS ENTER if transfers is done OR if you want to choose another option." + sleep 2 + read key + + # make quick check if data is there + anyDataAtAll=0 + quickCheckOK=1 + count=$(sudo find /mnt/hdd/bitcoin/ -iname *.dat -type f | wc -l) + if [ ${count} -gt 0 ]; then + echo "Found data in /mnt/hdd/bitcoin/blocks" + anyDataAtAll=1 + fi + if [ ${count} -lt 300 ]; then + echo "FAIL: transfer seems invalid - less then 300 .dat files (${count})" + quickCheckOK=0 + fi + count=$(sudo find /mnt/hdd/bitcoin/ -iname *.ldb -type f | wc -l) + if [ ${count} -gt 0 ]; then + echo "Found data in /mnt/hdd/bitcoin/chainstate" + anyDataAtAll=1 + fi + if [ ${count} -lt 700 ]; then + echo "FAIL: transfer seems invalid - less then 700 .ldb files (${count})" + quickCheckOK=0 + fi + + echo "*********************************************" + echo "QUICK CHECK RESULT" + echo "*********************************************" + + # just if any data transferred .. + if [ ${anyDataAtAll} -eq 1 ]; then + + # data was invalid - ask user to keep? + if [ ${quickCheckOK} -eq 0 ]; then + echo "FAIL -> DATA seems incomplete." + else + echo "OK -> DATA LOOKS GOOD :D" + sudo rm /mnt/hdd/bitcoin/debug.log 2>/dev/null + fi + + else + echo "CANCEL -> NO DATA was copied." + quickCheckOK=0 + fi + echo "*********************************************" + + + # REACT ON QUICK CHECK DURING INITAL SETUP + if [ ${quickCheckOK} -eq 0 ]; then + + echo "*********************************************" + echo "There seems to be an invalid transfer." + + echo "Wait 5 secs ..." + sleep 5 + + dialog --title " INVALID TRANSFER - TRY AGAIN?" --yesno "Quickcheck shows the data you transferred is invalid/incomplete. Maybe transfere was interrupted and not completed.\n\nDo you want retry/proceed the copy process?" 8 70 + response=$? + echo "response(${response})" + if [ "${response}" == "0" ]; then + /home/admin/config.scripts/blitz.copychain.sh + exit 0 + fi + + dialog --title " INVALID TRANSFER - DELETE DATA?" --yesno "Quickcheck shows the data you transferred is invalid/incomplete. This can lead further RaspiBlitz setup to get stuck in error state.\nDo you want to reset/delete data?" 8 60 + response=$? + echo "response(${response})" + case $response in + 1) quickCheckOK=1 ;; + esac + + fi + + if [ ${quickCheckOK} -eq 0 ]; then + echo "Deleting invalid Data ... " + sudo rm -rf /mnt/hdd/bitcoin + sleep 2 + fi + + echo "restarting services ... (please wait)" + sudo systemctl enable bitcoind + sudo systemctl start bitcoind + sleep 10 + + # setting copy state + sed -i "s/^state=.*/state=ready/g" /home/admin/raspiblitz.info + sed -i "s/^message=.*/message='Node Running'/g" /home/admin/raspiblitz.info +fi + +################### +# COPYSOURCE +################### + +if [ "$1" = "source" ]; then + + clear + echo + echo "# *** Copy Blockchain Source Modus ***" + + echo "# get IP of RaspiBlitz to copy to ..." + targetIP=$(whiptail --inputbox "\nPlease enter the LOCAL IP of the\nRaspiBlitz to copy Blockchain to:" 10 38 "" --title " Target IP " --backtitle "RaspiBlitz - Copy Blockchain" 3>&1 1>&2 2>&3) + targetIP=$(echo "${targetIP[0]}") + localIP=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + if [ ${#targetIP} -eq 0 ]; then + exit 1 + fi + if [ "${localIP}" == "${targetIP}" ]; then + whiptail --msgbox "Dont type in the local IP of this RaspiBlitz,\nthe LOCAL IP of the other RaspiBlitz is needed." 8 54 "" --title " Testing Target IP " --backtitle "RaspiBlitz - Copy Blockchain" + exit 1 + fi + canPingIP=$(ping ${targetIP} -c 1 | grep -c "1 received") + if [ ${canPingIP} -eq 0 ]; then + whiptail --msgbox "Was not able to contact/ping: ${targetIP}\n\n- check if IP of target RaspiBlitz is correct.\n- check to be on the same local network.\n- try again ..." 11 58 "" --title " Testing Target IP " --backtitle "RaspiBlitz - Copy Blockchain" + exit 1 + fi + + echo "# get Password of RaspiBlitz to copy to ..." + targetPassword=$(whiptail --passwordbox "\nPlease enter the PASSWORD A of the\nRaspiBlitz to copy Blockchain to:" 10 38 "" --title "Target Password" --backtitle "RaspiBlitz - Copy Blockchain" 3>&1 1>&2 2>&3) + if [ ${#targetPassword} -eq 0 ]; then + exit 1 + fi + + sudo rm /root/.ssh/known_hosts 2>/dev/null + canLogin=$(sudo sshpass -p "${targetPassword}" ssh -t -o StrictHostKeyChecking=no bitcoin@${targetIP} "echo 'working'" 2>/dev/null | grep -c 'working') + if [ ${canLogin} -eq 0 ]; then + whiptail --msgbox "Password was not working for IP: ${targetIP}\n\n- check thats the correct IP for correct RaspiBlitz\n- check that you used PASSWORD A and had no typo\n- If you tried too often, wait 1h try again" 11 58 "" --title " Testing Target Password " --backtitle "RaspiBlitz - Copy Blockchain" + exit 1 + fi + + echo "# stopping services ..." + sudo systemctl stop background + sudo systemctl stop lnd + sudo systemctl stop ${network}d + sudo systemctl disable ${network}d + sleep 5 + sudo systemctl stop bitcoind 2>/dev/null + + clear + echo + echo "# Starting copy over LAN (around 4-6 hours) ..." + sed -i "s/^state=.*/state=copysource/g" /home/admin/raspiblitz.info + cd /mnt/hdd/${network} + + # transfere beginning flag + date +%s > /home/admin/copy_begin.time + sudo sshpass -p "${targetPassword}" rsync -avhW -e 'ssh -o StrictHostKeyChecking=no -p 22' /home/admin/copy_begin.time bitcoin@${targetIP}:/mnt/hdd/bitcoin + sudo rm -f /home/admin/copy_begin.time + + # repeat the syncing of directories until + # a) there are no files left to transfere (be robust against failing connections, etc) + # b) the user hits a key to break loop after report + while : + do + + # transfere blockchain data + sudo rm -f ./transferred.rsync + sudo sshpass -p "${targetPassword}" rsync -avhW -e 'ssh -o StrictHostKeyChecking=no -p 22' --info=progress2 --log-file=./transferred.rsync ./chainstate ./blocks bitcoin@${targetIP}:/mnt/hdd/bitcoin + + # check result + # the idea is even after successfull transfer the loop will run a second time + # but on the second time there will be no files transfered (log lines are below 4) + # thats the signal that its done + linesInLogFile=$(wc -l ./transferred.rsync | cut -d " " -f 1) + if [ ${linesInLogFile} -lt 4 ]; then + echo "" + echo "OK all files transfered. DONE" + sleep 2 + break + fi + + # wait 20 seconds for user exiting loop + echo "" + echo -en "OK one sync loop done ... will test in next loop if all was transferred." + echo -en "PRESS X TO MANUALLY FINISH SYNCING" + read -n 1 -t 6 keyPressed + if [ "${keyPressed}" = "x" ]; then + echo "" + echo "Ending Sync ..." + sleep 2 + break + fi + + done + + # transfere end flag + sed -i "s/^state=.*/state=ready/g" /home/admin/raspiblitz.info + date +%s > /home/admin/copy_end.time + sudo sshpass -p "${targetPassword}" rsync -avhW -e 'ssh -o StrictHostKeyChecking=no -p 22' /home/admin/copy_end.time bitcoin@${targetIP}:/mnt/hdd/bitcoin + sudo rm -f /home/admin/copy_end.time + + echo "# start services again ..." + sudo systemctl enable ${network}d + sudo systemctl start ${network}d + sudo systemctl start lnd + sudo systemctl start background + + echo "# show final message" + whiptail --msgbox "OK - Copy Process Finished.\n\nNow check on the target RaspiBlitz if it was sucessful." 10 40 "" --title " DONE " --backtitle "RaspiBlitz - Copy Blockchain" + +fi \ No newline at end of file diff --git a/home.admin/config.scripts/blitz.datadrive.sh b/home.admin/config.scripts/blitz.datadrive.sh index 01d44c8ba..f7cdf5af5 100755 --- a/home.admin/config.scripts/blitz.datadrive.sh +++ b/home.admin/config.scripts/blitz.datadrive.sh @@ -1,7 +1,7 @@ #!/bin/bash if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then >&2 echo "# managing the data drive(s) with old EXT4 or new BTRFS" - >&2 echo "# blitz.datadrive.sh [status|tempmount|format|fstab|raid|link|swap|clean|snapshot]" + >&2 echo "# blitz.datadrive.sh [status|tempmount|unmount|format|fstab|raid|link|swap|clean|snapshot|uasp-fix]" echo "error='missing parameters'" exit 1 fi @@ -49,7 +49,7 @@ fi isMounted=$(sudo df | grep -c /mnt/hdd) isBTRFS=$(sudo btrfs filesystem show 2>/dev/null| grep -c 'BLITZSTORAGE') isRaid=$(btrfs filesystem df /mnt/hdd 2>/dev/null | grep -c "Data, RAID1") -isSSD="Unknown" +isSSD="0" # determine if swap is external on or not externalSwapPath="/mnt/hdd/swapfile" @@ -71,19 +71,25 @@ if [ "$1" = "status" ]; then echo "isMounted=${isMounted}" echo "isBTRFS=${isBTRFS}" - # if HDD is not mounted system is in the pre-setup phase - # deliver all the details needed about the data drive + # if HDD is not mounted system then it is in the pre-setup phase + # deliver all the detailes needed about the data drive # and it content for the setup dialogs if [ ${isMounted} -eq 0 ]; then echo echo "# SETUP INFO" # find the HDD (biggest single partition) + # will then be used to offer formatting and permanent mounting hdd="" sizeDataPartition=0 - OSPartition=$(sudo df /usr | grep dev | cut -d " " -f 1 | sed "s/\/dev\///g") - - lsblk -o NAME,SIZE -b | grep -P "[s|v]d[a-z][0-9]?" > .lsblk.tmp + OSPartition=$(sudo df /usr 2>/dev/null | grep dev | cut -d " " -f 1 | sed "s#/dev/##g") + # detect boot partition on UEFI systems + bootPartition=$(sudo df /boot/efi 2>/dev/null | grep dev | cut -d " " -f 1 | sed "s#/dev/##g") + if [ ${#bootPartition} -eq 0 ]; then + # for non UEFI + bootPartition=$(sudo df /boot 2>/dev/null | grep dev | cut -d " " -f 1 | sed "s#/dev/##g") + fi + lsblk -o NAME,SIZE -b | grep -P "[s|vn][dv][a-z][0-9]?" > .lsblk.tmp while read line; do # cut line info into different informations @@ -110,11 +116,12 @@ if [ "$1" = "status" ]; then #echo "# testpartitioncount($testpartitioncount)" #echo "# testpartitioncount(${testpartitioncount})" #echo "# OSPartition(${OSPartition})" + #echo "# bootPartition(${bootPartition})" #echo "# hdd(${hdd})" if [ $testpartitioncount -gt 0 ]; then - # if a partition was found - make sure to skip OS partition - if [ "$testpartition" != "$OSPartition" ]; then + # if a partition was found - make sure to skip the OS and boot partitions + if [ "${testpartition}" != "${OSPartition}" ] && [ "${testpartition}" != "${bootPartition}" ]; then # make sure to use the biggest if [ ${testsize} -gt ${sizeDataPartition} ]; then sizeDataPartition=${testsize} @@ -141,14 +148,17 @@ if [ "$1" = "status" ]; then done < .lsblk.tmp rm -f .lsblk.tmp 1>/dev/null 2>/dev/null + # display possible warnings from hdd partition detection if [ "${hddPartitionCandidate}" != "" ] && [ ${#hddDataPartition} -lt 4 ]; then echo "# WARNING: found invalid partition (${hddDataPartition}) - redacting" hddDataPartition="" fi + # try to detect if its an SSD isSSD=$(sudo cat /sys/block/${hdd}/queue/rotational 2>/dev/null | grep -c 0) echo "isSSD=${isSSD}" + # display results from hdd & partition detection echo "hddCandidate='${hdd}'" hddBytes=0 hddGigaBytes=0 @@ -158,9 +168,9 @@ if [ "$1" = "status" ]; then fi echo "hddBytes=${hddBytes}" echo "hddGigaBytes=${hddGigaBytes}" - echo "hddPartitionCandidate='${hddDataPartition}'" + # if positive deliver more data if [ ${#hddDataPartition} -gt 0 ]; then # check partition size in bytes and GBs @@ -168,13 +178,6 @@ if [ "$1" = "status" ]; then hddDataPartitionGigaBytes=$(echo "scale=0; ${sizeDataPartition}/1024/1024/1024" | bc -l) echo "hddPartitionGigaBytes=${hddDataPartitionGigaBytes}" - # check if single drive with that size - hddCount=0 - if [ ${#hddDataPartition} -gt 0 ]; then - hddCount=1 - fi - echo "hddCount=${hddCount}" - # check format of devices partition hddFormat=$(lsblk -o FSTYPE,NAME,TYPE | grep part | grep "${hddDataPartition}" | cut -d " " -f 1) echo "hddFormat='${hddFormat}'" @@ -206,11 +209,30 @@ if [ "$1" = "status" ]; then echo "hddError='data mount failed'" else - # check for recoverable RaspiBlitz data (if config file exists) and raid - hddRaspiData=$(sudo ls -l /mnt/hdd${subVolumeDir} 2>/dev/null | grep -c raspiblitz.conf) - isRaid=$(btrfs filesystem df /mnt/hdd 2>/dev/null | grep -c "Data, RAID1") - echo "hddRaspiData=${hddRaspiData}" - sudo umount /mnt/hdd + ##################################### + # Pre-Setup Investigation of DATA-PART + + # check for recoverable RaspiBlitz data (if config file exists) and raid + hddRaspiData=$(sudo ls -l /mnt/hdd${subVolumeDir} 2>/dev/null | grep -c raspiblitz.conf) + #isRaid=$(btrfs filesystem df /mnt/hdd 2>/dev/null | grep -c "Data, RAID1") + echo "hddRaspiData=${hddRaspiData}" + hddRaspiVersion="" + if [ ${hddRaspiData} -eq 1 ]; then + source /mnt/hdd${subVolumeDir}/raspiblitz.conf + hddRaspiVersion="${raspiBlitzVersion}" + fi + echo "hddRaspiVersion='${hddRaspiVersion}'" + + # check if there is a wifi configuration as backup + hddGotWifiConf=$(ls /mnt/hdd${subVolumeDir}/app-data/wpa_supplicant.conf 2>/dev/null | grep -c "wpa_supplicant.conf") + if [ ${hddGotWifiConf} -eq 1 ]; then + # make a copy to the mem cache drive (so that Wifi can be connected before setup & final HDD mount) + sudo cp /mnt/hdd${subVolumeDir}/app-data/wpa_supplicant.conf /var/cache/raspiblitz/wpa_supplicant.conf + echo "wifiBackupConfigCopy='/var/cache/raspiblitz/wpa_supplicant.conf'" + fi + + # comment this line out if case to study the contect of the data section + sudo umount /mnt/hdd fi # temp storage data drive @@ -228,6 +250,9 @@ if [ "$1" = "status" ]; then echo "hddError='storage mount failed'" else + ######################################## + # Pre-Setup Invetigation of STORAGE-PART + # check for blockchain data on storage hddBlocksBitcoin=$(sudo ls /mnt/storage${subVolumeDir}/bitcoin/blocks/blk00000.dat 2>/dev/null | grep -c '.dat') echo "hddBlocksBitcoin=${hddBlocksBitcoin}" @@ -252,15 +277,14 @@ if [ "$1" = "status" ]; then echo "hddDataFreeKB=${hdd_data_free1Kblocks}" # check if its another fullnode implementation data disk - hddGotMigrationData="none" + hddGotMigrationData="" if [ "${hddFormat}" = "ext4" ]; then - # check for umbrel + # check for other node implementations isUmbrelHDD=$(sudo ls /mnt/storage/umbrel/info.json 2>/dev/null | grep -c '.json') + isMyNodeHDD=$(sudo ls /mnt/storage/mynode/bitcoin/bitcoin.conf 2>/dev/null | grep -c '.conf') if [ ${isUmbrelHDD} -gt 0 ]; then hddGotMigrationData="umbrel" - fi - isMyNodeHDD=$(sudo ls /mnt/storage/mynode/bitcoin/bitcoin.conf 2>/dev/null | grep -c '.conf') - if [ ${isMyNodeHDD} -gt 0 ]; then + elif [ ${isMyNodeHDD} -gt 0 ]; then hddGotMigrationData="mynode" fi else @@ -268,7 +292,7 @@ if [ "$1" = "status" ]; then fi echo "hddGotMigrationData='${hddGotMigrationData}'" - # unmount + # comment this line out if case to study the contect of the storage section sudo umount /mnt/storage fi else @@ -298,6 +322,12 @@ if [ "$1" = "status" ]; then fi hddRaspiData=$(sudo ls -l /mnt/hdd | grep -c raspiblitz.conf) echo "hddRaspiData=${hddRaspiData}" + hddRaspiVersion="" + if [ ${hddRaspiData} -eq 1 ]; then + source /mnt/hdd/raspiblitz.conf + hddRaspiVersion="${raspiBlitzVersion}" + fi + echo "hddRaspiVersion='${hddRaspiVersion}'" isSSD=$(sudo cat /sys/block/${hdd}/queue/rotational 2>/dev/null | grep -c 0) echo "isSSD=${isSSD}" @@ -345,7 +375,8 @@ if [ "$1" = "status" ]; then fi - # HDD Adapter UASP support --> https://www.pragmaticlinux.com/2021/03/fix-for-getting-your-ssd-working-via-usb-3-on-your-raspberry-pi/ + # HDD Adpater UASP support --> https://www.pragmaticlinux.com/2021/03/fix-for-getting-your-ssd-working-via-usb-3-on-your-raspberry-pi/ + # in both cases (if mounted or not - using the hdd selection from both cases) if [ ${#hdd} -gt 0 ]; then # determine USB HDD adapter model ID @@ -358,8 +389,18 @@ if [ "$1" = "status" ]; then fi echo "hddAdapterUSB='${hddAdapter}'" - # check if HDD ADAPTER is on UASP WHITELIST (tested devices) hddAdapterUSAP=0 + + # check if user wants to force UASP on + if [ -f "/boot/uasp.force" ]; then + hddAdapterUSAP=1 + echo "uaspForced=1" + fi + if [ $(cat /mnt/hdd/raspiblitz.conf 2>/dev/null | grep -c "forceUasp=on") -eq 1 ]; then + hddAdapterUSAP=1 + fi + + # check if HDD ADAPTER is on UASP WHITELIST (tested devices) if [ "${hddAdapter}" == "174c:55aa" ]; then # UGREEN 2.5" External USB 3.0 Hard Disk Case with UASP support hddAdapterUSAP=1 @@ -394,10 +435,10 @@ if [ "$1" = "status" ]; then do devMounted=$(lsblk -o MOUNTPOINT,NAME | grep "$disk" | grep -c "^/") # is raid candidate when not mounted and not the data drive candidate (hdd/ssd) - if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${hdd}" != "" ]; then + if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${hdd}" != "" ] && [ "${disk}" != "" ]; then sizeBytes=$(lsblk -o NAME,SIZE -b | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2) sizeGigaBytes=$(echo "scale=0; ${sizeBytes}/1024/1024/1024" | bc -l) - vedorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2) + vedorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2 | sed 's/[^a-zA-Z0-9]//g') mountoption="${disk} ${sizeGigaBytes} GB ${vedorname}" echo "raidCandidate[${drivecounter}]='${mountoption}'" drivecounter=$(($drivecounter +1)) @@ -642,6 +683,7 @@ if [ "$1" = "format" ]; then >&2 echo "# waiting until formatted drives gets available" sleep 2 sync + sudo parted -l loopdone=$(lsblk -o NAME,LABEL | grep -c BLITZDATA) loopcount=$(($loopcount +1)) if [ ${loopcount} -gt 60 ]; then @@ -682,6 +724,7 @@ if [ "$1" = "format" ]; then >&2 echo "# waiting until formatted drives gets available" sleep 2 sync + sudo parted -l loopdone=$(lsblk -o NAME,LABEL | grep -c BLITZSTORAGE) loopcount=$(($loopcount +1)) if [ ${loopcount} -gt 60 ]; then @@ -721,6 +764,7 @@ if [ "$1" = "format" ]; then >&2 echo "# waiting until formatted drives gets available" sleep 2 sync + sudo parted -l loopdone=$(lsblk -o NAME,LABEL | grep -c BLITZTEMP) loopcount=$(($loopcount +1)) if [ ${loopcount} -gt 60 ]; then @@ -1174,17 +1218,28 @@ fi if [ "$1" = "tempmount" ]; then + # get HDD status and candidates + source <(/home/admin/config.scripts/blitz.datadrive.sh status) + if [ ${isMounted} -eq 1 ]; then echo "error='already mounted'" exit 1 fi - # get device to temp mount + # get device to temp mount from parameter (optional) hdd=$2 - if [ ${#hdd} -eq 0 ]; then - >&2 echo "# FAIL which device should be temp mounted (e.g. sda)" - >&2 echo "# run 'status' to see device candidates" - echo "error='missing second parameter'" + # automount if no parameter the hddcandinate + if [ "${hdd}" == "" ]; then + if [ "${hddFormat}" != "btrfs" ]; then + hdd="${hddPartitionCandidate}" + else + hdd="${hddCandidate}" + fi + fi + # if still no hdd .. throw error + if [ "${hdd}" == "" ]; then + >&2 echo "# FAIL there is no detected hdd candidate to tempmount" + echo "error='hdd not found'" exit 1 fi @@ -1264,6 +1319,14 @@ if [ "$1" = "tempmount" ]; then fi +if [ "$1" = "unmount" ]; then + sudo umount /mnt/hdd 2>/dev/null + sudo umount /mnt/storage 2>/dev/null + sudo umount /mnt/temp 2>/dev/null + echo "# OK done unmount" + exit 1 +fi + ######################################## # LINKING all directories with ln ######################################## @@ -1482,6 +1545,9 @@ if [ "$1" = "clean" ]; then >&2 echo "# RASPIBLITZ DATA DRIVES - CLEANING" + # get HDD status + source <(/home/admin/config.scripts/blitz.datadrive.sh status) + if [ ${isMounted} -eq 0 ]; then >&2 echo "# FAIL: cannot clean - the drive is not mounted'" echo "error='not mounted'" @@ -1492,9 +1558,9 @@ if [ "$1" = "clean" ]; then sudo apt-get install -y secure-delete 1>/dev/null >&2 echo - >&2 echo "# IMPORTANT: There is no 100% guarantee that sensitive data is completely deleted!" - >&2 echo "# see: https://www.davescomputers.com/securely-deleting-files-solid-state-drive/" - >&2 echo "# see: https://unix.stackexchange.com/questions/62345/securely-delete-files-on-btrfs-filesystem" + >&2 echo "# IMPORTANT: No 100% guarantee that sensitive data is completely deleted!" + # see: https://www.davescomputers.com/securely-deleting-files-solid-state-drive/" + # see: https://unix.stackexchange.com/questions/62345/securely-delete-files-on-btrfs-filesystem" >&2 echo "# --> Dont resell or gift data drive. Destroy physically if needed." >&2 echo @@ -1537,7 +1603,7 @@ if [ "$1" = "clean" ]; then fi # on SSDs never shred # https://www.davescomputers.com/securely-deleting-files-solid-state-drive/ - if [ ${isSSD} -eq 1 ]; then + if [ "${isSSD}" == "1" ]; then whenDeleteSchredd=0 fi @@ -1547,7 +1613,7 @@ if [ "$1" = "clean" ]; then if [ -d "/mnt/hdd/$entry" ]; then if [ ${whenDeleteSchredd} -eq 1 ]; then >&2 echo "# shredding DIR : ${entry}" - sudo srm -r /mnt/hdd/$entry + sudo srm -lr /mnt/hdd/$entry else >&2 echo "# deleting DIR : ${entry}" sudo rm -r /mnt/hdd/$entry @@ -1555,7 +1621,7 @@ if [ "$1" = "clean" ]; then else if [ ${whenDeleteSchredd} -eq 1 ]; then >&2 echo "# shredding FILE : ${entry}" - sudo srm /mnt/hdd/$entry + sudo srm -l /mnt/hdd/$entry else >&2 echo "# deleting FILE : ${entry}" sudo rm /mnt/hdd/$entry @@ -1576,14 +1642,15 @@ if [ "$1" = "clean" ]; then echo "Cleaning Blockchain: ${chain}" # take extra care if wallet.db exists - sudo srm /mnt/hdd/${chain}/wallet.db 2>/dev/null + sudo srm -v /mnt/hdd/${chain}/wallet.db 2>/dev/null - # the rest just delete (keep blocks and chainstate) + # the rest just delete (keep blocks and chainstate and testnet3) for entry in $(ls -A1 /mnt/hdd/${chain} 2>/dev/null) do # sorting file delete=1 - if [ "${entry}" = "blocks" ] || [ "${entry}" = "chainstate" ]; then + if [ "${entry}" = "blocks" ] || [ "${entry}" = "chainstate" ]\ + || [ "${entry}" = "testnet3" ] ; then delete=0 fi # delete or keep @@ -1599,6 +1666,30 @@ if [ "$1" = "clean" ]; then >&2 echo "# keeping: ${entry}" fi done + + # keep blocks and chainstate in testnet3 if exists + if [ -d /mnt/hdd/bitcoin/testnet3 ];then + for entry in $(ls -A1 /mnt/hdd/bitcoin/testnet3 2>/dev/null) + do + # sorting file + delete=1 + if [ "${entry}" = "blocks" ] || [ "${entry}" = "chainstate" ]; then + delete=0 + fi + # delete or keep + if [ ${delete} -eq 1 ]; then + if [ -d "/mnt/hdd/bitcoin/testnet3/$entry" ]; then + >&2 echo "# Deleting DIR : /mnt/hdd/bitcoin/testnet3/${entry}" + sudo rm -r /mnt/hdd/bitcoin/testnet3/$entry + else + >&2 echo "# deleting FILE : /mnt/hdd/bitcoin/testnet3/${entry}" + sudo rm /mnt/hdd/bitcoin/testnet3/$entry + fi + else + >&2 echo "# keeping: ${entry}" + fi + done + fi done fi @@ -1672,5 +1763,43 @@ if [ "$1" = "clean" ]; then fi -echo "error='unknown command'" +######################################## +# UASP-fix +######################################## + +if [ "$1" = "uasp-fix" ]; then + + # get HDD status and if the connected adapter is supports UASP + source <(/home/admin/config.scripts/blitz.datadrive.sh status) + + # check if UASP is already deactivated (on RaspiOS) + # https://www.pragmaticlinux.com/2021/03/fix-for-getting-your-ssd-working-via-usb-3-on-your-raspberry-pi/ + cmdlineExists=$(sudo ls /boot/cmdline.txt 2>/dev/null | grep -c "cmdline.txt") + if [ ${cmdlineExists} -eq 1 ] && [ ${#hddAdapterUSB} -gt 0 ] && [ ${hddAdapterUSAP} -eq 0 ]; then + echo "# Checking for UASP deactivation ..." + usbQuirkActive=$(sudo cat /boot/cmdline.txt | grep -c "usb-storage.quirks=") + usbQuirkDone=$(sudo cat /boot/cmdline.txt | grep -c "usb-storage.quirks=${hddAdapterUSB}:u") + if [ ${usbQuirkActive} -gt 0 ] && [ ${usbQuirkDone} -eq 0 ]; then + # remove old usb-storage.quirks + sudo sed -i "s/usb-storage.quirks=[^ ]* //g" /boot/cmdline.txt + fi + if [ ${usbQuirkDone} -eq 0 ]; then + # add new usb-storage.quirks + sudo sed -i "1s/^/usb-storage.quirks=${hddAdapterUSB}:u /" /boot/cmdline.txt + # go into reboot to activate new setting + echo "# DONE deactivating UASP for ${hddAdapterUSB} ... reboot needed" + echo "neededReboot=1" + else + echo "# Already UASP deactivated for ${hddAdapterUSB}" + echo "neededReboot=0" + fi + else + echo "# Skipping UASP deactivation ... cmdlineExists(${cmdlineExists}) hddAdapterUSB(${hddAdapterUSB}) hddAdapterUSAP(${hddAdapterUSAP})" + echo "neededReboot=0" + fi + + exit 0 +fi + +echo "error='unkown command'" exit 1 diff --git a/home.admin/config.scripts/blitz.debug.sh b/home.admin/config.scripts/blitz.debug.sh new file mode 100755 index 000000000..e5e2131a0 --- /dev/null +++ b/home.admin/config.scripts/blitz.debug.sh @@ -0,0 +1,361 @@ +#!/bin/bash + +# USE THIS SCRIPT FOR BASIC SYSTEM STATUS DEBUG INFO + +# load code software version +source /home/admin/_version.info + +## get basic info (its OK if not set yet) +source /home/admin/raspiblitz.info 2>/dev/null +source /mnt/hdd/raspiblitz.conf 2>/dev/null + +# for old nodes +if [ ${#network} -eq 0 ]; then + echo "backup info: network" + network="bitcoin" + litecoinActive=$(sudo ls /mnt/hdd/litecoin/litecoin.conf | grep -c 'litecoin.conf') + if [ ${litecoinActive} -eq 1 ]; then + network="litecoin" + fi +fi + +# for non final config nodes +if [ ${#chain} -eq 0 ]; then + echo "backup info: chain" + chain="test" + isMainChain=$(sudo cat /mnt/hdd/${network}/${network}.conf 2>/dev/null | grep "testnet=0" -c) + if [ ${isMainChain} -gt 0 ];then + chain="main" + fi +fi + +clear +echo +echo "***************************************************************" +echo "* RASPIBLITZ DEBUG LOGS " +echo "***************************************************************" +echo "blitzversion: ${codeVersion}" +echo "chainnetwork: ${network} / ${chain}" +uptime +echo + +echo "*** SETUPPHASE / BOOTSTRAP ***" +echo "see logs: cat /home/admin/raspiblitz.log" +echo "setupPhase--> ${setupPhase}" +echo "state--> ${state}" +if [ "${setupPhase}" != "done" ]; then + sudo tail -n 20 /home/admin/raspiblitz.log +fi +echo + +echo "*** BACKGROUNDSERVICE ***" +echo "to monitor Background service call: sudo journalctl -f -u background" +echo + +echo "*** BLOCKCHAIN (MAINNET) SYSTEMD STATUS ***" +sudo systemctl status ${network}d -n2 --no-pager +echo +echo "*** LAST BLOCKCHAIN (MAINNET) ERROR LOGS ***" +echo "sudo journalctl -u ${network}d -b --no-pager -n8" +sudo journalctl -u ${network}d -b --no-pager -n8 +cat /home/admin/systemd.blockchain.log | grep "ERROR" | tail -n -2 +echo +echo "*** LAST BLOCKCHAIN (MAINNET) 20 INFO LOGS ***" +echo "sudo tail -n 20 /mnt/hdd/${network}/debug.log" +sudo tail -n 20 /mnt/hdd/${network}${pathAdd}/debug.log +echo + +echo "*** LND (MAINNET) SYSTEMD STATUS ***" +if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ] || [ "${lnd}" == "1" ]; then + sudo systemctl status lnd -n2 --no-pager + echo + echo "*** LAST LND (MAINNET) ERROR LOGS ***" + echo "sudo journalctl -u lnd -b --no-pager -n12" + sudo journalctl -u lnd -b --no-pager -n12 + cat /home/admin/systemd.lightning.log | grep "ERROR" | tail -n -1 + echo + echo "*** LAST 30 LND (MAINNET) INFO LOGS ***" + echo "sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/mainnet/lnd.log" + sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/mainnet/lnd.log +else + echo "- OFF by config -" +fi +echo + +echo "*** C-LIGHTNING (MAINNET) SYSTEMD STATUS ***" +if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ] || [ "${cl}" == "1" ]; then + sudo systemctl status lightningd -n2 --no-pager + echo + echo "*** LAST 30 C-LIGHTNING (MAINNET) INFO LOGS ***" + echo "sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log" + sudo tail -n 30 /home/bitcoin/.lightning/${network}/cl.log +else + echo "- not activated -" +fi +echo + +echo "*** BLOCKCHAIN (TESTNET) SYSTEMD STATUS ***" +if [ "${testnet}" == "on" ] || [ "${testnet}" == "1" ]; then + sudo systemctl status t${network}d -n2 --no-pager + echo + echo "*** LAST BLOCKCHAIN (TESTNET) ERROR LOGS ***" + echo "sudo journalctl -u t${network}d -b --no-pager -n8" + sudo journalctl -u t${network}d -b --no-pager -n8 + echo + echo "*** LAST BLOCKCHAIN (TESTNET) 20 INFO LOGS ***" + echo "sudo tail -n 20 /mnt/hdd/${network}/tdebug.log" + sudo tail -n 20 /mnt/hdd/${network}/tdebug.log + echo +else + echo "- OFF by config -" +fi + +echo "*** LND (TESTNET) SYSTEMD STATUS ***" +if [ "${tlnd}" == "on" ] || [ "${tlnd}" == "1" ]; then + sudo systemctl status tlnd -n2 --no-pager + echo + echo "*** LAST LND (TESTNET) ERROR LOGS ***" + echo "sudo journalctl -u tlnd -b --no-pager -n12" + sudo journalctl -u tlnd -b --no-pager -n12 + echo + echo "*** LAST 30 LND (TESTNET) INFO LOGS ***" + echo "sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/testnet/tnd.log" + sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/testnet/lnd.log +else + echo "- OFF by config -" +fi +echo + +echo "*** C-LIGHTNING (TESTNET) SYSTEMD STATUS ***" +if [ "${tcl}" == "on" ] || [ "${tcl}" == "1" ]; then + sudo systemctl status tlightningd -n2 --no-pager + echo + echo "*** LAST 30 C-LIGHTNING (TESTNET) INFO LOGS ***" + echo "sudo tail -n 30 /home/bitcoin/.lightning/testnet/cl.log" + sudo tail -n 30 /home/bitcoin/.lightning/testnet/cl.log +else + echo "- not activated -" +fi +echo + +echo "*** BLOCKCHAIN (SIGNET) SYSTEMD STATUS ***" +if [ "${signet}" == "on" ] || [ "${signet}" == "1" ]; then + sudo systemctl status s${network}d -n2 --no-pager + echo + echo "*** LAST BLOCKCHAIN (SIGNET) ERROR LOGS ***" + echo "sudo journalctl -u s${network}d -b --no-pager -n8" + sudo journalctl -u s${network}d -b --no-pager -n8 + echo + echo "*** LAST BLOCKCHAIN (SIGNET) 20 INFO LOGS ***" + echo "sudo tail -n 20 /mnt/hdd/${network}/sdebug.log" + sudo tail -n 20 /mnt/hdd/${network}/sdebug.log + echo +else + echo "- OFF by config -" +fi + +echo "*** LND (SIGNET) SYSTEMD STATUS ***" +if [ "${slnd}" == "on" ] || [ "${slnd}" == "1" ]; then + sudo systemctl status slnd -n2 --no-pager + echo + echo "*** LAST LND (SIGNET) ERROR LOGS ***" + echo "sudo journalctl -u slnd -b --no-pager -n12" + sudo journalctl -u slnd -b --no-pager -n12 + echo + echo "*** LAST 30 LND (SIGNET) INFO LOGS ***" + echo "sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/signet/tnd.log" + sudo tail -n 30 /mnt/hdd/lnd/logs/${network}/signet/lnd.log +else + echo "- OFF by config -" +fi +echo + +echo "*** C-LIGHTNING (SIGNET) SYSTEMD STATUS ***" +if [ "${scl}" == "on" ] || [ "${scl}" == "1" ]; then + sudo systemctl status slightningd -n2 --no-pager + echo + echo "*** LAST 30 C-LIGHTNING (SIGNET) INFO LOGS ***" + echo "sudo tail -n 30 /home/bitcoin/.lightning/signet/cl.log" + sudo tail -n 30 /home/bitcoin/.lightning/signet/cl.log +else + echo "- not activated -" +fi +echo + +echo "*** NGINX SYSTEMD STATUS ***" +sudo systemctl status nginx -n2 --no-pager +echo + +echo "*** LAST NGINX LOGS ***" +echo "sudo journalctl -u nginx -b --no-pager -n20" +sudo journalctl -u nginx -b --no-pager -n20 +echo "--> CHECK CONFIG: sudo nginx -t" +sudo nginx -t +echo + +echo "*** BLITZAPI SYSTEMD STATUS ***" +sudo systemctl status blitzapi -n2 --no-pager +echo + +echo "*** LAST BLITZAPI LOGS ***" +echo "sudo journalctl -u blitzapi -b --no-pager -n20" +sudo journalctl -u nginx -b --no-pager -n20 +echo "--> CHECK CONFIG: sudo nginx -t" +sudo nginx -t +echo + +if [ "${touchscreen}" == "" ] || [ "${touchscreen}" == "0" ] || [ "${touchscreen}" == "off" ]; then + echo "- TOUCHSCREEN is OFF by config" +else + echo + echo "*** LAST 20 TOUCHSCREEN LOGS ***" + echo "sudo tail -n 20 /home/pi/.cache/lxsession/LXDE-pi/run.log" + sudo tail -n 20 /home/pi/.cache/lxsession/LXDE-pi/run.log + echo +fi + +if [ "${loop}" == "" ] || [ "${loop}" == "off" ]; then + echo "- Loop is OFF by config" +else + echo + echo "*** LAST 20 LOOP LOGS ***" + echo "sudo journalctl -u loopd -b --no-pager -n20" + sudo journalctl -u loopd -b --no-pager -n20 + echo +fi + + +if [ "${rtlWebinterface}" == "on" ]; then + echo + echo "*** LND-RTL ***" + sudo systemctl status RTL -n10 --no-pager + echo +else + echo "- LND-RTL is OFF by config" +fi + +if [ "${crtlWebinterface}" == "on" ]; then + echo + echo "*** CL-RTL ***" + sudo systemctl status cRTL -n10 --no-pager + echo +else + echo "- CL-RTL is OFF by config" +fi + +if [ "${ElectRS}" == "on" ]; then + echo + echo "*** LAST 20 ElectRS LOGS ***" + echo "sudo journalctl -u electrs -b --no-pager -n20" + sudo journalctl -u electrs -b --no-pager -n20 + echo + echo "*** ElectRS Status ***" + sudo /home/admin/config.scripts/bonus.electrs.sh status + echo +else + echo "- Electrum Rust Server is OFF by config" +fi + +if [ "${lit}" == "on" ]; then + echo + echo "*** LAST 20 LIT LOGS ***" + echo "sudo journalctl -u litd -b --no-pager -n20" + sudo journalctl -u litd -b --no-pager -n20 + echo +else + echo "- LIT is OFF by config" +fi + +if [ "${BTCPayServer}" == "on" ]; then + echo + echo "*** LAST 20 BTCPayServer LOGS ***" + echo "sudo journalctl -u btcpayserver -b --no-pager -n20" + sudo journalctl -u btcpayserver -b --no-pager -n20 + echo +else + echo "- BTCPayServer is OFF by config" +fi + +if [ "${BTCRPCexplorer}" == "on" ]; then + echo + echo "*** LAST 20 BTC-RPC-Explorer LOGS ***" + echo "sudo journalctl -u btc-rpc-explorer -b --no-pager -n20" + sudo journalctl -u btc-rpc-explorer -b --no-pager -n20 + echo +else + echo "- BTC-RPC-Explorer is OFF by config" +fi + +if [ "${LNBits}" == "on" ]; then + echo + echo "*** LAST 20 LNbits LOGS ***" + echo "sudo journalctl -u lnbits -b --no-pager -n20" + sudo journalctl -u lnbits -b --no-pager -n20 + echo +else + echo "- LNbits is OFF by config" +fi + +if [ "${thunderhub}" == "on" ]; then + echo + echo "*** LAST 20 Thunderhub LOGS ***" + echo "sudo journalctl -u thunderhub -b --no-pager -n20" + sudo journalctl -u thunderhub -b --no-pager -n20 + echo +else + echo "- Thunderhub is OFF by config" +fi + +if [ "${specter}" == "on" ]; then + echo + echo "*** LAST 20 SPECTER LOGS ***" + echo "sudo journalctl -u specter -b --no-pager -n20" + sudo journalctl -u specter -b --no-pager -n20 + echo +else + echo "- SPECTER is OFF by config" +fi + +if [ "${sphinxrelay}" == "on" ]; then + echo + echo "*** LAST 20 SPHINX LOGS ***" + echo "sudo journalctl -u sphinxrelay -b --no-pager -n20" + sudo journalctl -u sphinxrelay -b --no-pager -n20 + echo +else + echo "- SPHINX is OFF by config" +fi + +echo +echo "*** MOUNTED DRIVES ***" +df -T -h +echo + +echo +echo "*** DATADRIVE ***" +sudo /home/admin/config.scripts/blitz.datadrive.sh status +echo + +echo "*** NETWORK ***" +sudo /home/admin/config.scripts/internet.sh status | grep 'network_device\|localip\|dhcp' +echo + +echo "*** HARDWARE TEST RESULTS ***" +showImproveInfo=0 +if [ ${#undervoltageReports} -gt 0 ]; then + echo "UndervoltageReports in Logs: ${undervoltageReports}" + if [ ${undervoltageReports} -gt 0 ]; then + showImproveInfo=1 + fi +fi +echo + +echo "*** SYSTEM STATUS (can take some seconds to gather) ***" +sudo /home/admin/config.scripts/blitz.statusscan.sh +echo + +echo "*** OPTION: SHARE THIS DEBUG OUTPUT ***" +echo "An easy way to share this debug output on GitHub or on a support chat" +echo "use the following command and share the resulting link:" +echo "debug | torsocks nc termbin.com 9999" +echo diff --git a/home.admin/XXsyncScripts.sh b/home.admin/config.scripts/blitz.github.sh similarity index 95% rename from home.admin/XXsyncScripts.sh rename to home.admin/config.scripts/blitz.github.sh index 8338ef440..d3b65b3b3 100755 --- a/home.admin/XXsyncScripts.sh +++ b/home.admin/config.scripts/blitz.github.sh @@ -158,14 +158,18 @@ fi echo "# COPYING from GIT-Directory to /home/admin/" sudo rm -r /home/admin/config.scripts -sudo -u admin cp -r -f /home/admin/raspiblitz/home.admin/*.* /home/admin -sudo -u admin cp -r -f /home/admin/raspiblitz/home.admin/assets /home/admin +sudo -u admin cp -r -f /home/admin/raspiblitz/home.admin/* /home/admin +sudo -u admin chmod -R +x /home/admin/config.scripts +sudo -u admin chmod -R +x /home/admin/setup.scripts sudo -u admin chmod +x /home/admin/*.sh -sudo -u admin chmod +x /home/admin/*.py -sudo -u admin chmod +x /home/admin/config.scripts/*.sh -sudo -u admin chmod +x /home/admin/config.scripts/*.py echo "# ******************************************" +echo "# Syncing Webcontent .." +if [ -d /var/www/public ]; then + sudo cp -a /home/admin/assets/nginx/www_public/* /var/www/public + sudo chown www-data:www-data /var/www/public +fi + echo "# Checking if the content of BlitzPy changed .." checkSumBlitzPyAfter=$(find /home/admin/raspiblitz/home.admin/BlitzPy -type f -exec md5sum {} \; | md5sum) echo "# checkSumBlitzPyBefore = ${checkSumBlitzPyBefore}" diff --git a/home.admin/config.scripts/blitz.hardware.sh b/home.admin/config.scripts/blitz.hardware.sh new file mode 100644 index 000000000..dbc30baab --- /dev/null +++ b/home.admin/config.scripts/blitz.hardware.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "Hardware Tool Script" + echo "blitz.hardware.sh [status]" + exit 1 +fi + +######################## +# GATHER HARDWARE INFO +####################### + +# detect known SBCs +board="" +isRaspberryPi4=$(cat /proc/device-tree/model | grep -c "Raspberry Pi 4") +if [ "${isRaspberryPi4}" == "1" ]; then + board="rp4" +fi + +# get how many RAM (in MB) +ramMB=$(awk '/MemTotal/ {printf( "%d\n", $2 / 1024 )}' /proc/meminfo) + +# get how many RAM (in GB - approx) +ramGB=$(awk '/MemTotal/ {printf( "%d\n", $2 / 950000 )}' /proc/meminfo) + +######################## +# OUTPUT HARDWARE INFO +####################### + +if [ "$1" = "status" ]; then + echo "board='${board}'" + echo "ramMB=${ramMB}" + echo "ramGB=${ramGB}" +fi diff --git a/home.admin/config.scripts/blitz.migration.sh b/home.admin/config.scripts/blitz.migration.sh index b85f1080e..757062704 100755 --- a/home.admin/config.scripts/blitz.migration.sh +++ b/home.admin/config.scripts/blitz.migration.sh @@ -1,10 +1,8 @@ #!/bin/bash -# TODO: check if services/apps are running and stop all ... or let them to outside? - if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "# managing the RaspiBlitz data - import, export, backup." - echo "# blitz.migration.sh [status|export|import|export-gui|import-gui|migration-umbrel|migration-mynode]" + echo "# blitz.migration.sh [export|import|export-gui|migration-umbrel|migration-mynode]" echo "error='missing parameters'" exit 1 fi @@ -22,25 +20,23 @@ fi # check if data drive is mounted - other wise cannot operate isMounted=$(sudo df | grep -c /mnt/hdd) -# gathering system info -isBTRFS=$(lsblk -o FSTYPE,MOUNTPOINT | grep /mnt/hdd | awk '$1=$1' | cut -d " " -f 1 | grep -c btrfs) - # set place where zipped TAR file gets stored -defaultZipPath="/mnt/hdd/temp" +defaultUploadPath="/mnt/hdd/temp/migration" # get local ip source <(/home/admin/config.scripts/internet.sh status local) # SCP download and upload links -scpDownloadUnix="scp -r 'bitcoin@${localip}:${defaultZipPath}/raspiblitz-*.tar.gz' ./" -scpDownloadWin="scp -r bitcoin@${localip}:${defaultZipPath}/raspiblitz-*.tar.gz ." -scpUploadUnix="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultZipPath}" -scpUploadWin="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultZipPath}" +scpDownloadUnix="scp -r 'bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz' ./" +scpDownloadWin="scp -r bitcoin@${localip}:${defaultUploadPath}/raspiblitz-*.tar.gz ." +scpUploadUnix="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}" +scpUploadWin="scp -r ./raspiblitz-*.tar.gz bitcoin@${localip}:${defaultUploadPath}" # output status data & exit if [ "$1" = "status" ]; then echo "# RASPIBLITZ Data Import & Export" - echo "isBTRFS=${isBTRFS}" + echo "localip=\"${localip}\"" + echo "defaultUploadPath=\"${defaultUploadPath}\"" echo "scpDownloadUnix=\"${scpDownloadUnix}\"" echo "scpUploadUnix=\"${scpUploadUnix}\"" echo "scpDownloadWin=\"${scpDownloadWin}\"" @@ -72,6 +68,11 @@ migrate_lnd_conf () { # start from fresh configuration template (user will set password B on recovery) sudo cp /home/admin/assets/lnd.bitcoin.conf /mnt/hdd/lnd/lnd.conf sudo sed -i "s/^alias=.*/alias=${nodename}/g" /mnt/hdd/lnd/lnd.conf + + # make sure correct file permisions are set + sudo chown bitcoin:bitcoin /mnt/hdd/lnd/lnd.conf + sudo chmod 664 /mnt/hdd/lnd/lnd.conf + } migrate_raspiblitz_conf () { @@ -93,8 +94,8 @@ migrate_raspiblitz_conf () { echo "lcdrotate=1" >> /home/admin/raspiblitz.conf echo "runBehindTor=on" >> /home/admin/raspiblitz.conf sudo mv /home/admin/raspiblitz.conf /mnt/hdd/raspiblitz.conf - sudo chown root:root /mnt/hdd/raspiblitz.conf - sudo chmod 777 /mnt/hdd/raspiblitz.conf + sudo chown root:sudo /mnt/hdd/raspiblitz.conf + sudo chmod 664 /mnt/hdd/raspiblitz.conf # rename ext4 data drive sudo e2label /dev/sda1 BLOCKCHAIN @@ -108,22 +109,10 @@ if [ "$1" = "migration-umbrel" ]; then source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) - # can only migrate unmounted data disks - if [ "${isMounted}" == "1" ]; then - echo "err='cannot migrate mounted drive'" - exit 1 + # make sure data drive is mounted + if [ "${isMounted}" != "1" ]; then + source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) fi - - # check if the HDD is an umbrel data disk - if [ "${hddGotMigrationData}" == "umbrel" ]; then - echo "# found UMBREL data disk at ${hddPartitionCandidate}" - else - echo "err='not an umbrel disk'" - exit 1 - fi - - # temp mount the data drive - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) if [ "${isMounted}" == "1" ]; then echo "# mounted ${hddPartitionCandidate} to /mnt/hdd" else @@ -189,7 +178,7 @@ if [ "$1" = "migration-umbrel" ]; then # call function for final migration migrate_raspiblitz_conf ${nameNode} - echo "# OK ... data disk converted to RaspiBlitz - reboot with fresh sd card to recover" + echo "# OK ... data disk converted to RaspiBlitz" exit 0 fi @@ -202,22 +191,10 @@ if [ "$1" = "migration-mynode" ]; then source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) - # can only migrate unmounted data disks - if [ "${isMounted}" == "1" ]; then - echo "err='cannot migrate mounted drive'" - exit 1 + # make sure data drive is mounted + if [ "${isMounted}" != "1" ]; then + source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) fi - - # check if the HDD is an umbrel data disk - if [ "${hddGotMigrationData}" == "mynode" ]; then - echo "# found MYNODE data disk at ${hddPartitionCandidate}" - else - echo "err='not an mynode disk'" - exit 1 - fi - - # temp mount the data drive - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) if [ "${isMounted}" == "1" ]; then echo "# mounted ${hddPartitionCandidate} to /mnt/hdd" else @@ -310,23 +287,24 @@ if [ "$1" = "export" ]; then # zip it echo "# Building the Export File (this can take some time) .." - sudo tar -zcvf ${defaultZipPath}/raspiblitz-export-temp.tar.gz -X ~/.exclude.temp /mnt/hdd 1>~/.include.temp 2>/dev/null + sudo mkdir -p ${defaultUploadPath} + sudo tar -zcvf ${defaultUploadPath}/raspiblitz-export-temp.tar.gz -X ~/.exclude.temp /mnt/hdd 1>~/.include.temp 2>/dev/null # get md5 checksum echo "# Building checksum (can take also a while) ..." - md5checksum=$(md5sum ${defaultZipPath}/raspiblitz-export-temp.tar.gz | head -n1 | cut -d " " -f1) + md5checksum=$(md5sum ${defaultUploadPath}/raspiblitz-export-temp.tar.gz | head -n1 | cut -d " " -f1) echo "md5checksum=${md5checksum}" # get byte size - bytesize=$(wc -c ${defaultZipPath}/raspiblitz-export-temp.tar.gz | cut -d " " -f 1) + bytesize=$(wc -c ${defaultUploadPath}/raspiblitz-export-temp.tar.gz | cut -d " " -f 1) echo "bytesize=${bytesize}" # final renaming name="raspiblitz${blitzname}${datestamp}-${md5checksum}.tar.gz" - echo "exportpath='${defaultZipPath}'" + echo "exportpath='${defaultUploadPath}'" echo "filename='${name}'" - sudo mv ${defaultZipPath}/raspiblitz-export-temp.tar.gz ${defaultZipPath}/${name} - sudo chown bitcoin:bitcoin ${defaultZipPath}/${name} + sudo mv ${defaultUploadPath}/raspiblitz-export-temp.tar.gz ${defaultUploadPath}/${name} + sudo chown bitcoin:bitcoin ${defaultUploadPath}/${name} # delete temp files rm ~/.exclude.temp @@ -341,7 +319,7 @@ fi if [ "$1" = "export-gui" ]; then # cleaning old migration files from blitz - sudo rm ${defaultZipPath}/*.tar.gz 2>/dev/null + sudo rm ${defaultUploadPath}/*.tar.gz 2>/dev/null # stopping lnd / bitcoin echo "--> stopping services ..." @@ -351,7 +329,7 @@ if [ "$1" = "export-gui" ]; then # create new migration file clear echo "--> creating blitz migration file ... (please wait)" - source <(sudo /home/admin/config.scripts/blitz.migration.sh "export") + source <(sudo /home/admin/config.scripts/blitz.migration.sh export) if [ ${#filename} -eq 0 ]; then echo "# FAIL: was not able to create migration file" exit 0 @@ -381,7 +359,7 @@ if [ "$1" = "export-gui" ]; then read key echo "Shutting down ...." sleep 4 - /home/admin/XXshutdown.sh + /home/admin/config.scripts/blitz.shutdown.sh exit 0 fi @@ -391,71 +369,29 @@ fi if [ "$1" = "import" ]; then - # check second parameter for path and/or filename of import - importFile="${defaultZipPath}/raspiblitz-*.tar.gz" - if [ ${#2} -gt 0 ]; then - # check if and/or filename of import - containsPath=$(echo $2 | grep -c '/') - if [ ${containsPath} -gt 0 ]; then - startsOnPath=$(echo $2 | grep -c '^/') - if [ ${startsOnPath} -eq 0 ]; then - echo "# needs to be an absolute path: ${2}" - echo "error='invalid path'" - exit 1 - else - if [ -d "$2" ]; then - echo "# using path from parameter to search for import" - endsOnPath=$(echo $2 | grep -c '/$') - if [ ${endsOnPath} -eq 1 ]; then - importFile="${2}raspiblitz-*.tar.gz" - else - importFile="${2}/raspiblitz-*.tar.gz" - fi - else - echo "# using path+file from parameter for import" - importFile=$2 - fi - fi - else - # is just filename - to use with default path - echo "# using file from parameter for import" - importFile="${defaultZipPath}/${2}" - fi - fi - - # checking if file exists and unique - echo "# checking for file with: ${importFile}" - countZips=$(sudo ls ${importFile} 2>/dev/null | grep -c '.tar.gz') - if [ ${countZips} -eq 0 ]; then - echo "# can just find file when ends on .tar.gz and exists" - echo "scpUploadUnix=\"${scpUploadUnix}\"" - echo "scpUploadWin=\"${scpUploadWin}\"" - echo "error='file not found'" + # BACKGROUND: + # the migration import is only called during setup phase - assume a prepared but clean HDD + + # 2nd PARAMETER: file to import (expect that the file was valid checked from calling script) + importFile=$2 + if [ "${importFile}" == "" ]; then + echo "error='filename missing'" exit 1 - elif [ ${countZips} -eq 1 ]; then - importFile=$(sudo ls ${importFile}) - else - echo "# Multiple files found. Not sure which to use." - echo "# Please use absolute-path+file as second parameter." - echo "error='file not unique'" + fi + fileExists=$(sudo ls ${importFile} 2>/dev/null | grep -c "${importFile}") + if [ "${fileExists}" != "1" ]; then + echo "error='filename not found'" exit 1 fi echo "importFile='${importFile}'" - echo "# Validating Checksum (can take some time) .." - md5checksum=$(md5sum ${importFile} | head -n1 | cut -d " " -f1) - isCorrect=$(echo ${importFile} | grep -c ${md5checksum}) - if [ ${isCorrect} -eq 1 ]; then - echo "# OK -> checksum looks good: ${md5checksum}" - else - echo "# FAIL -> Checksum not correct: ${md5checksum}" - echo "# Maybe transfer/upload failed?" - echo "error='bad checksum'" - exit 1 - fi - echo "# Importing (overwrite) (can take some time) .." sudo tar -xf ${importFile} -C / + if [ "$?" != "0" ]; then + echo "error='non zero exit state of unzipping migration file'" + echo "# reboot system ... HDD will offer fresh formating" + exit 1 + fi # copy bitcoin/litecoin data backups back to original places (if part of backup) if [ -d "/mnt/hdd/backup_bitcoin" ]; then @@ -475,197 +411,18 @@ if [ "$1" = "import" ]; then sudo chown bitcoin:bitcoin -R /mnt/storage/litecoin 2>/dev/null fi - echo "# OK done - you may now want to:" - echo "# make sure that HDD is not registered in /etc/fstab & reboot" - echo "# to kickstart recovering system based in imported data" + # check migration + raspiblitzConfExists=$(sudo ls /mnt/hdd/raspiblitz.conf | grep -c "raspiblitz.conf") + if [ "${raspiblitzConfExists}" != "1" ]; then + echo "error='no raspiblitz.conf after unzip migration file'" + echo "# reboot system ... HDD will offer fresh formating" + exit 1 + fi + # correcting all user rights on data will be done by provisioning process + echo "# OK import done - provisioning process needed" exit 0 fi -if [ "$1" = "import-gui" ]; then - - # get info about HDD - echo "# Gathering HDD/SSD info ..." - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) - - # make sure HDD/SSD is not mounted - # because importing migration just works during early setup - if [ ${isMounted} -eq 1 ]; then - echo "FAIL --> cannot import migration data when HDD/SSD is mounted" - exit 1 - fi - - # make sure a HDD/SSD is connected - if [ ${#hddCandidate} -eq 0 ]; then - echo "FAIL --> there is no HDD/SSD connected to migrate data to" - exit 1 - fi - - # check if HDD/SSD is big enough - if [ ${hddGigaBytes} -lt 120 ]; then - echo "FAIL --> connected HDD/SSD is too small" - exit 1 - fi - - # ask format for new HDD/SSD - OPTIONS=() - # check if HDD/SSD contains Bitcoin Blockchain - if [ "${hddBlocksBitcoin}" == "1" ]; then - OPTIONS+=(KEEP "Dont format & use Blockchain") - fi - OPTIONS+=(EXT4 "Ext4 & 1 Partition (default)") - OPTIONS+=(BTRFS "BTRFS & 3 Partitions (experimental)") - - useBlockchain=0 - hddFormat=None - CHOICE=$(whiptail --clear --title "Formatting ${hddCandidate}" --menu "" 10 52 3 "${OPTIONS[@]}" 2>&1 >/dev/tty) - clear - case $CHOICE in - EXT4) - hddFormat=ext4 - echo "EXT4 FORMAT -->" - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh format ext4 ${hddPartitionCandidate}) - if [ ${#error} -gt 0 ]; then - echo "FAIL --> ${error}" - exit 1 - fi - ;; - BTRFS) - hddFormat=btrfs - echo "BTRFS FORMAT" - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh format btrfs ${hddCandidate}) - if [ ${#error} -gt 0 ]; then - echo "FAIL --> ${error}" - exit 1 - fi - ;; - KEEP) - echo "Keep HDD & Blockchain" - useBlockchain=1 - ;; - *) - echo "CANCEL" - exit 0 - ;; - esac - - if [ ${useBlockchain} -eq 1 ]; then - if [ ${isBTRFS} -eq 1 ]; then - hddFormat=btrfs - else - hddFormat=ext4 - fi - fi - - # now temp mount the HDD/SSD - if [ "$hddFormat" == "btrfs" ]; then - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddCandidate}) - else - source <(sudo /home/admin/config.scripts/blitz.datadrive.sh tempmount ${hddPartitionCandidate}) - fi - if [ ${#error} -gt 0 ]; then - echo "FAIL: Was not able to temp mount the HDD/SSD --> ${error}" - exit 1 - fi - - # make sure all directories are properly linked - sudo /home/admin/config.scripts/blitz.datadrive.sh link - - # make sure that temp directory exists and can be written by admin - sudo mkdir -p ${defaultZipPath} - sudo chmod 777 -R ${defaultZipPath} - - clear - echo - echo "*****************************" - echo "* UPLOAD THE MIGRATION FILE *" - echo "*****************************" - echo "If you have a migration file on your laptop you can now" - echo "upload it and restore on the new HDD/SSD." - echo - echo "ON YOUR LAPTOP open a new terminal and change into" - echo "the directory where your migration file is and" - echo "COPY, PASTE AND EXECUTE THE FOLLOWING COMMAND:" - echo "scp -r ./raspiblitz-*.tar.gz admin@${localip}:${defaultZipPath}" - echo "" - echo "Use password 'raspiblitz' to authenticate file transfer." - echo "PRESS ENTER when upload is done." - read key - - countZips=$(sudo ls ${defaultZipPath}/raspiblitz-*.tar.gz 2>/dev/null | grep -c 'raspiblitz-') - - # in case no upload found - if [ ${countZips} -eq 0 ]; then - echo - echo "FAIL: Was not able to detect uploaded file in ${defaultZipPath}" - echo "error='no file found'" - sleep 3 - exit 1 - fi - - # in case of multiple files - if [ ${countZips} -gt 1 ]; then - echo - echo "# FAIL: Multiple possible files detected in ${defaultZipPath}" - echo "error='multiple files'" - sleep 3 - exit 1 - fi - - # restore upload - echo - echo "OK: Upload found in ${defaultZipPath} - restoring data ... (please wait)" - source <(sudo /home/admin/config.scripts/blitz.migration.sh "import") - if [ ${#error} -gt 0 ]; then - echo - echo "# FAIL: Was not able to restore data" - echo "error='${error}'" - sleep 3 - exit 1 - fi - - # check & load config - source /mnt/hdd/raspiblitz.conf - if [ ${#network} -eq 0 ]; then - echo - echo "FAIL: No raspiblitz.conf found after migration restore" - echo "error='migration contains no raspiblitz.conf'" - sleep 3 - exit 1 - fi - - echo - echo "OK: Migration data was imported" - echo "PRESS ENTER" - read key - - # Copy from other computer is only option for Bitcoin - if [ "${network}" == "bitcoin" ] && [ ${useBlockchain} -eq 0 ]; then - OPTIONS=(SYNC "Re-Sync & Validate Blockchain" \ - COPY "Copy over LAN from other Computer" - ) - CHOICE=$(whiptail --clear --title "How to get Blockchain?" --menu "" 9 52 2 "${OPTIONS[@]}" 2>&1 >/dev/tty) - clear - case $CHOICE in - COPY) - echo "Copy Blockchain Data -->" - /home/admin/50copyHDD.sh stop-after-script - ;; - esac - fi - - # if there is no blockchain yet - fallback to syncing - if [ $(sudo ls /mnt/hdd/bitcoin/ 2>/dev/null | grep -c blocks) -eq 0 ]; then - echo "Setting Blockchain Data to resync ..." - sudo -u bitcoin mkdir /mnt/hdd/${network}/blocks 2>/dev/null - sudo -u bitcoin mkdir /mnt/hdd/${network}/chainstate 2>/dev/null - sudo -u bitcoin touch /mnt/hdd/${network}/blocks/.selfsync - fi - - echo "--> Now rebooting and kicking your node in to recovery/update mode ..." - sudo shutdown -r now - exit 0 -fi - -echo "error='unknown command'" +echo "error='unkown command'" exit 1 diff --git a/home.admin/config.scripts/blitz.mnemonic.py b/home.admin/config.scripts/blitz.mnemonic.py new file mode 100755 index 000000000..57529659f --- /dev/null +++ b/home.admin/config.scripts/blitz.mnemonic.py @@ -0,0 +1,63 @@ +#!/usr/bin/python3 + +import sys +from mnemonic import Mnemonic + +# display config script info +if len(sys.argv) <= 1 or sys.argv[1] == "-h" or sys.argv[1] == "help": + print("tool for seed words") + print("blitz.mnemonic.py generate") + print("blitz.mnemonic.py test \"[SEEDWORDS-SPACE-SEPERATED]\"") + sys.exit(1) + +def dump(obj): + for attr in dir(obj): + print("obj.%s = %r" % (attr, getattr(obj, attr))) + +####################### +# GENERATE SEED WORDS +####################### +def generate(): + + mnemo = Mnemonic("english") + seedwords = mnemo.generate(strength=256) + + print("seedwords='" + seedwords + "'") + + # add a 6x4 formatted version to the output + wordlist = list(seedwords.split(" ")) + seed_words_6x4 = "" + for i in range(0, len(wordlist)): + if i % 6 == 0 and i != 0: + seed_words_6x4 = seed_words_6x4 + "\n" + single_word = str(i + 1) + ":" + wordlist[i] + while len(single_word) < 12: + single_word = single_word + " " + seed_words_6x4 = seed_words_6x4 + single_word + print("seedwords6x4='" + seed_words_6x4 + "'") + + +####################### +# TEST SEED WORDS +####################### +def test(words): + + mnemo = Mnemonic("english") + if mnemo.check(words): + print("valid=1") + else: + print("valid=0") + +def main(): + if sys.argv[1] == "generate": + generate() + + elif sys.argv[1] == "test": + test(sys.argv[2]) + + else: + # UNKNOWN PARAMETER + print("error='unknown parameter'") + +if __name__ == '__main__': + main() \ No newline at end of file diff --git a/home.admin/config.scripts/blitz.notify.sh b/home.admin/config.scripts/blitz.notify.sh index d474641a5..61eb7c162 100755 --- a/home.admin/config.scripts/blitz.notify.sh +++ b/home.admin/config.scripts/blitz.notify.sh @@ -79,33 +79,33 @@ source /mnt/hdd/raspiblitz.conf 2>/dev/null if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "switching the NOTIFY ON" - # install sstmp if not already present - if ! command -v ssmtp >/dev/null; then + # install mstmp if not already present + if ! command -v msmtp >/dev/null; then [ -z "$(find -H /var/lib/apt/lists -maxdepth 0 -mtime -7)" ] && sudo apt-get update - sudo apt-get install -y ssmtp + sudo apt-get install -y msmtp fi # install python lib for smime into virtual env sudo -H /usr/bin/python3 -m pip install smime # write ssmtp config - cat << EOF | sudo tee /etc/ssmtp/ssmtp.conf >/dev/null -# -# Config file for sSMTP sendmail -# -# The person who gets all mail for userids < 1000 -# Make this empty to disable rewriting. -Root=${notifyMailTo} + cat << EOF | sudo tee /etc/msmtprc >/dev/null +# Set default values for all following accounts. +defaults +port 587 +tls on +tls_trust_file /etc/ssl/certs/ca-certificates.crt -# hostname of this system -Hostname=${notifyMailHostname} +account mail +host ${notifyMailServer} +from ${notifyMailFromAddress} +auth on +user ${notifyMailUser} +password ${notifyMailPass} + +# Set a default account +account default : mail -# relay/smarthost server settings -Mailhub=${notifyMailServer} -AuthUser=${notifyMailUser} -AuthPass=${notifyMailPass} -UseSTARTTLS=YES -FromLineOverride=YES EOF # edit raspi blitz config @@ -137,22 +137,22 @@ if [ "$1" = "send" ]; then exit 1 fi - if ! command -v ssmtp >/dev/null; then + if ! command -v msmtp >/dev/null; then echo "please run \"on\" first" exit 1 fi # now parse settings from config and use to send the message if [ "${notifyMethod}" = "ext" ]; then - /usr/bin/python3 /home/admin/XXsendNotification.py ext ${notifyExtCmd} "$2" + /usr/bin/python3 /home/admin/config.scripts/blitz.sendnotification.py ext ${notifyExtCmd} "$2" elif [ "${notifyMethod}" = "mail" ]; then if [ "${notifyMailEncrypt}" = "on" ]; then - /usr/bin/python3 /home/admin/XXsendNotification.py mail --from-address "${notifyMailFromAddress}" --from-name "${notifyMailFromName}" --cert "${notifyMailToCert}" --encrypt ${notifyMailTo} "${@:3}" "$2" + /usr/bin/python3 /home/admin/config.scripts/blitz.sendnotification.py mail --from-address "${notifyMailFromAddress}" --from-name "${notifyMailFromName}" --cert "${notifyMailToCert}" --encrypt ${notifyMailTo} "${@:3}" "$2" else - /usr/bin/python3 /home/admin/XXsendNotification.py mail --from-address "${notifyMailFromAddress}" --from-name "${notifyMailFromName}" "${notifyMailTo}" "${@:3}" "$2" + /usr/bin/python3 /home/admin/config.scripts/blitz.sendnotification.py mail --from-address "${notifyMailFromAddress}" --from-name "${notifyMailFromName}" "${notifyMailTo}" "${@:3}" "$2" fi elif [ "${notifyMethod}" = "slack" ]; then - /usr/bin/python3 /home/admin/XXsendNotification.py slack -h "$2" + /usr/bin/python3 /home/admin/config.scripts/blitz.sendnotification.py slack -h "$2" else echo "unknown notification method - check /mnt/hdd/raspiblitz.conf" fi diff --git a/home.admin/XXprepareRelease.sh b/home.admin/config.scripts/blitz.preparerelease.sh similarity index 70% rename from home.admin/XXprepareRelease.sh rename to home.admin/config.scripts/blitz.preparerelease.sh index 38e9840f9..706cd78dc 100755 --- a/home.admin/XXprepareRelease.sh +++ b/home.admin/config.scripts/blitz.preparerelease.sh @@ -3,7 +3,18 @@ # Just run this script once after a fresh sd card build # to prepare the image for release as a downloadable sd card image +# raspiblitz.info & logs +echo "cleaning raspiblitz info .." +source /home/admin/raspiblitz.info +echo "baseimage=${baseimage}" > /home/admin/raspiblitz.info +echo "cpu=${cpu}" >> /home/admin/raspiblitz.info +echo "displayClass=${displayClass}" >> /home/admin/raspiblitz.info +echo "deleting raspiblitz logs .." +sudo rm /home/admin/*.log +echo "OK" + # SSH Pubkeys (make unique for every sd card image install) +echo "" echo "deleting SSH Pub keys ..." echo "they will get recreated on fresh bootup, by _bootstrap.sh service" sudo rm /etc/ssh/ssh_host_* diff --git a/home.admin/XXsendNotification.py b/home.admin/config.scripts/blitz.sendnotification.py similarity index 95% rename from home.admin/XXsendNotification.py rename to home.admin/config.scripts/blitz.sendnotification.py index 808f2ed69..27feede23 100755 --- a/home.admin/XXsendNotification.py +++ b/home.admin/config.scripts/blitz.sendnotification.py @@ -11,7 +11,7 @@ try: except ImportError: raise ImportError("Please install missing package: python3 -m pip install smime") -SSMTP_BIN = "/usr/sbin/ssmtp" +SMTP_BIN = "/usr/bin/msmtp" def main(): @@ -107,7 +107,7 @@ def mail(recipient: str = None, message: str = None, subject: str = None, cert: 'From: {} <{}>'.format(from_name, from_address), "Subject: {}".format(subject), "", - "{}".format(message.encode('utf8')) + "{}".format(message) ] with open(cert, 'rb') as pem: @@ -126,11 +126,11 @@ def mail(recipient: str = None, message: str = None, subject: str = None, cert: msg_to_send = msg.as_bytes() # send message via e-Mail - if not os.path.exists(SSMTP_BIN): - raise Exception("File not found: {}".format(SSMTP_BIN)) + if not os.path.exists(SMTP_BIN): + raise Exception("File not found: {}".format(SMTP_BIN)) try: - cmd = [SSMTP_BIN, recipient] + cmd = [SMTP_BIN, recipient] subprocess.run(cmd, input=msg_to_send, stderr=subprocess.STDOUT) except subprocess.CalledProcessError as err: diff --git a/home.admin/config.scripts/blitz.setconf.sh b/home.admin/config.scripts/blitz.setconf.sh index 02b37450d..6591e4104 100644 --- a/home.admin/config.scripts/blitz.setconf.sh +++ b/home.admin/config.scripts/blitz.setconf.sh @@ -11,12 +11,12 @@ else echo "Opening $EDITFILE" fi +# trap to delete on any exit +trap 'rm -f $conf' EXIT + # temp conf conf=$(mktemp -p /dev/shm/) -# trap it -trap 'rm -f $conf' 0 1 2 5 15 - dialog \ --title "Editing the $EDITFILE" \ --editbox "$EDITFILE" 200 200 2> "$conf" diff --git a/home.admin/config.scripts/blitz.setpassword.sh b/home.admin/config.scripts/blitz.setpassword.sh index b95047e89..b7317aa32 100755 --- a/home.admin/config.scripts/blitz.setpassword.sh +++ b/home.admin/config.scripts/blitz.setpassword.sh @@ -4,7 +4,7 @@ if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "small config script to set a passwords A,B,C & D" echo "blitz.setpassword.sh a [?newpassword] " -echo "blitz.setpassword.sh b [?newpassword] " + echo "blitz.setpassword.sh b [?newpassword] " echo "blitz.setpassword.sh c [?oldpassword] [?newpassword] " echo "or just as a password enter dialog (result as file)" echo "blitz.setpassword.sh [x] [text] [result-file] [?empty-allowed]" @@ -17,6 +17,9 @@ if [ "$EUID" -ne 0 ] exit fi +# trap to delete on any exit +trap 'rm -f $_temp' EXIT + # tempfile _temp=$(mktemp -p /dev/shm/) @@ -39,9 +42,14 @@ OPTIONS=() if [ ${#abcd} -eq 0 ]; then reboot=1; emptyAllowed=1 - OPTIONS+=(A "Master User Password / SSH") - OPTIONS+=(B "RPC Password (blockchain/lnd)") - OPTIONS+=(C "LND Wallet Password") + OPTIONS+=(A "Master Login Password") + OPTIONS+=(B "RPC/App Password") + if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + OPTIONS+=(C "LND Lightning Wallet Password") + fi + if [ "${cl}" == "on" ] && [ "${clEncryptedHSM}" == "on" ]; then + OPTIONS+=(CL "C-Lightning Wallet Password") + fi CHOICE=$(dialog --clear \ --backtitle "RaspiBlitz" \ --title "Set Password" \ @@ -63,15 +71,15 @@ if [ ${#abcd} -eq 0 ]; then D) abcd='d'; ;; + CL) + abcd='cl'; + ;; *) - exit 1 + exit 0 ;; esac fi -echo "Changing Password ${abcd} ..." -echo "" - ############################ # PASSWORD A if [ "${abcd}" = "a" ]; then @@ -89,7 +97,7 @@ if [ "${abcd}" = "a" ]; then echo "CANCEL not possible" sleep 2 else - exit 1 + exit 0 fi fi @@ -100,7 +108,7 @@ if [ "${abcd}" = "a" ]; then echo "CANCEL not possible" sleep 2 else - exit 1 + exit 0 fi fi @@ -108,14 +116,14 @@ if [ "${abcd}" = "a" ]; then if [ "${password1}" != "${password2}" ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Passwords dont Match\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh a - exit 1 + exit 0 fi # password zero if [ ${#password1} -eq 0 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password cannot be empty\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh a - exit 1 + exit 0 fi # check that password does not contain bad characters @@ -123,14 +131,14 @@ if [ "${abcd}" = "a" ]; then if [ ${#clearedResult} != ${#password1} ] || [ ${#clearedResult} -eq 0 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Contains bad characters (spaces, special chars)\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh a - exit 1 + exit 0 fi # password longer than 8 if [ ${#password1} -lt 8 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password length under 8\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh a - exit 1 + exit 0 fi # use entered password now as parameter @@ -165,7 +173,7 @@ elif [ "${abcd}" = "b" ]; then echo "CANCEL not possible" sleep 2 else - exit 1 + exit 0 fi fi @@ -176,7 +184,7 @@ elif [ "${abcd}" = "b" ]; then echo "CANCEL not possible" sleep 2 else - exit 1 + exit 0 fi fi @@ -184,14 +192,14 @@ elif [ "${abcd}" = "b" ]; then if [ "${password1}" != "${password2}" ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Passwords dont Match\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh b - exit 1 + exit 0 fi # password zero if [ ${#password1} -eq 0 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password cannot be empty\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh b - exit 1 + exit 0 fi # check that password does not contain bad characters @@ -199,14 +207,14 @@ elif [ "${abcd}" = "b" ]; then if [ ${#clearedResult} != ${#password1} ] || [ ${#clearedResult} -eq 0 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Contains bad characters (spaces, special chars)\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh b - exit 1 + exit 0 fi # password longer than 8 if [ ${#password1} -lt 8 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password length under 8\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh b - exit 1 + exit 0 fi # use entered password now as parameter @@ -333,7 +341,7 @@ elif [ "${abcd}" = "c" ]; then if [ ${#newPassword} -lt 8 ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Password length under 8" 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh c ${oldPassword} - exit 1 + exit 0 fi # ask user to retype new password c @@ -363,27 +371,14 @@ elif [ "${abcd}" = "c" ]; then sleep 2 err="" - source <(sudo /home/admin/config.scripts/lnd.initwallet.py change-password $oldPassword $newPassword) + source <(sudo /home/admin/config.scripts/lnd.initwallet.py change-password mainnet $oldPassword $newPassword) if [ "${err}" != "" ]; then dialog --backtitle "RaspiBlitz - Setup" --msgbox "FAIL -> Was not able to change password\n\n${err}\n${errMore}" 10 52 clear echo "# FAIL: Was not able to change password" - exit 1 + exit 0 fi - # old manual way - # clear - # echo "" - # echo "****************************************************************************" - # echo "Change LND Wallet Password --> lncli --chain=${network} --network=${chain}net changepassword" - # echo "****************************************************************************" - # echo "This is your Password C on the RaspiBlitz to unlock your LND wallet." - # echo "If you had Auto-Unlock active - you need to re-activate after this." - # echo "****************************************************************************" - # sleep 6 - # let LND-CLI handle the password change - # sudo -u bitcoin lncli --chain=${network} --network=${chain}net changepassword - # final user output echo "" echo "OK" @@ -415,7 +410,7 @@ elif [ "${abcd}" = "x" ]; then if [ "${password1}" != "${password2}" ]; then dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Passwords dont Match\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4" - exit 1 + exit 0 fi if [ ${emptyAllowed} -eq 0 ]; then @@ -424,7 +419,7 @@ elif [ "${abcd}" = "x" ]; then if [ ${#password1} -eq 0 ]; then dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Password cannot be empty\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4" - exit 1 + exit 0 fi # check that password does not contain bad characters @@ -432,31 +427,36 @@ elif [ "${abcd}" = "x" ]; then if [ ${#clearedResult} != ${#password1} ] || [ ${#clearedResult} -eq 0 ]; then dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Contains bad characters (spaces, special chars)\nPlease try again ..." 6 62 sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4" - exit 1 + exit 0 fi # password longer than 8 if [ ${#password1} -lt 8 ]; then dialog --backtitle "RaspiBlitz" --msgbox "FAIL -> Password length under 8\nPlease try again ..." 6 52 sudo /home/admin/config.scripts/blitz.setpassword.sh x "$2" "$3" "$4" - exit 1 + exit 0 fi fi # store result is file echo "${password1}" > ${resultFile} - + +elif [ "${abcd}" = "cl" ]; then + /home/admin/config.scripts/cl.hsmtool.sh change-password mainnet + # do not reboot for cl password + reboot=0 + # everything else else echo "FAIL: there is no password '${abcd}' (reminder: use lower case)" - exit 1 + exit 0 fi # when started with menu ... reboot when done if [ "${reboot}" == "1" ]; then echo "Now rebooting to activate changes ..." - sudo /home/admin/XXshutdown.sh reboot + sudo /home/admin/config.scripts/blitz.shutdown.sh reboot else echo "..." fi diff --git a/home.admin/XXshutdown.sh b/home.admin/config.scripts/blitz.shutdown.sh similarity index 68% rename from home.admin/XXshutdown.sh rename to home.admin/config.scripts/blitz.shutdown.sh index da13ec874..253b7b9db 100755 --- a/home.admin/XXshutdown.sh +++ b/home.admin/config.scripts/blitz.shutdown.sh @@ -1,5 +1,5 @@ #!/bin/bash -# for reboot call: sudo /home/admin/XXshutdown.sh reboot +# for reboot call: sudo /home/admin/config.scripts/blitz.shutdown.sh reboot # use this script instead of direct shutdown command to: # 1) give UI the info that a reboot/shutdown is now happening @@ -17,12 +17,12 @@ fi # display info echo "" -echo "LCD turns white when shutdown complete." +echo "Green activity light stays dark and LCD turns white when shutdown complete." if [ "$1" = "reboot" ]; then shutdownParams="-h -r now" echo "It will then reboot again automatically." sed -i "s/^state=.*/state=reboot/g" ${infoFile} - sed -i "s/^message=.*/message=''/g" ${infoFile} + sed -i "s/^message=.*/message='$2'/g" ${infoFile} else shutdownParams="-h now" echo "Then wait 5 seconds and disconnect power." @@ -32,28 +32,35 @@ fi # do shutdown/reboot echo "-----------------------------------------------" +sleep 3 # stopping electRS (if installed) echo "stop electrs - please wait .." sudo systemctl stop electrs 2>/dev/null -# stopping lnd -echo "stop lnd - please wait .." +# stopping lightning +echo "stop lightning - please wait .." sudo systemctl stop lnd 2>/dev/null +sudo systemctl stop lightningd 2>/dev/null +sudo systemctl stop tlnd 2>/dev/null +sudo systemctl stop tlightningd 2>/dev/null +sudo systemctl stop slnd 2>/dev/null +sudo systemctl stop slightningd 2>/dev/null # stopping bitcoin (thru cli) echo "stop ${network}d (1) - please wait .." -sudo -u bitcoin ${network}-cli stop 2>/dev/null -sleep 10 +timeout 10 sudo -u bitcoin ${network}-cli stop 2>/dev/null # stopping bitcoind (thru systemd) echo "stop ${network}d (2) - please wait .." sudo systemctl stop ${network}d 2>/dev/null +sudo systemctl stop t${network}d 2>/dev/null +sudo systemctl stop s${network}d 2>/dev/null sleep 3 # make sure drives are synced before shutdown source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) -if [ ${isBTRFS} -eq 1 ] && [ ${isMounted} -eq 1 ]; then +if [ "${isBTRFS}" == "1" ] && [ "${isMounted}" == "1" ]; then echo "STARTING BTRFS RAID DATA CHECK ..." sudo btrfs scrub start /mnt/hdd/ fi @@ -61,4 +68,4 @@ sync echo "starting shutdown ..." sudo shutdown ${shutdownParams} -exit 0 +exit 0 \ No newline at end of file diff --git a/home.admin/config.scripts/blitz.ssh.sh b/home.admin/config.scripts/blitz.ssh.sh new file mode 100755 index 000000000..87998213d --- /dev/null +++ b/home.admin/config.scripts/blitz.ssh.sh @@ -0,0 +1,143 @@ +#!/usr/bin/env bash + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then + echo "RaspiBlitz SSH tools" + echo "blitz.ssh.sh renew --> renew the sshd host certs" + echo "blitz.ssh.sh clear --> make sure old sshd host certs are cleared" + echo "blitz.ssh.sh checkrepair --> check sshd & repair just in case" + echo "blitz.ssh.sh backup --> copy ssh keys to backup (if exist)" + echo "blitz.ssh.sh restore --> restore ssh keys from backup (if exist)" + exit 1 +fi + +DEFAULTBACKUPBASEDIR="/mnt/hdd" # compiles to /mnt/hdd/ssh + +# check if started with sudo +if [ "$EUID" -ne 0 ]; then + echo "error='missing sudo'" + exit 1 +fi + +################### +# RENEW +################### +if [ "$1" = "renew" ]; then + echo "# *** blitz.ssh.sh renew" + sudo systemctl stop sshd + sudo rm /etc/ssh/ssh_host_* + sudo ssh-keygen -A + sudo dpkg-reconfigure openssh-server + sudo systemctl start sshd + exit 0 +fi + +################### +# CLEAR +################### +if [ "$1" = "clear" ]; then + echo "# *** blitz.ssh.sh clear" + sudo rm /etc/ssh/ssh_host_* + echo "# OK: SSHD keyfiles & possible backups deleted" + exit 0 +fi + +################### +# CHECK & REPAIR +################### +if [ "$1" = "checkrepair" ]; then + echo "# *** blitz.ssh.sh checkrepair" + + # check if sshd host keys are missing / need generation + countKeyFiles=$(ls -la /etc/ssh/ssh_host_* 2>/dev/null | grep -c "/etc/ssh/ssh_host") + echo "# countKeyFiles(${countKeyFiles})" + if [ ${countKeyFiles} -lt 8 ]; then + + echo "# DETECTED: MISSING SSHD KEYFILES --> Generating new ones" + systemctl stop ssh + echo "# ssh-keygen1" + cd /etc/ssh + ssh-keygen -A + systemctl start sshd + sleep 3 + + countKeyFiles=$(ls -la /etc/ssh/ssh_host_* 2>/dev/null | grep -c "/etc/ssh/ssh_host") + echo "# countKeyFiles(${countKeyFiles})" + if [ ${countKeyFiles} -lt 8 ]; then + echo "# FAIL: Was not able to generate new sshd host keys" + else + echo "# OK: New sshd host keys generated" + fi + + fi + + # check if SSHD service is NOT running & active + sshdRunning=$(sudo systemctl status sshd | grep -c "active (running)") + if [ ${sshdRunning} -eq 0 ]; then + echo "# DETECTED: SSHD NOT RUNNING --> Try reconfigure & kickstart again" + sudo dpkg-reconfigure openssh-server + sudo systemctl restart sshd + sleep 3 + fi + + # check that SSHD service is running & active + sshdRunning=$(sudo systemctl status sshd | grep -c "active (running)") + if [ ${sshdRunning} -eq 1 ]; then + echo "# OK: SSHD RUNNING" + fi + + exit 0 +fi + +################### +# BACKUP +################### +if [ "$1" = "backup" ]; then + echo "# *** blitz.ssh.sh backup" + echo "# backup dir: ${DEFAULTBACKUPBASEDIR}/ssh" + + # backup sshd host keys + sudo rm -r $DEFAULTBACKUPBASEDIR/ssh 2>/dev/null # delete backups if exist + sudo cp -r /etc/ssh $DEFAULTBACKUPBASEDIR/ssh 2>/dev/null # copy to backups if exist + + # backup root use ssh keys + sudo rm -r $DEFAULTBACKUPBASEDIR/ssh/root_backup 2>/dev/null + sudo cp -r /root/.ssh $DEFAULTBACKUPBASEDIR/ssh/root_backup 2>/dev/null + + if [ -d "${DEFAULTBACKUPBASEDIR}/ssh" ]; then + echo "# OK - ssh keys backup done" + else + echo "error='ssh keys backup failed - backup location may not exist'" + fi + exit 0 +fi + +################### +# RESTORE +################### +if [ "$1" = "restore" ]; then + echo "# *** blitz.ssh.sh restore" + echo "# backup dir: ${DEFAULTBACKUPBASEDIR}/ssh" + if [ -d "${DEFAULTBACKUPBASEDIR}/ssh" ]; then + + # restore sshd host keys + sudo rm /etc/ssh/* + sudo cp -r $DEFAULTBACKUPBASEDIR/ssh/* /etc/ssh/ + sudo chown -R root:root /etc/ssh + sudo dpkg-reconfigure openssh-server + sudo systemctl restart sshd + + # restore root use keys + sudo rm -r /root/.ssh 2>/dev/null + sudo cp -r $DEFAULTBACKUPBASEDIR/ssh/root_backup /root/.ssh 2>/dev/null + sudo chown -R root:root /root/.ssh 2>/dev/null + + echo "# OK - ssh keys restore done" + else + echo "error='ssh keys backup not found'" + fi + exit 0 +fi + +echo "error='unknown parameter'" +exit 1 diff --git a/home.admin/config.scripts/blitz.statusscan.sh b/home.admin/config.scripts/blitz.statusscan.sh index 381868e7c..74ab0ddc6 100755 --- a/home.admin/config.scripts/blitz.statusscan.sh +++ b/home.admin/config.scripts/blitz.statusscan.sh @@ -1,7 +1,16 @@ #!/bin/bash source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf +source /mnt/hdd/raspiblitz.conf 2>/dev/null + +# LNTYPE is lnd | cl +if [ $# -gt 0 ];then + LNTYPE=$1 +else + LNTYPE=${lightning} +fi + +source <(/home/admin/config.scripts/network.aliases.sh getvars $LNTYPE ${chain}net) # command info if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -12,12 +21,8 @@ fi # measure time of scan startTime=$(date +%s) -# make sure temp folder on HDD is available and fro all usable -sudo mkdir /mnt/hdd/temp 2>/dev/null -sudo chmod 777 -R /mnt/hdd/temp 2>/dev/null - # localIP -localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | egrep -i '(*[eth|ens|enp|eno|wlan|wlp][0-9]$)' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') +localip=$(hostname -I | awk '{print $1}') echo "localIP='${localip}'" # temp - no measurement in a VM @@ -45,11 +50,17 @@ echo "bitcoinActive=${bitcoinRunning}" if [ ${bitcoinRunning} -eq 1 ]; then # get blockchain info - sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 1>/mnt/hdd/temp/.bitcoind.out 2>/mnt/hdd/temp/.bitcoind.error + sudo touch /var/cache/raspiblitz/.bitcoind.out + sudo touch /var/cache/raspiblitz/.bitcoind.error + sudo chown root:sudo /var/cache/raspiblitz/.bitcoind.out + sudo chown root:sudo /var/cache/raspiblitz/.bitcoind.error + sudo chmod 660 /var/cache/raspiblitz/.bitcoind.out + sudo chmod 660 /var/cache/raspiblitz/.bitcoind.error + $bitcoincli_alias getblockchaininfo 1>/var/cache/raspiblitz/.bitcoind.out 2>/var/cache/raspiblitz/.bitcoind.error # check if error on request - blockchaininfo=$(cat /mnt/hdd/temp/.bitcoind.out 2>/dev/null) - bitcoinError=$(cat /mnt/hdd/temp/.bitcoind.error 2>/dev/null) - #rm /mnt/hdd/temp/.bitcoind.error 2>/dev/null + blockchaininfo=$(cat /var/cache/raspiblitz/.bitcoind.out 2>/dev/null) + bitcoinError=$(cat /var/cache/raspiblitz/.bitcoind.error 2>/dev/null) + #rm /var/cache/raspiblitz/.bitcoind.error 2>/dev/null if [ ${#bitcoinError} -gt 0 ]; then bitcoinErrorShort=$(echo ${bitcoinError/error*:/} | sed 's/[^a-zA-Z0-9 ]//g') echo "bitcoinErrorShort='${bitcoinErrorShort}'" @@ -57,6 +68,13 @@ if [ ${bitcoinRunning} -eq 1 ]; then echo "bitcoinErrorFull='${bitcoinErrorFull}'" else + ################################### + # Get data from blockchain network + ################################### + + source <(sudo -u bitcoin /home/admin/config.scripts/network.monitor.sh peer-status) + echo "blockchainPeers=${peers}" + ############################## # Get data from blockchaininfo ############################## @@ -120,19 +138,22 @@ startcountLightning=$(cat /home/admin/systemd.lightning.log 2>/dev/null | grep - echo "startcountLightning=${startcountLightning}" # is LND running -lndRunning=$(systemctl status lnd.service 2>/dev/null | grep -c running) +lndRunning=$(systemctl status ${netprefix}lnd.service 2>/dev/null | grep -c running) echo "lndActive=${lndRunning}" -if [ ${lndRunning} -eq 1 ]; then +if [ ${lndRunning} -eq 1 ] && [ "${LNTYPE}" == "lnd" ]; then # get LND info lndRPCReady=1 - lndinfo=$(sudo -u bitcoin lncli --chain=${network} --network=${chain}net getinfo 2>/mnt/hdd/temp/.lnd.error) - + sudo touch /var/cache/raspiblitz/.lnd.error + sudo chown root:sudo /var/cache/raspiblitz/.lnd.error + sudo chmod 660 /var/cache/raspiblitz/.lnd.error + lndinfo=$($lncli_alias getinfo 2>/var/cache/raspiblitz/.lnd.error) + # check if error on request - lndErrorFull=$(cat /mnt/hdd/temp/.lnd.error 2>/dev/null) + lndErrorFull=$(cat /var/cache/raspiblitz/.lnd.error 2>/dev/null) lndErrorShort='' - #rm /mnt/hdd/temp/.lnd.error 2>/dev/null + #rm /var/cache/raspiblitz/.lnd.error 2>/dev/null if [ ${#lndErrorFull} -gt 0 ]; then @@ -164,6 +185,9 @@ if [ ${lndRunning} -eq 1 ]; then # scan error for walletLocked as common error locked=$(echo ${lndErrorFull} | grep -c 'Wallet is encrypted') + if [ "${locked}" == "0" ]; then + locked=$(echo ${lndErrorFull} | grep -c 'wallet locked') + fi if [ ${locked} -gt 0 ]; then echo "walletLocked=1" else @@ -252,6 +276,32 @@ if [ ${lndRunning} -eq 1 ]; then fi +# is CL running +clRunning=$(systemctl status ${netprefix}lightningd.service 2>/dev/null | grep -c running) +echo "clActive=${clRunning}" +echo "CLwalletLocked=0" + +if [ "${clRunning}" != "1" ] && [ "${LNTYPE}" == "cl" ]; then + # check if locked + if [ "$(sudo journalctl -n5 -u ${netprefix}lightningd | \ + grep -cE 'Could not read pass from stdin|pass the --encrypted-hsm|Wrong password')" -gt 0 ];then + echo "CLwalletLocked=1" + fi +fi + +if [ "${clRunning}" == "1" ] && [ "${LNTYPE}" == "cl" ]; then + clInfo=$($lightningcli_alias getinfo 2>&1) + clBlockHeight=$(echo "${clInfo}" | jq -r '.blockheight' | tr -cd '[[:digit:]]') + scanProgress=$(echo "scale=2; $clBlockHeight*100/$total" | bc) + echo "scanProgress=${scanProgress}" + clBlockHeightPlusOne=$(expr $clBlockHeight + 1) + if [ "${total}" == "${clBlockHeight}" ] || [ "${total}" == "${clBlockHeightPlusOne}" ]; then + echo "syncedToChain=1" + else + echo "syncedToChain=0" + fi +fi + # touchscreen statistics if [ "${touchscreen}" == "1" ]; then echo "blitzTUIActive=1" @@ -265,6 +315,9 @@ else echo "blitzTUIRestarts=0" fi +# check if runnig in vagrant +vagrant=$(df | grep -c "/vagrant") +echo "vagrant=${vagrant}" # check if online if problem with other stuff diff --git a/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py b/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py index 880d32d6f..d7c012477 100755 --- a/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py +++ b/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py @@ -135,13 +135,13 @@ def dynu_update(domain, token, ip): try: print(response.content) data = json.loads(response.content) - apitoken = data["access_token"]; + apitoken = data["access_token"] except Exception as e: raise BlitzError("failed parsing data", response.content, e) if len(apitoken) == 0: raise BlitzError("access_token not found", response.content) print("# apitoken({0})".format(apitoken)) - apitoken = re.sub("[^0-9a-zA-Z]", "", apitoken) + #apitoken = re.sub("[^0-9a-zA-Z]", "", apitoken) print("# cleaning API token:") print("# apitoken({0})".format(apitoken)) @@ -288,6 +288,7 @@ def subscriptions_new(ip, dnsservice, domain, token, target): # run the ACME script print("# Running letsencrypt ACME script ...") + print("# /home/admin/config.scripts/bonus.letsencrypt.sh issue-cert {0} {1} {2} {3}".format(dnsservice, domain, token, target)) acme_result = subprocess.Popen( ["/home/admin/config.scripts/bonus.letsencrypt.sh", "issue-cert", dnsservice, domain, token, target], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, encoding='utf8') @@ -303,6 +304,7 @@ def subscriptions_new(ip, dnsservice, domain, token, target): def subscriptions_cancel(s_id): + print("# subscriptions_cancel(${0})".format(s_id)) os.system("sudo chown admin:admin {0}".format(SUBSCRIPTIONS_FILE)) subs = toml.load(SUBSCRIPTIONS_FILE) new_list = [] @@ -316,6 +318,7 @@ def subscriptions_cancel(s_id): # run the ACME script to remove cert if removed_cert: + print("# /home/admin/config.scripts/bonus.letsencrypt.sh remove-cert {0} {1}".format(removed_cert['id'], removed_cert['target'])) acme_result = subprocess.Popen( ["/home/admin/config.scripts/bonus.letsencrypt.sh", "remove-cert", removed_cert['id'], removed_cert['target']], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, encoding='utf8') @@ -385,7 +388,7 @@ def menu_make_subscription(): # ask user for which RaspiBlitz service the bridge should be used choices = [] choices.append(("DUCKDNS", "Use duckdns.org")) - choices.append(("DYNU", "Use dynu.com")) + #choices.append(("DYNU", "Use dynu.com")) d = Dialog(dialog="dialog", autowidgetsize=True) d.set_background_title("LetsEncrypt Subscription") diff --git a/home.admin/config.scripts/blitz.subscriptions.py b/home.admin/config.scripts/blitz.subscriptions.py index 53368a207..37c524f9e 100755 --- a/home.admin/config.scripts/blitz.subscriptions.py +++ b/home.admin/config.scripts/blitz.subscriptions.py @@ -271,7 +271,7 @@ def main(): The IP2TOR service just makes sense if you run your RaspiBlitz behind TOR. ''', title="Info") - sys.exit(1) + sys.exit(0) os.system("clear") print("please wait ..") @@ -311,8 +311,12 @@ def main(): # check if Sphinx-Relay is installed sphinx_relay = False - status_data = subprocess.run(['/home/admin/config.scripts/bonus.sphinxrelay.sh', 'status'], - stdout=subprocess.PIPE).stdout.decode('utf-8').strip() + try: + status_data = subprocess.run(['/home/admin/config.scripts/bonus.sphinxrelay.sh', 'status'], + stdout=subprocess.PIPE, timeout=10).stdout.decode('utf-8').strip() + except Exception as e: + print(e) + if status_data.find("installed=1") > -1: sphinx_relay = True @@ -405,7 +409,7 @@ def main(): except Exception as e: print(e) time.sleep(3) - sys.exit(1) + sys.exit(0) # run creating a new IP2TOR subscription os.system("clear") diff --git a/home.admin/config.scripts/blitz.upload.sh b/home.admin/config.scripts/blitz.upload.sh new file mode 100644 index 000000000..ae85780ad --- /dev/null +++ b/home.admin/config.scripts/blitz.upload.sh @@ -0,0 +1,143 @@ +#!/bin/bash + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "# use to prepare & check scp or web file upload to RaspiBlitz" + echo "# blitz.upload.sh prepare-upload" + echo "# blitz.upload.sh check-upload ?[scb|lnd-rescue|migration]" + exit 0 +fi + +# get local ip +source <(/home/admin/config.scripts/internet.sh status local) + +# set upload path +if [ -d "/mnt/hdd/temp" ]; then + # HDD with temp directory is connected - the use it + defaultUploadPath="/mnt/hdd/temp/upload" + defaultUploadUser="bitcoin" +else + # fallback if no HDD is connected + defaultUploadPath="/home/bitcoin/temp/upload" + defaultUploadUser="bitcoin" +fi + + +# 1st PRAMETER action +action="$1" + +if [ "${action}" == "prepare-upload" ]; then + + # make sure that temp directory exists, is clear and can be written by ${defaultUploadUser} + sudo mkdir -p ${defaultUploadPath} 2>/dev/null + sudo rm ${defaultUploadPath}/* 2>/dev/null + sudo chown -R ${defaultUploadUser}:${defaultUploadUser} ${defaultUploadPath} 2>/dev/null + + echo "localip='${localip}'" + echo "defaultUploadPath='${defaultUploadPath}'" + echo "defaultUploadUser='${defaultUploadUser}'" + exit 0 +fi + +if [ "${action}" == "check-upload" ]; then + + # 2nd PARAMETER is type of upload (optional) + type=$2 + echo "type='${type}'" + + # check if there to less or to many files in upload directory + countFiles=$(ls ${defaultUploadPath} | wc -l 2>/dev/null) + if [ ${countFiles} -lt 1 ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='not-found'" + exit 1 + fi + if [ ${countFiles} -gt 1 ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='multiple'" + exit 1 + fi + + # get the file uploaded (full path) + filename=$(sudo ls ${defaultUploadPath}/*.*) + echo "# filename(${filename})" + + # check of size >0 + byteSize=$(ls -l ${filename} | awk '{print $5}') + echo "# byteSize(${byteSize})" + if [ "${byteSize}" == "" ] || [ "${byteSize}" == "0" ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='invalid'" + echo "errorDetail='invalid byte size: ${byteSize}'" + exit 1 + fi + + # SCB check if file looks valid + if [ "${type}" == "scb" ]; then + + # general filename check + typeCount=$(sudo ls ${defaultUploadPath}/*.backup 2>/dev/null | grep -c '.backup') + if [ "${typeCount}" != "1" ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='invalid'" + echo "errorDetail='not *.backup'" + exit 1 + fi + fi + + # LND-RESCUE check if file looks valid + if [ "${type}" == "lnd-rescue" ]; then + + # general filename check + typeCount=$(sudo ls ${defaultUploadPath}/lnd-rescue-*.tar.gz 2>/dev/null | grep -c 'lnd-rescue') + if [ "${typeCount}" != "1" ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='invalid'" + echo "errorDetail='not lnd-rescue-*.tar.gz'" + exit 1 + fi + + # checksum test + md5checksum=$(md5sum ${filename} | head -n1 | cut -d " " -f1) + echo "# filename(${md5checksum})" + isCorrect=$(echo ${filename} | grep -c ${md5checksum}) + if [ "${isCorrect}" != "1" ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='invalid'" + echo "errorDetail='incorrect checksum'" + exit 1 + fi + fi + + # MIGRATION check if file looks valid + if [ "${type}" == "migration" ]; then + + # general filename check + typeCount=$(sudo ls ${defaultUploadPath}/raspiblitz-*.tar.gz 2>/dev/null | grep -c 'raspiblitz') + if [ "${typeCount}" != "1" ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='invalid'" + echo "errorDetail='not raspiblitz-*.tar.gz'" + exit 1 + fi + + # checksum test + md5checksum=$(md5sum ${filename} | head -n1 | cut -d " " -f1) + echo "# filename(${md5checksum})" + isCorrect=$(echo ${filename} | grep -c ${md5checksum}) + if [ "${isCorrect}" != "1" ]; then + sudo rm ${defaultUploadPath}/* 2>/dev/null + echo "error='invalid'" + echo "errorDetail='incorrect checksum'" + exit 1 + fi + fi + + # ok looks good - return filename & more info + echo "filename=${filename}" + echo "bytesize=${byteSize}" + exit 0 +fi + +echo "error='unkown parameter'" +exit 1 \ No newline at end of file diff --git a/home.admin/config.scripts/blitz.ups.sh b/home.admin/config.scripts/blitz.ups.sh index db6b9cdfe..12dc0c039 100755 --- a/home.admin/config.scripts/blitz.ups.sh +++ b/home.admin/config.scripts/blitz.ups.sh @@ -1,7 +1,7 @@ #!/bin/bash source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf +source /mnt/hdd/raspiblitz.conf 2>/dev/null # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -44,7 +44,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # some APC UPS were not running stable below 90% Battery - so start shutdown at 95% remaining sudo sed -i "s/^BATTERYLEVEL.*/BATTERYLEVEL 95/g" /etc/apcupsd/apcupsd.conf sudo sed -i "s/^ISCONFIGURED=.*/ISCONFIGURED=yes/g" /etc/default/apcupsd - sudo sed -i "s/^SHUTDOWN=.*/SHUTDOWN=\/home\/admin\/XXshutdown.sh/g" /etc/apcupsd/apccontrol + sudo sed -i "s/^SHUTDOWN=.*/SHUTDOWN=\/home\/admin\/config.scripts\/blitz.shutdown.sh/g" /etc/apcupsd/apccontrol sudo sed -i "s/^WALL=.*/#WALL=wall/g" /etc/apcupsd/apccontrol sudo systemctl enable apcupsd sudo systemctl start apcupsd diff --git a/home.admin/config.scripts/blitz.web.api.sh b/home.admin/config.scripts/blitz.web.api.sh new file mode 100755 index 000000000..c31577dfb --- /dev/null +++ b/home.admin/config.scripts/blitz.web.api.sh @@ -0,0 +1,188 @@ +#!/usr/bin/env bash + +# main repo: https://github.com/fusion44/blitz_api + +# restart the systemd `blitzapi` when credentials of lnd or bitcoind are changeing and it will +# excute the `update-config` automatically before restarting + +# TODO: On sd card install there might be no Bitcoin & Lightning confs - make sure backend runs without + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then + echo "Manage RaspiBlitz Web API" + echo "blitz.web.api.sh on [?GITHUBUSER] [?REPO] [?BRANCH]" + echo "blitz.web.api.sh update-config" + echo "blitz.web.api.sh update-code" + echo "blitz.web.api.sh off" + exit 1 +fi + +DEFAULT_GITHUB_USER="fusion44" +DEFAULT_GITHUB_REPO="blitz_api" +DEFAULT_GITHUB_BRANCH="main" + +################### +# ON / INSTALL +################### +if [ "$1" = "1" ] || [ "$1" = "on" ]; then + + if [ "$2" != "" ]; then + DEFAULT_GITHUB_USER="$2" + fi + + if [ "$3" != "" ]; then + DEFAULT_GITHUB_REPO="$3" + fi + + if [ "$4" != "" ]; then + DEFAULT_GITHUB_BRANCH="$4" + fi + + echo "# INSTALL Web API ..." + sudo apt install -y redis + sudo rm -r /home/admin/blitz_api 2>/dev/null + cd /home/admin + # git clone https://github.com/fusion44/blitz_api.git /home/admin/blitz_api + git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /home/admin/blitz_api + cd blitz_api + git checkout ${DEFAULT_GITHUB_BRANCH} + pip install -r requirements.txt + + # build the config and set unique secret (its OK to be a new secret every install/upadte) + /home/admin/config.scripts/blitz.web.api.sh update-config + secret=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 64 ; echo '') + sed -i "s/^secret=.*/secret=${secret}/g" ./.env + + # prepare systemd service + echo " +[Unit] +Description=BlitzBackendAPI +Wants=network.target +After=network.target + +[Service] +WorkingDirectory=/home/admin/blitz_api +# before every start update the config with latest credentials/settings +ExecStartPre=-/home/admin/config.scripts/blitz.web.api.sh update-config +ExecStart=sudo -u admin /usr/bin/python -m uvicorn app.main:app --port 11111 --host=0.0.0.0 --root-path /api +User=root +Group=root +Type=simple +Restart=always +StandardOutput=journal +StandardError=journal + +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + +[Install] +WantedBy=multi-user.target +" | sudo tee /etc/systemd/system/blitzapi.service + + sudo systemctl enable blitzapi + sudo systemctl start blitzapi + + # TODO: remove after experimental step + sudo ufw allow 11111 comment 'WebAPI Develop' + + # install info + echo "# the API doc should now be available under http://[LOCALHOST]/api/docs or try port 11111 for testing" + echo "# check for systemd: sudo systemctl status blitzapi" + echo "# check for logs: sudo journalctl -f -u blitzapi" + + exit 0 +fi + +################### +# UPDATE CONFIG +################### +if [ "$1" = "update-config" ]; then + + # prepare configs data + source /mnt/hdd/raspiblitz.conf 2>/dev/null + if [ "${network}" = "" ]; then + network="bitcoin" + chain="main" + fi + + cd /home/admin/blitz_api + cp ./.env_sample ./.env + dateStr=$(date) + echo "# Update Web API CONFIG (${dateStr})" + RPCUSER=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcuser | cut -c 9-) + RPCPASS=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-) + if [ "${RPCUSER}" == "" ]; then + RPCUSER="raspibolt" + fi + if [ "${RPCPASS}" == "" ]; then + RPCPASS="passwordB" + fi + sed -i "s/^network=.*/network=mainnet/g" ./.env + sed -i "s/^bitcoind_ip_mainnet=.*/bitcoind_ip_mainnet=127.0.0.1/g" ./.env + sed -i "s/^bitcoind_ip_testnet=.*/bitcoind_ip_testnet=127.0.0.1/g" ./.env + sed -i "s/^bitcoind_user=.*/bitcoind_user=${RPCUSER}/g" ./.env + sed -i "s/^bitcoind_pw=.*/bitcoind_pw=${RPCPASS}/g" ./.env + + # configure LND + if [ "${lightning}" == "lnd" ]; then + + echo "# CONFIG Web API Lightning --> LND" + tlsCert=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/tls.cert) + adminMacaroon=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/bitcoin/mainnet/admin.macaroon) + sed -i "s/^ln_node=.*/ln_node=lnd/g" ./.env + sed -i "s/^lnd_grpc_ip=.*/lnd_grpc_ip=127.0.0.1/g" ./.env + sed -i "s/^lnd_macaroon=.*/lnd_macaroon=${adminMacaroon}/g" ./.env + sed -i "s/^lnd_cert=.*/lnd_cert=${tlsCert}/g" ./.env + + # configure CL + elif [ "${lightning}" == "cl" ]; then + + echo "# CONFIG Web API Lightning --> CL" + sed -i "s/^ln_node=.*/ln_node=cl/g" ./.env + + # TODO: ADD C-Lightning config as soon as available + echo "# MISSING CL CONFIG YET" + + else + echo "# CONFIG Web API Lightning --> OFF" + sed -i "s/^ln_node=.*/ln_node=/g" ./.env + fi + + echo "# '.env' config updates - blitzapi maybe needs to be restarted" + exit 0 + +fi + +################### +# UPDATE CODE +################### +if [ "$1" = "update-code" ]; then + + echo "# Update Web API CODE" + sudo systemctl stop blitzapi + cd /home/admin/blitz_api + git fetch + git pull + pip install -r requirements.txt + sudo systemctl start blitzapi + echo "# blitzapi updates and restarted" + exit 0 + +fi + +################### +# OFF / UNINSTALL +################### +if [ "$1" = "0" ] || [ "$1" = "off" ]; then + + echo "# UNINSTALL Web API" + sudo systemctl stop blitzapi + sudo systemctl disable blitzapi + sudo rm /etc/systemd/system/blitzapi.service + sudo rm -r /home/admin/blitz_api + exit 0 + +fi diff --git a/home.admin/config.scripts/blitz.web.sh b/home.admin/config.scripts/blitz.web.sh index 6d3f46458..fc42418d6 100755 --- a/home.admin/config.scripts/blitz.web.sh +++ b/home.admin/config.scripts/blitz.web.sh @@ -1,5 +1,7 @@ #!/usr/bin/env bash +# TODO: later on this script will be run on build sdcard - make sure that the self-signed tls cert get created fresh on every new RaspiBlitz + source /mnt/hdd/raspiblitz.conf # command info @@ -8,98 +10,9 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; printf "blitz.web.sh check \t\tprint operational nginx listen status (lsof)\n" printf "blitz.web.sh on \t\tturn on\n" printf "blitz.web.sh off \t\tturn off\n" - printf "blitz.web.sh listen localhost \tset port 443 to localhost only\n" - printf "blitz.web.sh listen any \tset port 443 to any\n" exit 1 fi -# using ${APOST} is a workaround to be able to use sed with ' -APOST=\' # close tag for linters: ' - - -################### -# FUNCTIONS -################### -function set_nginx_blitzweb_listen() { - # first parameter to function should be either "localhost" or "any" - listen_to=${1} - - if [ -f "/etc/nginx/sites-available/blitzweb.conf" ]; then - if ! grep -Eq '^\s*#?\s*listen 127.0.0.1:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - echo "Error: missing expected line for: lo:v4 https" - exit 1 - else - if grep -Eq '^\s*#\s*listen 127.0.0.1:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - #echo "found: lo:v4 https (disabled line)" - if [ ${listen_to} = "localhost" ]; then - sudo sed -i -E 's/#\s*(listen 127.0.0.1:443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - else - #echo "found: lo:v4 https (enabled line)" - if [ ${listen_to} = "any" ]; then - sudo sed -i -E 's/(listen 127.0.0.1:443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - fi - - fi - - if ! grep -Eq '^\s*#?\s*listen \[::1\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - echo "Error: missing expected line for: lo:v6 https" - exit 1 - else - if grep -Eq '^\s*#\s*listen \[::1\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - #echo "found: lo:v6 https (disabled line)" - if [ ${listen_to} = "localhost" ]; then - sudo sed -i -E 's/#\s*(listen \[::1\]:443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - else - #echo "found: lo:v6 https (enabled line)" - if [ ${listen_to} = "any" ]; then - sudo sed -i -E 's/(listen \[::1\]:443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - fi - - fi - - if ! grep -Eq '^\s*#?\s*listen 443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - echo "Error: missing expected line for: any:v4 https" - exit 1 - else - if grep -Eq '^\s*#\s*listen 443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - #echo "found: any:v4 https (disabled line)" - if [ ${listen_to} = "any" ]; then - sudo sed -i -E 's/#\s*(listen 443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - else - #echo "found: any:v4 https (enabled line)" - if [ ${listen_to} = "localhost" ]; then - sudo sed -i -E 's/(listen 443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - fi - - fi - - if ! grep -Eq '^\s*#?\s*listen \[::\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - echo "Error: missing expected line for: any:v6 https" - exit 1 - else - if grep -Eq '^\s*#\s*listen \[::\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then - #echo "found: any:v6 https (disabled line)" - if [ ${listen_to} = "any" ]; then - sudo sed -i -E 's/#\s*(listen \[::\]:443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - else - #echo "found: any:v6 https (enabled line)" - if [ ${listen_to} = "localhost" ]; then - sudo sed -i -E 's/(listen \[::\]:443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf - fi - fi - fi - fi -} - - - ################### # CHECK ################### @@ -145,6 +58,7 @@ EOF sudo sed -i -E '/^.*server_names_hash_bucket_size [0-9]*;$/a \\tserver_names_hash_bucket_size 128;' /etc/nginx/nginx.conf fi + echo "# Checking dhparam.pem ..." if [ ! -f /etc/ssl/certs/dhparam.pem ]; then # check if there is a user generated dhparam.pem on the HDD to use @@ -162,6 +76,8 @@ EOF sudo cp /mnt/hdd/app-data/nginx/dhparam.pem /etc/ssl/certs/dhparam.pem fi + else + echo "# skip - dhparam.pem exists" fi sudo cp /home/admin/assets/nginx/snippets/* /etc/nginx/snippets/ @@ -171,7 +87,10 @@ EOF sudo rm -f /var/www/html/index.nginx-debian.html if ! [ -f /etc/nginx/sites-available/public.conf ]; then + echo "# copy /etc/nginx/sites-available/public.conf" sudo cp /home/admin/assets/nginx/sites-available/public.conf /etc/nginx/sites-available/public.conf + else + echo "# exists /etc/nginx/sites-available/public.conf" fi if ! [ -d /var/www/letsencrypt/.well-known/acme-challenge ]; then @@ -183,43 +102,52 @@ EOF # copy webroot if ! [ -d /var/www/public ]; then + echo "# copy /var/www/public" sudo cp -a /home/admin/assets/nginx/www_public/ /var/www/public sudo chown www-data:www-data /var/www/public + else + echo "# exists /var/www/public" fi sudo ln -sf /etc/nginx/sites-available/public.conf /etc/nginx/sites-enabled/public.conf ### RaspiBlitz Webserver on HTTPS 443 - # copy webroot - if ! [ -d /var/www/blitzweb ]; then - sudo cp -a /home/admin/assets/nginx/www_blitzweb/ /var/www/blitzweb - sudo chown www-data:www-data /var/www/blitzweb + # copy compiled webUI (TODO: do later) + if ! [ -d /var/www/public/ui ]; then + echo "# copy precompiled webui TODO: implement" + sudo cp -a /home/admin/blitz_web_compiled /var/www/public/ui + sudo chown www-data:www-data /var/www/public/ui + else + echo "# exists /var/www/public/ui" fi - # make sure jinja2 is installed and install j2cli - sudo apt-get install -y python3-jinja2 - sudo -H python3 -m pip install j2cli + if ! [ -f /mnt/hdd/app-data/nginx/tls.cert ];then - # use LND cert by default - sudo ln -sf /mnt/hdd/lnd/tls.cert /mnt/hdd/app-data/nginx/tls.cert - sudo ln -sf /mnt/hdd/lnd/tls.key /mnt/hdd/app-data/nginx/tls.key - sudo ln -sf /mnt/hdd/lnd/tls.cert /mnt/hdd/app-data/nginx/tor_tls.cert - sudo ln -sf /mnt/hdd/lnd/tls.key /mnt/hdd/app-data/nginx/tor_tls.key - - # config - sudo cp /home/admin/assets/blitzweb.conf /etc/nginx/sites-available/blitzweb.conf - sudo ln -sf /etc/nginx/sites-available/blitzweb.conf /etc/nginx/sites-enabled/ - - if ! [ -f /etc/nginx/.htpasswd ]; then - PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-) - echo "${PASSWORD_B}" | sudo htpasswd -c -i /etc/nginx/.htpasswd admin - sudo chown www-data:www-data /etc/nginx/.htpasswd - sudo chmod 640 /etc/nginx/.htpasswd + if [ -f /mnt/hdd/lnd/tls.cert ]; then + # use LND cert by default + echo "# use LND cert for: /mnt/hdd/app-data/nginx/tls.cert" + sudo ln -sf /mnt/hdd/lnd/tls.cert /mnt/hdd/app-data/nginx/tls.cert + sudo ln -sf /mnt/hdd/lnd/tls.key /mnt/hdd/app-data/nginx/tls.key + sudo ln -sf /mnt/hdd/lnd/tls.cert /mnt/hdd/app-data/nginx/tor_tls.cert + sudo ln -sf /mnt/hdd/lnd/tls.key /mnt/hdd/app-data/nginx/tor_tls.key + else + echo "# exists /mnt/hdd/app-data/nginx/tls.cert" + # create a self-signed cert if the LND cert is not present + /home/admin/config.scripts/internet.selfsignedcert.sh + + sudo ln -sf /mnt/hdd/app-data/selfsignedcert/selfsigned.cert \ + /mnt/hdd/app-data/nginx/tls.cert + sudo ln -sf /mnt/hdd/app-data/selfsignedcert/selfsigned.key \ + /mnt/hdd/app-data/nginx/tls.key + sudo ln -sf /mnt/hdd/app-data/selfsignedcert/selfsigned.cert \ + /mnt/hdd/app-data/nginx/tor_tls.cert + sudo ln -sf /mnt/hdd/app-data/selfsignedcert/selfsigned.key \ + /mnt/hdd/app-data/nginx/tor_tls.key + fi else - sudo chown www-data:www-data /etc/nginx/.htpasswd - sudo chmod 640 /etc/nginx/.htpasswd + echo "# exists /mnt/hdd/app-data/nginx/tls.cert" fi # restart NGINX @@ -236,19 +164,6 @@ elif [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo systemctl stop nginx sudo systemctl disable nginx >/dev/null - -################### -# LISTEN -################### -elif [ "$1" = "listen" ]; then - - if [ "$2" = "localhost" ] || [ "$2" = "any" ]; then - echo "Setting NGINX to listen on: ${2}" - set_nginx_blitzweb_listen "${2}" - else - echo "# FAIL: parameter not known - run with -h for help" - fi - else echo "# FAIL: parameter not known - run with -h for help" fi diff --git a/home.admin/config.scripts/blitz.web.ui.sh b/home.admin/config.scripts/blitz.web.ui.sh new file mode 100755 index 000000000..ecda65cef --- /dev/null +++ b/home.admin/config.scripts/blitz.web.ui.sh @@ -0,0 +1,96 @@ +#!/usr/bin/env bash + +# TODO: Later use for default install (when no github parameters are given) a precompiled version +# that comes with the repo so that the user does not need to install node +# use fro that then: yarn build:production & yarn licenses generate-disclaimer + +# TODO: Put WebUI into / base directory of nginx and let the index.html of the webUI handle +# the Tor detection or build it directly into the WebUI + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then + echo "Manage RaspiBlitz Web UI" + echo "blitz.web.ui.sh on [?GITHUBUSER] [?REPO] [?BRANCH]" + echo "blitz.web.ui.sh update" + echo "blitz.web.ui.sh off" + exit 1 +fi + +DEFAULT_GITHUB_USER="cstenglein" +DEFAULT_GITHUB_REPO="raspiblitz-web" +DEFAULT_GITHUB_BRANCH="master" + +################### +# ON / INSTALL +################### +if [ "$1" = "1" ] || [ "$1" = "on" ]; then + + if [ "$2" != "" ]; then + DEFAULT_GITHUB_USER="$2" + fi + + if [ "$3" != "" ]; then + DEFAULT_GITHUB_REPO="$3" + fi + + if [ "$4" != "" ]; then + DEFAULT_GITHUB_BRANCH="$4" + fi + + echo "# INSTALL WebUI" + sudo rm -r /home/admin/blitz_web 2>/dev/null + cd /home/admin + # git clone https://github.com/cstenglein/raspiblitz-web.git /home/admin/blitz_web + git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /home/admin/blitz_web + cd blitz_web + git checkout ${DEFAULT_GITHUB_BRANCH} + + echo "# Compile WebUI" + /home/admin/config.scripts/bonus.nodejs.sh on + source <(/home/admin/config.scripts/bonus.nodejs.sh info) + sudo npm install --global yarn + ${NODEPATH}/yarn install + ${NODEPATH}/yarn build + + sudo rm -r /var/www/public/* 2>/dev/null + sudo cp -r /home/admin/blitz_web/build/* /var/www/public + sudo chown www-data:www-data -R /var/www/public + + exit 1 +fi + +################### +# UPDATE +################### +if [ "$1" = "update" ]; then + + echo "# Update Web API" + cd /home/admin/blitz_web + git fetch + git pull + source <(/home/admin/config.scripts/bonus.nodejs.sh info) + ${NODEPATH}/yarn install + ${NODEPATH}/yarn build + sudo rm -r /var/www/public/* 2>/dev/null + sudo cp -r /home/admin/blitz_web/build/* /var/www/public + sudo chown www-data:www-data -R /var/www/public + echo "# blitzapi updates and restarted" + exit 0 + +fi + +################### +# OFF / UNINSTALL +################### +if [ "$1" = "0" ] || [ "$1" = "off" ]; then + + echo "# UNINSTALL WebUI" + sudo rm -r /home/admin/blitz_web 2>/dev/null + sudo rm -r /var/www/public/* 2>/dev/null + exit 0 +fi + + + + + diff --git a/home.admin/config.scripts/bonus.bos.sh b/home.admin/config.scripts/bonus.bos.sh index 6b71ca2de..d2b89b116 100755 --- a/home.admin/config.scripts/bonus.bos.sh +++ b/home.admin/config.scripts/bonus.bos.sh @@ -1,7 +1,7 @@ #!/bin/bash -# https://github.com/alexbosworth/balanceofsatoshis/blob/ba7c35b42f1bad0dbb0c9c03d64ee34472665029/package.json#L79 -BOSVERSION="8.0.5" +# https://github.com/alexbosworth/balanceofsatoshis/blob/master/package.json#L81 +BOSVERSION="10.7.8" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -29,6 +29,7 @@ Usage: https://github.com/alexbosworth/balanceofsatoshis/blob/master/README.md exit 0 fi + # install if [ "$1" = "1" ] || [ "$1" = "on" ]; then @@ -45,6 +46,16 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # create bos user sudo adduser --disabled-password --gecos "" bos + echo "# Create data folder on the disk" + # move old data if present + sudo mv /home/bos/.bos /mnt/hdd/app-data/ 2>/dev/null + echo "# make sure the data directory exists" + sudo mkdir -p /mnt/hdd/app-data/.bos + echo "# symlink" + sudo rm -rf /home/bos/.bos # not a symlink.. delete it silently + sudo ln -s /mnt/hdd/app-data/.bos/ /home/bos/.bos + sudo chown bos:bos -R /mnt/hdd/app-data/.bos + # set up npm-global sudo -u bos mkdir /home/bos/.npm-global sudo -u bos npm config set prefix '/home/bos/.npm-global' @@ -85,6 +96,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then exit 0 fi + # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then @@ -98,6 +110,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then fi + # update if [ "$1" = "update" ]; then echo "*** UPDATING BALANCE OF SATOSHIS ***" diff --git a/home.admin/config.scripts/bonus.btc-rpc-explorer.sh b/home.admin/config.scripts/bonus.btc-rpc-explorer.sh index 1af94f7f3..0e3911a18 100755 --- a/home.admin/config.scripts/bonus.btc-rpc-explorer.sh +++ b/home.admin/config.scripts/bonus.btc-rpc-explorer.sh @@ -8,11 +8,16 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "# small config script to switch BTC-RPC-explorer on or off" echo "# bonus.btc-rpc-explorer.sh [status|on|off]" + echo "# bonus.btc-rpc-explorer.sh prestart" exit 1 fi source /mnt/hdd/raspiblitz.conf +########################## +# MENU +######################### + # show info menu if [ "$1" = "menu" ]; then @@ -31,10 +36,17 @@ This can take multiple hours. fi # get network info - localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localip=$(ip addr | grep 'state UP' -A2 | grep -E -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') toraddress=$(sudo cat /mnt/hdd/tor/btc-rpc-explorer/hostname 2>/dev/null) fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) + # check if password protected + isBitcoinWalletOff=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep -c "^disablewallet=1") + passwordInfo="" + if [ "${isBitcoinWalletOff}" != "1" ]; then + passwordInfo="Login is 'admin' with your Password B" + fi + if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then # TOR @@ -43,7 +55,7 @@ This can take multiple hours. http://${localip}:3020\n https://${localip}:3021 with Fingerprint: ${fingerprint}\n -Login is 'admin' with your Password B\n +${passwordInfo}\n Hidden Service address for TOR Browser (QR see LCD): ${toraddress} " 16 67 @@ -55,7 +67,7 @@ ${toraddress} http://${localip}:3020\n https://${localip}:3021 with Fingerprint: ${fingerprint}\n -Login is 'admin' with your Password B\n +${passwordInfo}\n Activate TOR to access the web block explorer from outside your local network. " 16 54 fi @@ -93,10 +105,73 @@ if [ "$1" = "status" ]; then exit 0 fi -# stop service +########################## +# PRESTART +# - will be called as prestart by systemd service (as user btcrpcexplorer) +######################### + +if [ "$1" = "prestart" ]; then + + # users need to be `btcrpcexplorer` so that it can be run by systemd as prestart (no SUDO available) + if [ "$USER" != "btcrpcexplorer" ]; then + echo "# FAIL: run as user btcrpcexplorer" + exit 1 + fi + + echo "## btc-rpc-explorer.service PRESTART CONFIG" + echo "# --> /home/btcrpcexplorer/.config/btc-rpc-explorer.env" + + # check if electrs is installed & running + if [ "${ElectRS}" == "on" ]; then + + # CHECK THAT ELECTRS INDEX IS BUILD (WAITLOOP) + # electrs listening in port 50001 means index is build + isElectrumReady=$(netstat | grep -c "50001") + if [ "${isElectrumReady}" == "0" ]; then + echo "# electrs is ON but not ready .. might still building index - kick systemd service into fail/wait/restart" + exit 1 + fi + echo "# electrs is ON .. and ready (${isElectrumReady})" + + # CHECK THAT ELECTRS IS PART OF CONFIG + echo "# updating BTCEXP_ADDRESS_API=electrumx" + sed -i 's/^BTCEXP_ADDRESS_API=.*/BTCEXP_ADDRESS_API=electrumx/g' /home/btcrpcexplorer/.config/btc-rpc-explorer.env + + else + + # ELECTRS=OFF --> MAKE SURE IT IS NOT CONNECTED + echo "# updating BTCEXP_ADDRESS_API=none" + sed -i 's/^BTCEXP_ADDRESS_API=.*/BTCEXP_ADDRESS_API=none/g' /home/btcrpcexplorer/.config/btc-rpc-explorer.env + + fi + + # UPDATE RPC PASSWORD + RPCPASSWORD=$(cat /mnt/hdd/${network}/${network}.conf | grep "^rpcpassword=" | cut -d "=" -f2) + echo "# updating BTCEXP_BITCOIND_PASS=${RPCPASSWORD}" + sed -i "s/^BTCEXP_BITCOIND_PASS=.*/BTCEXP_BITCOIND_PASS=${RPCPASSWORD}/g" /home/btcrpcexplorer/.config/btc-rpc-explorer.env + + # WALLET PROTECTION (only if Bitcoin has wallet active protect BTC-RPC-Explorer with additional passwordB) + isBitcoinWalletOff=$(cat /mnt/hdd/${network}/${network}.conf | grep -c "^disablewallet=1") + if [ "${isBitcoinWalletOff}" == "1" ]; then + echo "# updating BTCEXP_BASIC_AUTH_PASSWORD= --> no password needed because wallet is disabled" + sed -i "s/^BTCEXP_BASIC_AUTH_PASSWORD=.*/BTCEXP_BASIC_AUTH_PASSWORD=/g" /home/btcrpcexplorer/.config/btc-rpc-explorer.env + else + echo "# updating BTCEXP_BASIC_AUTH_PASSWORD=${RPCPASSWORD} --> enable password to protect wallet" + sed -i "s/^BTCEXP_BASIC_AUTH_PASSWORD=.*/BTCEXP_BASIC_AUTH_PASSWORD=${RPCPASSWORD}/g" /home/btcrpcexplorer/.config/btc-rpc-explorer.env + fi + + exit 0 # exit with clean code +fi + + +# stop service (for all calls below) echo "# making sure services are not running" sudo systemctl stop btc-rpc-explorer 2>/dev/null +########################## +# ON +######################### + # switch on if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# *** INSTALL BTC-RPC-EXPLORER ***" @@ -117,7 +192,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then cd /home/btcrpcexplorer sudo -u btcrpcexplorer git clone https://github.com/janoside/btc-rpc-explorer.git cd btc-rpc-explorer - sudo -u btcrpcexplorer git reset --hard v3.0.0 + sudo -u btcrpcexplorer git reset --hard v3.2.0 sudo -u btcrpcexplorer npm install if ! [ $? -eq 0 ]; then echo "FAIL - npm install did not run correctly, aborting" @@ -149,6 +224,10 @@ BTCEXP_BITCOIND_USER=$RPC_USER BTCEXP_BITCOIND_PASS=$PASSWORD_B #BTCEXP_BITCOIND_COOKIE=/path/to/bitcoind/.cookie BTCEXP_BITCOIND_RPC_TIMEOUT=10000 +# Privacy mode disables: +# Exchange-rate queries, IP-geolocation queries +# Default: false +BTCEXP_PRIVACY_MODE=true # Password protection for site via basic auth (enter any username, only the password is checked) # Default: none BTCEXP_BASIC_AUTH_PASSWORD=$PASSWORD_B @@ -160,6 +239,7 @@ BTCEXP_BASIC_AUTH_PASSWORD=$PASSWORD_B BTCEXP_ADDRESS_API=none BTCEXP_ELECTRUMX_SERVERS=tcp://127.0.0.1:50001 EOF + sudo -u btcrpcexplorer mkdir /home/btcrpcexplorer/.config sudo mv /home/admin/btc-rpc-explorer.env /home/btcrpcexplorer/.config/btc-rpc-explorer.env sudo chown btcrpcexplorer:btcrpcexplorer /home/btcrpcexplorer/.config/btc-rpc-explorer.env @@ -198,14 +278,22 @@ EOF Description=btc-rpc-explorer Wants=${network}d.service After=${network}d.service +StartLimitIntervalSec=0 [Service] +User=btcrpcexplorer +TimeoutStartUSec=infinity +ExecStartPre=/home/admin/config.scripts/bonus.btc-rpc-explorer.sh prestart WorkingDirectory=/home/btcrpcexplorer/btc-rpc-explorer ExecStart=/usr/bin/npm start -User=btcrpcexplorer -# Restart on failure but no more than default times (DefaultStartLimitBurst=5) every 10 minutes (600 seconds). Otherwise stop Restart=on-failure -RestartSec=600 +RestartSec=20 + +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true [Install] WantedBy=multi-user.target @@ -224,10 +312,9 @@ EOF echo "# needs to finish creating txindex to be functional" echo "# monitor with: sudo tail -n 20 -f /mnt/hdd/bitcoin/debug.log" - - ## Enable BTCEXP_ADDRESS_API if BTC-RPC-Explorer is active - # see /home/admin/config.scripts/bonus.electrsexplorer.sh - # run every 10 min by _background.sh + echo "# npm audi fix" + cd /home/btcrpcexplorer/btc-rpc-explorer/ + sudo npm audit fix # Hidden Service for BTC-RPC-explorer if Tor is active source /mnt/hdd/raspiblitz.conf @@ -238,6 +325,10 @@ EOF exit 0 fi +########################## +# OFF +######################### + # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then @@ -280,5 +371,5 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then exit 0 fi -echo "error='unknown parameter' +echo "error='unknown parameter'" exit 1 diff --git a/home.admin/config.scripts/bonus.btcpayserver.sh b/home.admin/config.scripts/bonus.btcpayserver.sh index 842377e3a..3de29b81c 100755 --- a/home.admin/config.scripts/bonus.btcpayserver.sh +++ b/home.admin/config.scripts/bonus.btcpayserver.sh @@ -3,9 +3,9 @@ # Based on: https://gist.github.com/normandmickey/3f10fc077d15345fb469034e3697d0d0 # https://github.com/dgarage/NBXplorer/releases -NBXplorerVersion="v2.1.49" +NBXplorerVersion="v2.2.8" # https://github.com/btcpayserver/btcpayserver/releases -BTCPayVersion="v1.0.7.2" +BTCPayVersion="v1.2.3" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -27,7 +27,7 @@ if [ "$1" = "status" ]; then isInstalled=$(sudo ls /etc/systemd/system/btcpayserver.service 2>/dev/null | grep -c 'btcpayserver.service') echo "installed=${isInstalled}" - localIP=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localIP=$(hostname -I | awk '{print $1}') echo "localIP='${localIP}'" echo "httpsPort='23001'" echo "publicIP='${publicIP}'" @@ -273,26 +273,25 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo echo "# Installing .NET" echo - # download dotnet-sdk # https://dotnet.microsoft.com/download/dotnet-core/3.1 # dependencies sudo apt-get -y install libunwind8 gettext libssl1.0 if [ "${cpu}" = "arm" ]; then binaryVersion="arm" - dotNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/f2e1cb4a-0c70-49b6-871c-ebdea5ebf09d/acb1ea0c0dbaface9e19796083fe1a6b/dotnet-sdk-3.1.300-linux-arm.tar.gz" - dotNetChecksum="510de2931522633e5a35cfbaebac255704bb2a282e4980e7597c924531564b1a2f769cf67b3d1f196442ceca3d0d9a53e0a6dcb12adc9b0c6c1500742e7b1ee5" + dotNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/40edd52f-b1ca-4f0c-8d50-34433202ce9d/2b8f5b881c239a706f271f010e56159c/dotnet-sdk-3.1.413-linux-arm.tar.gz" + dotNetChecksum="31f395b1e48e9ba53d4dc63db7ff1ea38bdcb612a1d54b483cde22a009c48fbae0303779f42cee32db0e51bd953c8abfdaa1620a43a7fd84e1f8e937b6675d59" elif [ "${cpu}" = "aarch64" ]; then binaryVersion="arm64" - dotNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/e5e70860-a6d4-48cf-b0d1-eeba32657d80/2da3c605aaa65c7e4ac2ad0507a2e429/dotnet-sdk-3.1.300-linux-arm64.tar.gz" - dotNetChecksum="b1d806dd719e61ae27297515d26e6ef12e615da131db4fd1c29b2acc4d6a68a6b0e4ce94ead4f8f737c203328d596422068c78495eba331a5759f595ed9ed149" + dotNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/dfd0ad22-3e47-432f-9aa1-f65b11a2ced2/d096c5d1561732c1658543fa8fb7a31f/dotnet-sdk-3.1.413-linux-arm64.tar.gz" + dotNetChecksum="39f198f07577faf81f09ca621fb749d5aac38fc05e7e6bd6226009679abc7d001454068430ddb34b320901955f42de3951e2707e01bce825b5216df2bc0c8eca" elif [ "${cpu}" = "x86_64" ]; then binaryVersion="x64" - dotNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/0c795076-b679-457e-8267-f9dd20a8ca28/02446ea777b6f5a5478cd3244d8ed65b/dotnet-sdk-3.1.300-linux-x64.tar.gz" - dotNetChecksum="1c3844ea5f8847d92372dae67529ebb08f09999cac0aa10ace571c63a9bfb615adbf8b9d5cebb2f960b0a81f6a5fba7d80edb69b195b77c2c7cca174cbc2fd0b" + dotNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/70d12135-d65f-4f4c-9d96-a6ac0251fb1b/57856b7654e338027cfb53552b2c4d46/dotnet-sdk-3.1.413-linux-x64.tar.gz" + dotNetChecksum="2a0824f11aba0b79d3f9a36af0395649bc9b4137e61b240a48dccb671df0a5b8c2086054f8e495430b7ed6c344bb3f27ac3dfda5967d863718a6dadeca951a83" fi - dotNetName="dotnet-sdk-3.1.300-linux-${binaryVersion}.tar.gz" + dotNetName="dotnet-sdk-3.1.413-linux-${binaryVersion}.tar.gz" sudo rm /home/btcpay/${dotnetName} 2>/dev/null sudo -u btcpay wget "${dotNetdirectLink}" # check binary is was not manipulated (checksum test) @@ -302,31 +301,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then exit 1 fi - # download aspnetcore-runtime - if [ "${cpu}" = "arm" ]; then - AspNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/06f9feeb-cd19-49e9-a5cd-a230e1d8c52f/a232fbb4a6e6a90bbe624225e180308a/aspnetcore-runtime-3.1.4-linux-arm.tar.gz" - AspNetChecksum="58fe16baf370cebda96b93735be9bc57cf9a846b56ecbdc3c745c83399ad5b59518251996b75ac959ee3a8eb438a92e2ea3d088af4f0631caed3c86006d4ed2d" - elif [ "${cpu}" = "aarch64" ]; then - AspNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/0f94ccdf-a791-4978-a0e1-0309911f60a4/d734c7f79e6b180b7b91f3d7e78d24d8/aspnetcore-runtime-3.1.4-linux-arm64.tar.gz" - AspNetChecksum="db91ea66e796e3d27ee08d50cb0532d1fb74060d5a8f1c90d2f34cb66ad74d50d6a8d128457693c15216b3c94d6c1acb7bd342fe0a0fa770117e21211972abda" - elif [ "${cpu}" = "x86_64" ]; then - AspNetdirectLink="https://download.visualstudio.microsoft.com/download/pr/a1ddc998-933c-47af-b8c7-dc2503e44e91/42d8cd08b2055df52c9457c993911f2e/aspnetcore-runtime-3.1.4-linux-x64.tar.gz" - AspNetChecksum="a761fd3652a0bc838c33b2846724d21e82410a5744bd37cbfab96c60327c89ee89c177e480a519b0e0d62ee58ace37e2c2a4b12b517e5eb0af601ad9804e028f" - fi - - aspNetCoreName="aspnetcore-runtime-3.1.4-linux-${binaryVersion}.tar.gz" - sudo rm /home/btcpay/${aspNetCoreName} 2>/dev/null - sudo -u btcpay wget "${AspNetdirectLink}" - # check binary is was not manipulated (checksum test) - actualAspNetChecksum=$(sha512sum /home/btcpay/${aspNetCoreName} | cut -d " " -f1) - if [ "${actualAspNetChecksum}" != "${AspNetChecksum=}" ]; then - echo "# !!! FAIL !!! Downloaded ${aspNetCoreName} not matching SHA512 checksum: ${AspNetChecksum=}" - exit 1 - fi - sudo -u btcpay mkdir /home/btcpay/dotnet sudo -u btcpay tar -xvf ${dotNetName} -C /home/btcpay/dotnet - sudo -u btcpay tar -xvf ${aspNetCoreName} -C /home/btcpay/dotnet sudo rm -f *.tar.gz* # opt out of telemetry @@ -359,10 +335,10 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # from the build.sh with path sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj # see the configuration options with: - # sudo -u btcpay /home/btcpay/dotnet/dotnet "/home/btcpay/NBXplorer/NBXplorer/bin/Release/netcoreapp3.1/NBXplorer.dll" -c /home/btcpay/.nbxplorer/Main/settings.config -h + # sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release -p "NBXplorer/NBXplorer.csproj" -c /home/btcpay/.nbxplorer/Main/settings.config -h # run manually to debug: - # sudo -u btcpay /home/btcpay/dotnet/dotnet "/home/btcpay/NBXplorer/NBXplorer/bin/Release/netcoreapp3.1/NBXplorer.dll" -c /home/btcpay/.nbxplorer/Main/settings.config --network=mainnet - echo"# create the nbxplorer.service" + # sudo -u btcpay /home/btcpay/dotnet/dotnet run --no-launch-profile --no-build -c Release -p "NBXplorer/NBXplorer.csproj" -c /home/btcpay/.nbxplorer/Main/settings.config --network=mainnet -- $@ + echo "# create the nbxplorer.service" echo " [Unit] Description=NBXplorer daemon @@ -370,15 +346,16 @@ Requires=bitcoind.service After=bitcoind.service [Service] -ExecStart=/home/btcpay/dotnet/dotnet \ - \"/home/btcpay/NBXplorer/NBXplorer/bin/Release/netcoreapp3.1/NBXplorer.dll\" \ - -c /home/btcpay/.nbxplorer/Main/settings.config --network=${chain}net +WorkingDirectory=/home/btcpay/NBXplorer +ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \ + -c Release -p \"NBXplorer/NBXplorer.csproj\" -- \$@ User=btcpay Group=btcpay Type=simple PIDFile=/run/nbxplorer/nbxplorer.pid Restart=on-failure +# Hardening measures PrivateTmp=true ProtectSystem=full NoNewPrivileges=true @@ -452,15 +429,20 @@ After=nbxplorer.service [Service] ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \ - -c Release \ - -p \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" -- \ - --sqlitefile=sqllite.db --network=${chain}net + -c Release -p \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" \ + -- --sqlitefile=sqllite.db User=btcpay Group=btcpay Type=simple PIDFile=/run/btcpayserver/btcpayserver.pid Restart=on-failure +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee /etc/systemd/system/btcpayserver.service @@ -540,7 +522,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo systemctl disable nbxplorer sudo rm /etc/systemd/system/nbxplorer.service # clear dotnet cache - dotnet nuget locals all --clear + /home/btcpay/dotnet/dotnet nuget locals all --clear sudo rm -rf /tmp/NuGetScratch # remove dotnet sudo rm -rf /usr/share/dotnet diff --git a/home.admin/config.scripts/bonus.chantools.sh b/home.admin/config.scripts/bonus.chantools.sh index 03b5012ad..41f5ac3be 100644 --- a/home.admin/config.scripts/bonus.chantools.sh +++ b/home.admin/config.scripts/bonus.chantools.sh @@ -5,13 +5,16 @@ # see https://github.com/guggero/chantools/releases lndVersion=$(lncli -v | cut -d " " -f 3 | cut -d"." -f2) -if [ $lndVersion -eq 12 ]; then +if [ $lndVersion -eq 13 ]; then + pinnedVersion="0.9.3" +elif [ $lndVersion -eq 12 ]; then pinnedVersion="0.8.2" elif [ $lndVersion -eq 11 ]; then pinnedVersion="0.7.1" else echo "# LND not installed or a version not tested with chantools" lncli -v + exit 1 fi # command info @@ -82,7 +85,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo -u admin wget -N https://github.com/guggero/chantools/releases/download/v${pinnedVersion}/${binaryName} # check binary was not manipulated (checksum test) - sudo -u admin wget -N https://github.com/guggero/chantools/releases/download/v${pinnedVersion}/manifest-v${pinnedVersion}.txt.asc + sudo -u admin wget -N https://github.com/guggero/chantools/releases/download/v${pinnedVersion}/manifest-v${pinnedVersion}.txt.sig sudo -u admin wget --no-check-certificate -N -O "${downloadDir}/pgp_keys.asc" ${PGPpkeys} binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1) if [ "${binaryChecksum}" != "${SHA256}" ]; then @@ -102,7 +105,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then fi gpg --import ./pgp_keys.asc sleep 3 - verifyResult=$(gpg --verify manifest-v${pinnedVersion}.txt.asc 2>&1) + echo "# running: gpg --verify manifest-v${pinnedVersion}.txt.sig" + verifyResult=$(gpg --verify manifest-v${pinnedVersion}.txt.sig 2>&1) + echo "# verifyResult(${verifyResult})" goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) echo "# goodSignature(${goodSignature})" correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${GPGcheck}" -c) diff --git a/home.admin/config.scripts/bonus.circuitbreaker.sh b/home.admin/config.scripts/bonus.circuitbreaker.sh index ad7863822..a738634f5 100755 --- a/home.admin/config.scripts/bonus.circuitbreaker.sh +++ b/home.admin/config.scripts/bonus.circuitbreaker.sh @@ -1,6 +1,7 @@ #!/bin/bash -pinnedVersion="v0.2.0" +# https://github.com/lightningequipment/circuitbreaker/releases +pinnedVersion="v0.3.0" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -101,11 +102,16 @@ ExecStart=/home/circuitbreaker/go/bin/circuitbreaker --network=${chain}net User=circuitbreaker Group=circuitbreaker Type=simple -KillMode=process TimeoutSec=60 Restart=always RestartSec=60 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee -a /etc/systemd/system/circuitbreaker.service diff --git a/home.admin/config.scripts/bonus.electrs.sh b/home.admin/config.scripts/bonus.electrs.sh index 02b0157f2..d224e6a08 100755 --- a/home.admin/config.scripts/bonus.electrs.sh +++ b/home.admin/config.scripts/bonus.electrs.sh @@ -1,14 +1,16 @@ #!/bin/bash -# https://github.com/romanz/electrs/blob/master/doc/usage.md -ELECTRSVERSION=v0.8.9 +# https://github.com/romanz/electrs/releases +ELECTRSVERSION="v0.9.0" +# https://github.com/romanz/electrs/commits/master +# ELECTRSVERSION="3041e89cd2fb377541b929d852ef6298c2d4e60a" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "config script to switch the Electrum Rust Server on or off" echo "bonus.electrs.sh status [?showAddress]" echo "bonus.electrs.sh [on|off|menu]" - echo "installs the version $ELECTRSVERSION by default" + echo "installs the version $ELECTRSVERSION" exit 1 fi @@ -39,9 +41,14 @@ if [ "$1" = "status" ]; then if [ ${serviceRunning} -eq 1 ]; then # Experimental try to get sync Info - syncedToBlock=$(sudo journalctl -u electrs --no-pager -n100 | grep "new headers from height" | tail -n 1 | cut -d " " -f 16 | sed 's/[^0-9]*//g') + syncedToBlock=$(sudo journalctl -u electrs --no-pager -n2000 | grep "height=" | tail -n1| cut -d= -f3) blockchainHeight=$(sudo -u bitcoin ${network}-cli getblockchaininfo 2>/dev/null | jq -r '.headers' | sed 's/[^0-9]*//g') lastBlockchainHeight=$(($blockchainHeight -1)) + syncProgress=0 + if [ "${syncedToBlock}" != "" ] && [ "${blockchainHeight}" != "" ] && [ "${blockchainHeight}" != "0" ]; then + syncProgress="$(echo "$syncedToBlock" "$blockchainHeight" | awk '{printf "%.2f", $1 / $2 * 100}')" + fi + echo "syncProgress=${syncProgress}%" if [ "${syncedToBlock}" = "${blockchainHeight}" ] || [ "${syncedToBlock}" = "${lastBlockchainHeight}" ]; then echo "tipSynced=1" else @@ -86,7 +93,7 @@ if [ "$1" = "status" ]; then # no answer on that port echo "publicTCPPortAnswering=0" fi - echo "portHTTP='50002'" + echo "portSSL='50002'" localPortRunning=$(sudo netstat -an | grep -c '0.0.0.0:50002') echo "localHTTPPortActive=${localPortRunning}" publicPortRunning=$(nc -z -w6 ${publicip} 50002 2>/dev/null; echo $?) @@ -99,13 +106,13 @@ if [ "$1" = "status" ]; then fi # add TOR info if [ "${runBehindTor}" == "on" ]; then - echo "TORrunning=1" + echo "TorRunning=1" if [ "$2" = "showAddress" ]; then TORaddress=$(sudo cat /mnt/hdd/tor/electrs/hostname) echo "TORaddress='${TORaddress}'" fi else - echo "TORrunning=0" + echo "TorRunning=0" fi # check Nginx nginxTest=$(sudo nginx -t 2>&1 | grep -c "test is successful") @@ -137,7 +144,7 @@ if [ "$1" = "menu" ]; then The electrum system service is not running. Please check the following debug info. " 8 48 - /home/admin/XXdebugLogs.sh + /home/admin/config.scripts/blitz.debug.sh echo "Press ENTER to get back to main menu." read key exit 0 @@ -188,12 +195,12 @@ Check 'sudo nginx -t' for a detailed error message. echo echo "On Network Settings > Server menu:" echo "- deactivate automatic server selection" - echo "- as manual server set '${localip}' & '${portHTTP}'" + echo "- as manual server set '${localip}' & '${portSSL}'" echo "- laptop and RaspiBlitz need to be within same local network" echo echo "To start directly from laptop terminal use:" - echo "electrum --oneserver --server ${localip}:${portHTTP}:s" - if [ ${TORrunning} -eq 1 ]; then + echo "electrum --oneserver --server ${localip}:${portSSL}:s" + if [ ${TorRunning} -eq 1 ]; then echo echo "The Tor Hidden Service address for electrs is (see LCD for QR code):" echo "${TORaddress}" @@ -261,30 +268,24 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then cd /home/electrs echo - echo "# Installing Rust" + echo "# Installing Rust for the electrs user" echo - sudo -u electrs curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u electrs sh -s -- --default-toolchain 1.39.0 -y - - sudo apt update - sudo apt install -y clang cmake # for building 'rust-rocksdb' + # https://github.com/romanz/electrs/blob/master/doc/usage.md#build-dependencies + sudo -u electrs curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo -u electrs sh -s -- --default-toolchain none -y + sudo apt install -y clang cmake build-essential # for building 'rust-rocksdb' echo - echo "# Downloading and building electrs. This will take ~30 minutes" # ~22 min on an Odroid XU4 + echo "# Downloading and building electrs $ELECTRSVERSION. This will take ~40 minutes" echo sudo -u electrs git clone https://github.com/romanz/electrs - cd /home/electrs/electrs + cd /home/electrs/electrs || exit 1 sudo -u electrs git reset --hard $ELECTRSVERSION - sudo -u electrs /home/electrs/.cargo/bin/cargo build --release + + sudo -u electrs /home/electrs/.cargo/bin/cargo build --locked --release || exit 1 echo echo "# The electrs database will be built in /mnt/hdd/app-storage/electrs/db. Takes ~18 hours and ~50Gb diskspace" echo - # move old-database if present - if [ -d "/mnt/hdd/electrs/db" ]; then - echo "Moving existing ElectRS index to /mnt/hdd/app-storage/electrs..." - sudo mv -f /mnt/hdd/electrs /mnt/hdd/app-storage/ - fi - sudo mkdir /mnt/hdd/app-storage/electrs 2>/dev/null sudo chown -R electrs:electrs /mnt/hdd/app-storage/electrs @@ -302,15 +303,16 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # https://github.com/romanz/electrs/blob/master/doc/usage.md#configuration-files-and-environment-variables sudo -u electrs mkdir /home/electrs/.electrs 2>/dev/null echo " -verbose = 4 +verbose = 2 timestamp = true jsonrpc_import = true +index-batch-size = 10 +wait_duration_secs = 10 +jsonrpc_timeout_secs = 15 db_dir = \"/mnt/hdd/app-storage/electrs/db\" auth = \"$RPC_USER:$PASSWORD_B\" # allow BTC-RPC-explorer show tx-s for addresses with a history of more than 100 txid_limit = 1000 -# https://github.com/Stadicus/RaspiBolt/issues/646 -wait_duration_secs = 20 server_banner = \"Welcome to electrs $ELECTRSVERSION - the Electrum Rust Server on your RaspiBlitz\" " | sudo tee /home/electrs/.electrs/config.toml sudo chmod 600 /home/electrs/.electrs/config.toml @@ -380,8 +382,6 @@ stream { fi fi - sudo systemctl restart nginx - echo echo "# Open ports 50001 and 5002 on UFW " echo @@ -395,19 +395,24 @@ stream { echo " [Unit] Description=Electrs -After=lnd.service +After=bitcoind.service [Service] WorkingDirectory=/home/electrs/electrs -ExecStart=/home/electrs/electrs/target/release/electrs --index-batch-size=10 --electrum-rpc-addr=\"0.0.0.0:50001\" +ExecStart=/home/electrs/electrs/target/release/electrs --electrum-rpc-addr=\"0.0.0.0:50001\" User=electrs Group=electrs Type=simple -KillMode=process TimeoutSec=60 Restart=always RestartSec=60 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee -a /etc/systemd/system/electrs.service @@ -427,10 +432,26 @@ WantedBy=multi-user.target /home/admin/config.scripts/internet.hiddenservice.sh electrs 50002 50002 50001 50001 fi - ## Enable BTCEXP_ADDRESS_API if BTC-RPC-Explorer is active - # see /home/admin/config.scripts/bonus.electrsexplorer.sh - # run every 10 min by _background.sh - + # whitelist downloading to localhost from bitcoind + if ! sudo grep -Eq "^whitelist=download@127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then + echo "whitelist=download@127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf + bitcoindRestart=yes + fi + + source /home/admin/raspiblitz.info + if [ "${state}" == "ready" ]; then + if [ "${bitcoindRestart}" == "yes" ]; then + sudo systemctl restart bitcoind + fi + sudo systemctl restart nginx + sudo systemctl start electrs + # restart BTC-RPC-Explorer to reconfigure itself to use electrs for address API + if [ "${BTCRPCexplorer}" == "on" ]; then + sudo systemctl restart btc-rpc-explorer + echo "# BTC-RPC-Explorer restarted" + fi + fi + echo echo "# To connect through SSL from outside of the local network make sure the port 50002 is forwarded on the router" echo @@ -467,9 +488,13 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo ufw deny 50001 sudo ufw deny 50002 echo "# OK ElectRS removed." + + # restart BTC-RPC-Explorer to reconfigure itself to use electrs for address API + if [ "${BTCRPCexplorer}" == "on" ]; then + sudo systemctl restart btc-rpc-explorer + echo "# BTC-RPC-Explorer restarted" + fi - ## Disable BTCEXP_ADDRESS_API if BTC-RPC-Explorer is active - /home/admin/config.scripts/bonus.electrsexplorer.sh else echo "# ElectRS is not installed." fi diff --git a/home.admin/config.scripts/bonus.electrsexplorer.sh b/home.admin/config.scripts/bonus.electrsexplorer.sh deleted file mode 100755 index d337c65b3..000000000 --- a/home.admin/config.scripts/bonus.electrsexplorer.sh +++ /dev/null @@ -1,148 +0,0 @@ -# config script to make BTC-RPC-Explorer use Electrs if both active -# thx to PatrickScheich for improving the script - -source /mnt/hdd/raspiblitz.conf - -# explorer start script (waits to start btc-rpc-explorer until eletrs is responsive) -explorerStartDir="/home/admin/system" -explorerStartScript="${explorerStartDir}/btc-rpc-explorer.run.sh" -explorerStartScriptEscaped=$(echo "${explorerStartScript}" | sed 's/\//\\\//g') - -# check if "^BTCEXP_ADDRESS_API=electrumx" -btcaddrapiEnabled=$(sudo cat /home/btcrpcexplorer/.config/btc-rpc-explorer.env 2>/dev/null | grep -c "^BTCEXP_ADDRESS_API=electrumx") - -# check if service starts the shell script "btc-rpc-explorer.run.sh" -serviceStartsScript=$(sudo cat /etc/systemd/system/btc-rpc-explorer.service 2>/dev/null | grep -c "^ExecStart=${explorerStartScript}") - -# optional return status -if [ "$1" = "status" ]; then - if [ "${BTCRPCexplorer}" = "" ]; then - BTCRPCexplorer="off" - fi - if [ "${ElectRS}" = "" ]; then - ElectRS="off" - fi - echo "BTCRPCexplorer=${BTCRPCexplorer}" - echo "ElectRS=${ElectRS}" - echo "explorerStartScript='${explorerStartScript}'" - echo "explorerStartScriptEscaped='${explorerStartScriptEscaped}'" - echo "# if electrum is set as address api in btc-prc-explorer" - echo "btcaddrapiEnabled=${btcaddrapiEnabled}" - echo "# if btc-prc-explorer is started by systemd with btc-rpc-explorer.run.sh" - echo "# that waits for electrum to become responsive" - echo "serviceStartsScript=${serviceStartsScript}" - exit 0 -fi - -# variable to track if service restart is needed -serviceNeedsRestart=0 - -# both services are "switched on" in raspiblitz.conf -if [ "${BTCRPCexplorer}" = "on" ] & [ "${ElectRS}" = "on" ]; then - - # make sure that "btc-rpc-explorer.run.sh" exists... - # if it does not exist, create it and make it executable - # it is fine to create the script, even the BTC-RPC-Explorer might be started directly - if [ ! -f ${explorerStartScript} ]; then - echo "script \"${explorerStartScript}\" does not exist, create it and make it executable" - sudo -u admin mkdir -p ${explorerStartDir} - cat > ${explorerStartScript} < change it in "/home/btcrpcexplorer/.config/btc-rpc-explorer.env" - if [ ${btcaddrapiEnabled} -ne 1 ]; then - echo "electrs is active - switching address API support on in BTC-RPC-Explorer" - sudo -u btcrpcexplorer sed -i 's/^BTCEXP_ADDRESS_API=none/BTCEXP_ADDRESS_API=electrumx/g' /home/btcrpcexplorer/.config/btc-rpc-explorer.env - # make sure to restart the service - serviceNeedsRestart=1 - else - echo "electrs is active - address API support in BTC-RPC-Explorer is already enabled, nothing to do here" - fi - - # make sure that explorer is started thru script - if [ ${serviceStartsScript} -ne 1 ]; then - echo "btc-rpc-explorer.service change to start via script: ${explorerStartScript}" - sudo sed -i "s/^ExecStart=\/usr\/bin\/npm start/ExecStart=${explorerStartScriptEscaped}/g" /etc/systemd/system/btc-rpc-explorer.service - sudo sed -i "s/^User=.*/User=admin/g" /etc/systemd/system/btc-rpc-explorer.service - # make sure to restart the service - serviceNeedsRestart=1 - else - echo "electrs is active - service start via script is already enabled, nothing to do here" - fi - - # electrs service is offline - else - echo "electrs is offline" - - # make sure to switch address API support off - if [ ${btcaddrapiEnabled} -ne 1 ]; then - echo "electrs is not active - address API support in BTC-RPC-Explorer is already disabled, nothing to do here" - else - echo "electrs is not active - switching address API support off in BTC-RPC-Explorer" - sudo -u btcrpcexplorer sed -i 's/^BTCEXP_ADDRESS_API=electrumx/BTCEXP_ADDRESS_API=none/g' /home/btcrpcexplorer/.config/btc-rpc-explorer.env - # make sure to restart the service - serviceNeedsRestart=1 - fi - - # make sure to start explorer directly - if [ ${serviceStartsScript} -ne 1 ]; then - echo "electrs is not active - service direct start is already enabled, nothing to do here" - else - echo "btc-rpc-explorer.service change to start directly" - sudo sed -i "s/^ExecStart=${explorerStartScriptEscaped}/ExecStart=\/usr\/bin\/npm start/g" /etc/systemd/system/btc-rpc-explorer.service - sudo sed -i "s/^User=.*/User=btcrpcexplorer/g" /etc/systemd/system/btc-rpc-explorer.service - # make sure to restart the service - serviceNeedsRestart=1 - fi - fi - -# both services are NOT "switched on" in raspiblitz.conf -else - - # electrs if OFF and explorer ON - if [ "${BTCRPCexplorer}" = "on" ]; then - - # Disable BTCEXP_ADDRESS_API if BTC-RPC-Explorer is active - echo "electrs is off in raspiblitz.conf" - if [ ${btcaddrapiEnabled} -ne 1 ]; then - echo "electrs is not active - address API support in BTC-RPC-Explorer is already disabled, nothing to do here" - else - echo "electrs is not active - switching address API support off in BTC-RPC-Explorer" - sudo -u btcrpcexplorer sed -i 's/^BTCEXP_ADDRESS_API=electrumx/BTCEXP_ADDRESS_API=none/g' /home/btcrpcexplorer/.config/btc-rpc-explorer.env - # make sure to restart the service - serviceNeedsRestart=1 - fi - - # make sure that service is started directly - if [ ${serviceStartsScript} -ne 1 ]; then - echo "electrs is not active - service direct start is already enabled, nothing to do here" - else - echo "btc-rpc-explorer.service change to start directly" - sudo sed -i "s/^ExecStart=${explorerStartScriptEscaped}/ExecStart=\/usr\/bin\/npm start/g" /etc/systemd/system/btc-rpc-explorer.service - sudo sed -i "s/^User=.*/User=btcrpcexplorer/g" /etc/systemd/system/btc-rpc-explorer.service - # make sure to restart the service - serviceNeedsRestart=1 - fi - - fi -fi - -if [ ${serviceNeedsRestart} -eq 1 ]; then - echo "BTC-RPC-Explorer service needs restart" - sudo systemctl daemon-reload - sudo systemctl restart btc-rpc-explorer -fi \ No newline at end of file diff --git a/home.admin/config.scripts/bonus.faraday.sh b/home.admin/config.scripts/bonus.faraday.sh index 41898a79d..44017292e 100755 --- a/home.admin/config.scripts/bonus.faraday.sh +++ b/home.admin/config.scripts/bonus.faraday.sh @@ -221,6 +221,12 @@ RestartSec=30 StandardOutput=null StandardError=journal +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee -a /etc/systemd/system/faraday.service diff --git a/home.admin/config.scripts/bonus.fullynoded.sh b/home.admin/config.scripts/bonus.fullynoded.sh index afb2d6ef3..c3452117b 100755 --- a/home.admin/config.scripts/bonus.fullynoded.sh +++ b/home.admin/config.scripts/bonus.fullynoded.sh @@ -22,12 +22,19 @@ elif [ "${chain}net" == "signet" ]; then fi # check and set up the HS -/home/admin/config.scripts/internet.hiddenservice.sh bitcoin ${BITCOINRPCPORT} ${BITCOINRPCPORT} +/home/admin/config.scripts/internet.hiddenservice.sh bitcoin${BITCOINRPCPORT} ${BITCOINRPCPORT} ${BITCOINRPCPORT} hiddenService=$(sudo cat /mnt/hdd/tor/bitcoin${BITCOINRPCPORT}/hostname) +# https://github.com/rootzoll/raspiblitz/issues/2339 +if [ ${#hiddenService} -eq 0 ];then + hiddenService=$(sudo cat /mnt/hdd/tor/bitcoin/hostname) +fi + +echo "# The Hidden Service for bitcoind port ${BITCOINRPCPORT} is:" +echo "${hiddenService}" # btcstandup://:@:/?label= -quickConnect="btcstandup://$RPC_USER:$PASSWORD_B@$hiddenService:${BITCOINRPCPORT}/?label=$hostname" +quickConnect="btcstandup://${RPC_USER}:${PASSWORD_B}@${hiddenService}:${BITCOINRPCPORT}/?label=${hostname}" echo echo "scan the QR Code with Fully Noded to connect to your node:" /home/admin/config.scripts/blitz.display.sh qr "${quickConnect}" diff --git a/home.admin/config.scripts/bonus.joinmarket.sh b/home.admin/config.scripts/bonus.joinmarket.sh index f470944d0..a120995b6 100755 --- a/home.admin/config.scripts/bonus.joinmarket.sh +++ b/home.admin/config.scripts/bonus.joinmarket.sh @@ -5,14 +5,16 @@ # https://github.com/openoms/bitcoin-tutorials/tree/master/joinmarket # https://github.com/openoms/joininbox -JMVERSION="v0.8.2" -JBVERSION="v0.3.4" +JBVERSION="v0.6.1" # with JoinMarket v0.9.2 +PGPsigner="openoms" +PGPpkeys="https://keybase.io/oms/pgp_keys.asc" +PGPcheck="13C688DB5B9C745DE4D2E4545BFB77609B081B65" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "JoinMarket install script to switch JoinMarket on or off" echo "sudo /home/admin/config.scrips/bonus.joinmarket.sh on|off" - echo "Installs JoinMarket $JMVERSION with JoininBox $JBVERSION" + echo "Installs JoininBox $JBVERSION" exit 1 fi @@ -33,18 +35,16 @@ fi if [ "$1" = "menu" ]; then whiptail --title " JoinMarket info " --msgbox " Type: 'jm' in the command line to switch to the dedicated user -and start the JoininBox menu. Notes on usage: +and start the JoininBox menu. +Notes on usage: https://github.com/openoms/bitcoin-tutorials/blob/master/joinmarket/README.md - -You can log in directly with the 'joinmarket' user via ssh. -The user password is the PASSWORD_B. -" 13 81 +" 11 81 exit 0 fi # switch on if [ "$1" = "1" ] || [ "$1" = "on" ]; then - echo "*** INSTALL JOINMARKET ***" + echo "# INSTALL JOINMARKET" # check if running Tor if [ ${runBehindTor} = on ]; then @@ -96,48 +96,52 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# specified to use wallet.dat in the recovered joinmarket.cfg" fi - # install joinmarket - cd /home/joinmarket - # PySide2 for armf: https://packages.debian.org/buster/python3-pyside2.qtcore - echo "# installing ARM specific dependencies to run the QT GUI" - sudo apt install -y python3-pyside2.qtcore python3-pyside2.qtgui \ - python3-pyside2.qtwidgets zlib1g-dev libjpeg-dev python3-pyqt5 libltdl-dev - # https://github.com/JoinMarket-Org/joinmarket-clientserver/issues/668#issuecomment-717815719 - sudo apt install -y build-essential automake pkg-config libffi-dev python3-dev libgmp-dev - sudo -u joinmarket pip install libtool asn1crypto cffi pycparser coincurve - echo "# installing JoinMarket" - sudo -u joinmarket git clone https://github.com/Joinmarket-Org/joinmarket-clientserver - cd joinmarket-clientserver || exit 1 - sudo -u joinmarket git reset --hard $JMVERSION - # make install.sh set up jmvenv with -- system-site-packages - # and import the PySide2 armf package from the system - sudo -u joinmarket sed -i \ - "s#^ virtualenv -p \"\${python}\" \"\${jm_source}/jmvenv\" || return 1#\ - virtualenv --system-site-packages -p \"\${python}\" \"\${jm_source}/jmvenv\" || return 1 ;\ - /home/joinmarket/joinmarket-clientserver/jmvenv/bin/python -c \'import PySide2\'\ - #g" install.sh - # do not stop at installing debian dependencies - sudo -u joinmarket sed -i \ - "s#^ if ! sudo apt-get install \${deb_deps\[@\]}; then#\ - if ! sudo apt-get install -y \${deb_deps\[@\]}; then#g" install.sh - # don't install PySide2 - using the system-site-package instead - sudo -u joinmarket sed -i "s#^PySide2.*##g" requirements/gui.txt - # don't install PyQt5 - using the system package instead - sudo -u joinmarket sed -i "s#^PyQt5.*##g" requirements/gui.txt - sudo -u joinmarket ./install.sh --with-qt - echo "# installed JoinMarket $JMVERSION" - - echo "# adding the joininbox menu" + echo "# adding JoininBox" sudo rm -rf /home/joinmarket/joininbox sudo -u joinmarket git clone https://github.com/openoms/joininbox.git /home/joinmarket/joininbox # check the latest at: cd /home/joinmarket/joininbox || exit 1 # https://github.com/openoms/joininbox/releases/ sudo -u joinmarket git reset --hard $JBVERSION + + sudo -u joinmarket wget -O "pgp_keys.asc" ${PGPpkeys} + gpg --import --import-options show-only ./pgp_keys.asc + fingerprint=$(gpg "pgp_keys.asc" 2>/dev/null | grep "${PGPcheck}" -c) + if [ ${fingerprint} -lt 1 ]; then + echo + echo "# !!! WARNING --> the PGP fingerprint is not as expected for ${PGPsigner}" + echo "# Should contain PGP: ${PGPcheck}" + echo "# PRESS ENTER to TAKE THE RISK if you think all is OK" + read key + fi + gpg --import ./pgp_keys.asc + + verifyResult=$(git verify-commit $JBVERSION 2>&1) + + goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) + echo "# goodSignature(${goodSignature})" + correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${PGPcheck}" -c) + echo "# correctKey(${correctKey})" + if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then + echo + echo "# !!! BUILD FAILED --> PGP verification not OK / signature(${goodSignature}) verify(${correctKey})" + exit 1 + else + echo + echo "########################################################################" + echo "# OK --> the PGP signature of the checked out $JBVERSION commit is correct #" + echo "########################################################################" + echo + fi + + # copy the scripts in place sudo -u joinmarket cp /home/joinmarket/joininbox/scripts/* /home/joinmarket/ sudo -u joinmarket cp /home/joinmarket/joininbox/scripts/.* /home/joinmarket/ 2>/dev/null sudo chmod +x /home/joinmarket/*.sh + echo "# Set ssh access off with the joinmarket user" + sudo /home/joinmarket/set.ssh.sh off + # Tor config # add the joinmarket user to the Tor group usermod -a -G debian-tor joinmarket @@ -145,11 +149,11 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo sed -i "s:^CookieAuthFile*:#CookieAuthFile:g" /etc/tor/torrc if ! grep -Eq "^CookieAuthentication 1" /etc/tor/torrc; then echo "CookieAuthentication 1" | sudo tee -a /etc/tor/torrc - sudo systemctl restart tor@default + sudo systemctl reload tor@default fi if ! grep -Eq "^AllowOutboundLocalhost 1" /etc/tor/torsocks.conf; then echo "AllowOutboundLocalhost 1" | sudo tee -a /etc/tor/torsocks.conf - sudo systemctl restart tor@default + sudo systemctl reload tor@default fi # joinin.conf settings @@ -162,18 +166,29 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then if grep -Eq "^runBehindTor=on" /mnt/hdd/raspiblitz.conf; then sudo -u joinmarket sed -i "s/^runBehindTor=.*/runBehindTor=on/g" /home/joinmarket/joinin.conf fi - - echo "# setting the autostart script for joinmarket" + echo + echo "##########" + echo "# Extras #" + echo "##########" + echo + # install a command-line fuzzy finder (https://github.com/junegunn/fzf) + apt -y install fzf + bash -c "echo 'source /usr/share/doc/fzf/examples/key-bindings.bash' >> \ + /home/joinmarket/.bashrc" + + # install tmux + apt -y install tmux + + echo + echo "#############" + echo "# Autostart #" + echo "#############" echo " -# automatically start startup.sh for joinmarket unless -# when running in a tmux session -if [ -z \"\$TMUX\" ]; then - /home/joinmarket/startup.sh +if [ -f \"/home/joinmarket/joinmarket-clientserver/jmvenv/bin/activate\" ]; then + . /home/joinmarket/joinmarket-clientserver/jmvenv/bin/activate + /home/joinmarket/joinmarket-clientserver/jmvenv/bin/python -c \"import PySide2\" + cd /home/joinmarket/joinmarket-clientserver/scripts/ fi -# always activate jmvenv with PySide2 and cd to scripts' -. /home/joinmarket/joinmarket-clientserver/jmvenv/bin/activate -/home/joinmarket/joinmarket-clientserver/jmvenv/bin/python -c \"import PySide2\" -cd /home/joinmarket/joinmarket-clientserver/scripts/ # shortcut commands source /home/joinmarket/_commands.sh # automatically start main menu for joinmarket unless @@ -181,55 +196,27 @@ source /home/joinmarket/_commands.sh if [ -z \"\$TMUX\" ]; then /home/joinmarket/menu.sh fi -" | sudo -u joinmarket tee -a /home/joinmarket/.bashrc +" | sudo -u joinmarket tee -a /home/joinmarket/.bashrc + + echo "######################" + echo "# Install JoinMarket #" + echo "######################" + sudo -u joinmarket /home/joinmarket/install.joinmarket.sh install - cat > /home/admin/startup.sh </dev/null echo "# OK JoinMarket is removed" else diff --git a/home.admin/config.scripts/bonus.kindle-display.sh b/home.admin/config.scripts/bonus.kindle-display.sh index 2115a4b04..2d0c78f67 100755 --- a/home.admin/config.scripts/bonus.kindle-display.sh +++ b/home.admin/config.scripts/bonus.kindle-display.sh @@ -127,6 +127,12 @@ Restart=on-failure StartLimitIntervalSec=600 StartLimitBurst=2 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target EOF diff --git a/home.admin/config.scripts/bonus.letsencrypt.sh b/home.admin/config.scripts/bonus.letsencrypt.sh index 6090bee2a..87e524c49 100755 --- a/home.admin/config.scripts/bonus.letsencrypt.sh +++ b/home.admin/config.scripts/bonus.letsencrypt.sh @@ -148,7 +148,7 @@ function refresh_certs_with_nginx() { echo "# FQDN(${FQDN})" # check if there is a LetsEncrypt Subscription for this domain details=$(/home/admin/config.scripts/blitz.subscriptions.letsencrypt.py subscription-detail $FQDN) - if [ ${#details} -gt 10 ]; then + if [ $(echo "${details}" | grep -c "error=") -eq 0 ] && [ ${#details} -gt 10 ]; then echo "# details(${details})" @@ -344,6 +344,8 @@ elif [ "$1" = "remove-cert" ]; then options="ip&tor" fi + echo "# bonus.letsencrypt.sh remove-cert ${FQDN} ${options}" + # remove cert from renewal $ACME_INSTALL_HOME/acme.sh --remove -d "${FQDN}" --ecc --home "${ACME_INSTALL_HOME}" --config-home "${ACME_CONFIG_HOME}" --cert-home "${ACME_CERT_HOME}" 2>&1 diff --git a/home.admin/config.scripts/bonus.lit.sh b/home.admin/config.scripts/bonus.lit.sh index 8315916ee..86446884e 100644 --- a/home.admin/config.scripts/bonus.lit.sh +++ b/home.admin/config.scripts/bonus.lit.sh @@ -1,7 +1,7 @@ #!/bin/bash # https://github.com/lightninglabs/lightning-terminal/releases -LITVERSION="0.4.1-alpha" +LITVERSION="0.5.1-alpha" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -13,9 +13,13 @@ fi # check who signed the release in https://github.com/lightninglabs/lightning-terminal/releases PGPsigner="guggero" -if [ $PGPsigner=guggero ];then + +if [ $PGPsigner = guggero ];then PGPpkeys="https://keybase.io/guggero/pgp_keys.asc" PGPcheck="03DB6322267C373B" +elif [ $PGPsigner = roasbeef ];then + PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc " + PGPcheck="3BBD59E99B280306" fi source /mnt/hdd/raspiblitz.conf @@ -29,7 +33,7 @@ fi if [ "$1" = "menu" ]; then # get network info - localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0' | grep 'eth0\|wlan0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localip=$(hostname -I | awk '{print $1}') toraddress=$(sudo cat /mnt/hdd/tor/lit/hostname 2>/dev/null) fingerprint=$(sudo openssl x509 -in /home/lit/.lit/tls.cert -fingerprint -noout | cut -d"=" -f2) @@ -89,8 +93,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then if [ ${isInstalled} -eq 0 ]; then # create dedicated user - sudo adduser --disabled-password --gecos "" lit || exit 1 - + sudo adduser --disabled-password --gecos "" lit # make sure symlink to central app-data directory exists sudo rm -rf /home/lit/.lnd # not a symlink.. delete it silently # create symlink @@ -184,7 +187,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then wget -N https://github.com/lightninglabs/lightning-terminal/releases/download/v${LITVERSION}/${binaryName} echo "# check binary was not manipulated (checksum test)" - wget -N https://github.com/lightninglabs/lightning-terminal/releases/download/v${LITVERSION}/manifest-${PGPsigner}-v${LITVERSION}.sig + wget -N https://github.com/lightninglabs/lightning-terminal/releases/download/v${LITVERSION}/manifest-v${LITVERSION}.sig wget --no-check-certificate ${PGPpkeys} binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1) if [ "${binaryChecksum}" != "${SHA256}" ]; then @@ -205,7 +208,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then fi gpg --import ./pgp_keys.asc sleep 3 - verifyResult=$(gpg --verify manifest-${PGPsigner}-v${LITVERSION}.sig manifest-v${LITVERSION}.txt 2>&1) + verifyResult=$(gpg --verify manifest-v${LITVERSION}.sig manifest-v${LITVERSION}.txt 2>&1) goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) echo "goodSignature(${goodSignature})" correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${GPGcheck}" -c) @@ -238,9 +241,6 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # Application Options httpslisten=0.0.0.0:8443 uipassword=$PASSWORD_B -#letsencrypt=true -#letsencrypthost=loop.merchant.com -lit-dir=/home/lit/.lit # Remote options remote.lit-debuglevel=debug @@ -286,11 +286,16 @@ ExecStart=/usr/local/bin/litd User=lit Group=lit Type=simple -KillMode=process TimeoutSec=60 Restart=always RestartSec=60 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee -a /etc/systemd/system/litd.service @@ -326,6 +331,12 @@ alias lit-frcli=\"frcli --rpcserver=localhost:8443 \ /home/admin/config.scripts/internet.hiddenservice.sh lit 443 8443 fi + # in case RTL is installed - check to connect + if [ -d /home/rtl ]; then + sudo /home/admin/config.scripts/bonus.rtl.sh connect-services + sudo systemctl restart RTL 2>/dev/null + fi + source /home/admin/raspiblitz.info if [ "${state}" == "ready" ]; then echo "# OK - the litd.service is enabled, system is ready so starting service" @@ -334,21 +345,12 @@ alias lit-frcli=\"frcli --rpcserver=localhost:8443 \ echo "# OK - the litd.service is enabled, to start manually use: 'sudo systemctl start litd'" fi - # make Loop work with RTL if installed - # dont call anything that starts RTL service - otherwise update/recover might block - if [ ${#rtlWebinterface} -gt 0 ]&&[ ${rtlWebinterface} = on ];then - /home/admin/config.scripts/bonus.rtl.sh config - fi - exit 0 fi # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then - # setting value in raspi blitz config - sudo sed -i "s/^lit=.*/lit=off/g" /mnt/hdd/raspiblitz.conf - isInstalled=$(sudo ls /etc/systemd/system/litd.service 2>/dev/null | grep -c 'litd.service') if [ ${isInstalled} -eq 1 ]; then echo "*** REMOVING LIT ***" @@ -356,8 +358,6 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo systemctl stop litd sudo systemctl disable litd sudo rm /etc/systemd/system/litd.service - # delete user - sudo userdel -rf lit # close ports on firewall sudo ufw deny 8443 # delete Go package @@ -370,6 +370,14 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then else echo "# LiT is not installed." fi + + # clean up anyway + # delete user + sudo userdel -rf lit + # delete group + sudo groupdel lit + # setting value in raspi blitz config + sudo sed -i "s/^lit=.*/lit=off/g" /mnt/hdd/raspiblitz.conf exit 0 fi @@ -377,4 +385,4 @@ fi echo "FAIL - Unknown Parameter $1" echo "may need reboot to run normal again" exit 1 - \ No newline at end of file + diff --git a/home.admin/config.scripts/bonus.lnbits.sh b/home.admin/config.scripts/bonus.lnbits.sh index 725e22988..9efaa032b 100755 --- a/home.admin/config.scripts/bonus.lnbits.sh +++ b/home.admin/config.scripts/bonus.lnbits.sh @@ -85,7 +85,7 @@ if [ "$1" = "status" ]; then if [ "${LNBits}" = "on" ]; then echo "installed=1" - localIP=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localIP=$(hostname -I | awk '{print $1}') echo "localIP='${localIP}'" echo "httpPort='5000'" echo "httpsPort='5001'" @@ -270,7 +270,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo rm /home/lnbits/lnbits/.env 2>/dev/null sudo -u lnbits touch /home/lnbits/lnbits/.env sudo bash -c "echo 'QUART_APP=lnbits.app:create_app()' >> /home/lnbits/lnbits/.env" - sudo bash -c "echo 'LNBITS_FORCE_HTTPS=1' >> /home/lnbits/lnbits/.env" + sudo bash -c "echo 'LNBITS_FORCE_HTTPS=0' >> /home/lnbits/lnbits/.env" sudo bash -c "echo 'LNBITS_BACKEND_WALLET_CLASS=LndRestWallet' >> /home/lnbits/lnbits/.env" sudo bash -c "echo 'LND_REST_ENDPOINT=https://127.0.0.1:8080' >> /home/lnbits/lnbits/.env" sudo bash -c "echo 'LND_REST_CERT=' >> /home/lnbits/lnbits/.env" @@ -315,8 +315,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then [Unit] Description=lnbits -Wants=lnd.service -After=lnd.service +Wants=bitcoind.service +After=bitcoind.service [Service] WorkingDirectory=/home/lnbits/lnbits @@ -328,6 +328,12 @@ RestartSec=30 StandardOutput=null StandardError=journal +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target EOF diff --git a/home.admin/config.scripts/bonus.lndconnect.sh b/home.admin/config.scripts/bonus.lndconnect.sh index 10063cfb2..a7255e8a1 100755 --- a/home.admin/config.scripts/bonus.lndconnect.sh +++ b/home.admin/config.scripts/bonus.lndconnect.sh @@ -4,7 +4,7 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "# config script to connect mobile apps with lnd connect" echo "# will autodetect dyndns, sshtunnel or TOR" - echo "# bonus.lndconnect.sh [zap-ios|zap-android|zeus-ios|zeus-android|shango-ios|shango-android|sendmany-android] [?ip|tor]" + echo "# bonus.lndconnect.sh [zap-ios|zap-android|zeus-ios|zeus-android|shango-ios|shango-android|sendmany-android|fullynoded-lnd] [?ip|tor]" exit 1 fi @@ -126,6 +126,14 @@ elif [ "${targetWallet}" = "sendmany-android" ]; then port="${ip2torGRPC_PORT}" fi +elif [ "${targetWallet}" = "fullynoded-lnd" ]; then + + port="8080" + usingIP2TOR="LND-REST-API" + forceTOR=1 + host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname) + connectInfo="- start Fully Noded and go to:\n Settings' -> 'Node Manger' -> 'scan QR'" + else echo "error='unknown target wallet'" exit 1 @@ -135,7 +143,7 @@ fi # get the local IP as default host if [ ${#host} -eq 0 ]; then - host=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + host=$(hostname -I | awk '{print $1}') fi # change host to dynDNS if set @@ -177,7 +185,7 @@ fi #### RUN LNDCONNECT # generate data parts -macaroon=$(sudo base64 /mnt/hdd/app-data/lnd/data/chain/${network}/${chain}net/admin.macaroon | tr -d '=' | tr '/+' '_-' | tr -d '\n') +macaroon=$(sudo base64 /home/bitcoin/.lnd/data/chain/${network}/${chain}net/admin.macaroon | tr -d '=' | tr '/+' '_-' | tr -d '\n') cert=$(sudo grep -v 'CERTIFICATE' /mnt/hdd/lnd/tls.cert | tr -d '=' | tr '/+' '_-' | tr -d '\n') # generate URI parameters diff --git a/home.admin/config.scripts/bonus.loop.sh b/home.admin/config.scripts/bonus.loop.sh index 0fa43fd5c..6b0229d40 100755 --- a/home.admin/config.scripts/bonus.loop.sh +++ b/home.admin/config.scripts/bonus.loop.sh @@ -116,11 +116,16 @@ ExecStart=/home/loop/go/bin/loopd --network=${chain}net ${proxy} User=loop Group=loop Type=simple -KillMode=process TimeoutSec=60 Restart=always RestartSec=60 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee -a /etc/systemd/system/loopd.service @@ -131,6 +136,9 @@ WantedBy=multi-user.target echo "# The Loop service already installed." fi + # in case RTL is installed - check to connect + sudo /home/admin/config.scripts/bonus.rtl.sh connect-services + # setting value in raspi blitz config sudo sed -i "s/^loop=.*/loop=on/g" /mnt/hdd/raspiblitz.conf diff --git a/home.admin/config.scripts/bonus.mempool.sh b/home.admin/config.scripts/bonus.mempool.sh index 0dedcca31..468ec0047 100755 --- a/home.admin/config.scripts/bonus.mempool.sh +++ b/home.admin/config.scripts/bonus.mempool.sh @@ -2,7 +2,7 @@ # https://github.com/mempool/mempool -pinnedVersion="v2.1.2" +pinnedVersion="v2.2.2" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -32,7 +32,7 @@ This can take multiple hours. fi # get network info - localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0' | grep 'eth0\|wlan0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') + localip=$(hostname -I | awk '{print $1}') toraddress=$(sudo cat /mnt/hdd/tor/mempool/hostname 2>/dev/null) fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) @@ -134,7 +134,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# npm install for mempool explorer (frontend)" cd frontend - sudo -u mempool NG_CLI_ANALYTICS=false npm install + sudo -u mempool NG_CLI_ANALYTICS=false npm install --no-optional if ! [ $? -eq 0 ]; then echo "FAIL - npm install did not run correctly, aborting" exit 1 @@ -148,7 +148,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# npm install for mempool explorer (backend)" cd ../backend/ - sudo -u mempool NG_CLI_ANALYTICS=false npm install + sudo -u mempool NG_CLI_ANALYTICS=false npm install --no-optional if ! [ $? -eq 0 ]; then echo "FAIL - npm install did not run correctly, aborting" exit 1 @@ -255,6 +255,12 @@ User=mempool Restart=on-failure RestartSec=600 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target EOF diff --git a/home.admin/config.scripts/bonus.nodejs.sh b/home.admin/config.scripts/bonus.nodejs.sh index 2dd0cb9c4..fb570567c 100755 --- a/home.admin/config.scripts/bonus.nodejs.sh +++ b/home.admin/config.scripts/bonus.nodejs.sh @@ -1,18 +1,47 @@ #!/bin/bash -VERSION="v14.15.4" +# consider installing with apt when updated next +# https://github.com/nodesource/distributions/blob/master/README.md#installation-instructions + +VERSION="v14.17.6" # get checksums from -> https://nodejs.org/dist/vx.y.z/SHASUMS256.txt (tar.xs files) -CHECKSUM_linux_arm64="b990bd99679158c3164c55a20c2a6677c3d9e9ffdfa0d4a40afe9c9b5e97a96f" -CHECKSUM_linux_armv7l="bafe4bfb22b046cdda3475d23cd6999c5ea85180c180c4bbb94014920aa7231b" -CHECKSUM_linux_x64="ed01043751f86bb534d8c70b16ab64c956af88fd35a9506b7e4a68f5b8243d8a" +CHECKSUM_linux_arm64="9c4f3a651e03cd9b5bddd33a80e8be6a6eb15e518513e410bb0852a658699156" +CHECKSUM_linux_armv7l="09ad804c7354ebaded407d0ce64e72e534801fc435be084af3e5b16b1a9c96d0" +CHECKSUM_linux_x64="3bbe4faf356738d88b45be222bf5e858330541ff16bd0d4cfad36540c331461b" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "config script to install NodeJs $VERSION" - echo "bonus.nodejs.sh [on|off]" + echo "bonus.nodejs.sh [on|off|info]" exit 1 fi + # determine nodeJS VERSION and DISTRO +isARM=$(uname -m | grep -c 'arm') +isAARCH64=$(uname -m | grep -c 'aarch64') +isX86_64=$(uname -m | grep -c 'x86_64') +if [ ${isARM} -eq 1 ] ; then + DISTRO="linux-armv7l" + CHECKSUM="${CHECKSUM_linux_armv7l}" +elif [ ${isAARCH64} -eq 1 ] ; then + DISTRO="linux-arm64" + CHECKSUM="${CHECKSUM_linux_arm64}" +elif [ ${isX86_64} -eq 1 ] ; then + DISTRO="linux-x64" + CHECKSUM="${CHECKSUM_linux_x64}" +elif [ ${#DISTRO} -eq 0 ]; then + echo "# FAIL: Was not able to determine architecture" + exit 1 +fi + +# info +if [ "$1" = "info" ]; then + echo "NODEVERSION='${VERSION}'" + echo "NODEDISTRO='${DISTRO}'" + echo "NODEPATH='/usr/local/lib/nodejs/node-$VERSION-$DISTRO/bin'" + exit 0 +fi + # switch on if [ "$1" = "1" ] || [ "$1" = "on" ]; then # check if nodeJS was installed @@ -20,34 +49,15 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then if ! [ ${nodeJSInstalled} -eq 0 ]; then echo "nodeJS is already installed" else - # determine nodeJS VERSION and DISTRO - echo "Detect CPU architecture ..." - isARM=$(uname -m | grep -c 'arm') - isAARCH64=$(uname -m | grep -c 'aarch64') - isX86_64=$(uname -m | grep -c 'x86_64') - - if [ ${isARM} -eq 1 ] ; then - DISTRO="linux-armv7l" - CHECKSUM="${CHECKSUM_linux_armv7l}" - elif [ ${isAARCH64} -eq 1 ] ; then - DISTRO="linux-arm64" - CHECKSUM="${CHECKSUM_linux_arm64}" - elif [ ${isX86_64} -eq 1 ] ; then - DISTRO="linux-x64" - CHECKSUM="${CHECKSUM_linux_x64}" - elif [ ${#DISTRO} -eq 0 ]; then - echo "FAIL: Was not able to determine architecture" - exit 1 - fi + + # install latest nodejs + # https://github.com/nodejs/help/wiki/Installation + echo "*** Install NodeJS $VERSION-$DISTRO ***" echo "VERSION: ${VERSION}" echo "DISTRO: ${DISTRO}" echo "CHECKSUM: ${CHECKSUM}" echo "" - - # install latest nodejs - # https://github.com/nodejs/help/wiki/Installation - echo "*** Install NodeJS $VERSION-$DISTRO ***" - + # download cd /home/admin/download wget https://nodejs.org/dist/$VERSION/node-$VERSION-$DISTRO.tar.xz @@ -69,7 +79,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo ln -sf /usr/local/lib/nodejs/node-$VERSION-$DISTRO/bin/npm /usr/bin/npm sudo ln -sf /usr/local/lib/nodejs/node-$VERSION-$DISTRO/bin/npx /usr/bin/npx # add to PATH permanently - sudo bash -c "echo 'PATH=\$PATH:/usr/local/lib/nodejs/node-\$VERSION-\$DISTRO/bin/' >> /etc/profile" + sudo bash -c "echo 'PATH=\$PATH:/usr/local/lib/nodejs/node-${VERSION}-${DISTRO}/bin/' >> /etc/profile" echo "" # check if nodeJS was installed @@ -80,6 +90,15 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then exit 1 fi fi + + npm7installed=$(npm -v 2>/dev/null | grep -c "7.") + if [ ${npm7installed} -eq 0 ]; then + # needed for RTL + # https://github.blog/2021-02-02-npm-7-is-now-generally-available/ + echo "# Update npm to v7" + sudo npm install --global npm@7 + fi + echo "Installed nodeJS $(node -v)" exit 0 fi diff --git a/home.admin/config.scripts/bonus.pool.sh b/home.admin/config.scripts/bonus.pool.sh index 0acecf2f9..4c453f6d4 100644 --- a/home.admin/config.scripts/bonus.pool.sh +++ b/home.admin/config.scripts/bonus.pool.sh @@ -5,13 +5,14 @@ # but main focus for the future development should be on LIT # https://github.com/lightninglabs/pool/releases/ -pinnedVersion="v0.3.4-alpha" +poolVersion="v0.5.1-alpha" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "# config script to switch Lightning Pool on, off or update" - echo "# bonus.pool.sh [on|off|menu|update]" - echo "# DEPRECATED use instead: bonus.lit.sh" + echo "# config script to switch the Lightning Pool CLI on or off" + echo "# bonus.pool.sh [on|off|menu]" + echo "# this Pool instance is CLI only." + echo "# for a GUI use 'bonus.lit.sh' instead" exit 1 fi @@ -39,15 +40,12 @@ sudo systemctl stop poold 2>/dev/null if [ "$1" = "1" ] || [ "$1" = "on" ]; then echo "# installing pool" + echo "# remove LiT to avoid interference with accounts (data is preserved)" + /home/admin/config.scripts/bonus.lit.sh off + isInstalled=$(sudo ls /etc/systemd/system/poold.service 2>/dev/null | grep -c 'poold.service') if [ ${isInstalled} -eq 0 ]; then - # install Go - /home/admin/config.scripts/bonus.go.sh on - - # get Go vars - source /etc/profile - # create dedicated user sudo adduser --disabled-password --gecos "" pool @@ -67,15 +65,111 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # create symlink sudo ln -s /mnt/hdd/app-data/lnd/ /home/pool/.lnd + + # install from binary + + downloadDir="/home/admin/download/pool" # edit your download directory + rm -rf "${downloadDir}" + mkdir -p "${downloadDir}" + cd "${downloadDir}" || exit 1 + + # check who signed the release in https://github.com/lightninglabs/pool/releases + PGPsigner="roasbeef" + if [ $PGPsigner = "roasbeef" ];then + PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc" + PGPcheck="372CBD7633C61696" + fi + if [ $PGPsigner = "guggero" ];then + PGPpkeys="https://keybase.io/guggero/pgp_keys.asc" + PGPcheck="03DB6322267C373B" + fi + + echo "Detect CPU architecture ..." + isARM=$(uname -m | grep -c 'arm') + isAARCH64=$(uname -m | grep -c 'aarch64') + isX86_64=$(uname -m | grep -c 'x86_64') + if [ ${isARM} -eq 0 ] && [ ${isAARCH64} -eq 0 ] && [ ${isX86_64} -eq 0 ]; then + echo "!!! FAIL !!!" + echo "Can only build on ARM, aarch64, x86_64 or i386 not on:" + uname -m + exit 1 + else + echo "OK running on $(uname -m) architecture." + fi + + # extract the SHA256 hash from the manifest file for the corresponding platform + #https://github.com/lightninglabs/pool/releases/download/v0.5.0-alpha/manifest-v0.5.0-alpha.txt + wget -N https://github.com/lightninglabs/pool/releases/download/${poolVersion}/manifest-${poolVersion}.txt + if [ ${isARM} -eq 1 ] ; then + OSversion="armv7" + elif [ ${isAARCH64} -eq 1 ] ; then + OSversion="arm64" + elif [ ${isX86_64} -eq 1 ] ; then + OSversion="amd64" + fi + SHA256=$(grep -i "linux-$OSversion" manifest-${poolVersion}.txt | cut -d " " -f1) + + echo + echo "# Pool ${poolVersion} for ${OSversion}" + echo "# SHA256 hash: $SHA256" + echo + echo "# get Pool binary" + binaryName="pool-linux-${OSversion}-${poolVersion}.tar.gz" + wget -N https://github.com/lightninglabs/pool/releases/download/${poolVersion}/${binaryName} + + echo "# check binary was not manipulated (checksum test)" + # https://github.com/lightninglabs/pool/releases/download/v0.5.0-alpha/manifest-v0.5.0-alpha.txt.sig + wget -N https://github.com/lightninglabs/pool/releases/download/${poolVersion}/manifest-${poolVersion}.txt.sig + sudo -u admin wget --no-check-certificate -N -O "pgp_keys.asc" ${PGPpkeys} + #wget --no-check-certificate ${PGPpkeys} + binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1) + if [ "${binaryChecksum}" != "${SHA256}" ]; then + echo "!!! FAIL !!! Downloaded Pool BINARY not matching SHA256 checksum: ${SHA256}" + exit 1 + fi + + echo "# check gpg finger print" + gpg --keyid-format LONG ./pgp_keys.asc + fingerprint=$(gpg --keyid-format LONG "./pgp_keys.asc" 2>/dev/null \ + | grep "${PGPcheck}" -c) + if [ ${fingerprint} -lt 1 ]; then + echo "" + echo "!!! BUILD WARNING --> Pool PGP author not as expected" + echo "Should contain PGP: ${PGPcheck}" + echo "PRESS ENTER to TAKE THE RISK if you think all is OK" + read key + fi + gpg --import ./pgp_keys.asc + sleep 3 + verifyResult=$(gpg --verify manifest-${poolVersion}.txt.sig manifest-${poolVersion}.txt 2>&1) + goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) + echo "goodSignature(${goodSignature})" + correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${GPGcheck}" -c) + echo "correctKey(${correctKey})" + if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then + echo "" + echo "!!! BUILD FAILED --> PGP verification failed / signature(${goodSignature}) verify(${correctKey})" + exit 1 + fi + ########### + # install # + ########### + tar -xzf ${binaryName} + sudo install -m 0755 -o root -g root -t /usr/local/bin pool-linux-${OSversion}-${poolVersion}/* + # install from source - cd /home/pool - - sudo -u pool git clone https://github.com/lightninglabs/pool.git || exit 1 - cd /home/pool/pool - # pin version - sudo -u pool git reset --hard $pinnedVersion - # install to /home/pool/go/bin/ - sudo -u pool /usr/local/go/bin/go install ./... || exit 1 + # install Go + # /home/admin/config.scripts/bonus.go.sh on + # get Go vars + # source /etc/profile + # cd /home/pool + # + # sudo -u pool git clone https://github.com/lightninglabs/pool.git || exit 1 + # cd /home/pool/pool + # # pin version + # sudo -u pool git reset --hard $pinnedVersion + # # install to /home/pool/go/bin/ + # sudo -u pool /usr/local/go/bin/go install ./... || exit 1 # sync all macaroons and unix groups for access /home/admin/config.scripts/lnd.credentials.sh sync @@ -110,15 +204,20 @@ Description=poold.service After=lnd.service [Service] -ExecStart=$proxy /home/pool/go/bin/poold --network=${chain}net --debuglevel=trace +ExecStart=$proxy /usr/local/bin/poold --network=${chain}net --debuglevel=trace User=pool Group=pool Type=simple -KillMode=process TimeoutSec=60 Restart=always RestartSec=60 +# Hardening measures +PrivateTmp=true +ProtectSystem=full +NoNewPrivileges=true +PrivateDevices=true + [Install] WantedBy=multi-user.target " | sudo tee /etc/systemd/system/poold.service @@ -139,7 +238,7 @@ WantedBy=multi-user.target # setting value in raspi blitz config sudo sed -i "s/^pool=.*/pool=on/g" /mnt/hdd/raspiblitz.conf - isInstalled=$(sudo -u pool /home/pool/go/bin/pool | grep -c pool) + isInstalled=$(sudo -u pool /usr/local/bin/poold | grep -c pool) if [ ${isInstalled} -gt 0 ]; then echo " # Usage and examples: https://github.com/lightninglabs/pool @@ -170,8 +269,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo rm /etc/systemd/system/poold.service # delete user and it's home directory sudo userdel -rf pool - # remove symlink - sudo rm -r /mnt/hdd/app-data/.pool + # delete the binary + sudo rm /usr/local/bin/poold echo "# OK, the Pool Service is removed." else echo "# Pool is not installed." @@ -180,47 +279,47 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then exit 0 fi -# update -if [ "$1" = "update" ]; then - echo "# Updating Pool " - cd /home/pool/pool - # from https://github.com/apotdevin/thunderhub/blob/master/scripts/updateToLatest.sh - # fetch latest master - sudo -u pool git fetch - # unset $1 - set -- - UPSTREAM=${1:-'@{u}'} - LOCAL=$(git rev-parse @) - REMOTE=$(git rev-parse "$UPSTREAM") - - if [ $LOCAL = $REMOTE ]; then - TAG=$(git tag | sort -V | tail -1) - echo "# You are up-to-date on version" $TAG - else - echo "# Pulling the latest changes..." - sudo -u pool git pull -p - echo "# Reset to the latest release tag" - TAG=$(git tag | sort -V | tail -1) - sudo -u pool git reset --hard $TAG - echo "# Updating ..." - # install to /home/pool/go/bin/ - sudo -u pool /usr/local/go/bin/go install ./... || exit 1 - isInstalled=$(sudo -u pool /home/pool/go/bin/pool | grep -c pool) - if [ ${isInstalled} -gt 0 ]; then - TAG=$(git tag | sort -V | tail -1) - echo "# Updated to version" $TAG - else - echo "# Failed to install Lightning Pool " - exit 1 - fi - fi - - echo "# At the latest in https://github.com/lightninglabs/pool/releases/" - echo "" - echo "# Starting the poold.service ... *** " - sudo systemctl start poold - exit 0 -fi +# # update +# if [ "$1" = "update" ]; then +# echo "# Updating Pool " +# cd /home/pool/pool +# # from https://github.com/apotdevin/thunderhub/blob/master/scripts/updateToLatest.sh +# # fetch latest master +# sudo -u pool git fetch +# # unset $1 +# set -- +# UPSTREAM=${1:-'@{u}'} +# LOCAL=$(git rev-parse @) +# REMOTE=$(git rev-parse "$UPSTREAM") +# +# if [ $LOCAL = $REMOTE ]; then +# TAG=$(git tag | sort -V | tail -1) +# echo "# You are up-to-date on version" $TAG +# else +# echo "# Pulling the latest changes..." +# sudo -u pool git pull -p +# echo "# Reset to the latest release tag" +# TAG=$(git tag | sort -V | tail -1) +# sudo -u pool git reset --hard $TAG +# echo "# Updating ..." +# # install to /home/pool/go/bin/ +# sudo -u pool /usr/local/go/bin/go install ./... || exit 1 +# isInstalled=$(sudo -u pool /home/pool/go/bin/pool | grep -c pool) +# if [ ${isInstalled} -gt 0 ]; then +# TAG=$(git tag | sort -V | tail -1) +# echo "# Updated to version" $TAG +# else +# echo "# Failed to install Lightning Pool " +# exit 1 +# fi +# fi +# +# echo "# At the latest in https://github.com/lightninglabs/pool/releases/" +# echo "" +# echo "# Starting the poold.service ... *** " +# sudo systemctl start poold +# exit 0 +# fi echo "# FAIL - Unknown Parameter $1" echo "# may need reboot to run normal again" diff --git a/home.admin/config.scripts/bonus.rtl.sh b/home.admin/config.scripts/bonus.rtl.sh index 77f5de2fb..243e831a2 100755 --- a/home.admin/config.scripts/bonus.rtl.sh +++ b/home.admin/config.scripts/bonus.rtl.sh @@ -1,144 +1,151 @@ #!/bin/bash -RTLVERSION="v0.10.1" - -# command info -if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "# config script to switch the RideTheLightning WebGUI on, off or update" - echo "# bonus.rtl.sh [on|off|update|menu|config]" - echo "# installs the version $RTLVERSION by default" - exit 1 -fi +# https://github.com/Ride-The-Lightning/RTL +RTLVERSION="v0.11.2" # check and load raspiblitz config # to know which network is running source /home/admin/raspiblitz.info source /mnt/hdd/raspiblitz.conf -if [ ${#network} -eq 0 ]; then - echo "FAIL - missing /mnt/hdd/raspiblitz.conf" - exit 1 + +# command info +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "# config script for RideTheLightning $RTLVERSION WebInterface" + echo "# able to run intances for lnd and cl parallel" + echo "# mainnet and testnet instances can run parallel" + echo "# bonus.rtl.sh [on|off|menu] " + echo "# bonus.rtl.sh connect-services" + echo "# bonus.rtl.sh prestart " + exit 1 fi +echo "# Running: 'bonus.rtl.sh $*'" + +source <(/home/admin/config.scripts/network.aliases.sh getvars $2 $3) + +# LNTYPE is lnd | cl +echo "# LNTYPE(${LNTYPE})" +# CHAIN is signet | testnet | mainnet +echo "# CHAIN(${CHAIN})" +# prefix for parallel networks +echo "# netprefix(${netprefix})" +echo "# portprefix(${portprefix})" +echo "# typeprefix(${typeprefix})" + +# prefix for parallel lightning impl +if [ "${LNTYPE}" == "cl" ]; then + RTLHTTP=${portprefix}7000 +elif [ "${LNTYPE}" == "lnd" ]; then + RTLHTTP=${portprefix}3000 +fi +echo "# RTLHTTP(${RTLHTTP})" + +# construct needed varibale elements +configEntry="${netprefix}${typeprefix}rtlWebinterface" +systemdService="${netprefix}${typeprefix}RTL" +echo "# configEntry(${configEntry})" +echo "# systemdService(${systemdService})" + +########################## +# MENU +######################### + # show info menu if [ "$1" = "menu" ]; then + # check that parameters are set + if [ "${LNTYPE}" == "" ] || [ "${CHAIN}" == "" ]; then + clear + echo "# FAIL missing parameter" + sleep 2 + exit 1 + fi + # get network info - localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/') - toraddress=$(sudo cat /mnt/hdd/tor/RTL/hostname 2>/dev/null) + localip=$(hostname -I | awk '{print $1}') + toraddress=$(sudo cat /mnt/hdd/tor/${netprefix}${typeprefix}RTL/hostname 2>/dev/null) fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2) + # info with Tor if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then - # Info with TOR /home/admin/config.scripts/blitz.display.sh qr "${toraddress}" - whiptail --title " Ride The Lightning (RTL) " --msgbox "Open in your local web browser: -http://${localip}:3000\n -https://${localip}:3001 with Fingerprint: + whiptail --title "Ride The Lightning (RTL - $LNTYPE - $CHAIN)" --msgbox "Open in your local web browser: +http://${localip}:${RTLHTTP}\n +https://${localip}:$((RTLHTTP+1)) with Fingerprint: ${fingerprint}\n Use your Password B to login.\n -Hidden Service address for TOR Browser (QRcode on LCD):\n${toraddress} +Hidden Service address for Tor Browser (QRcode on LCD):\n${toraddress} " 16 67 /home/admin/config.scripts/blitz.display.sh hide + + # info without Tor else - # Info without TOR - whiptail --title " Ride The Lightning (RTL) " --msgbox "Open in your local web browser & accept self-signed cert: -http://${localip}:3000\n -https://${localip}:3001 with Fingerprint: + whiptail --title "Ride The Lightning (RTL - $LNTYPE - $CHAIN)" --msgbox "Open in your local web browser & accept self-signed cert: +http://${localip}:${RTLHTTP}\n +https://${localip}:$((RTLHTTP+1)) with Fingerprint: ${fingerprint}\n Use your Password B to login.\n -Activate TOR to access the web interface from outside your local network. +Activate Tor to access the web interface from outside your local network. " 15 67 fi echo "please wait ..." exit 0 fi -# add default value to raspi config if needed -if ! grep -Eq "^rtlWebinterface=" /mnt/hdd/raspiblitz.conf; then - echo "rtlWebinterface=off" >> /mnt/hdd/raspiblitz.conf -fi +########################## +# ON +######################### -# stop services -echo "# making sure services are not running" -sudo systemctl stop RTL 2>/dev/null +if [ "$1" = "1" ] || [ "$1" = "on" ]; then -function configRTL() { - SWAPSERVERPORT=8443 - if [ "$(grep -Ec "(loop=|lit=)" < /mnt/hdd/raspiblitz.conf)" -gt 0 ];then - if [ $lit = on ];then - echo "# Add the rtl user to the lit group" - sudo /usr/sbin/usermod --append --groups lit rtl - echo "# Symlink the lit-loop.macaroon" - sudo rm -rf "/home/rtl/.loop" # delete symlink - sudo ln -s "/home/lit/.loop/" "/home/rtl/.loop" # create symlink - SWAPSERVERPORT=8443 - elif [ $loop = on ];then - echo "# Add the rtl user to the loop group" - sudo /usr/sbin/usermod --append --groups loop rtl - echo "# Symlink the loop.macaroon" - sudo rm -rf "/home/rtl/.loop" # delete symlink - sudo ln -s "/home/loop/.loop/" "/home/rtl/.loop" # create symlink - SWAPSERVERPORT=8081 - fi - echo "# Make the loop macaroon group readable" - sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db - else - echo "# No Loop or LiT is installed" + # check that parameters are set + if [ "${LNTYPE}" == "" ] || [ "${CHAIN}" == "" ]; then + echo "# missing parameter" + exit 1 fi - # prepare RTL-Config.json file - echo "# RTL.conf" - # change of config: https://github.com/Ride-The-Lightning/RTL/tree/v0.6.4 - sudo cp /home/rtl/RTL/sample-RTL-Config.json /home/admin/RTL-Config.json - sudo chown admin:admin /home/admin/RTL-Config.json - sudo chmod 600 /home/admin/RTL-Config.json || exit 1 - PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-) - # modify sample-RTL-Config.json and save in RTL-Config.json - sudo node > /home/admin/RTL-Config.json </dev/null | grep -c "${systemdService}.service") + if [ ${isInstalled} -eq 1 ]; then + echo "# OK, the ${netprefix}${typeprefix}RTL.service is already installed." + exit 1 + fi -# switch on -if [ "$1" = "1" ] || [ "$1" = "on" ]; then - echo "# INSTALL RTL" + echo "# Installing RTL for ${LNTYPE} ${CHAIN}" - isInstalled=$(sudo ls /etc/systemd/system/RTL.service 2>/dev/null | grep -c 'RTL.service') - if ! [ ${isInstalled} -eq 0 ]; then - echo "# RTL already installed." + # prepare raspiblitz.conf --> add default value + configEntryExists=$(sudo cat /mnt/hdd/raspiblitz.conf | grep -c "${configEntry}") + if [ "${configEntryExists}" == "0" ]; then + echo "# adding default config entry for '${configEntry}'" + sudo /bin/sh -c "echo '${configEntry}=off' >> /mnt/hdd/raspiblitz.conf" else - # check and install NodeJS - /home/admin/config.scripts/bonus.nodejs.sh on + echo "# default config entry for '${configEntry}' exists" + fi - # create rtl user + # check and install NodeJS + /home/admin/config.scripts/bonus.nodejs.sh on + + # create rtl user (one for all instances) + if [ $(compgen -u | grep -c rtl) -eq 0 ];then sudo adduser --disabled-password --gecos "" rtl || exit 1 - - echo "# Make sure rtl is member of lndadmin" + fi + echo "# Make sure symlink to central app-data directory exists" + if ! [[ -L "/home/rtl/.lnd" ]]; then + sudo rm -rf "/home/rtl/.lnd" 2>/dev/null # not a symlink.. delete it silently + sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/rtl/.lnd" # and create symlink + fi + if [ "${LNTYPE}" == "lnd" ]; then + # for LND make sure user rtl is allowed to access admin macaroons + echo "# adding user rtl to group lndadmin" sudo /usr/sbin/usermod --append --groups lndadmin rtl + fi - echo "# Make sure symlink to central app-data directory exists" - if ! [[ -L "/home/rtl/.lnd" ]]; then - sudo rm -rf "/home/rtl/.lnd" # not a symlink.. delete it silently - sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/rtl/.lnd" # and create symlink - fi - + # source code (one place for all instances) + if [ -f /home/rtl/RTL/LICENSE ];then + echo "# OK - the RTL code is already present" + cd /home/rtl/RTL + else # download source code and set to tag release echo "# Get the RTL Source Code" - rm -rf /home/admin/RTL 2>/dev/null sudo -u rtl rm -rf /home/rtl/RTL 2>/dev/null sudo -u rtl git clone https://github.com/ShahanaFarooqui/RTL.git /home/rtl/RTL cd /home/rtl/RTL @@ -146,61 +153,45 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo -u rtl git reset --hard $RTLVERSION # from https://github.com/Ride-The-Lightning/RTL/commits/master # git checkout 917feebfa4fb583360c140e817c266649307ef72 - if [ -d "/home/rtl/RTL" ]; then + if [ -f /home/rtl/RTL/LICENSE ]; then echo "# OK - RTL code copy looks good" else - echo "# FAIL - code copy did not run correctly" - echo "# ABORT - RTL install" + echo "# FAIL - RTL code not available" + echo "err='code download falied'" exit 1 fi - echo "" - # install echo "# Run: npm install" export NG_CLI_ANALYTICS=false sudo -u rtl npm install --only=prod if ! [ $? -eq 0 ]; then - echo "# FAIL - npm install did not run correctly, aborting" - exit 1 + echo "# FAIL - npm install did not run correctly - deleting code and exit" + sudo rm -r /home/rtl/RTL + exit 1 else - echo "# OK - RTL install looks good" - echo + echo "# OK - RTL install looks good" + echo fi + fi + + echo "# Updating Firewall" + sudo ufw allow ${RTLHTTP} comment "${systemdService} HTTP" + sudo ufw allow $((RTLHTTP+1)) comment "${systemdService} HTTPS" + echo - # setup nginx symlinks - if ! [ -f /etc/nginx/sites-available/rtl_ssl.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/rtl_ssl.conf /etc/nginx/sites-available/rtl_ssl.conf - fi - if ! [ -f /etc/nginx/sites-available/rtl_tor.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/rtl_tor.conf /etc/nginx/sites-available/rtl_tor.conf - fi - if ! [ -f /etc/nginx/sites-available/rtl_tor_ssl.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/rtl_tor_ssl.conf /etc/nginx/sites-available/rtl_tor_ssl.conf - fi - sudo ln -sf /etc/nginx/sites-available/rtl_ssl.conf /etc/nginx/sites-enabled/ - sudo ln -sf /etc/nginx/sites-available/rtl_tor.conf /etc/nginx/sites-enabled/ - sudo ln -sf /etc/nginx/sites-available/rtl_tor_ssl.conf /etc/nginx/sites-enabled/ - sudo nginx -t - sudo systemctl reload nginx - - echo "# Updating Firewall" - sudo ufw allow 3000 comment 'RTL HTTP' - sudo ufw allow 3001 comment 'RTL HTTPS' - echo - - echo "# Install service" - echo "# Install RTL systemd for ${network} on ${chain}" - cat > /home/admin/RTL.service <