Backup CLN emergency.recover file (#3393)

CHANGES.md

@@ -17,6 +17,7 @@
 - Update: Electrum Server in Rust (electrs) v0.9.9 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#099-jul-12-2022)
 - Update: Balance of Satoshis 13.6.0 (BOS) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#1360)
 - Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox)
+- Fixed: SCB/Emergency-Backup to USB drive (now also with cln emergency file)
 
 ## What's new in Version 1.8.0c of RaspiBlitz?
 

README.md

@@ -760,7 +760,7 @@ If there is a public IP change on your router LND restarts automatically, and wi
 
 - [When using Auto-Unlock, how much security do I lose?](FAQ.md#when-using-auto-unlock-how-much-security-do-i-lose)
 
-##### LND StaticChannelBackup on Nextcloud
+##### StaticChannel/Emergency-Backup on Nextcloud
 
 See [below on this README](README.md#backup-for-on-chain---channel-funds) for your Backup options when it comes to securing your funds against accidental loss.
 Storing the encrypted Static Channel Backup file to your Nextcloud account is an easy and secure way to do this.
@@ -769,12 +769,12 @@ Nextcloud is an open-source project to host your own files: <https://en.wikipedi
 You can run it yourself or use a hosted Nextcloud server.
 Find free Nextcloud providers here to sign up: <https://nextcloud.com/signup/>
 
-##### StaticChannelBackup on USB Drive
+##### StaticChannel/Emergency-Backup on USB Drive
 
 You can connect a small extra USB drive to your RaspiBlitz (choose a small one up to 32GB, don't use second HDD or SSD here as that would drain too much power from the RaspiBlitz).
 That USB drive will then be used to store your latest StaticChannelBackup, just in case your HDD encounters an error.
 
-##### StaticChannelBackup per SCP/SSH to other server
+##### StaticChannel/Emergency-Backup per SCP/SSH to other server
 
 An option for more advanced users -- that you only can set directly in the `raspiblitz.conf` -- is the automated backup of the StaticChannelBackup to another server by SSH/SCP.
 For this you need to set the value:

home.admin/00settingsMenuBasics.sh

@@ -126,6 +126,13 @@ if [ ${#runBehindTor} -eq 0 ] || [ "${runBehindTor}" = "off" ]; then
 fi
 OPTIONS+=(p 'Parallel Testnet/Signet' ${parallelTestnets})
 
+
+# Lightning options (only LND and/or CLN)
+if [ "${lndNode}" == "on" ] || [ "${clNode}" == "on" ]; then
+  OPTIONS+=(x 'SCB/Emergency-Backup on Nextcloud' ${NextcloudBackup})
+  OPTIONS+=(e 'SCB/Emergency-Backup USB Drive' ${LocalBackup})
+fi
+
 # LND & options (only when running LND)
 OPTIONS+=(m 'LND LIGHTNING LABS NODE' ${lndNode})
 if [ "${lndNode}" == "on" ]; then
@@ -133,8 +140,6 @@ if [ "${lndNode}" == "on" ]; then
   OPTIONS+=(k '-LND Accept Keysend' ${keysend})
   OPTIONS+=(c '-LND Circuitbreaker (firewall)' ${circuitbreaker})
   OPTIONS+=(u '-LND Auto-Unlock' ${autoUnlock})
-  OPTIONS+=(x '-LND StaticChannelBackup on Nextcloud' ${NextcloudBackup})
-  OPTIONS+=(e '-LND StaticChannelBackup USB Drive' ${LocalBackup})
 fi
 
 # Core Lightning & options/PlugIns

home.admin/_background.sh

@@ -509,6 +509,110 @@ do
     fi
   fi
 
+
+  # check every 1min for cln
+  recheckER=0
+  if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then
+    recheckER=$(($counter % 60))
+  fi
+  if [ ${recheckER} -eq 1 ]; then
+    #echo "ER Monitoring ..."
+    source ${configFile}
+    source <(/home/admin/config.scripts/network.aliases.sh getvars cl ${chain}net)
+    # check if emergency.recover exists
+    erPath=/home/bitcoin/.lightning/${CLNETWORK}/emergency.recover
+    erExists=$(ls $erPath 2>/dev/null | grep -c 'emergency.recover')
+    if [ ${erExists} -eq 1 ]; then
+
+      # timestamp backup filename
+      timestampedFileName=${netprefix}emergency-$(date "+%Y%m%d-%H%M%S").recover
+      localBackupDir=/home/admin/backups/er
+      localBackupPath=${localBackupDir}/emergency.recover
+      localTimestampedPath=${localBackupDir}/${timestampedFileName}
+
+      #echo "Found Channel Backup File .. check if changed .."
+      md5checksumORG=$(md5sum $erPath 2>/dev/null | head -n1 | cut -d " " -f1)
+      md5checksumCPY=$(md5sum $localBackupPath 2>/dev/null | head -n1 | cut -d " " -f1)
+      if [ "${md5checksumORG}" != "${md5checksumCPY}" ]; then
+        echo "--> Channel Backup File changed"
+
+        # make copy to sd card (as local basic backup)
+        mkdir -p /home/admin/backups/er/ 2>/dev/null
+        cp $erPath $localBackupPath
+        cp $erPath $localTimestampedPath
+        cp $erPath /boot/${netprefix}emergency.recover
+        echo "OK emergency.recover copied to '${localBackupPath}' and '${localTimestampedPath}' and '/boot/${netprefix}emergency.recover'"
+
+        # check if a additional local backup target is set
+        # see ./config.scripts/blitz.backupdevice.sh
+        if [ "${localBackupDeviceUUID}" != "" ] && [ "${localBackupDeviceUUID}" != "off" ]; then
+
+          # check if device got mounted on "/mnt/backup" (gets mounted by _bootstrap.sh)
+          backupDeviceExists=$(df | grep -c "/mnt/backup")
+          if [ ${backupDeviceExists} -gt 0 ]; then
+
+            echo "--> Additional Local Backup Device"
+            cp ${localBackupPath} /mnt/backup/
+            cp ${localTimestampedPath} /mnt/backup/
+
+            # check results
+            result=$?
+            if [ ${result} -eq 0 ]; then
+              echo "OK - Successful Copy to additional Backup Device"
+            else
+              echo "FAIL - Copy to additional Backup Device exited with ${result}"
+            fi
+
+          else
+            echo "FAIL - BackupDrive mount - check if device is connected & UUID is correct" >> $logFile
+          fi
+        fi
+
+        # check if a SFTP backup target is set
+        # parameter in raspiblitz.conf:
+        # sftpBackupTarget='[USER]@[SERVER]:[DIRPATH-WITHOUT-ENDING-/]'
+        # optionally a custom option string for the sftp command can be set with
+        # sftpBackupOptions='[YOUR-CUSTOM-OPTIONS]'
+        # On target server add the public key of your RaspiBlitz to the authorized_keys for the user
+        # https://www.linode.com/docs/security/authentication/use-public-key-authentication-with-ssh/
+        if [ ${#sftpBackupTarget} -gt 0 ]; then
+          echo "--> Offsite-Backup SFTP Server"
+          if [ "${sftpBackupOptions}" == "" ]; then
+            sftpBackupOptions="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
+          fi
+          # its ok to ignore known host, because data is encrypted (worst case of MiM would be: no offsite channel backup)
+          # but its more likely that without ignoring known host, script might not run thru and that way: no offsite channel backup
+          sftp ${sftpBackupOptions} ${localBackupPath} ${sftpBackupTarget}/
+          sftp ${sftpBackupOptions} ${localTimestampedPath} ${sftpBackupTarget}/
+          result=$?
+          if [ ${result} -eq 0 ]; then
+            echo "OK - SFTP Backup exited with 0"
+          else
+            echo "FAIL - SFTP Backup exited with ${result}"
+          fi
+        fi
+
+        # check if Nextcloud backups are enabled
+        if [ $nextcloudBackupServer ] && [ $nextcloudBackupUser ] && [ $nextcloudBackupPassword ]; then
+          echo "--> Offsite-Backup Nextcloud"
+          source <(/home/admin/config.scripts/nextcloud.upload.sh upload ${localBackupPath})
+          source <(/home/admin/config.scripts/nextcloud.upload.sh upload ${localTimestampedPath})
+          if [ ${#err} -gt 0 ]; then
+            echo "FAIL -  ${err}"
+          else
+            echo "OK - ${upload}"
+          fi
+        fi
+
+      #else
+      #  echo "Channel Backup File not changed."
+      fi
+    #else
+    #  echo "No Channel Backup File .."
+    fi
+  fi
+
+
   ###############################
   # SUBSCRIPTION RENWES
   ###############################

home.admin/config.scripts/blitz.backupdevice.sh

@@ -37,18 +37,19 @@ if [ "$1" = "status" ]; then
 
     # get info on possible already existing BTRFS RAID1 usb drive
     source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status)
-    
+
     # get all the devices that are not mounted and possible candidates
     drivecounter=0
     for disk in $(lsblk -o NAME,TYPE | grep "disk" | awk '$1=$1' | cut -d " " -f 1)
     do
       devMounted=$(lsblk -o MOUNTPOINT,NAME | grep "$disk" | grep -c "^/")
-      # is raid candidate when: not mounted & not the data drive candidate (hdd/ssd) & not BTRFS RAID
-      if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${disk}" != "${raidUsbDev}" ]; then
+      # is raid candidate when: not mounted & not the data drive candidate (hdd/ssd) & not BTRFS RAID & not zram
+      if [ "${devMounted}" -eq 0 ] && [ "${disk}" != "${hdd}" ] && \
+         [ "${disk}" != "${raidUsbDev}" ] && ! echo "${disk}" | grep "zram" 1>/dev/null; then
         sizeBytes=$(lsblk -o NAME,SIZE -b | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2)
         sizeGigaBytes=$(echo "scale=0; ${sizeBytes}/1024/1024/1024" | bc -l)
-        vedorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2)
-        mountoption="${disk} ${sizeGigaBytes} GB ${vedorname}"
+        vendorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2)
+        mountoption="${disk} ${sizeGigaBytes} GB ${vendorname}"
         echo "backupCandidate[${drivecounter}]='${mountoption}'"
         drivecounter=$(($drivecounter +1))
       fi
@@ -60,7 +61,7 @@ if [ "$1" = "status" ]; then
 fi
 
 # check if started with sudo
-if [ "$EUID" -ne 0 ]; then 
+if [ "$EUID" -ne 0 ]; then
   echo "error='missing sudo'"
   exit 1
 fi
@@ -90,7 +91,7 @@ if [ "$1" = "on" ]; then
     if [ ${backupCandidates} -eq 0 ]; then
       dialog --title ' Adding Backup Device ' --msgbox 'Please connect now the backup device\nFor example a thumb drive bigger than 120 MB.\nDont use a second HDD/SSD for that.\nBest on a USB2 port (not the blue ones).\nThen press OK.' 9 50
       clear
-      echo 
+      echo
       echo "detecting device ... (please wait)"
       sleep 3
       source <(sudo /home/admin/config.scripts/blitz.backupdevice.sh status)
@@ -179,8 +180,15 @@ THIS WILL DELETE ALL DATA ON THAT DEVICE!
     echo "error='failed to mount'"
   fi
 
-  # copy SCB over
-  cp /mnt/hdd/lnd/data/chain/${network}/${chain}net/channel.backup /mnt/backup/channel.backup 1>&2
+  if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then
+    # copy SCB over
+    cp /mnt/hdd/lnd/data/chain/${network}/${chain}net/channel.backup /mnt/backup/channel.backup 1>&2
+  fi
+  if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then
+    # copy ER over
+    source <(/home/admin/config.scripts/network.aliases.sh getvars cl ${chain}net)
+    cp /home/bitcoin/.lightning/${CLNETWORK}/emergency.recover /mnt/backup/${netprefix}emergency.recover 1>&2
+  fi
 
   if [ ${userinteraction} -eq 1 ]; then
     if [ ${isMounted} -eq 0 ]; then

home.admin/config.scripts/blitz.datadrive.sh

@@ -518,7 +518,7 @@ if [ "$1" = "status" ]; then
     do
       devMounted=$(lsblk -o MOUNTPOINT,NAME | grep "$disk" | grep -c "^/")
       # is raid candidate when not mounted and not the data drive candidate (hdd/ssd)
-      if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${hdd}" != "" ] && [ "${disk}" != "" ]; then
+      if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${hdd}" != "" ] && [ "${disk}" != "" ] && [ "${disk}" != "zram0" ]; then
         sizeBytes=$(lsblk -o NAME,SIZE -b | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2)
         sizeGigaBytes=$(echo "scale=0; ${sizeBytes}/1024/1024/1024" | bc -l)
         vedorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2 | sed 's/[^a-zA-Z0-9]//g')