mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2025-02-25 15:10:38 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #13 from rootzoll/v1.6

Browse source 
Merge from rootzoll/v1.6
This commit is contained in:
arno 2020-07-21 21:54:04 +02:00 committed by GitHub
commit f852df6851
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 114 additions and 105 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -122,11 +122,11 @@ Your SD-card needs to contain the RaspiBlitz software. You can take the long roa
THIS IS A RELEASE CANDIDATE - NOT THE FINAL VERSION - DONT USE FOR A PRODUCTION NODE! THIS IS A RELEASE CANDIDATE - NOT THE FINAL VERSION - DONT USE FOR A PRODUCTION NODE!
Browser: https://raspiblitz.org/raspiblitz-v1.6rc2-2020-07-06.img.gz Browser: https://raspiblitz.org/raspiblitz-v1.6rc3-2020-07-20.img.gz
Torrent: [TODO] Torrent: [TODO]
SHA-256: 2b578caa14fcff28e490366a4ad97c6095e12be8e357fcd0ed95db1bd9342afb or [SIGNATURE](https://todo) SHA-256: 13de2dbfd5d92e8daab8e814dc8c4a575da962a505ea5014904d89df042236ce or [SIGNATURE](https://todo)
* [Whats new in Version 1.6 of RaspiBlitz?](FAQ.md#whats-new-in-version-16-of-raspiblitz) * [Whats new in Version 1.6 of RaspiBlitz?](FAQ.md#whats-new-in-version-16-of-raspiblitz)
* [How to update my RaspiBlitz?](README.md#updating-raspiblitz-to-new-version) * [How to update my RaspiBlitz?](README.md#updating-raspiblitz-to-new-version)

3
home.admin/00infoBlitz.sh
View file

@ -268,7 +268,10 @@ else
if [ ${#ln_getInfo} -eq 0 ]; then if [ ${#ln_getInfo} -eq 0 ]; then
ln_baseInfo="${color_red} Not Started | Not Ready Yet" ln_baseInfo="${color_red} Not Started | Not Ready Yet"
else else
item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "Filtering block" | tail -n1 | awk '{print $7}')
if [ ${#item} -eq 0 ]; then
item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "(height" | tail -n1 | awk '{print $10} {print $11} {print $12}' | tr -dc '0-9') item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "(height" | tail -n1 | awk '{print $10} {print $11} {print $12}' | tr -dc '0-9')
fi
total=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 2>/dev/null | jq -r '.blocks') total=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 2>/dev/null | jq -r '.blocks')
ln_baseInfo="${color_red} waiting for chain sync" ln_baseInfo="${color_red} waiting for chain sync"
if [ ${#item} -gt 0 ]; then if [ ${#item} -gt 0 ]; then

2
home.admin/_bootstrap.provision.sh
View file

@ -62,7 +62,7 @@ if [ ${isRaspbian} -gt 0 ] || [ ${isArmbian} -gt 0 ]; then
exit 0 exit 0
fi fi
else else
echo "Size looks good. Bigger then 8GB card is used." >> ${logFile} echo "Size looks good. Bigger than 8GB card is used." >> ${logFile}
fi fi
else else
echo "Baseimage is not raspbian (${isRaspbian}), skipping the sd card size check." >> ${logFile} echo "Baseimage is not raspbian (${isRaspbian}), skipping the sd card size check." >> ${logFile}

24
home.admin/config.scripts/blitz.subscriptions.letsencrypt.py
View file

@ -109,15 +109,14 @@ def duckdns_update(domain, token, ip):
# PROCESS FUNCTIONS # PROCESS FUNCTIONS
##################### #####################
def subscriptions_new(ip, dnsservice, id, token, target): def subscriptions_new(ip, dnsservice, domain, token, target):
# id needs to be the full domain name # domain needs to be the full domain name
if id.find(".") == -1: if domain.find(".") == -1:
# ToDo(frennkie) dnsservice_id doesn't exit raise BlitzError("not a fully qualified domain name", domain)
raise BlitzError("not a fully qualified domain name", dnsservice_id)
# check if id already exists # check if domain already exists
if len(get_subscription(id)) > 0: if len(get_subscription(domain)) > 0:
raise BlitzError("id already exists", id) raise BlitzError("domain already exists", domain)
# make sure lets encrypt client is installed # make sure lets encrypt client is installed
os.system("/home/admin/config.scripts/bonus.letsencrypt.sh on") os.system("/home/admin/config.scripts/bonus.letsencrypt.sh on")
@ -127,9 +126,8 @@ def subscriptions_new(ip, dnsservice, id, token, target):
if ip == "dyndns": if ip == "dyndns":
update_url = "" update_url = ""
if dnsservice == "duckdns": if dnsservice == "duckdns":
# ToDo(frennkie) domain doesn't exit
update_url = "https://www.duckdns.org/update?domains={0}&token={1}".format(get_subdomain(domain), token, ip) update_url = "https://www.duckdns.org/update?domains={0}&token={1}".format(get_subdomain(domain), token, ip)
subprocess.run(['/home/admin/config.scriprs/internet.dyndomain.sh', 'on', id, update_url], subprocess.run(['/home/admin/config.scriprs/internet.dyndomain.sh', 'on', domain, update_url],
stdout=subprocess.PIPE).stdout.decode('utf-8').strip() stdout=subprocess.PIPE).stdout.decode('utf-8').strip()
real_ip = cfg.public_ip real_ip = cfg.public_ip
@ -140,9 +138,9 @@ def subscriptions_new(ip, dnsservice, id, token, target):
# create subscription data for storage # create subscription data for storage
subscription = dict() subscription = dict()
subscription['type'] = "letsencrypt-v1" subscription['type'] = "letsencrypt-v1"
subscription['id'] = id subscription['id'] = domain
subscription['active'] = True subscription['active'] = True
subscription['name'] = "{0} for {1}".format(dnsservice, id) subscription['name'] = "{0} for {1}".format(dnsservice, domain)
subscription['dnsservice_type'] = dnsservice subscription['dnsservice_type'] = dnsservice
subscription['dnsservice_token'] = token subscription['dnsservice_token'] = token
subscription['ip'] = ip subscription['ip'] = ip
@ -174,7 +172,7 @@ def subscriptions_new(ip, dnsservice, id, token, target):
# run the ACME script # run the ACME script
print("# Running letsencrypt ACME script ...") print("# Running letsencrypt ACME script ...")
acme_result = subprocess.Popen( acme_result = subprocess.Popen(
["/home/admin/config.scripts/bonus.letsencrypt.sh", "issue-cert", dnsservice, id, token, target], ["/home/admin/config.scripts/bonus.letsencrypt.sh", "issue-cert", dnsservice, domain, token, target],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, encoding='utf8') stdout=subprocess.PIPE, stderr=subprocess.STDOUT, encoding='utf8')
out, err = acme_result.communicate() out, err = acme_result.communicate()
eprint(str(out)) eprint(str(out))

162
home.admin/config.scripts/internet.sshtunnel.py
View file

@ -1,7 +1,8 @@
#!/usr/bin/python3 #!/usr/bin/python3
import sys, subprocess, re import re
from pathlib import Path import subprocess
import sys
# IDEA: At the momemt its just Reverse-SSh Tunnels thats why [INTERNAL-PORT]<[EXTERNAL-PORT] # IDEA: At the momemt its just Reverse-SSh Tunnels thats why [INTERNAL-PORT]<[EXTERNAL-PORT]
# For the future also just local ssh tunnels could be added with [INTERNAL-PORT]-[EXTERNAL-PORT] # For the future also just local ssh tunnels could be added with [INTERNAL-PORT]-[EXTERNAL-PORT]
@ -19,9 +20,9 @@ if len(sys.argv) <= 1 or sys.argv[1] == "-h" or sys.argv[1] == "help":
# sudo journalctl -f -u autossh-tunnel # sudo journalctl -f -u autossh-tunnel
# #
SERVICENAME="autossh-tunnel.service" SERVICE_NAME = "autossh-tunnel.service"
SERVICEFILE="/etc/systemd/system/"+SERVICENAME SERVICE_FILE = "/etc/systemd/system/" + SERVICE_NAME
SERVICETEMPLATE="""# see config script internet.sshtunnel.py SERVICE_TEMPLATE = """# see config script internet.sshtunnel.py
[Unit] [Unit]
Description=AutoSSH tunnel service Description=AutoSSH tunnel service
After=network.target After=network.target
@ -38,33 +39,20 @@ WantedBy=multi-user.target
""" """
# get LND port form lnd.conf # get LND port form lnd.conf
LNDPORT = subprocess.getoutput("sudo cat /mnt/hdd/lnd/lnd.conf | grep '^listen=*' | cut -f2 -d':'") LND_PORT = subprocess.getoutput("sudo cat /mnt/hdd/lnd/lnd.conf | grep '^listen=*' | cut -f2 -d':'")
if len(LNDPORT) == 0: if len(LND_PORT) == 0:
LNDPORT="9735" LND_PORT = "9735"
#######################
#
# RESTORE = SWITCHING ON with restore flag on
# on restore other external scripts dont need calling
#
forwardingLND = False
restoringOnUpdate = False
if sys.argv[1] == "restore":
print("internet.sshtunnel.py -> running with restore flag")
sys.argv[1] = "on"
restoringOnUpdate = True
#
# SWITCHING ON # SWITCHING ON
# #######################
def on(restore_on_update=False):
if sys.argv[1] == "on": forwarding_lnd = False
# check if already running # check if already running
isRunning = subprocess.getoutput("sudo systemctl --no-pager | grep -c '%s'" % (SERVICENAME)) is_running = subprocess.getoutput("sudo systemctl --no-pager | grep -c '{}'".format(SERVICE_NAME))
if int(isRunning) > 0: if int(is_running) > 0:
print("SSH TUNNEL SERVICE IS RUNNING - run 'internet.sshtunnel.py off' first to set new tunnel") print("SSH TUNNEL SERVICE IS RUNNING - run 'internet.sshtunnel.py off' first to set new tunnel")
sys.exit(1) sys.exit(1)
@ -85,13 +73,14 @@ if sys.argv[1] == "on":
ssh_server_port = ssh_server_split[1] ssh_server_port = ssh_server_split[1]
else: else:
print("[USER]@[SERVER:PORT] wrong - use 'internet.sshtunnel.py -h' for help") print("[USER]@[SERVER:PORT] wrong - use 'internet.sshtunnel.py -h' for help")
sys.exit(1)
# genenate additional parameter for autossh (forwarding ports) # generate additional parameter for autossh (forwarding ports)
if len(sys.argv) < 4: if len(sys.argv) < 4:
print("[INTERNAL-PORT]<[EXTERNAL-PORT] missing") print("[INTERNAL-PORT]<[EXTERNAL-PORT] missing")
sys.exit(1) sys.exit(1)
ssh_ports="" ssh_ports = ""
additional_parameters="" additional_parameters = ""
i = 3 i = 3
while i < len(sys.argv): while i < len(sys.argv):
@ -101,56 +90,60 @@ if sys.argv[1] == "on":
sys.exit(1) sys.exit(1)
# get ports # get ports
sys.argv[i] = re.sub('"','', sys.argv[i] ) sys.argv[i] = re.sub('"', '', sys.argv[i])
ports = sys.argv[i].split("<") ports = sys.argv[i].split("<")
port_internal = ports[0] port_internal = ports[0]
port_external = ports[1] port_external = ports[1]
if port_internal.isdigit() == False: if not port_internal.isdigit():
print("[INTERNAL-PORT]<[EXTERNAL-PORT] internal not number '%s'" % (sys.argv[i])) print("[INTERNAL-PORT]<[EXTERNAL-PORT] internal not number '%s'" % (sys.argv[i]))
sys.exit(1) sys.exit(1)
if port_external.isdigit() == False: if not port_external.isdigit():
print("[INTERNAL-PORT]<[EXTERNAL-PORT] external not number '%s'" % (sys.argv[i])) print("[INTERNAL-PORT]<[EXTERNAL-PORT] external not number '%s'" % (sys.argv[i]))
sys.exit(1) sys.exit(1)
if port_internal == LNDPORT: if port_internal == LND_PORT:
print("Detected LND Port Forwarding") print("Detected LND Port Forwarding")
forwardingLND = True forwarding_lnd = True
if port_internal != port_external: if port_internal != port_external:
print("FAIL: When tunneling your local LND port '%s' it needs to be the same on the external server, but is '%s'" % (LNDPORT, port_external)) print("FAIL: When tunneling your local LND port "
print("Try again by using the same port. If you cant change the external port, change local LND port with: /home/admin/config.scripts/lnd.setport.sh") "'{}' it needs to be the same on the external server, but is '{}'".format(LND_PORT,
port_external))
print(
"Try again by using the same port. If you cant change the external port, "
"change local LND port with: /home/admin/config.scripts/lnd.setport.sh")
sys.exit(1) sys.exit(1)
ssh_ports = ssh_ports + "\"%s\" " % (sys.argv[i]) ssh_ports = ssh_ports + "\"%s\" " % (sys.argv[i])
additional_parameters= additional_parameters + "-R %s:localhost:%s " % (port_external, port_internal) additional_parameters = additional_parameters + "-R %s:localhost:%s " % (port_external, port_internal)
i = i + 1 i = i + 1
# genenate additional parameter for autossh (server) # generate additional parameter for autossh (server)
ssh_ports = ssh_ports.strip() ssh_ports = ssh_ports.strip()
additional_parameters = additional_parameters + "-p " + ssh_server_port + " " + ssh_server_host additional_parameters = additional_parameters + "-p " + ssh_server_port + " " + ssh_server_host
# generate custom service config # generate custom service config
service_data = SERVICETEMPLATE.replace("[PLACEHOLDER]", additional_parameters) service_data = SERVICE_TEMPLATE.replace("[PLACEHOLDER]", additional_parameters)
# debug print out service # debug print out service
print() print()
print("*** New systemd service: %s" % (SERVICENAME)) print("*** New systemd service: {}".format(SERVICE_NAME))
print(service_data) print(service_data)
# write service file # write service file
service_file = open("/home/admin/temp.service", "w") service_file = open("/home/admin/temp.service", "w")
service_file.write(service_data) service_file.write(service_data)
service_file.close() service_file.close()
subprocess.call("sudo mv /home/admin/temp.service %s" % (SERVICEFILE), shell=True) subprocess.call("sudo mv /home/admin/temp.service {}".format(SERVICE_FILE), shell=True)
# check if SSH keys for root user need to be created # check if SSH keys for root user need to be created
print() print()
print("*** Checking root SSH pub keys") print("*** Checking root SSH pub keys")
ssh_pubkey=""
try: try:
ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True) ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True)
print("OK - root id_rsa.pub file exists") print("OK - root id_rsa.pub file exists")
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError:
print("Generating root SSH keys ...") print("Generating root SSH keys ...")
subprocess.call("sudo sh -c 'yes y | sudo -u root ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N \"\"'", shell=True) subprocess.call("sudo sh -c 'yes y | sudo -u root ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N \"\"'",
shell=True)
ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True) ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True)
# copy SSH keys for backup (for update with new sd card) # copy SSH keys for backup (for update with new sd card)
@ -163,39 +156,42 @@ if sys.argv[1] == "on":
with open('/mnt/hdd/raspiblitz.conf') as f: with open('/mnt/hdd/raspiblitz.conf') as f:
file_content = f.read() file_content = f.read()
if file_content.count("sshtunnel=") == 0: if file_content.count("sshtunnel=") == 0:
file_content = file_content+"\nsshtunnel=''" file_content = file_content + "\nsshtunnel=''"
file_content = re.sub("sshtunnel=.*", "sshtunnel='%s %s'" % (ssh_server, ssh_ports), file_content) file_content = re.sub("sshtunnel=.*", "sshtunnel='%s %s'" % (ssh_server, ssh_ports), file_content)
if restoringOnUpdate == False:
serverdomain=ssh_server.split("@")[1]
ssh_server = serverdomain if not restore_on_update:
server_domain = ssh_server.split("@")[1]
ssh_server = server_domain
if ssh_server.count(":") == 0: if ssh_server.count(":") == 0:
ssh_server_host = ssh_server ssh_server_host = ssh_server
ssh_server_port = "22" ssh_server_port = "22" # ToDo(frennkie) this is not used
elif ssh_server.count(":") == 1: elif ssh_server.count(":") == 1:
ssh_server_split = ssh_server.split(":") ssh_server_split = ssh_server.split(":")
ssh_server_host = ssh_server_split[0] ssh_server_host = ssh_server_split[0]
ssh_server_port = ssh_server_split[1] ssh_server_port = ssh_server_split[1] # ToDo(frennkie) this is not used
else: else:
print("syntax error!") print("syntax error!")
sys.exit(1) sys.exit(1)
# make sure serverdomain is set as tls alias # make sure server_domain is set as tls alias
print("Setting server as tls alias") print("Setting server as tls alias")
oldConfigHash=subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf") old_config_hash = subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf")
subprocess.call("sudo sed -i \"s/^#tlsextradomain=.*/tlsextradomain=/g\" /mnt/hdd/lnd/lnd.conf", shell=True) subprocess.call("sudo sed -i \"s/^#tlsextradomain=.*/tlsextradomain=/g\" /mnt/hdd/lnd/lnd.conf", shell=True)
subprocess.call("sudo sed -i \"s/^tlsextradomain=.*/tlsextradomain=%s/g\" /mnt/hdd/lnd/lnd.conf" % (ssh_server_host), shell=True) subprocess.call(
newConfigHash=subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf") "sudo sed -i \"s/^tlsextradomain=.*/tlsextradomain={}/g\" /mnt/hdd/lnd/lnd.conf".format(ssh_server_host),
if oldConfigHash != newConfigHash: shell=True)
new_config_hash = subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf")
if old_config_hash != new_config_hash:
print("lnd.conf changed ... generating new TLS cert") print("lnd.conf changed ... generating new TLS cert")
subprocess.call(sudo /home/admin/config.scripts/lnd.tlscert.sh refresh", shell=True) subprocess.call("sudo /home/admin/config.scripts/lnd.tlscert.sh refresh", shell=True)
else: else:
print("lnd.conf unchanged... keep TLS cert") print("lnd.conf unchanged... keep TLS cert")
if forwardingLND: if forwarding_lnd:
# setting server explicitly on LND if LND port is forwarded # setting server explicitly on LND if LND port is forwarded
print("Setting fixed address for LND with raspiblitz lndAddress") print("Setting fixed address for LND with raspiblitz lndAddress")
file_content = re.sub("lndAddress=.*", "lndAddress='%s'" % (ssh_server_host), file_content) file_content = re.sub("lndAddress=.*", "lndAddress='{}'".format(ssh_server_host), file_content)
else: else:
print("No need to set fixed address for LND with raspiblitz lndAddress") print("No need to set fixed address for LND with raspiblitz lndAddress")
file_content = "".join([s for s in file_content.splitlines(True) if s.strip("\r\n")]) + "\n" file_content = "".join([s for s in file_content.splitlines(True) if s.strip("\r\n")]) + "\n"
@ -212,9 +208,9 @@ if sys.argv[1] == "on":
# enable service # enable service
print() print()
print("*** Enabling systemd service: %s" % (SERVICENAME)) print("*** Enabling systemd service: {}".format(SERVICE_NAME))
subprocess.call("sudo systemctl daemon-reload", shell=True) subprocess.call("sudo systemctl daemon-reload", shell=True)
subprocess.call("sudo systemctl enable %s" % (SERVICENAME), shell=True) subprocess.call("sudo systemctl enable {}".format(SERVICE_NAME), shell=True)
# final info (can be ignored if run by other script) # final info (can be ignored if run by other script)
print() print()
@ -224,22 +220,21 @@ if sys.argv[1] == "on":
print("See chapter 'How to setup port-forwarding with a SSH tunnel?' in:") print("See chapter 'How to setup port-forwarding with a SSH tunnel?' in:")
print("https://github.com/rootzoll/raspiblitz/blob/master/FAQ.md") print("https://github.com/rootzoll/raspiblitz/blob/master/FAQ.md")
print("- Tunnel service needs final reboot to start.") print("- Tunnel service needs final reboot to start.")
print("- After reboot check logs: sudo journalctl -f -u %s" % (SERVICENAME)) print("- After reboot check logs: sudo journalctl -f -u {}".format(SERVICE_NAME))
print("- Make sure the SSH pub key of this RaspiBlitz is in 'authorized_keys' of %s:" % (ssh_server_host)) print("- Make sure the SSH pub key of this RaspiBlitz is in 'authorized_keys' of {}:".format(ssh_server_host))
print(ssh_pubkey) print(ssh_pubkey)
print() print()
#
#######################
# SWITCHING OFF # SWITCHING OFF
# #######################
def off():
elif sys.argv[1] == "off": print("*** Disabling systemd service: {}".format(SERVICE_NAME))
subprocess.call("sudo systemctl stop {}".format(SERVICE_NAME), shell=True)
print("*** Disabling systemd service: %s" % (SERVICENAME)) subprocess.call("sudo systemctl disable {}".format(SERVICE_NAME), shell=True)
subprocess.call("sudo systemctl stop %s" % (SERVICENAME), shell=True)
subprocess.call("sudo systemctl disable %s" % (SERVICENAME), shell=True)
subprocess.call("sudo systemctl reset-failed", shell=True) subprocess.call("sudo systemctl reset-failed", shell=True)
subprocess.call("sudo rm %s" % (SERVICEFILE), shell=True) subprocess.call("sudo rm {}".format(SERVICE_FILE), shell=True)
subprocess.call("sudo systemctl daemon-reload", shell=True) subprocess.call("sudo systemctl daemon-reload", shell=True)
print("OK Done") print("OK Done")
print() print()
@ -258,9 +253,22 @@ elif sys.argv[1] == "off":
text_file.write(file_content) text_file.write(file_content)
print("OK Done") print("OK Done")
#
# UNKOWN PARAMETER
#
else: def main():
print ("unkown parameter - use 'internet.sshtunnel.py -h' for help") if sys.argv[1] == "restore":
print("internet.sshtunnel.py -> running with restore flag")
on(restore_on_update=True)
elif sys.argv[1] == "on":
on()
elif sys.argv[1] == "off":
off()
else:
# UNKNOWN PARAMETER
print("unknown parameter - use 'internet.sshtunnel.py -h' for help")
if __name__ == '__main__':
main()

2
home.admin/config.scripts/lnd.unlock.sh
View file

@ -107,7 +107,7 @@ while [ ${fallback} -eq 0 ]
done done
# FALBACK LND CLI UNLOCK # FALLBACK LND CLI UNLOCK
walletLocked=1 walletLocked=1
while [ ${walletLocked} -gt 0 ] while [ ${walletLocked} -gt 0 ]
do do