raspiblitz/home.admin/config.scripts/bonus.lndg.sh

#!/bin/bash
 
# https://github.com/cryptosharks131/lndg
VERSION="1.4.0 "

# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
 echo "config script to install, update or uninstall LNDG"
 echo "bonus.lndg.sh [on|off|menu|update|setpassword|status]"
 exit 1
fi

# check and load raspiblitz config
# to know which network is running
source /home/admin/raspiblitz.info
source /mnt/hdd/raspiblitz.conf

if [ "$1" = "status" ] || [ "$1" = "menu" ]; then

  # get network info
  isInstalled=$(sudo ls /etc/systemd/system/jobs-lndg.service 2>/dev/null | grep -c 'jobs-lndg.service')
  localip=$(hostname -I | awk '{print $1}')
  toraddress=$(sudo cat /mnt/hdd/tor/lndg/hostname 2>/dev/null)
  fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
  httpPort="8889"
  httpsPort="8888"

  if [ "$1" = "status" ]; then
    echo "installed='${isInstalled}'"
    echo "localIP='${localip}'"
    echo "httpPort='${httpPort}'"
    echo "httpsForced='0'"
    echo "httpsSelfsigned='1'"
    echo "authMethod='password_b'"
    echo "toraddress='${toraddress}'"
    exit
  fi

fi

# show info menu
if [ "$1" = "menu" ]; then

  if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
    # Info with TOR
    sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
    whiptail --title " LNDg " --msgbox "Open in your local web browser:
http://${localip}:${httpPort}\n
https://${localip}:${httpsPort} with Fingerprint:
${fingerprint}\n
Username is lndg-admin. Use your Password B to login.\n
Hidden Service address for TOR Browser (see LCD for QR):\n${toraddress}
" 18 67
    sudo /home/admin/config.scripts/blitz.display.sh hide
  else
    # Info without TOR
    whiptail --title " LNDg " --msgbox "Open in your local web browser:
http://${localip}:${httpPort}\n
Or https://${localip}:${httpsPort} with Fingerprint:
${fingerprint}\n
Username is lndg-admin. Use your Password B to login.\n
Activate TOR to access the web interface from outside your local network.
" 17 67
  fi
  echo "please wait ..."
  exit 0
fi

if [ "$1" = "setpassword" ]; then
  if [ "$2" = "" ]; then
    echo "to change lndg password, enter the new password as the second variable and try again"
    echo "example: bonus.lndg.sh setpassword mynewpassword"
    echo "will change the password to: mynewpassword"
    exit 1
  fi
  isChangepassword=$(sudo ls /home/lndg/lndg/changepassword.py 2>/dev/null | grep -c 'changepassword.py')
  if ! [ ${isChangepassword} -eq 0 ]; then
    sudo -u lndg /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/changepassword.py "$2"
  else
    # create python file for command line password change
    echo "# create python file for command line password change"
    echo "
#!/usr/bin/env python

import django
import sys
from os import environ
from lndg import settings
from time import sleep
environ['DJANGO_SETTINGS_MODULE'] = 'lndg.settings'
django.setup()
from django.contrib.auth.models import User

def newpassword():
    users = User.objects.all()
    user = users[0]
    user.set_password(sys.argv[1])
    user.save()

def main():
    try:
        newpassword()
    except Exception as e:
        print('Error while attempting to change password: ' + str(e))
        sleep(5)

if __name__ == '__main__':
    main()
" | sudo tee "/home/lndg/lndg/changepassword.py"

    sudo chmod 644 /home/lndg/lndg/changepassword.py
    sudo chown lndg:lndg /home/lndg/lndg/changepassword.py
	sudo -u lndg /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/changepassword.py "$2"
  fi
  echo "ok, password changed to $2"
  exit 0
fi

# switch on
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
  echo "*** INSTALL LNDg ***"

  isInstalled=$(sudo ls /etc/systemd/system/jobs-lndg.service 2>/dev/null | grep -c 'jobs-lndg.service')
  if ! [ ${isInstalled} -eq 0 ]; then
    echo "LNDg already installed."
  else
    ###############
    # INSTALL
    ###############

    # create lndg user
    sudo adduser --disabled-password --gecos "" lndg
    # add user to group with admin access to lnd
    sudo /usr/sbin/usermod --append --groups lndadmin lndg
    # make sure symlink to central app-data directory exists
    sudo rm -rf /home/lndg/.lnd  # not a symlink.. delete it silently
    # create symlink
    sudo ln -s /mnt/hdd/app-data/lnd/ /home/lndg/.lnd

    # download and install
    sudo -u lndg git clone https://github.com/cryptosharks131/lndg.git /home/lndg/lndg/
    cd /home/lndg/lndg/ || exit 1
    sudo -u lndg git reset --hard v${VERSION}
    sudo apt install -y virtualenv
    sudo -u lndg virtualenv -p python3 .venv
    sudo -u lndg .venv/bin/pip install -r requirements.txt
    PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
    sudo -u lndg .venv/bin/python initialize.py -pw $PASSWORD_B
    sudo -u lndg .venv/bin/python jobs.py

    # set database path to HDD data so that its survives updates and migrations
    # first check and see if a database exists
    isDatabase=$(sudo ls /mnt/hdd/app-data/lndg/data/db.sqlite3 2>/dev/null | grep -c 'db.sqlite3')
    if ! [ ${isDatabase} -eq 0 ]; then
	  if [ "$2" == "deletedatabase" ]; then
	  
	    # deleting old database and moving new database
		echo "Deleting existing database and creating new one"
        sudo rm -rf /mnt/hdd/app-data/lndg/data
        sudo cp -p -r /home/lndg/lndg/data /mnt/hdd/app-data/lndg/data
        sudo rm /home/lndg/lndg/data/db.sqlite3
        sudo ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3
        sudo chown lndg:lndg -R /mnt/hdd/app-data/lndg/
      else		
	  
        # using existing database, so remove newly created database and link to existing one
        echo "Database already exists, using existing database"
        sudo rm /home/lndg/lndg/data/db.sqlite3
        sudo -u lndg ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3
		sudo -u lndg /home/lndg/lndg/.venv/bin/python manage.py migrate
      fi
    else
	
      # database doesn't exist, so move to HDD and simlink
      sudo mkdir -p /mnt/hdd/app-data/lndg
      sudo cp -p -r /home/lndg/lndg/data /mnt/hdd/app-data/lndg/data
      sudo rm /home/lndg/lndg/data/db.sqlite3
      sudo ln -sf /mnt/hdd/app-data/lndg/data/db.sqlite3 /home/lndg/lndg/data/db.sqlite3
      sudo chown lndg:lndg -R /mnt/hdd/app-data/lndg/
    fi
    sudo chown lndg:lndg /home/lndg/lndg/data/db.sqlite3

    # create python file for command line password change
    echo "# create python file for command line password change"
    echo "
#!/usr/bin/env python

import django
import sys
from os import environ
from lndg import settings
from time import sleep
environ['DJANGO_SETTINGS_MODULE'] = 'lndg.settings'
django.setup()
from django.contrib.auth.models import User

def newpassword():
    users = User.objects.all()
    user = users[0]
    user.set_password(sys.argv[1])
    user.save()

def main():
    try:
        newpassword()
    except Exception as e:
        print('Error while attempting to change password: ' + str(e))
        sleep(5)

if __name__ == '__main__':
    main()
" | sudo tee "/home/lndg/lndg/changepassword.py"

    sudo chmod 644 /home/lndg/lndg/changepassword.py
    sudo chown lndg:lndg /home/lndg/lndg/changepassword.py

    ##################
    # gunicorn install
    ##################

    # first install and configure whitenoise
    sudo /home/lndg/lndg/.venv/bin/pip install whitenoise 
    sudo rm /home/lndg/lndg/lndg/settings.py 
    sudo /home/lndg/lndg/.venv/bin/python initialize.py -wn
	
	# install gunicorn application server
    sudo /home/lndg/lndg/.venv/bin/python -m pip install 'gunicorn==20.1.*'
	
	# switch back to home directory
	cd /home/admin/

    echo "# Install gunicorn.service file for gunicorn lndg.wsgi application server"
    echo "
[Unit]
Description=Lndg guincorn app
After=lnd.service

[Service]
User=lndg
Group=lndg
WorkingDirectory=/home/lndg/lndg
ExecStart=/home/lndg/lndg/.venv/bin/gunicorn lndg.wsgi -w 4 -b 0.0.0.0:8889
Restart=always
KillSignal=SIGQUIT
Type=notify
StandardError=syslog
NotifyAccess=all
RestartSec=60s

[Install]
WantedBy=multi-user.target
" | sudo tee "/etc/systemd/system/gunicorn.service"

    sudo usermod -a -G www-data lndg

    # setup nginx .conf files
    if ! [ -f /etc/nginx/sites-available/lndg_ssl.conf ]; then
       sudo cp -f /home/admin/assets/nginx/sites-available/lndg_ssl.conf /etc/nginx/sites-available/lndg_ssl.conf
    fi
    if ! [ -f /etc/nginx/sites-available/lndg_tor.conf ]; then
       sudo cp -f /home/admin/assets/nginx/sites-available/lndg_tor.conf /etc/nginx/sites-available/lndg_tor.conf
    fi
    if ! [ -f /etc/nginx/sites-available/lndg_tor_ssl.conf ]; then
       sudo cp -f /home/admin/assets/nginx/sites-available/lndg_tor_ssl.conf /etc/nginx/sites-available/lndg_tor_ssl.conf
    fi

    # setup nginx symlinks
    sudo ln -sf /etc/nginx/sites-available/lndg_ssl.conf /etc/nginx/sites-enabled/lndg_ssl.conf
    sudo ln -sf /etc/nginx/sites-available/lndg_tor.conf /etc/nginx/sites-enabled/lndg_tor.conf
    sudo ln -sf /etc/nginx/sites-available/lndg_tor_ssl.conf /etc/nginx/sites-enabled/lndg_tor_ssl.conf
    sudo nginx -t
    sudo systemctl reload nginx

    # start nginx and uwsgi services
    sudo touch /var/log/uwsgi/lndg.log
    sudo touch /home/lndg/lndg/lndg.sock
    sudo chgrp www-data /var/log/uwsgi/lndg.log
    sudo chgrp www-data /home/lndg/lndg/lndg.sock
    sudo chmod 771 /home/lndg/lndg/lndg.sock
    sudo chmod 660 /var/log/uwsgi/lndg.log
    sudo systemctl enable gunicorn.service
    sudo systemctl start gunicorn.service

    # open the firewall
    echo "*** Updating Firewall ***"
    sudo ufw allow from any to any port 8889 comment 'allow LNDg HTTP'
    sudo ufw allow from any to any port 8888 comment 'allow LNDg HTTPS'
    echo ""

    ##################
    # SYSTEMD SERVICE
    ##################

    echo "# Install LNDg systemd for ${network} on ${chain}"
    echo "
#!/bin/bash

/home/lndg/lndg/.venv/bin/python /home/lndg/lndg/jobs.py
" | sudo tee /home/lndg/lndg/jobs.sh
    echo "
#!/bin/bash

/home/lndg/lndg/.venv/bin/python /home/lndg/lndg/rebalancer.py
" | sudo tee /home/lndg/lndg/rebalancer.sh
    echo "
#!/bin/bash

/home/lndg/lndg/.venv/bin/python /home/lndg/lndg/htlc_stream.py
" | sudo tee /home/lndg/lndg/htlc_stream.sh
    echo "
[Unit]
Description=Run Jobs For Lndg
[Service]
User=lndg
Group=lndg
ExecStart=/bin/bash /home/lndg/lndg/jobs.sh
StandardError=append:/var/log/lnd_jobs_error.log
" | sudo tee /etc/systemd/system/jobs-lndg.service
    echo "
[Unit]
Description=Run Rebalancer For Lndg
[Service]
User=lndg
Group=lndg
ExecStart=/bin/bash /home/lndg/lndg/rebalancer.sh
StandardError=append:/var/log/lnd_rebalancer_error.log
RuntimeMaxSec=3600
" | sudo tee /etc/systemd/system/rebalancer-lndg.service
    echo "
[Unit]
Description=Run HTLC Stream For Lndg
Requires=lnd.service
After=lnd.service
[Service]
User=lndg
Group=lndg
ExecStart=/bin/bash /home/lndg/lndg/htlc_stream.sh
StandardError=append:/var/log/lnd_htlc_stream_error.log
Restart=always
RestartSec=60s
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/htlc-stream-lndg.service
    echo "
[Unit]
Description=Run Lndg Jobs Every 20 Seconds
[Timer]
OnBootSec=300
OnUnitActiveSec=20
AccuracySec=1
[Install]
WantedBy=timers.target
" | sudo tee /etc/systemd/system/jobs-lndg.timer
    echo "
[Unit]
Description=Run Lndg Rebalancer Every 20 Seconds
[Timer]
OnBootSec=315
OnUnitActiveSec=20
AccuracySec=1
[Install]
WantedBy=timers.target
" | sudo tee /etc/systemd/system/rebalancer-lndg.timer
    sudo systemctl enable jobs-lndg.timer
    sudo systemctl enable rebalancer-lndg.timer
    sudo systemctl enable htlc-stream-lndg.service
    sudo systemctl start jobs-lndg.timer
    sudo systemctl start rebalancer-lndg.timer
    sudo systemctl start htlc-stream-lndg.service


    # setting value in raspiblitz config
    /home/admin/config.scripts/blitz.conf.sh set lndg "on"

    # Hidden Service for LNDg if Tor is active
    if [ "${runBehindTor}" = "on" ]; then
      # make sure to keep in sync with tor.network.sh script
      /home/admin/config.scripts/tor.onion-service.sh lndg 80 8886 443 8887
    fi
  fi

  echo "# LNDg install OK!"
  sleep 5

  # needed for API/WebUI as signal that install ran thru 
  echo "result='OK'"
  exit 0
fi

# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then

  echo "*** REMOVING LNDG ***"
  # remove systemd services
  sudo systemctl disable jobs-lndg.timer
  sudo systemctl disable rebalancer-lndg.timer
  sudo systemctl disable htlc-stream-lndg.service
  sudo systemctl disable gunicorn.service
  sudo rm -f /etc/systemd/system/jobs-lndg.timer
  sudo rm -f /etc/systemd/system/rebalancer-lndg.timer
  sudo rm -f /etc/systemd/system/jobs-lndg.service
  sudo rm -f /etc/systemd/system/rebalancer-lndg.service
  sudo rm -f /etc/systemd/system/htlc-stream-lndg.service
  sudo rm -f /etc/systemd/system/gunicorn.service
  # delete user and home directory
  sudo userdel -rf lndg
  # close ports on firewall
  sudo ufw deny 8889
  sudo ufw deny 8888

  # remove nginx symlinks
  sudo rm -f /etc/nginx/sites-enabled/lndg_ssl.conf
  sudo rm -f /etc/nginx/sites-enabled/lndg_tor.conf
  sudo rm -f /etc/nginx/sites-enabled/lndg_tor_ssl.conf
  sudo rm -f /etc/nginx/sites-available/lndg_ssl.conf
  sudo rm -f /etc/nginx/sites-available/lndg_tor.conf
  sudo rm -f /etc/nginx/sites-available/lndg_tor_ssl.conf
  sudo nginx -t
  sudo systemctl reload nginx

  # hidden Service if Tor is active
  if [ "${runBehindTor}" = "on" ]; then
    /home/admin/config.scripts/tor.onion-service.sh off lndg
  fi
  
  # database removal (if selected)
  if [ "$2" == "deletedatabase" ]; then
    echo "Deleting database"
    sudo rm -rf /mnt/hdd/app-data/lndg
  fi
  
  echo "OK LNDg removed."

  # setting value in raspi blitz config
  /home/admin/config.scripts/blitz.conf.sh set lndg "off"

  # needed for API/WebUI as signal that install ran thru 
  echo "result='OK'"
  exit 0
fi

# update
if [ "$1" = "update" ]; then
  echo "# UPDATING LNDG"
  echo "# Updated to the release in https://github.com/cryptosharks131/lndg"
  cd /home/lndg/lndg || exit 1
  sudo -u lndg git pull
  sudo -u lndg .venv/bin/pip install requests
  sudo -u lndg .venv/bin/python manage.py migrate
  
  # reinitialize settings.py in case update requires it
  sudo rm /home/lndg/lndg/lndg/settings.py 
  sudo /home/lndg/lndg/.venv/bin/python /home/lndg/lndg/initialize.py -wn
  
  # restart services
  sudo systemctl restart nginx
  sudo systemctl restart gunicorn.service

  echo ""
  echo "# Starting the LNDg services ... *** "
  sudo systemctl start jobs-lndg.timer
  sudo systemctl start rebalancer-lndg.timer
  sudo systemctl start htlc-stream-lndg.service

  exit 0
fi

echo "FAIL - Unknown Parameter $1"
exit 1