highperfocused/raspiblitz
1
0
Fork 0
mirror of https://github.com/raspiblitz/raspiblitz.git synced 2025-04-23 06:54:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v1.6' of https://github.com/rootzoll/raspiblitz into v1.6

Browse Source
This commit is contained in:
rootzoll 2020-07-22 21:20:20 +02:00
commit 04842d9afd
3 changed files with 100 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
home.admin/00infoBlitz.sh
View File

@ -88,7 +88,7 @@ fi
network_active_if=$(ip addr | grep -v "lo:" | grep 'state UP' | tr -d " " | cut -d ":" -f2 | head -n 1)
# get network traffic
# ifconfig does not show eth0 on Armbian or in a VM - get first traffic info
# ifconfig does not show eth0 on Armbian or in a VM - get first traffic info
isArmbian=$(cat /etc/os-release 2>/dev/null | grep -c 'Debian')
if [ ${isArmbian} -gt 0 ] || [ ! -d "/sys/class/thermal/thermal_zone0/" ]; then
network_rx=$(ifconfig | grep -m1 'RX packets' | awk '{ print $6$7 }' | sed 's/[()]//g')
@ -268,7 +268,10 @@ else
if [ ${#ln_getInfo} -eq 0 ]; then
ln_baseInfo="${color_red} Not Started | Not Ready Yet"
else
item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "(height" | tail -n1 | awk '{print $10} {print $11} {print $12}' | tr -dc '0-9')
item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "Filtering block" | tail -n1 | awk '{print $7}')
if [ ${#item} -eq 0 ]; then
item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "(height" | tail -n1 | awk '{print $10} {print $11} {print $12}' | tr -dc '0-9')
fi
total=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 2>/dev/null | jq -r '.blocks')
ln_baseInfo="${color_red} waiting for chain sync"
if [ ${#item} -gt 0 ]; then
@ -358,7 +361,7 @@ else
if [ ${#appInfoLine} -gt 0 ]; then
echo "${appInfoLine}"
fi
fi
uptime=$(uptime --pretty)
@ -417,4 +420,4 @@ EOF
fi
fi
# EOF
# EOF

2
home.admin/_bootstrap.provision.sh
View File

@ -62,7 +62,7 @@ if [ ${isRaspbian} -gt 0 ] || [ ${isArmbian} -gt 0 ]; then
exit 0
fi
else
echo "Size looks good. Bigger then 8GB card is used." >> ${logFile}
echo "Size looks good. Bigger than 8GB card is used." >> ${logFile}
fi
else
echo "Baseimage is not raspbian (${isRaspbian}), skipping the sd card size check." >> ${logFile}

176
home.admin/config.scripts/internet.sshtunnel.py
View File

@ -1,7 +1,8 @@
#!/usr/bin/python3
import sys, subprocess, re
from pathlib import Path
import re
import subprocess
import sys
# IDEA: At the momemt its just Reverse-SSh Tunnels thats why [INTERNAL-PORT]<[EXTERNAL-PORT]
# For the future also just local ssh tunnels could be added with [INTERNAL-PORT]-[EXTERNAL-PORT]
@ -19,9 +20,9 @@ if len(sys.argv) <= 1 or sys.argv[1] == "-h" or sys.argv[1] == "help":
# sudo journalctl -f -u autossh-tunnel
#
SERVICENAME="autossh-tunnel.service"
SERVICEFILE="/etc/systemd/system/"+SERVICENAME
SERVICETEMPLATE="""# see config script internet.sshtunnel.py
SERVICE_NAME = "autossh-tunnel.service"
SERVICE_FILE = "/etc/systemd/system/" + SERVICE_NAME
SERVICE_TEMPLATE = """# see config script internet.sshtunnel.py
[Unit]
Description=AutoSSH tunnel service
After=network.target
@ -38,35 +39,22 @@ WantedBy=multi-user.target
"""
# get LND port form lnd.conf
LNDPORT = subprocess.getoutput("sudo cat /mnt/hdd/lnd/lnd.conf | grep '^listen=*' | cut -f2 -d':'")
if len(LNDPORT) == 0:
LNDPORT="9735"
LND_PORT = subprocess.getoutput("sudo cat /mnt/hdd/lnd/lnd.conf | grep '^listen=*' | cut -f2 -d':'")
if len(LND_PORT) == 0:
LND_PORT = "9735"
#
# RESTORE = SWITCHING ON with restore flag on
# on restore other external scripts dont need calling
#
forwardingLND = False
restoringOnUpdate = False
if sys.argv[1] == "restore":
print("internet.sshtunnel.py -> running with restore flag")
sys.argv[1] = "on"
restoringOnUpdate = True
#
#######################
# SWITCHING ON
#
if sys.argv[1] == "on":
#######################
def on(restore_on_update=False):
forwarding_lnd = False
# check if already running
isRunning = subprocess.getoutput("sudo systemctl --no-pager | grep -c '%s'" % (SERVICENAME))
if int(isRunning) > 0:
print("SSH TUNNEL SERVICE IS RUNNING - run 'internet.sshtunnel.py off' first to set new tunnel")
sys.exit(1)
is_running = subprocess.getoutput("sudo systemctl --no-pager | grep -c '{}'".format(SERVICE_NAME))
if int(is_running) > 0:
print("SSH TUNNEL SERVICE IS RUNNING - run 'internet.sshtunnel.py off' first to set new tunnel")
sys.exit(1)
# check server address
if len(sys.argv) < 3:
@ -85,13 +73,14 @@ if sys.argv[1] == "on":
ssh_server_port = ssh_server_split[1]
else:
print("[USER]@[SERVER:PORT] wrong - use 'internet.sshtunnel.py -h' for help")
sys.exit(1)
# genenate additional parameter for autossh (forwarding ports)
# generate additional parameter for autossh (forwarding ports)
if len(sys.argv) < 4:
print("[INTERNAL-PORT]<[EXTERNAL-PORT] missing")
sys.exit(1)
ssh_ports=""
additional_parameters=""
ssh_ports = ""
additional_parameters = ""
i = 3
while i < len(sys.argv):
@ -101,101 +90,108 @@ if sys.argv[1] == "on":
sys.exit(1)
# get ports
sys.argv[i] = re.sub('"','', sys.argv[i] )
sys.argv[i] = re.sub('"', '', sys.argv[i])
ports = sys.argv[i].split("<")
port_internal = ports[0]
port_external = ports[1]
if port_internal.isdigit() == False:
if not port_internal.isdigit():
print("[INTERNAL-PORT]<[EXTERNAL-PORT] internal not number '%s'" % (sys.argv[i]))
sys.exit(1)
if port_external.isdigit() == False:
if not port_external.isdigit():
print("[INTERNAL-PORT]<[EXTERNAL-PORT] external not number '%s'" % (sys.argv[i]))
sys.exit(1)
if port_internal == LNDPORT:
sys.exit(1)
if port_internal == LND_PORT:
print("Detected LND Port Forwarding")
forwardingLND = True
forwarding_lnd = True
if port_internal != port_external:
print("FAIL: When tunneling your local LND port '%s' it needs to be the same on the external server, but is '%s'" % (LNDPORT, port_external))
print("Try again by using the same port. If you cant change the external port, change local LND port with: /home/admin/config.scripts/lnd.setport.sh")
print("FAIL: When tunneling your local LND port "
"'{}' it needs to be the same on the external server, but is '{}'".format(LND_PORT,
port_external))
print(
"Try again by using the same port. If you cant change the external port, "
"change local LND port with: /home/admin/config.scripts/lnd.setport.sh")
sys.exit(1)
ssh_ports = ssh_ports + "\"%s\" " % (sys.argv[i])
additional_parameters= additional_parameters + "-R %s:localhost:%s " % (port_external, port_internal)
additional_parameters = additional_parameters + "-R %s:localhost:%s " % (port_external, port_internal)
i = i + 1
# genenate additional parameter for autossh (server)
# generate additional parameter for autossh (server)
ssh_ports = ssh_ports.strip()
additional_parameters = additional_parameters + "-p " + ssh_server_port + " " + ssh_server_host
additional_parameters = additional_parameters + "-p " + ssh_server_port + " " + ssh_server_host
# generate custom service config
service_data = SERVICETEMPLATE.replace("[PLACEHOLDER]", additional_parameters)
service_data = SERVICE_TEMPLATE.replace("[PLACEHOLDER]", additional_parameters)
# debug print out service
print()
print("*** New systemd service: %s" % (SERVICENAME))
print("*** New systemd service: {}".format(SERVICE_NAME))
print(service_data)
# write service file
service_file = open("/home/admin/temp.service", "w")
service_file.write(service_data)
service_file.close()
subprocess.call("sudo mv /home/admin/temp.service %s" % (SERVICEFILE), shell=True)
subprocess.call("sudo mv /home/admin/temp.service {}".format(SERVICE_FILE), shell=True)
# check if SSH keys for root user need to be created
print()
print("*** Checking root SSH pub keys")
ssh_pubkey=""
try:
ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True)
print("OK - root id_rsa.pub file exists")
except subprocess.CalledProcessError as e:
except subprocess.CalledProcessError:
print("Generating root SSH keys ...")
subprocess.call("sudo sh -c 'yes y | sudo -u root ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N \"\"'", shell=True)
subprocess.call("sudo sh -c 'yes y | sudo -u root ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N \"\"'",
shell=True)
ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True)
# copy SSH keys for backup (for update with new sd card)
print("making backup copy of SSH keys")
subprocess.call("sudo cp -r /root/.ssh /mnt/hdd/ssh/root_backup", shell=True)
print("DONE")
# write ssh tunnel data to raspiblitz config (for update with new sd card)
print("*** Updating RaspiBlitz Config")
with open('/mnt/hdd/raspiblitz.conf') as f:
file_content = f.read()
if file_content.count("sshtunnel=") == 0:
file_content = file_content+"\nsshtunnel=''"
file_content = file_content + "\nsshtunnel=''"
file_content = re.sub("sshtunnel=.*", "sshtunnel='%s %s'" % (ssh_server, ssh_ports), file_content)
if restoringOnUpdate == False:
serverdomain=ssh_server.split("@")[1]
ssh_server = serverdomain
if not restore_on_update:
server_domain = ssh_server.split("@")[1]
ssh_server = server_domain
if ssh_server.count(":") == 0:
ssh_server_host = ssh_server
ssh_server_port = "22"
ssh_server_port = "22" # ToDo(frennkie) this is not used
elif ssh_server.count(":") == 1:
ssh_server_split = ssh_server.split(":")
ssh_server_host = ssh_server_split[0]
ssh_server_port = ssh_server_split[1]
ssh_server_port = ssh_server_split[1] # ToDo(frennkie) this is not used
else:
print("syntax error!")
sys.exit(1)
# make sure serverdomain is set as tls alias
# make sure server_domain is set as tls alias
print("Setting server as tls alias")
oldConfigHash=subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf")
old_config_hash = subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf")
subprocess.call("sudo sed -i \"s/^#tlsextradomain=.*/tlsextradomain=/g\" /mnt/hdd/lnd/lnd.conf", shell=True)
subprocess.call("sudo sed -i \"s/^tlsextradomain=.*/tlsextradomain=%s/g\" /mnt/hdd/lnd/lnd.conf" % (ssh_server_host), shell=True)
newConfigHash=subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf")
if oldConfigHash != newConfigHash:
subprocess.call(
"sudo sed -i \"s/^tlsextradomain=.*/tlsextradomain={}/g\" /mnt/hdd/lnd/lnd.conf".format(ssh_server_host),
shell=True)
new_config_hash = subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf")
if old_config_hash != new_config_hash:
print("lnd.conf changed ... generating new TLS cert")
subprocess.call(sudo /home/admin/config.scripts/lnd.tlscert.sh refresh", shell=True)
subprocess.call("sudo /home/admin/config.scripts/lnd.tlscert.sh refresh", shell=True)
else:
print("lnd.conf unchanged... keep TLS cert")
if forwardingLND:
if forwarding_lnd:
# setting server explicitly on LND if LND port is forwarded
print("Setting fixed address for LND with raspiblitz lndAddress")
file_content = re.sub("lndAddress=.*", "lndAddress='%s'" % (ssh_server_host), file_content)
file_content = re.sub("lndAddress=.*", "lndAddress='{}'".format(ssh_server_host), file_content)
else:
print("No need to set fixed address for LND with raspiblitz lndAddress")
file_content = "".join([s for s in file_content.splitlines(True) if s.strip("\r\n")]) + "\n"
@ -209,12 +205,12 @@ if sys.argv[1] == "on":
print()
print("*** Install autossh")
subprocess.call("sudo apt-get install -y autossh", shell=True)
# enable service
print()
print("*** Enabling systemd service: %s" % (SERVICENAME))
print("*** Enabling systemd service: {}".format(SERVICE_NAME))
subprocess.call("sudo systemctl daemon-reload", shell=True)
subprocess.call("sudo systemctl enable %s" % (SERVICENAME), shell=True)
subprocess.call("sudo systemctl enable {}".format(SERVICE_NAME), shell=True)
# final info (can be ignored if run by other script)
print()
@ -224,22 +220,21 @@ if sys.argv[1] == "on":
print("See chapter 'How to setup port-forwarding with a SSH tunnel?' in:")
print("https://github.com/rootzoll/raspiblitz/blob/master/FAQ.md")
print("- Tunnel service needs final reboot to start.")
print("- After reboot check logs: sudo journalctl -f -u %s" % (SERVICENAME))
print("- Make sure the SSH pub key of this RaspiBlitz is in 'authorized_keys' of %s:" % (ssh_server_host))
print("- After reboot check logs: sudo journalctl -f -u {}".format(SERVICE_NAME))
print("- Make sure the SSH pub key of this RaspiBlitz is in 'authorized_keys' of {}:".format(ssh_server_host))
print(ssh_pubkey)
print()
#
#######################
# SWITCHING OFF
#
elif sys.argv[1] == "off":
print("*** Disabling systemd service: %s" % (SERVICENAME))
subprocess.call("sudo systemctl stop %s" % (SERVICENAME), shell=True)
subprocess.call("sudo systemctl disable %s" % (SERVICENAME), shell=True)
#######################
def off():
print("*** Disabling systemd service: {}".format(SERVICE_NAME))
subprocess.call("sudo systemctl stop {}".format(SERVICE_NAME), shell=True)
subprocess.call("sudo systemctl disable {}".format(SERVICE_NAME), shell=True)
subprocess.call("sudo systemctl reset-failed", shell=True)
subprocess.call("sudo rm %s" % (SERVICEFILE), shell=True)
subprocess.call("sudo rm {}".format(SERVICE_FILE), shell=True)
subprocess.call("sudo systemctl daemon-reload", shell=True)
print("OK Done")
print()
@ -258,9 +253,22 @@ elif sys.argv[1] == "off":
text_file.write(file_content)
print("OK Done")
#
# UNKOWN PARAMETER
#
else:
print ("unkown parameter - use 'internet.sshtunnel.py -h' for help")
def main():
if sys.argv[1] == "restore":
print("internet.sshtunnel.py -> running with restore flag")
on(restore_on_update=True)
elif sys.argv[1] == "on":
on()
elif sys.argv[1] == "off":
off()
else:
# UNKNOWN PARAMETER
print("unknown parameter - use 'internet.sshtunnel.py -h' for help")
if __name__ == '__main__':
main()