From 06a7d83b2b349a6825f1c51374f240188b5b6109 Mon Sep 17 00:00:00 2001 From: rootzoll Date: Tue, 31 Aug 2021 23:41:24 +0200 Subject: [PATCH] refactoring RTL install script --- home.admin/config.scripts/bonus.rtl.sh | 631 ++++++++++++++----------- 1 file changed, 344 insertions(+), 287 deletions(-) diff --git a/home.admin/config.scripts/bonus.rtl.sh b/home.admin/config.scripts/bonus.rtl.sh index 84df110d9..d0637b7f8 100755 --- a/home.admin/config.scripts/bonus.rtl.sh +++ b/home.admin/config.scripts/bonus.rtl.sh @@ -8,15 +8,13 @@ source /mnt/hdd/raspiblitz.conf # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "# config script to switch the RideTheLightning WebGUI on, off or update" - echo - echo "# bonus.rtl.sh [on|off|menu|config] " + echo "# config script for RideTheLightning $RTLVERSION WebInterface" echo "# able to run intances for lnd and cln parallel" echo "# lnd mainnet and testnet can run parallel" echo "# cln can only have one network active at a time" - echo - echo "# bonus.rtl.sh update" - echo "# installs the version $RTLVERSION by default" + echo "# bonus.rtl.sh [on|off|menu] " + echo "# bonus.rtl.sh connect-services" + echo "# bonus.rtl.sh prestart " exit 1 fi @@ -24,7 +22,7 @@ echo "# Running: 'bonus.rtl.sh $*'" # LNTYPE is lnd | cln LNTYPE=$2 -if [ "${LNTYPE}" != "lnd" ] && [ "${LNTYPE}" != "cln" ]; then +if [ "${LNTYPE}" != "" ] && [ "${LNTYPE}" != "lnd" ] && [ "${LNTYPE}" != "cln" ]; then echo "# ${LNTYPE} is not a supported LNTYPE" echo "err='not supported parameter'" exit 1 @@ -33,7 +31,7 @@ echo "# LNTYPE(${LNTYPE})" # CHAIN is signet | testnet | mainnet CHAIN=$3 -if [ ${CHAIN} != testnet ] && [ ${CHAIN} != mainnet ] && [ ${CHAIN} != signet ]; then +if [ "${CHAIN}" != "" ] && [ "${CHAIN}" != "testnet" ] && [ "${CHAIN}" != "mainnet" ] && [ "${CHAIN}" != "signet" ]; then echo "# ${CHAIN} is not a supported CHAIN" echo "err='not supported parameter'" exit 1 @@ -67,7 +65,7 @@ echo "# typeprefix(${typeprefix})" # construct needed varibale elements configEntry="${netprefix}${typeprefix}rtlWebinterface" -systemdService="${netprefix}${typeprefix}RTL.service" +systemdService="${netprefix}${typeprefix}RTL" echo "# configEntry(${configEntry})" echo "# systemdService(${systemdService})" @@ -78,6 +76,12 @@ echo "# systemdService(${systemdService})" # show info menu if [ "$1" = "menu" ]; then + # check that parameters are set + if [ "${LNTYPE}" == "" ] || [ "${CHAIN}" == "" ]; then + echo "# missing parameter" + exit 1 + fi + # get network info localip=$(hostname -I | awk '{print $1}') toraddress=$(sudo cat /mnt/hdd/tor/${netprefix}${typeprefix}RTL/hostname 2>/dev/null) @@ -122,88 +126,101 @@ fi echo "# making sure services are not running" sudo systemctl stop ${systemdService} 2>/dev/null -# switch on + +########################## +# ON +######################### + if [ "$1" = "1" ] || [ "$1" = "on" ]; then + + # check that parameters are set + if [ "${LNTYPE}" == "" ] || [ "${CHAIN}" == "" ]; then + echo "# missing parameter" + exit 1 + fi + + # check that is installed + isInstalled=$(sudo ls /etc/systemd/system/${systemdService}.service 2>/dev/null | grep -c "${systemdService}.service") + if [ ${isInstalled} -eq 1 ]; then + echo "# OK, the ${netprefix}${typeprefix}RTL.service is already installed." + exit 1 + fi + echo "# Installing RTL for ${LNTYPE} ${CHAIN}" - isInstalled=$(sudo ls /etc/systemd/system/${systemdService} 2>/dev/null | grep -c "${systemdService}") - if ! [ ${isInstalled} -eq 0 ]; then - echo "# OK, the ${netprefix}${typeprefix}RTL.service is already installed." + # check and install NodeJS + /home/admin/config.scripts/bonus.nodejs.sh on + + # create rtl user (one for all instances) + if [ $(compgen -u | grep -c rtl) -eq 0 ];then + sudo adduser --disabled-password --gecos "" rtl || exit 1 + fi + echo "# Make sure symlink to central app-data directory exists" + if ! [[ -L "/home/rtl/.lnd" ]]; then + sudo rm -rf "/home/rtl/.lnd" 2>/dev/null # not a symlink.. delete it silently + sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/rtl/.lnd" # and create symlink + fi + if [ "${LNTYPE}" == "lnd"]; then + # for LND make sure user rtl is allowed to access admin macaroons + echo "# adding user rtl to group lndadmin" + sudo /usr/sbin/usermod --append --groups lndadmin rtl + fi + + # source code (one place for all instances) + if [ -f /home/rtl/RTL/rtl ];then + echo "# OK - the RTL code is already present - just update" + cd /home/rtl/RTL + sudo -u rtl git pull else - - # check and install NodeJS - /home/admin/config.scripts/bonus.nodejs.sh on - - # create rtl user - if [ $(compgen -u | grep -c rtl) -eq 0 ];then - sudo adduser --disabled-password --gecos "" rtl || exit 1 - fi - - echo "# Make sure symlink to central app-data directory exists" - if ! [[ -L "/home/rtl/.lnd" ]]; then - sudo rm -rf "/home/rtl/.lnd" # not a symlink.. delete it silently - sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/rtl/.lnd" # and create symlink - fi - - if [ -f /home/rtl/RTL/rtl ];then - echo "# OK - the RTL code is already present" - cd /home/rtl/RTL - sudo -u rtl git pull + # download source code and set to tag release + echo "# Get the RTL Source Code" + sudo -u rtl rm -rf /home/rtl/RTL 2>/dev/null + sudo -u rtl git clone https://github.com/ShahanaFarooqui/RTL.git /home/rtl/RTL + cd /home/rtl/RTL + fi - else - # download source code and set to tag release - echo "# Get the RTL Source Code" - rm -rf /home/admin/RTL 2>/dev/null - sudo -u rtl rm -rf /home/rtl/RTL 2>/dev/null - sudo -u rtl git clone https://github.com/ShahanaFarooqui/RTL.git /home/rtl/RTL - cd /home/rtl/RTL - fi - - # check https://github.com/Ride-The-Lightning/RTL/releases/ - sudo -u rtl git reset --hard $RTLVERSION - # from https://github.com/Ride-The-Lightning/RTL/commits/master - # git checkout 917feebfa4fb583360c140e817c266649307ef72 - if [ -d "/home/rtl/RTL" ]; then - echo "# OK - RTL code copy looks good" - else - echo "# FAIL - code copy did not run correctly" - echo "# ABORT - RTL install" - exit 1 - fi - echo + # check https://github.com/Ride-The-Lightning/RTL/releases/ + sudo -u rtl git reset --hard $RTLVERSION + # from https://github.com/Ride-The-Lightning/RTL/commits/master + # git checkout 917feebfa4fb583360c140e817c266649307ef72 + if [ -d "/home/rtl/RTL" ]; then + echo "# OK - RTL code copy looks good" + else + echo "# FAIL - RTL code not available" + echo "err='code download falied'" + exit 1 + fi + echo - # install - echo "# Run: npm install" - export NG_CLI_ANALYTICS=false - sudo -u rtl npm install --only=prod - if ! [ $? -eq 0 ]; then - echo "# FAIL - npm install did not run correctly, aborting" - exit 1 - else - echo "# OK - RTL install looks good" - echo - fi - - echo "# Updating Firewall" - sudo ufw allow ${RTLHTTP} comment "${netprefix}${typeprefix}RTL HTTP" - sudo ufw allow $((RTLHTTP+1)) comment "${netprefix}${typeprefix}RTL HTTPS" + # install + echo "# Run: npm install" + export NG_CLI_ANALYTICS=false + sudo -u rtl npm install --only=prod + if ! [ $? -eq 0 ]; then + echo "# FAIL - npm install did not run correctly, aborting" + exit 1 + else + echo "# OK - RTL install looks good" echo + fi + + echo "# Updating Firewall" + sudo ufw allow ${RTLHTTP} comment "${systemdService} HTTP" + sudo ufw allow $((RTLHTTP+1)) comment "${systemdService} HTTPS" + echo - if [ $LNTYPE = lnd ];then - echo "# Install service" - echo "# Install RTL systemd for ${network} on ${chain}" - echo " -# Systemd unit for ${netprefix}${typeprefix}RTL -# /etc/systemd/system/${netprefix}${typeprefix}RTL.service + echo "# Create Systemd Service: ${systemdService}.service (Template)" + echo " +# Systemd unit for ${systemdService} [Unit] -Description=${netprefix}${typeprefix}RTL daemon -Wants=lnd.service -After=lnd.service +Description=${systemdService} Webinterface +Wants= +After= [Service] -Environment=\"RTL_CONFIG_PATH=/home/rtl/${netprefix}${typeprefix}RTL/\" -ExecStartPre=-/home/admin/config.scripts/bonus.rtl.sh config ${LNTYPE} ${CHAIN} +Environment=\"RTL_CONFIG_PATH=/home/rtl/${systemdService}/\" +ExecStartPre=-/home/admin/config.scripts/bonus.rtl.sh prestart ${LNTYPE} ${CHAIN} ExecStart=/usr/bin/node /home/rtl/RTL/rtl User=rtl Restart=always @@ -220,82 +237,25 @@ PrivateDevices=true [Install] WantedBy=multi-user.target -" | sudo tee /home/admin/${netprefix}${typeprefix}RTL.service - sudo mv /home/admin/${netprefix}${typeprefix}RTL.service /etc/systemd/system/${netprefix}${typeprefix}RTL.service - sudo sed -i "s|chain/bitcoin/mainnet|chain/${network}/${CHAIN}|" /etc/systemd/system/${netprefix}${typeprefix}RTL.service - sudo chown root:root /etc/systemd/system/${netprefix}${typeprefix}RTL.service +" | sudo tee /etc/systemd/system/${systemdService}.service + sudo chown root:root /etc/systemd/system/${systemdService}.service - elif [ $LNTYPE = cln ];then - # clnrest - /home/admin/config.scripts/cln.rest.sh on ${CHAIN} - echo " -# Systemd unit for ${netprefix}${typeprefix}RTL -# /etc/systemd/system/${netprefix}${typeprefix}RTL.service - -[Unit] -Description=${netprefix}${typeprefix}RTL daemon -Wants=${netprefix}lightningd.service -After=${netprefix}lightningd.service - -[Service] -Environment=\"RTL_CONFIG_PATH=/home/rtl/${netprefix}RTL/\" -Environment=\"PORT=$RTLHTTP\" -Environment=\"LN_IMPLEMENTATION=CLT\" -Environment=\"LN_SERVER_URL=https://localhost:${portprefix}6100\" -Environment=\"CONFIG_PATH=/home/bitcoin/.lightning/${netprefix}config\" -Environment=\"MACAROON_PATH=/home/bitcoin/c-lightning-REST/certs\" -ExecStartPre=-/home/admin/config.scripts/bonus.rtl.sh config ${LNTYPE} ${CHAIN} -ExecStart=/usr/bin/node /home/rtl/RTL/rtl -User=rtl -Restart=always -TimeoutSec=120 -RestartSec=30 -StandardOutput=null -StandardError=journal - -# Hardening measures -PrivateTmp=true -ProtectSystem=full -NoNewPrivileges=true -PrivateDevices=true - -[Install] -WantedBy=multi-user.target -" | sudo tee /etc/systemd/system/${netprefix}${typeprefix}RTL.service - fi - fi - - echo "# Setup nginx symlinks" - if ! [ -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/rtl_ssl.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf - fi - if ! [ -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/rtl_tor.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf - fi - if ! [ -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf ]; then - sudo cp /home/admin/assets/nginx/sites-available/rtl_tor_ssl.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf + # adapt systemd service template for LND + if [ "${LNTYPE}" == "lnd" ]; then + echo "# modifying ${systemdService}.service for LND" + sudo sed -i "s/^Wants=.*/Wants=${netprefix}lnd.service/g" /etc/systemd/system/${systemdService}.service + sudo sed -i "s/^After=.*/After=${netprefix}lnd.service/g" /etc/systemd/system/${systemdService}.service fi - echo "# Set ports for Nginx" - sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf - sudo sed -i "s/3001/$((RTLHTTP+1))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf + # adapt systemd service template for LND + if [ "${LNTYPE}" == "cln" ]; then + echo "# modifying ${systemdService}.service for CLN" + sudo sed -i "s/^Wants=.*/Wants=${netprefix}lightningd.service/g" /etc/systemd/system/${systemdService}.service + sudo sed -i "s/^After=.*/After=${netprefix}lightningd.service/g" /etc/systemd/system/${systemdService}.service + fi - sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf - sudo sed -i "s/3002/$((RTLHTTP+2))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf - - sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf - sudo sed -i "s/3003/$((RTLHTTP+3))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf - - sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf /etc/nginx/sites-enabled/ - sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf /etc/nginx/sites-enabled/ - sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf /etc/nginx/sites-enabled/ - sudo nginx -t - sudo systemctl reload nginx - - /home/admin/config.scripts/bonus.rtl.sh config $2 $3 - - # setting value in raspi blitz config - sudo sed -i "s/^${netprefix}${typeprefix}rtlWebinterface=.*/${netprefix}${typeprefix}rtlWebinterface=on/g" /mnt/hdd/raspiblitz.conf + # Note about RTL config file + echo "# NOTE: the RTL config for this instance will be done on the fly as a prestart in systemd" # Hidden Service for RTL if Tor is active if [ "${runBehindTor}" = "on" ]; then @@ -303,59 +263,219 @@ WantedBy=multi-user.target /home/admin/config.scripts/internet.hiddenservice.sh ${netprefix}${typeprefix}RTL 80 $((RTLHTTP+2)) 443 $((RTLHTTP+3)) fi - sudo systemctl enable ${netprefix}${typeprefix}RTL - echo "# OK - the ${netprefix}${typeprefix}RTL.service is now enabled" + # nginx configuration + echo "# Setup nginx confs" + sudo cp /home/admin/assets/nginx/sites-available/rtl_ssl.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf + sudo cp /home/admin/assets/nginx/sites-available/rtl_tor.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf + sudo cp /home/admin/assets/nginx/sites-available/rtl_tor_ssl.conf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf + sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf + sudo sed -i "s/3001/$((RTLHTTP+1))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf + sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf + sudo sed -i "s/3002/$((RTLHTTP+2))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf + sudo sed -i "s/3000/$RTLHTTP/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf + sudo sed -i "s/3003/$((RTLHTTP+3))/g" /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf + sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf /etc/nginx/sites-enabled/ + sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf /etc/nginx/sites-enabled/ + sudo ln -sf /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf /etc/nginx/sites-enabled/ + sudo nginx -t + sudo systemctl reload nginx - source /home/admin/raspiblitz.info - if [ "${state}" == "ready" ]; then - echo "# OK - system is ready so starting service" - sudo systemctl start ${netprefix}${typeprefix}RTL - echo "# Monitor with:" - echo "sudo journalctl -f -u ${netprefix}${typeprefix}RTL" - else - echo "# OK - To start manually use: 'sudo systemctl start RTL'" - fi + # run config as root to connect prepare services (lit, pool, ...) + sudo /home/admin/config.scripts/bonus.rtl.sh connect-services + + # raspiblitz.config + sudo sed -i "s/^${configEntry}=.*/${configEntry}=on/g" /mnt/hdd/raspiblitz.conf + + sudo systemctl enable ${systemdService} + sudo systemctl start ${systemdService} + echo "# OK - the ${systemdService}.service is now enabled & started" + echo "# Monitor with: sudo journalctl -f -u sudo journalctl -f -u" exit 0 fi +########################## +# CONNECT SERVICES +# will be called by lit or loop services to make sure services +# are connected or on RTL install/update +######################### + +if [ "$1" = "connect-services" ]; then + + if [ "$USER" != "root" ] && [ "$USER" != "admin" ]; then + echo "# FAIL: run as user root or admin" + exit 1 + fi + + echo "## RTL CONNECT-SERVICES (when run as admin or root)" + + # LIT & LOOP Swap Server + echo "# checking of swap server ..." + if [ "${lit}" = "on" ]; then + echo "# LIT DETECTED" + echo "# Add the rtl user to the lit group" + sudo /usr/sbin/usermod --append --groups lit rtl + echo "# Symlink the lit-loop.macaroon" + sudo rm -rf "/home/rtl/.loop" # delete symlink + sudo ln -s "/home/lit/.loop/" "/home/rtl/.loop" # create symlink + echo "# Make the loop macaroon group readable" + sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db + elif [ "${loop}" = "on" ]; then + echo "# LOOP DETECTED" + echo "# Add the rtl user to the loop group" + sudo /usr/sbin/usermod --append --groups loop rtl + echo "# Symlink the loop.macaroon" + sudo rm -rf "/home/rtl/.loop" # delete symlink + sudo ln -s "/home/loop/.loop/" "/home/rtl/.loop" # create symlink + echo "# Make the loop macaroon group readable" + sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db + else + echo "# No lit or loop single detected" + fi + + echo "# RTL CONNECT-SERVICES done" + exit 0 + +fi + +########################## +# PRESTART +# - will be called as prestart by systemd service (as user rtl) +######################### + +if [ "$1" = "prestart" ]; then + + # check that parameters are set + if [ "${LNTYPE}" == "" ] || [ "${CHAIN}" == "" ]; then + echo "# missing parameter" + exit 1 + fi + + # users need to be `rtl` so that it can be run by systemd as prestart (no SUDO available) + if [ "$USER" != "rtl" ]; then + echo "# FAIL: run as user rtl" + exit 1 + fi + + echo "## RTL PRESTART CONFIG (called by systemd prestart)" + + # getting the up-to-date RPC password + RPCPASSWORD=$(cat /mnt/hdd/${network}/${network}.conf | grep "^rpcpassword=" | cut -d "=" -f2) + echo "# Using RPCPASSWORD(${RPCPASSWORD})" + + # determine correct loop swap server port (lit over loop single) + if [ "${lit}" = "on" ]; then + echo "# use lit loop port" + SWAPSERVERPORT=8443 + elif [ "${loop}" = "on" ]; then + echo "# use loop single instance port" + SWAPSERVERPORT=8081 + else + echo "# No lit or loop single detected" + SWAPSERVERPORT="" + fi + + # prepare RTL-Config.json file + echo "# PREPARE /home/rtl/${systemdService}/RTL-Config.json" + # make and clean directory + mkdir -p /home/rtl/${systemdService} + rm -f /home/rtl/${systemdService}/RTL-Config.json 2>/dev/null + # copy template + cp /home/rtl/RTL/docs/Sample-RTL-Config.json /home/rtl/${systemdService}/RTL-Config.json + chmod 600 /home/rtl/${systemdService}/RTL-Config.json + + # LND changes of config + if [ "${LNType}" == "lnd" ]; then + echo "# LND Config" + cat /home/rtl/${systemdService}/RTL-Config.json | \ + jq ".port = \"${RTLHTTP}\"" | \ + jq ".multiPass = \"${RPCPASSWORD}\"" | \ + jq ".nodes[0].lnNode = \"${hostname}\"" | \ + jq ".nodes[0].lnImplementation = \"LND\"" | \ + jq ".nodes[0].Authentication.macaroonPath = \"/home/rtl/.lnd/data/chain/${network}/${CHAIN}/\"" | \ + jq ".nodes[0].Authentication.configPath = \"/home/rtl/.lnd/${netprefix}lnd.conf\"" | \ + jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | \ + jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | \ + jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | \ + jq ".nodes[0].nodes[0].Settings.channelBackupPath = \"/home/rtl/${systemdService}-SCB-backup-$hostname\"" | \ + jq ".nodes[0].nodes[0].Settings.swapServerUrl = \"https://localhost:${SWAPSERVERPORT}\"" > /home/rtl/${systemdService}/RTL-Config.json.tmp + mv /home/rtl/${systemdService}/RTL-Config.json.tmp /home/rtl/${systemdService}/RTL-Config.json + fi + + # C-Lightning changes of config + # https://github.com/Ride-The-Lightning/RTL/blob/master/docs/C-Lightning-setup.md + if [ "${LNType}" == "cln" ]; then + echo "# CLN Config" + cat /home/rtl/${systemdService}/RTL-Config.json | \ + jq ".port = \"${RTLHTTP}\"" | \ + jq ".multiPass = \"${RPCPASSWORD}\"" | \ + jq ".nodes[0].lnNode = \"${hostname}\"" | \ + jq ".nodes[0].lnImplementation = \"CLT\"" | \ + jq ".nodes[0].Authentication.macaroonPath = \"/home/bitcoin/c-lightning-REST/certs\"" | \ + jq ".nodes[0].Authentication.configPath = \"/home/bitcoin/.lightning/${netprefix}config\"" | \ + jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" | \ + jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" | \ + jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" | \ + jq ".nodes[0].Settings.lnServerUrl = \"https://localhost:${portprefix}6100\"" | \ + jq ".nodes[0].nodes[0].Settings.channelBackupPath = \"/home/rtl/${systemdService}-SCB-backup-$hostname\"" | \ + jq ".nodes[0].nodes[0].Settings.swapServerUrl = \"https://localhost:${SWAPSERVERPORT}\"" > /home/rtl/${systemdService}/RTL-Config.json.tmp + mv /home/rtl/${systemdService}/RTL-Config.json.tmp /home/rtl/${systemdService}/RTL-Config.json + fi + + echo "# RTL prestart config done" + exit 0 +fi + +########################## +# OFF +######################### + # switch off if [ "$1" = "0" ] || [ "$1" = "off" ]; then + # check that parameters are set + if [ "${LNTYPE}" == "" ] || [ "${CHAIN}" == "" ]; then + echo "# missing parameter" + exit 1 + fi + # setting value in raspi blitz config - sudo sed -i "s/^${netprefix}${typeprefix}rtlWebinterface=.*/${netprefix}${typeprefix}rtlWebinterface=off/g" /mnt/hdd/raspiblitz.conf + sudo sed -i "s/^${configEntry}=.*/${configEntry}=off/g" /mnt/hdd/raspiblitz.conf # remove nginx symlinks - sudo rm -f /etc/nginx/sites-enabled/${netprefix}${typeprefix}rtl_ssl.conf - sudo rm -f /etc/nginx/sites-enabled/${netprefix}${typeprefix}rtl_tor.conf - sudo rm -f /etc/nginx/sites-enabled/${netprefix}${typeprefix}rtl_tor_ssl.conf - sudo rm -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf - sudo rm -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf - sudo rm -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf + sudo rm -f /etc/nginx/sites-enabled/${netprefix}${typeprefix}rtl_ssl.conf 2>/dev/null + sudo rm -f /etc/nginx/sites-enabled/${netprefix}${typeprefix}rtl_tor.conf 2>/dev/null + sudo rm -f /etc/nginx/sites-enabled/${netprefix}${typeprefix}rtl_tor_ssl.conf 2>/dev/null + sudo rm -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_ssl.conf 2>/dev/null + sudo rm -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor.conf 2>/dev/null + sudo rm -f /etc/nginx/sites-available/${netprefix}${typeprefix}rtl_tor_ssl.conf 2>/dev/null sudo nginx -t sudo systemctl reload nginx # Hidden Service if Tor is active if [ "${runBehindTor}" = "on" ]; then - /home/admin/config.scripts/internet.hiddenservice.sh off ${netprefix}${typeprefix}RTL + /home/admin/config.scripts/internet.hiddenservice.sh off ${systemdService} fi - isInstalled=$(sudo ls /etc/systemd/system/${netprefix}${typeprefix}RTL.service 2>/dev/null | grep -c "${netprefix}${typeprefix}RTL.service") + isInstalled=$(sudo ls /etc/systemd/system/${systemdService}.service 2>/dev/null | grep -c "${systemdService}.service") if [ ${isInstalled} -eq 1 ]; then - echo "# Removing RTL for ${LNTYPE} ${CHAIN}" - sudo systemctl disable ${netprefix}${typeprefix}RTL - sudo rm /etc/systemd/system/${netprefix}${typeprefix}RTL.service - if [ $LNTYPE = cln ];then - /home/admin/config.scripts/cln.rest.sh off ${CHAIN} - fi + + echo "# Removing RTL for ${LNTYPE} ${CHAIN}" + sudo systemctl disable ${systemdService}.service + sudo rm /etc/systemd/system/${systemdService}.service + + # only if 'purge' is an additional parameter (might otherwise other instances/services might need this) if [ "$(echo "$@" | grep -c purge)" -gt 0 ];then echo "# Removing the binaries" echo "# Delete user and home directory" sudo userdel -rf rtl + if [ $LNTYPE = cln ];then + /home/admin/config.scripts/cln.rest.sh off ${CHAIN} + fi fi - echo "# OK ${netprefix}${typeprefix}RTL removed." + echo "# OK ${systemdService} removed." else - echo "# ${netprefix}${typeprefix}RTL is not installed." + echo "# ${systemdService} is not installed." fi # close ports on firewall @@ -364,114 +484,51 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then exit 0 fi -# config -if [ "$1" = "config" ]; then - echo "# CONFIG RTL" - if [ $LNTYPE = lnd ]; then - echo "# Make sure rtl is member of lndadmin" - sudo /usr/sbin/usermod --append --groups lndadmin rtl - SWAPSERVERPORT=8443 - if [ "$(grep -Ec "(loop=|lit=)" < /mnt/hdd/raspiblitz.conf)" -gt 0 ];then - if [ $lit = on ];then - echo "# Add the rtl user to the lit group" - sudo /usr/sbin/usermod --append --groups lit rtl - echo "# Symlink the lit-loop.macaroon" - sudo rm -rf "/home/rtl/.loop" # delete symlink - sudo ln -s "/home/lit/.loop/" "/home/rtl/.loop" # create symlink - SWAPSERVERPORT=8443 - elif [ $loop = on ];then - echo "# Add the rtl user to the loop group" - sudo /usr/sbin/usermod --append --groups loop rtl - echo "# Symlink the loop.macaroon" - sudo rm -rf "/home/rtl/.loop" # delete symlink - sudo ln -s "/home/loop/.loop/" "/home/rtl/.loop" # create symlink - SWAPSERVERPORT=8081 - fi - echo "# Make the loop macaroon group readable" - sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db - else - echo "# No Loop or LiT is installed" - fi - fi - - # prepare RTL-Config.json file - echo "# ${netprefix}${typeprefix}RTL/RTL.conf" - # change of config: https://github.com/Ride-The-Lightning/RTL/tree/v0.6.4 - sudo cp /home/rtl/RTL/docs/Sample-RTL-Config.json /home/admin/RTL-Config.json - sudo chown admin:admin /home/admin/RTL-Config.json - sudo chmod 600 /home/admin/RTL-Config.json || exit 1 - PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-) - # modify sample-RTL-Config.json and save in RTL-Config.json - node > /home/admin/RTL-Config.json <