highperfocused/raspiblitz
1
0
Fork 0
mirror of https://github.com/raspiblitz/raspiblitz.git synced 2025-04-13 06:09:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

#2425 Adding experimental Blitz WebUI & API (#2426)

Browse Source
This commit is contained in:
/rootzoll 2021-07-20 16:57:41 +02:00 committed by GitHub
parent d98ce4d601
commit 2434875723
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 395 additions and 307 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
home.admin/assets/blitzweb.conf
View File

@ -1,44 +0,0 @@
## RaspiBlitz NGINX config: blitzweb.conf
server {
# localhost only
listen 127.0.0.1:443 ssl default_server;
listen [::1]:443 ssl default_server;
# any interface
#listen 443 ssl default_server;
#listen [::]:443 ssl default_server;
server_name _;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";
add_header Strict-Transport-Security "max-age=31536000";
# ToDo(frennkie) if /mnt/hdd/app-data is missing (e.g. no disk) this will cause nginx to fail!
ssl_certificate /mnt/hdd/app-data/nginx/tls.cert;
ssl_certificate_key /mnt/hdd/app-data/nginx/tls.key;
##
# Logging Settings
##
access_log /var/log/nginx/access_raspiblitz.log;
error_log /var/log/nginx/error_raspiblitz.log;
root /var/www/blitzweb;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /info/ {
auth_basic "BlitzWeb (admin:Password B)";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}

18
home.admin/assets/nginx/sites-available/public.conf
View File

@ -4,17 +4,23 @@ server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/public;
index index.html;
server_name _;
# proxy for API
location /api/ {
proxy_pass http://127.0.0.1:11111/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
}
# directory for acme challenge
location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
root /var/www/letsencrypt;
}
root /var/www/public;
index index.html;
server_name _;
location / {
# make sure to have https link to exact same host that was called
sub_filter '<a href="https://HOST_SET_BY_NGINX/' '<a href="https://$host/';

BIN
home.admin/assets/nginx/www_blitzweb/favicon.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.1 KiB

BIN
home.admin/assets/nginx/www_blitzweb/info/RaspiBlitz_Logo_Icon_Negative_Cut.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.8 KiB

1
home.admin/assets/nginx/www_blitzweb/info/index.html
View File

@ -1 +0,0 @@
/var/cache/raspiblitz/info.html

48
home.admin/assets/nginx/www_blitzweb/info/info.j2
View File

@ -1,48 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>RaspiBlitz Status</title>
<link rel="stylesheet" href="status.css">
</head>
<body>
<div class="grid-container" id="regular">
<div class="header">
<p>Info Dashboard (Updated: {{ datetime }})</p>
</div>
<div class="logo">
<img src="RaspiBlitz_Logo_Icon_Negative_Cut.png" height="310" width="196" />
</div>
<div class="main">
<p>RaspiBlitz v{{ codeVersion }} {{ hostname }}</p>
<p>{{ network }} Fullnode + Lightning Network {{ torInfo }}</p>
<p>&nbsp;<p>
<p>CPU load {{ load }}, temp {{ tempC }}°C {{ tempF }}°F</p>
<p>Free Mem {{ ram }} HDDuse {{ hddUsedInfo }}</p>
<p>{{ uptime }}</p>
<p>ssh admin@{{ local_ip }} ▼{{ network_rx }} ▲{{ network_tx }}</p>
{% if runningRTL == '1' %}
<p>web admin --> <a href="http://{{ local_ip }}:3000">http://{{ local_ip }}:3000</a></p>
{% endif %}
<p>&nbsp;<p>
<p>{{ network }} {{ networkVersion }} {{ chain }}net Sync OK {{ sync_percentage }}</p> <!-- ToDo(frennkie) this doesn't cover all cases-->
<p>{{ public_addr_pre }} {{ public_addr }} {{ networkConnections }} peers</p>
<p>&nbsp;<p>
<p>LND {{ ln_version }} {{ ln_baseInfo }} <p>
{% if ln_version|length %}
<p>{{ ln_channelInfo }} {{ ln_peers }} peers <p>
{% endif %}
</div>
<div class="footer">
{% if ln_version|length %}
<p>{{ ln_external }}</p>
{% endif %}
</div>
</div>
</body>
</html>

48
home.admin/assets/nginx/www_blitzweb/info/status.css
View File

@ -1,48 +0,0 @@
#regular {
/* The size of the LCD on shopping list */
width: 920px;
height: 440px;
}
.header {
grid-area: header;
text-align: center;
}
.logo {
grid-area: logo;
text-align: center;
}
.main {
grid-area: main;
}
.footer {
grid-area: footer;
}
.grid-container {
display: grid;
grid-template-areas: 'header header header header' 'logo main main main' 'footer footer footer footer';
grid-gap: 1px;
background-color: #02192b;
padding: 1px;
}
.grid-container > div {
background-color: rgba(0, 0, 0, 0.8);
padding: 4px 8px;
font-size: 30px;
}
body {
background-color: black;
font-family: monospace, monospace;
color: LightSteelBlue;
}
p {
font-size: 12px;
margin: 4px;
}

16
home.admin/assets/nginx/www_public/index.html
View File

@ -17,9 +17,23 @@
<img src="img/RaspiBlitz_Logo_Main.png" class="rb_logo" alt="RaspiBlitz Logo"/>
<h2 class="text-center">
Welcome
Welcome Node Operator
</h2>
<p id="userinfo">Please Wait ...</p>
<script>
document.getElementById("userinfo").innerHTML=window.location.hostname;
if (window.location.hostname.endsWith(".onion")) {
document.getElementById("userinfo").innerHTML="onion domain address TODO: redirect on same address to subfolder of /ui"
}
else if ((window.location.hostname.endsWith(".local")) || (window.location.hostname.split(".").length>2)) {
document.getElementById("userinfo").innerHTML="local domain/IP address TODO: give info on download/use Tor and offer onion address for easy copy & paste"
}
else {
document.getElementById("userinfo").innerHTML="unknown hostname: "+window.location.hostname
}
</script>
<h4>Use one the following link to access your RaspiBlitz</h4>
<p>
Please be aware about HTTPS Certificate Warning! Here is some useful information on that...

2
home.admin/assets/nginx/www_blitzweb/index.html → home.admin/assets/nginx/www_public/ui/index.html
View File

@ -4,7 +4,7 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>RaspiBlitz Welcome</title>
<title>WebUI</title>
</head>
<body>

11
home.admin/config.scripts/blitz.debug.sh
View File

@ -101,6 +101,17 @@ echo "--> CHECK CONFIG: sudo nginx -t"
sudo nginx -t
echo ""
echo "*** BLITZAPI SYSTEMD STATUS ***"
sudo systemctl status blitzapi -n2 --no-pager
echo ""
echo "*** LAST BLITZAPI LOGS ***"
echo "sudo journalctl -u blitzapi -b --no-pager -n20"
sudo journalctl -u nginx -b --no-pager -n20
echo "--> CHECK CONFIG: sudo nginx -t"
sudo nginx -t
echo ""
if [ "${touchscreen}" = "" ] || [ "${touchscreen}" = "0" ]; then
echo "- TOUCHSCREEN is OFF by config"
else

6
home.admin/config.scripts/blitz.github.sh
View File

@ -163,6 +163,12 @@ sudo -u admin chmod -R +x /home/admin/config.scripts
sudo -u admin chmod -R +x /home/admin/setup.scripts
echo "# ******************************************"
echo "# Syncing Webcontent .."
if [ -d /var/www/public ]; then
sudo cp -a /home/admin/assets/nginx/www_public/* /var/www/public
sudo chown www-data:www-data /var/www/public
fi
echo "# Checking if the content of BlitzPy changed .."
checkSumBlitzPyAfter=$(find /home/admin/raspiblitz/home.admin/BlitzPy -type f -exec md5sum {} \; | md5sum)
echo "# checkSumBlitzPyBefore = ${checkSumBlitzPyBefore}"

190
home.admin/config.scripts/blitz.web.api.sh Executable file
View File

@ -0,0 +1,190 @@
#!/usr/bin/env bash
# main repo: https://github.com/fusion44/blitz_api
# restart the systemd `blitzapi` when credentials of lnd or bitcoind are changeing and it will
# excute the `update-config` automatically before restarting
# TODO: On sd card install there might be no Bitcoin & Lightning confs - make sure backend runs without
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then
echo "Manage RaspiBlitz Web API"
echo "blitz.web.api.sh on [?GITHUBUSER] [?REPO] [?BRANCH]"
echo "blitz.web.api.sh update-config"
echo "blitz.web.api.sh update-code"
echo "blitz.web.api.sh off"
exit 1
fi
DEFAULT_GITHUB_USER="fusion44"
DEFAULT_GITHUB_REPO="blitz_api"
DEFAULT_GITHUB_BRANCH="main"
###################
# ON / INSTALL
###################
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
if [ "$2" != "" ]; then
DEFAULT_GITHUB_USER="$2"
fi
if [ "$3" != "" ]; then
DEFAULT_GITHUB_REPO="$3"
fi
if [ "$4" != "" ]; then
DEFAULT_GITHUB_BRANCH="$4"
fi
echo "# INSTALL Web API ..."
sudo apt install -y redis
sudo rm -r /home/admin/blitz_api 2>/dev/null
cd /home/admin
# git clone https://github.com/fusion44/blitz_api.git /home/admin/blitz_api
git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /home/admin/blitz_api
cd blitz_api
git checkout ${DEFAULT_GITHUB_BRANCH}
pip install -r requirements.txt
# TODO: check if that manual install is still needed in a future version
pip install sse_starlette
# build the config and set unique secret (its OK to be a new secret every install/upadte)
/home/admin/config.scripts/blitz.web.api.sh update-config
secret=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 64 ; echo '')
sed -i "s/^secret=.*/secret=${secret}/g" ./.env
# prepare systemd service
echo "
[Unit]
Description=BlitzBackendAPI
Wants=network.target
After=network.target
[Service]
WorkingDirectory=/home/admin/blitz_api
# before every start update the config with latest credentials/settings
ExecStartPre=-/home/admin/config.scripts/blitz.web.api.sh update-config
ExecStart=sudo -admin /usr/bin/python -m uvicorn main:app --reload --port 11111 --host=0.0.0.0 --root-path /api
User=root
Group=root
Type=simple
Restart=always
StandardOutput=journal
StandardError=journal
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/blitzapi.service
sudo systemctl enable blitzapi
sudo systemctl start blitzapi
# TODO: remove after experimental step
sudo ufw allow 11111 comment 'WebAPI Develop'
# install info
echo "# the API should new be available under http://[LOCALHOST]/api and port 11111 for testing"
echo "# check for systemd: sudo systemctl status blitzapi"
echo "# check for logs: sudo journalctl -f -u blitzapi"
exit 0
fi
###################
# UPDATE CONFIG
###################
if [ "$1" = "update-config" ]; then
# prepare configs data
source /mnt/hdd/raspiblitz.conf 2>/dev/null
if [ "${network}" = "" ]; then
network="bitcoin"
chain="main"
fi
cd /home/admin/blitz_api
dateStr=$(date)
echo "# Update Web API CONFIG (${dateStr})"
RPCUSER=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcuser | cut -c 9-)
RPCPASS=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
if [ "${RPCUSER}" == "" ]; then
RPCUSER="raspibolt"
fi
if [ "${RPCPASS}" == "" ]; then
RPCPASS="passwordB"
fi
sed -i "s/^network=.*/network=mainnet/g" ./.env
sed -i "s/^bitcoind_ip_mainnet=.*/bitcoind_ip_mainnet=127.0.0.1/g" ./.env
sed -i "s/^bitcoind_ip_testnet=.*/bitcoind_ip_testnet=127.0.0.1/g" ./.env
sed -i "s/^bitcoind_user=.*/bitcoind_user=${RPCUSER}/g" ./.env
sed -i "s/^bitcoind_pw=.*/bitcoind_pw=${RPCPASS}/g" ./.env
# configure LND
if [ "${lightning}" == "lnd" ]; then
echo "# CONFIG Web API Lightning --> LND"
tlsCert=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/tls.cert)
adminMacaroon=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/bitcoin/mainnet/admin.macaroon)
sed -i "s/^ln_node=.*/ln_node=lnd/g" ./.env
sed -i "s/^lnd_grpc_ip=.*/lnd_grpc_ip=127.0.0.1/g" ./.env
sed -i "s/^lnd_macaroon=.*/lnd_macaroon=${adminMacaroon}/g" ./.env
sed -i "s/^lnd_cert=.*/lnd_cert=${tlsCert}/g" ./.env
# configure CLN
elif [ "${lightning}" == "cln" ]; then
echo "# CONFIG Web API Lightning --> CLN"
sed -i "s/^ln_node=.*/ln_node=cln/g" ./.env
# TODO: ADD C-Lightning config as soon as available
echo "# MISSING CLN CONFIG YET"
else
echo "# CONFIG Web API Lightning --> OFF"
sed -i "s/^ln_node=.*/ln_node=/g" ./.env
fi
echo "# '.env' config updates - blitzapi maybe needs to be restarted"
exit 0
fi
###################
# UPDATE CODE
###################
if [ "$1" = "update-code" ]; then
echo "# Update Web API CODE"
sudo systemctl stop blitzapi
cd /home/admin/blitz_api
git fetch
git pull
pip install -r requirements.txt
sudo systemctl start blitzapi
echo "# blitzapi updates and restarted"
exit 0
fi
###################
# OFF / UNINSTALL
###################
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# UNINSTALL Web API"
sudo systemctl stop blitzapi
sudo systemctl disable blitzapi
sudo rm /etc/systemd/system/blitzapi.service
sudo rm -r /home/admin/blitz_api
exit 0
fi

147
home.admin/config.scripts/blitz.web.sh
View File

@ -1,5 +1,7 @@
#!/usr/bin/env bash
# TODO: later on this script will be run on build sdcard - make sure that the self-signed tls cert get created fresh on every new RaspiBlitz
source /mnt/hdd/raspiblitz.conf
# command info
@ -8,98 +10,9 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ];
printf "blitz.web.sh check \t\tprint operational nginx listen status (lsof)\n"
printf "blitz.web.sh on \t\tturn on\n"
printf "blitz.web.sh off \t\tturn off\n"
printf "blitz.web.sh listen localhost \tset port 443 to localhost only\n"
printf "blitz.web.sh listen any \tset port 443 to any\n"
exit 1
fi
# using ${APOST} is a workaround to be able to use sed with '
APOST=\' # close tag for linters: '
###################
# FUNCTIONS
###################
function set_nginx_blitzweb_listen() {
# first parameter to function should be either "localhost" or "any"
listen_to=${1}
if [ -f "/etc/nginx/sites-available/blitzweb.conf" ]; then
if ! grep -Eq '^\s*#?\s*listen 127.0.0.1:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
echo "Error: missing expected line for: lo:v4 https"
exit 1
else
if grep -Eq '^\s*#\s*listen 127.0.0.1:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
#echo "found: lo:v4 https (disabled line)"
if [ ${listen_to} = "localhost" ]; then
sudo sed -i -E 's/#\s*(listen 127.0.0.1:443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
else
#echo "found: lo:v4 https (enabled line)"
if [ ${listen_to} = "any" ]; then
sudo sed -i -E 's/(listen 127.0.0.1:443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
fi
fi
if ! grep -Eq '^\s*#?\s*listen \[::1\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
echo "Error: missing expected line for: lo:v6 https"
exit 1
else
if grep -Eq '^\s*#\s*listen \[::1\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
#echo "found: lo:v6 https (disabled line)"
if [ ${listen_to} = "localhost" ]; then
sudo sed -i -E 's/#\s*(listen \[::1\]:443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
else
#echo "found: lo:v6 https (enabled line)"
if [ ${listen_to} = "any" ]; then
sudo sed -i -E 's/(listen \[::1\]:443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
fi
fi
if ! grep -Eq '^\s*#?\s*listen 443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
echo "Error: missing expected line for: any:v4 https"
exit 1
else
if grep -Eq '^\s*#\s*listen 443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
#echo "found: any:v4 https (disabled line)"
if [ ${listen_to} = "any" ]; then
sudo sed -i -E 's/#\s*(listen 443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
else
#echo "found: any:v4 https (enabled line)"
if [ ${listen_to} = "localhost" ]; then
sudo sed -i -E 's/(listen 443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
fi
fi
if ! grep -Eq '^\s*#?\s*listen \[::\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
echo "Error: missing expected line for: any:v6 https"
exit 1
else
if grep -Eq '^\s*#\s*listen \[::\]:443 ssl default_server;$' /etc/nginx/sites-available/blitzweb.conf; then
#echo "found: any:v6 https (disabled line)"
if [ ${listen_to} = "any" ]; then
sudo sed -i -E 's/#\s*(listen \[::\]:443 ssl default_server;)/\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
else
#echo "found: any:v6 https (enabled line)"
if [ ${listen_to} = "localhost" ]; then
sudo sed -i -E 's/(listen \[::\]:443 ssl default_server;)/#\1/g' /etc/nginx/sites-available/blitzweb.conf
fi
fi
fi
fi
}
###################
# CHECK
###################
@ -145,6 +58,7 @@ EOF
sudo sed -i -E '/^.*server_names_hash_bucket_size [0-9]*;$/a \\tserver_names_hash_bucket_size 128;' /etc/nginx/nginx.conf
fi
echo "# Checking dhparam.pem ..."
if [ ! -f /etc/ssl/certs/dhparam.pem ]; then
# check if there is a user generated dhparam.pem on the HDD to use
@ -162,6 +76,8 @@ EOF
sudo cp /mnt/hdd/app-data/nginx/dhparam.pem /etc/ssl/certs/dhparam.pem
fi
else
echo "# skip - dhparam.pem exists"
fi
sudo cp /home/admin/assets/nginx/snippets/* /etc/nginx/snippets/
@ -171,7 +87,10 @@ EOF
sudo rm -f /var/www/html/index.nginx-debian.html
if ! [ -f /etc/nginx/sites-available/public.conf ]; then
echo "# copy /etc/nginx/sites-available/public.conf"
sudo cp /home/admin/assets/nginx/sites-available/public.conf /etc/nginx/sites-available/public.conf
else
echo "# exists /etc/nginx/sites-available/public.conf"
fi
if ! [ -d /var/www/letsencrypt/.well-known/acme-challenge ]; then
@ -183,32 +102,38 @@ EOF
# copy webroot
if ! [ -d /var/www/public ]; then
echo "# copy /var/www/public"
sudo cp -a /home/admin/assets/nginx/www_public/ /var/www/public
sudo chown www-data:www-data /var/www/public
else
echo "# exists /var/www/public"
fi
sudo ln -sf /etc/nginx/sites-available/public.conf /etc/nginx/sites-enabled/public.conf
### RaspiBlitz Webserver on HTTPS 443
# copy webroot
if ! [ -d /var/www/blitzweb ]; then
sudo cp -a /home/admin/assets/nginx/www_blitzweb/ /var/www/blitzweb
sudo chown www-data:www-data /var/www/blitzweb
# copy compiled webUI (TODO: do later)
if ! [ -d /var/www/public/ui ]; then
echo "# copy precompiled webui TODO: implement"
sudo cp -a /home/admin/blitz_web_compiled /var/www/public/ui
sudo chown www-data:www-data /var/www/public/ui
else
echo "# exists /var/www/public/ui"
fi
# make sure jinja2 is installed and install j2cli
sudo apt-get install -y python3-jinja2
sudo -H python3 -m pip install j2cli
if ! [ -f /mnt/hdd/app-data/nginx/tls.cert ];then
if [ -f /mnt/hdd/app-data/nginx/tls.cert ];then
if [ -f /mnt/hdd/lnd/tls.cert ]; then
# use LND cert by default
echo "# use LND cert for: /mnt/hdd/app-data/nginx/tls.cert"
sudo ln -sf /mnt/hdd/lnd/tls.cert /mnt/hdd/app-data/nginx/tls.cert
sudo ln -sf /mnt/hdd/lnd/tls.key /mnt/hdd/app-data/nginx/tls.key
sudo ln -sf /mnt/hdd/lnd/tls.cert /mnt/hdd/app-data/nginx/tor_tls.cert
sudo ln -sf /mnt/hdd/lnd/tls.key /mnt/hdd/app-data/nginx/tor_tls.key
else
echo "# exists /mnt/hdd/app-data/nginx/tls.cert"
# create a self-signed cert if the LND cert is not present
/home/admin/config.scripts/internet.selfsignedcert.sh
@ -221,21 +146,8 @@ EOF
sudo ln -sf /mnt/hdd/app-data/selfsignedcert/selfsigned.key \
/mnt/hdd/app-data/nginx/tor_tls.key
fi
fi
# config
sudo cp /home/admin/assets/blitzweb.conf /etc/nginx/sites-available/blitzweb.conf
sudo ln -sf /etc/nginx/sites-available/blitzweb.conf /etc/nginx/sites-enabled/
if ! [ -f /etc/nginx/.htpasswd ]; then
PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
echo "${PASSWORD_B}" | sudo htpasswd -c -i /etc/nginx/.htpasswd admin
sudo chown www-data:www-data /etc/nginx/.htpasswd
sudo chmod 640 /etc/nginx/.htpasswd
else
sudo chown www-data:www-data /etc/nginx/.htpasswd
sudo chmod 640 /etc/nginx/.htpasswd
echo "# exists /mnt/hdd/app-data/nginx/tls.cert"
fi
# restart NGINX
@ -252,19 +164,6 @@ elif [ "$1" = "0" ] || [ "$1" = "off" ]; then
sudo systemctl stop nginx
sudo systemctl disable nginx >/dev/null
###################
# LISTEN
###################
elif [ "$1" = "listen" ]; then
if [ "$2" = "localhost" ] || [ "$2" = "any" ]; then
echo "Setting NGINX to listen on: ${2}"
set_nginx_blitzweb_listen "${2}"
else
echo "# FAIL: parameter not known - run with -h for help"
fi
else
echo "# FAIL: parameter not known - run with -h for help"
fi

96
home.admin/config.scripts/blitz.web.ui.sh Executable file
View File

@ -0,0 +1,96 @@
#!/usr/bin/env bash
# TODO: Later use for default install (when no github parameters are given) a precompiled version
# that comes with the repo so that the user does not need to install node
# use fro that then: yarn build:production & yarn licenses generate-disclaimer
# TODO: Put WebUI into / base directory of nginx and let the index.html of the webUI handle
# the Tor detection or build it directly into the WebUI
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ "$1" = "-help" ]; then
echo "Manage RaspiBlitz Web UI"
echo "blitz.web.ui.sh on [?GITHUBUSER] [?REPO] [?BRANCH]"
echo "blitz.web.ui.sh update"
echo "blitz.web.ui.sh off"
exit 1
fi
DEFAULT_GITHUB_USER="cstenglein"
DEFAULT_GITHUB_REPO="raspiblitz-web"
DEFAULT_GITHUB_BRANCH="master"
###################
# ON / INSTALL
###################
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
if [ "$2" != "" ]; then
DEFAULT_GITHUB_USER="$2"
fi
if [ "$3" != "" ]; then
DEFAULT_GITHUB_REPO="$3"
fi
if [ "$4" != "" ]; then
DEFAULT_GITHUB_BRANCH="$4"
fi
echo "# INSTALL WebUI"
sudo rm -r /home/admin/blitz_web 2>/dev/null
cd /home/admin
# git clone https://github.com/cstenglein/raspiblitz-web.git /home/admin/blitz_web
git clone https://github.com/${DEFAULT_GITHUB_USER}/${DEFAULT_GITHUB_REPO}.git /home/admin/blitz_web
cd blitz_web
git checkout ${DEFAULT_GITHUB_BRANCH}
echo "# Compile WebUI"
/home/admin/config.scripts/bonus.nodejs.sh on
source <(/home/admin/config.scripts/bonus.nodejs.sh info)
sudo npm install --global yarn
${NODEPATH}/yarn install
${NODEPATH}/yarn build
sudo rm -r /var/www/public/* 2>/dev/null
sudo cp -r /home/admin/blitz_web/build/* /var/www/public
sudo chown www-data:www-data -R /var/www/public
exit 1
fi
###################
# UPDATE
###################
if [ "$1" = "update" ]; then
echo "# Update Web API"
cd /home/admin/blitz_web
git fetch
git pull
source <(/home/admin/config.scripts/bonus.nodejs.sh info)
${NODEPATH}/yarn install
${NODEPATH}/yarn build
sudo rm -r /var/www/public/* 2>/dev/null
sudo cp -r /home/admin/blitz_web/build/* /var/www/public
sudo chown www-data:www-data -R /var/www/public
echo "# blitzapi updates and restarted"
exit 0
fi
###################
# OFF / UNINSTALL
###################
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# UNINSTALL WebUI"
sudo rm -r /home/admin/blitz_web 2>/dev/null
sudo rm -r /var/www/public/* 2>/dev/null
exit 0
fi

59
home.admin/config.scripts/bonus.nodejs.sh
View File

@ -9,10 +9,36 @@ CHECKSUM_linux_x64="ed01043751f86bb534d8c70b16ab64c956af88fd35a9506b7e4a68f5b824
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "config script to install NodeJs $VERSION"
echo "bonus.nodejs.sh [on|off]"
echo "bonus.nodejs.sh [on|off|info]"
exit 1
fi
# determine nodeJS VERSION and DISTRO
isARM=$(uname -m | grep -c 'arm')
isAARCH64=$(uname -m | grep -c 'aarch64')
isX86_64=$(uname -m | grep -c 'x86_64')
if [ ${isARM} -eq 1 ] ; then
DISTRO="linux-armv7l"
CHECKSUM="${CHECKSUM_linux_armv7l}"
elif [ ${isAARCH64} -eq 1 ] ; then
DISTRO="linux-arm64"
CHECKSUM="${CHECKSUM_linux_arm64}"
elif [ ${isX86_64} -eq 1 ] ; then
DISTRO="linux-x64"
CHECKSUM="${CHECKSUM_linux_x64}"
elif [ ${#DISTRO} -eq 0 ]; then
echo "# FAIL: Was not able to determine architecture"
exit 1
fi
# info
if [ "$1" = "info" ]; then
echo "NODEVERSION='${VERSION}'"
echo "NODEDISTRO='${DISTRO}'"
echo "NODEPATH='/usr/local/lib/nodejs/node-$VERSION-$DISTRO/bin'"
exit 0
fi
# switch on
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# check if nodeJS was installed
@ -20,34 +46,15 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
if ! [ ${nodeJSInstalled} -eq 0 ]; then
echo "nodeJS is already installed"
else
# determine nodeJS VERSION and DISTRO
echo "Detect CPU architecture ..."
isARM=$(uname -m | grep -c 'arm')
isAARCH64=$(uname -m | grep -c 'aarch64')
isX86_64=$(uname -m | grep -c 'x86_64')
if [ ${isARM} -eq 1 ] ; then
DISTRO="linux-armv7l"
CHECKSUM="${CHECKSUM_linux_armv7l}"
elif [ ${isAARCH64} -eq 1 ] ; then
DISTRO="linux-arm64"
CHECKSUM="${CHECKSUM_linux_arm64}"
elif [ ${isX86_64} -eq 1 ] ; then
DISTRO="linux-x64"
CHECKSUM="${CHECKSUM_linux_x64}"
elif [ ${#DISTRO} -eq 0 ]; then
echo "FAIL: Was not able to determine architecture"
exit 1
fi
# install latest nodejs
# https://github.com/nodejs/help/wiki/Installation
echo "*** Install NodeJS $VERSION-$DISTRO ***"
echo "VERSION: ${VERSION}"
echo "DISTRO: ${DISTRO}"
echo "CHECKSUM: ${CHECKSUM}"
echo ""
# install latest nodejs
# https://github.com/nodejs/help/wiki/Installation
echo "*** Install NodeJS $VERSION-$DISTRO ***"
# download
cd /home/admin/download
wget https://nodejs.org/dist/$VERSION/node-$VERSION-$DISTRO.tar.xz
@ -69,7 +76,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo ln -sf /usr/local/lib/nodejs/node-$VERSION-$DISTRO/bin/npm /usr/bin/npm
sudo ln -sf /usr/local/lib/nodejs/node-$VERSION-$DISTRO/bin/npx /usr/bin/npx
# add to PATH permanently
sudo bash -c "echo 'PATH=\$PATH:/usr/local/lib/nodejs/node-\$VERSION-\$DISTRO/bin/' >> /etc/profile"
sudo bash -c "echo 'PATH=\$PATH:/usr/local/lib/nodejs/node-${VERSION}-${DISTRO}/bin/' >> /etc/profile"
echo ""
# check if nodeJS was installed

16
home.admin/config.scripts/lnd.export.sh
View File

@ -62,17 +62,17 @@ elif [ "${exportType}" = "hexstring" ]; then
clear
echo "###### HEXSTRING EXPORT ######"
echo ""
echo "admin.macaroon:"
sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/admin.macaroon
adminMacaroon=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/admin.macaroon)
echo "adminMacaroon=${adminMacaroon}"
echo ""
echo "invoice.macaroon:"
sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/invoice.macaroon
invoiceMacaroon=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/invoice.macaroon)
echo "invoiceMacaroon=${invoiceMacaroon}"
echo ""
echo "readonly.macaroon:"
sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/readonly.macaroon
readonlyMacaroon=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/${network}/${chain}net/readonly.macaroon)
echo "readonlyMacaroon=${readonlyMacaroon}"
echo ""
echo "tls.cert:"
sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/tls.cert
tlsCert=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/tls.cert)
echo "tlsCert=${tlsCert}"
echo ""
########################