highperfocused/raspiblitz
1
0
Fork 0
mirror of https://github.com/raspiblitz/raspiblitz.git synced 2025-04-02 08:58:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' of https://github.com/rootzoll/raspiblitz into dev

Browse Source
This commit is contained in:
openoms 2022-06-06 12:56:51 +01:00
commit 828ab104f8
No known key found for this signature in database
GPG Key ID: 5BFB77609B081B65
35 changed files with 926 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
CHANGES.md
View File

@ -6,9 +6,10 @@
- New: BackendAPI
- New: ZRAM - compressed swap in memory [details](https://github.com/rootzoll/raspiblitz/issues/2905)
- New: Core Lightning GRPC plugin [details](https://github.com/rootzoll/raspiblitz/pull/3109)
- New: Core Lightning connection to BTCPayServer (CONNECT menu) [details](https://github.com/rootzoll/raspiblitz/issues/3155)
- New: Alby (Connection Menu) [details](https://getalby.com/)
- New: Squeaknode [details](https://github.com/squeaknode/squeaknode#readme)
- New: Homer Dashboard [details](https://github.com/bastienwirtz/homer#readme)
- New: ItchySats [details](https://github.com/itchysats/itchysats/)
- Update: Bitcoin Core v23.0 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-23.0.md)
- Update: Core Lightning (CLN - formerly C-lightning) v0.11.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v0.11.1)
- Update: LND v0.14.3 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.14.3-beta)
@ -20,7 +21,7 @@
- Update: Electrum Server in Rust (electrs) v0.9.7 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#097-apr-30-2022)
- Update: BTCPayServer v1.5.4 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.5.4)
- Update: Helipad (Podcasting 2.0 Boostagram reader) v0.1.10 [details](https://github.com/Podcastindex-org/helipad/releases/tag/v0.1.10)
- Info: Run RaspiBlitz on VirtualBox & TrueNAS [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms)
- Info: Run RaspiBlitz on amd64 bare metal and virtual machines [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms)
## What's new in Version 1.7.2 of RaspiBlitz?
@ -74,7 +75,7 @@ There was a small patch-update with raspiblitz-v1.7.1-2021-10-28.img.gz to fix a
- New: Suez - channel visualization for LND and CL [info](https://github.com/rootzoll/raspiblitz/issues/2366#issuecomment-939521302)[details](https://github.com/prusnak/suez)
- New: LND Static Channel Backup to Nextcloud
- New: Allow SphinxApp to connect over Tor
- New: Parallel TESTNET & SIGNET services
- New: Parallel TESTNET & SIGNET services
- Update: Bitcoin Core v22.0 [details](https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-22.0.md)
- Update: LND v0.13.3 [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.13.3-beta)
- Update: Specter Desktop 1.6.0 [details](https://github.com/cryptoadvance/specter-desktop/blob/master/README.md)
@ -152,7 +153,7 @@ There was a small patch-update with raspiblitz-v1.7.1-2021-10-28.img.gz to fix a
- Update: BTCPay Server 1.0.5.9 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.0.5.9)
- Update: Loop 0.11.1
- Update: stacking-sats-kraken 0.3.0
- Update: Experimental BTRFS support
- Update: Experimental BTRFS support
- Fix: DropBox API
## What's new in Version 1.6.1 of RaspiBlitz?
@ -173,7 +174,7 @@ There was a small patch-update with raspiblitz-v1.7.1-2021-10-28.img.gz to fix a
- New: Circuit Breaker (config-script) [details](https://github.com/rootzoll/raspiblitz/issues/1581)
- New: PyBlock (Python Util & Fun Scripts) [details](https://github.com/curly60e/pyblock/blob/master/README.md)
- New: Mempool Explorer [details](https://github.com/mempool/mempool)
- New: dynu.com as alternative option for LetsEncrpyt FreeDNS provider
- New: dynu.com as alternative option for LetsEncrpyt FreeDNS provider
- New: Experimental running RaspiBlitz as VM (vagrant & docker)
For ALL small bug fixes & improvements see: https://github.com/rootzoll/raspiblitz/milestone/11
@ -191,7 +192,7 @@ For ALL small bug fixes & improvements see: https://github.com/rootzoll/raspibli
- Update: ElectRS 0.8.5 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#085-1-july-2020)
- Update: JoinMarket v0.6.3.1 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.6.3.1)
- New: Nginx Web Server
- New: Subscriptions Management
- New: Subscriptions Management
- New: IP2Tor Bridge (optional subscription service)
- New: Balance of Satoshis v5.41.0 (with update option) [details](https://github.com/alexbosworth/balanceofsatoshis)
- New: Faraday [details](https://github.com/lightninglabs/faraday)
@ -205,12 +206,12 @@ For ALL small bug fixes & improvements see: https://github.com/rootzoll/raspibli
- Fix: DropBox StaticChannelBackup
- Removed: Shango from the list of Mobile Wallets
- Removed: Torrent Download of Blockchain (Copy over LAN now default for RP3)
- Shoppinglist: 4GB RaspberryPi 4 is now default for Standard Package (will still run with less)
- Shoppinglist: 4GB RaspberryPi 4 is now default for Standard Package (will still run with less)
## What's new in Version 1.5.1 of RaspiBlitz?
- Bugfix: DropBox Backup of Static-Channel-Backup
- Bugfix: Torrentfiles with active tracker
- Bugfix: Torrentfiles with active tracker
## What.s new in Version 1.5 of RaspiBlitz?
@ -236,7 +237,7 @@ Beside many small improvements and changes, these are most important changes:
- New: Make it easier to Copy The Blockchain over Network from running Blitz
- New: Forwarding Fee Report on Main Menu
- New: Easy Setup of Auto-Backup of SCB to Dropbox
- New: LND Interims Updates (verified & reckless) [details](https://github.com/rootzoll/raspiblitz/issues/1116#issuecomment-619467148)
- New: LND Interims Updates (verified & reckless) [details](https://github.com/rootzoll/raspiblitz/issues/1116#issuecomment-619467148)
- New: Sync RaspiBlitz with your forked GitHub repo thru menu [details](FAQ.md#how-can-i-sync-a-branch-of-my-forked-github-with-my-local-raspiblitz)
- Removed: Clone Blockchain from second HDD (use CopyStation script)

1
README.md
View File

@ -165,6 +165,7 @@ There are further Services that can be switched on:
* **CL plugin: Sparko** (WalletUI & HTTP-RPC bridge) [details](https://github.com/fiatjaf/sparko#the-sparko-plugin)
* **CL plugin: CLBOSS** (Automated Node Manager) [details](https://github.com/ZmnSCPxj/clboss#clboss-the-c-lightning-node-manager)
* **Tallycoin Connect** (Use Tallycoin with your own node) [details](https://github.com/djbooth007/tallycoin_connect)
* **ItchySats** (Non-custodial peer-to-peer CFD trading) [details](https://github.com/itchysats/itchysats)
You can connect the following Wallet-Apps to your RaspiBlitz:

8
home.admin/00mainMenu.sh
View File

@ -156,10 +156,13 @@ if [ "${circuitbreaker}" == "on" ]; then
fi
if [ "${tallycoinConnect}" == "on" ]; then
OPTIONS+=(TALLY "Tallycoin Connect")
fi
fi
if [ "${squeaknode}" == "on" ]; then
OPTIONS+=(SQUEAKNODE "Squeaknode")
fi
if [ "${itchysats}" == "on" ]; then
OPTIONS+=(ITCHYSATS "Show ItchySats details")
fi
# dont offer to switch to "testnet view for now" - so no wswitch back to mainnet needed
#if [ ${chain} != "main" ]; then
@ -314,6 +317,9 @@ case $CHOICE in
SQUEAKNODE)
/home/admin/config.scripts/bonus.squeaknode.sh menu
;;
ITCHYSATS)
sudo /home/admin/config.scripts/bonus.itchysats.sh menu
;;
CHANTOOLS)
sudo /home/admin/config.scripts/bonus.chantools.sh menu
;;

10
home.admin/00settingsMenuBasics.sh
View File

@ -392,9 +392,14 @@ if [ "${clNode}" != "${choice}" ]; then
echo "# C-Lightning NODE Setting changed .."
if [ "${choice}" = "on" ]; then
echo "# turning ON"
# also make sure that CLN GRPC is on for WebAPI
/home/admin/config.scripts/cl-plugin.cln-grpc.sh install
/home/admin/config.scripts/cl-plugin.cln-grpc.sh on
/home/admin/config.scripts/cl.install.sh on mainnet
# generate wallet from seedwords or just display
/home/admin/config.scripts/cl.hsmtool.sh new mainnet
# generate wallet from seedwords or just display (write to dev/null to not write seed words to logs)
/home/admin/config.scripts/cl.hsmtool.sh new mainnet 1>/dev/null
if [ "${testnet}" == "on" ]; then
# no seed for testnet
/home/admin/config.scripts/cl.install.sh on testnet
@ -405,6 +410,7 @@ if [ "${clNode}" != "${choice}" ]; then
fi
else
echo "# turning OFF"
/home/admin/config.scripts/cl-plugin.cln-grpc.sh off
/home/admin/config.scripts/cl.install.sh off mainnet
/home/admin/config.scripts/cl.install.sh off testnet
/home/admin/config.scripts/cl.install.sh off signet

22
home.admin/00settingsMenuServices.sh
View File

@ -31,6 +31,7 @@ if [ ${#tallycoinConnect} -eq 0 ]; then tallycoinConnect="off"; fi
if [ ${#helipad} -eq 0 ]; then helipad="off"; fi
if [ ${#bitcoinminds} -eq 0 ]; then bitcoinminds="off"; fi
if [ ${#squeaknode} -eq 0 ]; then squeaknode="off"; fi
if [ ${#itchysats} -eq 0 ]; then itchysats="off"; fi
# show select dialog
echo "run dialog ..."
@ -47,9 +48,9 @@ if [ "${network}" == "bitcoin" ]; then
OPTIONS+=(j 'BTC JoinMarket+JoininBox menu' ${joinmarket})
OPTIONS+=(w 'BTC Download Bitcoin Whitepaper' ${whitepaper})
OPTIONS+=(v 'BTC Install BitcoinMinds.org' ${bitcoinminds})
OPTIONS+=(u 'BTC Install ItchySats' ${itchysats})
fi
# available for both LND & c-lightning
if [ "${lnd}" == "on" ] || [ "${cl}" == "on" ]; then
OPTIONS+=(i 'LNbits (Lightning Accounts)' ${LNBits})
@ -66,7 +67,7 @@ if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then
OPTIONS+=(x 'LND Sphinx-Relay' ${sphinxrelay})
OPTIONS+=(f 'LND Helipad Boostagram reader' ${helipad})
OPTIONS+=(d 'LND Tallycoin Connect' ${tallycoinConnect})
OPTIONS+=(q 'LND Squeaknode' ${squeaknode})
#OPTIONS+=(q 'LND Squeaknode' ${squeaknode})
fi
# just available for CL
@ -288,7 +289,7 @@ else
fi
# LNDMANAGE process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "m")
choice="off"; check=$(echo "${CHOICES}" | grep -c "ä")
if [ ${check} -eq 1 ]; then choice="on"; fi
if [ "${lndmanage}" != "${choice}" ]; then
echo "lndmanage Setting changed .."
@ -616,6 +617,21 @@ else
echo "squeaknode setting unchanged."
fi
# ItchySats process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "u")
if [ ${check} -eq 1 ]; then choice="on"; fi
if [ "${itchysats}" != "${choice}" ]; then
echo "ItchySats setting changed .."
anychange=1
sudo -u admin /home/admin/config.scripts/bonus.itchysats.sh ${choice} --download
if [ "${choice}" = "on" ]; then
sudo systemctl start itchysats
sudo -u admin /home/admin/config.scripts/bonus.itchysats.sh menu
fi
else
echo "ItchySats setting unchanged."
fi
if [ ${anychange} -eq 0 ]; then
dialog --msgbox "NOTHING CHANGED!\nUse Spacebar to check/uncheck services." 8 58
exit 0

27
home.admin/99connectMenu.sh
View File

@ -20,8 +20,11 @@ OPTIONS+=(MOBILE "Connect Mobile Wallet")
if [ "${ElectRS}" == "on" ]; then
OPTIONS+=(ELECTRS "Electrum Rust Server")
fi
if [ "${BTCPayServer}" == "on" ]; then
OPTIONS+=(BTCPAY "Show LND connection string")
if [ "${BTCPayServer}" == "on" ] && [ "${lnd}" = "on" ]; then
OPTIONS+=(BTCPAY-LND "Show LND connection string")
fi
if [ "${BTCPayServer}" == "on" ] && [ "${cl}" = "on" ]; then
OPTIONS+=(BTCPAY-CLN "Show CLN connection string")
fi
OPTIONS+=(${network}RPC "Connect Specter Desktop or JoinMarket")
OPTIONS+=(BISQ "Connect Bisq to this node")
@ -50,11 +53,16 @@ case $CHOICE in
/home/admin/97addMobileWallet.sh;;
ELECTRS)
/home/admin/config.scripts/bonus.electrs.sh menu;;
BTCPAY)
BTCPAY-LND)
/home/admin/config.scripts/lnd.export.sh btcpay
echo "Press ENTER to return to main menu."
read key
exit 0;;
BTCPAY-CLN)
/home/admin/config.scripts/bonus.btcpayserver.sh cln-lightning-rpc-access
echo "Press ENTER to return to main menu."
read key
exit 0;;
RESET)
sudo /home/admin/config.scripts/lnd.credentials.sh reset
sudo /home/admin/config.scripts/lnd.credentials.sh sync
@ -70,18 +78,7 @@ case $CHOICE in
exit 0;;
ALBY)
websiteLink="https://getalby.com"
sudo /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_alby.png
whiptail --title "Install Alby on your web browser" \
--yes-button "Continue" \
--no-button "Website" \
--yesno "Visit the website and install the browser extension then click --> Continue." 12 65
if [ $? -eq 1 ]; then
whiptail --title " Website Link " --msgbox "\
To install app open the following link:\n
${websiteLink}\n" 11 70
fi
/home/admin/config.scripts/bonus.lndconnect.sh alby tor
/home/admin/config.scripts/bonus.alby.sh
exit 0;
;;

7
home.admin/99updateMenu.sh
View File

@ -504,6 +504,10 @@ if [ "${runBehindTor}" == "on" ]; then
OPTIONS+=(TOR "Update Tor from the source code")
fi
if [ "${itchysats}" == "on" ]; then
OPTIONS+=(ITCHYSATS "Update ItchySats")
fi
CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1"))
HEIGHT=$((CHOICE_HEIGHT+6))
CHOICE=$(dialog --clear \
@ -556,4 +560,7 @@ case $CHOICE in
MEMPOOL)
/home/admin/config.scripts/bonus.mempool.sh update
;;
ITCHYSATS)
/home/admin/config.scripts/bonus.itchysats.sh update
;;
esac

3
home.admin/_background.scan.sh
View File

@ -424,14 +424,17 @@ do
/home/admin/_cache.sh set btc_${CHAIN}net_blocks_headers "${btc_blocks_headers}"
/home/admin/_cache.sh set btc_${CHAIN}net_blocks_verified "${btc_blocks_verified}"
/home/admin/_cache.sh set btc_${CHAIN}net_blocks_behind "${btc_blocks_behind}"
/home/admin/_cache.sh set btc_${CHAIN}net_blocks_data_kb "${btc_blocks_data_kb}"
/home/admin/_cache.sh set btc_${CHAIN}net_sync_progress "${btc_sync_progress}"
/home/admin/_cache.sh set btc_${CHAIN}net_sync_percentage "${btc_sync_percentage}"
/home/admin/_cache.sh set btc_${CHAIN}net_sync_initialblockdownload "${btc_sync_initialblockdownload}"
if [ "${isDefaultChain}" == "1" ]; then
/home/admin/_cache.sh set btc_default_synced "${btc_synced}"
/home/admin/_cache.sh set btc_default_blocks_headers "${btc_blocks_headers}"
/home/admin/_cache.sh set btc_default_blocks_verified "${btc_blocks_verified}"
/home/admin/_cache.sh set btc_default_blocks_behind "${btc_blocks_behind}"
/home/admin/_cache.sh set btc_default_blocks_data_kb "${btc_blocks_data_kb}"
/home/admin/_cache.sh set btc_default_sync_progress "${btc_sync_progress}"
/home/admin/_cache.sh set btc_default_sync_percentage "${btc_sync_percentage}"
/home/admin/_cache.sh set btc_default_sync_initialblockdownload "${btc_sync_initialblockdownload}"

5
home.admin/_bootstrap.sh
View File

@ -827,6 +827,11 @@ if [ ${isMounted} -eq 0 ]; then
sleep 2
done
# one time add info on blockchain sync to chache
source <(/home/admin/_cache.sh get chain)
source <(/home/admin/config.scripts/bitcoin.monitor.sh ${chain}net info)
/home/admin/_cache.sh set btc_default_blocks_data_kb "${btc_blocks_data_kb}"
###################################################
# HANDOVER TO FINAL SETUP CONTROLLER
###################################################

11
home.admin/_provision.setup.sh
View File

@ -274,7 +274,7 @@ if [ "${lightning}" == "lnd" ]; then
# WALLET --> NEW
else
echo "WALLET --> NEW" >> ${logFile}
echo "# WALLET --> NEW" >> ${logFile}
/home/admin/_cache.sh set message "LND Wallet (NEW)"
if ! pip list | grep grpc; then sudo -H python3 -m pip install grpcio==1.38.1; fi
source <(/home/admin/config.scripts/lnd.initwallet.py new mainnet "${passwordC}")
@ -290,6 +290,7 @@ if [ "${lightning}" == "lnd" ]; then
fi
# write created seedwords into SETUPFILE to be displayed to user on final setup later
echo "# writing seed info to setup file" >> ${logFile}
echo "seedwordsNEW='${seedwords}'" >> ${setupFile}
echo "seedwords6x4NEW='${seedwords6x4}'" >> ${setupFile}
@ -342,6 +343,9 @@ if [ "${lightning}" == "cl" ]; then
/home/admin/_cache.sh set message "C-Lightning Setup"
/home/admin/config.scripts/cl.install.sh on mainnet >> ${logFile}
# switch cln-grpc on
/home/admin/config.scripts/cl-plugin.cln-grpc.sh on >> ${logFile}
# OLD WALLET FROM CLIGHTNING RESCUE
if [ "${clrescue}" != "" ]; then
@ -392,7 +396,7 @@ if [ "${lightning}" == "cl" ]; then
# OLD WALLET FROM SEEDWORDS
elif [ "${seedWords}" != "" ]; then
echo "Restore CL wallet from seedWords ..." >> ${logFile}
echo "# Restore CL wallet from seedWords ..." >> ${logFile}
source <(/home/admin/config.scripts/cl.hsmtool.sh seed-force mainnet "${seedWords}" "${seedPassword}")
# check if wallet really got created
@ -405,7 +409,7 @@ if [ "${lightning}" == "cl" ]; then
# NEW WALLET
else
echo "Generate new CL wallet ..." >> ${logFile}
echo "# Generate new CL wallet ..." >> ${logFile}
# a new wallet is generated in /home/admin/config.scripts/cl.install.sh on mainnet
walletExistsNow=$(ls /home/bitcoin/.lightning/bitcoin/hsm_secret 2>/dev/null | grep -c "hsm_secret")
@ -432,6 +436,7 @@ if [ "${lightning}" == "cl" ]; then
fi
# write created seedwords into SETUPFILE to be displayed to user on final setup later
echo "# writing seed info to setup file" >> ${logFile}
echo "seedwordsNEW='${seedwords}'" >> ${setupFile}
echo "seedwords6x4NEW='${seedwords6x4}'" >> ${setupFile}

9
home.admin/_provision_.sh
View File

@ -736,6 +736,15 @@ else
echo "Provisioning Squeaknode - keep default" >> ${logFile}
fi
# itchysats
if [ "${itchysats}" = "on" ]; then
echo "Provisioning ItchySats - run config script" >> ${logFile}
sudo sed -i "s/^message=.*/message='Setup ItchySats'/g" ${infoFile}
sudo -u admin /home/admin/config.scripts/bonus.itchysats.sh on --download >> ${logFile} 2>&1
else
echo "ItchySats - keep default" >> ${logFile}
fi
# custom install script from user
customInstallAvailable=$(ls /mnt/hdd/app-data/custom-installs.sh 2>/dev/null | grep -c "custom-installs.sh")
if [ ${customInstallAvailable} -gt 0 ]; then

2
home.admin/assets/nginx/sites-available/homer_tor.conf
View File

@ -2,7 +2,7 @@
server {
listen localhost:4092;
listen [::1]:4092;
listen [::]:4092;
server_name _;
access_log /var/log/nginx/access_homer.log;

2
home.admin/assets/nginx/sites-available/homer_tor_ssl.conf
View File

@ -2,7 +2,7 @@
server {
listen localhost:4093;
listen [::1]:4093;
listen [::]:4093;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;

2
home.admin/assets/nginx/sites-available/lnbits_tor.conf
View File

@ -14,7 +14,7 @@ server {
}
location / {
proxy_pass http://127.0.0.1:5000;
proxy_pass https://127.0.0.1:5001;
include /etc/nginx/snippets/proxy-params.conf;
}

2
home.admin/assets/nginx/sites-available/lnbits_tor_ssl.conf
View File

@ -17,7 +17,7 @@ server {
}
location / {
proxy_pass http://127.0.0.1:5000;
proxy_pass https://127.0.0.1:5001;
include /etc/nginx/snippets/ssl-proxy-params.conf;
}

11
home.admin/config.scripts/bitcoin.monitor.sh
View File

@ -133,6 +133,15 @@ if [ "$2" = "info" ]; then
exit 1
fi
subfolder=""
if [ "$1" == "testnet" ]; then
subfolder="testnet3/"
fi
if [ "$1" == "signet" ]; then
subfolder="signet/"
fi
btc_blocks_data_kb=$(sudo du -s /mnt/hdd/bitcoin/${subfolder}blocks | cut -f1)
# parse data
btc_blocks_headers=$(echo "${blockchaininfo}" | jq -r '.headers')
btc_blocks_verified=$(echo "${blockchaininfo}" | jq -r '.blocks')
@ -144,6 +153,7 @@ if [ "$2" = "info" ]; then
btc_sync_percentage="100.00"
fi
# determine if synced (tolerate falling 1 block behind)
# and be sure that initial blockdownload is done
btc_synced=0
@ -156,6 +166,7 @@ if [ "$2" = "info" ]; then
echo "btc_blocks_headers='${btc_blocks_headers}'"
echo "btc_blocks_verified='${btc_blocks_verified}'"
echo "btc_blocks_behind='${btc_blocks_behind}'"
echo "btc_blocks_data_kb='${btc_blocks_data_kb}'"
echo "btc_sync_progress='${btc_sync_progress}'"
echo "btc_sync_percentage='${btc_sync_percentage//[^0-9\..]/}'"
echo "btc_sync_initialblockdownload='${btc_sync_initialblockdownload}'"

2
home.admin/config.scripts/blitz.conf.sh
View File

@ -16,7 +16,7 @@ if [ "$1" = "set" ]; then
# get parameters
keystr=$2
valuestr=$3
valuestr=$(echo "${3}" | sed 's/\//\\\//g')
configfileAlternative=$4
# check that key & value are given

23
home.admin/config.scripts/blitz.passwords.sh
View File

@ -34,10 +34,9 @@ if [ $(df | grep -c "/mnt/hdd") -gt 0 ]; then
echo "# salt file exists"
fi
hashedPasswordSalt=$(cat ${hashedPasswordStoragePath}/salt.txt)
echo "# hashedPasswordSalt(${hashedPasswordSalt})"
else
echo "error='hdd not mounted yet - cannot set/check blitz passwords yet'"
echo "correct=0"
exit 1
echo "# hashedPasswordSalt - not available yet (no HDD yet)"
fi
############################
@ -165,6 +164,12 @@ fi
# PASSWORD A
if [ "${abcd}" = "a" ]; then
if [ "${hashedPasswordSalt}" == "" ]; then
echo "error='hdd not mounted yet - cannot set/check blitz passwords yet'"
echo "correct=0"
exit 1
fi
newPassword=$3
# if no password given by parameter - ask by dialog
@ -250,6 +255,12 @@ if [ "${abcd}" = "a" ]; then
# PASSWORD B
elif [ "${abcd}" = "b" ]; then
if [ "${hashedPasswordSalt}" == "" ]; then
echo "error='hdd not mounted yet - cannot set/check blitz passwords yet'"
echo "correct=0"
exit 1
fi
newPassword=$3
# if no password given by parameter - ask by dialog
@ -381,6 +392,12 @@ elif [ "${abcd}" = "b" ]; then
# will change both (lnd & core lightning) if installed
elif [ "${abcd}" = "c" ]; then
if [ "${hashedPasswordSalt}" == "" ]; then
echo "error='hdd not mounted yet - cannot set/check blitz passwords yet'"
echo "correct=0"
exit 1
fi
oldPassword=$3
newPassword=$4

5
home.admin/config.scripts/blitz.web.api.sh
View File

@ -91,6 +91,7 @@ Type=simple
Restart=always
StandardOutput=journal
StandardError=journal
RestartSec=60
# Hardening measures
PrivateTmp=true
@ -156,7 +157,7 @@ if [ "$1" = "update-config" ]; then
echo "# CONFIG Web API Lightning --> LND"
tlsCert=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/tls.cert)
adminMacaroon=$(sudo xxd -ps -u -c 1000 /mnt/hdd/lnd/data/chain/bitcoin/${chain}net/admin.macaroon)
sed -i "s/^ln_node=.*/ln_node=lnd/g" ./.env
sed -i "s/^ln_node=.*/ln_node=lnd_grpc/g" ./.env
sed -i "s/^lnd_grpc_ip=.*/lnd_grpc_ip=127.0.0.1/g" ./.env
sed -i "s/^lnd_macaroon=.*/lnd_macaroon=${adminMacaroon}/g" ./.env
sed -i "s/^lnd_cert=.*/lnd_cert=${tlsCert}/g" ./.env
@ -177,7 +178,7 @@ if [ "$1" = "update-config" ]; then
elif [ "${lightning}" == "cl" ]; then
echo "# CONFIG Web API Lightning --> CL"
sed -i "s/^ln_node=.*/ln_node=cl/g" ./.env
sed -i "s/^ln_node=.*/ln_node=cln_grpc/g" ./.env
# get hex values of pem files
hexClient=$(xxd -p -c2000 /home/bitcoin/.lightning/bitcoin/client.pem)

109
home.admin/config.scripts/bonus.alby.sh Executable file
View File

@ -0,0 +1,109 @@
#!/bin/bash
# https://github.com/getAlby/lightning-browser-extension
# command info
echo "config script to connect to Alby - The Bitcoin Lightning App for your Browser"
# 1. TOR or IP (optional - default IP)
forceTOR=0
if [ "$1" == "tor" ]; then
forceTOR=1
fi
# check and load raspiblitz config
# to know which network is running
source /home/admin/raspiblitz.info
source /mnt/hdd/raspiblitz.conf
# generate data parts
hex_macaroon=$(sudo xxd -plain /home/bitcoin/.lnd/data/chain/${network}/${chain}net/admin.macaroon | tr -d '\n')
cert=$(sudo grep -v 'CERTIFICATE' /mnt/hdd/lnd/tls.cert | tr -d '=' | tr '/+' '_-' | tr -d '\n')
#### ADAPT PARAMETERS BASED RASPIBLITZ CONFIG
# get the local IP as default host
if [ ${#host} -eq 0 ]; then
host=$(hostname -I | awk '{print $1}')
fi
# change host to dynDNS if set
if [ ${#dynDomain} -gt 0 ]; then
host="${dynDomain}"
fi
# make sure lnd rest tor service is active when tor is active
tor_host=$(sudo cat /mnt/hdd/tor/lndrest/hostname)
if [ "${runBehindTor}" == "on" ] && [ "${tor_host}" == "" ]; then
/home/admin/config.scripts/tor.onion-service.sh lndrest 8080 8080
tor_host=$(sudo cat /mnt/hdd/tor/lndrest/hostname)
fi
# tunnel thru TOR if running and supported by the wallet
if [ ${forceTOR} -eq 1 ]; then
host=$tor_host
if [ "${host}" == "" ]; then
echo "# setting up onion service ..."
/home/admin/config.scripts/tor.onion-service.sh lndrest 8080 8080
host=$(sudo cat /mnt/hdd/tor/lndrest/hostname)
fi
fi
# tunnel thru SSH-Reverse-Tunnel if activated for that port
if [ ${#sshtunnel} -gt 0 ]; then
isForwarded=$(echo ${sshtunnel} | grep -c "${port}<")
if [ ${isForwarded} -gt 0 ]; then
if [ "${port}" == "10009" ]; then
host=$(echo $sshtunnel | cut -d '@' -f2 | cut -d ' ' -f1 | cut -d ':' -f1)
port=$(echo $sshtunnel | awk '{split($0,a,"10009<"); print a[2]}' | cut -d ' ' -f1 | sed 's/[^0-9]//g')
echo "# using ssh-tunnel --> host ${host} port ${port}"
elif [ "${port}" == "8080" ]; then
host=$(echo $sshtunnel | cut -d '@' -f2 | cut -d ' ' -f1 | cut -d ':' -f1)
port=$(echo $sshtunnel | awk '{split($0,a,"8080<"); print a[2]}' | cut -d ' ' -f1 | sed 's/[^0-9]//g')
echo "# using ssh-tunnel --> host ${host} port ${port}"
fi
fi
fi
echo
whiptail --title " Alby - The Lightning App for your Browser" --msgbox "Visit https://getAlby.com and install Alby for your browser.
Then open Alby and add a new lightning account.
Select RaspiBlitz.
Your RaspiBlitz connection details for Alby will be shown on the next screen.
" 16 67
clear
echo "---------------------------------------------------"
echo "Use the following connection details in Alby:"
echo ""
echo "# REST API host:"
echo "https://${host}:8080"
if [ $(echo "${host}" | grep -c '192.168') -gt 0 ]; then
echo "# Make sure you are on the same local network (WLAN same as LAN - use WIFI not cell network on phone)."
fi
if [ ${#usingIP2TOR} -gt 0 ] && [ ${forceTOR} -eq 0 ]; then
echo "Your IP2TOR bridge '${usingIP2TOR}' is used for this connection."
fi
if [ "${host}" != "${tor_host}" ]; then
if [ "${tor_host}" != "" ]; then
echo "# Alternatively you can also connect through Tor:"
echo "https://${tor_host}:8080"
fi
fi
echo ""
echo "# Macaroon (HEX format)"
echo "${hex_macaroon}"
echo "# Note: these are your admin credentials"
echo ""
echo "Press ENTER to return to main menu."
read key
clear

42
home.admin/config.scripts/bonus.btcpayserver.sh
View File

@ -11,7 +11,7 @@ BTCPayVersion="v1.5.4"
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "Config script to switch BTCPay Server on or off"
echo "Usage:"
echo "bonus.btcpayserver.sh [on|off|menu|write-tls-macaroon]"
echo "bonus.btcpayserver.sh [on|off|menu|write-tls-macaroon|cln-lightning-rpc-access]"
echo "installs BTCPayServer $BTCPayVersion with NBXplorer $NBXplorerVersion"
echo "To update to the latest release published on github run:"
echo "bonus.btcpayserver.sh update"
@ -211,6 +211,38 @@ BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/hom
exit 0
fi
# cln-lightning-rpc-access
if [ "$1" = "cln-lightning-rpc-access" ]; then
if [ "${cl}" = "on" ]; then
source <(/home/admin/config.scripts/network.aliases.sh getvars cl mainnet)
if [ $(grep -c "^rpc-file-mode=0660" < ${CLCONF}) -eq 0 ]; then
echo "rpc-file-mode=0660" | tee -a ${CLCONF}
if [ "${state}" == "ready" ]; then
sudo systemctl restart lightningd
fi
fi
echo "# make sure btcpay is member of the bitcoin group"
sudo /usr/sbin/usermod --append --groups bitcoin btcpay
if [ "${state}" == "ready" ]; then
sudo systemctl restart btcpayserver
fi
else
echo "# Install CLN first"
exit 1
fi
echo "
In the BTCPayServer Lightning Wallet settings 'Connect to a Lightning node' page
fill in the 'Connection configuration for your custom Lightning node:' box on with:
type=clightning;server=unix:///home/bitcoin/.lightning/bitcoin/lightning-rpc
"
exit 0
fi
# switch on
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# INSTALL BTCPAYSERVER"
@ -498,8 +530,12 @@ WantedBy=multi-user.target
fi
sudo -u btcpay mkdir -p /home/btcpay/.btcpayserver/Main/
/home/admin/config.scripts/bonus.btcpayserver.sh write-tls-macaroon
if [ ${lnd} = on ]; then
/home/admin/config.scripts/bonus.btcpayserver.sh write-tls-macaroon
fi
if [ ${cl} = on ]; then
/home/admin/config.scripts/bonus.btcpayserver.sh cln-lightning-rpc-access
fi
else
echo "# BTCPay Server is already installed."
if [ "${state}" == "ready" ]; then

13
home.admin/config.scripts/bonus.homer.sh
View File

@ -22,12 +22,13 @@ if [ "$1" = "menu" ]; then
echo "# collecting status info ... (please wait)"
source <(sudo /home/admin/config.scripts/bonus.homer.sh status)
# get network info
localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0' | grep 'eth0\|wlan0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
toraddress=$(sudo cat /mnt/hdd/tor/homer/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
additionalInfo="Config file: /mnt/hdd/app-data/homer/config.yml"
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
# TOR
@ -37,7 +38,8 @@ https://${localip}:4091\n
SHA1 Thumb/Fingerprint:
${fingerprint}\n
Hidden Service address for TOR Browser (QR see LCD):
${toraddress}
${toraddress}\n
${additionalInfo}
" 16 67
/home/admin/config.scripts/blitz.display.sh hide
else
@ -47,7 +49,8 @@ ${toraddress}
https://${localip}:4091\n
SHA1 Thumb/Fingerprint:
${fingerprint}\n
Activate TOR to access the web block explorer from outside your local network.
Activate TOR to access the web block explorer from outside your local network.\n
${additionalInfo}
" 16 54
fi
@ -200,7 +203,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
source /mnt/hdd/raspiblitz.conf
if [ "${runBehindTor}" = "on" ]; then
# make sure to keep in sync with internet.tor.sh script
/home/admin/config.scripts/internet.hiddenservice.sh homer 80 4092 443 4093
/home/admin/config.scripts/tor.onion-service.sh homer 80 4092 443 4093
fi
exit 0
fi
@ -239,7 +242,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# Hidden Service if Tor is active
if [ "${runBehindTor}" = "on" ]; then
# make sure to keep in sync with internet.tor.sh script
/home/admin/config.scripts/internet.hiddenservice.sh off homer
/home/admin/config.scripts/tor.onion-service.sh off homer
fi
echo "# OK Homer removed."

585
home.admin/config.scripts/bonus.itchysats.sh Executable file
View File

@ -0,0 +1,585 @@
#!/bin/bash
# id string of your app (short single string unique in raspiblitz)
# should be same as used in name if script
APPID="itchysats" # one-word lower-case no-specials
# the git repo to get the source code from for install
GITHUB_REPO="https://github.com/itchysats/itchysats"
# the github tag of the version of the source code to install
# can also be a commit hash
# if empty it will use the latest source version
# GITHUB_VERSION=$( curl -s https://api.github.com/repos/itchysats/itchysats/releases | jq -r '.[].tag_name' | grep -v "rc" | head -n1)
GITHUB_VERSION="0.4.20"
# the github signature to verify the author
# leave GITHUB_SIGN_AUTHOR empty to skip verifying
GITHUB_SIGN_AUTHOR=""
GITHUB_SIGN_PUBKEYLINK=""
GITHUB_SIGN_FINGERPRINT=""
# port numbers the app should run on
# delete if not an web app
PORT_CLEAR="8888"
PORT_SSL="8889"
PORT_TOR_CLEAR="8890"
PORT_TOR_SSL="8891"
# BASIC COMMANDLINE OPTIONS
# you can add more actions or parameters if needed - for example see the bonus.rtl.sh
# to see how you can deal with an app that installs multiple instances depending on
# lightning implementation or testnets - but this should be OK for a start:
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "# bonus.${APPID}.sh status -> status information (key=value)"
echo "# bonus.${APPID}.sh on -> install the app. Takes as argument '--build VERSION' to build from source or '--download VERSION' to download the binary from Github with the provided VERSION"
echo "# bonus.${APPID}.sh off -> uninstall the app"
echo "# bonus.${APPID}.sh menu -> SSH menu dialog"
echo "# bonus.${APPID}.sh update -> update the app to latest version"
echo "# bonus.${APPID}.sh prestart -> will be called by systemd before start"
exit 1
fi
# echoing comments is useful for logs - but start output with # when not a key=value
echo "# Running: 'bonus.${APPID}.sh $*'"
# check & load raspiblitz config
source /mnt/hdd/raspiblitz.conf
# get password B to allow user to sign in with their know password
PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
# set network for ITchySats
ITCHYSATS_NETWORK="mainnet"
if [ "${chain}" = "test" ]; then
ITCHYSATS_NETWORK="testnet"
fi
if [ "${chain}" = "sig" ]; then
echo "* Warn: We do not support signet. Falling back to testnet"
ITCHYSATS_NETWORK="testnet"
fi
ITCHYSATS_BIN_DIR=/home/${APPID}/bin/taker
#########################
# INFO
#########################
# this section is always executed to gather status information that
# all the following commands can use & execute on
# check if app is already installed
isInstalled=$(sudo ls /etc/systemd/system/${APPID}.service 2>/dev/null | grep -c "${APPID}.service")
# check if service is running
isRunning=$(systemctl status ${APPID} 2>/dev/null | grep -c 'active (running)')
if [ "${isInstalled}" == "1" ]; then
# gather address info (whats needed to call the app)
localIP=$(hostname -I | awk '{print $1}')
toraddress=$(sudo cat /mnt/hdd/tor/${APPID}/hostname 2>/dev/null)
fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
fi
# if the action parameter `info` was called - just stop here and output all
# status information as a key=value list
if [ "$1" = "info" ]; then
echo "appID='${APPID}'"
echo "githubRepo='${GITHUB_REPO}'"
echo "githubVersion='${GITHUB_VERSION}'"
echo "githubSignature='${GITHUB_SIGNATURE}'"
echo "isInstalled=${isInstalled}"
echo "isRunning=${isRunning}"
if [ "${isInstalled}" == "1" ]; then
echo "portCLEAR=${PORT_CLEAR}"
echo "portSSL=${PORT_SSL}"
echo "localIP='${localIP}'"
echo "toraddress='${toraddress}'"
echo "fingerprint='${fingerprint}'"
echo "toraddress='${toraddress}'"
fi
exit
fi
##########################
# Helper funcitons
#########################
buildFromSource() {
VERSION=$1
echo "# Building Binary $VERSION"
# make sure needed debian packages are installed
# 'fbi' is here just an example - change to what you need or delete
echo "# Install from source code"
# install Rust dependencies:
echo "# Installing rustup for the ${APPID} user"
cd /home/${APPID} || exit 1
curl --proto '=https' --tlsv1.2 -sSs https://sh.rustup.rs | sudo -u ${APPID} sh -s -- -y
# download source code and verify
# BACKGROUND is that now you download the code from github, reset to a given version tag/commit,
# verify the author. If you app provides its source/binaries in another way, may check
# other install scripts to see how that implement code download & verify.
echo "# download from source code & verify"
sudo -u ${APPID} git clone ${GITHUB_REPO} /home/${APPID}/${APPID}
cd /home/${APPID}/${APPID} || exit 1
sudo -u ${APPID} git reset --hard "$VERSION"
if [ "${GITHUB_SIGN_AUTHOR}" != "" ]; then
sudo -u ${APPID} /home/admin/config.scripts/blitz.git-verify.sh \
"${GITHUB_SIGN_AUTHOR}" "${GITHUB_SIGN_PUBKEYLINK}" "${GITHUB_SIGN_FINGERPRINT}" "${VERSION}" || exit 1
fi
# compile/install the app
# BACKGROUND on this example is a web app that compiles with NodeJS. But of course
# your app could have a complete other way to install - check other instal screipts as examples.
echo "# compile/install the app. This will take a long time"
sudo -u ${APPID} /home/${APPID}/.cargo/bin/cargo install --path taker --locked --target-dir /home/${APPID}/bin/
exitCode=$?
if ! [ ${exitCode} -eq 0 ]; then
echo "# FAIL - cargo install did not run correctly - deleting code & exit"
sudo rm -r /home/${APPID}/${APPID}
exit 1
fi
}
downloadBinary() {
VERSION=${1}
echo "# Downloading Binary $VERSION"
echo "# Detect CPU architecture ..."
architecture=$(uname -m)
isAARCH64=$(uname -m | grep -c 'aarch64')
isX86_64=$(uname -m | grep -c 'x86_64')
if [ ${isAARCH64} -eq 0 ] && [ ${isX86_64} -eq 0 ] ; then
echo "# !!! FAIL !!!"
echo "# Can only build on aarch64 or x86_64 not on:"
uname -m
exit 1
else
echo "# OK running on $architecture architecture."
fi
# create directories
sudo -u ${APPID} mkdir -p /home/${APPID}/downloads
sudo rm -fR /home/${APPID}/downloads/*
cd /home/${APPID}/downloads/ || exit 1
archiveName="taker_${VERSION}_Linux_${architecture}.tar"
sudo -u ${APPID} wget -N ${GITHUB_REPO}/releases/download/"${VERSION}"/"${archiveName}"
checkDownload=$(ls "${archiveName}" 2>/dev/null | grep -c "${archiveName}")
if [ "${checkDownload}" -eq 0 ]; then
echo "# !!! FAIL !!!"
echo "# Downloading the binary failed"
exit 1
fi
# install
echo "# unzip binary: ${archiveName}"
sudo -u ${APPID} tar -xvf "${archiveName}"
echo "# install binary"
sudo -u ${APPID} mkdir -p /home/${APPID}/bin
sudo install -m 0755 -o ${APPID} -g ${APPID} -t /home/${APPID}/bin taker
sleep 3
sudo -u ${APPID} "${ITCHYSATS_BIN_DIR}" --help 1> /dev/null
exitstatus=$?
if [ "${exitstatus}" -ne 0 ]; then
echo "# !!! FAIL !!!"
echo "# install failed"
exit 1
fi
echo
echo "# Cleaning up download artifacts"
echo
sudo -u ${APPID} rm -f "${archiveName}"
sudo -u ${APPID} rm -f taker
}
##########################
# MENU
#########################
# The `menu` action should give at least a SSH info dialog - when an webapp show
# URL to call (http & https+fingerprint) otherwise some instruction how to start it.
# This SSH dialog will be later called by the MAIN MENU to be available to the user
# when app is istalled.
# This menu can also have some more complex structure if you want to make it easy
# to the user to set configurations or maintance options - example bonus.lnbits.sh
# show info menu
if [ "$1" = "menu" ]; then
# set the title for the dialog
dialogTitle=" ${APPID} "
# basic info text - for an web app how to call with http & self-signed https
dialogText="Open in your local web browser:
http://${localIP}:${PORT_CLEAR}\n
https://${localIP}:${PORT_SSL} with Fingerprint:
${fingerprint}\n
Use 'itchysats' as username and your Password B to login.\n
"
# add tor info (if available)
if [ "${toraddress}" != "" ]; then
dialogText="${dialogText}Hidden Service address for Tor Browser (QRcode on LCD):\n${toraddress}"
fi
# use whiptail to show SSH dialog & exit
whiptail --title "${dialogTitle}" --msgbox "${dialogText}" 18 67
echo "please wait ..."
exit 0
fi
##########################
# ON / INSTALL
##########################
# This section takes care of installing the app.
# The template contains some basic steps but also look at other install scripts
# to see how special cases are solved.
if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# dont run install if already installed
if [ "${isInstalled}" -eq 1 ]; then
echo "# ${APPID}.service is already installed."
exit 1
fi
echo "# Installing ${APPID} ..."
# create a dedicated user for the app
# BACKGROUND is here to seperate running apps by unix users
# and only give file write access to the rest of the system where needed.
echo "# Create user"
sudo adduser --disabled-password --gecos "" ${APPID}
# create a data directory on /mnt/hdd/app-data/ for the app
# BACKGROUND is that any critical data that needs to survive an update should
# be stored in that app-data directory. All data there will also be part of
# any raspiblitz data migration. Also on install handle the case that there
# is already data from a pervious install available the user wants to
# continue to use and even may come from an older version from your app.
if ! [ -d /mnt/hdd/app-data/${APPID} ]; then
echo "# Create app-data directory"
sudo mkdir /mnt/hdd/app-data/${APPID} 2>/dev/null
sudo chown ${APPID}:${APPID} -R /mnt/hdd/app-data/${APPID}
else
echo "# Reuse existing app-directory"
sudo chown ${APPID}:${APPID} -R /mnt/hdd/app-data/${APPID}
fi
# Build from source or download binary from Github?
build=0
if [ "$2" = "--build" ]; then
build=1
elif [ "$2" = "--download" ]; then
build=0
else
if (whiptail --title "Build or Download" --yesno "Do you want to build from source (yes) or download the binary from Github (no)?" 8 80); then
build=1
else
build=0
fi
fi
echo "# Build var set to (${build})"
VERSION="$GITHUB_VERSION"
if [ -n "$3" ]; then
VERSION=$3
fi
if [ ${build} -eq 1 ]; then
buildFromSource "$VERSION"
else
downloadBinary "$VERSION"
fi
exitstatus=$?
if [ "${exitstatus}" -ne 0 ]; then
echo "# Setting up ItchySats failed :("
exit 1
fi
# open the ports in the firewall
echo "# updating Firewall"
sudo ufw allow ${PORT_CLEAR} comment "${APPID} HTTP"
sudo ufw allow ${PORT_SSL} comment "${APPID} HTTPS"
# every app should have their own systemd service that cares about starting &
# running the app in the background - see the PRESTART section for adhoc config
# please config this systemd template to your needs
echo "# create systemd service: ${APPID}.service"
echo "
[Unit]
Description=${APPID}
Wants=bitcoind.service
After=bitcoind.service
[Service]
Environment=\"HOME_PATH=/mnt/hdd/app-data/${APPID}\"
Environment=\"ITCHYSATS_ENV=raspiblitz\"
ExecStartPre=-/home/admin/config.scripts/bonus.${APPID}.sh prestart
ExecStart=$ITCHYSATS_BIN_DIR --http-address=0.0.0.0:$PORT_CLEAR --data-dir=/mnt/hdd/app-data/${APPID} --password=$PASSWORD_B ${ITCHYSATS_NETWORK}
User=${APPID}
Restart=always
TimeoutSec=120
RestartSec=30
StandardOutput=null
StandardError=journal
# Hardening measures
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
" | sudo tee /etc/systemd/system/${APPID}.service
sudo chown root:root /etc/systemd/system/${APPID}.service
# when tor is set on also install the hidden service
if [ "${runBehindTor}" = "on" ]; then
# activating tor hidden service
/home/admin/config.scripts/tor.onion-service.sh ${APPID} 80 ${PORT_TOR_CLEAR} 443 ${PORT_TOR_SSL}
fi
# nginx configuration
# BACKGROUND is that the plain HTTP is served by your web app, but thru the nginx proxy it will be avaibale
# with (self-signed) HTTPS and with sepereate configs for Tor & Tor+HTTPS.
echo "# setup nginx confing"
# write the HTTPS config
echo "
server {
listen ${PORT_SSL} ssl;
listen [::]:${PORT_SSL} ssl;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data.conf;
access_log /var/log/nginx/access_${APPID}.log;
error_log /var/log/nginx/error_${APPID}.log;
location / {
proxy_pass http://127.0.0.1:${PORT_CLEAR};
include /etc/nginx/snippets/ssl-proxy-params.conf;
# to support SSE
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
}
}
" | sudo tee /etc/nginx/sites-available/${APPID}_ssl.conf
sudo ln -sf /etc/nginx/sites-available/${APPID}_ssl.conf /etc/nginx/sites-enabled/
# write the TOR config
echo "
server {
listen localhost:${PORT_TOR_CLEAR};
server_name _;
access_log /var/log/nginx/access_${APPID}.log;
error_log /var/log/nginx/error_${APPID}.log;
location / {
proxy_pass http://127.0.0.1:${PORT_CLEAR};
include /etc/nginx/snippets/ssl-proxy-params.conf;
# to support SSE
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
}
}
" | sudo tee /etc/nginx/sites-available/${APPID}_tor.conf
sudo ln -sf /etc/nginx/sites-available/${APPID}_tor.conf /etc/nginx/sites-enabled/
# write the TOR+HTTPS config
echo "
server {
listen localhost:${PORT_TOR_SSL} ssl;
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data-tor.conf;
access_log /var/log/nginx/access_${APPID}.log;
error_log /var/log/nginx/error_${APPID}.log;
location / {
proxy_pass http://127.0.0.1:${PORT_CLEAR};
include /etc/nginx/snippets/ssl-proxy-params.conf;
# to support SSE
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
}
}
" | sudo tee /etc/nginx/sites-available/${APPID}_tor_ssl.conf
sudo ln -sf /etc/nginx/sites-available/${APPID}_tor_ssl.conf /etc/nginx/sites-enabled/
# test nginx config & activate thru reload
sudo nginx -t
sudo systemctl reload nginx
# mark app as installed in raspiblitz config
/home/admin/config.scripts/blitz.conf.sh set ${APPID} "on"
# start app up thru systemd
sudo systemctl enable ${APPID}
sudo systemctl start ${APPID}
echo "# OK - the ${APPID}.service is now enabled & started"
echo "# Monitor with: sudo journalctl -f -u ${APPID}"
exit 0
# OK so your app is now installed, but there please also check the following parts to ensure a propper integration
# into the raspiblitz system:
# PROVISION - reinstall on updates & recovery
# Take a look at `_provision_.sh` script - you can see that there all bonus apps install scripts get called if
# they have an active entry in the raspiblitz config. This is needed so that on sd card image update or recovery
# all apps get installed again. So add your app there accordantly so its install will survive an sd card update.
# MAINMENU - show users that app is installed
# Take a look at the `00mainmenu.sh` script - you can see there almost all bonus apps add a menu entry there if
# they are installed that then is calling this script with the `menu` parameter. Add your app accordantly.
# SERVICES MENU - add your app for onclick install
# Take a look at the `00settingsMenuServices.sh` script - you can there almost all bonus apps added themselves
# as an option in to be easily installed & deinstalled. Add your app there accordantly.
# DEBUGLOGS - add some status information
# Take a look at the `blitz.debug.sh` script - you can see there that apps if they are installed give some
# information on their latest logs and where to find them in the case that the user is searching for an error.
# So its best practice to also add your app there with some small info to help on debug & finding error logs.
# PRESTART & DEINSTALL
# see the following sections of the template
fi
###############
# UPDATE
###############
if [ "$1" = "update" ]; then
LATEST_VERSION=$( curl -s https://api.github.com/repos/itchysats/itchysats/releases | jq -r '.[].tag_name' | grep -v "rc" | head -n1)
echo "# Updating ItchySats to $LATEST_VERSION"
echo "# Making sure service is not running"
sudo systemctl stop itchysats
# Remove ItchySats, keeping data
/home/admin/config.scripts/bonus.itchysats.sh off --keep-data
# Reinstall ItchySats with existing data
if /home/admin/config.scripts/bonus.itchysats.sh on --download "$LATEST_VERSION"; then
echo "# Updating successful"
else
echo "# Updating ItchySats failed :("
exit 1
fi
exit 0
fi
##########################
# PRESTART
##########################
# BACKGROUND is that this script will be called with `prestart` on every start & restart
# of this apps systemd service. This has the benefit that right before the app is started
# config parameters for this app can be updated so that it always starts with the most updated
# values. With such an "adhoc config" it is for example possible to check right before start
# what other apps are installed and configure connections. Even if those configs outdate later
# while the app is running with the next restart they will then autmatically update their config
# again. If you dont need such "adhoc" config for your app - just leave it empty as it is, so
# you maybe later on have the option to use it.
if [ "$1" = "prestart" ]; then
# needs to be run as the app user - stop if not run as the app user
# keep in mind that in the prestart section you cannot use `sudo` command
if [ "$USER" != "${APPID}" ]; then
echo "# FAIL: run as user ${APPID}"
exit 1
fi
echo "## PRESTART CONFIG START for ${APPID} (called by systemd prestart)"
echo "## PRESTART CONFIG DONE for ${APPID}"
exit 0
fi
###########################################
# OFF / DEINSTALL
# call with parameter `delete-data` to also
# delete the persistent data directory
###########################################
# BACKGROUND is that this section removes entries in systemd, nginx, etc and then
# deletes the user with its home directory to nuke all installed code
# switch off
if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# stop & remove systemd service"
sudo systemctl stop ${APPID} 2>/dev/null
sudo systemctl disable ${APPID}.service
sudo rm /etc/systemd/system/${APPID}.service
echo "# remove nginx symlinks"
sudo rm -f /etc/nginx/sites-enabled/${APPID}_ssl.conf 2>/dev/null
sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor.conf 2>/dev/null
sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor_ssl.conf 2>/dev/null
sudo rm -f /etc/nginx/sites-available/${APPID}_ssl.conf 2>/dev/null
sudo rm -f /etc/nginx/sites-available/${APPID}_tor.conf 2>/dev/null
sudo rm -f /etc/nginx/sites-available/${APPID}_tor_ssl.conf 2>/dev/null
sudo nginx -t
sudo systemctl reload nginx
echo "# close ports on firewall"
sudo ufw deny "${PORT_CLEAR}"
sudo ufw deny "${PORT_SSL}"
echo "# removing Tor hidden service (if active)"
/home/admin/config.scripts/tor.onion-service.sh off ${APPID}
echo "# mark app as uninstalled in raspiblitz config"
/home/admin/config.scripts/blitz.conf.sh set ${APPID} "off"
# only if 'delete-data' is an additional parameter then also the data directory gets deleted
if [ "$(echo "$@" | grep -c delete-data)" -gt 0 ]; then
echo "# found 'delete-data' parameter --> also deleting the app-data"
sudo rm -r /mnt/hdd/app-data/${APPID}
fi
echo "# OK - app should be deinstalled now"
exit 0
fi
# just a basic error message when unknow action parameter was given
echo "# FAIL - Unknown Parameter $1"
exit 1
# LAST NOTES:
# Best is to contribute a new app install script as a PR to the raspiblitz GitHub repo.
# Please base your PR on the `dev` branch - not on the default branch displayed.

10
home.admin/config.scripts/bonus.lndconnect.sh
View File

@ -4,7 +4,7 @@
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "# config script to connect mobile apps with lnd connect"
echo "# will autodetect dyndns, sshtunnel or TOR"
echo "# bonus.lndconnect.sh [zap-ios|zap-android|zeus-ios|zeus-android|shango-ios|shango-android|sendmany-android|fullynoded-lnd|alby] [?ip|tor] [?key-value]"
echo "# bonus.lndconnect.sh [zap-ios|zap-android|zeus-ios|zeus-android|shango-ios|shango-android|sendmany-android|fullynoded-lnd] [?ip|tor] [?key-value]"
exit 1
fi
@ -108,14 +108,6 @@ elif [ "${targetWallet}" = "zeus-android" ]; then
host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname)
connectInfo="- start the Zeus Wallet --> lndconnect\n- scan the QR code \n- activate 'Tor' option \n- activate 'Certification Verification' option\n- save Node Config"
elif [ "${targetWallet}" = "alby" ]; then
port="8080"
usingIP2TOR="LND-REST-API"
forceTOR=1
host=$(sudo cat /mnt/hdd/tor/lndrest8080/hostname)
connectInfo="- open Alby --> enter password \n- select RaspiBlitz from connectors \n- enter lndconnect URL \n- Continue \n- Alby companion app required for Tor"
elif [ "${targetWallet}" = "sendmany-android" ]; then
connector="lndconnect"

9
home.admin/config.scripts/bonus.squeaknode.sh
View File

@ -101,8 +101,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
if [ "${runBehindTor}" = "on" ]; then
# make sure to keep in sync with internet.tor.sh script
/home/admin/config.scripts/internet.hiddenservice.sh squeaknode-p2p-mainnet 8555 8555
/home/admin/config.scripts/internet.hiddenservice.sh squeaknode-p2p-testnet 18555 18555
/home/admin/config.scripts/tor.onion-service.sh squeaknode-p2p-mainnet 8555 8555
/home/admin/config.scripts/tor.onion-service.sh squeaknode-p2p-testnet 18555 18555
fi
isInstalled=$(sudo ls /etc/systemd/system/squeaknode.service 2>/dev/null | grep -c 'squeaknode.service')
@ -274,8 +275,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# Hidden Service if Tor is active
if [ "${runBehindTor}" = "on" ]; then
/home/admin/config.scripts/internet.hiddenservice.sh off squeaknode-p2p-mainnet
/home/admin/config.scripts/internet.hiddenservice.sh off squeaknode-p2p-testnet
/home/admin/config.scripts/tor.onion-service.sh off squeaknode-p2p-mainnet
/home/admin/config.scripts/tor.onion-service.sh off squeaknode-p2p-testnet
fi
isInstalled=$(sudo ls /etc/systemd/system/squeaknode.service 2>/dev/null | grep -c 'squeaknode.service')

24
home.admin/config.scripts/bonus.template.sh
View File

@ -100,10 +100,10 @@ fi
# URL to call (http & https+fingerprint) otherwise some instruction how to start it.
# This SSH dialog will be later called by the MAIN MENU to be available to the user
# when app is istalled.
# when app is installed.
# This menu can also have some more complex structure if you want to make it easy
# to the user to set configurations or maintance options - example bonus.lnbits.sh
# to the user to set configurations or maintenance options - example bonus.lnbits.sh
# show info menu
if [ "$1" = "menu" ]; then
@ -158,7 +158,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# create user"
sudo adduser --disabled-password --gecos "" ${APPID} || exit 1
# add user to speical groups with special access rights
# add user to special groups with special access rights
# BACKGROUND there are some unix groups available that will give the access to
# like for example to the lnd admin macaroons - to check all groups available use:
# `cut -d: -f1 /etc/group | sort` command on raspiblitz commandline
@ -205,7 +205,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
# compile/install the app
# BACKGROUND on this example is a web app that compiles with NodeJS. But of course
# your app could have a complete other way to install - check other instal screipts as examples.
# your app could have a complete other way to install - check other install scripts as examples.
echo "# compile/install the app"
cd /home/${APPID}/${APPID}
sudo -u ${APPID} npm install --only=prod --logLevel warn
@ -260,9 +260,9 @@ WantedBy=multi-user.target
fi
# nginx configuration
# BACKGROUND is that the plain HTTP is served by your web app, but thru the nginx proxy it will be avaibale
# with (self-signed) HTTPS and with sepereate configs for Tor & Tor+HTTPS.
# BACKGROUND is that the plain HTTP is served by your web app, but thru the nginx proxy it will be available
# with (self-signed) HTTPS and with separate configs for Tor & Tor+HTTPS.
echo "# setup nginx confing"
# write the HTTPS config
@ -305,8 +305,8 @@ server {
server_name _;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-certificate-app-data-tor.conf;
access_log /var/log/nginx/access_${appID}.log;
error_log /var/log/nginx/error_${appID}.log;
access_log /var/log/nginx/access_${APPID}.log;
error_log /var/log/nginx/error_${APPID}.log;
location / {
proxy_pass http://127.0.0.1:${PORT_CLEAR};
include /etc/nginx/snippets/ssl-proxy-params.conf;
@ -364,7 +364,7 @@ fi
# config parameters for this app can be updated so that it always starts with the most updated
# values. With such an "adhoc config" it is for example possible to check right before start
# what other apps are installed and configure connections. Even if those configs outdate later
# while the app is running with the next restart they will then autmatically update their config
# while the app is running with the next restart they will then automatically update their config
# again. If you dont need such "adhoc" config for your app - just leave it empty as it is, so
# you maybe later on have the option to use it.
@ -379,7 +379,7 @@ if [ "$1" = "prestart" ]; then
echo "## PRESTART CONFIG START for ${APPID} (called by systemd prestart)"
# so if you have anything to configrure before service starts, do it here
# so if you have anything to configure before service starts, do it here
echo "# no need for adhoc config needed so far"
echo "## PRESTART CONFIG DONE for ${APPID}"
@ -434,7 +434,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
fi
# just a basic error message when unknow action parameter was given
# just a basic error message when unknown action parameter was given
echo "# FAIL - Unknown Parameter $1"
exit 1

12
home.admin/config.scripts/cl-plugin.cln-grpc.sh
View File

@ -11,6 +11,8 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then
exit 1
fi
echo "# cl-plugin.cln-grpc.sh $1"
source <(/home/admin/config.scripts/network.aliases.sh getvars cl $2)
# netprefix is: "" | t | s
@ -18,7 +20,7 @@ source <(/home/admin/config.scripts/network.aliases.sh getvars cl $2)
PORT="${portprefix}4772"
function buildGRPCplugin() {
echo "- Build the cln-grpc plugin"
echo "# - Build the cln-grpc plugin"
if [ ! -f /home/bitcoin/cl-plugins-available/cln-grpc/debug/cln-grpc ]; then
# check if the source code is present
if [ ! -d /home/bitcoin/lightning/plugins/grpc-plugin ];then
@ -32,19 +34,22 @@ function buildGRPCplugin() {
# build
sudo -u bitcoin /home/bitcoin/.cargo/bin/cargo build \
--target-dir /home/bitcoin/cl-plugins-available/cln-grpc
else
echo "# - cln-grpc plugin already build/installed"
fi
}
if [ "$1" = install ]; then
buildGRPCplugin
echo "# cl-plugin.cln-grpc.sh install --> done"
exit 0
elif [ "$1" = on ]; then
buildGRPCplugin
# symlink to plugin directory
sudo ln -s /home/bitcoin/cl-plugins-available/cln-grpc/debug/cln-grpc \
/home/bitcoin/${netprefix}cl-plugins-enabled/
sudo ln -s /home/bitcoin/cl-plugins-available/cln-grpc/debug/cln-grpc /home/bitcoin/${netprefix}cl-plugins-enabled/
echo "# cln-grpc moved to /home/bitcoin/${netprefix}cl-plugins-enabled/"
# blitz.conf.sh set [key] [value] [?conffile] <noquotes>
/home/admin/config.scripts/blitz.conf.sh set "grpc-port" "${PORT}" "${CLCONF}" "noquotes"
@ -54,6 +59,7 @@ elif [ "$1" = on ]; then
sudo ufw allow "${PORT}" comment "${netprefix}clnGRPCport"
# Tor
/home/admin/config.scripts/tor.onion-service.sh "${netprefix}clnGRPCport" "${PORT}" "${PORT}"
echo "# cl-plugin.cln-grpc.sh on --> done"
exit 0
elif [ "$1" = off ]; then

7
home.admin/config.scripts/cl.check.sh
View File

@ -74,6 +74,13 @@ if [ "${LNBitsFunding}" = "${netprefix}cl" ]; then
fi
fi
if [ "${BTCPayServer}" = "on" ] && [ "${CHAIN}" = "mainnet" ] ; then
# https://github.com/rootzoll/raspiblitz/issues/3007
if [ $(grep -c "^rpc-file-mode=0660" < ${CLCONF}) -eq 0 ]; then
echo "rpc-file-mode=0660" | tee -a ${CLCONF}
fi
fi
if [ $(grep -c "^grpc-port" < ${CLCONF}) -gt 0 ];then
if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc ]\
|| [ "$(eval echo \$${netprefix}cln-grpc-port)" = "off" ]; then

2
home.admin/config.scripts/cl.install.sh
View File

@ -309,7 +309,7 @@ always-use-proxy=true
echo "# $hsmSecretPath is already present"
else
echo "Create a wallet from seedwords for mainnet"
/home/admin/config.scripts/cl.hsmtool.sh new-force mainnet
/home/admin/config.scripts/cl.hsmtool.sh new-force mainnet 1>/dev/null 2>/dev/null
fi
fi

1
home.admin/config.scripts/lnd.unlock.sh
View File

@ -24,6 +24,7 @@ if [ "${action}" == "chain-unlock" ]; then
CHAIN=$2
if [ "${CHAIN}" == "mainnet" ]; then
chain="main"
passwordC="$3"
elif [ "${CHAIN}" == "testnet" ]; then
chain="test"
passwordC=""

2
home.admin/config.scripts/nextcloud.upload.sh
View File

@ -36,7 +36,7 @@ on() {
fi
# normal delete is OK because it a mem drive
rm /var/cache/raspiblitz/.tmp
sudo rm -f /var/cache/raspiblitz/.tmp
if [ "${server}" ] && [ "${user}" ] && [ "${password}" ]; then
/home/admin/config.scripts/blitz.conf.sh set nextcloudBackupServer "${server}"

1
home.admin/config.scripts/tor.network.sh
View File

@ -129,6 +129,7 @@ case "$1" in
if [ "${helipad}" = "on" ]; then
/home/admin/config.scripts/tor.onion-service.sh helipad 2112 2113
fi
[ "${itchysats}" = "on" ] && /home/admin/config.scripts/tor.onion-service.sh itchysats 80 8890 443 8891
echo "Setup logrotate"
# add logrotate config for modified Tor dir on ext. disk

9
home.admin/setup.scripts/controlFinalDialog.sh
View File

@ -35,15 +35,16 @@ fi
# BLOCKCHAIN INFO & OPTIONS
# get fresh data
source <(/home/admin/_cache.sh get btc_default_sync_percentage network)
syncProgressFull=$(echo "${btc_default_sync_percentage}" | cut -d "." -f1)
if [ "${syncProgressFull}" != "" ] && [ "${network}" == "bitcoin" ] && [ ${syncProgressFull} -lt 75 ]; then
source <(/home/admin/_cache.sh get btc_default_sync_percentage btc_default_blocks_data_kb network)
#syncProgressFull=$(echo "${btc_default_sync_percentage}" | cut -d "." -f1)
#if [ "${syncProgressFull}" != "" ] && [ "${network}" == "bitcoin" ] && [ ${syncProgressFull} -lt 75 ]; then
if [ "${btc_default_blocks_data_kb}" != "" ] && [ ${btc_default_blocks_data_kb} -lt 250000000 ]; then
# offer choice to copy blockchain over LAN
OPTIONS=()
OPTIONS+=(SELFSYNC "Run full self sync/validation (takes long)")
OPTIONS+=(COPY "Copy from Computer/RaspiBlitz over LAN (3-10h)")
CHOICESUB=$(dialog --backtitle "RaspiBlitz" --clear --title " Blockchain Sync/Validation " --menu "\nYour Blockchain sync is just at ${syncProgress}%\nThe full validation might take multiple days to finish.\n\nHow do you want to proceed:" 13 66 7 "${OPTIONS[@]}" 2>&1 >/dev/tty)
CHOICESUB=$(dialog --backtitle "RaspiBlitz" --clear --title " Blockchain Sync/Validation " --menu "\nYour Blockchain is not fully synced yet.\nThe full validation might take multiple days to finish.\n\nHow do you want to proceed:" 13 66 7 "${OPTIONS[@]}" 2>&1 >/dev/tty)
if [ "${CHOICESUB}" == "COPY" ]; then
/home/admin/config.scripts/blitz.copychain.sh target

4
home.admin/setup.scripts/controlSetupDialog.sh
View File

@ -176,7 +176,7 @@ if [ "${setupPhase}" == "setup" ]; then
# KEEP BLOCKCHAIN + DELETE ALL THE REST
# will be done by bootstrap later triggered by setup file entry
echo "cleanHDD=1'" >> $SETUPFILE
echo "cleanHDD=1" >> $SETUPFILE
else
@ -281,7 +281,7 @@ fi
# for fresh setup & migration
echo "# Starting passwords dialog ..."
sudo /home/admin/setup.scripts/dialogPasswords.sh
sudo /home/admin/setup.scripts/dialogPasswords.sh || exit 1
# set flag for bootstrap process to kick-off provision process
/home/admin/_cache.sh set state "waitprovision"

12
home.admin/setup.scripts/dialogPasswords.sh
View File

@ -71,6 +71,10 @@ if [ "${setPasswordA}" == "1" ]; then
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD A - Main User Password" $_temp
password=$(sudo cat $_temp)
sudo rm $_temp
if [ "${password}" == "" ]; then
echo "FAIL password A cannot be empty - stopped setup"
exit 1
fi
sudo sed -i '/^passwordA=/d' $SETUPFILE
echo "passwordA='${password}'" >> $SETUPFILE
dialog --backtitle "RaspiBlitz - Setup" --msgbox "\nThanks - Password A accepted.\n\nUse this password for future SSH or Web-Admin logins to your RaspiBlitz & for sudo commands." 11 35
@ -82,6 +86,10 @@ if [ "${setPasswordB}" == "1" ]; then
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD B - APP Password" $_temp
password=$(sudo cat $_temp)
sudo rm $_temp
if [ "${password}" == "" ]; then
echo "FAIL password B cannot be empty - stopped setup"
exit 1
fi
sudo sed -i '/^passwordB=/d' $SETUPFILE
echo "passwordB='${password}'" >> $SETUPFILE
dialog --backtitle "RaspiBlitz - Setup" --msgbox "\nThanks - Password B accepted.\n\nUse this password as login for\nadditial Apps & API access." 10 34
@ -93,6 +101,10 @@ if [ "${setPasswordC}" == "1" ]; then
sudo /home/admin/config.scripts/blitz.passwords.sh set x "PASSWORD C - Lightning Wallet Password" $_temp
password=$(sudo cat $_temp)
sudo rm $_temp
if [ "${password}" == "" ]; then
echo "FAIL password C cannot be empty - stopped setup"
exit 1
fi
sudo sed -i '/^passwordC=/d' $SETUPFILE
echo "passwordC='${password}'" >> $SETUPFILE
dialog --backtitle "RaspiBlitz - Setup" --msgbox "\nThanks - Password C accepted.\n\nAlways use this password to \nunlock your Lightning Wallet." 10 34