RTL update to v0.15.2, clnrest activation, rune creation, add CLNrest to CONNECT for Zeus (#4333)

* rtl update to v0.15.2 * rtl to access .lightning dir and create rune if needed * fix typo in systemd service name * configure clnrest plugin and add to CONNECT menu (#4759) * configure clnrest port by default and check * add cl-plugin.clnrest.sh with on and connect * add clnrest-host=0.0.0.0" to clconf * add ZEUS_CLNREST option to CONNECT * fix: store cln run in /mnt/hdd/app-data/rtl * complete purge actions
2025-03-19 14:22:08 +01:00 · 2024-10-03 14:13:25 +02:00 · 2024-10-03 14:13:25 +02:00 · 93777eda4d
commit 93777eda4d
parent b37217e902
7 changed files with 215 additions and 31 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -1,10 +1,12 @@
 ## What's new in Version 1.11.3 of RaspiBlitz?

 - New: Tailscale (basic install script) [details](https://en.wikipedia.org/wiki/Tailscale)
+- New: Connect Zeus to CLN via CLNrest (using the clnrest plugin and runes)
 - Update: Core Lightning v24.08.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v24.08.1)
 - Update: LNDK 0.2.0 (Pay BOLT12 offers with LND) [details](https://github.com/lndk-org/lndk/releases/tag/v0.2.0)
 - Update: Helipad (Podcasting 2.0 Boostagram reader) v0.2.0 [details](https://github.com/Podcastindex-org/helipad/releases/tag/v0.2.0)
 - Update: Mempool 3.0.0 [details](https://github.com/mempool/mempool/releases/tag/v3.0.0)
+- Update: RTL v0.15.2 [details](https://github.com/Ride-The-Lightning/RTL/releases/tag/v0.15.2)
 - Update: Jam (JoinMarket Web UI) v0.3.0 [details](https://github.com/joinmarket-webui/jam/releases/tag/v0.3.0)

 ## What's new in Version 1.11.2 of RaspiBlitz?
--- a/home.admin/00settingsMenuServices.sh
+++ b/home.admin/00settingsMenuServices.sh
@ -133,7 +133,7 @@ if [ "${crtlWebinterface}" != "${choice}" ]; then
  errorOnInstall=$?
  if [ "${choice}" =  "on" ]; then
    if [ ${errorOnInstall} -eq 0 ]; then
-      sudo systemctl start RTL
+      sudo systemctl start cRTL
      echo "waiting 10 secs .."
      sleep 10
      /home/admin/config.scripts/bonus.rtl.sh menu cl mainnet
--- a/home.admin/97addMobileWallet.sh
+++ b/home.admin/97addMobileWallet.sh
@ -80,7 +80,8 @@ if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then
 fi

 if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then
-	OPTIONS+=(ZEUS_CLREST "Zeus to Core LightningREST (Android or iOS)")
+  OPTIONS+=(ZEUS_CLNREST "Zeus to CLNrest (Android or iOS)")
+	OPTIONS+=(ZEUS_CLREST "Zeus to C-Lightning-REST (Android or iOS)[DEPRECATED]")
 	OPTIONS+=(FULLYNODED_CL "Fully Noded to CL REST (iOS+Tor)")
 fi

@ -267,7 +268,19 @@ Or scan the qr code on the LCD with your mobile phone.
  	  /home/admin/config.scripts/cl-plugin.http.sh connect
  	  exit 0;
  	;;
-
+ZEUS_CLNREST)
+    sudo /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_zeus.png
+	  whiptail --title "Install Zeus on your Android or iOS Phone" \
+			--yes-button "Continue" \
+			--no-button "Cancel" \
+			--yesno "Open the https://zeusln.app/ on your mobile phone to find the App Store link or binary for your phone.\n\nWhen the app is installed and started --> Continue." 12 65
+	  if [ $? -eq 1 ]; then
+			exit 0
+	  fi
+	  sudo /home/admin/config.scripts/blitz.display.sh hide
+  	/home/admin/config.scripts/cl-plugin.clnrest.sh connect
+  	exit 0;
+	;;
 ZEUS_CLREST)
      sudo /home/admin/config.scripts/blitz.display.sh image /home/admin/raspiblitz/pictures/app_zeus.png
 	  whiptail --title "Install Zeus on your Android or iOS Phone" \
--- a/home.admin/config.scripts/bonus.rtl.sh
+++ b/home.admin/config.scripts/bonus.rtl.sh
@ -1,7 +1,7 @@
 #!/bin/bash

 # https://github.com/Ride-The-Lightning/RTL/releases
-RTLVERSION="v0.14.1"
+RTLVERSION="v0.15.2"

 # check and load raspiblitz config
 # to know which network is running
@ -306,9 +306,21 @@ WantedBy=multi-user.target
 " | sudo tee /etc/systemd/system/${systemdService}.service
  sudo chown root:root /etc/systemd/system/${systemdService}.service

-  # set up Core LightningREST (if needed)
+  # set up clnrest
  if [ "${LNTYPE}" == "cl" ]; then
-    /home/admin/config.scripts/cl.rest.sh on ${CHAIN}
+    echo "# modifying ${systemdService}.service for CL"
+    sudo sed -i "s/^Wants=.*/Wants=${netprefix}lightningd.service/g" /etc/systemd/system/${systemdService}.service
+    sudo sed -i "s/^After=.*/After=${netprefix}lightningd.service/g" /etc/systemd/system/${systemdService}.service
+
+    # set up clnrest
+    /home/admin/config.scripts/cl-plugin.clnrest.sh on ${CHAIN}
+
+    # for CLN make sure user rtl is allowed to create and access admin runes
+    echo "# adding user rtl to group bitcoin"
+    sudo /usr/sbin/usermod --append --groups bitcoin rtl
+    echo "# symlink .lightning to rtl home"
+    sudo rm -rf /home/rtl/.lightning
+    sudo ln -s /mnt/hdd/app-data/.lightning /home/rtl/
  fi

  # Note about RTL config file
@ -478,21 +490,28 @@ if [ "$1" = "prestart" ]; then
  # Core Lightning changes of config
  # https://github.com/Ride-The-Lightning/RTL/blob/master/docs/C-Lightning-setup.md
  if [ "${LNTYPE}" == "cl" ]; then
-    echo "# CL Config"
+    echo "# CLN config"
+    if [ ! -f /mnt/hdd/app-data/rtl/${systemdService}/rune_for_${systemdService} ]; then
+      # Create/reuse core-lightning's rune. Check createrune and showrunes documentation for more details on how to create runes
+      newRune=$(/usr/local/bin/lightning-cli --conf=${CLCONF} createrune | jq .rune)
+      # Copy the rune and save it in a file which must be accessible to RTL. The content of the file must be LIGHTNING_RUNE="<your-rune>"
+      echo "LIGHTNING_RUNE=${newRune}" >/mnt/hdd/app-data/rtl/${systemdService}/rune_for_${systemdService}
+    fi
    cat /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json |
      jq ".port = \"${RTLHTTP}\"" |
      jq ".multiPass = \"${RPCPASSWORD}\"" |
      jq ".multiPassHashed = \"\"" |
      jq ".nodes[0].lnNode = \"${hostname}\"" |
-      jq ".nodes[0].lnImplementation = \"CLT\"" |
-      jq ".nodes[0].Authentication.macaroonPath = \"/home/bitcoin/c-lightning-REST/${CLNETWORK}/certs\"" |
+      jq ".nodes[0].lnImplementation = \"CLN\"" |
+      jq ".nodes[0].Authentication.runePath = \"/mnt/hdd/app-data/rtl/${systemdService}/rune_for_${systemdService}\"" |
      jq ".nodes[0].Authentication.configPath = \"${CLCONF}\"" |
      jq ".nodes[0].Authentication.swapMacaroonPath = \"/home/rtl/.loop/${CHAIN}/\"" |
      jq ".nodes[0].Authentication.boltzMacaroonPath = \"/home/rtl/.boltz-lnd/macaroons/\"" |
      jq ".nodes[0].Settings.userPersona = \"OPERATOR\"" |
-      jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}6100\"" |
+      jq ".nodes[0].Settings.lnServerUrl = \"https://127.0.0.1:${portprefix}7378\"" |
      jq ".nodes[0].Settings.channelBackupPath = \"/mnt/hdd/app-data/rtl/${systemdService}-SCB-backup-$hostname\"" |
      jq ".nodes[0].Settings.swapServerUrl = \"https://127.0.0.1:${SWAPSERVERPORT}\"" >/mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp
+
    mv /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json.tmp /mnt/hdd/app-data/rtl/${systemdService}/RTL-Config.json
  fi

@ -556,6 +575,16 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
    fi
    echo "# Delete all configs"
    sudo rm -rf /mnt/hdd/app-data/rtl
+    echo "# Disable and stop all RTL services"
+    # Get all systemd services containing "RTL"
+    services=$(systemctl list-units --type=service --all | grep RTL | awk '{print $1}')
+    # Stop and remove each service
+    for service in $services; do
+      echo "Stopping service: $service"
+      sudo systemctl disable --now "$service"
+      sudo rm /etc/systemd/system/${service}.service
+    done
+    echo "# All RTL services have been stopped and removed."
  fi

  # close ports on firewall
--- a/home.admin/config.scripts/cl-plugin.clnrest.sh
+++ b/home.admin/config.scripts/cl-plugin.clnrest.sh
@ -0,0 +1,136 @@
+#!/bin/bash
+
+# help
+if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
+  echo "clnrest configuration and connection script"
+  echo "cl-plugin.clnrest.sh on <mainnet|testnet|signet>"
+  echo "cl-plugin.clnrest.sh connect <mainnet|testnet|signet> [?key-value]"
+  exit 1
+fi
+
+# check and load raspiblitz config to know which network is running
+source /mnt/hdd/raspiblitz.conf
+
+echo "# Running: 'cl-plugin.clnrest.sh $*'"
+
+source <(/home/admin/config.scripts/network.aliases.sh getvars cl $2)
+
+if [ "$1" = on ]; then
+  clnNeedsRestart=0
+  if ! grep "^clnrest-port=${portprefix}7378" "${CLCONF}" >/dev/null; then
+    echo "# setting clnrest-port=${portprefix}7378"
+    sudo /home/admin/config.scripts/blitz.conf.sh set "clnrest-port" "${portprefix}7378" "${CLCONF}" "noquotes"
+    clnNeedsRestart=1
+  fi
+  if ! grep "^clnrest-host=0.0.0.0" "${CLCONF}" >/dev/null; then
+    echo "# setting clnrest-host=0.0.0.0"
+    sudo /home/admin/config.scripts/blitz.conf.sh set "clnrest-host" "0.0.0.0" "${CLCONF}" "noquotes"
+    clnNeedsRestart=1
+  fi
+  source /home/admin/raspiblitz.info
+  if [ "${state}" == "ready" ] && [ ${clnNeedsRestart} -eq 1 ]; then
+    echo "# OK the system is ready so restarting ${netprefix}lightningd to activate the clnrest plugin"
+    sudo systemctl restart ${netprefix}lightningd
+  fi
+fi
+
+if [ "$1" = connect ]; then
+
+  echo "# Allowing port ${portprefix}7378 through the firewall"
+  sudo ufw allow "${portprefix}7378" comment "${netprefix}clnrest" 1>/dev/null
+  localip=$(hostname -I | awk '{print $1}')
+  # hidden service to https://xx.onion
+  /home/admin/config.scripts/tor.onion-service.sh ${netprefix}clnrest 443 ${portprefix}7378 1>/dev/null
+
+  toraddress=$(sudo cat /mnt/hdd/tor/${netprefix}clnrest/hostname)
+  rune=$($lightningcli_alias createrune | jq -r .rune)
+  url="https://${localip}:${portprefix}7378/"
+  # clnrest://http://your_hidden_service.onion:your_port?&rune=your_rune
+  clnrestlan="clnrest://${localip}:${portprefix}7378?&rune=${rune}"
+  clnresttor="clnrest://${toraddress}:443?&rune=${rune}"
+
+  if [ "$3" == "key-value" ]; then
+    echo "toraddress='${toraddress}:443'"
+    echo "local='${url}'"
+    echo "rune='${rune}'"
+    echo "connectstring='${clnresttor}'"
+    exit 0
+  fi
+
+  # deactivated
+  # shellcheck disable=SC2317
+  function showStepByStepQR() {
+    clear
+    echo
+    sudo /home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
+    echo "The Tor address is shown as a QRcode below and on the LCD"
+    echo "Scan it to your phone with a QR scanner app and paste it to: 'Host'"
+    echo
+    echo "Host: ${toraddress}"
+    echo "REST Port: 443"
+    echo
+    qrencode -t ANSIUTF8 "${toraddress}"
+    echo
+    echo
+    echo "Alternatively to connect through the LAN the address is:"
+    echo "https://${localip}"
+    echo "REST Port: ${portprefix}7378"
+    echo
+    echo "# Press enter to continue to show the Rune"
+    read -r
+    sudo /home/admin/config.scripts/blitz.display.sh hide
+    sudo /home/admin/config.scripts/blitz.display.sh qr "${rune}"
+    clear
+    echo
+    echo "The Rune is shown as a QRcode below and on the LCD"
+    echo "Scan it to your phone with a QR scanner app and paste it to: 'Rune'"
+    echo
+    echo "Rune: ${rune}"
+    echo
+    qrencode -t ANSIUTF8 "${rune}"
+    echo
+    echo "# Press enter to hide the QRcode from the LCD"
+    read -r
+    sudo /home/admin/config.scripts/blitz.display.sh hide
+    exit 0
+  }
+
+  function showClRestQr() {
+    # see the format at https://github.com/ZeusLN/zeus/blob/master/utils/ConnectionFormatUtils.ts
+    # clnrest://http://your_hidden_service.onion:your_port?&rune=your_rune
+    clear
+    echo
+    sudo /home/admin/config.scripts/blitz.display.sh qr "${clnresttor}"
+    echo "The string to connect over Tor is shown as a QRcode below and on the LCD"
+    echo "Scan it to Zeus using the CLNrest option"
+    echo
+    echo "CLNrest connection string:"
+    echo "${clnresttor}"
+    echo
+    qrencode -t ANSIUTF8 "${clnresttor}"
+    echo
+    echo "# Press enter to show the string to connect over LAN"
+    read -r
+    sudo /home/admin/config.scripts/blitz.display.sh hide
+    sudo /home/admin/config.scripts/blitz.display.sh qr "${clnrestlan}"
+    clear
+    echo
+    echo "The string to connect over the local the network is shown as a QRcode below and on the LCD"
+    echo "Scan it to Zeus using the CLNrest option"
+    echo "This will only work if your node is connected to the same network"
+    echo "To connect reemotely consider using a VPN like ZeroTier or Tailscale"
+    echo
+    echo "CLNrest connection string:"
+    echo "${clnrestlan}"
+    echo
+    qrencode -t ANSIUTF8 "${clnrestlan}"
+    echo
+    echo "# Press enter to hide the QRcode from the LCD"
+    read -r
+    sudo /home/admin/config.scripts/blitz.display.sh hide
+    exit 0
+  }
+
+  showClRestQr
+
+fi
--- a/home.admin/config.scripts/cl.check.sh
+++ b/home.admin/config.scripts/cl.check.sh
@ -25,36 +25,33 @@ source <(/home/admin/config.scripts/network.aliases.sh getvars cl $2)
 if [ "$1" == "prestart" ]; then

  # make sure plugins are loaded https://github.com/rootzoll/raspiblitz/issues/2953
-  if [ $(grep -c "^plugin-dir=/home/bitcoin/${netprefix}cl-plugins-enabled" < ${CLCONF}) -eq 0 ];then
+  if [ $(grep -c "^plugin-dir=/home/bitcoin/${netprefix}cl-plugins-enabled" <${CLCONF}) -eq 0 ]; then
    echo "plugin-dir=/home/bitcoin/${netprefix}cl-plugins-enabled" | tee -a ${CLCONF}
  fi

  # do not announce 127.0.0.1 https://github.com/rootzoll/raspiblitz/issues/2634
-  if [ $(grep -c "^announce-addr=127.0.0.1" < ${CLCONF}) -gt 0 ];then
+  if [ $(grep -c "^announce-addr=127.0.0.1" <${CLCONF}) -gt 0 ]; then
    sed -i "/^announce-addr=127.0.0.1/d" ${CLCONF}
  fi

-  if [ $(grep -c "^clboss" < ${CLCONF}) -gt 0 ];then
-    if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/clboss ]\
-      || [ "$(eval echo \$${netprefix}clboss)" != "on" ]; then
+  if [ $(grep -c "^clboss" <${CLCONF}) -gt 0 ]; then
+    if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/clboss ] || [ "$(eval echo \$${netprefix}clboss)" != "on" ]; then
      echo "# The clboss plugin is not present but in config"
      sed -i "/^clboss/d" ${CLCONF}
      rm -rf /home/bitcoin/${netprefix}cl-plugins-enabled/clboss
    fi
  fi

-  if [ $(grep -c "^http-pass" < ${CLCONF}) -gt 0 ];then
-    if [ ! -f /home/bitcoin/cl-plugins-enabled/c-lightning-http-plugin ]\
-      || [ "${clHTTPplugin}" != "on" ]; then
+  if [ $(grep -c "^http-pass" <${CLCONF}) -gt 0 ]; then
+    if [ ! -f /home/bitcoin/cl-plugins-enabled/c-lightning-http-plugin ] || [ "${clHTTPplugin}" != "on" ]; then
      echo "# The clHTTPplugin is not present but in config"
      sed -i "/^http-pass/d" ${CLCONF}
      rm -rf /home/bitcoin/cl-plugins-enabled/c-lightning-http-plugin
    fi
  fi

-  if [ $(grep -c "^feeadjuster" < ${CLCONF}) -gt 0 ];then
-    if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/feeadjuster.py ]\
-      || [ "$(eval echo \$${netprefix}feeadjuster)" != "on" ]; then
+  if [ $(grep -c "^feeadjuster" <${CLCONF}) -gt 0 ]; then
+    if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/feeadjuster.py ] || [ "$(eval echo \$${netprefix}feeadjuster)" != "on" ]; then
      echo "# The feeadjuster plugin is not present but in config"
      sed -i "/^feeadjuster/d" ${CLCONF}
      rm -rf /home/bitcoin/${netprefix}cl-plugins-enabled/feeadjuster.py
@ -63,23 +60,28 @@ if [ "$1" == "prestart" ]; then

  # https://github.com/rootzoll/raspiblitz/issues/3007
  # add for test networks as well if needed on mainnet
-  if [ "${blitzapi}" = "on" ] || \
-   [ "${LNBitsFunding}" = "${netprefix}cl" ] || \
-   [ "${BTCPayServer}" = "on" ]; then
-    if [ $(grep -c "^rpc-file-mode=0660" < ${CLCONF}) -eq 0 ]; then
+  if [ "${blitzapi}" = "on" ] ||
+    [ "${LNBitsFunding}" = "${netprefix}cl" ] ||
+    [ "${BTCPayServer}" = "on" ]; then
+    if [ $(grep -c "^rpc-file-mode=0660" <${CLCONF}) -eq 0 ]; then
      echo "rpc-file-mode=0660" | tee -a ${CLCONF}
    fi
  fi

-  if [ $(grep -c "^grpc-port" < ${CLCONF}) -gt 0 ];then
-    if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc ]\
-      || [ "$(eval echo \$${netprefix}cln-grpc-port)" = "off" ]; then
+  if [ $(grep -c "^grpc-port" <${CLCONF}) -gt 0 ]; then
+    if [ ! -f /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc ] || [ "$(eval echo \$${netprefix}cln-grpc-port)" = "off" ]; then
      echo "# The cln-grpc plugin is not present but in config"
      sed -i "/^grpc-port/d" ${CLCONF}
      rm -rf /home/bitcoin/${netprefix}cl-plugins-enabled/cln-grpc
    fi
  fi

+  if ! grep "^clnrest-port=${portprefix}7378" <${CLCONF}; then
+    echo "clnrest-port=${portprefix}7378" | tee -a ${CLCONF}
+  fi
+  if ! grep "^clnrest-host=0.0.0.0" <${CLCONF}; then
+    echo "clnrest-host=0.0.0.0" | tee -a ${CLCONF}
+  fi

  exit 0
 fi
@ -92,9 +94,9 @@ fi

 if [ "$1" == "poststart" ]; then

-    # log info
-    info=$(ls -la /mnt/hdd/app-data/.lightning/bitcoin/lightning-rpc)
-    logger "${info}"
+  # log info
+  info=$(ls -la /mnt/hdd/app-data/.lightning/bitcoin/lightning-rpc)
+  logger "${info}"

  exit 0
 fi
--- a/home.admin/config.scripts/cl.install.sh
+++ b/home.admin/config.scripts/cl.install.sh
@ -282,6 +282,8 @@ network=${CLNETWORK}
 log-file=cl.log
 log-level=info
 plugin-dir=/home/bitcoin/${netprefix}cl-plugins-enabled
+clnrest-port=${portprefix}7378
+clnrest-host=0.0.0.0

 # Tor settings
 proxy=127.0.0.1:9050