mirror of
https://github.com/raspiblitz/raspiblitz.git
synced 2025-09-19 12:10:33 +02:00
Merge branch 'dev' of https://github.com/rootzoll/raspiblitz into dev
This commit is contained in:
rootzoll
@@ -4,6 +4,7 @@
|
||||
|
||||
- New: Raspberry Pi OS Base Image 64-bit (August 2020)
|
||||
- New: Build SD card Image with parameters & FatPack [details](https://github.com/rootzoll/raspiblitz/pull/2044)
|
||||
- New: Improve LND uptime and reliability over Tor [details](https://github.com/rootzoll/raspiblitz/pull/2148)
|
||||
- New: Lightning Terminal 0.4.1-alpha (Loop, Pool & Faraday UI Bundle) [details](https://github.com/lightninglabs/lightning-terminal#lightning-terminal-lit)
|
||||
- New: chantools 0.8.2 [details](https://github.com/guggero/chantools/blob/master/README.md)
|
||||
- New: Circuitbreaker LND firewall (settings menu) [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md)
|
||||
|
||||
@@ -641,23 +641,6 @@ fi
|
||||
# add /sbin to path for all
|
||||
sudo bash -c "echo 'PATH=\$PATH:/sbin' >> /etc/profile"
|
||||
|
||||
# script auto-start for admin user
|
||||
homeFile=/home/admin/.bashrc
|
||||
autostartDone=$(grep -c "automatically start main menu" $homeFile)
|
||||
if [ ${autostartDone} -eq 0 ]; then
|
||||
# bash autostart for admin
|
||||
sudo bash -c "echo '# shortcut commands' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'source /home/admin/_commands.sh' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# automatically start main menu for admin unless' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# when running in a tmux session' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'if [ -z \"\$TMUX\" ]; then' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo ' ./00raspiblitz.sh' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'fi' >> /home/admin/.bashrc"
|
||||
echo "autostart added to $homeFile"
|
||||
else
|
||||
echo "autostart already in $homeFile"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "*** RASPIBLITZ EXTRAS ***"
|
||||
|
||||
@@ -679,9 +662,6 @@ sudo bash -c "echo '' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# https://github.com/rootzoll/raspiblitz/issues/1784' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'NG_CLI_ANALYTICS=ci' >> /home/admin/.bashrc"
|
||||
|
||||
sudo bash -c "echo '' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# Raspiblitz' >> /home/admin/.bashrc"
|
||||
|
||||
homeFile=/home/admin/.bashrc
|
||||
keyBindings="source /usr/share/doc/fzf/examples/key-bindings.bash"
|
||||
keyBindingsDone=$(grep -c "$keyBindings" $homeFile)
|
||||
@@ -693,6 +673,27 @@ else
|
||||
echo "key-bindings already in $homeFile"
|
||||
fi
|
||||
|
||||
homeFile=/home/admin/.bashrc
|
||||
autostart="automatically start main menu"
|
||||
autostartDone=$(grep -c "$autostart" $homeFile)
|
||||
|
||||
if [ ${autostartDone} -eq 0 ]; then
|
||||
# bash autostart for admin
|
||||
sudo bash -c "echo '# shortcut commands' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'source /home/admin/_commands.sh' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# automatically start main menu for admin unless' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# when running in a tmux session' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'if [ -z \"\$TMUX\" ]; then' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo ' ./00raspiblitz.sh' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo 'fi' >> /home/admin/.bashrc"
|
||||
echo "autostart added to $homeFile"
|
||||
else
|
||||
echo "autostart already in $homeFile"
|
||||
fi
|
||||
|
||||
sudo bash -c "echo '' >> /home/admin/.bashrc"
|
||||
sudo bash -c "echo '# Raspiblitz' >> /home/admin/.bashrc"
|
||||
|
||||
echo ""
|
||||
echo "*** SWAP FILE ***"
|
||||
# based on https://github.com/Stadicus/guides/blob/master/raspibolt/raspibolt_20_pi.md#moving-the-swap-file
|
||||
|
||||
@@ -145,11 +145,11 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
|
||||
sudo sed -i "s:^CookieAuthFile*:#CookieAuthFile:g" /etc/tor/torrc
|
||||
if ! grep -Eq "^CookieAuthentication 1" /etc/tor/torrc; then
|
||||
echo "CookieAuthentication 1" | sudo tee -a /etc/tor/torrc
|
||||
sudo systemctl restart tor
|
||||
sudo systemctl restart tor@default
|
||||
fi
|
||||
if ! grep -Eq "^AllowOutboundLocalhost 1" /etc/tor/torsocks.conf; then
|
||||
echo "AllowOutboundLocalhost 1" | sudo tee -a /etc/tor/torsocks.conf
|
||||
sudo systemctl restart tor
|
||||
sudo systemctl restart tor@default
|
||||
fi
|
||||
|
||||
# joinin.conf settings
|
||||
|
||||
@@ -334,6 +334,11 @@ alias lit-frcli=\"frcli --rpcserver=localhost:8443 \
|
||||
echo "# OK - the litd.service is enabled, to start manually use: 'sudo systemctl start litd'"
|
||||
fi
|
||||
|
||||
# make Loop work with RTL if installed (update will run configRTL)
|
||||
if [ ${#rtlWebinterface} -gt 0 ]&&[ ${rtlWebinterface} = on ];then
|
||||
/home/admin/config.scripts/bonus.rtl.sh update
|
||||
fi
|
||||
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
||||
@@ -61,7 +61,7 @@ echo "# making sure services are not running"
|
||||
sudo systemctl stop RTL 2>/dev/null
|
||||
|
||||
function configRTL() {
|
||||
SWAPSERVERPORT=8081
|
||||
SWAPSERVERPORT=8443
|
||||
if [ "$(grep -Ec "(loop=|lit=)" < /mnt/hdd/raspiblitz.conf)" -gt 0 ];then
|
||||
if [ $lit = on ];then
|
||||
echo "# Add the rtl user to the lit group"
|
||||
@@ -76,6 +76,7 @@ function configRTL() {
|
||||
echo "# Symlink the loop.macaroon"
|
||||
sudo rm -rf "/home/rtl/.loop" # delete symlink
|
||||
sudo ln -s "/home/loop/.loop/" "/home/rtl/.loop" # create symlink
|
||||
SWAPSERVERPORT=8081
|
||||
fi
|
||||
echo "# Make the loop macaroon group readable"
|
||||
sudo chmod 640 /home/rtl/.loop/mainnet/macaroons.db
|
||||
|
||||
@@ -35,7 +35,7 @@ if [ "$1" == "off" ]; then
|
||||
sudo chown bitcoin:bitcoin /etc/tor/torrc
|
||||
|
||||
echo "# OK service is removed - restarting TOR ..."
|
||||
sudo systemctl restart tor
|
||||
sudo systemctl restart tor@default
|
||||
sleep 10
|
||||
echo "# Done"
|
||||
exit 0
|
||||
@@ -100,7 +100,7 @@ HiddenServicePort $toPort 127.0.0.1:$fromPort" | sudo tee -a /etc/tor/torrc
|
||||
echo ""
|
||||
echo "Restarting Tor to activate the Hidden Service..."
|
||||
sudo chmod 644 /etc/tor/torrc
|
||||
sudo systemctl restart tor
|
||||
sudo systemctl restart tor@default
|
||||
sleep 10
|
||||
|
||||
# show the Hidden Service address
|
||||
|
||||
@@ -87,26 +87,100 @@ activateLndOverTOR()
|
||||
lndExists=$(sudo ls /etc/systemd/system/lnd.service | grep -c "lnd.service")
|
||||
if [ ${lndExists} -gt 0 ]; then
|
||||
|
||||
echo "# Make sure the user bitcoin is in the debian-tor group"
|
||||
sudo usermod -a -G debian-tor bitcoin
|
||||
# deprecate 'torpassword='
|
||||
sudo sed -i '/\[Tor\]*/d' /mnt/hdd/lnd/lnd.conf
|
||||
sudo sed -i '/^tor.password=*/d' /mnt/hdd/lnd/lnd.conf
|
||||
|
||||
# lnd-tor instance
|
||||
# https://www.torservers.net/wiki/setup/server#multiple_tor_processes
|
||||
NODENAME="lnd"
|
||||
SOCKSPORT=9070
|
||||
CONTROLPORT=$((SOCKSPORT+1))
|
||||
echo "# Creating a dedicated Tor instance for $NODENAME"
|
||||
sudo tor-instance-create $NODENAME
|
||||
|
||||
echo "# Make sure the user bitcoin is in the _tor-$NODENAME group"
|
||||
sudo usermod -a -G _tor-$NODENAME bitcoin
|
||||
|
||||
# create tor data directory if it not exist
|
||||
if [ ! -d "/mnt/hdd/tor-$NODENAME" ]; then
|
||||
echo "# - creating tor data directory"
|
||||
sudo mkdir -p /mnt/hdd/tor-$NODENAME
|
||||
sudo mkdir -p /mnt/hdd/tor-$NODENAME/sys
|
||||
else
|
||||
echo "# - /mnt/hdd/tor-$NODENAME data directory exists"
|
||||
fi
|
||||
# make sure its the correct owner
|
||||
sudo chmod -R 700 /mnt/hdd/tor-$NODENAME
|
||||
sudo chown -R _tor-$NODENAME:_tor-$NODENAME /mnt/hdd/tor-$NODENAME
|
||||
|
||||
echo "
|
||||
### torrc for tor@$NODENAME
|
||||
### https://github.com/lightningnetwork/lnd/blob/master/docs/configuring_tor.md
|
||||
|
||||
DataDirectory /mnt/hdd/tor-$NODENAME/sys
|
||||
PidFile /mnt/hdd/tor-$NODENAME/sys/tor.pid
|
||||
|
||||
SocksPort $SOCKSPORT
|
||||
ControlPort $CONTROLPORT
|
||||
CookieAuthentication 1
|
||||
CookieAuthFileGroupReadable 1
|
||||
|
||||
SafeLogging 1
|
||||
Log notice stdout
|
||||
Log notice file /mnt/hdd/tor-$NODENAME/notice.log
|
||||
Log info file /mnt/hdd/tor-$NODENAME/info.log
|
||||
" | sudo tee /etc/tor/instances/$NODENAME/torrc
|
||||
sudo chmod 644 /etc/tor/instances/$NODENAME/torrc
|
||||
|
||||
sudo mkdir -p /etc/systemd/system/tor@$NODENAME.service.d
|
||||
sudo tee /etc/systemd/system/tor@$NODENAME.service.d/raspiblitz.conf >/dev/null <<EOF
|
||||
# DO NOT EDIT! This file is generated by raspiblitz and will be overwritten
|
||||
[Service]
|
||||
ReadWriteDirectories=-/mnt/hdd/tor-$NODENAME
|
||||
[Unit]
|
||||
After=network.target nss-lookup.target mnt-hdd.mount
|
||||
EOF
|
||||
|
||||
echo "Setup logrotate"
|
||||
# add logrotate config for modified Tor dir on ext. disk
|
||||
sudo tee /etc/logrotate.d/raspiblitz-tor-$NODENAME >/dev/null <<EOF
|
||||
/mnt/hdd/tor-$NODENAME/*log {
|
||||
daily
|
||||
rotate 5
|
||||
compress
|
||||
delaycompress
|
||||
missingok
|
||||
notifempty
|
||||
create 0640 _tor-$NODENAME _tor-$NODENAME
|
||||
sharedscripts
|
||||
postrotate
|
||||
if invoke-rc.d tor status > /dev/null; then
|
||||
invoke-rc.d tor reload > /dev/null
|
||||
fi
|
||||
endscript
|
||||
}
|
||||
EOF
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl enable tor@$NODENAME
|
||||
sudo systemctl start tor@$NODENAME
|
||||
|
||||
# modify LND service
|
||||
echo "Make sure LND is disabled"
|
||||
echo "# Make sure LND is disabled"
|
||||
sudo systemctl disable lnd 2>/dev/null
|
||||
|
||||
echo "editing /etc/systemd/system/lnd.service"
|
||||
sudo sed -i "s/^ExecStart=\/usr\/local\/bin\/lnd.*/ExecStart=\/usr\/local\/bin\/lnd --tor\.active --tor\.streamisolation --tor\.v3 --listen=127\.0\.0\.1\:9735 \${lndExtraParameter}/g" /etc/systemd/system/lnd.service
|
||||
echo "# Editing /etc/systemd/system/lnd.service"
|
||||
sudo sed -i "s/^ExecStart=\/usr\/local\/bin\/lnd.*\
|
||||
/ExecStart=\/usr\/local\/bin\/lnd --tor\.active --tor\.streamisolation --tor\.v3 --tor\.socks=$SOCKSPORT --tor\.control=$CONTROLPORT --listen=127\.0\.0\.1\:9735 \${lndExtraParameter}/g" \
|
||||
/etc/systemd/system/lnd.service
|
||||
|
||||
echo "Enable LND again"
|
||||
echo "# Enable LND again"
|
||||
sudo systemctl enable lnd
|
||||
echo "OK"
|
||||
echo ""
|
||||
echo "# OK"
|
||||
echo
|
||||
|
||||
else
|
||||
echo "LND service not found (yet) - try with 'internet.tor.sh lndconf-on' again later"
|
||||
echo "# LND service not found (yet) - try with 'internet.tor.sh lndconf-on' again later"
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -231,9 +305,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
|
||||
isTorConfigOK=$(sudo cat /etc/tor/torrc 2>/dev/null | grep -c "BITCOIN")
|
||||
if [ ${isTorConfigOK} -eq 0 ]; then
|
||||
echo "# - updating Tor config ${torrc}"
|
||||
PASSWORD_B=$(sudo cat /mnt/hdd/${network}/${network}.conf | grep rpcpassword | cut -c 13-)
|
||||
HASHED_PASSWORD=$(sudo -u debian-tor tor --hash-password "$PASSWORD_B")
|
||||
cat > ./torrc <<EOF
|
||||
### torrc for tor@default
|
||||
### See 'man tor', or https://www.torproject.org/docs/tor-manual.html
|
||||
|
||||
DataDirectory /mnt/hdd/tor/sys
|
||||
@@ -259,35 +332,19 @@ HiddenServicePort 80 127.0.0.1:80
|
||||
# NOTE: since Bitcoin Core v0.21.0 sets up a v3 Tor service automatically
|
||||
# see /mnt/hdd/bitcoin for the onion private key - delete and restart bitcoind to reset
|
||||
|
||||
# Hidden Service for BITCOIN P2P (v2FallBack for Bisq)
|
||||
HiddenServiceDir /mnt/hdd/tor/bitcoin8333
|
||||
HiddenServiceVersion 2
|
||||
HiddenServicePort 8333 127.0.0.1:8333
|
||||
|
||||
# Hidden Service for LND (incoming connections)
|
||||
HiddenServiceDir /mnt/hdd/tor/lnd9735
|
||||
HiddenServiceVersion 3
|
||||
HiddenServicePort 9735 127.0.0.1:9735
|
||||
# NOTE: LND is using a separate Tor instance: tor@lnd
|
||||
# find the torrc at /etc/tor/instances/lnd/torrc
|
||||
# onion private key at /mnt/hdd/lnd/v3_onion_private_key
|
||||
|
||||
# Hidden Service for LND RPC
|
||||
HiddenServiceDir /mnt/hdd/tor/lndrpc10009/
|
||||
HiddenServiceVersion 3
|
||||
HiddenServicePort 10009 127.0.0.1:10009
|
||||
|
||||
# Hidden Service for LND RPC (v2Fallback)
|
||||
HiddenServiceDir /mnt/hdd/tor/lndrpc10009fallback/
|
||||
HiddenServiceVersion 2
|
||||
HiddenServicePort 10009 127.0.0.1:10009
|
||||
|
||||
# Hidden Service for LND REST
|
||||
HiddenServiceDir /mnt/hdd/tor/lndrest8080/
|
||||
HiddenServiceVersion 3
|
||||
HiddenServicePort 8080 127.0.0.1:8080
|
||||
|
||||
# Hidden Service for LND REST (v2Fallback)
|
||||
HiddenServiceDir /mnt/hdd/tor/lndrest8080fallback/
|
||||
HiddenServiceVersion 2
|
||||
HiddenServicePort 8080 127.0.0.1:8080
|
||||
EOF
|
||||
sudo rm $torrc
|
||||
sudo mv ./torrc $torrc
|
||||
@@ -396,6 +453,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
||||
# disable TOR service
|
||||
echo "# *** Disable Tor service ***"
|
||||
sudo systemctl disable tor@default
|
||||
sudo systemctl disable tor@lnd
|
||||
echo ""
|
||||
|
||||
# DEACTIVATE BITCOIN OVER TOR (function call)
|
||||
@@ -415,6 +473,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
||||
|
||||
echo "# *** Stop Tor service ***"
|
||||
sudo systemctl stop tor@default
|
||||
sudo systemctl stop tor@lnd
|
||||
echo ""
|
||||
|
||||
if [ "$2" == "clear" ]; then
|
||||
@@ -449,6 +508,12 @@ if [ "$1" = "update" ]; then
|
||||
echo "# Starting the tor.service "
|
||||
sudo systemctl start tor
|
||||
echo "# Installed $(tor --version)"
|
||||
if [ $(systemctl status lnd | grep -c "active (running)") -gt 0 ];then
|
||||
echo "# LND needs to restart"
|
||||
sudo systemctl restart lnd
|
||||
sleep 10
|
||||
lncli unlock
|
||||
fi
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user