mirror of
https://github.com/raspiblitz/raspiblitz.git
synced 2025-04-12 13:49:38 +02:00
/rootzoll
GitHub
parent
3032410b76
commit
d45bf5f25d
@ -316,13 +316,6 @@ case $CHOICE in
|
||||
;;
|
||||
PASSWORD)
|
||||
sudo /home/admin/config.scripts/blitz.setpassword.sh
|
||||
noreboot=$?
|
||||
if [ "${noreboot}" = "0" ]; then
|
||||
echo "Press ENTER to Reboot .."
|
||||
read key
|
||||
sudo /home/admin/XXshutdown.sh reboot
|
||||
exit 0
|
||||
fi
|
||||
;;
|
||||
UPDATE)
|
||||
/home/admin/99updateMenu.sh
|
||||
|
||||
@ -32,16 +32,16 @@ if [ "$network" = "bitcoin" ]; then
|
||||
fi
|
||||
|
||||
# ask if really sync behind TOR
|
||||
if [ "${runBehindTor}" = "on" ]; then
|
||||
whiptail --title ' Sync Blockchain from behind TOR? ' --yes-button='Public-Sync' --no-button='TOR-Sync' --yesno "You decided to run your node behind TOR and validate the blockchain with your RaspiBlitz - thats good. But downloading the complete blockchain thru TOR can add some extra time (maybe a day) to the process and adds a heavy load on the TOR network.\n
|
||||
Your RaspiBlitz can just run the initial blockchain download with your public IP (Public-Sync) but keep your Lighting node safe behind TOR.
|
||||
It would speed up the self-validation while not revealing your Lightning node identity. But for most privacy choose (TOR-Sync).
|
||||
" 15 76
|
||||
if [ $? -eq 0 ]; then
|
||||
# set flag to not run bitcoin behind TOR during IDB
|
||||
echo "ibdBehindTor=off" >> /home/admin/raspiblitz.info
|
||||
fi
|
||||
fi
|
||||
# if [ "${runBehindTor}" = "on" ]; then
|
||||
# whiptail --title ' Sync Blockchain from behind TOR? ' --yes-button='Public-Sync' --no-button='TOR-Sync' --yesno "You decided to run your node behind TOR and validate the blockchain with your RaspiBlitz - thats good. But downloading the complete blockchain thru TOR can add some extra time (maybe a day) to the process and adds a heavy load on the TOR network.\n
|
||||
#Your RaspiBlitz can just run the initial blockchain download with your public IP (Public-Sync) but keep your Lighting node safe behind TOR.
|
||||
#It would speed up the self-validation while not revealing your Lightning node identity. But for most privacy choose (TOR-Sync).
|
||||
# " 15 76
|
||||
# if [ $? -eq 0 ]; then
|
||||
# # set flag to not run bitcoin behind TOR during IDB
|
||||
# echo "ibdBehindTor=off" >> /home/admin/raspiblitz.info
|
||||
# fi
|
||||
#fi
|
||||
|
||||
echo "**********************************"
|
||||
echo "Dont Trust, verify - starting sync"
|
||||
|
||||
@ -51,7 +51,10 @@ case $CHOICE in
|
||||
ELECTRS)
|
||||
/home/admin/config.scripts/bonus.electrs.sh menu;;
|
||||
BTCPAY)
|
||||
/home/admin/config.scripts/lnd.export.sh btcpay;;
|
||||
/home/admin/config.scripts/lnd.export.sh btcpay
|
||||
echo "Press ENTER to return to main menu."
|
||||
read key
|
||||
exit 0;;
|
||||
RESET)
|
||||
sudo /home/admin/config.scripts/lnd.credentials.sh reset
|
||||
echo "Press ENTER to return to main menu."
|
||||
|
||||
@ -121,6 +121,16 @@ else
|
||||
echo ""
|
||||
fi
|
||||
|
||||
if [ "${lit}" = "off" ]; then
|
||||
echo "- LIT is OFF by config"
|
||||
else
|
||||
echo ""
|
||||
echo "*** LAST 20 LIT LOGS ***"
|
||||
echo "sudo journalctl -u litd -b --no-pager -n20"
|
||||
sudo journalctl -u litd -b --no-pager -n20
|
||||
echo ""
|
||||
fi
|
||||
|
||||
if [ "${BTCPayServer}" = "off" ]; then
|
||||
echo "- BTCPayServer is OFF by config"
|
||||
else
|
||||
|
||||
@ -582,6 +582,15 @@ else
|
||||
echo "Provisioning Stacking Sats Kraken - keep default" >> ${logFile}
|
||||
fi
|
||||
|
||||
# lit (make sure to be installed after RTL)
|
||||
if [ "${lit}" = "on" ]; then
|
||||
echo "Provisioning LIT - run config script" >> ${logFile}
|
||||
sudo sed -i "s/^message=.*/message='Setup LIT'/g" ${infoFile}
|
||||
sudo -u admin /home/admin/config.scripts/bonus.lit.sh on >> ${logFile} 2>&1
|
||||
else
|
||||
echo "Provisioning LIT - keep default" >> ${logFile}
|
||||
fi
|
||||
|
||||
# pool
|
||||
if [ "${pool}" = "on" ]; then
|
||||
echo "Provisioning Pool - run config script" >> ${logFile}
|
||||
|
||||
11
home.admin/assets/nginx/sites-available/mempool_.conf
Normal file
11
home.admin/assets/nginx/sites-available/mempool_.conf
Normal file
@ -0,0 +1,11 @@
|
||||
## mempool_ssl.conf
|
||||
|
||||
server {
|
||||
listen 4080;
|
||||
listen [::]:4080;
|
||||
server_name _;
|
||||
|
||||
include /etc/nginx/snippets/ssl-params.conf;
|
||||
include /etc/nginx/snippets/ssl-certificate-app-data.conf;
|
||||
include /etc/nginx/snippets/mempool.conf;
|
||||
}
|
||||
@ -8,7 +8,6 @@ echo "blitz.setpassword.sh b [?newpassword] "
|
||||
echo "blitz.setpassword.sh c [?oldpassword] [?newpassword] "
|
||||
echo "or just as a password enter dialog (result as file)"
|
||||
echo "blitz.setpassword.sh [x] [text] [result-file] [?empty-allowed]"
|
||||
echo "exits on 0 = needs reboot"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@ -35,8 +34,10 @@ fi
|
||||
abcd=$1
|
||||
|
||||
# run interactive if no further parameters
|
||||
reboot=0;
|
||||
OPTIONS=()
|
||||
if [ ${#abcd} -eq 0 ]; then
|
||||
reboot=1;
|
||||
emptyAllowed=1
|
||||
OPTIONS+=(A "Master User Password / SSH")
|
||||
OPTIONS+=(B "RPC Password (blockchain/lnd)")
|
||||
@ -146,7 +147,6 @@ if [ "${abcd}" = "a" ]; then
|
||||
|
||||
echo ""
|
||||
echo "OK - password A changed for user pi, root, admin & bitcoin"
|
||||
exit 0
|
||||
|
||||
############################
|
||||
# PASSWORD B
|
||||
@ -159,9 +159,9 @@ elif [ "${abcd}" = "b" ]; then
|
||||
clear
|
||||
|
||||
# ask user for new password B (first time)
|
||||
password1=$(whiptail --passwordbox "\nPlease enter your RPC Password B:\n(min 8chars, 1word, chars+number, no specials)" 10 52 "" --title "Password B" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
|
||||
password1=$(whiptail --passwordbox "\nPlease enter your new Password B:\n(min 8chars, 1word, chars+number, no specials)" 10 52 "" --title "Password B" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
|
||||
if [ $? -eq 1 ]; then
|
||||
if [ ${emptyAllowed} -eq 0 ]; then
|
||||
if [ "${emptyAllowed}" == "0" ]; then
|
||||
echo "CANCEL not possible"
|
||||
sleep 2
|
||||
else
|
||||
@ -172,7 +172,7 @@ elif [ "${abcd}" = "b" ]; then
|
||||
# ask user for new password B (second time)
|
||||
password2=$(whiptail --passwordbox "\nRe-Enter Password B:\n" 10 52 "" --title "Password B" --backtitle "RaspiBlitz - Setup" 3>&1 1>&2 2>&3)
|
||||
if [ $? -eq 1 ]; then
|
||||
if [ ${emptyAllowed} -eq 0 ]; then
|
||||
if [ "${emptyAllowed}" == "0" ]; then
|
||||
echo "CANCEL not possible"
|
||||
sleep 2
|
||||
else
|
||||
@ -283,12 +283,18 @@ EOF
|
||||
# ThunderHub
|
||||
if [ "${thunderhub}" == "on" ]; then
|
||||
echo "# changing the password for ThunderHub"
|
||||
sed -i "s/^masterPassword:.*/masterPassword: '${newPassword}'/g" /mnt/hdd/app-data/thunderhub/thubConfig.yaml
|
||||
sudo sed -i "s/^masterPassword:.*/masterPassword: '${newPassword}'/g" /mnt/hdd/app-data/thunderhub/thubConfig.yaml
|
||||
fi
|
||||
|
||||
# LIT
|
||||
if [ "${lit}" == "on" ]; then
|
||||
echo "# changing the password for LIT"
|
||||
sudo sed -i "s/^uipassword=.*/uipassword=${newPassword}/g" /mnt/hdd/app-data/.lit/lit.conf
|
||||
sudo sed -i "s/^faraday.bitcoin.password=.*/faraday.bitcoin.password=${newPassword}/g" /mnt/hdd/app-data/.lit/lit.conf
|
||||
fi
|
||||
|
||||
echo "# OK -> RPC Password B changed"
|
||||
echo "# Reboot is needed"
|
||||
exit 0
|
||||
|
||||
############################
|
||||
# PASSWORD C
|
||||
@ -381,7 +387,6 @@ elif [ "${abcd}" = "c" ]; then
|
||||
# final user output
|
||||
echo ""
|
||||
echo "OK"
|
||||
exit 0
|
||||
|
||||
############################
|
||||
# PASSWORD X
|
||||
@ -447,3 +452,11 @@ else
|
||||
echo "FAIL: there is no password '${abcd}' (reminder: use lower case)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# when started with menu ... reboot when done
|
||||
if [ "${reboot}" == "1" ]; then
|
||||
echo "Now rebooting to activate changes ..."
|
||||
sudo /home/admin/XXshutdown.sh reboot
|
||||
else
|
||||
echo "..."
|
||||
fi
|
||||
|
||||
@ -39,9 +39,9 @@ This can take multiple hours.
|
||||
|
||||
# TOR
|
||||
/home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
|
||||
whiptail --title " BTC-RPC-Explorer " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:3021\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
whiptail --title " BTC-RPC-Explorer " --msgbox "Open in your local web browser:
|
||||
http://${localip}:3020\n
|
||||
https://${localip}:3021 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Login is 'admin' with your Password B\n
|
||||
Hidden Service address for TOR Browser (QR see LCD):
|
||||
@ -51,9 +51,9 @@ ${toraddress}
|
||||
else
|
||||
|
||||
# IP + Domain
|
||||
whiptail --title " BTC-RPC-Explorer " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:3021\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
whiptail --title " BTC-RPC-Explorer " --msgbox "Open in your local web browser:
|
||||
http://${localip}:3020\n
|
||||
https://${localip}:3021 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Login is 'admin' with your Password B\n
|
||||
Activate TOR to access the web block explorer from outside your local network.
|
||||
|
||||
@ -145,7 +145,7 @@ consider adding a IP2TOR Bridge: MAINMENU > SUBSCRIBE > IP2TOR"
|
||||
|
||||
text="${text}\n
|
||||
To get the 'Connection String' to activate Lightning Payments:
|
||||
MAINMENU > LNDCREDS > EXPORT > BTCPay Server"
|
||||
MAINMENU > CONNECT > BTCPay Server"
|
||||
|
||||
whiptail --title " BTCPay Server " --msgbox "${text}" 17 69
|
||||
|
||||
|
||||
@ -31,7 +31,7 @@ if [ "$1" = "menu" ]; then
|
||||
# get network info
|
||||
localip=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0' | grep 'eth0\|wlan0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
|
||||
toraddress=$(sudo cat /mnt/hdd/tor/lit/hostname 2>/dev/null)
|
||||
fingerprint=$(openssl x509 -in /home/lit/.lit/tls.cert -fingerprint -noout | cut -d"=" -f2)
|
||||
fingerprint=$(sudo openssl x509 -in /home/lit/.lit/tls.cert -fingerprint -noout | cut -d"=" -f2)
|
||||
|
||||
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
|
||||
# Info with TOR
|
||||
|
||||
@ -33,7 +33,7 @@ if [ "$1" = "menu" ]; then
|
||||
fi
|
||||
fi
|
||||
|
||||
text="Local Webrowser: https://${localIP}:${httpsPort}"
|
||||
text="Local Webrowser: http://${localIP}:${httpPort}"
|
||||
|
||||
if [ ${#publicDomain} -gt 0 ]; then
|
||||
text="${text}
|
||||
@ -41,8 +41,9 @@ Public Domain: https://${publicDomain}:${httpsPort}
|
||||
port forwarding on router needs to be active & may change port"
|
||||
fi
|
||||
|
||||
text="${text}
|
||||
SHA1 ${sslFingerprintIP}"
|
||||
text="${text}\n
|
||||
https://${localIP}:${httpsPort} with Fingerprint
|
||||
${sslFingerprintIP}"
|
||||
|
||||
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
|
||||
/home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
|
||||
@ -66,7 +67,7 @@ To enable easy reachability with normal browser from the outside
|
||||
consider adding a IP2TOR Bridge (MAINMENU > SUBSCRIBE)."
|
||||
fi
|
||||
|
||||
whiptail --title " LNbits " --msgbox "${text}" 15 69
|
||||
whiptail --title " LNbits " --msgbox "${text}" 16 69
|
||||
|
||||
/home/admin/config.scripts/blitz.display.sh hide
|
||||
echo "please wait ..."
|
||||
@ -86,6 +87,7 @@ if [ "$1" = "status" ]; then
|
||||
|
||||
localIP=$(ip addr | grep 'state UP' -A2 | egrep -v 'docker0|veth' | grep 'eth0\|wlan0\|enp0' | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
|
||||
echo "localIP='${localIP}'"
|
||||
echo "httpPort='5000'"
|
||||
echo "httpsPort='5001'"
|
||||
echo "publicIP='${publicIP}'"
|
||||
|
||||
@ -301,7 +303,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
|
||||
# open firewall
|
||||
echo
|
||||
echo "*** Updating Firewall ***"
|
||||
sudo ufw allow 5001 comment 'lnbits'
|
||||
sudo ufw allow 5000 comment 'lnbits HTTP'
|
||||
sudo ufw allow 5001 comment 'lnbits HTTPS'
|
||||
echo ""
|
||||
|
||||
# install service
|
||||
|
||||
@ -40,9 +40,9 @@ This can take multiple hours.
|
||||
|
||||
# TOR
|
||||
/home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
|
||||
whiptail --title " Mempool " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:4081\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
whiptail --title " Mempool " --msgbox "Open in your local web browser:
|
||||
http://${localip}:4080\n
|
||||
https://${localip}:4081 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Hidden Service address for TOR Browser (QR see LCD):
|
||||
${toraddress}
|
||||
@ -51,9 +51,9 @@ ${toraddress}
|
||||
else
|
||||
|
||||
# IP + Domain
|
||||
whiptail --title " Mempool " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:4081\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
whiptail --title " Mempool " --msgbox "Open in your local web browser:
|
||||
http://${localip}:4080\n
|
||||
https://${localip}:4081 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Activate TOR to access the web block explorer from outside your local network.
|
||||
" 16 54
|
||||
@ -213,6 +213,7 @@ EOF
|
||||
|
||||
# open firewall
|
||||
echo "# *** Updating Firewall ***"
|
||||
sudo ufw allow 4080 comment 'mempool HTTP'
|
||||
sudo ufw allow 4081 comment 'mempool HTTPS'
|
||||
echo ""
|
||||
|
||||
@ -223,10 +224,12 @@ EOF
|
||||
# setup nginx symlinks
|
||||
sudo cp /home/admin/assets/nginx/snippets/mempool.conf /etc/nginx/snippets/mempool.conf
|
||||
sudo cp /home/admin/assets/nginx/snippets/mempool-http.conf /etc/nginx/snippets/mempool-http.conf
|
||||
sudo cp /home/admin/assets/nginx/sites-available/mempool_.conf /etc/nginx/sites-available/mempool_.conf
|
||||
sudo cp /home/admin/assets/nginx/sites-available/mempool_ssl.conf /etc/nginx/sites-available/mempool_ssl.conf
|
||||
sudo cp /home/admin/assets/nginx/sites-available/mempool_tor.conf /etc/nginx/sites-available/mempool_tor.conf
|
||||
sudo cp /home/admin/assets/nginx/sites-available/mempool_tor_ssl.conf /etc/nginx/sites-available/mempool_tor_ssl.conf
|
||||
|
||||
sudo ln -sf /etc/nginx/sites-available/mempool_.conf /etc/nginx/sites-enabled/
|
||||
sudo ln -sf /etc/nginx/sites-available/mempool_ssl.conf /etc/nginx/sites-enabled/
|
||||
sudo ln -sf /etc/nginx/sites-available/mempool_tor.conf /etc/nginx/sites-enabled/
|
||||
sudo ln -sf /etc/nginx/sites-available/mempool_tor_ssl.conf /etc/nginx/sites-enabled/
|
||||
@ -306,9 +309,11 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
||||
# remove nginx symlinks
|
||||
sudo rm -f /etc/nginx/snippets/mempool.conf
|
||||
sudo rm -f /etc/nginx/snippets/mempool-http.conf
|
||||
sudo rm -f /etc/nginx/sites-enabled/mempool_.conf
|
||||
sudo rm -f /etc/nginx/sites-enabled/mempool_ssl.conf
|
||||
sudo rm -f /etc/nginx/sites-enabled/mempool_tor.conf
|
||||
sudo rm -f /etc/nginx/sites-enabled/mempool_tor_ssl.conf
|
||||
sudo rm -f /etc/nginx/sites-available/mempool_.conf
|
||||
sudo rm -f /etc/nginx/sites-available/mempool_ssl.conf
|
||||
sudo rm -f /etc/nginx/sites-available/mempool_tor.conf
|
||||
sudo rm -f /etc/nginx/sites-available/mempool_tor_ssl.conf
|
||||
@ -330,6 +335,7 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
|
||||
fi
|
||||
|
||||
# close ports on firewall
|
||||
sudo ufw deny 4080
|
||||
sudo ufw deny 4081
|
||||
exit 0
|
||||
fi
|
||||
|
||||
@ -29,9 +29,9 @@ if [ "$1" = "menu" ]; then
|
||||
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
|
||||
# Info with TOR
|
||||
/home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
|
||||
whiptail --title " Ride The Lightning (RTL) " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:3001\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
whiptail --title " Ride The Lightning (RTL) " --msgbox "Open in your local web browser:
|
||||
http://${localip}:3000\n
|
||||
https://${localip}:3001 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Use your Password B to login.\n
|
||||
Hidden Service address for TOR Browser (QRcode on LCD):\n${toraddress}
|
||||
@ -40,8 +40,8 @@ Hidden Service address for TOR Browser (QRcode on LCD):\n${toraddress}
|
||||
else
|
||||
# Info without TOR
|
||||
whiptail --title " Ride The Lightning (RTL) " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:3001\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
http://${localip}:3000\n
|
||||
https://${localip}:3001 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Use your Password B to login.\n
|
||||
Activate TOR to access the web interface from outside your local network.
|
||||
|
||||
@ -30,9 +30,9 @@ if [ "$1" = "menu" ]; then
|
||||
if [ "${runBehindTor}" = "on" ] && [ ${#toraddress} -gt 0 ]; then
|
||||
# Info with TOR
|
||||
/home/admin/config.scripts/blitz.display.sh qr "${toraddress}"
|
||||
whiptail --title " ThunderHub " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:3011\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
whiptail --title " ThunderHub " --msgbox "Open in your local web browser:
|
||||
http://${localip}:3010\n
|
||||
https://${localip}:3011 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Use your Password B to login.\n
|
||||
Hidden Service address for TOR Browser (see LCD for QR):\n${toraddress}
|
||||
@ -41,8 +41,8 @@ Hidden Service address for TOR Browser (see LCD for QR):\n${toraddress}
|
||||
else
|
||||
# Info without TOR
|
||||
whiptail --title " ThunderHub " --msgbox "Open in your local web browser & accept self-signed cert:
|
||||
https://${localip}:3011\n
|
||||
SHA1 Thumb/Fingerprint:
|
||||
http://${localip}:3010\n
|
||||
https://${localip}:3011 with Fingerprint:
|
||||
${fingerprint}\n
|
||||
Use your Password B to login.\n
|
||||
Activate TOR to access the web interface from outside your local network.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user