highperfocused/raspiblitz
1
0
Fork 0
mirror of https://github.com/raspiblitz/raspiblitz.git synced 2025-09-21 14:11:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

add clnEncyptedHSM and clnAutoUnlock to SETTINGS

Browse Source
This commit is contained in:
openoms
2021-09-20 14:45:59 +01:00
parent 62f7d59acb
commit e776be037f
2 changed files with 158 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
home.admin/00settingsMenuBasics.sh
View File

@@ -16,6 +16,8 @@ if [ ${#lcdrotate} -eq 0 ]; then lcdrotate=0; fi
if [ ${#zerotier} -eq 0 ]; then zerotier="off"; fi if [ ${#zerotier} -eq 0 ]; then zerotier="off"; fi
if [ ${#circuitbreaker} -eq 0 ]; then circuitbreaker="off"; fi if [ ${#circuitbreaker} -eq 0 ]; then circuitbreaker="off"; fi
if [ ${#clboss} -eq 0 ]; then clboss="off"; fi if [ ${#clboss} -eq 0 ]; then clboss="off"; fi
if [ ${#clnEncryptedHSM} -eq 0 ]; then clnEncryptedHSM="off"; fi
if [ ${#clnAutoUnlock} -eq 0 ]; then clnAutoUnlock="off"; fi
echo "# map LND to on/off" echo "# map LND to on/off"
lndNode="off" lndNode="off"
@@ -47,7 +49,7 @@ if [ "${zerotier}" != "off" ]; then zerotierSwitch="on"; fi
echo "# map parallel testnets to on/off" echo "# map parallel testnets to on/off"
parallelTestnets="off" parallelTestnets="off"
if [ "${testnet}" == "on"] || [ "${signet}" == "on" ]; then if [ "${testnet}" == "on" ] || [ "${signet}" == "on" ]; then
parallelTestnets="on" parallelTestnets="on"
fi fi
@@ -88,10 +90,22 @@ fi
echo "# map clboss to on/off" echo "# map clboss to on/off"
clbossMenu='off' clbossMenu='off'
if [ ${clboss} -gt 0 ]; then if [ "${clboss}" == "on" ]; then
clbossMenu='on' clbossMenu='on'
fi fi
echo "# map clnEncryptedHSM to on/off"
clnEncryptedHSMMenu='off'
if [ "${clnEncryptedHSM}" == "on" ]; then
clnEncryptedHSMMenu='on'
fi
echo "# map clnAutoUnlock to on/off"
clnAutoUnlockMenu='off'
if [ "${clnAutoUnlock}" == "on" ]; then
clnAutoUnlockMenu='on'
fi
# show select dialog # show select dialog
echo "run dialog ..." echo "run dialog ..."
@@ -130,7 +144,11 @@ fi
# C-Lightning & options/PlugIns # C-Lightning & options/PlugIns
OPTIONS+=(n 'CLN C-LIGHTNING NODE' ${clnNode}) OPTIONS+=(n 'CLN C-LIGHTNING NODE' ${clnNode})
if [ "${clnNode}" == "on" ]; then if [ "${clnNode}" == "on" ]; then
OPTIONS+=(o '-CLN CLBOSS Automatic Node Manager' ${clbossMenu}) OPTIONS+=(o '-CLN CLBOSS Automatic Node Manager' ${clbossMenu})
OPTIONS+=(h '-CLN Wallet Encryption' ${clnEncryptedHSMMenu})
if [ "${clnEncryptedHSM}" == "on" ]; then
OPTIONS+=(q '-CLN Auto-Unlock' ${clnAutoUnlockMenu})
fi
fi fi
CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1")) CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1"))
@@ -450,6 +468,38 @@ else
echo "CLBOSS Setting unchanged." echo "CLBOSS Setting unchanged."
fi fi
# clnEncryptedHSM process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "h")
if [ ${check} -eq 1 ]; then choice="on"; fi
if [ "${clnEncryptedHSM}" != "${choice}" ] && [ "${clnNode}" == "on" ]; then
echo "clnEncryptedHSM Setting changed .."
anychange=1
if [ "${choice}" == "on" ]; then
/home/admin/config.scripts/cln.hsmtool.sh encrypt mainnet
else
/home/admin/config.scripts/cln.hsmtool.sh decrypt mainnet
fi
needsReboot=0
else
echo "clnEncryptedHSM Setting unchanged."
fi
# clnAutoUnlock process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "q")
if [ ${check} -eq 1 ]; then choice="on"; fi
if [ "${clnAutoUnlock}" != "${choice}" ] && [ "${clnNode}" == "on" ]; then
echo "clnAutoUnlock Setting changed .."
anychange=1
if [ "${choice}" == "on" ]; then
/home/admin/config.scripts/cln.hsmtool.sh autounlock-on mainnet
else
/home/admin/config.scripts/cln.hsmtool.sh autounlock-off mainnet
fi
needsReboot=0
else
echo "clnAutoUnlock Setting unchanged."
fi
# parallel testnet process choice # parallel testnet process choice
choice="off"; check=$(echo "${CHOICES}" | grep -c "p") choice="off"; check=$(echo "${CHOICES}" | grep -c "p")
if [ ${check} -eq 1 ]; then choice="on"; fi if [ ${check} -eq 1 ]; then choice="on"; fi

210
home.admin/99clnRepairMenu.sh
View File

@@ -48,126 +48,126 @@ CHOICE=$(dialog --clear \
case $CHOICE in case $CHOICE in
ENCRYPT) ENCRYPT)
/home/admin/config.scripts/cln.hsmtool.sh encrypt $CHAIN /home/admin/config.scripts/cln.hsmtool.sh encrypt $CHAIN
source /mnt/hdd/raspiblitz.conf source /mnt/hdd/raspiblitz.conf
;; ;;
DECRYPT) DECRYPT)
/home/admin/config.scripts/cln.hsmtool.sh decrypt $CHAIN /home/admin/config.scripts/cln.hsmtool.sh decrypt $CHAIN
source /mnt/hdd/raspiblitz.conf source /mnt/hdd/raspiblitz.conf
;; ;;
PASSWORD_C) PASSWORD_C)
/home/admin/config.scripts/cln.hsmtool.sh change-password $CHAIN /home/admin/config.scripts/cln.hsmtool.sh change-password $CHAIN
;; ;;
AUTOUNLOCK-ON) AUTOUNLOCK-ON)
/home/admin/config.scripts/cln.hsmtool.sh autounlock-on $CHAIN /home/admin/config.scripts/cln.hsmtool.sh autounlock-on $CHAIN
;; ;;
AUTOUNLOCK-OFF) AUTOUNLOCK-OFF)
/home/admin/config.scripts/cln.hsmtool.sh autounlock-off $CHAIN /home/admin/config.scripts/cln.hsmtool.sh autounlock-off $CHAIN
;; ;;
BACKUP) BACKUP)
## from dialogLightningWallet.sh ## from dialogLightningWallet.sh
# run upload dialog and get result # run upload dialog and get result
_temp="/var/cache/raspiblitz/temp/.temp.tmp" _temp="/var/cache/raspiblitz/temp/.temp.tmp"
clear clear
/home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp /home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp
source $_temp 2>/dev/null source $_temp 2>/dev/null
sudo rm $_temp 2>/dev/null sudo rm $_temp 2>/dev/null
;;
;;
RESET) RESET)
# backup # backup
## from dialogLightningWallet.sh ## from dialogLightningWallet.sh
_temp="/var/cache/raspiblitz/temp/.temp.tmp" _temp="/var/cache/raspiblitz/temp/.temp.tmp"
clear clear
/home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp /home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp
source $_temp 2>/dev/null source $_temp 2>/dev/null
sudo rm $_temp 2>/dev/null sudo rm $_temp 2>/dev/null
echo echo
echo "The rescue file is stored on the SDcard named cln-rescue.*.tar.gz just in case." echo "The rescue file is stored on the SDcard named cln-rescue.*.tar.gz just in case."
echo "The next step will overwrite the old C-lighthning $CHAIN wallet" echo "The next step will overwrite the old C-lighthning $CHAIN wallet"
echo "Press ENTER to continue or CTRL+C to abort" echo "Press ENTER to continue or CTRL+C to abort"
read key read key
# reset # reset
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.* sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.*
# make sure the new hsm_secret is treated as unencrypted and clear autounlock # make sure the new hsm_secret is treated as unencrypted and clear autounlock
sudo sed -i \ sudo sed -i \
"s/^${netprefix}clnEncryptedHSM=.*/${netprefix}clnEncryptedHSM=off/g" \ "s/^${netprefix}clnEncryptedHSM=.*/${netprefix}clnEncryptedHSM=off/g" \
/mnt/hdd/raspiblitz.conf /mnt/hdd/raspiblitz.conf
sudo sed -i \ sudo sed -i \
"s/^${netprefix}clnAutoUnlock=.*/${netprefix}clnEncryptedHSM=off/g" \ "s/^${netprefix}clnAutoUnlock=.*/${netprefix}clnEncryptedHSM=off/g" \
/mnt/hdd/raspiblitz.conf /mnt/hdd/raspiblitz.conf
# new # new
/home/admin/config.scripts/cln.hsmtool.sh new $CHAIN /home/admin/config.scripts/cln.hsmtool.sh new $CHAIN
# set the lightningd service file on each active network # set the lightningd service file on each active network
if [ "${cln}" == "on" ] || [ "${cln}" == "1" ]; then if [ "${cln}" == "on" ] || [ "${cln}" == "1" ]; then
/home/admin/config.scripts/cln.install-service.sh mainnet /home/admin/config.scripts/cln.install-service.sh mainnet
fi fi
if [ "${tcln}" == "on" ] || [ "${tcln}" == "1" ]; then if [ "${tcln}" == "on" ] || [ "${tcln}" == "1" ]; then
/home/admin/config.scripts/cln.install-service.sh testnet /home/admin/config.scripts/cln.install-service.sh testnet
fi fi
if [ "${scln}" == "on" ] || [ "${scln}" == "1" ]; then if [ "${scln}" == "on" ] || [ "${scln}" == "1" ]; then
/home/admin/config.scripts/cln.install-service.sh signet /home/admin/config.scripts/cln.install-service.sh signet
fi fi
;; ;;
FILERESTORE) FILERESTORE)
# backup # backup
## from dialogLightningWallet.sh ## from dialogLightningWallet.sh
_temp="/var/cache/raspiblitz/temp/.temp.tmp" _temp="/var/cache/raspiblitz/temp/.temp.tmp"
clear clear
/home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp /home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp
source $_temp 2>/dev/null source $_temp 2>/dev/null
sudo rm $_temp 2>/dev/null sudo rm $_temp 2>/dev/null
echo echo
echo "The rescue file is stored on the SDcard named cln-rescue.*.tar.gz just in case." echo "The rescue file is stored on the SDcard named cln-rescue.*.tar.gz just in case."
echo "The next step will overwrite the old C-lighthning $CHAIN wallet" echo "The next step will overwrite the old C-lighthning $CHAIN wallet"
echo "Press ENTER to continue or CTRL+C to abort" echo "Press ENTER to continue or CTRL+C to abort"
read key read key
# reset # reset
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.* sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.*
# import file # import file
_temp="/var/cache/raspiblitz/temp/.temp.tmp" _temp="/var/cache/raspiblitz/temp/.temp.tmp"
clear clear
/home/admin/config.scripts/cln.backup.sh cln-import-gui production $_temp /home/admin/config.scripts/cln.backup.sh cln-import-gui production $_temp
source $_temp 2>/dev/null source $_temp 2>/dev/null
sudo rm $_temp 2>/dev/null sudo rm $_temp 2>/dev/null
;; ;;
SEEDRESTORE) SEEDRESTORE)
# backup # backup
## from dialogLightningWallet.sh ## from dialogLightningWallet.sh
_temp="/var/cache/raspiblitz/temp/.temp.tmp" _temp="/var/cache/raspiblitz/temp/.temp.tmp"
clear clear
/home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp /home/admin/config.scripts/cln.backup.sh cln-export-gui production $_temp
source $_temp 2>/dev/null source $_temp 2>/dev/null
sudo rm $_temp 2>/dev/null sudo rm $_temp 2>/dev/null
echo echo
echo "The rescue file is stored on the SDcard named cln-rescue.*.tar.gz just in case." echo "The rescue file is stored on the SDcard named cln-rescue.*.tar.gz just in case."
echo "The next step will overwrite the old C-lighthning $CHAIN wallet" echo "The next step will overwrite the old C-lighthning $CHAIN wallet"
echo "Press ENTER to continue or CTRL+C to abort" echo "Press ENTER to continue or CTRL+C to abort"
read key read key
# reset # reset
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/config sudo rm /home/bitcoin/.lightning/${CLNETWORK}/config
sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.* sudo rm /home/bitcoin/.lightning/${CLNETWORK}/*.*
# import seed # import seed
_temp="/var/cache/raspiblitz/.temp.tmp" _temp="/var/cache/raspiblitz/.temp.tmp"
/home/admin/config.scripts/cln.backup.sh seed-import-gui $_temp /home/admin/config.scripts/cln.backup.sh seed-import-gui $_temp
/home/admin/config.scripts/cln.hsmtool.sh seed "$CHAIN" "$(cat $_temp)" /home/admin/config.scripts/cln.hsmtool.sh seed "$CHAIN" "$(cat $_temp)"
source $_temp 2>/dev/null source $_temp 2>/dev/null
sudo rm $_temp 2>/dev/null sudo rm $_temp 2>/dev/null
# regenerate config # regenerate config
/home/admin/config.scripts/cln.hsmtool.sh autounlock-off /home/admin/config.scripts/cln.hsmtool.sh autounlock-off
/home/admin/config.scripts/cln.hsmtool.sh decrypt /home/admin/config.scripts/cln.hsmtool.sh decrypt
/home/admin/config.scripts/cln.install.sh on $CHAIN /home/admin/config.scripts/cln.install.sh on $CHAIN
;; ;;
esac esac