From 4b35b77e934868760f7bf3a3623b86ae0d6f8d5b Mon Sep 17 00:00:00 2001 From: openoms <43343391+openoms@users.noreply.github.com> Date: Tue, 12 Jul 2022 12:59:04 +0100 Subject: [PATCH 1/4] lnd autounlock if testnet and signet (#3212) * lnd autounlock if testnet and signet * check for header in the lnd.conf * fix variables and improve output * make grep more robust * delete autounlock if passwordFile not present --- home.admin/config.scripts/lnd.check.sh | 8 ++++++++ home.admin/config.scripts/lnd.install.sh | 20 ++++++++++++++++++++ home.admin/config.scripts/network.aliases.sh | 12 ++++++++---- 3 files changed, 36 insertions(+), 4 deletions(-) diff --git a/home.admin/config.scripts/lnd.check.sh b/home.admin/config.scripts/lnd.check.sh index 74baf1e72..55b7904b6 100755 --- a/home.admin/config.scripts/lnd.check.sh +++ b/home.admin/config.scripts/lnd.check.sh @@ -61,6 +61,14 @@ if [ "$1" == "prestart" ]; then /home/admin/config.scripts/blitz.systemd.sh log lightning STARTED fi + ##### APPLICATION OPTIONS SECTION ##### + + # delete autounlock if passwordFile not present + passwordFile="/mnt/hdd/lnd/data/chain/${network}/${CHAIN}/password.info" + if ! ls ${passwordFile} &>/dev/null; then + sed -i "/^wallet-unlock-password-file=/d" ${lndConfFile} + fi + ##### BITCOIN OPTIONS SECTION ##### # [bitcoin] diff --git a/home.admin/config.scripts/lnd.install.sh b/home.admin/config.scripts/lnd.install.sh index 975e18485..2c6531cce 100644 --- a/home.admin/config.scripts/lnd.install.sh +++ b/home.admin/config.scripts/lnd.install.sh @@ -433,6 +433,26 @@ alias ${netprefix}lndconf=\"sudo nano /home/bitcoin/.lnd/${netprefix}lnd.conf\"\ fi fi + if [ "${CHAIN}" != "mainnet" ]; then + echo "# Setting autounlock for ${CHAIN}" + source <(/home/admin/config.scripts/network.aliases.sh getvars lnd ${CHAIN}) + passwordFile="/mnt/hdd/lnd/data/chain/${network}/${CHAIN}/password.info" + # create passwordfile + if ! sudo ls ${passwordFile} &>/dev/null; then + echo "raspiblitz" | sudo -u bitcoin tee ${passwordFile} 1>/dev/null + fi + # add autounlock to lnd.conf + if ! grep "^wallet-unlock-password-file=${passwordFile}" < ${lndConfFile}; then + if grep "^\[Application Options\]" < ${lndConfFile} &>/dev/null; then + # add under header + sudo sed -i "/^\[Application Options\]$/awallet-unlock-password-file=${passwordFile}" ${lndConfFile} + else + # just append if no headers used + echo "wallet-unlock-password-file=${passwordFile}" | sudo -u bitcoin tee ${lndConfFile} + fi + fi + fi + echo echo "# The installed LND version is: $(sudo -u bitcoin /usr/local/bin/lnd --version)" echo diff --git a/home.admin/config.scripts/network.aliases.sh b/home.admin/config.scripts/network.aliases.sh index 06dda7bca..f5a632346 100644 --- a/home.admin/config.scripts/network.aliases.sh +++ b/home.admin/config.scripts/network.aliases.sh @@ -18,11 +18,15 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ];then exit 1 fi -source /home/admin/raspiblitz.info -source /mnt/hdd/raspiblitz.conf 2>/dev/null - if [ "$1" = getvars ];then - + + source /home/admin/raspiblitz.info + source /mnt/hdd/raspiblitz.conf 2>/dev/null + + if [ ${#network} -eq 0 ];then + network=bitcoin + fi + # LNTYPE is: lnd | cl if [ $# -gt 1 ];then LNTYPE=$2 From c6e0d21f537a07f9d2cbc35af62faf9f19fad62c Mon Sep 17 00:00:00 2001 From: rootzoll Date: Tue, 12 Jul 2022 14:01:44 +0200 Subject: [PATCH 2/4] #3222 add v1.6.1 BTCPay Server to CHANGES --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 845db9c75..043c0d1d5 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -21,7 +21,7 @@ - Update: Channel Tools (chantools) v0.10.4 [details](https://github.com/guggero/chantools/blob/master/README.md) - Update: Electrum Server in Rust (electrs) v0.9.7 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#097-apr-30-2022) - Update: Fulcrum Electrum server v1.7.0 (CLI install script) [issue](https://github.com/rootzoll/raspiblitz/issues/2924) -- Update: BTCPayServer v1.5.4 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.5.4) +- Update: BTCPayServer 1.6.1 [details](https://github.com/btcpayserver/btcpayserver/releases/tag/v1.6.1) - Update: Mempool 2.4.0 [details](hhttps://github.com/mempool/mempool/releases/tag/v2.4.0) - Update: Helipad (Podcasting 2.0 Boostagram reader) v0.1.10 [details](https://github.com/Podcastindex-org/helipad/releases/tag/v0.1.10) - Update: Adapted Umbrel Migration for new 0.5.0 version with core lightning From a045f183736327ee6c5cb5ac717f447493e0ab46 Mon Sep 17 00:00:00 2001 From: openoms <43343391+openoms@users.noreply.github.com> Date: Tue, 12 Jul 2022 13:02:15 +0100 Subject: [PATCH 3/4] btcpay v1.6.1, nbxplorer v2.3.28 with postgres (#3222) --- .../config.scripts/bonus.btcpayserver.sh | 243 +++++++++++------- 1 file changed, 156 insertions(+), 87 deletions(-) diff --git a/home.admin/config.scripts/bonus.btcpayserver.sh b/home.admin/config.scripts/bonus.btcpayserver.sh index e7c5bb78f..06a56ca1f 100755 --- a/home.admin/config.scripts/bonus.btcpayserver.sh +++ b/home.admin/config.scripts/bonus.btcpayserver.sh @@ -3,9 +3,9 @@ # Based on: https://gist.github.com/normandmickey/3f10fc077d15345fb469034e3697d0d0 # https://github.com/dgarage/NBXplorer/tags -NBXplorerVersion="v2.2.20" +NBXplorerVersion="v2.3.28" # https://github.com/btcpayserver/btcpayserver/releases -BTCPayVersion="v1.5.4" +BTCPayVersion="v1.6.1" # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then @@ -24,6 +24,87 @@ source /mnt/hdd/raspiblitz.conf source /home/admin/raspiblitz.info source <(/home/admin/_cache.sh get state) +function postgresConfig() { + # https://github.com/rootzoll/raspiblitz/issues/3218 + echo "# Install postgres" + sudo apt install -y postgresql + + echo "# Move the postgres data to /mnt/hdd/app-data/postgresql" + # sudo -u postgres psql -c "show data_directory" + # /var/lib/postgresql/13/main + if [ ! -d /var/lib/postgresql ]; then + sudo mkdir -p /var/lib/postgresql/13/main + sudo chown -R postgres:postgres /var/lib/postgresql + # sudo pg_dropcluster 13 main + sudo pg_createcluster 13 main --start + fi + sudo systemctl stop postgresql 2>/dev/null + sudo rsync -av /var/lib/postgresql /mnt/hdd/app-data + sudo mv /var/lib/postgresql /var/lib/postgresql.bak + sudo rm -rf /var/lib/postgresql # not a symlink.. delete it silently + sudo ln -s /mnt/hdd/app-data/postgresql /var/lib/ + + sudo systemctl enable postgresql + sudo systemctl start postgresql + + echo "# Generate the database" + sudo -u postgres psql -c "create database nbxplorermainnet;" + sudo -u postgres psql -c "create user nbxplorer with encrypted password 'raspiblitz';" + # change to ${newPassword} or use Passfile= + # sudo -u postgres psql -c "alter user btcpay with encrypted password '${newPassword}';" + # sudo -u btcpay sed -i "s/Password=*/Password='${newPassword}';/g" /home/btcpay/.nbxplorer/Main/settings.config + # sudo -u btcpay sed -i "s/Password=*/Password='${newPassword}';/g" /home/btcpay/.btcpayserver/Main/settings.config + sudo -u postgres psql -c "grant all privileges on database nbxplorermainnet to nbxplorer;" +} + +function NBXplorerConfig() { + # https://docs.btcpayserver.org/Deployment/ManualDeploymentExtended/#4-create-a-configuration-file + echo + echo "# Getting RPC credentials from the bitcoin.conf" + RPC_USER=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcuser | cut -c 9-) + PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-) + sudo -u btcpay mkdir -p /home/btcpay/.nbxplorer/Main + echo "\ +network=mainnet +btc.rpc.user=${RPC_USER} +btc.rpc.password=${PASSWORD_B} +postgres=User ID=nbxplorer;Host=localhost;Port=5432;Application Name=nbxplorer;MaxPoolSize=20;Database=nbxplorermainnet;Password='raspiblitz'; +automigrate=1 +nomigrateevts=1 +" | sudo tee /home/btcpay/.nbxplorer/Main/settings.config + sudo chmod 600 /home/btcpay/.nbxplorer/Main/settings.config + sudo chown btcpay:btcpay /home/btcpay/.nbxplorer/Main/settings.config +} + +function BtcPayConfig() { + # set thumbprint + FINGERPRINT=$(openssl x509 -noout -fingerprint -sha256 -inform pem -in /home/btcpay/.lnd/tls.cert | cut -d"=" -f2) + echo "# setting the LND TLS thumbprint for BTCPay" + # https://docs.btcpayserver.org/Deployment/ManualDeploymentExtended/#3-create-a-configuration-file + echo " +### Global settings ### +network=mainnet + +### Server settings ### +port=23000 +bind=127.0.0.1 +externalurl=https://$BTCPayDomain + +### NBXplorer settings ### +BTC.explorer.url=http://127.0.0.1:24444/ +BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/home/btcpay/admin.macaroon;certthumbprint=$FINGERPRINT + +### Database ### +# keep sqlite for now as configured in the btcpayserver.service +# postgres=User ID=btcpay;Password=urpassword;Application Name=btcpayserver;Host=localhost;Port=5432;Database=btcpay; +explorer.postgres=User ID=nbxplorer;Host=localhost;Port=5432;Application Name=nbxplorer;MaxPoolSize=20;Database=nbxplorermainnet;Password='raspiblitz'; +" | sudo -u btcpay tee /home/btcpay/.btcpayserver/Main/settings.config + #doesNetworkEntryAlreadyExists=$(sudo cat /home/btcpay/.btcpayserver/Main/settings.config | grep -c '^network=') + #echo "# setting new LND TLS thumbprint for BTCPay" + #s="BTC.lightning=type=lnd-rest\;server=https\://127.0.0.1:8080/\;macaroonfilepath=/home/btcpay/admin.macaroon\;" + #sudo -u btcpay sed -i "s|^${s}certthumbprint=.*|${s}certthumbprint=$FINGERPRINT|g" /home/btcpay/.btcpayserver/Main/settings.config +} + if [ "$1" = "status" ]; then if [ "${BTCPayServer}" = "on" ]; then @@ -181,29 +262,7 @@ if [ "$1" = "write-tls-macaroon" ]; then sudo ln -s "/home/btcpay/.lnd/data/chain/${network}/${chain}net/admin.macaroon" "/home/btcpay/admin.macaroon" fi - # set thumbprint - FINGERPRINT=$(openssl x509 -noout -fingerprint -sha256 -inform pem -in /home/btcpay/.lnd/tls.cert | cut -d"=" -f2) - doesNetworkEntryAlreadyExists=$(sudo cat /home/btcpay/.btcpayserver/Main/settings.config | grep -c '^network=') - if [ ${doesNetworkEntryAlreadyExists} -eq 0 ]; then - echo "# setting the LND TLS thumbprint for BTCPay" - echo " -### Global settings ### -network=mainnet - -### Server settings ### -port=23000 -bind=127.0.0.1 -externalurl=https://$BTCPayDomain - -### NBXplorer settings ### -BTC.explorer.url=http://127.0.0.1:24444/ -BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/home/btcpay/admin.macaroon;certthumbprint=$FINGERPRINT -" | sudo -u btcpay tee -a /home/btcpay/.btcpayserver/Main/settings.config - else - echo "# setting new LND TLS thumbprint for BTCPay" - s="BTC.lightning=type=lnd-rest\;server=https\://127.0.0.1:8080/\;macaroonfilepath=/home/btcpay/admin.macaroon\;" - sudo -u btcpay sed -i "s|^${s}certthumbprint=.*|${s}certthumbprint=$FINGERPRINT|g" /home/btcpay/.btcpayserver/Main/settings.config - fi + BtcPayConfig if [ "${state}" == "ready" ]; then sudo systemctl restart btcpayserver @@ -235,7 +294,7 @@ if [ "$1" = "cln-lightning-rpc-access" ]; then fi echo " -In the BTCPayServer Lightning Wallet settings 'Connect to a Lightning node' page +In the BTCPayServer Lightning Wallet settings 'Connect to a Lightning node' page fill in the 'Connection configuration for your custom Lightning node:' box on with: type=clightning;server=unix:///home/bitcoin/.lightning/bitcoin/lightning-rpc @@ -303,6 +362,10 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo ln -s /mnt/hdd/app-data/.btcpayserver /home/btcpay/ 2>/dev/null sudo chown -R btcpay:btcpay /home/btcpay/.btcpayserver + # POSTGRES + postgresConfig + + # .NET echo echo "# Installing .NET" echo @@ -329,7 +392,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then dotNetName="dotnet-sdk-6.0.101-linux-${binaryVersion}.tar.gz" sudo rm /home/btcpay/${dotnetName} 2>/dev/null - sudo -u btcpay wget "${dotNetdirectLink}" + sudo -u btcpay wget "${dotNetdirectLink}" -O "${dotNetName}" # check binary is was not manipulated (checksum test) actualChecksum=$(sha512sum /home/btcpay/${dotNetName} | cut -d " " -f1) if [ "${actualChecksum}" != "${dotNetChecksum}" ]; then @@ -392,12 +455,13 @@ After=bitcoind.service [Service] WorkingDirectory=/home/btcpay/NBXplorer ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \ - -c Release -p \"NBXplorer/NBXplorer.csproj\" -- \$@ + -c Release --project \"NBXplorer/NBXplorer.csproj\" -- \$@ User=btcpay Group=btcpay Type=simple PIDFile=/run/nbxplorer/nbxplorer.pid Restart=on-failure +RestartSec=20 # Hardening measures PrivateTmp=true @@ -431,17 +495,7 @@ WantedBy=multi-user.target echo "# Because the system is not 'ready' the service 'nbxplorer' will not be started at this point .. its enabled and will start on next reboot" fi - echo - echo "# getting RPC credentials from the bitcoin.conf" - RPC_USER=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcuser | cut -c 9-) - PASSWORD_B=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-) - sudo -u btcpay mkdir -p /home/btcpay/.nbxplorer/Main - echo "\ -btc.rpc.user=$RPC_USER -btc.rpc.password=$PASSWORD_B -" | sudo tee /home/btcpay/.nbxplorer/Main/settings.config - sudo chmod 600 /home/btcpay/.nbxplorer/Main/settings.config - sudo chown btcpay:btcpay /home/btcpay/.nbxplorer/Main/settings.config + NBXplorerConfig # whitelist localhost in bitcoind if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then @@ -464,15 +518,17 @@ btc.rpc.password=$PASSWORD_B cd /home/btcpay || exit 1 echo "# Download the BTCPayServer source code ..." sudo -u btcpay git clone https://github.com/btcpayserver/btcpayserver.git 2>/dev/null - cd btcpayserver + cd btcpayserver || exit 1 sudo -u btcpay git reset --hard $BTCPayVersion # sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \ # "web-flow" "https://github.com/web-flow.gpg" "4AEE18F83AFDEB23" || exit 1 - PGPsigner="Kukks" - PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" - PGPpubkeyFingerprint="8E5530D9D1C93097" - + PGPsigner="nicolasdorier" + PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc" + PGPpubkeyFingerprint="AB4CFA9895ACA0DBE27F6B346618763EF09186FE" + #PGPsigner="Kukks" + #PGPpubkeyLink="https://github.com/${PGPsigner}.gpg" + #PGPpubkeyFingerprint="8E5530D9D1C93097" sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \ "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 @@ -493,7 +549,7 @@ After=nbxplorer.service [Service] ExecStart=/home/btcpay/dotnet/dotnet run --no-launch-profile --no-build \ - -c Release -p \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" \ + -c Release --project \"/home/btcpay/btcpayserver/BTCPayServer/BTCPayServer.csproj\" \ -- --sqlitefile=sqllite.db User=btcpay Group=btcpay @@ -620,6 +676,8 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then sudo userdel -rf btcpay 2>/dev/null if [ ${deleteData} -eq 1 ]; then echo "# deleting data" + sudo -u postgres psql -c "drop database nbxplorermainnet;" + sudo -u postgres psql -c "drop user nbxplorer;" sudo rm -R /mnt/hdd/app-data/.btcpayserver/ else echo "# keeping data" @@ -633,49 +691,58 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then fi if [ "$1" = "update" ]; then + echo "# Update NBXplorer" + cd /home/btcpay || exit 1 + cd NBXplorer || exit 1 + # fetch latest master + if [ "$(sudo -u btcpay git fetch 2>&1 | grep -c "Please tell me who you are")" -gt 0 ]; then + sudo -u btcpay git config user.email "you@example.com" + sudo -u btcpay git config user.name "Your Name" + fi + sudo -u btcpay git fetch + # unset $1 + set -- + UPSTREAM=${1:-'@{u}'} + LOCAL=$(git rev-parse @) + REMOTE=$(git rev-parse "$UPSTREAM") -## don't update NBXplorer until https://github.com/rootzoll/raspiblitz/issues/3055 is solved -# echo "# Update NBXplorer" -# cd /home/btcpay || exit 1 -# cd NBXplorer || exit 1 -# # fetch latest master -# if [ "$(sudo -u btcpay git fetch 2>&1 | grep -c "Please tell me who you are")" -gt 0 ]; then -# sudo -u btcpay git config user.email "you@example.com" -# sudo -u btcpay git config user.name "Your Name" -# fi -# sudo -u btcpay git fetch -# # unset $1 -# set -- -# UPSTREAM=${1:-'@{u}'} -# LOCAL=$(git rev-parse @) -# REMOTE=$(git rev-parse "$UPSTREAM") -# -# if [ $LOCAL = $REMOTE ]; then -# TAG=$(git tag | sort -V | tail -1) -# echo "# Up-to-date on version $TAG" -# else -# echo "# Pulling latest changes..." -# sudo -u btcpay git pull -p -# TAG=$(git tag | sort -V | tail -1) -# echo "# Reset to the latest release tag: $TAG" -# sudo -u btcpay git reset --hard $TAG -# sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \ -# "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 -# echo "# Build NBXplorer ..." -# # from the build.sh with path -# sudo systemctl stop nbxplorer -# sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj -# -# # whitelist localhost in bitcoind -# if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then -# echo "whitelist=127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf -# echo "# Restarting bitcoind" -# sudo systemctl restart bitcoind -# fi -# -# sudo systemctl start nbxplorer -# echo "# Updated NBXplorer to $TAG" -# fi + if [ $LOCAL = $REMOTE ]; then + TAG=$(git tag | sort -V | tail -1) + echo "# Up-to-date on version $TAG" + else + echo "# Pulling latest changes..." + sudo -u btcpay git pull -p + TAG=$(git tag | sort -V | tail -1) + echo "# Reset to the latest release tag: $TAG" + sudo -u btcpay git reset --hard $TAG + PGPsigner="nicolasdorier" + PGPpubkeyLink="https://keybase.io/nicolasdorier/pgp_keys.asc" + PGPpubkeyFingerprint="AB4CFA9895ACA0DBE27F6B346618763EF09186FE" + sudo -u btcpay /home/admin/config.scripts/blitz.git-verify.sh \ + "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1 + echo "# Build NBXplorer ..." + # from the build.sh with path + sudo systemctl stop nbxplorer + sudo -u btcpay /home/btcpay/dotnet/dotnet build -c Release NBXplorer/NBXplorer.csproj + # whitelist localhost in bitcoind + if ! sudo grep -Eq "^whitelist=127.0.0.1" /mnt/hdd/bitcoin/bitcoin.conf;then + echo "whitelist=127.0.0.1" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf + echo "# Restarting bitcoind" + sudo systemctl restart bitcoind + fi + + postgresConfig + + NBXplorerConfig + + sudo systemctl start nbxplorer + echo "# Updated NBXplorer to $TAG" + fi + + # always stop to BtcPayConfig + sudo systemctl stop btcpayserver + + BtcPayConfig echo "# Update BTCPayServer" cd /home/btcpay || exit 1 @@ -712,6 +779,8 @@ if [ "$1" = "update" ]; then sudo systemctl start btcpayserver echo "# Updated BTCPayServer to $TAG" fi + # always start after BtcPayConfig + sudo systemctl start btcpayserver exit 0 fi From 261db5104c69bbb059422bf29443d7c6bef276ad Mon Sep 17 00:00:00 2001 From: openoms <43343391+openoms@users.noreply.github.com> Date: Tue, 12 Jul 2022 13:08:41 +0100 Subject: [PATCH 4/4] make lnd.credentials.sh work for all chains (#3219) --- home.admin/99connectMenu.sh | 10 ++++---- home.admin/99lndRepairMenu.sh | 2 +- home.admin/_bootstrap.sh | 4 +-- home.admin/_provision.setup.sh | 2 +- .../blitz.subscriptions.ip2tor.py | 4 +-- .../config.scripts/bonus.circuitbreaker.sh | 4 +-- home.admin/config.scripts/bonus.faraday.sh | 2 +- home.admin/config.scripts/bonus.lit.sh | 2 +- home.admin/config.scripts/bonus.loop.sh | 2 +- home.admin/config.scripts/bonus.pool.sh | 2 +- home.admin/config.scripts/bonus.zerotier.sh | 4 +-- home.admin/config.scripts/lnd.credentials.sh | 25 ++++++++++++------- 12 files changed, 35 insertions(+), 28 deletions(-) diff --git a/home.admin/99connectMenu.sh b/home.admin/99connectMenu.sh index a7e388e90..7f644bee0 100644 --- a/home.admin/99connectMenu.sh +++ b/home.admin/99connectMenu.sh @@ -64,12 +64,12 @@ case $CHOICE in read key exit 0;; RESET) - sudo /home/admin/config.scripts/lnd.credentials.sh reset - sudo /home/admin/config.scripts/lnd.credentials.sh sync + sudo /home/admin/config.scripts/lnd.credentials.sh reset "${chain:-main}net" + sudo /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" sudo /home/admin/config.scripts/blitz.shutdown.sh reboot exit 0;; SYNC) - sudo /home/admin/config.scripts/lnd.credentials.sh sync + sudo /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" echo "Press ENTER to return to main menu." read key exit 0;; @@ -176,10 +176,10 @@ HiddenServicePort 8333 127.0.0.1:8333" | sudo tee -a /etc/tor/torrc # have this to signal that selection went wrong BITCOINRPCPORT=0 fi - echo "# Running on ${chain}net" + echo "# Running on ${chain:-main}net" echo allowIPrange=$(grep -c "rpcallowip=$localIPrange" < /mnt/hdd/${network}/${network}.conf) - bindIP=$(grep -c "${chain}.rpcbind=$localIP" < /mnt/hdd/${network}/${network}.conf) + bindIP=$(grep -c "${chain:-main}.rpcbind=$localIP" < /mnt/hdd/${network}/${network}.conf) rpcTorService=$(grep -c "HiddenServicePort ${BITCOINRPCPORT} 127.0.0.1:${BITCOINRPCPORT}" < /etc/tor/torrc) TorRPCaddress=$(sudo cat /mnt/hdd/tor/bitcoin${BITCOINRPCPORT}/hostname) diff --git a/home.admin/99lndRepairMenu.sh b/home.admin/99lndRepairMenu.sh index 63245f8e2..244ec6462 100644 --- a/home.admin/99lndRepairMenu.sh +++ b/home.admin/99lndRepairMenu.sh @@ -135,7 +135,7 @@ syncAndCheckLND() # from _provision.setup.sh done # now sync macaroons & TLS to other users - sudo /home/admin/config.scripts/lnd.credentials.sh sync + sudo /home/admin/config.scripts/lnd.credentials.sh sync ${chain}net # make a final lnd check source <(/home/admin/config.scripts/lnd.check.sh basic-setup "${chain}net") diff --git a/home.admin/_bootstrap.sh b/home.admin/_bootstrap.sh index 21ddd32f6..36495ad83 100755 --- a/home.admin/_bootstrap.sh +++ b/home.admin/_bootstrap.sh @@ -901,8 +901,8 @@ fi # make sure users have latest credentials (if lnd is on) if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then echo "running LND users credentials update" >> $logFile - /home/admin/config.scripts/lnd.credentials.sh sync >> $logFile -else + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" >> $logFile +else echo "skipping LND credentials sync" >> $logFile fi diff --git a/home.admin/_provision.setup.sh b/home.admin/_provision.setup.sh index 6d490b451..0d65bb832 100755 --- a/home.admin/_provision.setup.sh +++ b/home.admin/_provision.setup.sh @@ -313,7 +313,7 @@ if [ "${lightning}" == "lnd" ]; then done # now sync macaroons & TLS to other users - /home/admin/config.scripts/lnd.credentials.sh sync >> ${logFile} + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" >> ${logFile} # make a final lnd check source <(/home/admin/config.scripts/lnd.check.sh basic-setup) diff --git a/home.admin/config.scripts/blitz.subscriptions.ip2tor.py b/home.admin/config.scripts/blitz.subscriptions.ip2tor.py index 9f5c91b35..c58c93d46 100755 --- a/home.admin/config.scripts/blitz.subscriptions.ip2tor.py +++ b/home.admin/config.scripts/blitz.subscriptions.ip2tor.py @@ -810,8 +810,8 @@ Message: {1} # if LND REST or LND GRPC service ... add bridge IP to TLS if blitzServiceName == SERVICE_LND_REST_API or blitzServiceName == SERVICE_LND_GRPC_API: os.system("sudo /home/admin/config.scripts/lnd.tlscert.sh ip-add {0}".format(subscription['ip'])) - os.system("sudo /home/admin/config.scripts/lnd.credentials.sh reset tls") - os.system("sudo /home/admin/config.scripts/lnd.credentials.sh sync") + os.system("sudo /home/admin/config.scripts/lnd.credentials.sh reset mainnet tls") + os.system("sudo /home/admin/config.scripts/lnd.credentials.sh sync mainnet") # warn user if not delivered as advertised if subscription['contract_breached']: diff --git a/home.admin/config.scripts/bonus.circuitbreaker.sh b/home.admin/config.scripts/bonus.circuitbreaker.sh index 738a89284..0b30e897b 100755 --- a/home.admin/config.scripts/bonus.circuitbreaker.sh +++ b/home.admin/config.scripts/bonus.circuitbreaker.sh @@ -60,8 +60,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo ln -s /mnt/hdd/app-data/lnd/ /home/circuitbreaker/.lnd # sync all macaroons and unix groups for access - /home/admin/config.scripts/lnd.credentials.sh sync - # macaroons will be checked after install + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" + # macaroons will be checked after install # add user to group with admin access to lnd sudo /usr/sbin/usermod --append --groups lndadmin circuitbreaker diff --git a/home.admin/config.scripts/bonus.faraday.sh b/home.admin/config.scripts/bonus.faraday.sh index 77b56076a..1ebfd3165 100755 --- a/home.admin/config.scripts/bonus.faraday.sh +++ b/home.admin/config.scripts/bonus.faraday.sh @@ -184,7 +184,7 @@ if [ "${mode}" = "on" ] || [ "${mode}" = "1" ]; then # create symlink sudo ln -s /mnt/hdd/app-data/lnd/ /home/faraday/.lnd # sync all macaroons and unix groups for access - /home/admin/config.scripts/lnd.credentials.sh sync + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" # macaroons will be checked after install # add user to group with admin access to lnd sudo /usr/sbin/usermod --append --groups lndadmin faraday diff --git a/home.admin/config.scripts/bonus.lit.sh b/home.admin/config.scripts/bonus.lit.sh index 25606055d..058a8df94 100644 --- a/home.admin/config.scripts/bonus.lit.sh +++ b/home.admin/config.scripts/bonus.lit.sh @@ -95,7 +95,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo ln -s "/mnt/hdd/app-data/lnd/" "/home/lit/.lnd" # sync all macaroons and unix groups for access - /home/admin/config.scripts/lnd.credentials.sh sync + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" # macaroons will be checked after install # add user to group with admin access to lnd diff --git a/home.admin/config.scripts/bonus.loop.sh b/home.admin/config.scripts/bonus.loop.sh index 6bb652baa..24d7b2859 100755 --- a/home.admin/config.scripts/bonus.loop.sh +++ b/home.admin/config.scripts/bonus.loop.sh @@ -84,7 +84,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then sudo -u loop /usr/local/go/bin/go install ./... || exit 1 # sync all macaroons and unix groups for access - /home/admin/config.scripts/lnd.credentials.sh sync + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" # macaroons will be checked after install # add user to group with admin access to lnd diff --git a/home.admin/config.scripts/bonus.pool.sh b/home.admin/config.scripts/bonus.pool.sh index 5c24b7876..b3c103cda 100644 --- a/home.admin/config.scripts/bonus.pool.sh +++ b/home.admin/config.scripts/bonus.pool.sh @@ -165,7 +165,7 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # sudo -u pool /usr/local/go/bin/go install ./... || exit 1 # sync all macaroons and unix groups for access - /home/admin/config.scripts/lnd.credentials.sh sync + /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" # macaroons will be checked after install # add user to group with admin access to lnd diff --git a/home.admin/config.scripts/bonus.zerotier.sh b/home.admin/config.scripts/bonus.zerotier.sh index 762466868..3a9cc0e27 100755 --- a/home.admin/config.scripts/bonus.zerotier.sh +++ b/home.admin/config.scripts/bonus.zerotier.sh @@ -67,8 +67,8 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then # adding zero tier IP to LND TLS cert # sudo /home/admin/config.scripts/lnd.tlscert.sh ip-add 172.X - # sudo /home/admin/config.scripts/lnd.credentials.sh reset tls - # sudo /home/admin/config.scripts/lnd.credentials.sh sync + # sudo /home/admin/config.scripts/lnd.credentials.sh reset "${chain:-main}net" tls + # sudo /home/admin/config.scripts/lnd.credentials.sh sync "${chain:-main}net" else sudo -u admin sudo apt -y purge zerotier-one 1>&2 diff --git a/home.admin/config.scripts/lnd.credentials.sh b/home.admin/config.scripts/lnd.credentials.sh index 349cd5ac1..852ca8a88 100755 --- a/home.admin/config.scripts/lnd.credentials.sh +++ b/home.admin/config.scripts/lnd.credentials.sh @@ -3,14 +3,21 @@ # command info if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "tool to reset or sync credentials (e.g. macaroons)" - echo "lnd.credentials.sh [reset|sync|check] [?tls|macaroons|keepold]" + echo "lnd.credentials.sh [reset|sync|check] " exit 1 fi # load data from config source /mnt/hdd/raspiblitz.conf -# shellcheck disable=SC2154 # gets the ${chain} from the raspiblitz.conf -source <(/home/admin/config.scripts/network.aliases.sh getvars lnd "${chain}net") + +if [ $# -gt 1 ]; then + CHAIN=$2 + chain=${CHAIN::-3} +else + CHAIN=${chain}net +fi + +source <(/home/admin/config.scripts/network.aliases.sh getvars lnd ${CHAIN}) ########################### # FUNCTIONS @@ -50,25 +57,25 @@ done if [ "$1" = "reset" ]; then clear - echo "### lnd.credentials.sh reset" + echo "### lnd.credentials.sh reset ${CHAIN}" # default reset both resetTLS=1 resetMacaroons=1 # optional second paramter to just reset one on them - if [ "$2" == "tls" ]; then + if [ "$3" == "tls" ]; then echo "# just resetting TLS" resetTLS=1 resetMacaroons=0 fi - if [ "$2" == "macaroons" ]; then + if [ "$3" == "macaroons" ]; then echo "# just resetting macaroons" resetTLS=0 resetMacaroons=1 keepOldMacaroons=0 fi - if [ "$2" == "keepold" ]; then + if [ "$3" == "keepold" ]; then echo "# add the missing default macaroons without de-authenticating the old ones" resetTLS=0 resetMacaroons=1 @@ -112,7 +119,7 @@ if [ "$1" = "reset" ]; then echo "# OK DONE" fi - /home/admin/config.scripts/lnd.credentials.sh sync + /home/admin/config.scripts/lnd.credentials.sh sync "${CHAIN}" ########################### # SYNC @@ -172,7 +179,7 @@ elif [ "$1" = "sync" ]; then elif [ "$1" = "check" ]; then check_macaroons "${network}" "${chain}" if [ $missing -gt 0 ]; then - /home/admin/config.scrips/lnd.credentials.sh reset keepold + /home/admin/config.scrips/lnd.credentials.sh reset "${CHAIN}" keepold fi ###########################