diff --git a/CHANGES.md b/CHANGES.md index e3fdd9bdd..c2bbc487e 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -17,6 +17,7 @@ - Update: Electrum Server in Rust (electrs) v0.9.9 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#099-jul-12-2022) - Update: Balance of Satoshis 13.6.0 (BOS) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#1360) - Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox) +- Fixed: SCB/Emergency-Backup to USB drive (now also with cln emergency file) ## What's new in Version 1.8.0c of RaspiBlitz? diff --git a/README.md b/README.md index 679c43fba..4de4e86ab 100644 --- a/README.md +++ b/README.md @@ -760,7 +760,7 @@ If there is a public IP change on your router LND restarts automatically, and wi - [When using Auto-Unlock, how much security do I lose?](FAQ.md#when-using-auto-unlock-how-much-security-do-i-lose) -##### LND StaticChannelBackup on Nextcloud +##### StaticChannel/Emergency-Backup on Nextcloud See [below on this README](README.md#backup-for-on-chain---channel-funds) for your Backup options when it comes to securing your funds against accidental loss. Storing the encrypted Static Channel Backup file to your Nextcloud account is an easy and secure way to do this. @@ -769,12 +769,12 @@ Nextcloud is an open-source project to host your own files: -##### StaticChannelBackup on USB Drive +##### StaticChannel/Emergency-Backup on USB Drive You can connect a small extra USB drive to your RaspiBlitz (choose a small one up to 32GB, don't use second HDD or SSD here as that would drain too much power from the RaspiBlitz). That USB drive will then be used to store your latest StaticChannelBackup, just in case your HDD encounters an error. -##### StaticChannelBackup per SCP/SSH to other server +##### StaticChannel/Emergency-Backup per SCP/SSH to other server An option for more advanced users -- that you only can set directly in the `raspiblitz.conf` -- is the automated backup of the StaticChannelBackup to another server by SSH/SCP. For this you need to set the value: diff --git a/home.admin/00settingsMenuBasics.sh b/home.admin/00settingsMenuBasics.sh index d398c2001..4e1fab5e1 100755 --- a/home.admin/00settingsMenuBasics.sh +++ b/home.admin/00settingsMenuBasics.sh @@ -126,6 +126,13 @@ if [ ${#runBehindTor} -eq 0 ] || [ "${runBehindTor}" = "off" ]; then fi OPTIONS+=(p 'Parallel Testnet/Signet' ${parallelTestnets}) + +# Lightning options (only LND and/or CLN) +if [ "${lndNode}" == "on" ] || [ "${clNode}" == "on" ]; then + OPTIONS+=(x 'SCB/Emergency-Backup on Nextcloud' ${NextcloudBackup}) + OPTIONS+=(e 'SCB/Emergency-Backup USB Drive' ${LocalBackup}) +fi + # LND & options (only when running LND) OPTIONS+=(m 'LND LIGHTNING LABS NODE' ${lndNode}) if [ "${lndNode}" == "on" ]; then @@ -133,8 +140,6 @@ if [ "${lndNode}" == "on" ]; then OPTIONS+=(k '-LND Accept Keysend' ${keysend}) OPTIONS+=(c '-LND Circuitbreaker (firewall)' ${circuitbreaker}) OPTIONS+=(u '-LND Auto-Unlock' ${autoUnlock}) - OPTIONS+=(x '-LND StaticChannelBackup on Nextcloud' ${NextcloudBackup}) - OPTIONS+=(e '-LND StaticChannelBackup USB Drive' ${LocalBackup}) fi # Core Lightning & options/PlugIns diff --git a/home.admin/_background.sh b/home.admin/_background.sh index 376de17af..d91a0c7e0 100755 --- a/home.admin/_background.sh +++ b/home.admin/_background.sh @@ -509,6 +509,110 @@ do fi fi + + # check every 1min for cln + recheckER=0 + if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + recheckER=$(($counter % 60)) + fi + if [ ${recheckER} -eq 1 ]; then + #echo "ER Monitoring ..." + source ${configFile} + source <(/home/admin/config.scripts/network.aliases.sh getvars cl ${chain}net) + # check if emergency.recover exists + erPath=/home/bitcoin/.lightning/${CLNETWORK}/emergency.recover + erExists=$(ls $erPath 2>/dev/null | grep -c 'emergency.recover') + if [ ${erExists} -eq 1 ]; then + + # timestamp backup filename + timestampedFileName=${netprefix}emergency-$(date "+%Y%m%d-%H%M%S").recover + localBackupDir=/home/admin/backups/er + localBackupPath=${localBackupDir}/emergency.recover + localTimestampedPath=${localBackupDir}/${timestampedFileName} + + #echo "Found Channel Backup File .. check if changed .." + md5checksumORG=$(md5sum $erPath 2>/dev/null | head -n1 | cut -d " " -f1) + md5checksumCPY=$(md5sum $localBackupPath 2>/dev/null | head -n1 | cut -d " " -f1) + if [ "${md5checksumORG}" != "${md5checksumCPY}" ]; then + echo "--> Channel Backup File changed" + + # make copy to sd card (as local basic backup) + mkdir -p /home/admin/backups/er/ 2>/dev/null + cp $erPath $localBackupPath + cp $erPath $localTimestampedPath + cp $erPath /boot/${netprefix}emergency.recover + echo "OK emergency.recover copied to '${localBackupPath}' and '${localTimestampedPath}' and '/boot/${netprefix}emergency.recover'" + + # check if a additional local backup target is set + # see ./config.scripts/blitz.backupdevice.sh + if [ "${localBackupDeviceUUID}" != "" ] && [ "${localBackupDeviceUUID}" != "off" ]; then + + # check if device got mounted on "/mnt/backup" (gets mounted by _bootstrap.sh) + backupDeviceExists=$(df | grep -c "/mnt/backup") + if [ ${backupDeviceExists} -gt 0 ]; then + + echo "--> Additional Local Backup Device" + cp ${localBackupPath} /mnt/backup/ + cp ${localTimestampedPath} /mnt/backup/ + + # check results + result=$? + if [ ${result} -eq 0 ]; then + echo "OK - Successful Copy to additional Backup Device" + else + echo "FAIL - Copy to additional Backup Device exited with ${result}" + fi + + else + echo "FAIL - BackupDrive mount - check if device is connected & UUID is correct" >> $logFile + fi + fi + + # check if a SFTP backup target is set + # parameter in raspiblitz.conf: + # sftpBackupTarget='[USER]@[SERVER]:[DIRPATH-WITHOUT-ENDING-/]' + # optionally a custom option string for the sftp command can be set with + # sftpBackupOptions='[YOUR-CUSTOM-OPTIONS]' + # On target server add the public key of your RaspiBlitz to the authorized_keys for the user + # https://www.linode.com/docs/security/authentication/use-public-key-authentication-with-ssh/ + if [ ${#sftpBackupTarget} -gt 0 ]; then + echo "--> Offsite-Backup SFTP Server" + if [ "${sftpBackupOptions}" == "" ]; then + sftpBackupOptions="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + fi + # its ok to ignore known host, because data is encrypted (worst case of MiM would be: no offsite channel backup) + # but its more likely that without ignoring known host, script might not run thru and that way: no offsite channel backup + sftp ${sftpBackupOptions} ${localBackupPath} ${sftpBackupTarget}/ + sftp ${sftpBackupOptions} ${localTimestampedPath} ${sftpBackupTarget}/ + result=$? + if [ ${result} -eq 0 ]; then + echo "OK - SFTP Backup exited with 0" + else + echo "FAIL - SFTP Backup exited with ${result}" + fi + fi + + # check if Nextcloud backups are enabled + if [ $nextcloudBackupServer ] && [ $nextcloudBackupUser ] && [ $nextcloudBackupPassword ]; then + echo "--> Offsite-Backup Nextcloud" + source <(/home/admin/config.scripts/nextcloud.upload.sh upload ${localBackupPath}) + source <(/home/admin/config.scripts/nextcloud.upload.sh upload ${localTimestampedPath}) + if [ ${#err} -gt 0 ]; then + echo "FAIL - ${err}" + else + echo "OK - ${upload}" + fi + fi + + #else + # echo "Channel Backup File not changed." + fi + #else + # echo "No Channel Backup File .." + fi + fi + + ############################### # SUBSCRIPTION RENWES ############################### diff --git a/home.admin/config.scripts/blitz.backupdevice.sh b/home.admin/config.scripts/blitz.backupdevice.sh index bfacc73af..64682f5a2 100755 --- a/home.admin/config.scripts/blitz.backupdevice.sh +++ b/home.admin/config.scripts/blitz.backupdevice.sh @@ -37,18 +37,19 @@ if [ "$1" = "status" ]; then # get info on possible already existing BTRFS RAID1 usb drive source <(sudo /home/admin/config.scripts/blitz.datadrive.sh status) - + # get all the devices that are not mounted and possible candidates drivecounter=0 for disk in $(lsblk -o NAME,TYPE | grep "disk" | awk '$1=$1' | cut -d " " -f 1) do devMounted=$(lsblk -o MOUNTPOINT,NAME | grep "$disk" | grep -c "^/") - # is raid candidate when: not mounted & not the data drive candidate (hdd/ssd) & not BTRFS RAID - if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${disk}" != "${raidUsbDev}" ]; then + # is raid candidate when: not mounted & not the data drive candidate (hdd/ssd) & not BTRFS RAID & not zram + if [ "${devMounted}" -eq 0 ] && [ "${disk}" != "${hdd}" ] && \ + [ "${disk}" != "${raidUsbDev}" ] && ! echo "${disk}" | grep "zram" 1>/dev/null; then sizeBytes=$(lsblk -o NAME,SIZE -b | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2) sizeGigaBytes=$(echo "scale=0; ${sizeBytes}/1024/1024/1024" | bc -l) - vedorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2) - mountoption="${disk} ${sizeGigaBytes} GB ${vedorname}" + vendorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2) + mountoption="${disk} ${sizeGigaBytes} GB ${vendorname}" echo "backupCandidate[${drivecounter}]='${mountoption}'" drivecounter=$(($drivecounter +1)) fi @@ -60,7 +61,7 @@ if [ "$1" = "status" ]; then fi # check if started with sudo -if [ "$EUID" -ne 0 ]; then +if [ "$EUID" -ne 0 ]; then echo "error='missing sudo'" exit 1 fi @@ -90,7 +91,7 @@ if [ "$1" = "on" ]; then if [ ${backupCandidates} -eq 0 ]; then dialog --title ' Adding Backup Device ' --msgbox 'Please connect now the backup device\nFor example a thumb drive bigger than 120 MB.\nDont use a second HDD/SSD for that.\nBest on a USB2 port (not the blue ones).\nThen press OK.' 9 50 clear - echo + echo echo "detecting device ... (please wait)" sleep 3 source <(sudo /home/admin/config.scripts/blitz.backupdevice.sh status) @@ -179,8 +180,15 @@ THIS WILL DELETE ALL DATA ON THAT DEVICE! echo "error='failed to mount'" fi - # copy SCB over - cp /mnt/hdd/lnd/data/chain/${network}/${chain}net/channel.backup /mnt/backup/channel.backup 1>&2 + if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then + # copy SCB over + cp /mnt/hdd/lnd/data/chain/${network}/${chain}net/channel.backup /mnt/backup/channel.backup 1>&2 + fi + if [ "${lightning}" == "cl" ] || [ "${cl}" == "on" ]; then + # copy ER over + source <(/home/admin/config.scripts/network.aliases.sh getvars cl ${chain}net) + cp /home/bitcoin/.lightning/${CLNETWORK}/emergency.recover /mnt/backup/${netprefix}emergency.recover 1>&2 + fi if [ ${userinteraction} -eq 1 ]; then if [ ${isMounted} -eq 0 ]; then diff --git a/home.admin/config.scripts/blitz.datadrive.sh b/home.admin/config.scripts/blitz.datadrive.sh index dd1da5047..d5c4c7cd7 100755 --- a/home.admin/config.scripts/blitz.datadrive.sh +++ b/home.admin/config.scripts/blitz.datadrive.sh @@ -518,7 +518,7 @@ if [ "$1" = "status" ]; then do devMounted=$(lsblk -o MOUNTPOINT,NAME | grep "$disk" | grep -c "^/") # is raid candidate when not mounted and not the data drive candidate (hdd/ssd) - if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${hdd}" != "" ] && [ "${disk}" != "" ]; then + if [ ${devMounted} -eq 0 ] && [ "${disk}" != "${hdd}" ] && [ "${hdd}" != "" ] && [ "${disk}" != "" ] && [ "${disk}" != "zram0" ]; then sizeBytes=$(lsblk -o NAME,SIZE -b | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2) sizeGigaBytes=$(echo "scale=0; ${sizeBytes}/1024/1024/1024" | bc -l) vedorname=$(lsblk -o NAME,VENDOR | grep "^${disk}" | awk '$1=$1' | cut -d " " -f 2 | sed 's/[^a-zA-Z0-9]//g')