highperfocused/raspiblitz
1
0
Fork 0
mirror of https://github.com/raspiblitz/raspiblitz.git synced 2025-09-27 12:06:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2536 from openoms/remove-_tor-lnd

Browse Source 
Tor: remove tor@lnd instance
LND: activate SIGNET
This commit is contained in:
openoms
2021-09-13 10:38:59 +01:00
committed by GitHub
parent 0d8b69c361 d671aae4be
commit f78606a42e
6 changed files with 23 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
home.admin/99systemMenu.sh
View File

@@ -162,7 +162,7 @@ case $CHOICE in
btc-rpc-explorer, btcpayserver, circuitbreaker, btc-rpc-explorer, btcpayserver, circuitbreaker,
specter, getty@tty1, electrs, litd, specter, getty@tty1, electrs, litd,
lnbits, mempool, nbxlorer, nginx, RTL, telegraf, lnbits, mempool, nbxlorer, nginx, RTL, telegraf,
thunderhub, tor@default, tor@lnd, tor thunderhub, tor@default, tor
" "
echo "Type the name of the service you would like to monitor:" echo "Type the name of the service you would like to monitor:"
read SERVICE read SERVICE
@@ -180,7 +180,7 @@ thunderhub, tor@default, tor@lnd, tor
btc-rpc-explorer, btcpayserver, circuitbreaker, btc-rpc-explorer, btcpayserver, circuitbreaker,
specter, getty@tty1, electrs, litd, specter, getty@tty1, electrs, litd,
lnbits, mempool, nbxlorer, nginx, RTL, telegraf, lnbits, mempool, nbxlorer, nginx, RTL, telegraf,
thunderhub, tor@default, tor@lnd, tor thunderhub, tor@default, tor
" "
echo "Type the name of the service you would like to restart:" echo "Type the name of the service you would like to restart:"
read SERVICE read SERVICE

3
home.admin/_provision.setup.sh
View File

@@ -215,9 +215,6 @@ if [ "${lightning}" == "lnd" ]; then
sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile} sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service >> ${logFile}
sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service >> ${logFile} sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service >> ${logFile}
# make sure LND starts with Tor by default
sudo /home/admin/config.scripts/internet.tor.sh lndconf-on >> ${logFile}
# start lnd up # start lnd up
echo "Starting LND Service ..." >> ${logFile} echo "Starting LND Service ..." >> ${logFile}
sudo systemctl enable lnd >> ${logFile} sudo systemctl enable lnd >> ${logFile}

107
home.admin/config.scripts/internet.tor.sh
View File

@@ -13,7 +13,7 @@
# command info # command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "script to switch Tor on or off" echo "script to switch Tor on or off"
echo "internet.tor.sh [status|on|off|btcconf-on|btcconf-off|lndconf-on|update]" echo "internet.tor.sh [status|on|off|btcconf-on|btcconf-off|update]"
exit 1 exit 1
fi fi
@@ -69,96 +69,6 @@ deactivateBitcoinOverTOR()
sudo chown admin:admin /home/admin/.${network}/${network}.conf sudo chown admin:admin /home/admin/.${network}/${network}.conf
} }
activateLndOverTOR()
{
echo "*** Putting LND behind Tor ***"
lndExists=$(sudo ls /etc/systemd/system/lnd.service | grep -c "lnd.service")
if [ ${lndExists} -gt 0 ]; then
# lnd-tor instance
# https://www.torservers.net/wiki/setup/server#multiple_tor_processes
NODENAME="lnd"
SOCKSPORT=9070
CONTROLPORT=$((SOCKSPORT+1))
echo "# Creating a dedicated Tor instance for $NODENAME"
sudo tor-instance-create $NODENAME
echo "# Make sure the user bitcoin is in the _tor-$NODENAME group"
sudo usermod -a -G _tor-$NODENAME bitcoin
# create tor data directory if it not exist
if [ ! -d "/mnt/hdd/tor-$NODENAME" ]; then
echo "# - creating tor data directory"
sudo mkdir -p /mnt/hdd/tor-$NODENAME
sudo mkdir -p /mnt/hdd/tor-$NODENAME/sys
else
echo "# - /mnt/hdd/tor-$NODENAME data directory exists"
fi
# make sure its the correct owner
sudo chmod -R 700 /mnt/hdd/tor-$NODENAME
sudo chown -R _tor-$NODENAME:_tor-$NODENAME /mnt/hdd/tor-$NODENAME
echo "
### torrc for tor@$NODENAME
### https://github.com/lightningnetwork/lnd/blob/master/docs/configuring_tor.md
DataDirectory /mnt/hdd/tor-$NODENAME/sys
PidFile /mnt/hdd/tor-$NODENAME/sys/tor.pid
SocksPort $SOCKSPORT
ControlPort $CONTROLPORT
CookieAuthentication 1
CookieAuthFileGroupReadable 1
SafeLogging 1
Log notice stdout
Log notice file /mnt/hdd/tor-$NODENAME/notice.log
Log info file /mnt/hdd/tor-$NODENAME/info.log
" | sudo tee /etc/tor/instances/$NODENAME/torrc
sudo chmod 644 /etc/tor/instances/$NODENAME/torrc
sudo mkdir -p /etc/systemd/system/tor@$NODENAME.service.d
sudo tee /etc/systemd/system/tor@$NODENAME.service.d/raspiblitz.conf >/dev/null <<EOF
# DO NOT EDIT! This file is generated by raspiblitz and will be overwritten
[Service]
ReadWriteDirectories=-/mnt/hdd/tor-$NODENAME
[Unit]
After=network.target nss-lookup.target mnt-hdd.mount
EOF
echo "Setup logrotate"
# add logrotate config for modified Tor dir on ext. disk
sudo tee /etc/logrotate.d/raspiblitz-tor-$NODENAME >/dev/null <<EOF
/mnt/hdd/tor-$NODENAME/*log {
daily
rotate 5
compress
delaycompress
missingok
notifempty
create 0640 _tor-$NODENAME _tor-$NODENAME
sharedscripts
postrotate
if invoke-rc.d tor status > /dev/null; then
invoke-rc.d tor reload > /dev/null
fi
endscript
}
EOF
sudo systemctl daemon-reload
sudo systemctl enable tor@$NODENAME
sudo systemctl start tor@$NODENAME
echo "# OK"
echo
else
echo "# LND service not found (yet) - try with 'internet.tor.sh lndconf-on' again later"
fi
}
# check and load raspiblitz config # check and load raspiblitz config
# to know which network is running # to know which network is running
if [ -f "/home/admin/raspiblitz.info" ]; then if [ -f "/home/admin/raspiblitz.info" ]; then
@@ -200,12 +110,6 @@ if [ "$1" = "btcconf-off" ]; then
exit 0 exit 0
fi fi
# if started with lndconf-on
if [ "$1" = "lndconf-on" ]; then
activateLndOverTOR
exit 0
fi
# add default value to raspi config if needed # add default value to raspi config if needed
checkTorEntry=$(sudo cat /mnt/hdd/raspiblitz.conf | grep -c "runBehindTor") checkTorEntry=$(sudo cat /mnt/hdd/raspiblitz.conf | grep -c "runBehindTor")
if [ ${checkTorEntry} -eq 0 ]; then if [ ${checkTorEntry} -eq 0 ]; then
@@ -299,9 +203,7 @@ HiddenServicePort 80 127.0.0.1:80
# NOTE: since Bitcoin Core v0.21.0 sets up a v3 Tor service automatically # NOTE: since Bitcoin Core v0.21.0 sets up a v3 Tor service automatically
# see /mnt/hdd/bitcoin for the onion private key - delete and restart bitcoind to reset # see /mnt/hdd/bitcoin for the onion private key - delete and restart bitcoind to reset
# NOTE: LND is using a separate Tor instance: tor@lnd # NOTE: LND onion private key at /mnt/hdd/lnd/v3_onion_private_key
# find the torrc at /etc/tor/instances/lnd/torrc
# onion private key at /mnt/hdd/lnd/v3_onion_private_key
# Hidden Service for LND RPC # Hidden Service for LND RPC
HiddenServiceDir /mnt/hdd/tor/lndrpc10009/ HiddenServiceDir /mnt/hdd/tor/lndrpc10009/
@@ -341,9 +243,6 @@ EOF
# ACTIVATE BITCOIN OVER TOR (function call) # ACTIVATE BITCOIN OVER TOR (function call)
activateBitcoinOverTOR activateBitcoinOverTOR
# ACTIVATE LND OVER TOR (function call)
activateLndOverTOR
# ACTIVATE APPS OVER TOR # ACTIVATE APPS OVER TOR
source /mnt/hdd/raspiblitz.conf 2>/dev/null source /mnt/hdd/raspiblitz.conf 2>/dev/null
if [ "${BTCRPCexplorer}" = "on" ]; then if [ "${BTCRPCexplorer}" = "on" ]; then
@@ -424,7 +323,6 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
# disable TOR service # disable TOR service
echo "# *** Disable Tor service ***" echo "# *** Disable Tor service ***"
sudo systemctl disable tor@default sudo systemctl disable tor@default
sudo systemctl disable tor@lnd
echo "" echo ""
# DEACTIVATE BITCOIN OVER TOR (function call) # DEACTIVATE BITCOIN OVER TOR (function call)
@@ -459,7 +357,6 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
echo "# *** Stop Tor service ***" echo "# *** Stop Tor service ***"
sudo systemctl stop tor@default sudo systemctl stop tor@default
sudo systemctl stop tor@lnd
echo "" echo ""
if [ "$2" == "clear" ]; then if [ "$2" == "clear" ]; then

4
home.admin/config.scripts/lnd.check.sh
View File

@@ -188,8 +188,8 @@ if [ "$1" == "prestart" ]; then
" | tee -a ${lndConfFile} " | tee -a ${lndConfFile}
fi fi
setting ${lndConfFile} ${insertLine} "tor.control" "9071" setting ${lndConfFile} ${insertLine} "tor.control" "9051"
setting ${lndConfFile} ${insertLine} "tor.socks" "9070" setting ${lndConfFile} ${insertLine} "tor.socks" "9050"
setting ${lndConfFile} ${insertLine} "tor.privatekeypath" "\/mnt\/hdd\/lnd\/${netprefix}v3_onion_private_key" setting ${lndConfFile} ${insertLine} "tor.privatekeypath" "\/mnt\/hdd\/lnd\/${netprefix}v3_onion_private_key"
setting ${lndConfFile} ${insertLine} "tor.streamisolation" "true" setting ${lndConfFile} ${insertLine} "tor.streamisolation" "true"
setting ${lndConfFile} ${insertLine} "tor.v3" "true" setting ${lndConfFile} ${insertLine} "tor.v3" "true"

2
home.admin/config.scripts/lnd.initwallet.py
View File

@@ -269,8 +269,6 @@ def main():
grpcEndpoint="localhost:11009" grpcEndpoint="localhost:11009"
elif network == "signet": elif network == "signet":
grpcEndpoint="localhost:13009" grpcEndpoint="localhost:13009"
print("err='lnd does not support signet yet'")
sys.exit(1)
else: else:
print("err='chain not supported'") print("err='chain not supported'")
sys.exit(1) sys.exit(1)

26
home.admin/config.scripts/lnd.install.sh
View File

@@ -13,12 +13,8 @@ fi
# CHAIN is signet | testnet | mainnet # CHAIN is signet | testnet | mainnet
CHAIN=$2 CHAIN=$2
if [ ${CHAIN} = testnet ]||[ ${CHAIN} = mainnet ];then if [ ${CHAIN} = testnet ]||[ ${CHAIN} = mainnet ]||[ ${CHAIN} = signet ];then
echo "# Configuring the LND instance on ${CHAIN}" echo "# Configuring the LND instance on ${CHAIN}"
elif [ ${CHAIN} = signet ]; then
echo "# Signet is not yet supported in LND"
echo "# see https://github.com/lightningnetwork/lnd/issues/5018"
exit 1
else else
echo "# ${CHAIN} is not supported" echo "# ${CHAIN} is not supported"
exit 1 exit 1
@@ -86,6 +82,18 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
sudo ufw allow ${portprefix}8080 comment '${netprefix}lnd REST' sudo ufw allow ${portprefix}8080 comment '${netprefix}lnd REST'
sudo ufw allow 1${rpcportmod}009 comment '${netprefix}lnd RPC' sudo ufw allow 1${rpcportmod}009 comment '${netprefix}lnd RPC'
echo "# Prepare directories"
if [ ! -d /mnt/hdd/lnd ]; then
echo "# Creating /mnt/hdd/lnd"
sudo mkdir /mnt/hdd/lnd
fi
sudo chown -R bitcoin:bitcoin /mnt/hdd/lnd
if [ ! -L /home/bitcoin/.lnd ];then
echo "# Linking lnd for user bitcoin"
sudo rm /home/bitcoin/.lnd 2>/dev/null
sudo ln -s /mnt/hdd/lnd /home/bitcoin/.lnd
fi
echo "# Create /home/bitcoin/.lnd/${netprefix}lnd.conf" echo "# Create /home/bitcoin/.lnd/${netprefix}lnd.conf"
if [ ! -f /home/bitcoin/.lnd/${netprefix}lnd.conf ];then if [ ! -f /home/bitcoin/.lnd/${netprefix}lnd.conf ];then
echo "# LND configuration echo "# LND configuration
@@ -172,17 +180,17 @@ alias ${netprefix}lncli=\"sudo -u bitcoin /usr/local/bin/lncli\
else else
passwordC="raspiblitz" passwordC="raspiblitz"
fi fi
source <(sudo /home/admin/config.scripts/lnd.initwallet.py new mainnet ${passwordC}) source <(sudo /home/admin/config.scripts/lnd.initwallet.py new ${CHAIN} ${passwordC})
if [ "${err}" != "" ]; then if [ "${err}" != "" ]; then
clear clear
echo "# !!! LND mainnet wallet creation failed" echo "# !!! LND ${CHAIN} wallet creation failed"
echo "# ${err}" echo "# ${err}"
echo "# press ENTER to continue" echo "# press ENTER to continue"
read key read key
else else
seedFile="/mnt/hdd/lnd/data/chain/${network}/${CHAIN}/seedwords.info" seedFile="/mnt/hdd/lnd/data/chain/${network}/${CHAIN}/seedwords.info"
echo "seedwords='${seedwords}'" > ${seedFile} echo "seedwords='${seedwords}'" | sudo tee ${seedFile}
echo "seedwords6x4='${seedwords6x4}'" >> ${seedFile} echo "seedwords6x4='${seedwords6x4}'" | sudo tee -a ${seedFile}
fi fi
fi fi