From 15d52fada0538d40b3c51640821dec8309f49903 Mon Sep 17 00:00:00 2001 From: rootzoll Date: Mon, 20 Jul 2020 00:12:01 +0200 Subject: [PATCH 1/6] rename id to domain --- .../blitz.subscriptions.letsencrypt.py | 24 +++++++++---------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py b/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py index 80d49b50c..66934cfe3 100644 --- a/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py +++ b/home.admin/config.scripts/blitz.subscriptions.letsencrypt.py @@ -109,15 +109,14 @@ def duckdns_update(domain, token, ip): # PROCESS FUNCTIONS ##################### -def subscriptions_new(ip, dnsservice, id, token, target): - # id needs to be the full domain name - if id.find(".") == -1: - # ToDo(frennkie) dnsservice_id doesn't exit - raise BlitzError("not a fully qualified domain name", dnsservice_id) +def subscriptions_new(ip, dnsservice, domain, token, target): + # domain needs to be the full domain name + if domain.find(".") == -1: + raise BlitzError("not a fully qualified domain name", domain) - # check if id already exists - if len(get_subscription(id)) > 0: - raise BlitzError("id already exists", id) + # check if domain already exists + if len(get_subscription(domain)) > 0: + raise BlitzError("domain already exists", domain) # make sure lets encrypt client is installed os.system("/home/admin/config.scripts/bonus.letsencrypt.sh on") @@ -127,9 +126,8 @@ def subscriptions_new(ip, dnsservice, id, token, target): if ip == "dyndns": update_url = "" if dnsservice == "duckdns": - # ToDo(frennkie) domain doesn't exit update_url = "https://www.duckdns.org/update?domains={0}&token={1}".format(get_subdomain(domain), token, ip) - subprocess.run(['/home/admin/config.scriprs/internet.dyndomain.sh', 'on', id, update_url], + subprocess.run(['/home/admin/config.scriprs/internet.dyndomain.sh', 'on', domain, update_url], stdout=subprocess.PIPE).stdout.decode('utf-8').strip() real_ip = cfg.public_ip @@ -140,9 +138,9 @@ def subscriptions_new(ip, dnsservice, id, token, target): # create subscription data for storage subscription = dict() subscription['type'] = "letsencrypt-v1" - subscription['id'] = id + subscription['id'] = domain subscription['active'] = True - subscription['name'] = "{0} for {1}".format(dnsservice, id) + subscription['name'] = "{0} for {1}".format(dnsservice, domain) subscription['dnsservice_type'] = dnsservice subscription['dnsservice_token'] = token subscription['ip'] = ip @@ -174,7 +172,7 @@ def subscriptions_new(ip, dnsservice, id, token, target): # run the ACME script print("# Running letsencrypt ACME script ...") acme_result = subprocess.Popen( - ["/home/admin/config.scripts/bonus.letsencrypt.sh", "issue-cert", dnsservice, id, token, target], + ["/home/admin/config.scripts/bonus.letsencrypt.sh", "issue-cert", dnsservice, domain, token, target], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, encoding='utf8') out, err = acme_result.communicate() eprint(str(out)) From aa57cb1dd17c00adf3b5e7564c7e11fb30373460 Mon Sep 17 00:00:00 2001 From: frennkie Date: Mon, 20 Jul 2020 12:13:53 +0200 Subject: [PATCH 2/6] Update lnd.unlock.sh --- home.admin/config.scripts/lnd.unlock.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home.admin/config.scripts/lnd.unlock.sh b/home.admin/config.scripts/lnd.unlock.sh index 575a91a4b..3d76520d6 100644 --- a/home.admin/config.scripts/lnd.unlock.sh +++ b/home.admin/config.scripts/lnd.unlock.sh @@ -107,7 +107,7 @@ while [ ${fallback} -eq 0 ] done -# FALBACK LND CLI UNLOCK +# FALLBACK LND CLI UNLOCK walletLocked=1 while [ ${walletLocked} -gt 0 ] do From 6a58cc6f29aa9b2bec3f2d849812ac6d98ac4da0 Mon Sep 17 00:00:00 2001 From: rootzoll Date: Mon, 20 Jul 2020 14:52:57 +0200 Subject: [PATCH 3/6] RC3 SD Card Image Release --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2c61d2e89..bd742956b 100644 --- a/README.md +++ b/README.md @@ -122,11 +122,11 @@ Your SD-card needs to contain the RaspiBlitz software. You can take the long roa THIS IS A RELEASE CANDIDATE - NOT THE FINAL VERSION - DONT USE FOR A PRODUCTION NODE! -Browser: https://raspiblitz.org/raspiblitz-v1.6rc2-2020-07-06.img.gz +Browser: https://raspiblitz.org/raspiblitz-v1.6rc3-2020-07-20.img.gz Torrent: [TODO] -SHA-256: 2b578caa14fcff28e490366a4ad97c6095e12be8e357fcd0ed95db1bd9342afb or [SIGNATURE](https://todo) +SHA-256: 13de2dbfd5d92e8daab8e814dc8c4a575da962a505ea5014904d89df042236ce or [SIGNATURE](https://todo) * [Whats new in Version 1.6 of RaspiBlitz?](FAQ.md#whats-new-in-version-16-of-raspiblitz) * [How to update my RaspiBlitz?](README.md#updating-raspiblitz-to-new-version) From 30a5de2cfbd40b246c873117c9b797654b53f183 Mon Sep 17 00:00:00 2001 From: Robert Habermann Date: Mon, 20 Jul 2020 16:31:36 +0200 Subject: [PATCH 4/6] fix error + major refactor --- .../config.scripts/internet.sshtunnel.py | 176 +++++++++--------- 1 file changed, 92 insertions(+), 84 deletions(-) diff --git a/home.admin/config.scripts/internet.sshtunnel.py b/home.admin/config.scripts/internet.sshtunnel.py index 146c478f3..007b6735d 100755 --- a/home.admin/config.scripts/internet.sshtunnel.py +++ b/home.admin/config.scripts/internet.sshtunnel.py @@ -1,7 +1,8 @@ #!/usr/bin/python3 -import sys, subprocess, re -from pathlib import Path +import re +import subprocess +import sys # IDEA: At the momemt its just Reverse-SSh Tunnels thats why [INTERNAL-PORT]<[EXTERNAL-PORT] # For the future also just local ssh tunnels could be added with [INTERNAL-PORT]-[EXTERNAL-PORT] @@ -19,9 +20,9 @@ if len(sys.argv) <= 1 or sys.argv[1] == "-h" or sys.argv[1] == "help": # sudo journalctl -f -u autossh-tunnel # -SERVICENAME="autossh-tunnel.service" -SERVICEFILE="/etc/systemd/system/"+SERVICENAME -SERVICETEMPLATE="""# see config script internet.sshtunnel.py +SERVICE_NAME = "autossh-tunnel.service" +SERVICE_FILE = "/etc/systemd/system/" + SERVICE_NAME +SERVICE_TEMPLATE = """# see config script internet.sshtunnel.py [Unit] Description=AutoSSH tunnel service After=network.target @@ -38,35 +39,22 @@ WantedBy=multi-user.target """ # get LND port form lnd.conf -LNDPORT = subprocess.getoutput("sudo cat /mnt/hdd/lnd/lnd.conf | grep '^listen=*' | cut -f2 -d':'") -if len(LNDPORT) == 0: - LNDPORT="9735" +LND_PORT = subprocess.getoutput("sudo cat /mnt/hdd/lnd/lnd.conf | grep '^listen=*' | cut -f2 -d':'") +if len(LND_PORT) == 0: + LND_PORT = "9735" - -# -# RESTORE = SWITCHING ON with restore flag on -# on restore other external scripts dont need calling -# - -forwardingLND = False -restoringOnUpdate = False -if sys.argv[1] == "restore": - print("internet.sshtunnel.py -> running with restore flag") - sys.argv[1] = "on" - restoringOnUpdate = True - -# +####################### # SWITCHING ON -# - -if sys.argv[1] == "on": +####################### +def on(restore_on_update=False): + forwarding_lnd = False # check if already running - isRunning = subprocess.getoutput("sudo systemctl --no-pager | grep -c '%s'" % (SERVICENAME)) - if int(isRunning) > 0: - print("SSH TUNNEL SERVICE IS RUNNING - run 'internet.sshtunnel.py off' first to set new tunnel") - sys.exit(1) + is_running = subprocess.getoutput("sudo systemctl --no-pager | grep -c '{}'".format(SERVICE_NAME)) + if int(is_running) > 0: + print("SSH TUNNEL SERVICE IS RUNNING - run 'internet.sshtunnel.py off' first to set new tunnel") + sys.exit(1) # check server address if len(sys.argv) < 3: @@ -85,13 +73,14 @@ if sys.argv[1] == "on": ssh_server_port = ssh_server_split[1] else: print("[USER]@[SERVER:PORT] wrong - use 'internet.sshtunnel.py -h' for help") + sys.exit(1) - # genenate additional parameter for autossh (forwarding ports) + # generate additional parameter for autossh (forwarding ports) if len(sys.argv) < 4: print("[INTERNAL-PORT]<[EXTERNAL-PORT] missing") sys.exit(1) - ssh_ports="" - additional_parameters="" + ssh_ports = "" + additional_parameters = "" i = 3 while i < len(sys.argv): @@ -101,101 +90,108 @@ if sys.argv[1] == "on": sys.exit(1) # get ports - sys.argv[i] = re.sub('"','', sys.argv[i] ) + sys.argv[i] = re.sub('"', '', sys.argv[i]) ports = sys.argv[i].split("<") port_internal = ports[0] port_external = ports[1] - if port_internal.isdigit() == False: + if not port_internal.isdigit(): print("[INTERNAL-PORT]<[EXTERNAL-PORT] internal not number '%s'" % (sys.argv[i])) sys.exit(1) - if port_external.isdigit() == False: + if not port_external.isdigit(): print("[INTERNAL-PORT]<[EXTERNAL-PORT] external not number '%s'" % (sys.argv[i])) - sys.exit(1) - if port_internal == LNDPORT: + sys.exit(1) + if port_internal == LND_PORT: print("Detected LND Port Forwarding") - forwardingLND = True + forwarding_lnd = True if port_internal != port_external: - print("FAIL: When tunneling your local LND port '%s' it needs to be the same on the external server, but is '%s'" % (LNDPORT, port_external)) - print("Try again by using the same port. If you cant change the external port, change local LND port with: /home/admin/config.scripts/lnd.setport.sh") + print("FAIL: When tunneling your local LND port " + "'{}' it needs to be the same on the external server, but is '{}'".format(LND_PORT, + port_external)) + print( + "Try again by using the same port. If you cant change the external port, " + "change local LND port with: /home/admin/config.scripts/lnd.setport.sh") sys.exit(1) ssh_ports = ssh_ports + "\"%s\" " % (sys.argv[i]) - additional_parameters= additional_parameters + "-R %s:localhost:%s " % (port_external, port_internal) + additional_parameters = additional_parameters + "-R %s:localhost:%s " % (port_external, port_internal) i = i + 1 - # genenate additional parameter for autossh (server) + # generate additional parameter for autossh (server) ssh_ports = ssh_ports.strip() - additional_parameters = additional_parameters + "-p " + ssh_server_port + " " + ssh_server_host + additional_parameters = additional_parameters + "-p " + ssh_server_port + " " + ssh_server_host # generate custom service config - service_data = SERVICETEMPLATE.replace("[PLACEHOLDER]", additional_parameters) + service_data = SERVICE_TEMPLATE.replace("[PLACEHOLDER]", additional_parameters) # debug print out service print() - print("*** New systemd service: %s" % (SERVICENAME)) + print("*** New systemd service: {}".format(SERVICE_NAME)) print(service_data) # write service file service_file = open("/home/admin/temp.service", "w") service_file.write(service_data) service_file.close() - subprocess.call("sudo mv /home/admin/temp.service %s" % (SERVICEFILE), shell=True) + subprocess.call("sudo mv /home/admin/temp.service {}".format(SERVICE_FILE), shell=True) # check if SSH keys for root user need to be created print() print("*** Checking root SSH pub keys") - ssh_pubkey="" try: ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True) print("OK - root id_rsa.pub file exists") - except subprocess.CalledProcessError as e: + except subprocess.CalledProcessError: print("Generating root SSH keys ...") - subprocess.call("sudo sh -c 'yes y | sudo -u root ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N \"\"'", shell=True) + subprocess.call("sudo sh -c 'yes y | sudo -u root ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N \"\"'", + shell=True) ssh_pubkey = subprocess.check_output("sudo cat /root/.ssh/id_rsa.pub", shell=True, universal_newlines=True) - + # copy SSH keys for backup (for update with new sd card) print("making backup copy of SSH keys") subprocess.call("sudo cp -r /root/.ssh /mnt/hdd/ssh/root_backup", shell=True) print("DONE") - + # write ssh tunnel data to raspiblitz config (for update with new sd card) print("*** Updating RaspiBlitz Config") with open('/mnt/hdd/raspiblitz.conf') as f: file_content = f.read() if file_content.count("sshtunnel=") == 0: - file_content = file_content+"\nsshtunnel=''" + file_content = file_content + "\nsshtunnel=''" file_content = re.sub("sshtunnel=.*", "sshtunnel='%s %s'" % (ssh_server, ssh_ports), file_content) - if restoringOnUpdate == False: - serverdomain=ssh_server.split("@")[1] - ssh_server = serverdomain + if not restore_on_update: + server_domain = ssh_server.split("@")[1] + + ssh_server = server_domain if ssh_server.count(":") == 0: ssh_server_host = ssh_server - ssh_server_port = "22" + ssh_server_port = "22" # ToDo(frennkie) this is not used elif ssh_server.count(":") == 1: ssh_server_split = ssh_server.split(":") ssh_server_host = ssh_server_split[0] - ssh_server_port = ssh_server_split[1] + ssh_server_port = ssh_server_split[1] # ToDo(frennkie) this is not used else: print("syntax error!") sys.exit(1) - # make sure serverdomain is set as tls alias + # make sure server_domain is set as tls alias print("Setting server as tls alias") - oldConfigHash=subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf") + old_config_hash = subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf") subprocess.call("sudo sed -i \"s/^#tlsextradomain=.*/tlsextradomain=/g\" /mnt/hdd/lnd/lnd.conf", shell=True) - subprocess.call("sudo sed -i \"s/^tlsextradomain=.*/tlsextradomain=%s/g\" /mnt/hdd/lnd/lnd.conf" % (ssh_server_host), shell=True) - newConfigHash=subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf") - if oldConfigHash != newConfigHash: + subprocess.call( + "sudo sed -i \"s/^tlsextradomain=.*/tlsextradomain={}/g\" /mnt/hdd/lnd/lnd.conf".format(ssh_server_host), + shell=True) + new_config_hash = subprocess.getoutput("sudo shasum -a 256 /mnt/hdd/lnd/lnd.conf") + if old_config_hash != new_config_hash: print("lnd.conf changed ... generating new TLS cert") - subprocess.call(sudo /home/admin/config.scripts/lnd.tlscert.sh refresh", shell=True) + subprocess.call("sudo /home/admin/config.scripts/lnd.tlscert.sh refresh", shell=True) else: print("lnd.conf unchanged... keep TLS cert") - if forwardingLND: + if forwarding_lnd: # setting server explicitly on LND if LND port is forwarded print("Setting fixed address for LND with raspiblitz lndAddress") - file_content = re.sub("lndAddress=.*", "lndAddress='%s'" % (ssh_server_host), file_content) + file_content = re.sub("lndAddress=.*", "lndAddress='{}'".format(ssh_server_host), file_content) else: print("No need to set fixed address for LND with raspiblitz lndAddress") file_content = "".join([s for s in file_content.splitlines(True) if s.strip("\r\n")]) + "\n" @@ -209,12 +205,12 @@ if sys.argv[1] == "on": print() print("*** Install autossh") subprocess.call("sudo apt-get install -y autossh", shell=True) - + # enable service print() - print("*** Enabling systemd service: %s" % (SERVICENAME)) + print("*** Enabling systemd service: {}".format(SERVICE_NAME)) subprocess.call("sudo systemctl daemon-reload", shell=True) - subprocess.call("sudo systemctl enable %s" % (SERVICENAME), shell=True) + subprocess.call("sudo systemctl enable {}".format(SERVICE_NAME), shell=True) # final info (can be ignored if run by other script) print() @@ -224,22 +220,21 @@ if sys.argv[1] == "on": print("See chapter 'How to setup port-forwarding with a SSH tunnel?' in:") print("https://github.com/rootzoll/raspiblitz/blob/master/FAQ.md") print("- Tunnel service needs final reboot to start.") - print("- After reboot check logs: sudo journalctl -f -u %s" % (SERVICENAME)) - print("- Make sure the SSH pub key of this RaspiBlitz is in 'authorized_keys' of %s:" % (ssh_server_host)) + print("- After reboot check logs: sudo journalctl -f -u {}".format(SERVICE_NAME)) + print("- Make sure the SSH pub key of this RaspiBlitz is in 'authorized_keys' of {}:".format(ssh_server_host)) print(ssh_pubkey) print() -# + +####################### # SWITCHING OFF -# - -elif sys.argv[1] == "off": - - print("*** Disabling systemd service: %s" % (SERVICENAME)) - subprocess.call("sudo systemctl stop %s" % (SERVICENAME), shell=True) - subprocess.call("sudo systemctl disable %s" % (SERVICENAME), shell=True) +####################### +def off(): + print("*** Disabling systemd service: {}".format(SERVICE_NAME)) + subprocess.call("sudo systemctl stop {}".format(SERVICE_NAME), shell=True) + subprocess.call("sudo systemctl disable {}".format(SERVICE_NAME), shell=True) subprocess.call("sudo systemctl reset-failed", shell=True) - subprocess.call("sudo rm %s" % (SERVICEFILE), shell=True) + subprocess.call("sudo rm {}".format(SERVICE_FILE), shell=True) subprocess.call("sudo systemctl daemon-reload", shell=True) print("OK Done") print() @@ -258,9 +253,22 @@ elif sys.argv[1] == "off": text_file.write(file_content) print("OK Done") -# -# UNKOWN PARAMETER -# -else: - print ("unkown parameter - use 'internet.sshtunnel.py -h' for help") +def main(): + if sys.argv[1] == "restore": + print("internet.sshtunnel.py -> running with restore flag") + on(restore_on_update=True) + + elif sys.argv[1] == "on": + on() + + elif sys.argv[1] == "off": + off() + + else: + # UNKNOWN PARAMETER + print("unknown parameter - use 'internet.sshtunnel.py -h' for help") + + +if __name__ == '__main__': + main() From 83e8a015f8c5ea38ee60f37d88a1984938be5867 Mon Sep 17 00:00:00 2001 From: frennkie Date: Mon, 20 Jul 2020 16:54:21 +0200 Subject: [PATCH 5/6] typo --- home.admin/_bootstrap.provision.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home.admin/_bootstrap.provision.sh b/home.admin/_bootstrap.provision.sh index 96d94c190..1ee3c90c1 100644 --- a/home.admin/_bootstrap.provision.sh +++ b/home.admin/_bootstrap.provision.sh @@ -62,7 +62,7 @@ if [ ${isRaspbian} -gt 0 ] || [ ${isArmbian} -gt 0 ]; then exit 0 fi else - echo "Size looks good. Bigger then 8GB card is used." >> ${logFile} + echo "Size looks good. Bigger than 8GB card is used." >> ${logFile} fi else echo "Baseimage is not raspbian (${isRaspbian}), skipping the sd card size check." >> ${logFile} From f90f15ec4cc14d76e65bdc52957a302018ff2c66 Mon Sep 17 00:00:00 2001 From: frennkie Date: Mon, 20 Jul 2020 16:57:06 +0100 Subject: [PATCH 6/6] quick fix for infoBitz LND sync progress --- home.admin/00infoBlitz.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/home.admin/00infoBlitz.sh b/home.admin/00infoBlitz.sh index 76eb117a9..16ef6bbb2 100755 --- a/home.admin/00infoBlitz.sh +++ b/home.admin/00infoBlitz.sh @@ -88,7 +88,7 @@ fi network_active_if=$(ip addr | grep -v "lo:" | grep 'state UP' | tr -d " " | cut -d ":" -f2 | head -n 1) # get network traffic -# ifconfig does not show eth0 on Armbian or in a VM - get first traffic info +# ifconfig does not show eth0 on Armbian or in a VM - get first traffic info isArmbian=$(cat /etc/os-release 2>/dev/null | grep -c 'Debian') if [ ${isArmbian} -gt 0 ] || [ ! -d "/sys/class/thermal/thermal_zone0/" ]; then network_rx=$(ifconfig | grep -m1 'RX packets' | awk '{ print $6$7 }' | sed 's/[()]//g') @@ -268,7 +268,10 @@ else if [ ${#ln_getInfo} -eq 0 ]; then ln_baseInfo="${color_red} Not Started | Not Ready Yet" else - item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "(height" | tail -n1 | awk '{print $10} {print $11} {print $12}' | tr -dc '0-9') + item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "Filtering block" | tail -n1 | awk '{print $7}') + if [ ${#item} -eq 0 ]; then + item=$(sudo -u bitcoin tail -n 100 /mnt/hdd/lnd/logs/${network}/${chain}net/lnd.log 2> /dev/null | grep "(height" | tail -n1 | awk '{print $10} {print $11} {print $12}' | tr -dc '0-9') + fi total=$(sudo -u bitcoin ${network}-cli -datadir=/home/bitcoin/.${network} getblockchaininfo 2>/dev/null | jq -r '.blocks') ln_baseInfo="${color_red} waiting for chain sync" if [ ${#item} -gt 0 ]; then @@ -358,7 +361,7 @@ else if [ ${#appInfoLine} -gt 0 ]; then echo "${appInfoLine}" fi - + fi uptime=$(uptime --pretty) @@ -417,4 +420,4 @@ EOF fi fi -# EOF \ No newline at end of file +# EOF