v1.11.3 release

* #4817

CHANGES.md

@@ -1,18 +1,9 @@
-## What's new in Version 1.11.4 of RaspiBlitz?
-
-ReleaseCandidate: https://raspiblitz.fulmo.org/images/raspiblitz-min-v1.11.4rc1-2024-12-18.img.gz 
-
-Small AlbyHub feature release with security/bug-fixing relevant updates.
-
-- New: AlbyHub v1.12.0 (SSH & WebUI) [details](https://github.com/getAlby)
-- New: SSH-Option to tirn on/off LNbits AdminUI [details](https://github.com/raspiblitz/raspiblitz/issues/4876)
-- Update: LND v0.18.3-beta [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.18.3-beta)
-- Update: Core Lightning v24.11 [details](https://github.com/ElementsProject/lightning/releases/tag/v24.11)
-
 ## What's new in Version 1.11.3 of RaspiBlitz?
 
 Optimized now to run also on plain debian12 linux for Proxmox/VM & x86 systems.
 
+Containing Features:
+
 - New: Publicpool - Open Source Solo Bitcoin Mining (SSH Menu) [details](https://www.youtube.com/watch?v=QbOsH04Z9xM)
 - New: Tailscale (SSH menu > SETTINGS) [details](https://en.wikipedia.org/wiki/Tailscale)
 - New: Telegraf Metrics for InfluxDB/Grafana (SSH menu > SETTINGS) [details](https://github.com/raspiblitz/raspiblitz/tree/dev/home.admin/assets/telegraf/README.md)
@@ -30,6 +21,16 @@ Optimized now to run also on plain debian12 linux for Proxmox/VM & x86 systems.
 - Update: CLBOSS 0.13.3 [details](https://github.com/ZmnSCPxj/clboss/releases/tag/v0.13.3)
 - Update: Electrum Server in Rust (electrs) v0.10.6 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#0106-sep-29-2024)
 
+Download RaspberryPi images:
+
+- Minimal:  
+https://raspiblitz.fulmo.org/images/raspiblitz-min-v1.11.3-2024-11-03.img.gz  
+SHA-256-Checksum: 199fd4e671a49feb39420156031201c9118121d33ec6f9990fb9724de5be02c4
+
+- Fatpack:  
+https://raspiblitz.fulmo.org/images/raspiblitz-fat-v1.11.3-2024-11-03.img.gz 
+SHA-256-Checksum: 65e523562768b21dcda85b96003c559a665015889402a3cea27638e6c5e290bd
+
 ## What's new in Version 1.11.2 of RaspiBlitz?
 
 This is just a quick patch release for v1.11.1

README.md

@@ -1,6 +1,6 @@
 # ![RaspiBlitz](pictures/raspilogo_tile_400px.png)
 
-_Build your own Bitcoin & Lightning Fullnode on a RaspberryPi with an optional Display._
+_Build your own Bitcoin & Lightning Fullnode on a RaspberryPi with an optional Display._ ([API](https://github.com/fusion44/blitz_api)|[WebUI](https://github.com/raspiblitz/raspiblitz-web))
 
 ![RaspiBlitz](pictures/raspiblitz.jpg)
 

home.admin/00mainMenu.sh

@@ -180,9 +180,6 @@ fi
 if [ "${telegraf}" == "on" ]; then
   OPTIONS+=(TELEGRAF "Telegraf InfluxDB/Grafana Metrics")
 fi
-if [ "${albyhub}" == "on" ]; then
-  OPTIONS+=(ALBYHUB "AlbyHub")
-fi
 
 # dont offer to switch to "testnet view for now" - so no wswitch back to mainnet needed
 #if [ ${chain} != "main" ]; then
@@ -358,9 +355,6 @@ case $CHOICE in
         FINTS)
             sudo /home/admin/config.scripts/bonus.fints.sh menu
             ;;
-        ALBYHUB)
-            /home/admin/config.scripts/bonus.albyhub.sh menu
-            ;;
         TESTNETS)
             /home/admin/00parallelChainsMenu.sh
             ;;

home.admin/00settingsMenuServices.sh

@@ -32,8 +32,6 @@ if [ ${#fints} -eq 0 ]; then fints="off"; fi
 if [ ${#lndk} -eq 0 ]; then lndk="off"; fi
 if [ ${#labelbase} -eq 0 ]; then labelbase="off"; fi
 if [ ${#publicpool} -eq 0 ]; then publicpool="off"; fi
-if [ ${#albyhub} -eq 0 ]; then albyhub="off"; fi
-if [ "${albyhub}" == "on" ] && [ $(sudo ls /etc/systemd/system/albyhub.service 2>/dev/null | grep -c 'albyhub.service') -lt 1 ]; then albyhub="off"; fi
 
 # show select dialog
 echo "run dialog ..."
@@ -65,7 +63,6 @@ if [ "${lightning}" == "lnd" ] || [ "${lnd}" == "on" ]; then
   OPTIONS+=(ra 'LND RTL Webinterface' ${rtlWebinterface})
   OPTIONS+=(ta 'LND ThunderHub' ${thunderhub})
   OPTIONS+=(la 'LND LIT (loop, pool, faraday)' ${lit})
-  OPTIONS+=(ah 'LND AlbyHub (App Connector)' ${albyhub})
   OPTIONS+=(gb 'LND LNDg (auto-rebalance, auto-fees)' ${lndg})
   OPTIONS+=(oa 'LND Balance of Satoshis' ${bos})
   OPTIONS+=(ya 'LND PyBLOCK' ${pyblock})
@@ -627,31 +624,6 @@ else
   echo "Publicpool setting unchanged."
 fi
 
-# albyhub process choice
-choice="off"; check=$(echo "${CHOICES}" | grep -c "ah")
-if [ ${check} -eq 1 ]; then choice="on"; fi
-if [ "${albyhub}" != "${choice}" ]; then
-  echo "AlbyHub setting changed .."
-  anychange=1
-  if [ "${choice}" =  "on" ]; then
-    sudo -u admin /home/admin/config.scripts/bonus.albyhub.sh on
-    sudo -u admin /home/admin/config.scripts/bonus.albyhub.sh menu
-  else
-      whiptail --title "Delete Database?" \
-      --yes-button "Keep Database" \
-      --no-button "Delete Database" \
-      --yesno "AlbyHub is getting uninstalled. If you keep the database, you will be able to reuse the data should you choose to re-install. Do you wish to keep the database?" 10 80
-      if [ $? -eq 1 ]; then
-        echo "# Uninstalling AlbyHub AND DELETING DATA ..."
-        sudo -u admin /home/admin/config.scripts/bonus.albyhub.sh off delete-data
-      else
-        echo "# Uninstalling AlbyHub but keeping data ..."
-        sudo -u admin /home/admin/config.scripts/bonus.albyhub.sh off
-      fi
-  fi
-else
-  echo "AlbyHub setting unchanged."
-fi
 
 # fints process choice  
 choice="off"; check=$(echo "${CHOICES}" | grep -c "fn")

home.admin/BBcloseAllChannels.sh

@@ -36,25 +36,7 @@ elif [ $LNTYPE = lnd ];then
     dialog --title 'Info' --msgbox 'You need to turn OFF the LND AutoPilot first,\nso that closed channels are not opening up again.\nYou find the AutoPilot -----> SERVICES section' 7 55
     exit 0
   fi
-  
-  # User choice for close type
-  close_type=$(dialog --clear \
-    --title "LND Channel Close Type" \
-    --menu "Choose how to close channels:" \
-    14 54 3 \
-    "COOP" "Attempt Cooperative Close" \
-    "FORCE" "Force Close Channels" \
-    2>&1 >/dev/tty)
-
-  # Set command based on user choice
-  if [ "$close_type" = "COOP" ]; then
-    command="$lncli_alias closeallchannels"
-  elif [ "$close_type" = "FORCE" ]; then
-    command="$lncli_alias closeallchannels --force"
-  else
-    echo "Invalid choice. Exiting."
-    exit 1
-  fi
+  command="$lncli_alias closeallchannels --force"
 fi
 
 clear

home.admin/_provision_.sh

@@ -752,15 +752,6 @@ else
   echo "Provisioning Publicpool - keep default" >> ${logFile}
 fi
 
-# AlbyHub
-if [ "${albyhub}" = "on" ]; then
-  echo "Provisioning AlbyHub - run config script" >> ${logFile}
-  /home/admin/_cache.sh set message "Setup AlbyHub"
-  sudo -u admin /home/admin/config.scripts/bonus.albyhub.sh on >> ${logFile} 2>&1
-else
-  echo "Provisioning AlbyHub - keep default" >> ${logFile}
-fi
-
 # custom install script from user
 customInstallAvailable=$(ls /mnt/hdd/app-data/custom-installs.sh 2>/dev/null | grep -c "custom-installs.sh")
 if [ ${customInstallAvailable} -gt 0 ]; then

home.admin/_version.info

@@ -1,4 +1,4 @@
 # RaspiBlitz Version - always [major].[main].[sub] (sub can be a string like '2rc1')
-codeVersion="1.11.4"
+codeVersion="1.11.3"
 codeRelease="dev"
 # keep last line with comment ---> IF YOU HAVE A NEW VERSION BRANCH > EDIT ALSO build_sdcard.sh

home.admin/config.scripts/blitz.bootdrive.sh

@@ -67,13 +67,23 @@ if [ "${action}" == "fsexpand" ]; then
         if [ -x ${resizeRaspbian} ]; then
             echo "# RUNNING EXPAND RASPBERRYPI: ${resizeRaspbian}"
 		    sudo $resizeRaspbian --expand-rootfs 1>&2
-            sudo touch /forcefsck
             echo "# DONE - please reboot"
 	    else
             echo "# FAIL to execute on ${baseimage}: ${resizeRaspbian}"
             echo "err='expand failed'"
             exit 1
         fi
+    elif [ "${baseimage}" = "armbian" ]; then
+        resizeArmbian="/usr/lib/armbian/armbian-resize-filesystem"
+        if [ -x ${resizeArmbian} ]; then
+            echo "# RUNNING EXPAND ARMBIAN: ${resizeArmbian}"
+            sudo $resizeArmbian start 1>&2
+            echo "# DONE - please reboot"
+	    else
+            echo "# FAIL to execute on ${baseimage}: ${resizeArmbian}"
+            echo "err='expand failed'"
+            exit 1
+        fi
     else
         echo "#FAIL no implementation for: ${baseimage}"
         echo "err='missing implementation'"

home.admin/config.scripts/blitz.fatpack.sh

@@ -131,8 +131,6 @@ sudo cp -a /home/blitzapi/blitz_web/build/* /home/admin/assets/nginx/www_public
 sudo chown admin:admin /home/admin/assets/nginx/www_public
 sudo rm -r /home/blitzapi/blitz_web/build/*
 
-echo "* Adding Code&Compile for WEBUI-APP: ALBYHUB"
-/home/admin/config.scripts/bonus.albyhub.sh install || exit 1
 echo "* Adding Code&Compile for WEBUI-APP: LNBITS"
 /home/admin/config.scripts/bonus.lnbits.sh install || exit 1
 echo "* Adding Code&Compile for WEBUI-APP: JAM"

home.admin/config.scripts/blitz.release.sh

@@ -98,25 +98,6 @@ sudo systemctl disable ssh
 sudo rm /etc/ssh/ssh_host_*
 echo "OK"
 
-# force locale - see #4861
-# next major release should make sure to be set during sd build card
-echo
-echo "Forcing locales ..."
-sudo sed -i '/^en_US.UTF-8/s/^#//' /etc/locale.gen
-sudo sed -i '/^en_GB.UTF-8/s/^/#/' /etc/locale.gen
-sudo locale-gen
-echo -e "LANG=en_US.UTF-8\nLANGUAGE=en_US.UTF-8\nLC_ALL=en_US.UTF-8" | sudo tee /etc/default/locale > /dev/null
-
-# make sure file system is clean and ready for release
-echo
-echo "fsck on first boot ..."
-sudo touch /forcefsck
-if [ -e /dev/mmcblk0 ]; then
-  echo "fsck on /dev/mmcblk0 ..."
-  sudo umount /dev/mmcblk0p1
-  sudo fsck -fy /dev/mmcblk0p1
-fi
-
 echo
 echo "Will shutdown now."
 echo "Wait until Raspberry LEDs show no activity anymore."

home.admin/config.scripts/blitz.rerelease.sh

@@ -0,0 +1,105 @@
+#!/bin/bash
+
+# Just run this script once after a fresh sd card build
+# to prepare the image for release as a downloadable sd card image
+# call with parameter `-quick` to skip skip os update
+
+# determine correct raspberrypi boot drive path (that easy to access when sd card is insert into laptop)
+raspi_bootdir=""
+if [ -d /boot/firmware ]; then
+  raspi_bootdir="/boot/firmware"
+elif [ -d /boot ]; then
+  raspi_bootdir="/boot"
+fi
+echo "# raspi_bootdir(${raspi_bootdir})"
+
+# write release info to to version file
+echo "writing codeRelease commit ro version file:"
+releaseCommit=$(git -C /home/admin/raspiblitz rev-parse --short HEAD)
+sed -i 's/^codeRelease=".*"/codeRelease="${releaseCommit}"/' /home/admin/_version.info
+cat /home/admin/_version.info
+echo
+
+# stop background services
+sudo systemctl stop background.service
+sudo systemctl stop background.scan.service
+
+# remove stop flag (if exists)
+echo "deleting stop flag .."
+sudo rm ${raspi_bootdir}/stop 2>/dev/null
+
+# cleaning logs
+echo "deleting raspiblitz & system logs .."
+sudo rm -rf /var/log/journal/* 2>/dev/null
+sudo rm /var/log/redis/* 2>/dev/null
+sudo rm /var/log/private/* 2>/dev/null
+sudo rm /var/log/nginx/* 2>/dev/null
+sudo rm /home/admin/*.log 2>/dev/null
+logger -p info "****** RASPIBLITZ RELEASE ******"
+echo "OK"
+
+# clean raspiblitz.info toward the values set by sd card build script
+echo "cleaning raspiblitz.info"
+source /home/admin/raspiblitz.info
+echo "baseimage=${baseimage}" > /home/admin/raspiblitz.info
+echo "cpu=${cpu}" >> /home/admin/raspiblitz.info
+echo "blitzapi=${blitzapi}" >> /home/admin/raspiblitz.info
+echo "displayClass=${displayClass}" >> /home/admin/raspiblitz.info
+
+# https://github.com/rootzoll/raspiblitz/issues/1371
+echo
+echo "deactivate local WIFI ..."
+sudo nmcli radio wifi off
+echo "OK"
+
+# make sure that every install runs API with own secret
+# https://github.com/raspiblitz/raspiblitz/issues/4469
+echo
+echo "deleting old API conf ..."
+sudo rm /home/blitzapi/blitz_api/.env 2>/dev/null
+REDIS_ENABLED=$(sudo systemctl is-enabled redis 2>/dev/null | grep -c enabled)
+if [ ${REDIS_ENABLED} -gt 0 ]; then
+    echo "disable redis for initial start ..."
+    sudo systemctl stop redis 2>/dev/null
+    sudo systemctl disable redis 2>/dev/null
+fi
+echo "deleting redis data (if still there) ..."
+sudo rm /var/lib/redis/dump.rdb 2>/dev/null
+echo "OK"
+
+# https://github.com/rootzoll/raspiblitz/issues/1068#issuecomment-599267503
+echo
+echo "reset DNS confs ..."
+echo -e "nameserver 1.1.1.1\nnameserver 84.200.69.80" | sudo tee /etc/resolv.conf > /dev/null
+echo "OK"
+
+# make sure Tor respo signing keys are uptodate #4648
+wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/torproject.gpg >/dev/null
+
+# update system (only security updates with minimal risk of breaking changes)
+if [ "$1" != "-quick" ]; then
+  echo
+  echo "update OS ..."
+  sudo apt-get update -y
+  sudo apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/sources.list.d/security.list -y
+  sudo apt-get upgrade openssh-server -y
+  sudo dpkg --configure -a
+else
+  echo
+  echo "skipping OS update ..."
+fi
+
+# SSH Pubkeys (make unique for every sd card image install)
+echo
+echo "deleting SSH Pub keys ..."
+echo "keys will get recreated and sshd reactivated on fresh bootup, by _bootstrap.sh service"
+sudo systemctl stop ssh
+sudo systemctl disable ssh
+sudo rm /etc/ssh/ssh_host_*
+echo "OK"
+
+echo
+echo "Will shutdown now."
+echo "Wait until Raspberry LEDs show no activity anymore."
+echo "Then remove SD card and make an release image from it."
+sudo shutdown now

home.admin/config.scripts/bonus.albyhub.sh

@@ -1,421 +0,0 @@
-#!/bin/bash
-
-# This script installs Alby Hub on RaspiBlitz.
-# Rename it as `bonus.albyhub.sh` and place it in `/home/admin/config.scripts`.
-
-# id string of your app (short single string unique in raspiblitz)
-APPID="albyhub" # one-word lower-case no-specials
-
-# https://github.com/getAlby/hub/releases
-VERSION="1.12.0"
-
-# port numbers the app should run on
-# delete if not an web app
-PORT_CLEAR="8029"
-PORT_SSL="8030"
-PORT_TOR_CLEAR="8031"
-PORT_TOR_SSL="8032"
-
-# BASIC COMMANDLINE OPTIONS
-if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
-  echo "# bonus.${APPID}.sh status            -> status information (key=value)"
-  echo "# bonus.${APPID}.sh install           -> install the app"
-  echo "# bonus.${APPID}.sh uninstall         -> uninstall the app"
-  echo "# bonus.${APPID}.sh on                -> activate the app"
-  echo "# bonus.${APPID}.sh off [delete-data] -> deactivate the app"
-  echo "# bonus.${APPID}.sh menu              -> SSH menu dialog"
-  echo "# bonus.${APPID}.sh prestart          -> prestart used by systemd"
-  exit 1
-fi
-
-ENVFILE="/home/${APPID}/config.env"
-
-##########################
-# PRESTART
-##########################
-
-# background is that this script will be called with `prestart` on every start & restart
-if [ "$1" = "prestart" ]; then
-
-  # needs to be run as the app user - stop if not run as the app user
-  # keep in mind that in the prestart section you cannot use `sudo` command
-  if [ "$USER" != "${APPID}" ]; then
-    echo "# FAIL: run as user ${APPID}"
-    exit 1
-  fi
-
-  # see: https://github.com/getAlby/hub/blob/master/.env.example
-
-  echo "## PRESTART CONFIG START for ${APPID} (called by systemd prestart)"
-  echo "# creating dynamic env file --> ${ENVFILE}"
-  touch ${ENVFILE}
-  chmod 770 ${ENVFILE}
-  echo "PORT=${PORT_CLEAR}" > ${ENVFILE}
-  echo "WORK_DIR=/mnt/hdd/app-data/${APPID}" >> ${ENVFILE}
-  echo "LN_BACKEND_TYPE=LND" >> ${ENVFILE}
-  echo "LND_ADDRESS=127.0.0.1:10009" >> ${ENVFILE}
-  echo "LND_CERT_FILE=/mnt/hdd/app-data/lnd/tls.cert" >> ${ENVFILE}
-  echo "LND_MACAROON_FILE=/mnt/hdd/app-data/lnd/data/chain/bitcoin/mainnet/admin.macaroon" >> ${ENVFILE}
-  echo >> ${ENVFILE}
-
-  echo "## PRESTART CONFIG DONE for ${APPID}"
-  exit 0
-fi
-
-# echoing comments is useful for logs - but start output with # when not a key=value
-echo "# Running: 'bonus.${APPID}.sh $*'"
-
-source /home/admin/raspiblitz.info
-source /mnt/hdd/raspiblitz.conf
-
-#########################
-# INFO
-#########################
-
-# this section is always executed to gather status information that
-# all the following commands can use & execute on
-
-# check if app is already installed
-isInstalled=$(sudo ls /etc/systemd/system/${APPID}.service 2>/dev/null | grep -c "${APPID}.service")
-
-# check if service is running
-isRunning=$(systemctl status ${APPID} 2>/dev/null | grep -c 'active (running)')
-
-if [ "${isInstalled}" == "1" ]; then
-  # gather address info (whats needed to call the app)
-  localIP=$(hostname -I | awk '{print $1}')
-  toraddress=$(sudo cat /mnt/hdd/tor/${APPID}/hostname 2>/dev/null)
-  fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
-fi
-
-# if the action parameter `status` was called - just stop here and output all
-# status information as a key=value list
-if [ "$1" = "status" ]; then
-  echo "appID='${APPID}'"
-  echo "version='${VERSION}'"
-  echo "installed=${isRunning}" # installed means towards webui on or off
-  if [ "${isInstalled}" == "1" ]; then
-    echo "localIP='${localIP}'"
-    echo "toraddress='${toraddress}'"
-    echo "fingerprint='${fingerprint}'"
-    echo "httpPort='${PORT_CLEAR}'"
-    echo "httpsPort='${PORT_SSL}'"
-    echo "httpsForced='1'"
-    echo "httpsSelfsigned='1'"
-    echo "authMethod='userdefined'"
-  fi
-  exit
-fi
-
-##########################
-# MENU
-#########################
-
-# show info menu
-if [ "$1" = "menu" ]; then
-
-  if [ ${isInstalled} -eq 0 ] && [ "${albyhub}" == "on" ]; then
-    clear
-    echo "# AlbyHub needs re-install ..."
-    /home/admin/config.scripts/bonus.albyhub.sh on
-  elif [ ${isInstalled} -lt 1 ]; then
-    echo "error='App not installed'"
-    exit 1
-  fi
-
-  # set the title for the dialog
-  dialogTitle=" ${APPID} "
-  localIP=$(hostname -I | awk '{print $1}')
-  fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
-
-  # basic info text - for a web app how to call with http
-  dialogText="Open in your local web browser:
-http://${localIP}:${PORT_CLEAR}\n
-https://${localIP}:${PORT_SSL} with Fingerprint:
-${fingerprint}\n
-The Alby Hub password is managed separate from RaspiBlitz - make sure to manage it safely.\n
-"
-
-  # use whiptail to show SSH dialog & exit
-  whiptail --title "${dialogTitle}" --msgbox "${dialogText}" 15 67
-  echo "please wait ..."
-  exit 0
-fi
-
-##########################
-# INSTALL
-##########################
-
-if [ "$1" = "install" ]; then
-
-  echo "# Installing ${APPID} ..."
-
-  echo "# create user"
-  sudo adduser --system --group --shell /bin/bash --home /home/${APPID} ${APPID} || exit 1
-  sudo -u ${APPID} cp -r /etc/skel/. /home/${APPID}/
-
-  echo "# add use to special groups"
-  sudo /usr/sbin/usermod --append --groups lndadmin ${APPID}
-
-  # use new app user home as install directory
-  cd /home/${APPID}
-
-  # download Alby Hub
-  if [ ${cpu} == "aarch64" ]; then
-    echo "# Downloading Alby Hub for aarch64"
-    sudo wget -O albyhub-server.tar.bz2 https://github.com/getAlby/hub/releases/download/v$VERSION/albyhub-Server-Linux-aarch64.tar.bz2
-  else
-    echo "# Downloading Alby Hub for x86"
-    sudo wget -O albyhub-server.tar.bz2 https://github.com/getAlby/hub/releases/download/v$VERSION/albyhub-Server-Linux-x86_64.tar.bz2
-  fi
-
-  # extract archives
-  sudo tar -xvf albyhub-server.tar.bz2
-  if [[ $? -ne 0 ]]; then
-    echo "# Failed to download & unpack Alby Hub"
-    echo "error='download & unpack failed'"
-    exit 1
-  fi
-
-  # cleanup
-  sudo rm -f albyhub-server.tar.bz2
-
-  # set permissions
-  sudo chmod -R 755 /home/${APPID}/lib
-  sudo chown -R root:root /home/${APPID}/lib
-
-  # make libs available
-  echo "/home/${APPID}/lib" | sudo tee /etc/ld.so.conf.d/${APPID}.conf
-  sudo ldconfig
-
-  echo "# Install ${APPID} done"
-  exit 0
-
-fi
-
-##########################
-# ON
-##########################
-
-if [ "$1" = "1" ] || [ "$1" = "on" ]; then
-
-  # dont run install if already installed
-  if [ ${isInstalled} -eq 1 ]; then
-    echo "# ${APPID}.service is already installed."
-    exit 1
-  fi
-
-  # check if lnd service is available (LND is needed as a base)
-  if [ $(sudo ls /etc/systemd/system/lnd.service 2>/dev/null | grep -c 'lnd.service') -eq 0 ]; then
-    echo "error='LND needs to be installed'"
-    exit 1
-  fi
-
-  # check if code is already installed
-  isInstalled=$(compgen -u | grep -c ${APPID})
-  if [ "${isInstalled}" == "0" ]; then
-    echo "# Installing code base & dependencies first .."
-    /home/admin/config.scripts/bonus.albyhub.sh install || { echo "error='install failed'"; exit 1; }
-  fi
-
-  echo "# ACTIVATE Alby-Hub"
-
-  # prepare data directory
-  sudo mkdir -p /mnt/hdd/app-data/${APPID} 2>/dev/null
-  sudo chown -R ${APPID}:${APPID} /mnt/hdd/app-data/${APPID}
-
-  # open the ports in the firewall
-  echo "# updating Firewall"
-  sudo ufw allow ${PORT_CLEAR} comment "${APPID} HTTP"
-  sudo ufw allow ${PORT_SSL} comment "${APPID} HTTPS"
-
-  # prepare env file
-  echo "# prepare env file --> ${ENVFILE}"
-  sudo touch ${ENVFILE}
-  sudo chown ${APPID}:${APPID} ${ENVFILE}
-  sudo chmod 770 ${ENVFILE}
-
-  # create systemd service
-  echo "# create systemd service: ${APPID}.service"
-  echo "
-[Unit]
-Description=AlbyHub
-Wants=lnd.service
-After=lnd.service
-
-[Service]
-Type=simple
-Restart=always
-RestartSec=1
-User=${APPID}
-ExecStartPre=-/home/admin/config.scripts/bonus.${APPID}.sh prestart
-EnvironmentFile=${ENVFILE}
-ExecStart=/home/${APPID}/bin/${APPID}
-# Hack to ensure Alby Hub never uses more than 90% CPU
-CPUQuota=90%sudo
-
-[Install]
-WantedBy=multi-user.target
-" | sudo tee /etc/systemd/system/${APPID}.service
-  sudo chown root:root /etc/systemd/system/${APPID}.service
-
-  # when tor is set on also install the hidden service
-  if [ "${runBehindTor}" = "on" ]; then
-    # activating tor hidden service
-    /home/admin/config.scripts/tor.onion-service.sh ${APPID} 80 ${PORT_TOR_CLEAR} 443 ${PORT_TOR_SSL}
-  fi
-
-  # nginx configuration
-  # BACKGROUND is that the plain HTTP is served by your web app, but thru the nginx proxy it will be available
-  # with (self-signed) HTTPS and with separate configs for Tor & Tor+HTTPS.
-
-  echo "# setup nginx config"
-
-  # write the HTTPS config
-  echo "
-server {
-    listen ${PORT_SSL} ssl;
-    listen [::]:${PORT_SSL} ssl;
-    server_name _;
-    include /etc/nginx/snippets/ssl-params.conf;
-    include /etc/nginx/snippets/ssl-certificate-app-data.conf;
-    access_log /var/log/nginx/access_${APPID}.log;
-    error_log /var/log/nginx/error_${APPID}.log;
-    location / {
-        proxy_pass http://127.0.0.1:${PORT_CLEAR};
-        include /etc/nginx/snippets/ssl-proxy-params.conf;
-    }
-}
-" | sudo tee /etc/nginx/sites-available/${APPID}_ssl.conf
-  sudo ln -sf /etc/nginx/sites-available/${APPID}_ssl.conf /etc/nginx/sites-enabled/
-
-  # write the Tor config
-  echo "
-server {
-    listen ${PORT_TOR_CLEAR};
-    server_name _;
-    access_log /var/log/nginx/access_${APPID}.log;
-    error_log /var/log/nginx/error_${APPID}.log;
-    location / {
-        proxy_pass http://127.0.0.1:${PORT_CLEAR};
-        include /etc/nginx/snippets/ssl-proxy-params.conf;
-    }
-}
-" | sudo tee /etc/nginx/sites-available/${APPID}_tor.conf
-  sudo ln -sf /etc/nginx/sites-available/${APPID}_tor.conf /etc/nginx/sites-enabled/
-
-  # write the Tor+HTTPS config
-  echo "
-server {
-    listen ${PORT_TOR_SSL} ssl;
-    server_name _;
-    include /etc/nginx/snippets/ssl-params.conf;
-    include /etc/nginx/snippets/ssl-certificate-app-data-tor.conf;
-    access_log /var/log/nginx/access_${APPID}.log;
-    error_log /var/log/nginx/error_${APPID}.log;
-    location / {
-        proxy_pass http://127.0.0.1:${PORT_CLEAR};
-        include /etc/nginx/snippets/ssl-proxy-params.conf;
-    }
-}
-" | sudo tee /etc/nginx/sites-available/${APPID}_tor_ssl.conf
-  sudo ln -sf /etc/nginx/sites-available/${APPID}_tor_ssl.conf /etc/nginx/sites-enabled/
-
-  # test nginx config & activate thru reload
-  sudo nginx -t
-  sudo systemctl reload nginx
-
-  # enable app up thru systemd
-  sudo systemctl enable ${APPID}
-  echo "# OK - the ${APPID}.service is now enabled"
-
-  # start app (only when blitz is ready)
-  source <(/home/admin/_cache.sh get state)
-  if [ "${state}" == "ready" ]; then
-    sudo systemctl start ${APPID}
-    echo "# OK - the ${APPID}.service is now started"
-  fi
-
-  echo "# mark app as installed in raspiblitz config"
-  /home/admin/config.scripts/blitz.conf.sh set ${APPID} "on"
-
-  echo "# Monitor with: sudo journalctl -f -u ${APPID}"
-  echo "# OK actvation done"
-
-  # needed for API/WebUI as signal that install ran thru
-  echo "result='OK'"
-  exit 0
-fi
-
-###########################################
-# OFF / UNINSTALL
-# call with parameter `delete-data` to also
-# delete the persistent data directory
-###########################################
-
-if [ "$1" = "0" ] || [ "$1" = "off" ]; then
-
-  echo "# stop & remove systemd service"
-  sudo systemctl stop ${APPID} 2>/dev/null
-  sudo systemctl disable ${APPID}.service
-  sudo rm /etc/systemd/system/${APPID}.service
-
-  echo "# remove nginx symlinks"
-  sudo rm -f /etc/nginx/sites-enabled/${APPID}_ssl.conf 2>/dev/null
-  sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor.conf 2>/dev/null
-  sudo rm -f /etc/nginx/sites-enabled/${APPID}_tor_ssl.conf 2>/dev/null
-  sudo rm -f /etc/nginx/sites-available/${APPID}_ssl.conf 2>/dev/null
-  sudo rm -f /etc/nginx/sites-available/${APPID}_tor.conf 2>/dev/null
-  sudo rm -f /etc/nginx/sites-available/${APPID}_tor_ssl.conf 2>/dev/null
-  sudo nginx -t
-  sudo systemctl reload nginx
-
-  echo "# close ports on firewall"
-  sudo ufw deny "${PORT_CLEAR}"
-  sudo ufw deny "${PORT_SSL}"
-
-  echo "# removing Tor hidden service (if active)"
-  /home/admin/config.scripts/tor.onion-service.sh off ${APPID}
-
-  echo "# mark app as uninstalled in raspiblitz config"
-  /home/admin/config.scripts/blitz.conf.sh set ${APPID} "off"
-
-  # only if 'delete-data' is an additional parameter then also the data directory gets deleted
-  if [ "$(echo "$@" | grep -c delete-data)" -gt 0 ]; then
-    echo "# found 'delete-data' parameter --> also deleting the app-data"
-    sudo rm -r /mnt/hdd/app-data/${APPID}
-  fi
-
-  echo "# OK - app should be uninstalled now"
-  # needed for API/WebUI as signal that install ran thru
-  echo "result='OK'"
-  exit 0
-fi
-
-########################################
-# UNINSTALL (remove from system)
-########################################
-
-if [ "$1" = "uninstall" ]; then
-
-  isActive=$(sudo ls /etc/systemd/system/${APPID}.service 2>/dev/null | grep -c '${APPID}.service')
-  if [ "${isActive}" != "0" ]; then
-    echo "# cannot uninstall if still 'on'"
-    exit 1
-  fi
-
-  # remove libraries again
-  sudo rm /etc/ld.so.conf.d/albyhub.conf
-  sudo ldconfig
-
-  # nuke user
-  sudo userdel -rf ${APPID} 2>/dev/null
-
-  echo "# uninstall ${APPID} done"
-
-  exit 0
-fi
-
-# just a basic error message when unknown action parameter was given
-echo "# FAIL - Unknown Parameter $1"
-exit 1

home.admin/config.scripts/bonus.btcpayserver.sh

@@ -812,6 +812,9 @@ if [ "$1" = "0" ] || [ "$1" = "off" ]; then
   fi
   echo "# OK BTCPayServer deactivated."
 
+  echo "# delete the btcpay user home directory"
+  sudo userdel -rf btcpay 2>/dev/null
+
   # needed for API/WebUI as signal that install ran thru
   echo "result='OK'"
 

home.admin/config.scripts/bonus.lnbits.sh

@@ -226,14 +226,6 @@ Consider adding a IP2TOR Bridge under OPTIONS."
     OPTIONS+=(MIGRATE-DB "Migrate SQLite to PostgreSQL database")
   fi
 
-  # Admin UI
-  activatedAdminUI=$(sudo grep -c "LNBITS_ADMIN_UI=true" $lnbitsConfig)
-  if [ ${activatedAdminUI} -eq 0 ]; then
-    OPTIONS+=(ADMINUI "Activate 'Admin UI'")
-  else
-    OPTIONS+=(ADMINUI "Deactivate 'Admin UI'")
-  fi
-
   WIDTH=66
   CHOICE_HEIGHT=$(("${#OPTIONS[@]}/2+1"))
   HEIGHT=$((CHOICE_HEIGHT + 7))
@@ -294,24 +286,6 @@ Consider adding a IP2TOR Bridge under OPTIONS."
     read key
     exit 0
     ;;
-  ADMINUI)
-    clear
-    echo
-    if [ ${activatedAdminUI} -eq 0 ]; then
-      echo "Activate Admin UI"
-      sudo sed -i "/^LNBITS_ADMIN_UI=/d" $lnbitsConfig
-      sudo bash -c "echo 'LNBITS_ADMIN_UI=true' >> ${lnbitsConfig}"
-    else
-      echo "Deactivate Admin UI"
-      sudo sed -i "/^LNBITS_ADMIN_UI=/d" $lnbitsConfig
-      sudo bash -c "echo 'LNBITS_ADMIN_UI=false' >> ${lnbitsConfig}"
-    fi
-    echo "Restarting LNbits ..."
-    sudo systemctl restart lnbits
-    echo "PRESS ENTER to continue"
-    read key
-    exit 0
-    ;;
   RESTORE)
     clear
     # check if backup exist
@@ -806,17 +780,16 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
   echo "# preparing env file"
   # delete old .env file or old symbolic link
   sudo rm /home/lnbits/lnbits/.env 2>/dev/null
-    
   # make sure .env file exists at data drive
-  if [ ! -f $lnbitsConfig ]; then
-    sudo -u lnbits touch $lnbitsConfig
-    sudo bash -c "echo 'LNBITS_ADMIN_UI=true' >> ${lnbitsConfig}"
-  fi
+  sudo -u lnbits touch $lnbitsConfig
   sudo chown lnbits:lnbits $lnbitsConfig
-
   # crete symbolic link
   sudo -u lnbits ln -s $lnbitsConfig /home/lnbits/lnbits/.env
 
+  # activate admin user
+  sudo sed -i "/^LNBITS_ADMIN_UI=/d" $lnbitsConfig
+  sudo bash -c "echo 'LNBITS_ADMIN_UI=true' >> ${lnbitsConfig}"
+
   if [ ! -e /mnt/hdd/app-data/LNBits/database.sqlite3 ]; then
     echo "# install database: PostgreSQL"
 

home.admin/config.scripts/bonus.postgresql.sh

@@ -62,7 +62,7 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
     sudo chown -R postgres:postgres $postgres_datadir
 
     echo "# Create cluster"
-    sudo pg_createcluster --locale en_US.UTF-8 $PG_VERSION main
+    sudo pg_createcluster $PG_VERSION main
     sudo pg_ctlcluster $PG_VERSION main start
 
   elif [ -d /mnt/hdd/app-data/postgresql/$PG_VERSION/main ]; then
@@ -79,12 +79,12 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
       echo "# Create $PG_VERSION config"
       sudo mkdir -p $postgres_datadir/$PG_VERSION/main
       sudo chown -R postgres:postgres $postgres_datadir
-      sudo pg_createcluster --locale en_US.UTF-8 $PG_VERSION main
+      sudo pg_createcluster $PG_VERSION main
       sudo pg_ctlcluster $PG_VERSION main start
       echo "Setting default password for postgres user"
       # start cluster temporarily
       sudo systemctl start postgresql
-      sudo pg_createcluster --locale en_US.UTF-8 $PG_VERSION main
+      sudo pg_createcluster $PG_VERSION main
       sudo pg_ctlcluster $PG_VERSION main start
       echo "Setting default password for postgres user"
       sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD 'postgres';"
@@ -108,7 +108,7 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
     sudo chown -R postgres:postgres $postgres_datadir
     sudo systemctl start postgresql
     sudo systemctl start postgresql@13-main
-    sudo pg_createcluster --locale en_US.UTF-8 $PG_VERSION main
+    sudo pg_createcluster $PG_VERSION main
     sudo pg_ctlcluster $PG_VERSION main start
 
   elif [ -d /mnt/hdd/app-data/postgresql/13/main ]; then
@@ -130,7 +130,7 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
       sudo chown -R postgres:postgres $postgres_datadir
       # start cluster temporarily
       sudo systemctl start postgresql
-      sudo pg_createcluster --locale en_US.UTF-8 13 main
+      sudo pg_createcluster 13 main
       sudo pg_ctlcluster 13 main start
       echo "# Setting default password for postgres user"
       sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD 'postgres';"
@@ -154,7 +154,7 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
     sudo chown -R postgres:postgres $postgres_datadir
     sudo systemctl start postgresql
     sudo systemctl start postgresql@13-main
-    sudo pg_createcluster --locale en_US.UTF-8 13 main
+    sudo pg_createcluster 13 main
     sudo pg_ctlcluster 13 main start
 
     if [ -d /mnt/hdd/app-data/postgresql/$PG_VERSION ] || pg_lsclusters | grep -q "$PG_VERSION  main"; then
@@ -185,24 +185,6 @@ if [ "$command" = "1" ] || [ "$command" = "on" ]; then
     fi
   fi
 
-  # Setting PostgreSQL locale settings
-  LOCALE_SETTINGS=(
-    "lc_messages = 'en_US.UTF-8'"
-    "lc_monetary = 'en_US.UTF-8'"
-    "lc_numeric = 'en_US.UTF-8'"
-    "lc_time = 'en_US.UTF-8'"
-  )
-  for setting in "${LOCALE_SETTINGS[@]}"; do
-    key=$(echo "$setting" | cut -d= -f1 | tr -d ' ')
-    if ! sudo grep -q "^${key}" /etc/postgresql/$PG_VERSION/main/postgresql.conf; then
-      echo "# Adding $setting"
-      echo "$setting" | sudo tee -a /etc/postgresql/$PG_VERSION/main/postgresql.conf
-    else
-      echo "# Updating $setting"
-      sudo sed -i "s|^${key}.*|${setting}|" /etc/postgresql/$PG_VERSION/main/postgresql.conf
-    fi
-  done
-  
   # start cluster
   sudo systemctl enable postgresql
   sudo systemctl start postgresql

home.admin/config.scripts/cl.install.sh

@@ -2,7 +2,7 @@
 # https://lightning.readthedocs.io/
 
 # https://github.com/ElementsProject/lightning/releases
-CLVERSION="v24.11"
+CLVERSION="v24.08.1"
 
 # https://github.com/ElementsProject/lightning/tree/master/contrib/keys
 # rustyrussell D9200E6CD1ADB8F1
@@ -11,9 +11,9 @@ CLVERSION="v24.11"
 # pneuroth (nepet) C3F21EE387FF4CD2
 # sfarooqui (ShahanaFarooqui) B56B4453DA8C6DF7FC9BCFCBDCA40B7128DA62A8
 # amyers (endothermicdev) F3BF63F2747436AB
-PGPsigner="rustyrussell"
+PGPsigner="sfarooqui"
 PGPpubkeyLink="https://raw.githubusercontent.com/ElementsProject/lightning/master/contrib/keys/${PGPsigner}.txt"
-PGPpubkeyFingerprint="D9200E6CD1ADB8F1"
+PGPpubkeyFingerprint="B56B4453DA8C6DF7FC9BCFCBDCA40B7128DA62A8"
 
 # help
 if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then

home.admin/config.scripts/cl.monitor.sh

@@ -185,8 +185,8 @@ if [ "$2" = "info" ]; then
   cl_address="${pubkey}@${address}:${port}"
   cl_tor=$(echo "${cl_address}" | grep -c ".onion")
   cl_channels_pending=$(echo "${ln_getInfo}" | jq -r '.num_pending_channels')
-  cl_channels_active=$(echo "${ln_getInfo}" | jq -r '.num_active_channels')
-  cl_channels_inactive=$(echo "${ln_getInfo}" | jq -r '.num_inactive_channels')
+  cl_channels_active=$(echo "${ln_listpeers}" | jq -r '[.peers[] | select(.connected == true)] | length')
+  cl_channels_inactive=$(echo "${ln_listpeers}" | jq -r '[.peers[] | select(.connected == false)] | length')
   cl_channels_total=$((cl_channels_active + cl_channels_inactive))
   cl_peers=$(echo "${ln_getInfo}" | jq -r '.num_peers')
   cl_fees_collected_msat=$(echo "${ln_getInfo}" | jq -r '.fees_collected_msat')

home.admin/config.scripts/lnd.install.sh

@@ -4,17 +4,17 @@
 ## based on https://raspibolt.github.io/raspibolt/raspibolt_40_lnd.html#lightning-lnd
 ## see LND releases: https://github.com/lightningnetwork/lnd/releases
 ### If you change here - make sure to also change interims version in lnd.update.sh #!
-lndVersion="0.18.3-beta"
+lndVersion="0.17.5-beta"
 
 # olaoluwa
-PGPauthor="roasbeef"
-PGPpkeys="https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc"
-PGPcheck="A5B61896952D9FDA83BC054CDC42612E89237182"
+# PGPauthor="roasbeef"
+# PGPpkeys="https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc"
+# PGPcheck="A5B61896952D9FDA83BC054CDC42612E89237182"
 
 # guggero
-# PGPauthor="guggero"
-# PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
-# PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
+PGPauthor="guggero"
+PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
+PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
 
 # bitconner
 #PGPauthor="bitconner"

toc.sh

@@ -0,0 +1,70 @@
+#!/usr/bin/env sh
+
+## Updated version maintained on https://github.com/nyxnor/scripts/blob/master/toc.sh
+
+## Produces Table of Contents (ToC) for simple markdown files
+## Requirement: header is set by hashtag '#'
+## $1 = FILE.md
+
+red="\033[31m"
+nocolor="\033[0m"
+
+error_msg(){ printf %s"${red}ERROR: ${1}\n${nocolor}" >&2; exit 1; }
+
+test -f "${1}" || error_msg "file '${1}' doesn't exist"
+
+trap 'rm -f toc.tmp' EXIT INT
+
+line_count=0
+while IFS="$(printf '\n')" read -r line; do
+  line_count=$((line_count+1))
+  ## extract code blocks
+  code="${code:-0}"
+  [ "${code}" -eq 0 ] && printf '%s\n' "${line_count}:${line}" | grep "^${line_count}:.*# "
+  case "${line}" in
+    *\`\`\`*)
+      case "${code}" in
+        1) code=0;;
+        0|*) code=1;;
+      esac
+    ;;
+  esac
+done < "${1}" > toc.tmp
+
+
+while IFS="$(printf '\n')" read -r line; do
+  ## get line number
+  line_number="$(printf '%s\n' "${line}" | cut -d ":" -f1)"
+  ## remove hashtag from line to be compared later if it is repeated
+  line_clean="$(printf '%s\n' "${line}" | sed "s/.*\# //")"
+  ## save header to cache to check later if it was already printed
+  # shellcheck disable=SC2030
+  line_cache="$(printf '%s\n%s\n' "${line_cache}" "${line}")"
+  ## check if header was already printed before and if positive, save all repeated headers
+  ## if positive, insert link index
+  line_repeated="$(printf '%s\n' "${line_cache}" | grep -c -- ".*# ${line_clean}$")"
+  line_repeated_index=""
+  ## first line does not have '-n', just the first repeated line (second occurence), starting with '-1'. So we consider the occurrence-1.
+  [ "${line_repeated}" -ge 2 ] && line_repeated_index="-$((line_repeated-1))"
+  ## if it is the second time line has repeated, save first and second occurrence
+  if [ "${line_repeated}" -eq 2 ]; then
+    line_first_occurrence="$(printf '%s\n' "${line_cache}" | grep -- ".*# ${line_clean}$" | head -n 1)"
+    line_repeated_cache="$(printf '%s\n%s\n' "${line_first_occurrence}" "${line}")"
+  ## if it is the third or greater time line has repeated, save lines from before (1st and 2nd occurrence) plus add current lines
+  elif [ "${line_repeated}" -gt 2 ]; then
+    line_repeated_cache="$(printf '%s\n%s\n' "${line_repeated_cache}" "${line}")"
+  fi
+  ## clean header that have link reference
+  line_md="$(printf '%s\n' "${line}" | sed "s/${line_number}://;s|](.*||;s|\[||;s/\]//g")"
+  ## set header indentation
+  line_md="$(printf '%s\n' "${line_md}" | sed "s|######|            -|;s|#####|         -|;s|####|      -|;s|###|    -|;s|##|  -|;s|#|-|")"
+  ## set link content
+  line_content="$(printf '%s\n' "${line_md}" | sed "s/.*- /#/;s| |-|g;s|'||g;s|]||g;s/|/-/g" | tr "[:upper:]" "[:lower:]" | tr -cd "[:alnum:]-_" | tr -d ".")"
+  ## set link reference
+  line_md="$(printf '%s\n' "${line_md}" | sed "s|- |- [|;s|$|](#${line_content}${line_repeated_index})|")"
+  ## print header
+  printf '%s\n' "${line_md}"
+done < toc.tmp
+
+[ -n "${line_repeated_cache}" ] &&
+  printf %s"\n\nWARN: Some headers are repeated, the hiperlinks are correctly indexed. If you think this is an error, review these lines:headers:\n${line_repeated_cache}\n"