Merge pull request #29 from getumbrel/partition-framework-placeholder

As this is working. Merging into master

README.md

@@ -27,7 +27,7 @@ Umbrel OS currently supports Raspberry Pi 3 and 4. If you'd like to run it on an
 
 > If you're running Umbrel OS on Bitcoin mainnet (default), the external SSD or HDD should be at least 500 GB in size (we recommend 1 TB+) so it can store the whole Bitcoin blockchain. If you do not have access to a large drive, Umbrel OS will still work by automatically enabling [pruning](https://bitcoin.org/en/full-node#reduce-storage), although you will lose access to some features.
 
-## 💻 SSH 
+## 💻 SSH
 
 SSH is enabled by default and you can use the following credentials to login to your Umbrel node.
 
@@ -70,9 +70,13 @@ Other Raspbian-related stuff can be found in [Raspbian's documentation](https://
 
 For building an API (or scripting), look in `/home/umbrel/statuses` for the following files
 
-- `disk-partitioned`: meaning the disk is partitioned
+- `disk-partitioned`: meaning the disk is partitioned.
 - `service-configured`: meaning the umbrel system bootup service is configured and running.
 
+The above variables control whether or not the umbrelbox startup script is run (for SD Card safety).
+
+If you want to overricde the checks, please delete ```service-configured``` file and add a ```disk-partitioned```, and then reinstall/configure [Umbrel Compose](https://github.com/getumbrel/umbrel-compose). Then run ```/etc/rc.local``` as root again (or restart your box)
+
 ---
 
 ### ⚡️ Don't be too reckless

stage2/01-sys-tweaks/files/rc.local

@@ -21,14 +21,21 @@ fi
 if [ ! -d /home/umbrel/statuses ]; then
     mkdir -p /home/umbrel/statuses
     # Ensure its writable by all
-    chown umbrel.umbrel /home/umbrel/statuses
+    chown -R umbrel.umbrel /home/umbrel/statuses
     chmod 777 /home/umbrel/statuses
 fi
 
 # Check for disk partition status
 if [ ! -f /home/umbrel/statuses/disk-partitioned ]; then
-    echo "Placeholder for disk partitioning tool"
-    # Do partitioning at first boot
+    if [ -f /home/umbrel/contrib/partitioner/partitioner.py ]; then
+      echo "Run partition tool or quit out if unavailable"
+      /home/umbrel/contrib/partitioner/partitioner.py || exit 1
+
+      touch /home/umbrel/statuses/disk-partitioned
+      chown -R umbrel.umbrel /home/umbrel/statuses/disk-partitioned
+    else
+      echo "Could not find partition tool - some steps might be skipped"
+    fi
 fi
 
 if [ ! -f /home/umbrel/statuses/service-configured ]; then
@@ -41,20 +48,36 @@ if [ ! -f /home/umbrel/statuses/service-configured ]; then
         cat /home/umbrel/secrets/rpcauth.txt >> /home/umbrel/bitcoin/bitcoin.conf
         # Update RPC Passwords for both LND and INVOICER
         RPCPASS=`cat /home/umbrel/secrets/rpcpass.txt`
-        sed -i "s/RPCPASS/${RPCPASS}/g;" /home/umbrel/invoicer/invoicer.conf
+        sed -i "s/RPCPASS/${RPCPASS}/g;" /home/umbrel/docker-compose.yml
         sed -i "s/RPCPASS/${RPCPASS}/g;" /home/umbrel/lnd/lnd.conf
-        
+
+        # Making this as done so we don't go through updates again
+        touch /home/umbrel/statuses/service-configured
+        chown -R umbrel.umbrel /home/umbrel/statuses/service-configured
+    fi
+
+    # Next stage, check if service-configured
+    echo "Service configured.. Checking for partitioned state"
+    if [ -f /home/umbrel/statuses/disk-partitioned ]; then
+      if [ ! -f /etc/rc2.d/S01umbrelbox ]; then
+        echo "Set  up symlinks"
+        ln -s /etc/init.d/umbrelbox /etc/rc2.d/S01umbrelbox
+        ln -s /etc/init.d/umbrelbox /etc/rc3.d/S01umbrelbox
+        ln -s /etc/init.d/umbrelbox /etc/rc4.d/S01umbrelbox
+        ln -s /etc/init.d/umbrelbox /etc/rc5.d/S01umbrelbox
+        ln -s /etc/init.d/umbrelbox /etc/rc0.d/K01umbrelbox
+        ln -s /etc/init.d/umbrelbox /etc/rc1.d/K01umbrelbox
+        ln -s /etc/init.d/umbrelbox /etc/rc6.d/K01umbrelbox
+        # Do partitioning at first boot
         echo "Enabling defaults for umbrelbox"
         update-rc.d umbrelbox defaults || exit 1
         echo "Enabling startup for umbrel box"
         update-rc.d umbrelbox enable || exit 1
         echo "starting up umbrelbox get it started now)"
         /etc/init.d/umbrelbox start
-    
-        # TODO: maybe configure wallet when startup is complete? (or put it inside docker-compose)
-
-        # Making this as done so we don't go through updates again 
-        touch /home/umbrel/statuses/service-configured
+      fi
+    else
+        echo "Disk not partitioned, will not start umbrel-compose framework (Please do it manually)"
     fi
 fi
 

stage2/04-docker-compose/00-packages

@@ -1 +0,0 @@
-docker.io

stage2/04-docker-compose/files/umbrel-createwallet.py

@@ -1,135 +0,0 @@
-#!/usr/bin/env python3
-
-'''
-Copyright © 2018-2019 LNCM Contributors
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
-Documented logic
-
-1. Check if theres already a wallet. If there is, then exit.
-2. Check for sesame.txt
-3. If doesn't exist then check for whether we should save the password (save_password_control_file exists) or not
-4. If sesame.txt exists import password in.
-5. If sesame.txt doesn't exist ans we don't save the password,create a password and save it in temporary path as defined in temp_password_file_path
-6. Now start the wallet creation. Look for a seed defined in seed_filename , if not existing then generate a wallet based on the seed by LND.
-
-'''
-import base64, codecs, json, requests, os
-import random, string
-
-# Generate seed
-url = 'https://localhost:8080/v1/genseed'
-# Initialize wallet
-url2 = 'https://localhost:8080/v1/initwallet'
-cert_path = '/home/umbrel/lnd/tls.cert'
-seed_filename  = '/home/umbrel/secrets/seed.txt' 
-
-# save password control file (Add this file if we want to save passwords)
-save_password_control_file = '/home/umbrel/.save_password'
-# Create password for writing
-temp_password_file_path = '/tmp/.password.txt'
-
-''' 
-  Functions have 2 spaces
-'''
-def randompass(stringLength=10):
-  letters = string.ascii_letters
-  return ''.join(random.choice(letters) for i in range(stringLength))
-
-def main():
-  if not os.path.exists(save_password_control_file):
-    # Generate password but dont save it in usual spot
-    password_str=randompass(stringLength=15)
-    temp_password_file = open(temp_password_file_path, "w")
-  # Check if there is an existing file, if not generate a random password
-  if not os.path.exists("/home/umbrel/secrets/lnd-password.txt"):
-    # sesame file doesnt exist
-    password_str=randompass(stringLength=15)
-    if not os.path.exists(save_password_control_file):
-      # Use tempory file if there is a password control file there
-      temp_password_file = open(temp_password_file_path, "w")
-      temp_password_file.write(password_str)
-      temp_password_file.close()
-    else:
-      # Use sesame.txt if password_control_file exists
-      password_file = open("/home/umbrel/secrets/lnd-password.txt","w")
-      password_file.write(password_str)
-      password_file.close()
-  else:
-    # Get password from file if sesame file already exists
-    password_str = open('/home/umbrel/secrets/lnd-password.txt', 'r').read().rstrip()
-
-  # Convert password to byte encoded
-  password_bytes = str(password_str).encode('utf-8')
-  # Step 1 get seed from web or file
-
-  # Send request to generate seed if seed file doesnt exist
-  if not os.path.exists(seed_filename):
-    r = requests.get(url, verify=cert_path)
-    if r.status_code == 200:
-      json_seed_creation = r.json()
-      json_seed_mnemonic = json_seed_creation['cipher_seed_mnemonic']
-      json_enciphered_seed = json_seed_creation['enciphered_seed']
-      seed_file = open(seed_filename, "w")
-      for word in json_seed_mnemonic:
-        seed_file.write(word + "\n")
-      seed_file.close()
-      data = { 'cipher_seed_mnemonic': json_seed_mnemonic, 'wallet_password': base64.b64encode(password_bytes).decode()}
-    # Data doesnt get set if cant create the seed but that is fine, handle it later
-  else:
-    # Seed exists
-    seed_file = open(seed_filename, "r")
-    seed_file_words = seed_file.readlines()
-    import_file_array = []
-    for importword in seed_file_words:
-      import_file_array.append(importword.replace("\n", ""))
-    # Generate init wallet file from what was posted
-    data = { 'cipher_seed_mnemonic': import_file_array, 'wallet_password': base64.b64encode(password_bytes).decode()}
-  
-  # Step 2: Create wallet
-  try:
-    data
-  except NameError:
-    print("data isn't defined")
-    pass
-  else:
-    # Data is defined so proceed
-    r2 = requests.post(url2, verify=cert_path, data=json.dumps(data))
-    if r2.status_code == 200:
-      # If create wallet was successful
-      print("Create wallet is successful")
-    else:
-      print("Create wallet is not successful")
-
-
-'''
-Main entrypoint function
-
-Testing creation notes:
-rm /home/lncm/seed.txt
-rm /media/important/important/lnd/sesame.txt
-
-docker stop compose_lndbox_1 ; rm -fr /media/important/important/lnd/data/chain/ ; docker start compose_lndbox_1
-'''
-
-if __name__ == '__main__':
-  if os.path.exists("/home/umbrel/lnd"):
-    if not os.path.exists("/home/umbrel/lnd/data/chain/bitcoin/mainnet/wallet.db"):
-      main()
-    else:
-      print('Wallet already exists! Please delete .lnd/data/chain and then restart LND')
-  else:
-    print('LND directory does not exist!')
-
-

stage2/04-docker-compose/files/umbrel-unlock.py

@@ -1,28 +0,0 @@
-#!/usr/bin/env python3
-
-import base64, codecs, json, requests
-url = 'https://localhost:8080/v1/unlockwallet'
-cert_path = '/home/umbrel/lnd/tls.cert'
-password_str = open('/home/umbrel/secrets/lnd-password.txt', 'r').read().rstrip()
-password_bytes = str(password_str).encode('utf-8')
-data = {
-        'wallet_password': base64.b64encode(password_bytes).decode(),
-    }
-
-
-def main():
-  try:
-    r = requests.post(url, verify=cert_path, data=json.dumps(data))
-  except:
-    # Silence connection errors when lnd is not running
-    pass
-  else:
-    try:
-        print(r.json())
-    except:
-        # JSON will fail to decode when unlocked already since response is empty
-        pass
-
-
-if __name__ == '__main__':
-    main()

stage2/04-install-docker/00-run.sh

@@ -0,0 +1,13 @@
+#!/bin/bash -e
+echo "Installing Docker"
+on_chroot << EOF
+export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
+curl -fsSL https://get.docker.com | sh
+EOF
+
+echo "Adding user to the 'docker' group"
+echo "Also fixing permissions on folders"
+on_chroot << EOF
+usermod -a -G docker $FIRST_USER_NAME
+chown -R $FIRST_USER_NAME:$FIRST_USER_NAME /home/$FIRST_USER_NAME
+EOF

stage2/05-docker-compose/00-packages

@@ -0,0 +1 @@
+git

stage2/04-docker-compose/01-run.sh → stage2/05-docker-compose/01-run.sh

@@ -1,5 +1,6 @@
-# Install docker via pip3 (within chroot)
+#!/bin/bash -e
 
+# Install docker via pip3 (within chroot)
 echo "Installing docker-compose from pip3, and also setting up the box folder structure"
 
 on_chroot << EOF
@@ -12,10 +13,6 @@ EOF
 # Maybe generate docker-compose file so we can use it
 chmod 755 files/compose-service
 
-# These can be probabably removed
-cp files/umbrel-createwallet.py ${ROOTFS_DIR}/home/${FIRST_USER_NAME}/umbrel-createwallet.py
-cp files/umbrel-unlock.py ${ROOTFS_DIR}/home/${FIRST_USER_NAME}/umbrel-unlock.py
-
 # Docker compose service
 on_chroot << EOF
 mkdir -p /etc/init.d
@@ -31,22 +28,5 @@ EOF
 echo "Copying the compose service to rootfs (etc/init.d)"
 cp files/compose-service ${ROOTFS_DIR}/etc/init.d/umbrelbox
 
-on_chroot << EOF
-cd /etc/rc2.d
-ln -s /etc/init.d/umbrelbox S01umbrelbox
-cd /etc/rc3.d
-ln -s /etc/init.d/umbrelbox S01umbrelbox
-cd /etc/rc4.d
-ln -s /etc/init.d/umbrelbox S01umbrelbox
-cd /etc/rc5.d
-ln -s /etc/init.d/umbrelbox S01umbrelbox
-cd /etc/rc0.d
-ln -s /etc/init.d/umbrelbox K01umbrelbox
-cd /etc/rc1.d
-ln -s /etc/init.d/umbrelbox K01umbrelbox
-cd /etc/rc6.d
-ln -s /etc/init.d/umbrelbox K01umbrelbox
-EOF
 
 echo "Docker stuff installed!"
-

stage2/06-fix-docker-perms/01-run.sh

@@ -1,7 +0,0 @@
-echo "Adding lncm to DOCKER group"
-echo "Also fixing permissions on folders"
-on_chroot << EOF
-usermod -a -G docker $FIRST_USER_NAME
-chown -R $FIRST_USER_NAME:$FIRST_USER_NAME /home/$FIRST_USER_NAME
-EOF
-

stage2/07-configure-LND/01-run.sh

@@ -1,6 +0,0 @@
-chmod 644 files/lnd.conf
-echo "Copying lnd.conf to overwrite the existing LND.conf"
-cp files/lnd.conf   ${ROOTFS_DIR}/home/${FIRST_USER_NAME}/lnd/lnd.conf
-on_chroot << EOF
-chown -R ${FIRST_USER_NAME}:${FIRST_USER_NAME} /home/${FIRST_USER_NAME}
-EOF

stage2/07-configure-LND/files/lnd.conf

@@ -1,38 +0,0 @@
-[Application Options]
-
-listen=0.0.0.0:9735
-rpclisten=0.0.0.0:10009
-restlisten=0.0.0.0:8080
-maxpendingchannels=3
-minchansize=1337
-alias=Umbrel Node
-color=#5351FB
-
-; Makes routing faster but have to use images built with experimental tag
-[Routing]
-routing.assumechanvalid=1
-
-[Bitcoin]
-; If the Bitcoin chain should be active. Atm, only a single chain can be
-; active.
-bitcoin.active=1
-bitcoin.mainnet=1
-; Use neutrino for now, but maybe it could be permanent and then switch
-; to a full node once its working?
-bitcoin.node=neutrino
-bitcoin.defaultchanconfs=2
-
-; Add neutrino peers
-; TODO: umbrel to set up a neutrino peer to support umbrel nodes
-[neutrino]
-neutrino.addpeer=bb2.breez.technology
-neutrino.addpeer=mainnet1-btcd.zaphq.io
-neutrino.addpeer=mainnet2-btcd.zaphq.io
-
-[tor]
-tor.active=1
-tor.control=9051
-tor.socks=9050
-tor.v3=1
-tor.dns=soa.nodes.lightning.directory:53
-

stage2/09-configure-tor/files/torrc → stage2/08-configure-tor/files/torrc

@@ -7,8 +7,9 @@ Log debug file /var/log/tor/debug.log
 
 DataDirectory /var/lib/tor
 ControlPort 9051
-# Use password Later when lnd supports it
-#HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
+# Default password for umbrel tor
+HashedControlPassword 16:50A873DF18C00F4A6048BF1CEF7E7AA66478F0B5134DA4369D80657F26
+# Backwards compatibility
 CookieAuthentication 1
 
 # Allow this for now
@@ -18,5 +19,3 @@ HiddenServicePort 22 127.0.0.1:22
 
 HiddenServiceDir /var/lib/tor/web
 HiddenServicePort 80 127.0.0.1:80
-
-