diff --git a/.gitignore b/.gitignore index 7ae5e95..88895ce 100644 --- a/.gitignore +++ b/.gitignore @@ -7,10 +7,24 @@ .ssh .viminfo -# Files created by containers that we shouldn't accidently commit +# Files and data directories created by services +# that we shouldn't accidently commit + *.dat *.log *.lock *.cookie *.pid +*.env +bitcoin/* +lnd/* +tor/* +db/* + +# Commit these empty directories + +!lnd/.gitkeep +!tor/data/.gitkeep +!tor/run/.gitkeep +!db/.gitkeep diff --git a/README.md b/README.md index 1aedf42..c63a205 100644 --- a/README.md +++ b/README.md @@ -72,9 +72,9 @@ If you're looking to run Umbrel on: Ensure that your account is [correctly permissioned to use docker](https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user). -### Step 1. Run this from your home directory (if installing on dedicated hardware) +### Step 1. Download -> It will clone this repo while preserving home directory's existing structure. +> Run this in an empty directory where you want to install Umbrel ```bash curl -L https://github.com/getumbrel/umbrel/archive/v0.1.6-beta.3.tar.gz | tar -xz --strip-components=1 @@ -83,17 +83,17 @@ curl -L https://github.com/getumbrel/umbrel/archive/v0.1.6-beta.3.tar.gz | tar - ### Step 2. Configure ```bash -# To configure Umbrel for mainnet, run: +# To use Umbrel on mainnet, run: ./scripts/configure # For testnet, run: -TESTNET=1 ./scripts/configure +NETWORK=testnet ./scripts/configure # For regtest, run: -REGTEST=1 ./scripts/configure +NETWORK=regtest ./scripts/configure ``` -### Step 3. Run Umbrel +### Step 3. Run ```bash sudo ./scripts/start diff --git a/secrets/.gitkeep b/bitcoin/.gitkeep similarity index 100% rename from secrets/.gitkeep rename to bitcoin/.gitkeep diff --git a/contrib/partitioner/partitioner.py b/contrib/partitioner/partitioner.py index 36d6982..9b6c951 100755 --- a/contrib/partitioner/partitioner.py +++ b/contrib/partitioner/partitioner.py @@ -175,10 +175,9 @@ def main(): os.system('/bin/sed -i "s/#txindex=1/txindex=1/g;" ' + str(homedirpath) + '/bitcoin/bitcoin.conf') ''' - Setup secrets, db, bitcoin, nginx, and lnd directory.. as a new install + Setup db, bitcoin, nginx, and lnd directory.. as a new install ''' - print('Setup secrets, db, bitcoin, nginx, tor and lnd directory.. as a new install') - os.system('/bin/cp -fr ' + homedirpath + '/secrets /mnt/data') + print('Setup db, bitcoin, nginx, tor and lnd directory.. as a new install') os.system('/bin/cp -fr ' + homedirpath + '/db /mnt/data') os.system('/bin/cp -fr ' + homedirpath + '/bitcoin /mnt/data') os.system('/bin/cp -fr ' + homedirpath + '/lnd /mnt/data') @@ -202,20 +201,15 @@ def main(): ''' Check other folders in partition3 - - secrets - db - lnd - nginx - tor ''' - # Secrets folder - if not os.path.exists('/mnt/data/secrets'): - print('secrets folder does\'nt exist!') - os.system('/bin/cp -fr ' + homedirpath + '/secrets /mnt/data') # tor folder if not os.path.exists('/mnt/data/tor'): - print('secrets folder does\'nt exist!') + print('tor folder does\'nt exist!') os.system('/bin/cp -fr ' + homedirpath + '/tor /mnt/data') # db folder @@ -267,7 +261,6 @@ def main(): os.system('/bin/mount -a'); print('Remove old folders (after copying)') - os.system('/bin/rm -fr ' + homedirpath + '/secrets') os.system('/bin/rm -fr ' + homedirpath + '/db') os.system('/bin/rm -fr ' + homedirpath + '/bitcoin') os.system('/bin/rm -fr ' + homedirpath + '/lnd') @@ -275,7 +268,6 @@ def main(): os.system('/bin/rm -fr ' + homedirpath + '/nginx') os.system('/bin/rm -fr ' + homedirpath + '/docker-compose.yml') print('Set up symlinks') - os.system('/bin/ln -s /mnt/data/secrets ' + homedirpath + '/secrets') os.system('/bin/ln -s /mnt/data/db ' + homedirpath + '/db') os.system('/bin/ln -s /mnt/data/bitcoin ' + homedirpath + '/bitcoin') os.system('/bin/ln -s /mnt/data/lnd ' + homedirpath + '/lnd') diff --git a/docker-compose.yml b/docker-compose.yml index 426c864..bbcaf05 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -102,7 +102,7 @@ services: JWT_PRIVATE_KEY_FILE: "/jwt-private-key/jwt.key" JWT_EXPIRATION: "3600" DOCKER_COMPOSE_DIRECTORY: $PWD - DEVICE_HOST: $DEVICE_HOST + DEVICE_HOST: ${DEVICE_HOST:-http://umbrel.local} MIDDLEWARE_API_URL: "http://10.11.2.2" UMBREL_DASHBOARD_HIDDEN_SERVICE_FILE: "/var/lib/tor/web/hostname" SHUTDOWN_SIGNAL_FILE: "/signals/shutdown" @@ -129,13 +129,13 @@ services: environment: PORT: "3005" BITCOIN_HOST: "10.11.1.1" - RPC_PORT: "RPCPORT" - RPC_USER: "lncm" - RPC_PASSWORD: "RPCPASS" - LND_NETWORK: "mainnet" + RPC_PORT: $BITCOIN_RPC_PORT + RPC_USER: $BITCOIN_RPC_USER + RPC_PASSWORD: $BITCOIN_RPC_PASS + LND_NETWORK: $BITCOIN_NETWORK LND_HOST: "10.11.1.2" JWT_PUBLIC_KEY_FILE: "/jwt-public-key/jwt.pem" - DEVICE_HOST: $DEVICE_HOST + DEVICE_HOST: ${DEVICE_HOST:-http://umbrel.local} networks: net: ipv4_address: 10.11.2.2 @@ -146,12 +146,12 @@ services: depends_on: [ bitcoin, lnd ] restart: unless-stopped volumes: - - "${PWD}/lnd:/lnd" - - "${PWD}/secrets:/secrets" - - "${PWD}/statuses:/statuses" - - "/var/run/docker.sock:/var/run/docker.sock" + - ${PWD}/lnd:/lnd + - ${PWD}/statuses:/statuses + - /var/run/docker.sock:/var/run/docker.sock environment: - JSONRPCURL: http://10.11.1.1:RPCPORT + JSONRPCURL: "http://10.11.1.1:${BITCOIN_RPC_PORT}" + RPCPASS: $BITCOIN_RPC_PASS LND_CONTAINER_NAME: lnd SLEEPTIME: 3600 networks: diff --git a/lnd/.gitkeep b/lnd/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/scripts/configure b/scripts/configure index 402d2f0..c9eb793 100755 --- a/scripts/configure +++ b/scripts/configure @@ -1,21 +1,9 @@ #!/usr/bin/env bash -set -e +set -euo pipefail -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR -# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, -# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR -# OTHER DEALINGS IN THE SOFTWARE. - -# Install the docker-compose box to the current working directory -# Pre-requisites: wget - -if [ ! $(uname -s) == "Linux" ]; then - echo "Sorry, only linux systems are supported at this time (you may work around this but you are on your own there)" - exit 1 -fi +########################################################## +################## Check dependencies #################### +########################################################## check_dependencies () { for cmd in "$@"; do @@ -26,98 +14,182 @@ check_dependencies () { done } -check_dependencies wget docker docker-compose +if [ ! "$(uname -s)" == "Linux" ]; then + echo "Sorry, Umbrel only supports Linux-based systems at this point." + echo + echo "You may work around this by modifying the configuration script yourself, but it's highly experimental." + echo "If you get it working, we hope you consider making a PR. :)" + exit 1 +fi -UMBREL_ROOT="$(dirname $(readlink -f "${BASH_SOURCE[0]}"))/.." +check_dependencies docker docker-compose dirname readlink +# Switch to Umbrel's root directory +UMBREL_ROOT="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")"/..)" if [[ ! -d "$UMBREL_ROOT" ]]; then echo "Root dir does not exist '$UMBREL_ROOT'" exit 1 fi - cd "$UMBREL_ROOT" -echo "Start box configuration" -echo "Installing RPCAuth.py and configuring secrets" -cd bin/ -wget -q "https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py" 2>/dev/null -chmod 755 rpcauth.py -./rpcauth.py lncm | tee ../secrets/generated.txt | head -2 | tail -1 > ../secrets/rpcauth.txt -tail -1 ../secrets/generated.txt > ../secrets/rpcpass.txt -rm rpcauth.py ../secrets/generated.txt -cd .. -echo "Installing RPCAuth into bitcoin.conf" -cat secrets/rpcauth.txt >> bitcoin/bitcoin.conf -RPCPASS=`cat secrets/rpcpass.txt` -echo "Configuring LND rpc info" -sed -i "s/RPCPASS/${RPCPASS}/g; " lnd/lnd.conf -echo "Configuring docker-compose file" -sed -i "s/RPCPASS/${RPCPASS}/g; " docker-compose.yml -# TESTNET set and REGTEST not -if [ ! -z $TESTNET ] && [ -z $REGTEST ]; then - echo "Enabling testnet mode if TESTNET variable is set" - # Update bitcoin.conf - sed -i 's/\#\[test\]/\[test\]/g;' bitcoin/bitcoin.conf - sed -i 's/\#testnet=1/testnet=1/g' bitcoin/bitcoin.conf - sed -i 's/rpcport=8332/rpcport=18332/g; ' bitcoin/bitcoin.conf - sed -i 's/port=8332/port=18333/g; ' bitcoin/bitcoin.conf - echo "Setting testnet port" - sed -i 's/RPCPORT/18332/g; ' docker-compose.yml - # Update docker-compose - sed -i 's/mainnet/testnet/g; ' docker-compose.yml - # lnd.conf - echo "Changing LND to testnet mode" - sed -i 's/bitcoin.mainnet=1/bitcoin.testnet=1/g; ' lnd/lnd.conf - echo "Updating LND neutrino peers" - sed -i 's/neutrino.addpeer=bb2.breez.technology/\;neutrino.addpeer=bb2.breez.technology/g; ' lnd/lnd.conf - sed -i 's/neutrino.addpeer=mainnet1-btcd.zaphq.io/\;neutrino.addpeer=mainnet1-btcd.zaphq.io/g; ' lnd/lnd.conf - sed -i 's/neutrino.addpeer=mainnet2-btcd.zaphq.io/\;neutrino.addpeer=mainnet2-btcd.zaphq.io/g;' lnd/lnd.conf - sed -i 's/\;neutrino.addpeer=testnet1-btcd.zaphq.io/neutrino.addpeer=testnet1-btcd.zaphq.io/g;' lnd/lnd.conf - sed -i 's/\;neutrino.addpeer=testnet2-btcd.zaphq.io/neutrino.addpeer=testnet2-btcd.zaphq.io/g; ' lnd/lnd.conf +# Configure for mainnet or testnet or regtest depending +# upon the user-supplied value of $NETWORK +BITCOIN_NETWORK="${NETWORK:-mainnet}" + +if [ "$BITCOIN_NETWORK" != "mainnet" ] && [ "$BITCOIN_NETWORK" != "testnet" ] && [ "$BITCOIN_NETWORK" != "regtest" ]; then + echo "Error: Umbrel can only be configured for mainnet (default), testnet or regtest" + exit 1 fi -# REGTEST set and TESTNET not -if [ -z $TESTNET ] && [ ! -z $REGTEST ]; then - echo "Enabling regtest mode if REGTEST variable is set" - sed -i 's/\#\[regtest\]/\[regtest\]/g;' bitcoin/bitcoin.conf - sed -i 's/\#regtest=1/regtest=1/g' bitcoin/bitcoin.conf - sed -i 's/rpcport=8332/rpcport=18443/g; ' bitcoin/bitcoin.conf - sed -i 's/port=8333/port=18444/; ' bitcoin/bitcoin.conf - sed -i 's/mainnet/regtest/g; ' docker-compose.yml - echo "Setting regtest port" - sed -i 's/RPCPORT/18443/g; ' docker-compose.yml - # Update LND - echo "Changing LND to regtest mode" - sed -i 's/bitcoin.mainnet=1/bitcoin.regtest=1/g; ' lnd/lnd.conf - echo "Updating LND if regtest is set" - sed -i 's/bitcoin.node=neutrino/bitcoin.node=bitcoind/g; ' lnd/lnd.conf + +echo +echo "Configuring Umbrel for $BITCOIN_NETWORK" +echo + + +########################################################## +############### Setup configuration files ############### +########################################################## + +# Store paths to intermediary config files +BITCOIN_CONF_FILE="./templates/bitcoin.conf" +LND_CONF_FILE="./templates/lnd.conf" +TOR_CONF_FILE="./templates/torrc" +ENV_FILE="./templates/.env" + +# Remove intermediary files if they exist from any +# previous unclean configuration run +[[ -f "$BITCOIN_CONF_FILE" ]] && rm -f "$BITCOIN_CONF_FILE" +[[ -f "$LND_CONF_FILE" ]] && rm -f "$LND_CONF_FILE" +[[ -f "$TOR_CONF_FILE" ]] && rm -f "$TOR_CONF_FILE" +[[ -f "$ENV_FILE" ]] && rm -f "$ENV_FILE" + +# Copy template configs to intermediary configs +[[ -f "./templates/bitcoin-sample.conf" ]] && cp "./templates/bitcoin-sample.conf" "$BITCOIN_CONF_FILE" +[[ -f "./templates/lnd-sample.conf" ]] && cp "./templates/lnd-sample.conf" "$LND_CONF_FILE" +[[ -f "./templates/torrc-sample" ]] && cp "./templates/torrc-sample" "$TOR_CONF_FILE" +[[ -f "./templates/.env-sample" ]] && cp "./templates/.env-sample" "$ENV_FILE" + + +########################################################## +############ Generate configuration variables ############ +########################################################## + +# Generate RPC credentials +echo "Generating auth credentials" +echo +BITCOIN_RPC_USER="umbrelrpc" +BITCOIN_RPC_DETAILS=$("./scripts/rpcauth.py" "$BITCOIN_RPC_USER") +BITCOIN_RPC_AUTH=$(echo "$BITCOIN_RPC_DETAILS" | head -2 | tail -1) +BITCOIN_RPC_PASS=$(echo "$BITCOIN_RPC_DETAILS" | tail -1) +BITCOIN_RPC_PORT=8332 +BITCOIN_P2P_PORT=8333 + +# Pull Tor image and generate Tor password +echo "Generating Tor password" +echo +docker pull --quiet getumbrel/tor:v0.4.1.9 +TOR_PASS=$("./scripts/rpcauth.py" "itdoesntmatter" | tail -1) +TOR_HASHED_PASS=$(docker run --rm getumbrel/tor:v0.4.1.9 --quiet --hash-password "$TOR_PASS") + + +########################################################## +### Update config files with configuration variables ##### +########################################################## + +if [ "$BITCOIN_NETWORK" == "testnet" ]; then + # Set testnet ports + BITCOIN_RPC_PORT=18332 + BITCOIN_P2P_PORT=18333 + # Uncomment "test" block + sed -i "s/\#\[test\]/\[test\]/g;" "$BITCOIN_CONF_FILE" + # Enable testnet + sed -i "s/\#testnet=1/testnet=1/g" "$BITCOIN_CONF_FILE" + # Switch LND to testnet + sed -i "s/bitcoin.mainnet=1/bitcoin.testnet=1/g;" "$LND_CONF_FILE" + # Comment mainnet neutrino peers + sed -i "s/neutrino.addpeer=bb2.breez.technology/\;neutrino.addpeer=bb2.breez.technology/g;" "$LND_CONF_FILE" + sed -i "s/neutrino.addpeer=mainnet1-btcd.zaphq.io/\;neutrino.addpeer=mainnet1-btcd.zaphq.io/g;" "$LND_CONF_FILE" + sed -i "s/neutrino.addpeer=mainnet2-btcd.zaphq.io/\;neutrino.addpeer=mainnet2-btcd.zaphq.io/g;" "$LND_CONF_FILE" + # Uncomment testnet neutrino peers + sed -i "s/\;neutrino.addpeer=testnet1-btcd.zaphq.io/neutrino.addpeer=testnet1-btcd.zaphq.io/g;" "$LND_CONF_FILE" + sed -i "s/\;neutrino.addpeer=testnet2-btcd.zaphq.io/neutrino.addpeer=testnet2-btcd.zaphq.io/g;" "$LND_CONF_FILE" + fi -# if neither set -if [ -z $TESTNET ] && [ -z $REGTEST ]; then - echo "Setting mainnet RPC port in docker-compose" - sed -i 's/RPCPORT/8332/g; ' docker-compose.yml + +if [ "$BITCOIN_NETWORK" == "regtest" ]; then + # Set regtest ports + BITCOIN_RPC_PORT=18443 + BITCOIN_P2P_PORT=18444 + # Uncomment "regtest" block + sed -i "s/\#\[regtest\]/\[regtest\]/g;" "$BITCOIN_CONF_FILE" + # Enable regtest + sed -i "s/\#regtest=1/regtest=1/g" "$BITCOIN_CONF_FILE" + # Switch LND to regtest + sed -i "s/bitcoin.mainnet=1/bitcoin.regtest=1/g;" "$LND_CONF_FILE" + # Use bitcoind as the node + sed -i "s/bitcoin.node=neutrino/bitcoin.node=bitcoind/g;" "$LND_CONF_FILE" fi +# Update RPC and P2P Ports +sed -i "s/rpcport=/rpcport=$BITCOIN_RPC_PORT/g;" "$BITCOIN_CONF_FILE" +sed -i "s/port=/port=$BITCOIN_P2P_PORT/g;" "$BITCOIN_CONF_FILE" +sed -i "s/BITCOIN_RPC_PORT=/BITCOIN_RPC_PORT=$BITCOIN_RPC_PORT/g;" "$ENV_FILE" +sed -i "s/BITCOIN_P2P_PORT=/BITCOIN_P2P_PORT=$BITCOIN_P2P_PORT/g;" "$ENV_FILE" + +# Add rpcauth to bitcoin.conf +sed -i "s/rpcauth=/$BITCOIN_RPC_AUTH/g;" "$BITCOIN_CONF_FILE" +# Add RPC credentials to lnd.conf +sed -i "s/bitcoind.rpcuser=/bitcoind.rpcuser=$BITCOIN_RPC_USER/g;" "$LND_CONF_FILE" +sed -i "s/bitcoind.rpcpass=/bitcoind.rpcpass=$BITCOIN_RPC_PASS/g;" "$LND_CONF_FILE" +# Add RPC credentials to env file +sed -i "s/BITCOIN_RPC_USER=/BITCOIN_RPC_USER=$BITCOIN_RPC_USER/g;" "$ENV_FILE" +sed -i "s/BITCOIN_RPC_PASS=/BITCOIN_RPC_PASS=$BITCOIN_RPC_PASS/g;" "$ENV_FILE" + +# Add chain to env file +sed -i "s/BITCOIN_NETWORK=/BITCOIN_NETWORK=$BITCOIN_NETWORK/g;" "$ENV_FILE" + +# Add Tor password +sed -i "s/HashedControlPassword /HashedControlPassword $TOR_HASHED_PASS/g;" "$TOR_CONF_FILE" +sed -i "s/torpassword=/torpassword=$TOR_PASS/g;" "$BITCOIN_CONF_FILE" +sed -i "s/tor.password=/tor.password=$TOR_PASS/g;" "$LND_CONF_FILE" +sed -i "s/TOR_PASSWORD=/TOR_PASSWORD=$TOR_PASS/g;" "$ENV_FILE" +sed -i "s/TOR_HASHED_PASSWORD=/TOR_HASHED_PASSWORD=$TOR_HASHED_PASS/g;" "$ENV_FILE" + + +########################################################## +############### Performance optimizations ################ +########################################################## + +echo +echo "Making performance optimizations" +echo + echo "Setting dbcache size" +echo DBCACHE_SIZE=$(awk '/MemTotal/{printf "%d\n", ($2/2^10 * 0.5) - 300}' /proc/meminfo) -sed -i -e "s/dbcache=1000/dbcache=$DBCACHE_SIZE/g" bitcoin/bitcoin.conf +sed -i -e "s/dbcache=/dbcache=$DBCACHE_SIZE/g" "$BITCOIN_CONF_FILE" + +# TODO: Adjust prune size based on available disk space + +########################################################## +############## Override main config files ################ +########################################################## -echo "Pulling Docker images" -docker-compose pull +mv -f "$BITCOIN_CONF_FILE" "./bitcoin/bitcoin.conf" +mv -f "$LND_CONF_FILE" "./lnd/lnd.conf" +mv -f "$TOR_CONF_FILE" "./tor/torrc" +mv -f "$ENV_FILE" "./.env" -echo "Adding tor password" -SAVE_PASSWORD=$(docker run --rm getumbrel/tor:v0.4.1.9 --quiet --hash-password "${RPCPASS}") -# Add a new line first -echo >> tor/torrc -echo "HashedControlPassword ${SAVE_PASSWORD}" >> tor/torrc -echo "Adding Tor password to bitcoind" -sed -i "s/torpassword=umbrelftw/torpassword=${RPCPASS}/g;" bitcoin/bitcoin.conf -echo "Adding Tor password to LND" -sed -i "s/tor.password=umbrelftw/tor.password=${RPCPASS}/g; " lnd/lnd.conf +########################################################## +################ Configuration complete ################## +########################################################## -echo "Removing stuff we don't need" -rm -fr .git -rm -fr README.md -rm -fr NETWORKING.md +echo "Pulling Umbrel Docker images" +echo +docker-compose pull --quiet -echo "Box Configuration complete" +echo "Configuration successful" +echo "You can now start Umbrel by running:" +echo " sudo ./scripts/start" +echo diff --git a/scripts/rpcauth.py b/scripts/rpcauth.py new file mode 100755 index 0000000..b14c801 --- /dev/null +++ b/scripts/rpcauth.py @@ -0,0 +1,46 @@ +#!/usr/bin/env python3 +# Copyright (c) 2015-2018 The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. + +from argparse import ArgumentParser +from base64 import urlsafe_b64encode +from binascii import hexlify +from getpass import getpass +from os import urandom + +import hmac + +def generate_salt(size): + """Create size byte hex salt""" + return hexlify(urandom(size)).decode() + +def generate_password(): + """Create 32 byte b64 password""" + return urlsafe_b64encode(urandom(32)).decode('utf-8') + +def password_to_hmac(salt, password): + m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256') + return m.hexdigest() + +def main(): + parser = ArgumentParser(description='Create login credentials for a JSON-RPC user') + parser.add_argument('username', help='the username for authentication') + parser.add_argument('password', help='leave empty to generate a random password or specify "-" to prompt for password', nargs='?') + args = parser.parse_args() + + if not args.password: + args.password = generate_password() + elif args.password == '-': + args.password = getpass() + + # Create 16 byte hex salt + salt = generate_salt(16) + password_hmac = password_to_hmac(salt, args.password) + + print('String to be appended to bitcoin.conf:') + print('rpcauth={0}:{1}${2}'.format(args.username, salt, password_hmac)) + print('Your password:\n{0}'.format(args.password)) + +if __name__ == '__main__': + main() diff --git a/scripts/update/.updateignore b/scripts/update/.updateignore index a6b1dbc..0b8d61e 100644 --- a/scripts/update/.updateignore +++ b/scripts/update/.updateignore @@ -1,8 +1,8 @@ .* -bitcoin +bitcoin/* db -lnd +lnd/* secrets statuses -tor -events/signals \ No newline at end of file +tor/* +events/signals diff --git a/scripts/update/.updateinclude b/scripts/update/.updateinclude new file mode 100644 index 0000000..fa9310b --- /dev/null +++ b/scripts/update/.updateinclude @@ -0,0 +1,4 @@ +.env +bitcoin/bitcoin.conf +lnd/lnd.conf +tor/torrc diff --git a/scripts/update/00-run.sh b/scripts/update/00-run.sh index 78ceb52..23698bd 100755 --- a/scripts/update/00-run.sh +++ b/scripts/update/00-run.sh @@ -33,8 +33,10 @@ chown -R 1000:1000 "$UMBREL_ROOT"/ # Backup echo "Backing up existing directory tree" -rsync -av "$UMBREL_ROOT"/ \ +rsync -av \ + --include-from="$UMBREL_ROOT/.umbrel-$RELEASE/scripts/update/.updateinclude" \ --exclude-from="$UMBREL_ROOT/.umbrel-$RELEASE/scripts/update/.updateignore" \ + "$UMBREL_ROOT"/ \ "$UMBREL_ROOT"/.umbrel-backup/ echo "Successfully backed up to $UMBREL_ROOT/.umbrel-backup" diff --git a/scripts/update/01-run.sh b/scripts/update/01-run.sh index c30eaf3..389e11f 100755 --- a/scripts/update/01-run.sh +++ b/scripts/update/01-run.sh @@ -19,43 +19,15 @@ EOF # Checkout to the new release cd "$UMBREL_ROOT"/.umbrel-"$RELEASE" -# Update RPC Password in docker-compose.yml -# Get gnu sed -gnused=sed -if [[ "$(uname)" == "Darwin" ]]; then - if ! command -v gsed >/dev/null 2>&1; then - echo "Error: This script requires gnu-sed!" - echo "Install it with:" - echo " brew install gnu-sed" - exit 1 - fi - gnused=gsed -fi - -echo "Updating RPC Password in docker-compose.yml" -RPCPASS=$(cat "$UMBREL_ROOT"/secrets/rpcpass.txt) -$gnused -i "s/RPCPASS/${RPCPASS}/g;" docker-compose.yml - -# echo "Setting regtest" -# $gnused -i 's/mainnet/regtest/g; ' docker-compose.yml -# $gnused -i "s/RPCPORT/18443/g;" docker-compose.yml - -echo "Setting mainnet" -$gnused -i "s/RPCPORT/8332/g;" docker-compose.yml - -if [[ "$HOSTNAME" != "umbrel" ]]; then - echo "Changing hostname to http://$HOSTNAME.local" - $gnused -i "s/umbrel.local/${HOSTNAME}.local/g;" docker-compose.yml -fi - - -# Pull new images -echo "Pulling new images" +# Configure new install +echo "Configuring new release" cat < "$UMBREL_ROOT"/statuses/update-status.json -{"state": "installing", "progress": 40, "description": "Downloading new Docker images", "updateTo": "$RELEASE"} +{"state": "installing", "progress": 40, "description": "Configuring new release", "updateTo": "$RELEASE"} EOF -cd "$UMBREL_ROOT"/.umbrel-"$RELEASE" -docker-compose pull + +BITCOIN_NETWORK="mainnet" +[[ -f "$UMBREL_ROOT/.env" ]] && source "$UMBREL_ROOT/.env" +NETWORK=$BITCOIN_NETWORK ./scripts/configure # Stop existing containers echo "Stopping existing containers" @@ -67,8 +39,10 @@ cd "$UMBREL_ROOT" # Overlay home dir structure with new dir tree echo "Overlaying $UMBREL_ROOT/ with new directory tree" -rsync -av "$UMBREL_ROOT"/.umbrel-"$RELEASE"/ \ +rsync -av \ + --include-from="$UMBREL_ROOT/.umbrel-$RELEASE/scripts/update/.updateinclude" \ --exclude-from="$UMBREL_ROOT/.umbrel-$RELEASE/scripts/update/.updateignore" \ + "$UMBREL_ROOT"/.umbrel-"$RELEASE"/ \ "$UMBREL_ROOT"/ # Fix permissions diff --git a/templates/.env-sample b/templates/.env-sample new file mode 100644 index 0000000..91a639d --- /dev/null +++ b/templates/.env-sample @@ -0,0 +1,7 @@ +BITCOIN_NETWORK= +BITCOIN_P2P_PORT= +BITCOIN_RPC_PORT= +BITCOIN_RPC_USER= +BITCOIN_RPC_PASS= +TOR_PASSWORD= +TOR_HASHED_PASSWORD= diff --git a/bitcoin/bitcoin.conf b/templates/bitcoin-sample.conf similarity index 89% rename from bitcoin/bitcoin.conf rename to templates/bitcoin-sample.conf index 5ccc2bf..2ff6c69 100644 --- a/bitcoin/bitcoin.conf +++ b/templates/bitcoin-sample.conf @@ -1,7 +1,7 @@ # Have TOR commented for initial sync onion=10.11.5.1:29050 torcontrol=10.11.5.1:29051 -torpassword=umbrelftw +torpassword= server=1 rest=1 @@ -13,7 +13,7 @@ rest=1 # Low bandwidth/CPU optimizations blocksonly=1 maxconnections=8 -dbcache=1000 +dbcache= maxmempool=300 maxuploadtarget=5000 @@ -21,12 +21,13 @@ maxuploadtarget=5000 #[test] # uncomment regtest if regtest=1 is activated #[regtest] -port=8333 -rpcport=8332 +port= +rpcport= rpcbind=10.11.1.1 rpcbind=127.0.0.1 rpcallowip=10.11.0.0/16 rpcallowip=127.0.0.1 +rpcauth= # Prune it up first (We can uncomment this later or by script, should there be enough space) prune=550 diff --git a/lnd/lnd.conf b/templates/lnd-sample.conf similarity index 95% rename from lnd/lnd.conf rename to templates/lnd-sample.conf index 7586237..3beda41 100644 --- a/lnd/lnd.conf +++ b/templates/lnd-sample.conf @@ -24,8 +24,8 @@ routing.assumechanvalid=1 ; Default setting currently is neutrino [Bitcoind] bitcoind.rpchost=10.11.1.1 -bitcoind.rpcuser=lncm -bitcoind.rpcpass=RPCPASS +bitcoind.rpcuser= +bitcoind.rpcpass= bitcoind.zmqpubrawblock=tcp://10.11.1.1:28332 bitcoind.zmqpubrawtx=tcp://10.11.1.1:28333 bitcoind.estimatemode=ECONOMICAL @@ -59,6 +59,6 @@ tor.control=10.11.5.1:29051 tor.socks=10.11.5.1:29050 tor.targetipaddress=10.11.1.2 ; TOR Password placeholder for v0.10.0 -tor.password=umbrelftw +tor.password= tor.v3=1 tor.dns=soa.nodes.lightning.directory:53 diff --git a/tor/torrc b/templates/torrc-sample similarity index 87% rename from tor/torrc rename to templates/torrc-sample index 5757b83..0873db2 100644 --- a/tor/torrc +++ b/templates/torrc-sample @@ -6,4 +6,4 @@ ControlPort 10.11.5.1:29051 HiddenServiceDir /var/lib/tor/web HiddenServicePort 80 10.11.0.2:80 -# Tor password will go here: +HashedControlPassword