#!/usr/bin/env bash set -euo pipefail ########################################################## ################## Check dependencies #################### ########################################################## check_dependencies () { for cmd in "$@"; do if ! command -v $cmd >/dev/null 2>&1; then echo "This script requires \"${cmd}\" to be installed" exit 1 fi done } if [ ! "$(uname -s)" == "Linux" ]; then echo "Sorry, Umbrel only supports Linux-based systems at this point." echo echo "You may work around this by modifying the configuration script yourself, but it's highly experimental." echo "If you get it working, we hope you consider making a PR. :)" exit 1 fi check_dependencies docker docker-compose dirname readlink # Switch to Umbrel's root directory UMBREL_ROOT="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")"/..)" if [[ ! -d "$UMBREL_ROOT" ]]; then echo "Root dir does not exist '$UMBREL_ROOT'" exit 1 fi cd "$UMBREL_ROOT" # Make sure we use the status dir from the real Umbrel installation if this is # an OTA update. STATUS_DIR="${UMBREL_ROOT}/statuses" if [[ -f "${UMBREL_ROOT}/../.umbrel" ]]; then STATUS_DIR="${UMBREL_ROOT}/../statuses" fi # Configure for mainnet or testnet or regtest depending # upon the user-supplied value of $NETWORK BITCOIN_NETWORK="${NETWORK:-mainnet}" if [ "$BITCOIN_NETWORK" != "mainnet" ] && [ "$BITCOIN_NETWORK" != "testnet" ] && [ "$BITCOIN_NETWORK" != "regtest" ]; then echo "Error: Umbrel can only be configured for mainnet (default), testnet or regtest" exit 1 fi # Get current Umbrel version UMBREL_VERSION="$(cat ${UMBREL_ROOT}/info.json | jq -r .version)" echo echo "======================================" if [[ -f "${STATUS_DIR}/configured" ]]; then echo "=========== RECONFIGURING ============" else echo "============ CONFIGURING =============" fi echo "========= UMBREL (${BITCOIN_NETWORK}) ===========" echo "======================================" echo ########################################################## ############### Setup configuration files ############### ########################################################## # Store paths to intermediary config files NGINX_CONF_FILE="./templates/nginx.conf" BITCOIN_CONF_FILE="./templates/bitcoin.conf" LND_CONF_FILE="./templates/lnd.conf" TOR_CONF_FILE="./templates/torrc" ELECTRS_CONF_FILE="./templates/electrs.toml" ENV_FILE="./templates/.env" # Remove intermediary files if they exist from any # previous unclean configuration run [[ -f "$NGINX_CONF_FILE" ]] && rm -f "$NGINX_CONF_FILE" [[ -f "$BITCOIN_CONF_FILE" ]] && rm -f "$BITCOIN_CONF_FILE" [[ -f "$LND_CONF_FILE" ]] && rm -f "$LND_CONF_FILE" [[ -f "$TOR_CONF_FILE" ]] && rm -f "$TOR_CONF_FILE" [[ -f "$ELECTRS_CONF_FILE" ]] && rm -f "$ELECTRS_CONF_FILE" [[ -f "$ENV_FILE" ]] && rm -f "$ENV_FILE" # Copy template configs to intermediary configs [[ -f "./templates/nginx-sample.conf" ]] && cp "./templates/nginx-sample.conf" "$NGINX_CONF_FILE" [[ -f "./templates/bitcoin-sample.conf" ]] && cp "./templates/bitcoin-sample.conf" "$BITCOIN_CONF_FILE" [[ -f "./templates/lnd-sample.conf" ]] && cp "./templates/lnd-sample.conf" "$LND_CONF_FILE" [[ -f "./templates/torrc-sample" ]] && cp "./templates/torrc-sample" "$TOR_CONF_FILE" [[ -f "./templates/electrs-sample.toml" ]] && cp "./templates/electrs-sample.toml" "$ELECTRS_CONF_FILE" [[ -f "./templates/.env-sample" ]] && cp "./templates/.env-sample" "$ENV_FILE" ########################################################## ############ Generate configuration variables ############ ########################################################## # Load existing credentials if we have some [[ -f "./.env" ]] && source "./.env" [[ ! -z ${PREV_ENV_FILE+x} ]] && [[ -f "${PREV_ENV_FILE}" ]] && source "${PREV_ENV_FILE}" # Umbrel NETWORK_IP="10.21.21.0" GATEWAY_IP="10.21.21.1" NGINX_IP="10.21.21.2" NGINX_PORT="${NGINX_PORT:-80}" DASHBOARD_IP="10.21.21.3" MANAGER_IP="10.21.21.4" MIDDLEWARE_IP="10.21.21.5" NEUTRINO_SWITCHER_IP="10.21.21.6" BITCOIN_IP="10.21.21.8" BITCOIN_RPC_PORT="8332" BITCOIN_P2P_PORT="8333" BITCOIN_ZMQ_RAWBLOCK_PORT="28332" BITCOIN_ZMQ_RAWTX_PORT="28333" BITCOIN_ZMQ_HASHBLOCK_PORT="28334" LND_IP="10.21.21.9" LND_GRPC_PORT="10009" LND_REST_PORT="8080" ELECTRUM_IP="10.21.21.10" ELECTRUM_PORT="50001" TOR_PROXY_IP="10.21.21.11" TOR_PROXY_PORT="9050" # Apps APP_BTC_RPC_EXPLORER_IP="10.21.21.12" APP_BTC_RPC_EXPLORER_IP="10.21.21.12" APP_BTC_RPC_EXPLORER_PORT="3002" APP_THUNDERHUB_IP="10.21.21.13" APP_THUNDERHUB_PORT="3000" APP_SPHINX_RELAY_IP="10.21.21.14" APP_SPHINX_RELAY_PORT="3300" APP_RIDE_THE_LIGHTNING_IP="10.21.21.15" APP_RIDE_THE_LIGHTNING_PORT="3001" APP_RIDE_THE_LIGHTNING_LOOP_IP="10.21.21.16" APP_LIGHTNING_TERMINAL_IP="10.21.21.17" APP_LIGHTNING_TERMINAL_PORT="3004" APP_SPECTER_DESKTOP_IP="10.21.21.18" APP_SPECTER_DESKTOP_PORT="25441" APP_BTCPAY_SERVER_IP="10.21.21.19" APP_BTCPAY_SERVER_PORT="3003" APP_BTCPAY_SERVER_NBXPLORER_IP="10.21.21.20" APP_BTCPAY_SERVER_DB_IP="10.21.21.21" APP_LNBITS_IP="10.21.21.29" APP_LNBITS_PORT="3007" APP_MEMPOOL_IP="10.21.21.26" APP_MEMPOOL_PORT="3006" APP_MEMPOOL_API_IP="10.21.21.27" APP_MEMPOOL_DB_IP="10.21.21.28" APP_SAMOURAI_SERVER_IP="10.21.21.22" APP_SAMOURAI_SERVER_PORT="3005" APP_SAMOURAI_SERVER_WHIRLPOOL_IP="10.21.21.23" APP_SAMOURAI_SERVER_WHIRLPOOL_PORT="8898" APP_SAMOURAI_SERVER_DB_IP="10.21.21.24" APP_SAMOURAI_SERVER_NODE_IP="10.21.21.25" APP_BLUEWALLET_LNDHUB_IP="10.21.21.30" APP_BLUEWALLET_LNDHUB_PORT="3008" APP_BLUEWALLET_REDIS_IP="10.21.21.31" APP_NEXTCLOUD_PORT="8081" APP_NEXTCLOUD_IP="10.21.21.32" APP_NEXTCLOUD_DB_IP="10.21.21.33" APP_NEXTCLOUD_REDIS_IP="10.21.21.34" APP_NEXTCLOUD_CRON_IP="10.21.21.35" APP_PI_HOLE_PORT="8082" APP_PI_HOLE_IP="10.21.21.36" APP_HOME_ASSISTANT_PORT="8083" APP_HOME_ASSISTANT_IP="10.21.21.37" APP_GITEA_PORT="8085" APP_GITEA_SSH_PORT="2222" APP_GITEA_IP="10.21.21.39" APP_GITEA_DB_IP="10.21.21.40" APP_SIMPLETORRENT_PORT="8086" APP_SIMPLETORRENT_IP="10.21.21.41" APP_PHOTOPRISM_IP="10.21.21.42" APP_PHOTOPRISM_PORT="8087" APP_PHOTOPRISM_DB_IP="10.21.21.43" APP_SYNAPSE_IP="10.21.21.44" APP_SYNAPSE_PORT="8008" APP_ELEMENT_IP="10.21.21.45" APP_ELEMENT_PORT="8088" APP_VAULTWARDEN_IP="10.21.21.46" APP_VAULTWARDEN_PORT="8089" APP_CODE_SERVER_IP="10.21.21.53" APP_CODE_SERVER_PORT="8091" # Generate RPC credentials if [[ -z ${BITCOIN_RPC_USER+x} ]] || [[ -z ${BITCOIN_RPC_PASS+x} ]] || [[ -z ${BITCOIN_RPC_AUTH+x} ]]; then echo "Generating auth credentials" echo BITCOIN_RPC_USER="umbrel" BITCOIN_RPC_DETAILS=$("./scripts/rpcauth.py" "$BITCOIN_RPC_USER") BITCOIN_RPC_PASS=$(echo "$BITCOIN_RPC_DETAILS" | tail -1) BITCOIN_RPC_AUTH=$(echo "$BITCOIN_RPC_DETAILS" | head -2 | tail -1 | sed -e "s/^rpcauth=//") fi # Pull Tor image and generate Tor password if [[ -z ${TOR_PASSWORD+x} ]] || [[ -z ${TOR_HASHED_PASSWORD+x} ]]; then echo "Generating Tor password" echo TOR_PASSWORD=$("./scripts/rpcauth.py" "itdoesntmatter" | tail -1) TOR_HASHED_PASSWORD=$(docker run --rm getumbrel/tor:v0.4.1.9 --quiet --hash-password "$TOR_PASSWORD") fi ########################################################## ### Update config files with configuration variables ##### ########################################################## if [ "$BITCOIN_NETWORK" == "testnet" ]; then # Set testnet ports BITCOIN_RPC_PORT=18332 BITCOIN_P2P_PORT=18333 # Switch Bitcoin Core to testnet sed -i '1s/^/testnet=1\n[test]\n\n/' "$BITCOIN_CONF_FILE" # Switch LND to testnet sed -i "s/bitcoin.mainnet=1/bitcoin.testnet=1/g;" "$LND_CONF_FILE" # Uncomment testnet neutrino block and peers sed -i "s/\# \[neutrino\]/\[neutrino\]/g;" "$LND_CONF_FILE" sed -i "s/\# neutrino.addpeer=testnet1-btcd.zaphq.io/neutrino.addpeer=testnet1-btcd.zaphq.io/g;" "$LND_CONF_FILE" sed -i "s/\# neutrino.addpeer=testnet2-btcd.zaphq.io/neutrino.addpeer=testnet2-btcd.zaphq.io/g;" "$LND_CONF_FILE" # Set electrs to testnet sed -i "s/network = \"bitcoin\"/network = \"testnet\"/g;" "$ELECTRS_CONF_FILE" fi if [ "$BITCOIN_NETWORK" == "regtest" ]; then # Set regtest ports BITCOIN_RPC_PORT=18443 BITCOIN_P2P_PORT=18444 # Switch Bitcoin Core to regtest sed -i '1s/^/regtest=1\n[regtest]\n\n/' "$BITCOIN_CONF_FILE" # Switch LND to regtest sed -i "s/bitcoin.mainnet=1/bitcoin.regtest=1/g;" "$LND_CONF_FILE" # Use bitcoind as the node sed -i "s/bitcoin.node=neutrino/bitcoin.node=bitcoind/g;" "$LND_CONF_FILE" # Set electrs to regtest sed -i "s/network = \"bitcoin\"/network = \"regtest\"/g;" "$ELECTRS_CONF_FILE" fi # Update RPC, P2P and ZMQ Ports sed -i "s/rpcport=/rpcport=$BITCOIN_RPC_PORT/g;" "$BITCOIN_CONF_FILE" sed -i "s/port=/port=$BITCOIN_P2P_PORT/g;" "$BITCOIN_CONF_FILE" sed -i "s//$BITCOIN_RPC_PORT/g;" "$TOR_CONF_FILE" sed -i "s//$BITCOIN_P2P_PORT/g;" "$TOR_CONF_FILE" sed -i "/daemon_rpc_addr/s//$BITCOIN_RPC_PORT/g;" "$ELECTRS_CONF_FILE" sed -i "s/BITCOIN_RPC_PORT=/BITCOIN_RPC_PORT=$BITCOIN_RPC_PORT/g;" "$ENV_FILE" sed -i "s/BITCOIN_P2P_PORT=/BITCOIN_P2P_PORT=$BITCOIN_P2P_PORT/g;" "$ENV_FILE" # Add rpcauth sed -i "s/rpcauth=/rpcauth=$BITCOIN_RPC_AUTH/g;" "$BITCOIN_CONF_FILE" sed -i "s/BITCOIN_RPC_AUTH=/BITCOIN_RPC_AUTH='$BITCOIN_RPC_AUTH'/g;" "$ENV_FILE" # Add RPC credentials to lnd.conf sed -i "s/bitcoind.rpcuser=/bitcoind.rpcuser=$BITCOIN_RPC_USER/g;" "$LND_CONF_FILE" sed -i "s/bitcoind.rpcpass=/bitcoind.rpcpass=$BITCOIN_RPC_PASS/g;" "$LND_CONF_FILE" # Add RPC credentials to env file sed -i "s/BITCOIN_RPC_USER=/BITCOIN_RPC_USER=$BITCOIN_RPC_USER/g;" "$ENV_FILE" sed -i "s/BITCOIN_RPC_PASS=/BITCOIN_RPC_PASS=$BITCOIN_RPC_PASS/g;" "$ENV_FILE" # Add chain to env file sed -i "s/BITCOIN_NETWORK=/BITCOIN_NETWORK=$BITCOIN_NETWORK/g;" "$ENV_FILE" # Add Tor password sed -i "s/HashedControlPassword /HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$TOR_CONF_FILE" sed -i "s/torpassword=/torpassword=$TOR_PASSWORD/g;" "$BITCOIN_CONF_FILE" sed -i "s/tor.password=/tor.password=$TOR_PASSWORD/g;" "$LND_CONF_FILE" sed -i "s/TOR_PASSWORD=/TOR_PASSWORD=$TOR_PASSWORD/g;" "$ENV_FILE" sed -i "s/TOR_HASHED_PASSWORD=/TOR_HASHED_PASSWORD=$TOR_HASHED_PASSWORD/g;" "$ENV_FILE" # Store docker binary path DOCKER_BINARY=$(readlink -f "$(which docker)") sed -i "s#DOCKER_BINARY=#DOCKER_BINARY=$DOCKER_BINARY#g;" "$ENV_FILE" # Set Umbrel version in electrs banner sed -i "/server_banner/s//$UMBREL_VERSION/g;" "$ELECTRS_CONF_FILE" # Add hostname to lnd.conf for TLS certificate DEVICE_HOSTNAME="$(hostname)" sed -i "s/tlsextradomain=/tlsextradomain=$DEVICE_HOSTNAME.local/g;" "$LND_CONF_FILE" # If node is already synced, do not reset to neutrino if [[ -f "${STATUS_DIR}/node-status-bitcoind-ready" ]]; then sed -i "s/bitcoin.node=.*/bitcoin.node=bitcoind/g;" "$LND_CONF_FILE" fi # Set LND fee URL (but only for mainnet Neutrino) LND_FEE_URL="" if [[ "$BITCOIN_NETWORK" == "mainnet" ]] && [[ ! -f "${STATUS_DIR}/node-status-bitcoind-ready" ]]; then LND_FEE_URL="https://nodes.lightning.computer/fees/v1/btc-fee-estimates.json" fi # TODO: Update all the above code to use this simpler logic for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do # Umbrel sed -i "s//${NETWORK_IP}/g" "${template}" sed -i "s//${GATEWAY_IP}/g" "${template}" sed -i "s//${NGINX_IP}/g" "${template}" sed -i "s//${NGINX_PORT}/g" "${template}" sed -i "s//${DASHBOARD_IP}/g" "${template}" sed -i "s//${MANAGER_IP}/g" "${template}" sed -i "s//${MIDDLEWARE_IP}/g" "${template}" sed -i "s//${NEUTRINO_SWITCHER_IP}/g" "${template}" sed -i "s//${BITCOIN_IP}/g" "${template}" sed -i "s//${LND_IP}/g" "${template}" sed -i "s//${LND_GRPC_PORT}/g" "${template}" sed -i "s//${LND_REST_PORT}/g" "${template}" sed -i "s//${ELECTRUM_IP}/g" "${template}" sed -i "s//${ELECTRUM_PORT}/g" "${template}" sed -i "s//${TOR_PROXY_IP}/g" "${template}" sed -i "s//${TOR_PROXY_PORT}/g" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWBLOCK_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWTX_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_HASHBLOCK_PORT}/g;" "${template}" sed -i "s##${LND_FEE_URL}#g;" "${template}" # Apps sed -i "s//${APP_BTC_RPC_EXPLORER_IP}/g" "${template}" sed -i "s//${APP_BTC_RPC_EXPLORER_PORT}/g" "${template}" sed -i "s//${APP_THUNDERHUB_IP}/g" "${template}" sed -i "s//${APP_THUNDERHUB_PORT}/g" "${template}" sed -i "s//${APP_SPHINX_RELAY_IP}/g" "${template}" sed -i "s//${APP_SPHINX_RELAY_PORT}/g" "${template}" sed -i "s//${APP_RIDE_THE_LIGHTNING_IP}/g" "${template}" sed -i "s//${APP_RIDE_THE_LIGHTNING_PORT}/g" "${template}" sed -i "s//${APP_RIDE_THE_LIGHTNING_LOOP_IP}/g" "${template}" sed -i "s//${APP_LIGHTNING_TERMINAL_IP}/g" "${template}" sed -i "s//${APP_LIGHTNING_TERMINAL_PORT}/g" "${template}" sed -i "s//${APP_SPECTER_DESKTOP_IP}/g" "${template}" sed -i "s//${APP_SPECTER_DESKTOP_PORT}/g" "${template}" sed -i "s//${APP_BTCPAY_SERVER_IP}/g" "${template}" sed -i "s//${APP_BTCPAY_SERVER_PORT}/g" "${template}" sed -i "s//${APP_BTCPAY_SERVER_NBXPLORER_IP}/g" "${template}" sed -i "s//${APP_BTCPAY_SERVER_DB_IP}/g" "${template}" sed -i "s//${APP_LNBITS_IP}/g" "${template}" sed -i "s//${APP_LNBITS_PORT}/g" "${template}" sed -i "s//${APP_MEMPOOL_IP}/g" "${template}" sed -i "s//${APP_MEMPOOL_PORT}/g" "${template}" sed -i "s//${APP_MEMPOOL_DB_IP}/g" "${template}" sed -i "s//${APP_MEMPOOL_API_IP}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_IP}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_PORT}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_WHIRLPOOL_IP}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_WHIRLPOOL_PORT}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_DB_IP}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_NODE_IP}/g" "${template}" sed -i "s//${APP_BLUEWALLET_LNDHUB_IP}/g" "${template}" sed -i "s//${APP_BLUEWALLET_LNDHUB_PORT}/g" "${template}" sed -i "s//${APP_BLUEWALLET_REDIS_IP}/g" "${template}" sed -i "s//${APP_NEXTCLOUD_PORT}/g" "${template}" sed -i "s//${APP_NEXTCLOUD_IP}/g" "${template}" sed -i "s//${APP_NEXTCLOUD_DB_IP}/g" "${template}" sed -i "s//${APP_NEXTCLOUD_REDIS_IP}/g" "${template}" sed -i "s//${APP_NEXTCLOUD_CRON_IP}/g" "${template}" sed -i "s//${APP_PI_HOLE_PORT}/g" "${template}" sed -i "s//${APP_PI_HOLE_IP}/g" "${template}" sed -i "s//${APP_HOME_ASSISTANT_PORT}/g" "${template}" sed -i "s//${APP_HOME_ASSISTANT_IP}/g" "${template}" sed -i "s//${APP_GITEA_PORT}/g" "${template}" sed -i "s//${APP_GITEA_SSH_PORT}/g" "${template}" sed -i "s//${APP_GITEA_IP}/g" "${template}" sed -i "s//${APP_GITEA_DB_IP}/g" "${template}" sed -i "s//${APP_SIMPLETORRENT_PORT}/g" "${template}" sed -i "s//${APP_SIMPLETORRENT_IP}/g" "${template}" sed -i "s//${APP_PHOTOPRISM_IP}/g" "${template}" sed -i "s//${APP_PHOTOPRISM_PORT}/g" "${template}" sed -i "s//${APP_PHOTOPRISM_DB_IP}/g" "${template}" sed -i "s//${APP_SYNAPSE_IP}/g" "${template}" sed -i "s//${APP_SYNAPSE_PORT}/g" "${template}" sed -i "s//${APP_ELEMENT_IP}/g" "${template}" sed -i "s//${APP_ELEMENT_PORT}/g" "${template}" sed -i "s//${APP_VAULTWARDEN_IP}/g" "${template}" sed -i "s//${APP_VAULTWARDEN_PORT}/g" "${template}" sed -i "s//${APP_CODE_SERVER_IP}/g" "${template}" sed -i "s//${APP_CODE_SERVER_PORT}/g" "${template}" done ########################################################## ############## Override main config files ################ ########################################################## mv -f "$NGINX_CONF_FILE" "./nginx/nginx.conf" mv -f "$BITCOIN_CONF_FILE" "./bitcoin/bitcoin.conf" mv -f "$TOR_CONF_FILE" "./tor/torrc" mv -f "$ELECTRS_CONF_FILE" "./electrs/electrs.toml" mv -f "$ENV_FILE" "./.env" # Only write LND config if one doesn't already exist to preserve any user changes. if [[ -f "./lnd/lnd.conf" ]]; then echo "Skipping lnd.conf update to preserve user changes..." rm "$LND_CONF_FILE" else mv -f "$LND_CONF_FILE" "./lnd/lnd.conf" fi ########################################################## ######### Generate hidden services on first run ########## ########################################################## # Prevents CORS issue if dashboard's hidden service # doesn't exist on the first run if [[ ! -f "${STATUS_DIR}/configured" ]]; then echo "Generating hidden services..." echo docker-compose up --detach tor wait_for_tor=10 while [[ ! -f "${UMBREL_ROOT}/tor/data/web/hostname" ]]; do if [[ "${wait_for_tor}" == 0 ]]; then echo "Dashboard's hidden service file wasn't created..." echo break fi sleep 1 ((wait_for_tor--)) done docker-compose down fi ########################################################## ################ Configuration complete ################## ########################################################## echo "Configuring permissions..." echo chown -R 1000:1000 "$UMBREL_ROOT" # Create configured status touch "${STATUS_DIR}/configured" echo "Configuration successful" echo "You can now start Umbrel by running:" echo " sudo ./scripts/start" echo