Zen
/
Alchemy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

most features are done, some are commented out. This is about 90%

main
Zen 3 years ago
parent
d20914188f
commit
937dfda20d
9 changed files with 521 additions and 324 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      resources/ao-config
  2. 14
      resources/ao-service-template
  3. 27
      resources/bitcoin-service-template
  4. 31
      resources/lightning-service-template
  5. 4
      resources/sample_lightning_config
  6. 57
      resources/tor-service-template
  7. 9
      resources/torrc-template
  8. 639
      scripts/ao.sh
  9. 46
      scripts/rpcauth.py

18
resources/ao-config
Unescape View File

@ -1,25 +1,29 @@
export default { export default {
bitcoind: { bitcoind: {
network: 'mainnet' network: 'mainnet',
username: 'ao',
password: 'PASSLINE'
}, },
bitcoinAverage: { bitcoinAverage: {
pub: '', pub: '',
secret: '' secret: ''
}, },
sqlite3: {
//file: '$HOME/.ao/database.sqlite3'
file: 'SQLITE_DATABASE'
},
clightning: { clightning: {
//dir: '$HOME/.lightning/bitcoin' // default is '~/.lightning/bitcoin'
dir: 'CLIGHTNING_DIR' dir: 'CLIGHTNING_DIR'
}, },
tor: { tor: {
//hostname: '$TORHOSTNAME' //hostname: '$TORHOSTNAME'
hostname: 'TOR_HOSTNAME' hostname: 'TOR_HOSTNAME'
}, },
sqlite3: {
// default is '~/.ao/database.sqlite3'
file: 'SQLITE_DATABASE'
},
hostnames: []
privateKey: 'PRIVATEKEY',
memes: { memes: {
//dir: '$HOME/.ao/memes' // default is ~/.ao/memes'
dir: 'MEMES_DIR' dir: 'MEMES_DIR'
}, },
jitsi: { jitsi: {

14
resources/ao-service-template
Unescape View File

@ -0,0 +1,14 @@
[Unit]
Description=ao-daemon
[Service]
WorkingDirectory=HOME/ao-react
ExecStart=NODE --experimental-specifier-resolution=node -r dotenv/config HOME/ao-react/src/server/app.js
User=USER
Type=simple
Restart=on-failure
PrivateTmp=true
[Install]
WantedBy=multi-user.target

27
resources/bitcoin-service-template
Unescape View File

@ -0,0 +1,27 @@
[Unit]
Description=Bitcoin daemon
After=network.target
[Service]
Type=notify
NotifyAccess=all
ExecStart=BITCOIND --daemon --server --pid=HOME/.bitcoin/bitcoind.pid
Type=forking
PIDFile=HOME/.bitcoin/bitcoind.pid
Restart=on-failure
KillSignal=SIGINT
TimeoutSec=60
WatchdogSec=60
LimitNOFILE=32768
User=USER
Group=USER
# Hardening
PrivateTmp=yes
PrivateDevices=yes
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target

31
resources/lightning-service-template
Unescape View File

@ -0,0 +1,31 @@
[Unit]
Description=C-Lightning daemon
Requires=bitcoin.service
After=bitcoin.service
Wants=network.target
After=network.target
[Service]
Type=forking
NotifyAccess=all
ExecStart=LIGHTNINGD --conf HOME/.lightning/config --pid-file=HOME/.lightning/lightningd.pid
User=USER
Group=USER
Type=forking
PIDFile=HOME/.lightning/lightningd.pid
Restart=on-failure
KillSignal=SIGINT
TimeoutSec=60
WatchdogSec=60
LimitNOFILE=32768
# Hardening
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target

4
resources/sample_lightning_config
Unescape View File

@ -1,6 +1,6 @@
network=bitcoin network=bitcoin
plugin=clboss #plugin=clboss
log-level=debug:clboss #log-level=debug:clboss
proxy=127.0.0.1:9050 proxy=127.0.0.1:9050
bind-addr=127.0.0.1:9735 bind-addr=127.0.0.1:9735
addr=statictor:127.0.0.1:9051 addr=statictor:127.0.0.1:9051

57
resources/tor-service-template
Unescape View File

@ -1,41 +1,34 @@
[Unit] [Unit]
Description=Anonymizing overlay network for TCP (multi-instance-master) Description=Anonymizing overlay network for TCP (multi-instance-master)
After=network.target After=syslog.target network.target nss-lookup.target
[Service] [Service]
#$USER Type=notify
User=USER NotifyAccess=all
Group=USER ExecStartPre=+/bin/chown USER:USER /var/lib/tor
Type=simple ExecStartPre=TORPATH -f TORRCPATH --verify-config
#Type=forking ExecStart=TORPATH -f TORRCPATH
PrivateTmp=yes
PermissionsStartOnly=true ExecReload=/bin/kill -HUP ${MAINPID}
ExecStartPre=-/bin/mkdir /var/run/tor
ExecStartPre=/bin/cp TORRCPATH /var/run/tor
ExecStartPre=/bin/chmod a-wx,go-rwx /var/run/tor/torrc
ExecStartPre=/bin/chown -R USER:USER /var/run/tor
ExecStart=/usr/local/bin/tor -f TORRCPATH
ExecReload=/bin/kill -HUP MAINPID
#LimitNPROC = 2
#DeviceAllow = /dev/null rw
#DeviceAllow = /dev/urandom r
#DeviceAllow = /dev/random r
#InaccessibleDirectories = /
#ReadOnlyDirectories = /etc/usr
#ReadWriteDirectories = /var/lib/tor /var/log/tor
#PIDFile=/var/run/tor/tor.pid
KillSignal=SIGINT KillSignal=SIGINT
LimitNOFILE=8192 TimeoutSec=60
PrivateDevices=yes Restart=on-failure
WatchdogSec=60
LimitNOFILE=32768
User=root
Group=USER
#Type=oneshot # Hardening
#RemainAfterExit=yes PrivateTmp=yes
#ExecStart=/bin/true PrivateDevices=yes
#ExecReload=/bin/true ProtectSystem=full
ProtectHome=no
ReadOnlyDirectories=/
ReadWriteDirectories=-/var/lib/tor
ReadWriteDirectories=-/var/log/tor
ReadWriteDirectories=-HOME/.tor
NoNewPrivileges=no
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

9
resources/torrc-template
Unescape View File

@ -0,0 +1,9 @@
User USER
Log notice syslog
DataDirectory /var/lib/tor
ControlPort 9051
CookieAuthentication 1
CookieAuthFile HOME/.tor/control_auth_cookie
CookieAuthFileGroupReadable 1
DataDirectoryGroupReadable 1
CacheDirectoryGroupReadable 1

639
scripts/ao.sh
Unescape View File

@ -11,6 +11,9 @@ BOLD="\e[1m"
ULINE="\e[4m" ULINE="\e[4m"
RESET="\e[0m" RESET="\e[0m"
# Make sure that ctrl+C actually exits
trap "exit" INT
clear clear
echo '' echo ''
echo ' d8888 .d88888b. 8888888 888 888 888 ' echo ' d8888 .d88888b. 8888888 888 888 888 '
@ -35,10 +38,10 @@ echo -e "${ULINE}System Basics${RESET}"
if [ -f "/etc/debian_version" ]; then if [ -f "/etc/debian_version" ]; then
DISTRO="debian" DISTRO="debian"
echo -e "Debian, Ubuntu, or Raspbian OS detected." echo -e "${GREEN}Debian${RESET}, Ubuntu, or Raspbian OS detected."
elif [ -f "/etc/arch-release" ]; then elif [ -f "/etc/arch-release" ]; then
DISTRO="arch" DISTRO="arch"
echo -e "Arch- or Manjaro-based OS detected." echo -e "${GREEN}Arch or Manjaro-based${RESET} OS detected."
elif [ -f "/etc/fedora-release" ]; then elif [ -f "/etc/fedora-release" ]; then
DISTRO="fedora" DISTRO="fedora"
echo -e "${GREEN}Fedora${RESET} detected as the Operating System" echo -e "${GREEN}Fedora${RESET} detected as the Operating System"
@ -46,7 +49,7 @@ elif [ $(uname | grep -c "Darwin") -eq 1 ]; then
DISTRO="mac" DISTRO="mac"
echo -e "${GREEN}MacOS${RESET} detected." echo -e "${GREEN}MacOS${RESET} detected."
else else
echo "I don't know what OS you're running! Cancelling this operation." echo -e "I don't know ${RED}what OS you're running${RESET}! Cancelling this operation."
exit 1 exit 1
fi fi
@ -59,20 +62,17 @@ elif [ $ARCHY == 'armv7l' ]; then
fi fi
echo "" echo ""
export ALCHEMY_DISTRO=$DISTRO export ALCHEMY_DISTRO=$DISTRO
export ALCHEMY_ARCH=$ARCHY export ALCHEMY_ARCH=$ARCHY
echo "" echo ""
echo -e "Got it! Next we're going to make sure the system's repositories (where they get their data from)\nare updated and that you have all the basic command line utilities we need to continue. \n\n${BLUE}(enter)${RESET}" echo -e "Got it! Next we're going to make sure the system's repositories (where they get their data from)\nare updated and that you have all the basic command line utilities we need to continue. \n\n${BLUE}(enter)${RESET}"
read read
# This is a bash function! install_if_needed() { # Coding Moment: generally, whenever you see something with brackets at the end of it, like this() or like(this), it's a function! It takes inputs and gives outputs
install_if_needed() {
for package in "$@" for package in "$@"
do do
if [ -z $(which $package) ]; then if [ -z $(which $package 2>/dev/null) ]; then
echo "installing" $package echo "installing" $package
case $DISTRO in case $DISTRO in
@ -80,7 +80,7 @@ install_if_needed() {
sudo apt install -y $package sudo apt install -y $package
;; ;;
"arch") "arch")
sudo pacman -S $package sudo pacman -S $package --noconfirm --needed
;; ;;
"fedora") "fedora")
sudo dnf install -y $package sudo dnf install -y $package
@ -105,7 +105,7 @@ case $DISTRO in
sudo apt upgrade sudo apt upgrade
;; ;;
"arch") "arch")
sudo pacman -Syu #sudo pacman -Syu
;; ;;
"fedora") "fedora")
# sudo dnf update # sudo dnf update
@ -122,27 +122,32 @@ echo -e "Making sure we've got the basics..."
case $DISTRO in case $DISTRO in
"debian") "debian")
# Note -- I'm not sure if these are all needed but I'm not in the mood to check # Note -- I'm not sure if these are all needed but I'm not in the mood to check
install_if_needed git wget tor sqlite3 zlib1g-dev libtool-bin autoconf autoconf-archive automake autotools-dev \ install_if_needed git wget sqlite3 zlib1g-dev libtool-bin autoconf autoconf-archive automake autotools-dev \
libgmp-dev libsqlite3-dev python python3 python3-mako libsodium-dev build-essential pkg-config libev-dev \ libgmp-dev libsqlite3-dev python python3 python3-mako libsodium-dev build-essential pkg-config libev-dev \
libcurl4-gnutls-dev libssl-dev fakeroot devscripts libcurl4-gnutls-dev libssl-dev fakeroot devscripts
;; ;;
"arch") "arch")
# install_if_needed if [[ ! $(pacman -Qg base-devel) ]]; then
sudo pacman -S base-devel --noconfirm
fi
install_if_needed git wget sqlite3 python git gmp sqlite3 \
python-mako python-pip net-tools zlib libsodium gettext
;; ;;
"mac") "mac")
# install_if_needed # install_if_needed better-computer
;; ;;
"fedora") "fedora")
# install_if_needed git wget tor sqlite3 autoconf autoconf-archive automake \ install_if_needed git wget tor sqlite3 autoconf autoconf-archive automake \
# python python3 python3-mako pkg-config fakeroot devscripts python python3 python3-mako pkg-config fakeroot devscripts
;; ;;
esac esac
echo "" echo ""
#
# ------------------- Step 2 - AO Environment Setup ------------------- ## ------------------- Step 2 - AO Environment Setup -------------------
#
AO='' AO=''
echo -e "Hey! You still there? I was wondering which ${BLUE}version of AO${RESET} you wanted to install. \n" echo -e "${BOLD}Hey!${RESET} You still there? I was wondering which ${BLUE}version of AO${RESET} you wanted to install. \n"
echo -e "${BOLD}1.${RESET} ao-3 (Vue)" echo -e "${BOLD}1.${RESET} ao-3 (Vue)"
echo -e "${BOLD}2.${RESET} ao-react (React)" echo -e "${BOLD}2.${RESET} ao-react (React)"
while [[ -z $AO ]]; do while [[ -z $AO ]]; do
@ -154,10 +159,10 @@ while [[ -z $AO ]]; do
case $ao_select in case $ao_select in
"1") "1")
echo "Minimalism, I like it! Proceeding with ao-3 installation" echo "Minimalism, I like it! Proceeding with ao-3 installation"
AO=vue AO=3
;; ;;
"2") "2")
echo "The DCTRL special! Proceeding with ao-react installation" echo "It's got community! Proceeding with ao-react installation"
AO=react AO=react
;; ;;
*) *)
@ -166,29 +171,31 @@ while [[ -z $AO ]]; do
esac esac
done; done;
echo "" echo ""
#
if [ $AO = "vue" ] || [ $AO = 'react' ]; then #if [ $AO = "3" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing Node.js${RESET}" # echo -e "${BOLD}Installing Node.js${RESET}"
chmod +x scripts/nvm_install.sh # chmod +x scripts/nvm_install.sh
scripts/nvm_install.sh # scripts/nvm_install.sh
if [ "$SHELL" = '/bin/zsh' ]; then # if [ "$SHELL" = '/bin/zsh' ]; then
echo 'sourcing zshrc' # echo 'sourcing zshrc'
source ~/.zshrc # source ~/.zshrc
else # else
source ~/.bashrc # source ~/.bashrc
fi # fi
nvm install v16.13.0 # nvm install v16.13.0
nvm alias default v16.13.0 # nvm alias default v16.13.0
if [ "$SHELL" = '/bin/zsh' ]; then # if [ "$SHELL" = '/bin/zsh' ]; then
echo 'sourcing zshrc' # echo 'sourcing zshrc'
source ~/.zshrc # source ~/.zshrc
else # else
source ~/.bashrc # source ~/.bashrc
fi # fi
echo "" # echo ""
fi #fi
#
if [ $AO = "vue" ] || [ $AO = 'react' ]; then #
# TODO: Compile Bitcoin from C to make it resistant to changes in architecture (should work for ISA)
if [ $AO = "3" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing Bitcoin Ecosystem${RESET}" echo -e "${BOLD}Installing Bitcoin Ecosystem${RESET}"
mkdir -p bitcoin mkdir -p bitcoin
@ -199,30 +206,40 @@ if [ $AO = "vue" ] || [ $AO = 'react' ]; then
fi fi
tar -xvf images/bitcoin-22.0*.tar.gz tar -xvf images/bitcoin-22.0*.tar.gz
sleep 1
sudo cp bitcoin-22.0/bin/* /usr/local/bin/ sudo cp bitcoin-22.0/bin/* /usr/local/bin/
rm -rf bitcoin-22.0
#echo 'Installing lightningd' #echo -e "${BOLD}Installing lightningd${RESET}"
#git clone https://github.com/ElementsProject/lightning.git lightning #git clone https://github.com/ElementsProject/lightning.git ~/lightning
#cd lightning #pushd ~/lightning
#git checkout v0.10.2 #git checkout v0.10.2
#./configure #./configure
#sudo make #sudo make
#sudo make install #sudo make install
#cd .. #popd
# TODO fix clboss
#echo 'Installing clboss' #echo 'Installing clboss'
#git clone https://github.com/ZmnSCPxj/clboss.git clboss #git clone https://github.com/ZmnSCPxj/clboss.git ~/clboss
#cd clboss #pushd ~/clboss
#git checkout 0.11B #git checkout 0.11B
#mkdir m4 #mkdir m4
#autoreconf -i #autoreconf -i
#./configure #./configure
#make #make
#sudo make install #sudo make install
#cd .. #popd
echo ""
echo -e "${BOLD}Bitcoin installed!${RESET} Let's make sure it's configured now." echo -e "${BOLD}Bitcoin installed!${RESET} Let's make sure it's configured now."
AUTHDEETS=$(python3 scripts/rpcauth.py ao)
AUTHLINE=$(echo $AUTHDEETS | grep -o rpcauth=ao:[^[:space:]]*[[:space:]])
PASSLINE=$(echo $AUTHDEETS | grep -o [^[:space:]]*\$)
if [ -f $HOME/.bitcoin/bitcoin.conf ]; then if [ -f $HOME/.bitcoin/bitcoin.conf ]; then
echo 'bitcoin config exists' echo 'bitcoin config exists'
else else
@ -230,178 +247,176 @@ if [ $AO = "vue" ] || [ $AO = 'react' ]; then
echo 'created default bitcoin config' echo 'created default bitcoin config'
fi fi
# TODO we should ask if they want to run in pruned mode
sed -i "s/BTC_LOGIN/${AUTHLINE}/" $HOME/.bitcoin/bitcoin.conf
mkdir -p $HOME/.lightning
if [ -f $HOME/.lightning/config ]; then if [ -f $HOME/.lightning/config ]; then
echo 'lightning config exists' echo 'lightning config exists'
else else
cp resources/sample_lightning_config $HOME/.lightning/config cp resources/sample_lightning_config $HOME/.lightning/config
echo 'created default lightning config' echo 'created default lightning config'
fi fi
AUTHDEETS=$(python3 ./rpcauth.py ao)
AUTHLINE=$(echo $AUTHDEETS | grep -o rpcauth=ao:[^[:space:]]*[[:space:]])
PASSLINE=$(echo $AUTHDEETS | grep -o [^[:space:]]*\$)
echo $AUTHLINE >> $HOME/.bitcoin/bitcoin.conf
fi fi
echo '' echo ''
if [ $AO = "vue" ] || [ $AO = 'react' ]; then if [ $AO = "3" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing and configuring Tor${RESET}\n" echo -e "${BOLD}Installing and configuring Tor${RESET}\n"
install_if_needed tor install_if_needed tor
TORRCPATH='/usr/local/etc/tor/torrc' if [ -e /usr/local/etc/tor/torrc ]; then
if [ ! -d "/usr/local/etc/tor" ]; TORRCPATH='/usr/local/etc/tor/torrc'
then elif [ -e /etc/tor/torrc ]; then
sudo mkdir -p /usr/local/etc/tor TORRCPATH='/etc/tor/torrc'
fi fi
if [ ! -f $TORRCPATH ]; TORRCPATH=
then
sudo echo "ControlPort 9051" >> $TORRCPATH
sudo echo "CookieAuthentication 1" >> $TORRCPATH
sudo chmod 666 $TORRCPATH # so controlport can modify . . . is this bad?
fi
if [ $(cat $TORRCPATH | grep -c "HiddenServiceDir /var/lib/tor/ao") -eq 0 ]; # Configure and write torrc file
then cp resources/torrc-template .
echo "HiddenServiceDir /var/lib/tor/ao" | sudo tee -a $TORRCPATH 1>/dev/null 2>&1 sudo sed -i "s#USER#${USER}#g" torrc-template
fi sudo sed -i "s#HOME#${HOME}#g" torrc-template
if [ $(cat $TORRCPATH | grep -c "HiddenServicePort 80 127\.0\.0\.1:8003") -eq 0 ];
then
echo "HiddenServicePort 80 127.0.0.1:8003" | sudo tee -a $TORRCPATH 1>/dev/null 2>&1
fi
if [ ! -d "/var/lib/tor" ];
then
sudo mkdir -p /var/lib/tor
fi
if [ ! -d "/var/lib/tor/ao" ]; if [ -n "$TORRCPATH" ]; then
then sudo mv torrc-template $TORRCPATH
sudo mkdir -p /var/lib/tor/ao else
echo -e "${RED}Uh oh...${RESET} I couldn't figure out where your torrc file is. That might cause some issues"
sleep 3
echo -e "\nAnyways...\n"
sleep 2
fi fi
sudo chown -R $USER:$USER /var/lib/tor
sudo chmod -R 700 /var/lib/tor
fi fi
#
# ------------------- Step 3 - AO Installation ------------------- ## ------------------- Step 3 - AO Installation -------------------
#
echo -e "${BOLD}Configuring AO Core${RESET}\n" echo -e "${BOLD}Configuring AO Core${RESET}\n"
if [ -d $HOME/.ao ]; then mkdir -p $HOME/.ao
echo 'default AO dir exists'
else
mkdir $HOME/.ao
fi
if [ -f $HOME/.ao/key ]; then if [ -f $HOME/.ao/key ]; then
echo 'ao privkey exists' echo 'We already have a private key for this AO, sweet!'
else else
node ./createPrivateKey.js >> $HOME/.ao/key node scripts/createPrivateKey.js >> $HOME/.ao/key
echo 'created ao privkey' echo -e "Just made a fresh private key and put it in ${GREEN}~/.ao${RESET}"
fi fi
echo "" echo ""
case $AO in # case $AO in
"vue") # "3")
echo -e "Installing ${BLUE}ao-3${RESET}" # echo -e "Installing ${BLUE}ao-3${RESET}"
git clone 'https://github.com/AutonomousOrganization/ao-3.git' ~/ao-3 # git clone 'https://github.com/AutonomousOrganization/ao-3.git' ~/ao-3
pushd ~/ao-3 # pushd ~/ao-3
npm install # npm install
npm run build # npm run build
#
if [ -f "$HOME/ao-3/configuration.js" ]; then # if [ -f "$HOME/ao-3/configuration.js" ]; then
echo configuration.js already exists # echo configuration.js already exists
else # else
cp resources/ao-config $HOME/ao-react/configuration.js # cp resources/ao-config $HOME/ao-react/configuration.js
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js # sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js # sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js # sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js
fi # fi
#
npm run checkconfig # npm run checkconfig
popd # popd
;; # ;;
"react") # "react")
echo -e "Installing ${BLUE}ao-react${RESET}" # echo -e "Installing ${BLUE}ao-react${RESET}"
git clone 'https://github.com/coalition-of-invisible-colleges/ao-react.git' ~/ao-react # git clone 'https://github.com/coalition-of-invisible-colleges/ao-react.git' ~/ao-react
#
if [ -f "$HOME/ao-react/configuration.js" ]; then #
echo configuration.js already exists # # TODO process env bug during webpack
else # pushd ~/ao-react
cp resources/ao-config $HOME/ao-react/configuration.js # npm install
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js # npm run webpack
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js # popd
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js # ;;
fi # esac
pushd ~/ao-react # TODO this is kind of janky/fragile, it would be better to store this in ~/.ao
npm install CONFIG_FILE=$HOME/ao-$AO/configuration.js
npm run webpack
popd if [ -f "$CONFIG_FILE" ]; then
;; echo configuration.js already exists
esac else
cp resources/ao-config $CONFIG_FILE
# ------------------- Step 4 - NGINX Setup ------------------- sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $CONFIG_FILE
sed -i "s#PASSLINE#${PASSLINE}#" $CONFIG_FILE
echo "" sed -i "s#PRIVATEKEY#${HOME}/.ao/key#" $CONFIG_FILE
echo "We might need to query DNS records here..." sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $CONFIG_FILE
install_if_needed dig sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $CONFIG_FILE
echo -e "You still there? I need to ask you some questions! \n\n${BLUE}(enter)${RESET}" fi
read
echo "" ## ------------------- Step 4 - NGINX Setup -------------------
read -p "Do you have a domain name pointing to this computer? (y/n): " dns #
echo "" #echo ""
case $dns in #echo "We might need to query DNS records here..."
y | Y) #install_if_needed dig nginx
echo "Good to hear! What is it?" #echo -e "You still there? I need to ask you some questions! \n\n${BLUE}(enter)${RESET}"
read -p "http://" domain #read
;; #echo ""
*) #read -p "Do you have a domain name pointing to this computer? (y/n): " dns
echo "Okay, let's just leave it open for now." #echo ""
domain=$(dig @resolver4.opendns.com myip.opendns.com +short) #case $dns in
anywhere=1 # y | Y)
echo "Try accessing this AO from either localhost, 127.0.0.1, or ${domain}" # echo "Good to hear! What is it?"
;; # read -p "http://" domain
esac # ;;
echo "" # *)
AO_NGINX_CONF=/etc/nginx/sites-available/ao # echo "Okay, let's just leave it open for now."
sudo cp resources/ao.nginx.conf $AO_NGINX_CONF # domain=$(dig @resolver4.opendns.com myip.opendns.com +short)
# anywhere=1
if [ -n $anywhere ]; then # echo "Try accessing this AO from either localhost, 127.0.0.1, or ${domain}"
sudo sed -i "s#SERVER_NAME#_#" $AO_NGINX_CONF # ;;
#esac
anywhere=1 # TODO Remove this line
if [ "$anywhere" -eq 1 ]; then
ACCESS_POINT=http://localhost:8003
else else
sudo sed -i "s#SERVER_NAME#${domain}#" $AO_NGINX_CONF ACCESS_POINT=https://$domain
fi fi
sudo sed -i "s#FILE_ROOT#${HOME}/ao-react/dist#" $AO_NGINX_CONF #echo ""
sudo ln -s /etc/nginx/sites-available/ao /etc/nginx/sites-enabled/ #AO_NGINX_CONF=/etc/nginx/sites-available/ao
echo "" #sudo cp resources/ao.nginx.conf $AO_NGINX_CONF
sudo systemctl reload nginx #
echo "Excellent! We've configured $AO_NGINX_CONF to serve your AO from $domain" #if [ -n $anywhere ]; then
echo "" # sudo sed -i "s#SERVER_NAME#_#" $AO_NGINX_CONF
#else
read -p "Would you like to enable SSL via Certbot? (y/n): " -n1 ssl # sudo sed -i "s#SERVER_NAME#${domain}#" $AO_NGINX_CONF
echo "" #fi
case $ssl in #
y | Y) #sudo sed -i "s#FILE_ROOT#${HOME}/ao-react/dist#" $AO_NGINX_CONF
echo "Alright, let's get Certbot in here!" #sudo ln -s /etc/nginx/sites-available/ao /etc/nginx/sites-enabled/
install_if_needed python3 certbot python3-certbot-nginx #echo ""
echo -e "${BOLD}Take it away, Certbot${NC}" #sudo systemctl reload nginx
sudo certbot --nginx #echo "Excellent! We've configured $AO_NGINX_CONF to serve your AO from $domain"
;; #echo ""
*) #
echo "Yea, SSL is lame anyways..." #read -p "Would you like to enable SSL via Certbot? (y/n): " -n1 ssl
;; #echo ""
esac #case $ssl in
echo "" # y | Y)
# echo "Alright, let's get Certbot in here!"
# install_if_needed python3 certbot python3-certbot-nginx
# echo -e "${BOLD}Take it away, Certbot${NC}"
# sudo certbot --nginx
# ;;
# *)
# echo "Yea, SSL is lame anyways..."
# ;;
#esac
#echo ""
# ------------------- Step 7 - Systemd Setup ------------------- # ------------------- Step 7 - Systemd Setup -------------------
READY='' READY=''
echo -e "Alright, almost there! Now we just need to set up the system daemons for Tor, Bitcoin, Lightning, and the AO so that everything opens on startup." echo -e "\n${BOLD}Alright, almost there!${RESET} Now we just need to set up the system daemons for Tor, Bitcoin, Lightning, and the AO so that everything opens on startup."
while [[ -z $AO ]]; do while [[ -z $READY ]]; do
echo -en "${BLUE}You ready? (y/n):${RESET} " echo -en "${BLUE}You ready? (y/n):${RESET} "
read -n1 ao_select read -n1 ao_select
echo "" echo ""
@ -409,111 +424,169 @@ while [[ -z $AO ]]; do
case $ao_select in case $ao_select in
"y" | "Y") "y" | "Y")
echo "Nice, let's do it.\n" echo -e "Nice, let's do it.\n"
READY=1 READY=1
;; ;;
*) *)
echo "wrong answer, fren\n\n" echo -e "wrong answer, fren\n"
;; ;;
esac esac
done done
echo "Creating tor.service..." echo ""
TOR_SERVICE=/etc/systemd/system/tor.service #echo "Creating tor.service..."
if [ -f "$TOR_SERVICE" ]; then #TOR_SERVICE=/etc/systemd/system/tor.service
echo "Seems like you've already got tor here!" #if [ -f "$TOR_SERVICE" ]; then
else # echo "Seems like you've already got tor here!"
sudo cp resources/tor-service-template $TOR_SERVICE #else
sudo sed -i "s#USER#${USER}#g" $TOR_SERVICE # sudo cp resources/tor-service-template $TOR_SERVICE
fi #
# # Making sure all values have been de-templated
# sudo sed -i "s#USER#${USER}#g" $TOR_SERVICE
# ------------------- Step 8 - Health Check ------------------- # sudo sed -i "s#HOME#${HOME}#g" $TOR_SERVICE
# ------------------- Step 9 - Port Testing ------------------- # sudo sed -i "s#TORRCPATH#${TORRCPATH}#g" $TOR_SERVICE
# sudo sed -i "s#TORPATH#$(which tor)#g" $TOR_SERVICE
#fi
#
#
## Creating the .tor directory
#sudo mkdir -p $HOME/.tor
#sudo chown tor $HOME/.tor
#sudo chgrp $USER $HOME/.tor
#sudo chmod 770 $HOME/.tor
#
#echo "Enabling and starting Tor"
#sudo systemctl enable tor
#sudo systemctl start tor
echo -e "${BOLD}One more thing!${NC} We need to make sure that your ports are open." echo ""
nmap -Pn $domain > nmap.txt echo "Creating bitcoin.service..."
OPEN=1 BTC_SERVICE=/etc/systemd/system/bitcoin.service
if grep -qE "^80/.*(open|filtered)" nmap.txt; then if [ -f "$BTC_SERVICE" ]; then
echo -e "I can see port ${GREEN}80${NC}!" echo -e "Seems like you've already have a bitcoin service!"
else else
echo -e "Uh oh, port ${RED}80${NC} isn't showing up..." sudo cp resources/bitcoin-service-template $BTC_SERVICE
OPEN=0
fi
if grep -qE "^443/.*(open|filtered)" nmap.txt; then # Making sure all values have been de-templated
echo -e "I can see port ${GREEN}443${NC} as well!" sudo sed -i "s#USER#${USER}#g" $BTC_SERVICE
else sudo sed -i "s#HOME#${HOME}#g" $BTC_SERVICE
echo -e "Uh oh, port ${RED}443${NC} isn't showing up..." sudo sed -i "s#BITCOIND#$(which bitcoind)#g" $BTC_SERVICE
OPEN=0
fi fi
rm nmap.txt echo -e "Enabling and starting ${GREEN}Bitcoin${RESET}"
sudo systemctl enable bitcoin
sudo systemctl start bitcoin
echo "" echo ""
if [[ $OPEN -eq 0 ]]; then echo "Creating lightning.service..."
echo -e "${RED}Port configuration needed.${NC} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet." LN_SERVICE=/etc/systemd/system/lightning.service
echo "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it." if [ -f "$LN_SERVICE" ]; then
echo -e "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}$(ip route | grep default | grep -oP "(?<=src )[^ ]+")${NC})." echo -e "Seems like you've already have a lightning service!"
echo -e "You can log into your router at this IP address: ${BOLD}$(route -n | grep ^0.0.0.0 | awk '{print $2}')${NC}" else
echo "That's all the help I can give you regarding port forwarding. Good luck!" sudo cp resources/lightning-service-template $LN_SERVICE
echo ""
# Making sure all values have been de-templated
sudo sed -i "s#USER#${USER}#g" $LN_SERVICE
sudo sed -i "s#HOME#${HOME}#g" $LN_SERVICE
sudo sed -i "s#LIGHTNINGD#$(which lightningd)#g" $LN_SERVICE
fi fi
echo -e "Enabling and starting ${GREEN}lightning${RESET} "
sudo systemctl enable lightning
sudo systemctl start lightning
echo "Okay, well that's everything! As long as your ports are forwarded, you should be ready to continue your WordPress setup by opening $domain in your browser." echo ""
echo "Creating ao.service..."
AO_SERVICE=/etc/systemd/system/ao.service
if [ -f "$AO_SERVICE" ]; then
echo "Seems like you've already added one of these!"
else
sudo cp resources/ao-service-template $AO_SERVICE
# Making sure all values have been de-templated
sudo sed -i "s#USER#${USER}#g" $AO_SERVICE
sudo sed -i "s#HOME#${HOME}#g" $AO_SERVICE
sudo sed -i "s#NODE#$(which node)#g" $AO_SERVICE
fi
echo -e "Enabling and starting the ${GREEN}AO${RESET}'s backend"
sudo systemctl enable ao
sudo systemctl start ao
# echo '' echo ""
# echo '' echo "Enabling and starting ${GREEN}NGINX${RESET} as the webserver"
# echo '*********************************************************' sudo systemctl enable nginx
# echo 'Version Information' sudo systemctl start nginx
# echo '*********************************************************'
# # ------------------- Step 8 - Port Testing -------------------
# echo ' '
# echo 'make Version' #echo -e "${BOLD}One more thing!${RESET} We need to make sure that your ports are open."
# echo '*********************************************************' #install_if_needed nmap
# make --version #nmap -Pn $domain > nmap.txt
# #OPEN=1
# echo ' ' #if grep -qE "^80/.*(open|filtered)" nmap.txt; then
# echo 'node Version' # echo -e "I can see port ${GREEN}80${RESET}!"
# echo '*********************************************************' #else
# node --version # echo -e "Uh oh, port ${RED}80${RESET} isn't showing up..."
# # OPEN=0
# echo ' ' #fi
# echo 'sqlite3 Version' #
# echo '*********************************************************' #if grep -qE "^443/.*(open|filtered)" nmap.txt; then
# sqlite3 --version # echo -e "I can see port ${GREEN}443${RESET} as well!"
# #else
# echo ' ' # echo -e "Uh oh, port ${RED}443${RESET} isn't showing up..."
# echo 'tor Version' # OPEN=0
# echo '*********************************************************' #fi
# tor --version #rm nmap.txt
# #echo ""
# echo ' ' #if [[ $OPEN -eq 0 ]]; then
# echo 'bitcoind Version' # echo -e "${RED}Port configuration needed.${RESET} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet."
# echo '*********************************************************' # echo "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it."
# bitcoind --version # echo -e "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}$(ip route | grep default | grep -oP "(?<=src )[^ ]+")${RESET})."
# # echo -e "You can log into your router at this IP address: ${BOLD}$(route -n | grep ^0.0.0.0 | awk '{print $2}')${RESET}"
# echo ' ' # echo "That's all the help I can give you regarding port forwarding. Good luck!"
# echo 'lightningd Version' # echo ""
# echo '*********************************************************' #fi
# lightningd --version #
#
# echo ' ' # ------------------- Step 9 - Health Check -------------------
# echo 'clboss Version' echo ''
# echo '*********************************************************' echo ''
# clboss --version echo '*********************************************************'
# echo -e "* ${BOLD}Version Information${RESET} *"
# echo '' echo '*********************************************************'
# echo 'Execution completion'
# date echo ' '
# echo '' echo 'make Version'
# echo '*********************************************************'
# echo 'Lightning Node Installed Start via two terminals: ' make --version
# echo ' bitcoind'
# echo ' lightningd' echo ' '
# echo 'Can Proceed to AO-3 setup: ' echo 'node Version'
# echo ' git clone https://github.com/AutonomousOrganization/ao-3' echo '*********************************************************'
# echo ' cd ao-3' node --version
# echo ' npm install'
# echo ' npm run checkconfig' echo ' '
# echo ' npm build' echo 'sqlite3 Version'
# echo ' npm start' echo '*********************************************************'
sqlite3 --version
echo ' '
echo 'tor Version'
echo '*********************************************************'
tor --version
echo ' '
echo 'bitcoind Version'
echo '*********************************************************'
bitcoind --version
echo ' '
echo 'lightningd Version'
echo '*********************************************************'
lightningd --version
echo ' '
echo 'clboss Version'
echo '*********************************************************'
clboss --version
echo ""
echo -e "$BOLD$GREEN\nOkay, well that's everything!${RESET}\n\nAs long as everything worked properly, \
you should be ready to continue your journey\ntowards autonomy by opening ${BLUE}$ACCESS_POINT${RESET} in your browser."

46
scripts/rpcauth.py
Unescape View File

@ -0,0 +1,46 @@
#!/usr/bin/env python3
# Copyright (c) 2015-2018 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
from argparse import ArgumentParser
from base64 import urlsafe_b64encode
from binascii import hexlify
from getpass import getpass
from os import urandom
import hmac
def generate_salt(size):
"""Create size byte hex salt"""
return hexlify(urandom(size)).decode()
def generate_password():
"""Create 32 byte b64 password"""
return urlsafe_b64encode(urandom(32)).decode('utf-8')
def password_to_hmac(salt, password):
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
return m.hexdigest()
def main():
parser = ArgumentParser(description='Create login credentials for a JSON-RPC user')
parser.add_argument('username', help='the username for authentication')
parser.add_argument('password', help='leave empty to generate a random password or specify "-" to prompt for password', nargs='?')
args = parser.parse_args()
if not args.password:
args.password = generate_password()
elif args.password == '-':
args.password = getpass()
# Create 16 byte hex salt
salt = generate_salt(16)
password_hmac = password_to_hmac(salt, args.password)
print('String to be appended to bitcoin.conf:')
print('rpcauth={0}:{1}${2}'.format(args.username, salt, password_hmac))
print('Your password:\n{0}'.format(args.password))
if __name__ == '__main__':
main()
Write Preview
Loading…
Cancel
Save