Zen
/
Alchemy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

most features are done, some are commented out. This is about 90%

main
Zen 3 years ago
parent
d20914188f
commit
937dfda20d
9 changed files with 521 additions and 324 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      resources/ao-config
  2. 14
      resources/ao-service-template
  3. 27
      resources/bitcoin-service-template
  4. 31
      resources/lightning-service-template
  5. 4
      resources/sample_lightning_config
  6. 57
      resources/tor-service-template
  7. 9
      resources/torrc-template
  8. 639
      scripts/ao.sh
  9. 46
      scripts/rpcauth.py

18
resources/ao-config
Unescape View File

@ -1,25 +1,29 @@
export default {
bitcoind: {
network: 'mainnet'
network: 'mainnet',
username: 'ao',
password: 'PASSLINE'
},
bitcoinAverage: {
pub: '',
secret: ''
},
sqlite3: {
//file: '$HOME/.ao/database.sqlite3'
file: 'SQLITE_DATABASE'
},
clightning: {
//dir: '$HOME/.lightning/bitcoin'
// default is '~/.lightning/bitcoin'
dir: 'CLIGHTNING_DIR'
},
tor: {
//hostname: '$TORHOSTNAME'
hostname: 'TOR_HOSTNAME'
},
sqlite3: {
// default is '~/.ao/database.sqlite3'
file: 'SQLITE_DATABASE'
},
hostnames: []
privateKey: 'PRIVATEKEY',
memes: {
//dir: '$HOME/.ao/memes'
// default is ~/.ao/memes'
dir: 'MEMES_DIR'
},
jitsi: {

14
resources/ao-service-template
Unescape View File

@ -0,0 +1,14 @@
[Unit]
Description=ao-daemon
[Service]
WorkingDirectory=HOME/ao-react
ExecStart=NODE --experimental-specifier-resolution=node -r dotenv/config HOME/ao-react/src/server/app.js
User=USER
Type=simple
Restart=on-failure
PrivateTmp=true
[Install]
WantedBy=multi-user.target

27
resources/bitcoin-service-template
Unescape View File

@ -0,0 +1,27 @@
[Unit]
Description=Bitcoin daemon
After=network.target
[Service]
Type=notify
NotifyAccess=all
ExecStart=BITCOIND --daemon --server --pid=HOME/.bitcoin/bitcoind.pid
Type=forking
PIDFile=HOME/.bitcoin/bitcoind.pid
Restart=on-failure
KillSignal=SIGINT
TimeoutSec=60
WatchdogSec=60
LimitNOFILE=32768
User=USER
Group=USER
# Hardening
PrivateTmp=yes
PrivateDevices=yes
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target

31
resources/lightning-service-template
Unescape View File

@ -0,0 +1,31 @@
[Unit]
Description=C-Lightning daemon
Requires=bitcoin.service
After=bitcoin.service
Wants=network.target
After=network.target
[Service]
Type=forking
NotifyAccess=all
ExecStart=LIGHTNINGD --conf HOME/.lightning/config --pid-file=HOME/.lightning/lightningd.pid
User=USER
Group=USER
Type=forking
PIDFile=HOME/.lightning/lightningd.pid
Restart=on-failure
KillSignal=SIGINT
TimeoutSec=60
WatchdogSec=60
LimitNOFILE=32768
# Hardening
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target

4
resources/sample_lightning_config
Unescape View File

@ -1,6 +1,6 @@
network=bitcoin
plugin=clboss
log-level=debug:clboss
#plugin=clboss
#log-level=debug:clboss
proxy=127.0.0.1:9050
bind-addr=127.0.0.1:9735
addr=statictor:127.0.0.1:9051

57
resources/tor-service-template
Unescape View File

@ -1,41 +1,34 @@
[Unit]
Description=Anonymizing overlay network for TCP (multi-instance-master)
After=network.target
After=syslog.target network.target nss-lookup.target
[Service]
#$USER
User=USER
Group=USER
Type=simple
#Type=forking
PrivateTmp=yes
PermissionsStartOnly=true
ExecStartPre=-/bin/mkdir /var/run/tor
ExecStartPre=/bin/cp TORRCPATH /var/run/tor
ExecStartPre=/bin/chmod a-wx,go-rwx /var/run/tor/torrc
ExecStartPre=/bin/chown -R USER:USER /var/run/tor
ExecStart=/usr/local/bin/tor -f TORRCPATH
ExecReload=/bin/kill -HUP MAINPID
#LimitNPROC = 2
#DeviceAllow = /dev/null rw
#DeviceAllow = /dev/urandom r
#DeviceAllow = /dev/random r
#InaccessibleDirectories = /
#ReadOnlyDirectories = /etc/usr
#ReadWriteDirectories = /var/lib/tor /var/log/tor
#PIDFile=/var/run/tor/tor.pid
Type=notify
NotifyAccess=all
ExecStartPre=+/bin/chown USER:USER /var/lib/tor
ExecStartPre=TORPATH -f TORRCPATH --verify-config
ExecStart=TORPATH -f TORRCPATH
ExecReload=/bin/kill -HUP ${MAINPID}
KillSignal=SIGINT
LimitNOFILE=8192
PrivateDevices=yes
TimeoutSec=60
Restart=on-failure
WatchdogSec=60
LimitNOFILE=32768
User=root
Group=USER
#Type=oneshot
#RemainAfterExit=yes
#ExecStart=/bin/true
#ExecReload=/bin/true
# Hardening
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=full
ProtectHome=no
ReadOnlyDirectories=/
ReadWriteDirectories=-/var/lib/tor
ReadWriteDirectories=-/var/log/tor
ReadWriteDirectories=-HOME/.tor
NoNewPrivileges=no
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
[Install]
WantedBy=multi-user.target

9
resources/torrc-template
Unescape View File

@ -0,0 +1,9 @@
User USER
Log notice syslog
DataDirectory /var/lib/tor
ControlPort 9051
CookieAuthentication 1
CookieAuthFile HOME/.tor/control_auth_cookie
CookieAuthFileGroupReadable 1
DataDirectoryGroupReadable 1
CacheDirectoryGroupReadable 1

639
scripts/ao.sh
Unescape View File

@ -11,6 +11,9 @@ BOLD="\e[1m"
ULINE="\e[4m"
RESET="\e[0m"
# Make sure that ctrl+C actually exits
trap "exit" INT
clear
echo ''
echo ' d8888 .d88888b. 8888888 888 888 888 '
@ -35,10 +38,10 @@ echo -e "${ULINE}System Basics${RESET}"
if [ -f "/etc/debian_version" ]; then
DISTRO="debian"
echo -e "Debian, Ubuntu, or Raspbian OS detected."
echo -e "${GREEN}Debian${RESET}, Ubuntu, or Raspbian OS detected."
elif [ -f "/etc/arch-release" ]; then
DISTRO="arch"
echo -e "Arch- or Manjaro-based OS detected."
echo -e "${GREEN}Arch or Manjaro-based${RESET} OS detected."
elif [ -f "/etc/fedora-release" ]; then
DISTRO="fedora"
echo -e "${GREEN}Fedora${RESET} detected as the Operating System"
@ -46,7 +49,7 @@ elif [ $(uname | grep -c "Darwin") -eq 1 ]; then
DISTRO="mac"
echo -e "${GREEN}MacOS${RESET} detected."
else
echo "I don't know what OS you're running! Cancelling this operation."
echo -e "I don't know ${RED}what OS you're running${RESET}! Cancelling this operation."
exit 1
fi
@ -59,20 +62,17 @@ elif [ $ARCHY == 'armv7l' ]; then
fi
echo ""
export ALCHEMY_DISTRO=$DISTRO
export ALCHEMY_ARCH=$ARCHY
echo ""
echo -e "Got it! Next we're going to make sure the system's repositories (where they get their data from)\nare updated and that you have all the basic command line utilities we need to continue. \n\n${BLUE}(enter)${RESET}"
read
# This is a bash function!
install_if_needed() {
install_if_needed() { # Coding Moment: generally, whenever you see something with brackets at the end of it, like this() or like(this), it's a function! It takes inputs and gives outputs
for package in "$@"
do
if [ -z $(which $package) ]; then
if [ -z $(which $package 2>/dev/null) ]; then
echo "installing" $package
case $DISTRO in
@ -80,7 +80,7 @@ install_if_needed() {
sudo apt install -y $package
;;
"arch")
sudo pacman -S $package
sudo pacman -S $package --noconfirm --needed
;;
"fedora")
sudo dnf install -y $package
@ -105,7 +105,7 @@ case $DISTRO in
sudo apt upgrade
;;
"arch")
sudo pacman -Syu
#sudo pacman -Syu
;;
"fedora")
# sudo dnf update
@ -122,27 +122,32 @@ echo -e "Making sure we've got the basics..."
case $DISTRO in
"debian")
# Note -- I'm not sure if these are all needed but I'm not in the mood to check
install_if_needed git wget tor sqlite3 zlib1g-dev libtool-bin autoconf autoconf-archive automake autotools-dev \
install_if_needed git wget sqlite3 zlib1g-dev libtool-bin autoconf autoconf-archive automake autotools-dev \
libgmp-dev libsqlite3-dev python python3 python3-mako libsodium-dev build-essential pkg-config libev-dev \
libcurl4-gnutls-dev libssl-dev fakeroot devscripts
;;
"arch")
# install_if_needed
if [[ ! $(pacman -Qg base-devel) ]]; then
sudo pacman -S base-devel --noconfirm
fi
install_if_needed git wget sqlite3 python git gmp sqlite3 \
python-mako python-pip net-tools zlib libsodium gettext
;;
"mac")
# install_if_needed
# install_if_needed better-computer
;;
"fedora")
# install_if_needed git wget tor sqlite3 autoconf autoconf-archive automake \
# python python3 python3-mako pkg-config fakeroot devscripts
install_if_needed git wget tor sqlite3 autoconf autoconf-archive automake \
python python3 python3-mako pkg-config fakeroot devscripts
;;
esac
echo ""
# ------------------- Step 2 - AO Environment Setup -------------------
#
## ------------------- Step 2 - AO Environment Setup -------------------
#
AO=''
echo -e "Hey! You still there? I was wondering which ${BLUE}version of AO${RESET} you wanted to install. \n"
echo -e "${BOLD}Hey!${RESET} You still there? I was wondering which ${BLUE}version of AO${RESET} you wanted to install. \n"
echo -e "${BOLD}1.${RESET} ao-3 (Vue)"
echo -e "${BOLD}2.${RESET} ao-react (React)"
while [[ -z $AO ]]; do
@ -154,10 +159,10 @@ while [[ -z $AO ]]; do
case $ao_select in
"1")
echo "Minimalism, I like it! Proceeding with ao-3 installation"
AO=vue
AO=3
;;
"2")
echo "The DCTRL special! Proceeding with ao-react installation"
echo "It's got community! Proceeding with ao-react installation"
AO=react
;;
*)
@ -166,29 +171,31 @@ while [[ -z $AO ]]; do
esac
done;
echo ""
if [ $AO = "vue" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing Node.js${RESET}"
chmod +x scripts/nvm_install.sh
scripts/nvm_install.sh
if [ "$SHELL" = '/bin/zsh' ]; then
echo 'sourcing zshrc'
source ~/.zshrc
else
source ~/.bashrc
fi
nvm install v16.13.0
nvm alias default v16.13.0
if [ "$SHELL" = '/bin/zsh' ]; then
echo 'sourcing zshrc'
source ~/.zshrc
else
source ~/.bashrc
fi
echo ""
fi
if [ $AO = "vue" ] || [ $AO = 'react' ]; then
#
#if [ $AO = "3" ] || [ $AO = 'react' ]; then
# echo -e "${BOLD}Installing Node.js${RESET}"
# chmod +x scripts/nvm_install.sh
# scripts/nvm_install.sh
# if [ "$SHELL" = '/bin/zsh' ]; then
# echo 'sourcing zshrc'
# source ~/.zshrc
# else
# source ~/.bashrc
# fi
# nvm install v16.13.0
# nvm alias default v16.13.0
# if [ "$SHELL" = '/bin/zsh' ]; then
# echo 'sourcing zshrc'
# source ~/.zshrc
# else
# source ~/.bashrc
# fi
# echo ""
#fi
#
#
# TODO: Compile Bitcoin from C to make it resistant to changes in architecture (should work for ISA)
if [ $AO = "3" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing Bitcoin Ecosystem${RESET}"
mkdir -p bitcoin
@ -199,30 +206,40 @@ if [ $AO = "vue" ] || [ $AO = 'react' ]; then
fi
tar -xvf images/bitcoin-22.0*.tar.gz
sleep 1
sudo cp bitcoin-22.0/bin/* /usr/local/bin/
rm -rf bitcoin-22.0
#echo 'Installing lightningd'
#git clone https://github.com/ElementsProject/lightning.git lightning
#cd lightning
#echo -e "${BOLD}Installing lightningd${RESET}"
#git clone https://github.com/ElementsProject/lightning.git ~/lightning
#pushd ~/lightning
#git checkout v0.10.2
#./configure
#sudo make
#sudo make install
#cd ..
#popd
# TODO fix clboss
#echo 'Installing clboss'
#git clone https://github.com/ZmnSCPxj/clboss.git clboss
#cd clboss
#git clone https://github.com/ZmnSCPxj/clboss.git ~/clboss
#pushd ~/clboss
#git checkout 0.11B
#mkdir m4
#autoreconf -i
#./configure
#make
#sudo make install
#cd ..
#popd
echo ""
echo -e "${BOLD}Bitcoin installed!${RESET} Let's make sure it's configured now."
AUTHDEETS=$(python3 scripts/rpcauth.py ao)
AUTHLINE=$(echo $AUTHDEETS | grep -o rpcauth=ao:[^[:space:]]*[[:space:]])
PASSLINE=$(echo $AUTHDEETS | grep -o [^[:space:]]*\$)
if [ -f $HOME/.bitcoin/bitcoin.conf ]; then
echo 'bitcoin config exists'
else
@ -230,178 +247,176 @@ if [ $AO = "vue" ] || [ $AO = 'react' ]; then
echo 'created default bitcoin config'
fi
# TODO we should ask if they want to run in pruned mode
sed -i "s/BTC_LOGIN/${AUTHLINE}/" $HOME/.bitcoin/bitcoin.conf
mkdir -p $HOME/.lightning
if [ -f $HOME/.lightning/config ]; then
echo 'lightning config exists'
else
cp resources/sample_lightning_config $HOME/.lightning/config
echo 'created default lightning config'
fi
AUTHDEETS=$(python3 ./rpcauth.py ao)
AUTHLINE=$(echo $AUTHDEETS | grep -o rpcauth=ao:[^[:space:]]*[[:space:]])
PASSLINE=$(echo $AUTHDEETS | grep -o [^[:space:]]*\$)
echo $AUTHLINE >> $HOME/.bitcoin/bitcoin.conf
fi
fi
echo ''
if [ $AO = "vue" ] || [ $AO = 'react' ]; then
if [ $AO = "3" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing and configuring Tor${RESET}\n"
install_if_needed tor
TORRCPATH='/usr/local/etc/tor/torrc'
if [ ! -d "/usr/local/etc/tor" ];
then
sudo mkdir -p /usr/local/etc/tor
if [ -e /usr/local/etc/tor/torrc ]; then
TORRCPATH='/usr/local/etc/tor/torrc'
elif [ -e /etc/tor/torrc ]; then
TORRCPATH='/etc/tor/torrc'
fi
if [ ! -f $TORRCPATH ];
then
sudo echo "ControlPort 9051" >> $TORRCPATH
sudo echo "CookieAuthentication 1" >> $TORRCPATH
sudo chmod 666 $TORRCPATH # so controlport can modify . . . is this bad?
fi
TORRCPATH=
if [ $(cat $TORRCPATH | grep -c "HiddenServiceDir /var/lib/tor/ao") -eq 0 ];
then
echo "HiddenServiceDir /var/lib/tor/ao" | sudo tee -a $TORRCPATH 1>/dev/null 2>&1
fi
if [ $(cat $TORRCPATH | grep -c "HiddenServicePort 80 127\.0\.0\.1:8003") -eq 0 ];
then
echo "HiddenServicePort 80 127.0.0.1:8003" | sudo tee -a $TORRCPATH 1>/dev/null 2>&1
fi
if [ ! -d "/var/lib/tor" ];
then
sudo mkdir -p /var/lib/tor
fi
# Configure and write torrc file
cp resources/torrc-template .
sudo sed -i "s#USER#${USER}#g" torrc-template
sudo sed -i "s#HOME#${HOME}#g" torrc-template
if [ ! -d "/var/lib/tor/ao" ];
then
sudo mkdir -p /var/lib/tor/ao
if [ -n "$TORRCPATH" ]; then
sudo mv torrc-template $TORRCPATH
else
echo -e "${RED}Uh oh...${RESET} I couldn't figure out where your torrc file is. That might cause some issues"
sleep 3
echo -e "\nAnyways...\n"
sleep 2
fi
sudo chown -R $USER:$USER /var/lib/tor
sudo chmod -R 700 /var/lib/tor
fi
# ------------------- Step 3 - AO Installation -------------------
#
## ------------------- Step 3 - AO Installation -------------------
#
echo -e "${BOLD}Configuring AO Core${RESET}\n"
if [ -d $HOME/.ao ]; then
echo 'default AO dir exists'
else
mkdir $HOME/.ao
fi
mkdir -p $HOME/.ao
if [ -f $HOME/.ao/key ]; then
echo 'ao privkey exists'
echo 'We already have a private key for this AO, sweet!'
else
node ./createPrivateKey.js >> $HOME/.ao/key
echo 'created ao privkey'
node scripts/createPrivateKey.js >> $HOME/.ao/key
echo -e "Just made a fresh private key and put it in ${GREEN}~/.ao${RESET}"
fi
echo ""
case $AO in
"vue")
echo -e "Installing ${BLUE}ao-3${RESET}"
git clone 'https://github.com/AutonomousOrganization/ao-3.git' ~/ao-3
pushd ~/ao-3
npm install
npm run build
if [ -f "$HOME/ao-3/configuration.js" ]; then
echo configuration.js already exists
else
cp resources/ao-config $HOME/ao-react/configuration.js
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js
fi
npm run checkconfig
popd
;;
"react")
echo -e "Installing ${BLUE}ao-react${RESET}"
git clone 'https://github.com/coalition-of-invisible-colleges/ao-react.git' ~/ao-react
if [ -f "$HOME/ao-react/configuration.js" ]; then
echo configuration.js already exists
else
cp resources/ao-config $HOME/ao-react/configuration.js
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js
fi
pushd ~/ao-react
npm install
npm run webpack
popd
;;
esac
# ------------------- Step 4 - NGINX Setup -------------------
echo ""
echo "We might need to query DNS records here..."
install_if_needed dig
echo -e "You still there? I need to ask you some questions! \n\n${BLUE}(enter)${RESET}"
read
echo ""
read -p "Do you have a domain name pointing to this computer? (y/n): " dns
echo ""
case $dns in
y | Y)
echo "Good to hear! What is it?"
read -p "http://" domain
;;
*)
echo "Okay, let's just leave it open for now."
domain=$(dig @resolver4.opendns.com myip.opendns.com +short)
anywhere=1
echo "Try accessing this AO from either localhost, 127.0.0.1, or ${domain}"
;;
esac
echo ""
AO_NGINX_CONF=/etc/nginx/sites-available/ao
sudo cp resources/ao.nginx.conf $AO_NGINX_CONF
if [ -n $anywhere ]; then
sudo sed -i "s#SERVER_NAME#_#" $AO_NGINX_CONF
# case $AO in
# "3")
# echo -e "Installing ${BLUE}ao-3${RESET}"
# git clone 'https://github.com/AutonomousOrganization/ao-3.git' ~/ao-3
# pushd ~/ao-3
# npm install
# npm run build
#
# if [ -f "$HOME/ao-3/configuration.js" ]; then
# echo configuration.js already exists
# else
# cp resources/ao-config $HOME/ao-react/configuration.js
# sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js
# sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js
# sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js
# fi
#
# npm run checkconfig
# popd
# ;;
# "react")
# echo -e "Installing ${BLUE}ao-react${RESET}"
# git clone 'https://github.com/coalition-of-invisible-colleges/ao-react.git' ~/ao-react
#
#
# # TODO process env bug during webpack
# pushd ~/ao-react
# npm install
# npm run webpack
# popd
# ;;
# esac
# TODO this is kind of janky/fragile, it would be better to store this in ~/.ao
CONFIG_FILE=$HOME/ao-$AO/configuration.js
if [ -f "$CONFIG_FILE" ]; then
echo configuration.js already exists
else
cp resources/ao-config $CONFIG_FILE
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $CONFIG_FILE
sed -i "s#PASSLINE#${PASSLINE}#" $CONFIG_FILE
sed -i "s#PRIVATEKEY#${HOME}/.ao/key#" $CONFIG_FILE
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $CONFIG_FILE
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $CONFIG_FILE
fi
## ------------------- Step 4 - NGINX Setup -------------------
#
#echo ""
#echo "We might need to query DNS records here..."
#install_if_needed dig nginx
#echo -e "You still there? I need to ask you some questions! \n\n${BLUE}(enter)${RESET}"
#read
#echo ""
#read -p "Do you have a domain name pointing to this computer? (y/n): " dns
#echo ""
#case $dns in
# y | Y)
# echo "Good to hear! What is it?"
# read -p "http://" domain
# ;;
# *)
# echo "Okay, let's just leave it open for now."
# domain=$(dig @resolver4.opendns.com myip.opendns.com +short)
# anywhere=1
# echo "Try accessing this AO from either localhost, 127.0.0.1, or ${domain}"
# ;;
#esac
anywhere=1 # TODO Remove this line
if [ "$anywhere" -eq 1 ]; then
ACCESS_POINT=http://localhost:8003
else
sudo sed -i "s#SERVER_NAME#${domain}#" $AO_NGINX_CONF
ACCESS_POINT=https://$domain
fi
sudo sed -i "s#FILE_ROOT#${HOME}/ao-react/dist#" $AO_NGINX_CONF
sudo ln -s /etc/nginx/sites-available/ao /etc/nginx/sites-enabled/
echo ""
sudo systemctl reload nginx
echo "Excellent! We've configured $AO_NGINX_CONF to serve your AO from $domain"
echo ""
read -p "Would you like to enable SSL via Certbot? (y/n): " -n1 ssl
echo ""
case $ssl in
y | Y)
echo "Alright, let's get Certbot in here!"
install_if_needed python3 certbot python3-certbot-nginx
echo -e "${BOLD}Take it away, Certbot${NC}"
sudo certbot --nginx
;;
*)
echo "Yea, SSL is lame anyways..."
;;
esac
echo ""
#echo ""
#AO_NGINX_CONF=/etc/nginx/sites-available/ao
#sudo cp resources/ao.nginx.conf $AO_NGINX_CONF
#
#if [ -n $anywhere ]; then
# sudo sed -i "s#SERVER_NAME#_#" $AO_NGINX_CONF
#else
# sudo sed -i "s#SERVER_NAME#${domain}#" $AO_NGINX_CONF
#fi
#
#sudo sed -i "s#FILE_ROOT#${HOME}/ao-react/dist#" $AO_NGINX_CONF
#sudo ln -s /etc/nginx/sites-available/ao /etc/nginx/sites-enabled/
#echo ""
#sudo systemctl reload nginx
#echo "Excellent! We've configured $AO_NGINX_CONF to serve your AO from $domain"
#echo ""
#
#read -p "Would you like to enable SSL via Certbot? (y/n): " -n1 ssl
#echo ""
#case $ssl in
# y | Y)
# echo "Alright, let's get Certbot in here!"
# install_if_needed python3 certbot python3-certbot-nginx
# echo -e "${BOLD}Take it away, Certbot${NC}"
# sudo certbot --nginx
# ;;
# *)
# echo "Yea, SSL is lame anyways..."
# ;;
#esac
#echo ""
# ------------------- Step 7 - Systemd Setup -------------------
READY=''
echo -e "Alright, almost there! Now we just need to set up the system daemons for Tor, Bitcoin, Lightning, and the AO so that everything opens on startup."
while [[ -z $AO ]]; do
echo -e "\n${BOLD}Alright, almost there!${RESET} Now we just need to set up the system daemons for Tor, Bitcoin, Lightning, and the AO so that everything opens on startup."
while [[ -z $READY ]]; do
echo -en "${BLUE}You ready? (y/n):${RESET} "
read -n1 ao_select
echo ""
@ -409,111 +424,169 @@ while [[ -z $AO ]]; do
case $ao_select in
"y" | "Y")
echo "Nice, let's do it.\n"
echo -e "Nice, let's do it.\n"
READY=1
;;
*)
echo "wrong answer, fren\n\n"
echo -e "wrong answer, fren\n"
;;
esac
done
echo "Creating tor.service..."
TOR_SERVICE=/etc/systemd/system/tor.service
if [ -f "$TOR_SERVICE" ]; then
echo "Seems like you've already got tor here!"
else
sudo cp resources/tor-service-template $TOR_SERVICE
sudo sed -i "s#USER#${USER}#g" $TOR_SERVICE
fi
# ------------------- Step 8 - Health Check -------------------
# ------------------- Step 9 - Port Testing -------------------
echo ""
#echo "Creating tor.service..."
#TOR_SERVICE=/etc/systemd/system/tor.service
#if [ -f "$TOR_SERVICE" ]; then
# echo "Seems like you've already got tor here!"
#else
# sudo cp resources/tor-service-template $TOR_SERVICE
#
# # Making sure all values have been de-templated
# sudo sed -i "s#USER#${USER}#g" $TOR_SERVICE
# sudo sed -i "s#HOME#${HOME}#g" $TOR_SERVICE
# sudo sed -i "s#TORRCPATH#${TORRCPATH}#g" $TOR_SERVICE
# sudo sed -i "s#TORPATH#$(which tor)#g" $TOR_SERVICE
#fi
#
#
## Creating the .tor directory
#sudo mkdir -p $HOME/.tor
#sudo chown tor $HOME/.tor
#sudo chgrp $USER $HOME/.tor
#sudo chmod 770 $HOME/.tor
#
#echo "Enabling and starting Tor"
#sudo systemctl enable tor
#sudo systemctl start tor
echo -e "${BOLD}One more thing!${NC} We need to make sure that your ports are open."
nmap -Pn $domain > nmap.txt
OPEN=1
if grep -qE "^80/.*(open|filtered)" nmap.txt; then
echo -e "I can see port ${GREEN}80${NC}!"
echo ""
echo "Creating bitcoin.service..."
BTC_SERVICE=/etc/systemd/system/bitcoin.service
if [ -f "$BTC_SERVICE" ]; then
echo -e "Seems like you've already have a bitcoin service!"
else
echo -e "Uh oh, port ${RED}80${NC} isn't showing up..."
OPEN=0
fi
sudo cp resources/bitcoin-service-template $BTC_SERVICE
if grep -qE "^443/.*(open|filtered)" nmap.txt; then
echo -e "I can see port ${GREEN}443${NC} as well!"
else
echo -e "Uh oh, port ${RED}443${NC} isn't showing up..."
OPEN=0
# Making sure all values have been de-templated
sudo sed -i "s#USER#${USER}#g" $BTC_SERVICE
sudo sed -i "s#HOME#${HOME}#g" $BTC_SERVICE
sudo sed -i "s#BITCOIND#$(which bitcoind)#g" $BTC_SERVICE
fi
rm nmap.txt
echo -e "Enabling and starting ${GREEN}Bitcoin${RESET}"
sudo systemctl enable bitcoin
sudo systemctl start bitcoin
echo ""
if [[ $OPEN -eq 0 ]]; then
echo -e "${RED}Port configuration needed.${NC} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet."
echo "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it."
echo -e "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}$(ip route | grep default | grep -oP "(?<=src )[^ ]+")${NC})."
echo -e "You can log into your router at this IP address: ${BOLD}$(route -n | grep ^0.0.0.0 | awk '{print $2}')${NC}"
echo "That's all the help I can give you regarding port forwarding. Good luck!"
echo ""
echo "Creating lightning.service..."
LN_SERVICE=/etc/systemd/system/lightning.service
if [ -f "$LN_SERVICE" ]; then
echo -e "Seems like you've already have a lightning service!"
else
sudo cp resources/lightning-service-template $LN_SERVICE
# Making sure all values have been de-templated
sudo sed -i "s#USER#${USER}#g" $LN_SERVICE
sudo sed -i "s#HOME#${HOME}#g" $LN_SERVICE
sudo sed -i "s#LIGHTNINGD#$(which lightningd)#g" $LN_SERVICE
fi
echo -e "Enabling and starting ${GREEN}lightning${RESET} "
sudo systemctl enable lightning
sudo systemctl start lightning
echo "Okay, well that's everything! As long as your ports are forwarded, you should be ready to continue your WordPress setup by opening $domain in your browser."
echo ""
echo "Creating ao.service..."
AO_SERVICE=/etc/systemd/system/ao.service
if [ -f "$AO_SERVICE" ]; then
echo "Seems like you've already added one of these!"
else
sudo cp resources/ao-service-template $AO_SERVICE
# Making sure all values have been de-templated
sudo sed -i "s#USER#${USER}#g" $AO_SERVICE
sudo sed -i "s#HOME#${HOME}#g" $AO_SERVICE
sudo sed -i "s#NODE#$(which node)#g" $AO_SERVICE
fi
echo -e "Enabling and starting the ${GREEN}AO${RESET}'s backend"
sudo systemctl enable ao
sudo systemctl start ao
# echo ''
# echo ''
# echo '*********************************************************'
# echo 'Version Information'
# echo '*********************************************************'
#
# echo ' '
# echo 'make Version'
# echo '*********************************************************'
# make --version
#
# echo ' '
# echo 'node Version'
# echo '*********************************************************'
# node --version
#
# echo ' '
# echo 'sqlite3 Version'
# echo '*********************************************************'
# sqlite3 --version
#
# echo ' '
# echo 'tor Version'
# echo '*********************************************************'
# tor --version
#
# echo ' '
# echo 'bitcoind Version'
# echo '*********************************************************'
# bitcoind --version
#
# echo ' '
# echo 'lightningd Version'
# echo '*********************************************************'
# lightningd --version
#
# echo ' '
# echo 'clboss Version'
# echo '*********************************************************'
# clboss --version
#
# echo ''
# echo 'Execution completion'
# date
# echo ''
#
# echo 'Lightning Node Installed Start via two terminals: '
# echo ' bitcoind'
# echo ' lightningd'
# echo 'Can Proceed to AO-3 setup: '
# echo ' git clone https://github.com/AutonomousOrganization/ao-3'
# echo ' cd ao-3'
# echo ' npm install'
# echo ' npm run checkconfig'
# echo ' npm build'
# echo ' npm start'
echo ""
echo "Enabling and starting ${GREEN}NGINX${RESET} as the webserver"
sudo systemctl enable nginx
sudo systemctl start nginx
# ------------------- Step 8 - Port Testing -------------------
#echo -e "${BOLD}One more thing!${RESET} We need to make sure that your ports are open."
#install_if_needed nmap
#nmap -Pn $domain > nmap.txt
#OPEN=1
#if grep -qE "^80/.*(open|filtered)" nmap.txt; then
# echo -e "I can see port ${GREEN}80${RESET}!"
#else
# echo -e "Uh oh, port ${RED}80${RESET} isn't showing up..."
# OPEN=0
#fi
#
#if grep -qE "^443/.*(open|filtered)" nmap.txt; then
# echo -e "I can see port ${GREEN}443${RESET} as well!"
#else
# echo -e "Uh oh, port ${RED}443${RESET} isn't showing up..."
# OPEN=0
#fi
#rm nmap.txt
#echo ""
#if [[ $OPEN -eq 0 ]]; then
# echo -e "${RED}Port configuration needed.${RESET} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet."
# echo "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it."
# echo -e "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}$(ip route | grep default | grep -oP "(?<=src )[^ ]+")${RESET})."
# echo -e "You can log into your router at this IP address: ${BOLD}$(route -n | grep ^0.0.0.0 | awk '{print $2}')${RESET}"
# echo "That's all the help I can give you regarding port forwarding. Good luck!"
# echo ""
#fi
#
# ------------------- Step 9 - Health Check -------------------
echo ''
echo ''
echo '*********************************************************'
echo -e "* ${BOLD}Version Information${RESET} *"
echo '*********************************************************'
echo ' '
echo 'make Version'
echo '*********************************************************'
make --version
echo ' '
echo 'node Version'
echo '*********************************************************'
node --version
echo ' '
echo 'sqlite3 Version'
echo '*********************************************************'
sqlite3 --version
echo ' '
echo 'tor Version'
echo '*********************************************************'
tor --version
echo ' '
echo 'bitcoind Version'
echo '*********************************************************'
bitcoind --version
echo ' '
echo 'lightningd Version'
echo '*********************************************************'
lightningd --version
echo ' '
echo 'clboss Version'
echo '*********************************************************'
clboss --version
echo ""
echo -e "$BOLD$GREEN\nOkay, well that's everything!${RESET}\n\nAs long as everything worked properly, \
you should be ready to continue your journey\ntowards autonomy by opening ${BLUE}$ACCESS_POINT${RESET} in your browser."

46
scripts/rpcauth.py
Unescape View File

@ -0,0 +1,46 @@
#!/usr/bin/env python3
# Copyright (c) 2015-2018 The Bitcoin Core developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
from argparse import ArgumentParser
from base64 import urlsafe_b64encode
from binascii import hexlify
from getpass import getpass
from os import urandom
import hmac
def generate_salt(size):
"""Create size byte hex salt"""
return hexlify(urandom(size)).decode()
def generate_password():
"""Create 32 byte b64 password"""
return urlsafe_b64encode(urandom(32)).decode('utf-8')
def password_to_hmac(salt, password):
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
return m.hexdigest()
def main():
parser = ArgumentParser(description='Create login credentials for a JSON-RPC user')
parser.add_argument('username', help='the username for authentication')
parser.add_argument('password', help='leave empty to generate a random password or specify "-" to prompt for password', nargs='?')
args = parser.parse_args()
if not args.password:
args.password = generate_password()
elif args.password == '-':
args.password = getpass()
# Create 16 byte hex salt
salt = generate_salt(16)
password_hmac = password_to_hmac(salt, args.password)
print('String to be appended to bitcoin.conf:')
print('rpcauth={0}:{1}${2}'.format(args.username, salt, password_hmac))
print('Your password:\n{0}'.format(args.password))
if __name__ == '__main__':
main()
Write Preview
Loading…
Cancel
Save