Zen
/
Alchemy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Done for the day (4 hours total)

main
Zen 3 years ago
parent
36581e6460
commit
d20914188f
7 changed files with 350 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 31
      resources/ao-config
  2. 17
      resources/ao.nginx.conf
  3. 7
      resources/sample_bitcoin.conf
  4. 6
      resources/sample_lightning_config
  5. 41
      resources/tor-service-template
  6. 240
      scripts/ao.sh
  7. 18
      scripts/createPrivateKey.js

31
resources/ao-config
Unescape View File

@ -0,0 +1,31 @@
export default {
bitcoind: {
network: 'mainnet'
},
bitcoinAverage: {
pub: '',
secret: ''
},
sqlite3: {
//file: '$HOME/.ao/database.sqlite3'
file: 'SQLITE_DATABASE'
},
clightning: {
//dir: '$HOME/.lightning/bitcoin'
dir: 'CLIGHTNING_DIR'
},
tor: {
//hostname: '$TORHOSTNAME'
hostname: 'TOR_HOSTNAME'
},
memes: {
//dir: '$HOME/.ao/memes'
dir: 'MEMES_DIR'
},
jitsi: {
domain: 'meet.dctrl.ca'
},
socketUrl: 'http://localhost:8003' // development
// socketUrl: null // production
}

17
resources/ao.nginx.conf
Unescape View File

@ -0,0 +1,17 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name SERVER_NAME;
root FILE_ROOT;
index index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location / {
proxy_pass http://localhost:8003;
}
}

7
resources/sample_bitcoin.conf
Unescape View File

@ -0,0 +1,7 @@
proxy=127.0.0.1:9050
txindex=1
listen=1
bind=127.0.0.1
disablewallet=1
zmqpubrawblock=tcp://127.0.0.1:28332
zmqpubrawtx=tcp://127.0.0.1:28333

6
resources/sample_lightning_config
Unescape View File

@ -0,0 +1,6 @@
network=bitcoin
plugin=clboss
log-level=debug:clboss
proxy=127.0.0.1:9050
bind-addr=127.0.0.1:9735
addr=statictor:127.0.0.1:9051

41
resources/tor-service-template
Unescape View File

@ -0,0 +1,41 @@
[Unit]
Description=Anonymizing overlay network for TCP (multi-instance-master)
After=network.target
[Service]
#$USER
User=USER
Group=USER
Type=simple
#Type=forking
PrivateTmp=yes
PermissionsStartOnly=true
ExecStartPre=-/bin/mkdir /var/run/tor
ExecStartPre=/bin/cp TORRCPATH /var/run/tor
ExecStartPre=/bin/chmod a-wx,go-rwx /var/run/tor/torrc
ExecStartPre=/bin/chown -R USER:USER /var/run/tor
ExecStart=/usr/local/bin/tor -f TORRCPATH
ExecReload=/bin/kill -HUP MAINPID
#LimitNPROC = 2
#DeviceAllow = /dev/null rw
#DeviceAllow = /dev/urandom r
#DeviceAllow = /dev/random r
#InaccessibleDirectories = /
#ReadOnlyDirectories = /etc/usr
#ReadWriteDirectories = /var/lib/tor /var/log/tor
#PIDFile=/var/run/tor/tor.pid
KillSignal=SIGINT
LimitNOFILE=8192
PrivateDevices=yes
#Type=oneshot
#RemainAfterExit=yes
#ExecStart=/bin/true
#ExecReload=/bin/true
[Install]
WantedBy=multi-user.target

240
scripts/ao.sh
Unescape View File

@ -4,9 +4,9 @@
# Zen, 2022
# Font decoration for better a e s t h e t i c
RED="\e[0;91m"
GREEN="\e[0;92m"
BLUE="\e[0;94m"
RED="\e[0;31m"
GREEN="\e[0;32m"
BLUE="\e[0;34m"
BOLD="\e[1m"
ULINE="\e[4m"
RESET="\e[0m"
@ -68,6 +68,7 @@ echo ""
echo -e "Got it! Next we're going to make sure the system's repositories (where they get their data from)\nare updated and that you have all the basic command line utilities we need to continue. \n\n${BLUE}(enter)${RESET}"
read
# This is a bash function!
install_if_needed() {
for package in "$@"
do
@ -170,10 +171,20 @@ if [ $AO = "vue" ] || [ $AO = 'react' ]; then
echo -e "${BOLD}Installing Node.js${RESET}"
chmod +x scripts/nvm_install.sh
scripts/nvm_install.sh
source ~/.bashrc
if [ "$SHELL" = '/bin/zsh' ]; then
echo 'sourcing zshrc'
source ~/.zshrc
else
source ~/.bashrc
fi
nvm install v16.13.0
nvm alias default v16.13.0
source ~/.bashrc
if [ "$SHELL" = '/bin/zsh' ]; then
echo 'sourcing zshrc'
source ~/.zshrc
else
source ~/.bashrc
fi
echo ""
fi
@ -212,34 +223,243 @@ if [ $AO = "vue" ] || [ $AO = 'react' ]; then
#cd ..
echo -e "${BOLD}Bitcoin installed!${RESET} Let's make sure it's configured now."
if [ -f $HOME/.bitcoin/bitcoin.conf ]; then
echo 'bitcoin config exists'
else
cp resources/sample_bitcoin.conf $HOME/.bitcoin/bitcoin.conf
echo 'created default bitcoin config'
fi
if [ -f $HOME/.lightning/config ]; then
echo 'lightning config exists'
else
cp resources/sample_lightning_config $HOME/.lightning/config
echo 'created default lightning config'
fi
AUTHDEETS=$(python3 ./rpcauth.py ao)
AUTHLINE=$(echo $AUTHDEETS | grep -o rpcauth=ao:[^[:space:]]*[[:space:]])
PASSLINE=$(echo $AUTHDEETS | grep -o [^[:space:]]*\$)
echo $AUTHLINE >> $HOME/.bitcoin/bitcoin.conf
fi
echo ''
if [ $AO = "vue" ] || [ $AO = 'react' ]; then
echo "We still need to install and configure Tor..."
echo -e "${BOLD}Installing and configuring Tor${RESET}\n"
install_if_needed tor
TORRCPATH='/usr/local/etc/tor/torrc'
if [ ! -d "/usr/local/etc/tor" ];
then
sudo mkdir -p /usr/local/etc/tor
fi
if [ ! -f $TORRCPATH ];
then
sudo echo "ControlPort 9051" >> $TORRCPATH
sudo echo "CookieAuthentication 1" >> $TORRCPATH
sudo chmod 666 $TORRCPATH # so controlport can modify . . . is this bad?
fi
if [ $(cat $TORRCPATH | grep -c "HiddenServiceDir /var/lib/tor/ao") -eq 0 ];
then
echo "HiddenServiceDir /var/lib/tor/ao" | sudo tee -a $TORRCPATH 1>/dev/null 2>&1
fi
if [ $(cat $TORRCPATH | grep -c "HiddenServicePort 80 127\.0\.0\.1:8003") -eq 0 ];
then
echo "HiddenServicePort 80 127.0.0.1:8003" | sudo tee -a $TORRCPATH 1>/dev/null 2>&1
fi
if [ ! -d "/var/lib/tor" ];
then
sudo mkdir -p /var/lib/tor
fi
if [ ! -d "/var/lib/tor/ao" ];
then
sudo mkdir -p /var/lib/tor/ao
fi
sudo chown -R $USER:$USER /var/lib/tor
sudo chmod -R 700 /var/lib/tor
fi
# ------------------- Step 3 - AO Installation -------------------
echo -e "${BOLD}Configuring AO Core${RESET}\n"
if [ -d $HOME/.ao ]; then
echo 'default AO dir exists'
else
mkdir $HOME/.ao
fi
if [ -f $HOME/.ao/key ]; then
echo 'ao privkey exists'
else
node ./createPrivateKey.js >> $HOME/.ao/key
echo 'created ao privkey'
fi
echo ""
case $AO in
"vue")
echo 'Installing ao-3'
echo -e "Installing ${BLUE}ao-3${RESET}"
git clone 'https://github.com/AutonomousOrganization/ao-3.git' ~/ao-3
pushd ~/ao-3
npm install
npm run build
if [ -f "$HOME/ao-3/configuration.js" ]; then
echo configuration.js already exists
else
cp resources/ao-config $HOME/ao-react/configuration.js
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js
fi
npm run checkconfig
popd
;;
"react")
echo "soon it will be done"
echo -e "Installing ${BLUE}ao-react${RESET}"
git clone 'https://github.com/coalition-of-invisible-colleges/ao-react.git' ~/ao-react
if [ -f "$HOME/ao-react/configuration.js" ]; then
echo configuration.js already exists
else
cp resources/ao-config $HOME/ao-react/configuration.js
sed -i "s#SQLITE_DATABASE#${HOME}/.ao/database.sqlite3#" $HOME/ao-react/configuration.js
sed -i "s#CLIGHTNING_DIR#${HOME}/.lightning/bitcoin#" $HOME/ao-react/configuration.js
sed -i "s#MEMES_DIR#${HOME}/.ao/memes#" $HOME/ao-react/configuration.js
fi
pushd ~/ao-react
npm install
npm run webpack
popd
;;
esac
# ------------------- Step 4 - NGINX Setup -------------------
echo ""
echo "We might need to query DNS records here..."
install_if_needed dig
echo -e "You still there? I need to ask you some questions! \n\n${BLUE}(enter)${RESET}"
read
echo ""
read -p "Do you have a domain name pointing to this computer? (y/n): " dns
echo ""
case $dns in
y | Y)
echo "Good to hear! What is it?"
read -p "http://" domain
;;
*)
echo "Okay, let's just leave it open for now."
domain=$(dig @resolver4.opendns.com myip.opendns.com +short)
anywhere=1
echo "Try accessing this AO from either localhost, 127.0.0.1, or ${domain}"
;;
esac
echo ""
AO_NGINX_CONF=/etc/nginx/sites-available/ao
sudo cp resources/ao.nginx.conf $AO_NGINX_CONF
# ------------------- Step 4 - Systemd Setup -------------------
if [ -n $anywhere ]; then
sudo sed -i "s#SERVER_NAME#_#" $AO_NGINX_CONF
else
sudo sed -i "s#SERVER_NAME#${domain}#" $AO_NGINX_CONF
fi
sudo sed -i "s#FILE_ROOT#${HOME}/ao-react/dist#" $AO_NGINX_CONF
sudo ln -s /etc/nginx/sites-available/ao /etc/nginx/sites-enabled/
echo ""
sudo systemctl reload nginx
echo "Excellent! We've configured $AO_NGINX_CONF to serve your AO from $domain"
echo ""
read -p "Would you like to enable SSL via Certbot? (y/n): " -n1 ssl
echo ""
case $ssl in
y | Y)
echo "Alright, let's get Certbot in here!"
install_if_needed python3 certbot python3-certbot-nginx
echo -e "${BOLD}Take it away, Certbot${NC}"
sudo certbot --nginx
;;
*)
echo "Yea, SSL is lame anyways..."
;;
esac
echo ""
# ------------------- Step 7 - Systemd Setup -------------------
READY=''
echo -e "Alright, almost there! Now we just need to set up the system daemons for Tor, Bitcoin, Lightning, and the AO so that everything opens on startup."
while [[ -z $AO ]]; do
echo -en "${BLUE}You ready? (y/n):${RESET} "
read -n1 ao_select
echo ""
echo ""
case $ao_select in
"y" | "Y")
echo "Nice, let's do it.\n"
READY=1
;;
*)
echo "wrong answer, fren\n\n"
;;
esac
done
echo "Creating tor.service..."
TOR_SERVICE=/etc/systemd/system/tor.service
if [ -f "$TOR_SERVICE" ]; then
echo "Seems like you've already got tor here!"
else
sudo cp resources/tor-service-template $TOR_SERVICE
sudo sed -i "s#USER#${USER}#g" $TOR_SERVICE
fi
# ------------------- Step 8 - Health Check -------------------
# ------------------- Step 9 - Port Testing -------------------
echo -e "${BOLD}One more thing!${NC} We need to make sure that your ports are open."
nmap -Pn $domain > nmap.txt
OPEN=1
if grep -qE "^80/.*(open|filtered)" nmap.txt; then
echo -e "I can see port ${GREEN}80${NC}!"
else
echo -e "Uh oh, port ${RED}80${NC} isn't showing up..."
OPEN=0
fi
if grep -qE "^443/.*(open|filtered)" nmap.txt; then
echo -e "I can see port ${GREEN}443${NC} as well!"
else
echo -e "Uh oh, port ${RED}443${NC} isn't showing up..."
OPEN=0
fi
rm nmap.txt
echo ""
if [[ $OPEN -eq 0 ]]; then
echo -e "${RED}Port configuration needed.${NC} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet."
echo "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it."
echo -e "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}$(ip route | grep default | grep -oP "(?<=src )[^ ]+")${NC})."
echo -e "You can log into your router at this IP address: ${BOLD}$(route -n | grep ^0.0.0.0 | awk '{print $2}')${NC}"
echo "That's all the help I can give you regarding port forwarding. Good luck!"
echo ""
fi
echo "Okay, well that's everything! As long as your ports are forwarded, you should be ready to continue your WordPress setup by opening $domain in your browser."
# ------------------- Step 5 - Health Check -------------------
# echo ''
# echo ''

18
scripts/createPrivateKey.js
Unescape View File

@ -0,0 +1,18 @@
const crypto = require('crypto')
function genNewPrivKey(callback){
crypto.generateKeyPair('rsa', {
modulusLength: 4096,
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
}
}, callback)
}
genNewPrivKey((err, pubkey, privkey) => {
console.log(privkey)
})
Write Preview
Loading…
Cancel
Save