diff --git a/bin/lamassu-hd-address b/bin/lamassu-hd-address deleted file mode 100755 index d7f35599..00000000 --- a/bin/lamassu-hd-address +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env node - -const HKDF = require('node-hkdf-sync') -const wallet = require('lamassu-geth') -const pify = require('pify') -const fs = pify(require('fs')) - -const options = require('../lib/options') - -function computeSeed (masterSeed) { - const hkdf = new HKDF('sha256', 'lamassu-server-salt', masterSeed) - return hkdf.derive('wallet-seed', 32) -} - -fs.readFile(options.seedPath, 'utf8') -.then(hex => { - const masterSeed = Buffer.from(hex.trim(), 'hex') - console.log(wallet.defaultAddress({seed: computeSeed(masterSeed)})) -}) diff --git a/bin/lamassu-install-bitcoind b/bin/lamassu-install-bitcoind deleted file mode 100755 index 4fd509f4..00000000 --- a/bin/lamassu-install-bitcoind +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash -set -e - -if [ "$(whoami)" != "root" ]; then - echo -e "This script has to be run as \033[1mroot\033[0m user" - exit 3 -fi - -export LOG_FILE=/tmp/install.log - -ufw allow 8333/tcp >> $LOG_FILE 2>&1 - -CONFIG_DIR=$HOME/.bitcoin -CONFIG=$CONFIG_DIR/bitcoin.conf -mkdir -p $CONFIG_DIR -PASS=$(openssl rand -hex 32) - -cat > $CONFIG <> $LOG_FILE 2>&1 -pm2 save >> $LOG_FILE 2>&1 - -echo "Success." diff --git a/bin/lamassu-install-geth b/bin/lamassu-install-geth deleted file mode 100755 index 62184390..00000000 --- a/bin/lamassu-install-geth +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash -set -e - -if [ "$(whoami)" != "root" ]; then - echo -e "This script has to be run as \033[1mroot\033[0m user" - exit 3 -fi - -echo "Activating geth (Ethereum server wallet)..." - -export LOG_FILE=/tmp/install.log - -SEEDS_DIR=$HOME/seeds -SEED_FILE=$SEEDS_DIR/seed.txt -SEED=$(cat $SEED_FILE) -PASS_FILE=$SEEDS_DIR/geth.txt -hkdf geth-pw $SEED > $PASS_FILE -ACCOUNT_STR=$(geth --password $PASS_FILE account new) -ACCOUNT=$(echo $ACCOUNT_STR | grep -o '{.*}' | tr -d '{}') - -ufw allow 30303/tcp >> $LOG_FILE 2>&1 # Ethereum - -SCRIPTS_DIR=$HOME/scripts -mkdir -p $SCRIPTS_DIR -GETH_SCRIPT=$SCRIPTS_DIR/geth.sh - -# NOTE: We need to combine stderr with stdout because geth prints info to stderr -echo "geth --fast --rpc --unlock $ACCOUNT --password $PASS_FILE 2>&1" > $GETH_SCRIPT - -chmod 755 $GETH_SCRIPT -pm2 start $GETH_SCRIPT >> $LOG_FILE 2>&1 -pm2 save >> $LOG_FILE 2>&1 - -echo "Success. Your main account is 0x$ACCOUNT." diff --git a/bin/lamassu-update b/bin/lamassu-update index 08ea033e..c64d872d 100755 --- a/bin/lamassu-update +++ b/bin/lamassu-update @@ -35,10 +35,10 @@ n lts >> ${LOG_FILE} 2>&1 decho "version installed $(node -v)" decho "updating lamassu-server" -npm -g install lamassu/lamassu-server#v5 --unsafe-perm >> ${LOG_FILE} 2>&1 +npm -g install lamassu/lamassu-server#stable --unsafe-perm >> ${LOG_FILE} 2>&1 decho "rebuilding npm deps" -cd /usr/local/lib/node_modules/lamassu-server/ >> ${LOG_FILE} 2>&1 +cd $(npm root -g)/lamassu-server/ >> ${LOG_FILE} 2>&1 npm rebuild >> ${LOG_FILE} 2>&1 decho "running migration" @@ -54,4 +54,10 @@ decho "updating lamassu-server" supervisorctl update lamassu-server >> ${LOG_FILE} 2>&1 supervisorctl update lamassu-admin-server >> ${LOG_FILE} 2>&1 -echo "Update complete!" +decho "updating backups conf" +BACKUP_CMD=${NPM_BIN}/lamassu-backup-pg +BACKUP_CRON="@daily $BACKUP_CMD > /dev/null" +( (crontab -l 2>/dev/null || echo -n "") | grep -v '@daily.*lamassu-backup-pg'; echo $BACKUP_CRON ) | crontab - >> $LOG_FILE 2>&1 +$BACKUP_CMD >> $LOG_FILE 2>&1 + +decho "Update complete!" diff --git a/install b/install deleted file mode 100644 index 02024402..00000000 --- a/install +++ /dev/null @@ -1,216 +0,0 @@ -#!/usr/bin/env bash -set -e - -export LOG_FILE=/tmp/install.log - -NODE_MODULES=/usr/local/share/.config/yarn/global/node_modules -CERT_DIR=/etc/ssl/certs -KEY_DIR=/etc/ssl/private -CONFIG_DIR=/etc/lamassu -MIGRATE_STATE_PATH=$CONFIG_DIR/.migrate -CA_KEY_PATH=$KEY_DIR/Lamassu_OP_Root_CA.key -CA_PATH=$CERT_DIR/Lamassu_OP_Root_CA.pem -SERVER_KEY_PATH=$KEY_DIR/Lamassu_OP.key -SERVER_CERT_PATH=$CERT_DIR/Lamassu_OP.pem -SEEDS_DIR=$HOME/seeds -SEED_FILE=$SEEDS_DIR/seed.txt -BACKUP_DIR=/var/backups/postgresql -BLOCKCHAIN_DIR=/mnt/blockchains -OFAC_DATA_DIR=/opt/lamassu-server/sanctions - -# Look into http://unix.stackexchange.com/questions/140734/configure-localtime-dpkg-reconfigure-tzdata - -decho () { - echo `date +"%H:%M:%S"` $1 - echo `date +"%H:%M:%S"` $1 >> $LOG_FILE -} - -retry() { - local -r -i max_attempts="$1"; shift - local -r cmd="$@" - local -i attempt_num=1 - - until $cmd - do - if (( attempt_num == max_attempts )) - then - echo - echo "****************************************************************" - echo "Attempt $attempt_num failed and there are no more attempts left!" - return 1 - else - echo - echo "****************************************************************" - echo "Attempt $attempt_num failed! Trying again in $attempt_num seconds..." - sleep $(( attempt_num++ )) - fi - done -} - -rm -f $LOG_FILE - -cat <<'FIG' - _ -| | __ _ _ __ ___ __ _ ___ ___ _ _ ___ ___ _ ____ _____ _ __ -| |/ _` | '_ ` _ \ / _` / __/ __| | | |_____/ __|/ _ \ '__\ \ / / _ \ '__| -| | (_| | | | | | | (_| \__ \__ \ |_| |_____\__ \ __/ | \ V / __/ | -|_|\__,_|_| |_| |_|\__,_|___/___/\__,_| |___/\___|_| \_/ \___|_| -FIG - -echo -e "\nStarting \033[1mlamassu-server\033[0m install. This will take a few minutes...\n" - -if [ "$(whoami)" != "root" ]; then - echo -e "This script has to be run as \033[1mroot\033[0m user" - exit 3 -fi - -# So we don't run out of memory -decho "Enabling swap file for install only..." -fallocate -l 1G /swapfile >> $LOG_FILE 2>&1 -chmod 600 /swapfile >> $LOG_FILE 2>&1 -mkswap /swapfile >> $LOG_FILE 2>&1 -swapon /swapfile >> $LOG_FILE 2>&1 - -IP=$(ifconfig eth0 | grep "inet addr" | awk -F: '{print $2}' | awk '{print $1}') - -decho "Updating system..." -curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash - >> $LOG_FILE 2>&1 -apt update >> $LOG_FILE 2>&1 - -decho "Installing necessary packages..." -apt install nodejs python-minimal build-essential postgresql libpq-dev -y -q >> $LOG_FILE 2>&1 - -decho "Generating seed..." -mkdir -p $SEEDS_DIR >> $LOG_FILE 2>&1 -SEED=$(openssl rand -hex 32) -echo $SEED > $SEED_FILE - -decho "Installing yarn package manager for node..." -npm -g --unsafe-perm install yarn >> $LOG_FILE 2>&1 - -decho "Installing lamassu-server..." -retry 3 yarn global add pm2 >> $LOG_FILE 2>&1 -retry 3 yarn global add lamassu/lamassu-server#v5 >> $LOG_FILE 2>&1 - -decho "Creating postgres user..." -POSTGRES_PW=$(hkdf postgres-pw $SEED) -su -l postgres >> $LOG_FILE 2>&1 <> $LOG_FILE 2>&1 -mkdir -p $CONFIG_DIR >> $LOG_FILE 2>&1 - -decho "Generating SSL certificates..." - -openssl genrsa \ - -out $CA_KEY_PATH \ - 4096 >> $LOG_FILE 2>&1 - -openssl req \ - -x509 \ - -sha256 \ - -new \ - -nodes \ - -key $CA_KEY_PATH \ - -days 3560 \ - -out $CA_PATH \ - -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator CA/CN=lamassu-operator.is" \ - >> $LOG_FILE 2>&1 - -openssl genrsa \ - -out $SERVER_KEY_PATH \ - 4096 >> $LOG_FILE 2>&1 - -openssl req -new \ - -key $SERVER_KEY_PATH \ - -out /tmp/Lamassu_OP.csr.pem \ - -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator/CN=$IP" \ - -reqexts SAN \ - -sha256 \ - -config <(cat /etc/ssl/openssl.cnf \ - <(printf "[SAN]\nsubjectAltName=IP.1:$IP")) \ - >> $LOG_FILE 2>&1 - -openssl x509 \ - -req -in /tmp/Lamassu_OP.csr.pem \ - -CA $CA_PATH \ - -CAkey $CA_KEY_PATH \ - -CAcreateserial \ - -out $SERVER_CERT_PATH \ - -extfile <(cat /etc/ssl/openssl.cnf \ - <(printf "[SAN]\nsubjectAltName=IP.1:$IP")) \ - -extensions SAN \ - -days 3650 >> $LOG_FILE 2>&1 - -rm /tmp/Lamassu_OP.csr.pem - -mkdir -p $OFAC_DATA_DIR - -decho "Setting up lamassu.json..." -cat < $CONFIG_DIR/lamassu.json -{ - "postgresql": "postgres://lamassu_pg:$POSTGRES_PW@localhost/lamassu", - "seedPath": "$SEED_FILE", - "caPath": "$CA_PATH", - "certPath": "$SERVER_CERT_PATH", - "keyPath": "$SERVER_KEY_PATH", - "hostname": "$IP", - "logLevel": "info", - "migrateStatePath": "$MIGRATE_STATE_PATH", - "blockchainDir": "$BLOCKCHAIN_DIR", - "ofacDataDir": "$OFAC_DATA_DIR", - "strike": { - "baseUrl": "https://api.strike.acinq.co/api/" - }, - "coinAtmRadar": { - "url": "https://coinatmradar.info/api/lamassu/" - } -} -EOF -lamassu-migrate-config >> $LOG_FILE 2>&1 - -decho "Setting up database tables..." -lamassu-migrate >> $LOG_FILE 2>&1 - -decho "Setting up lamassu-admin..." -ADMIN_REGISTRATION_URL=`lamassu-register admin 2>> $LOG_FILE` -lamassu-apply-defaults >> $LOG_FILE 2>&1 - -decho "Starting lamassu-admin..." -pm2 start lamassu-admin-server >> $LOG_FILE 2>&1 -pm2 start lamassu-server --restart-delay 3000 >> $LOG_FILE 2>&1 -pm2 save >> $LOG_FILE 2>&1 -pm2 startup >> $LOG_FILE 2>&1 - -decho "Setting up backups..." -BIN=$(yarn global bin) -BACKUP_CMD=$BIN/lamassu-backup-pg -mkdir -p $BACKUP_DIR -BACKUP_CRON="@daily $BACKUP_CMD > /dev/null" -echo $BACKUP_CRON | crontab - >> $LOG_FILE 2>&1 -$BACKUP_CMD >> $LOG_FILE 2>&1 - -decho "Setting up firewall..." -ufw allow ssh >> $LOG_FILE 2>&1 -ufw allow 443/tcp >> $LOG_FILE 2>&1 # Admin -ufw allow 3000/tcp >> $LOG_FILE 2>&1 # Server -ufw -f enable >> $LOG_FILE 2>&1 - -decho "Disabling swap file..." -swapoff /swapfile >> $LOG_FILE 2>&1 - -echo -decho "Done! Now it's time to configure Lamassu stack." -echo -echo -e "\n*** IMPORTANT ***" -echo "In a private space, run lamassu-mnemonic, write down the words" -echo "and keep them in a safe place." -echo -echo "This secret will allow you to retrieve system passwords, including " -echo "the keys to some of your crypto accounts." -echo -echo -echo "Activation URL for lamassu-admin:" -echo $ADMIN_REGISTRATION_URL diff --git a/lib/blockchain/install.js b/lib/blockchain/install.js index 8778800b..79d86f64 100644 --- a/lib/blockchain/install.js +++ b/lib/blockchain/install.js @@ -60,7 +60,12 @@ function processCryptos (codes) { const blockchainDir = coinUtils.blockchainDir() const backupDir = path.resolve(os.homedir(), 'backups') - const rsyncCmd = `echo "@daily rsync -r --prune-empty-dirs --include='*/' --include='wallet.dat' --exclude='*' ${blockchainDir} ${backupDir} > /dev/null" | crontab -` + const rsyncCmd = `( \ + (crontab -l 2>/dev/null || echo -n "") | grep -v "@daily rsync ".*"wallet.dat"; \ + echo "@daily rsync -r --prune-empty-dirs --include='*/' \ + --include='wallet.dat' \ + --exclude='*' ${blockchainDir} ${backupDir} > /dev/null" \ + ) | crontab -` common.es(rsyncCmd) logger.info('Installation complete.')