Last active
June 21, 2022 02:17
-
-
Save matthiasdebernardini/ca6aad83b545a2324140645275e55680 to your computer and use it in GitHub Desktop.
Revisions
-
matthiasdebernardini revised this gist
Jun 21, 2022 . 1 changed file with 21 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -153,4 +153,25 @@ echo "$0 - Configuring Bitcoin." sudo -u standup /bin/mkdir ~standup/.bitcoin sudo apt-get update sudo apt-get install -y \ autoconf automake build-essential git libtool libgmp-dev libsqlite3-dev \ python3 python3-pip net-tools zlib1g-dev libsodium-dev gettext pip3 install --upgrade pip pip3 install --user poetry git clone https://github.com/ElementsProject/lightning.git cd lightning sudo apt-get install -y valgrind libpq-dev shellcheck cppcheck \ libsecp256k1-dev jq sudo apt-get install -y cargo rustfmt python3 -m poetry install ./configure python3 -m poetry run make exit 1 -
Jun 20, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,156 @@ #!/bin/bash # DISCLAIMER: It is not a good idea to store large amounts of Bitcoin on a VPS, # ideally you should use this as a watch-only wallet. This script is expiramental # and has not been widely tested. The creators are not responsible for loss of # funds. If you are not familiar with running a node or how Bitcoin works then we # urge you to use this in testnet so that you can use it as a learning tool. # This script installs the latest stable version of Tor, Bitcoin Core, # Uncomplicated Firewall (UFW), debian updates, enables automatic updates for # debian for good security practices, installs a random number generator, and # optionally a QR encoder and an image displayer. # The script will display the uri in plain text which you can convert to a QR Code # yourself. It is highly recommended to add a Tor V3 pubkey for cookie authentication # so that even if your QR code is compromised an attacker would not be able to access # your node. # StandUp.sh sets Tor and Bitcoin Core up as systemd services so that they start # automatically after crashes or reboots. By default it sets up a pruned testnet node, # a Tor V3 hidden service controlling your rpcports and enables the firewall to only # allow incoming connections for SSH. If you supply a SSH_KEY in the arguments # it allows you to easily access your node via SSH using your rsa pubkey, if you add # SYS_SSH_IP's your VPS will only accept SSH connections from those IP's. # StandUp.sh will create a user called standup, and assign the optional password you # give it in the arguments. # StandUp.sh will create two logs in your root directory, to read them run: # $ cat standup.err # $ cat standup.log #### #0. Prerequisites #### # In order to run this script you need to be logged in as root, and enter in the commands # listed below: # (the $ represents a terminal commmand prompt, do not actually type in a $) # First you need to give the root user a password: # $ sudo passwd # Then you need to switch to the root user: # $ su - root # Then create the file for the script: # $ nano standup.sh # Nano is a text editor that works in a terminal, you need to paste the entire contents # of this script into your terminal after running the above command, # then you can type: # control x (this starts to exit nano) # y (this confirms you want to save the file) # return (just press enter to confirm you want to save and exit) # Then we need to make sure the script can be executable with: # $ chmod +x standup.sh # After that you can run the script with the optional arguments like so: # $ ./standup.sh "insert pubkey" "insert node type (see options below)" "insert ssh key" "insert ssh allowed IP's" "insert password for standup user" #### # 1. Set Initial Variables from command line arguments #### # The arguments are read as per the below variables: # ./standup.sh "PUBKEY" "BTCTYPE" "SSH_KEY" "SYS_SSH_IP" "USERPASSWORD" # If you want to omit an argument then input empty qoutes in its place for example: # ./standup "" "Mainnet" "" "" "aPasswordForTheUser" # If you do not want to add any arguments and run everything as per the defaults simply run: # ./standup.sh # For Tor V3 client authentication (optional), you can run standup.sh like: # ./standup.sh "descriptor:x25519:NWJNEFU487H2BI3JFNKJENFKJWI3" # and it will automatically add the pubkey to the authorized_clients directory, which # means the user is Tor authenticated before the node is even installed. # Optional password for the standup non-privileged account - if you do not want to add one add "" as an argument USERPASSWORD=$1 # Force check for root, if you are not logged in as root then the script will not execute if ! [ "$(id -u)" = 0 ] then echo "$0 - You need to be logged in as root!" exit 1 fi # Output stdout and stderr to ~root files exec > >(tee -a /root/standup.log) 2> >(tee -a /root/standup.log /root/standup.err >&2) #### # 2. Bring Debian Up To Date #### echo "$0 - Starting Debian updates; this will take a while!" # Make sure all packages are up-to-date apt-get update apt-get upgrade -y apt-get dist-upgrade -y # Install haveged (a random number generator) apt-get install haveged -y # Install GPG apt-get install gnupg -y # Install dirmngr apt-get install dirmngr #### # 3. Set Up User #### # Create "standup" user with optional password and give them sudo capability /usr/sbin/useradd -m -p `perl -e 'printf("%s\n",crypt($ARGV[0],"password"))' "$USERPASSWORD"` -g sudo -s /bin/bash standup /usr/sbin/adduser standup sudo echo "$0 - Setup standup with sudo access." #### # 5. Install Bitcoin #### # Download Bitcoin echo "$0 - Downloading Bitcoin; this will also take a while!" # CURRENT BITCOIN RELEASE: # Change as necessary export BITCOIN="bitcoin-core-$(curl -s https://api.github.com/repos/bitcoin/bitcoin/releases | jq '.[0]' | jq -r '.tag_name' | cut -c 2-)" export BITCOINPLAIN=`echo $BITCOIN | sed 's/bitcoin-core/bitcoin/'` sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -O ~standup/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/SHA256SUMS.asc -O ~standup/SHA256SUMS.asc sudo -u standup wget https://bitcoin.org/laanwj-releases.asc -O ~standup/laanwj-releases.asc # Install Bitcoin echo "$0 - Installinging Bitcoin." sudo -u standup /bin/tar xzf ~standup/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -C ~standup /usr/bin/install -m 0755 -o root -g root -t /usr/local/bin ~standup/$BITCOINPLAIN/bin/* /bin/rm -rf ~standup/$BITCOINPLAIN/ # Start Up Bitcoin echo "$0 - Configuring Bitcoin." sudo -u standup /bin/mkdir ~standup/.bitcoin exit 1