Add firewall toggle for local traffic; Add button to reset watchtower

2024-09-24 01:33:24 +00:00 · 2022-06-09 23:47:34 -05:00 · 2022-06-09 23:47:34 -05:00 · 9a47d80641
commit 9a47d80641
parent caed619c5f
4 changed files with 121 additions and 32 deletions
--- a/rootfs/standard/usr/bin/mynode_firewall.sh
+++ b/rootfs/standard/usr/bin/mynode_firewall.sh
@ -74,6 +74,17 @@ ufw allow 61209 comment 'allow Glances HTTPS'
 ufw allow from 127.0.0.1 comment 'allow from localhost'
 #ufw allow from ::1 comment 'allow from localhost'

+# Allow all local traffic
+if [ -f /mnt/hdd/mynode/settings/local_traffic_allowed ]; then
+    ufw allow from 10.0.0.0/8
+    ufw allow from 192.168.0.0/16
+    ufw allow from 172.16.0.0/12
+else
+    ufw delete allow from 10.0.0.0/8
+    ufw delete allow from 192.168.0.0/16
+    ufw delete allow from 172.16.0.0/12
+fi
+
 # Open ports for additional apps
 mynode-manage-apps openports

--- a/rootfs/standard/var/pynode/device_info.py
+++ b/rootfs/standard/var/pynode/device_info.py
@ -1009,6 +1009,11 @@ def delete_lnd_data():
    os.system("rm -rf /home/admin/.lnd/")
    return True

+def delete_lnd_watchtower_data():
+    os.system("rm -rf /mnt/hdd/mynode/lnd/data/graph/mainnet/wtclient.db")
+    os.system("rm -rf /mnt/hdd/mynode/lnd/data/graph/mainnet/wtclient.db.last-compacted")
+    return True
+

 #==================================
 # Mainnet / Testnet Functions
--- a/rootfs/standard/var/www/mynode/settings.py
+++ b/rootfs/standard/var/www/mynode/settings.py
@ -83,6 +83,7 @@ def page_settings():
        "is_bitcoin_synced": is_bitcoin_synced(),
        "is_installing_docker_images": is_installing_docker_images(),
        "firewall_rules": get_firewall_rules(),
+        "is_local_traffic_allowed": settings_file_exists("local_traffic_allowed"),
        "is_testnet_enabled": is_testnet_enabled(),
        "is_quicksync_disabled": not is_quicksync_enabled(),
        "netdata_enabled": is_service_enabled("netdata"),
@ -742,6 +743,19 @@ def page_lnd_delete_wallet():
    }
    return render_template('reboot.html', **templateData)

+@mynode_settings.route("/settings/delete-lnd-wallet", methods=['POST'])
+def page_lnd_delete_watchtower():
+    check_logged_in()
+
+    # Successful Auth
+    delete_lnd_watchtower_data()
+    
+    # Restart LND
+    restart_lnd()
+
+    # Wait until device is restarted
+    flash("Restarting lnd...", category="message")
+    return redirect("/settings")

@mynode_settings.route("/settings/reset-tor", methods=['POST'])
 def page_reset_tor():
@ -1188,5 +1202,25 @@ def page_toggle_setting():
        flash("Error Updating Setting", category="error")
        return redirect("/settings")

+    # Restart service if necessary
+    restart_service = request.args.get('restart_service')
+    if restart_service == "1":
+        # TODO: Add if necessary
+        pass
+
+    # Reboot if necessary
+    reboot = request.args.get('reboot')
+    if reboot == "1":
+        t = Timer(1.0, reboot_device)
+        t.start()
+
+        templateData = {
+            "title": "myNode Reboot",
+            "header_text": "Restarting",
+            "subheader_text": "This will take several minutes...",
+            "ui_settings": read_ui_settings()
+        }
+        return render_template('reboot.html', **templateData)
+
    flash("Setting Updated", category="message")
    return redirect("/settings")
--- a/rootfs/standard/var/www/mynode/templates/settings.html
+++ b/rootfs/standard/var/www/mynode/templates/settings.html
@ -58,6 +58,17 @@
                    delete_lnd_wallet_dialog.dialog( "open" );
                });

+                $("#delete_lnd_watchtower").on("click", function() {
+                    var okFunction = function() {
+                        window.location.href="/settings/reset-lnd-watchtower"
+                    }
+                    openConfirmDialog("confirm-dialog",
+                                      "Reset Lightning Watchtower",
+                                      "Resetting the Lightning watchtower will erase watchtower settings and restart LND. "+
+                                      "Would you still like to reset Lightning watchtower data?",
+                                      okFunction)
+                });
+

                function resetTor() {
                    $("#reset_tor_form").submit();
@ -87,7 +98,6 @@


                $("#reset-blockchain").on("click", function() {
-                    // Enable electrs
                    var okFunction = function() {
                        window.location.href="/settings/reset-blockchain"
                    }
@ -100,7 +110,6 @@
                });

                $("#restart-quicksync").on("click", function() {
-                    // Enable electrs
                    var okFunction = function() {
                        window.location.href="/settings/restart-quicksync"
                    }
@ -504,14 +513,12 @@
                });
                $("#randomize_balances_button").on("click", function() {
                    enabled=$('#randomize_balances_checkbox').is(":checked")
+                    val = "0"
                    if (enabled)
                    {
-                        window.location.href='/settings/toggle_setting?name=randomize_balances&enable=1'
-                    }
-                    else
-                    {
-                        window.location.href='/settings/toggle_setting?name=randomize_balances&enable=0'
+                        val = "1"
                    }
+                    window.location.href='/settings/toggle_setting?name=randomize_balances&enable='+val
                });

                $('#hide_password_warning_checkbox').change(function () {
@ -519,14 +526,12 @@
                });
                $("#hide_password_warning_button").on("click", function() {
                    enabled=$('#hide_password_warning_checkbox').is(":checked")
+                    val = "0"
                    if (enabled)
                    {
-                        window.location.href='/settings/toggle_setting?name=hide_password_warning&enable=1'
-                    }
-                    else
-                    {
-                        window.location.href='/settings/toggle_setting?name=hide_password_warning&enable=0'
+                        val = "1"
                    }
+                    window.location.href='/settings/toggle_setting?name=hide_password_warning&enable='+val
                });

                $('#https_forced_checkbox').change(function () {
@ -544,6 +549,19 @@
                    }
                });

+                $('#local_traffic_allowed_checkbox').change(function () {
+                    $("#local_traffic_allowed").show();
+                });
+                $("#local_traffic_allowed").on("click", function() {
+                    enabled=$('#local_traffic_allowed_checkbox').is(":checked")
+                    val = "0"
+                    if (enabled)
+                    {
+                        val = "1"
+                    }
+                    window.location.href='/settings/toggle_setting?name=local_traffic_allowed&reboot=1&enable='+val
+                });
+
                $('#btcrpcexplorer_token_checkbox').change(function () {
                    $("#btcrpcexplorer_token").show();
                });
@ -830,26 +848,6 @@
        </div>


-        <div class="settings_block">
-            <a id="firewall"></a>
-            <div class="settings_block_header">Firewall</div>
-
-            <div class="settings_block_subheader">Rules</div>
-            Show the current firewall configuration.
-            <br/>
-            <button id="show_firewall_rules" class="ui-button ui-widget ui-corner-all settings_button">Show</button>
-            <div id="firewall_rules" style='text-align: left; font-size: 12px; width: 800px; display: none;'><pre>{{firewall_rules}}</pre></div>
-            
-            <div class="divider"></div>
-
-            <div class="settings_block_subheader">Reset</div>
-            Resetting the firewall will disable and reenable the firewall and then reboot the device.
-            <br/>
-            <a href="/settings/reset-firewall" class="ui-button ui-widget ui-corner-all settings_button">Reset Firewall</a>
-
-        </div>
-
-
        <div class="settings_block">
            <a id="bitcoin"></a>
            <div class="settings_block_header">Bitcoin</div>
@ -912,6 +910,14 @@
            Advanced: This will delete your Lightning Wallet. It will delete both mainnet and testnet wallets if you have them.
            <br/>
            <button id="delete_lnd_wallet" class="ui-button ui-widget ui-corner-all settings_button">Delete Wallet</button>
+
+            <div class="divider"></div>
+
+            <div class="settings_block_subheader">Reset Watchtower Info</div>
+            Advanced: This will reset the Watchtower information. This can be used if LND is having issues after adding watchtowers.
+            <br/>
+            <button id="delete_lnd_watchtower" class="ui-button ui-widget ui-corner-all settings_button">Delete Wallet</button>
+
        </div>


@ -983,6 +989,39 @@
        </div>


+        <div class="settings_block">
+            <a id="firewall"></a>
+            <div class="settings_block_header">Firewall</div>
+
+            <div class="settings_block_subheader">Rules</div>
+            Show the current firewall configuration.
+            <br/>
+            <button id="show_firewall_rules" class="ui-button ui-widget ui-corner-all settings_button">Show</button>
+            <div id="firewall_rules" style='text-align: left; font-size: 12px; width: 800px; display: none;'><pre>{{firewall_rules}}</pre></div>
+            
+            <div class="divider"></div>
+
+            <div class="settings_block_subheader">Allow All Local Network Traffic</div>
+            This will allow all local network traffic from 10.0.0.0/8, 192.168.0.0/16, and 172.16.0.0/12. This can be
+            helpful if you are having NAT-PMP or UPnP issues with LND. This will reboot the device.
+            <br/><br/>
+            <label class="switch">
+                <input type="checkbox" id="local_traffic_allowed_checkbox" {% if is_local_traffic_allowed %}checked{% endif %}>
+                <span class="slider round"></span>
+            </label>
+            <br/><br/>
+            <button id="local_traffic_allowed" style="display: none;" class="ui-button ui-widget ui-corner-all settings_button_small">Save</button>
+
+            <div class="divider"></div>
+
+            <div class="settings_block_subheader">Reset</div>
+            Resetting the firewall will disable and reenable the firewall and then reboot the device.
+            <br/>
+            <a href="/settings/reset-firewall" class="ui-button ui-widget ui-corner-all settings_button">Reset Firewall</a>
+
+        </div>
+
+
        <div class="settings_block">
            <a id="tor"></a>
            <div class="settings_block_header">Tor</div>