diff --git a/app/lib/composegenerator/v2/generate.py b/app/lib/composegenerator/v2/generate.py index 45ef8e5..dfcd38d 100644 --- a/app/lib/composegenerator/v2/generate.py +++ b/app/lib/composegenerator/v2/generate.py @@ -43,7 +43,7 @@ def createComposeConfigFromV2(app: dict, nodeRoot: str): newApp = convertDataDirToVolumeGen2(newApp) newApp = configureIps(newApp, networkingFile, envFile) newApp = configureMainPort(newApp, nodeRoot) - configureHiddenServices(newApp, nodeRoot) + newApp = configureHiddenServices(newApp, nodeRoot) finalConfig: AppStage4 = convertContainersToServices(newApp) newApp = classToDict(finalConfig) del newApp['metadata'] diff --git a/app/lib/composegenerator/v2/networking.py b/app/lib/composegenerator/v2/networking.py index 1e0d976..c0a6744 100644 --- a/app/lib/composegenerator/v2/networking.py +++ b/app/lib/composegenerator/v2/networking.py @@ -100,7 +100,7 @@ def configureIps(app: AppStage2, networkingFile: str, envFile: str): return app -def configureHiddenServices(app: AppStage3, nodeRoot: str) -> None: +def configureHiddenServices(app: AppStage3, nodeRoot: str) -> AppStage3: dotEnv = parse_dotenv(path.join(nodeRoot, ".env")) hiddenServices = "" @@ -113,8 +113,11 @@ def configureHiddenServices(app: AppStage3, nodeRoot: str) -> None: ) hiddenServices += getContainerHiddenService( app.metadata, container, dotEnv[env_var], container.name == mainContainer.name) + if container.hiddenServicePorts: + del container.hiddenServicePorts torDaemons = ["torrc-apps", "torrc-apps-2", "torrc-apps-3"] torFileToAppend = torDaemons[random.randint(0, len(torDaemons) - 1)] with open(path.join(nodeRoot, "tor", torFileToAppend), 'a') as f: f.write(hiddenServices) + return app diff --git a/app/lib/composegenerator/v2/utils/networking.py b/app/lib/composegenerator/v2/utils/networking.py index e166597..8997306 100644 --- a/app/lib/composegenerator/v2/utils/networking.py +++ b/app/lib/composegenerator/v2/utils/networking.py @@ -64,6 +64,10 @@ def getContainerHiddenService( hiddenServices = "# {} {} Hidden Service\nHiddenServiceDir /var/lib/tor/app-{}-{}\n".format( metadata.name, container.name, metadata.id, container.name ) + initialHiddenServices = "# {} {} Hidden Service\nHiddenServiceDir /var/lib/tor/app-{}-{}\n".format( + metadata.name, container.name, metadata.id, container.name + ) + otherHiddenServices = "" for key, value in container.hiddenServicePorts.items(): if isinstance(key, int): hiddenServices += "HiddenServicePort {} {}:{}".format( @@ -73,19 +77,23 @@ def getContainerHiddenService( else: additionalHiddenServices[key] = value for key, value in additionalHiddenServices.items(): - hiddenServices += "\n" + otherHiddenServices += "\n" if isinstance(value, int): - hiddenServices += "# {} {} {} Hidden Service\nHiddenServiceDir /var/lib/tor/app-{}-{}\n".format( + otherHiddenServices += "# {} {} {} Hidden Service\nHiddenServiceDir /var/lib/tor/app-{}-{}\n".format( metadata.name, container.name, key, metadata.id, container.name ) - hiddenServices += "HiddenServicePort {} {}:{}".format( + otherHiddenServices += "HiddenServicePort {} {}:{}".format( key, containerIp, value ) elif isinstance(value, list): - hiddenServices += getHiddenServiceMultiPort( - key, metadata.id, containerIp, value + otherHiddenServices += getHiddenServiceMultiPort( + "{} {}".format(metadata.name, key), "{}-{}".format(metadata.id, key), containerIp, value ) - return hiddenServices + + if hiddenServices == initialHiddenServices: + return otherHiddenServices + else : + return hiddenServices + "\n" + otherHiddenServices del container.hiddenServicePorts return "" diff --git a/app/lib/manage.py b/app/lib/manage.py index e1cb0c9..5f4ec1a 100644 --- a/app/lib/manage.py +++ b/app/lib/manage.py @@ -194,7 +194,7 @@ def compose(app, arguments): composeFile = os.path.join(appsDir, app, "docker-compose.yml") commonComposeFile = os.path.join(appSystemDir, "docker-compose.common.yml") os.environ["APP_DOMAIN"] = subprocess.check_output( - "hostname -s 2>/dev/null || echo 'citadel'", shell=True).decode("utf-8") + ".local" + "hostname -s 2>/dev/null || echo 'citadel'", shell=True).decode("utf-8").strip() + ".local" os.environ["APP_HIDDEN_SERVICE"] = subprocess.check_output("cat {} 2>/dev/null || echo 'notyetset.onion'".format( os.path.join(nodeRoot, "tor", "data", "app-{}/hostname".format(app))), shell=True).decode("utf-8").strip() os.environ["APP_SEED"] = deriveEntropy("app-{}-seed".format(app)) diff --git a/docker-compose.yml b/docker-compose.yml index f46bd75..a9dc48c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,7 @@ services: ports: - ${NGINX_PORT}:80 - 433:433 - - 443:443 + - ${NGINX_SSL_PORT}:443 networks: default: ipv4_address: $NGINX_IP diff --git a/info.json b/info.json index 162cedc..1b22b2b 100644 --- a/info.json +++ b/info.json @@ -2,5 +2,5 @@ "version": "0.5.21", "name": "Citadel 0.5.21", "requires": ">=0.5.5", - "notes": "This update includes a lot of internal improvements to the app system. This update also prepares for letting you to update individual apps instead of all at once." + "notes": "Please note: This update is not suitable for notes running the c-lightning beta. This update includes a lot of internal improvements to the app system. This update also prepares for letting you to update individual apps instead of all at once." } diff --git a/scripts/add-https b/scripts/add-https index dec6d69..9ee16d6 100755 --- a/scripts/add-https +++ b/scripts/add-https @@ -47,7 +47,7 @@ key = args.key node_root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) nginx_config_file = os.path.join(node_root, 'nginx', 'nginx.conf') -registry_file = os.path.join(node_root, 'apps', 'apps.json') +registry_file = os.path.join(node_root, 'apps', 'registry.json') with open(registry_file) as file: registry = json.load(file) @@ -98,7 +98,7 @@ if port == None: print("Error: No port found for {}".format(service)) exit(1) -if service == "btcpay-server" or service == "lnbits": +if service == "btcpay-server": port = 1234 if service == "lnme": diff --git a/scripts/backup/backup b/scripts/backup/backup index 8f3a85b..a0be32d 100755 --- a/scripts/backup/backup +++ b/scripts/backup/backup @@ -140,6 +140,13 @@ cat < ${BACKUP_STATUS_FILE} EOF exit fi +if [[ $BITCOIN_NETWORK == "signet" ]]; then +rm -rf "${BACKUP_ROOT}" +cat < ${BACKUP_STATUS_FILE} +{"status": "skipped", "timestamp": $(date +%s000)} +EOF + exit +fi if [[ $BITCOIN_NETWORK == "regtest" ]]; then rm -rf "${BACKUP_ROOT}" cat < ${BACKUP_STATUS_FILE} diff --git a/scripts/configure b/scripts/configure index 479142f..7f21473 100755 --- a/scripts/configure +++ b/scripts/configure @@ -75,14 +75,14 @@ if os.path.isfile('../.citadel'): status_dir = os.path.join(CITADEL_ROOT, '..', 'statuses') updating = True -# Configure for mainnet or testnet or regtest depending +# Configure for appropriate network depending # upon the user-supplied value of $NETWORK # If the network is not specified, then use the mainnet BITCOIN_NETWORK=os.environ.get('NETWORK') or 'mainnet' # Check if network neither mainnet nor testnet nor regtest -if BITCOIN_NETWORK not in ['mainnet', 'testnet', 'regtest']: - print('Error: Network must be either mainnet, testnet, or regtest!') +if BITCOIN_NETWORK not in ['mainnet', 'testnet', 'signet', 'regtest']: + print('Error: Network must be either mainnet, testnet, signet or regtest!') exit(1) with open(os.path.join(CITADEL_ROOT, "info.json"), 'r') as file: @@ -145,6 +145,7 @@ if os.path.isfile('../use-core-upstream') or os.path.isfile('./use-core-upstream ########################################################## NGINX_PORT=os.environ.get('NGINX_PORT') or "80" +NGINX_SSL_PORT=os.environ.get('NGINX_SSL_PORT') or "443" UPDATE_CHANNEL="main" if reconfiguring: @@ -155,8 +156,8 @@ if reconfiguring: BITCOIN_NETWORK=os.environ.get('OVERWRITE_NETWORK') or dotenv['BITCOIN_NETWORK'] # Check if network neither mainnet nor testnet nor regtest - if BITCOIN_NETWORK not in ['mainnet', 'testnet', 'regtest']: - print('Error: Network must be either mainnet, testnet, or regtest!') + if BITCOIN_NETWORK not in ['mainnet', 'testnet', 'signet', 'regtest']: + print('Error: Network must be either mainnet, testnet, signet or regtest!') exit(1) print("Using {} network".format(BITCOIN_NETWORK)) print() @@ -168,6 +169,11 @@ if reconfiguring: TOR_PASSWORD=dotenv['TOR_PASSWORD'] TOR_HASHED_PASSWORD=dotenv['TOR_HASHED_PASSWORD'] NGINX_PORT=dotenv['NGINX_PORT'] + NGINX_SSL_PORT="443" + if 'NGINX_SSL_PORT' in dotenv: + NGINX_SSL_PORT=dotenv['NGINX_SSL_PORT'] + if NGINX_SSL_PORT == "80" and NGINX_PORT == "80": + NGINX_SSL_PORT="443" if 'UPDATE_CHANNEL' in dotenv: UPDATE_CHANNEL=dotenv['UPDATE_CHANNEL'] else: @@ -252,6 +258,14 @@ elif BITCOIN_NETWORK == "testnet": NEUTRINO_PEERS=''' [neutrino] neutrino.addpeer=testnet1-btcd.zaphq.io +neutrino.addpeer=testnet2-btcd.zaphq.io + ''' +elif BITCOIN_NETWORK == "signet": + BITCOIN_RPC_PORT=38332 + BITCOIN_P2P_PORT=38333 + NEUTRINO_PEERS=''' +[neutrino] +neutrino.addpeer=testnet1-btcd.zaphq.io neutrino.addpeer=testnet2-btcd.zaphq.io ''' elif BITCOIN_NETWORK == "regtest": @@ -264,6 +278,8 @@ else: NETWORK_SECTION="" if BITCOIN_NETWORK != "mainnet": NETWORK_SECTION = "[{}]".format(BITCOIN_NETWORK) +if BITCOIN_NETWORK == "testnet": + NETWORK_SECTION = "[test]" # IP addresses for services NETWORK_IP="10.21.21.0" diff --git a/scripts/start b/scripts/start index 46a3502..d9da226 100755 --- a/scripts/start +++ b/scripts/start @@ -44,7 +44,7 @@ fi # Configure Citadel if it isn't already configured if [[ ! -f "${CITADEL_ROOT}/statuses/configured" ]]; then - NGINX_PORT=${NGINX_PORT:-80} NETWORK="${NETWORK:-mainnet}" "${CITADEL_ROOT}/scripts/configure" + NGINX_PORT=${NGINX_PORT:-80} NGINX_SSL_PORT=${NGINX_SSL_PORT:-443} NETWORK="${NETWORK:-mainnet}" "${CITADEL_ROOT}/scripts/configure" fi echo diff --git a/templates/.env-sample b/templates/.env-sample index 4741461..6b12fe6 100644 --- a/templates/.env-sample +++ b/templates/.env-sample @@ -8,6 +8,7 @@ NETWORK_IP= GATEWAY_IP= NGINX_IP= NGINX_PORT= +NGINX_SSL_PORT= DASHBOARD_IP= MANAGER_IP= MIDDLEWARE_IP= diff --git a/templates/bitcoin-sample.conf b/templates/bitcoin-sample.conf index b1b5966..f137f9d 100644 --- a/templates/bitcoin-sample.conf +++ b/templates/bitcoin-sample.conf @@ -9,7 +9,7 @@ proxy=: listen=1 -# Mainnet/Testnet/regtest +# Mainnet/Testnet/Signet/regtest =1 # Connections @@ -21,7 +21,6 @@ rpcauth= dbcache=200 maxmempool=300 - # zmq zmqpubrawblock=tcp://0.0.0.0: zmqpubrawtx=tcp://0.0.0.0: @@ -40,6 +39,8 @@ peerblockfilters=1 +# NOTE: The options addnode, connect, port, bind, rpcport, rpcbind and wallet +# only apply to mainnet unless they appear in the appropriate section below. bind= port= diff --git a/templates/lnd-sample.conf b/templates/lnd-sample.conf index 2a57ba9..7f60a12 100644 --- a/templates/lnd-sample.conf +++ b/templates/lnd-sample.conf @@ -29,7 +29,7 @@ accept-amp=true protocol.wumbo-channels=true [Bitcoind] -bitcoind.rpchost= +bitcoind.rpchost=: bitcoind.rpcuser= bitcoind.rpcpass= bitcoind.zmqpubrawblock=tcp://: