From 37f9209bd5e7299d5e9e1107cbe9f6c8c1d13bb2 Mon Sep 17 00:00:00 2001 From: Taylor Helsper Date: Sat, 20 Nov 2021 17:39:10 -0600 Subject: [PATCH] Add ability to toggle BTC RPC Explorer token --- .../etc/systemd/system/btcrpcexplorer.service | 1 + .../usr/bin/mynode_pre_btcrpcexplorer.sh | 21 ++++++++++++ rootfs/standard/usr/bin/mynode_startup.sh | 5 --- .../usr/share/mynode/btcrpcexplorer_env | 1 - rootfs/standard/var/www/mynode/api.py | 1 + .../var/www/mynode/application_info.py | 8 ++++- rootfs/standard/var/www/mynode/device_info.py | 27 ++++++++++++++++ rootfs/standard/var/www/mynode/mynode.py | 1 + rootfs/standard/var/www/mynode/settings.py | 19 +++++++++-- .../var/www/mynode/templates/main.html | 9 +++++- .../var/www/mynode/templates/settings.html | 32 +++++++++++++++++++ 11 files changed, 115 insertions(+), 10 deletions(-) create mode 100755 rootfs/standard/usr/bin/mynode_pre_btcrpcexplorer.sh diff --git a/rootfs/standard/etc/systemd/system/btcrpcexplorer.service b/rootfs/standard/etc/systemd/system/btcrpcexplorer.service index e72e2e64..3730e363 100644 --- a/rootfs/standard/etc/systemd/system/btcrpcexplorer.service +++ b/rootfs/standard/etc/systemd/system/btcrpcexplorer.service @@ -10,6 +10,7 @@ After=bitcoin.service ExecStartPre=/usr/bin/is_not_shutting_down.sh ExecStartPre=/usr/bin/wait_on_bitcoin.sh ExecStartPre=/usr/bin/wait_on_electrs.sh +ExecStartPre=+/usr/bin/mynode_pre_btcrpcexplorer.sh WorkingDirectory=/opt/mynode/btc-rpc-explorer ExecStart=/usr/bin/npm start diff --git a/rootfs/standard/usr/bin/mynode_pre_btcrpcexplorer.sh b/rootfs/standard/usr/bin/mynode_pre_btcrpcexplorer.sh new file mode 100755 index 00000000..a6016089 --- /dev/null +++ b/rootfs/standard/usr/bin/mynode_pre_btcrpcexplorer.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +source /usr/share/mynode/mynode_config.sh + +set -x + +# Initialize BTC RPC Explorer Config +mkdir -p /opt/mynode/btc-rpc-explorer +cp /usr/share/mynode/btcrpcexplorer_env /opt/mynode/btc-rpc-explorer/.env +chown -R bitcoin:bitcoin /opt/mynode/btc-rpc-explorer + +# Update Bitcoin RPC Password +BTCRPCPW=$(cat /mnt/hdd/mynode/settings/.btcrpcpw) +if [ -f /opt/mynode/btc-rpc-explorer/.env ]; then + sed -i "s/BTCEXP_BITCOIND_PASS=.*/BTCEXP_BITCOIND_PASS=$BTCRPCPW/g" /opt/mynode/btc-rpc-explorer/.env +fi + +# Enable / disable token requirement +if [ -f /mnt/hdd/mynode/settings/.btcrpcexplorer_disable_token ]; then + sed -i "s/BTCEXP_SSO_TOKEN_FILE/#BTCEXP_SSO_TOKEN_FILE/g" /opt/mynode/btc-rpc-explorer/.env +fi diff --git a/rootfs/standard/usr/bin/mynode_startup.sh b/rootfs/standard/usr/bin/mynode_startup.sh index db38ab13..fb6c01fb 100755 --- a/rootfs/standard/usr/bin/mynode_startup.sh +++ b/rootfs/standard/usr/bin/mynode_startup.sh @@ -412,11 +412,6 @@ if [ -f /opt/mynode/btcpayserver/.env ]; then sed -i "s/NBXPLORER_VERSION.*/NBXPLORER_VERSION=$BTCPAYSERVER_NBXPLORER_VERSION/g" /opt/mynode/btcpayserver/.env || true fi -# BTC RPC Explorer Config -mkdir -p /opt/mynode/btc-rpc-explorer -cp /usr/share/mynode/btcrpcexplorer_env /opt/mynode/btc-rpc-explorer/.env -chown -R bitcoin:bitcoin /opt/mynode/btc-rpc-explorer - # LNBits Config if [ -d /opt/mynode/lnbits ]; then cp /usr/share/mynode/lnbits.env /opt/mynode/lnbits/.env diff --git a/rootfs/standard/usr/share/mynode/btcrpcexplorer_env b/rootfs/standard/usr/share/mynode/btcrpcexplorer_env index 30249d1b..df21adae 100644 --- a/rootfs/standard/usr/share/mynode/btcrpcexplorer_env +++ b/rootfs/standard/usr/share/mynode/btcrpcexplorer_env @@ -83,7 +83,6 @@ BTCEXP_PRIVACY_MODE=true # File where the SSO token is stored; ignored if BTCEXP_BASIC_AUTH_PASSWORD is provided. # Enables SSO if present. # Default: none -#BTCEXP_SSO_TOKEN_FILE=/var/run/btc-rpc-explorer/sso_token BTCEXP_SSO_TOKEN_FILE=/opt/mynode/btc-rpc-explorer/token # URL of an optional external SSO provider diff --git a/rootfs/standard/var/www/mynode/api.py b/rootfs/standard/var/www/mynode/api.py index 3731df41..25ea5b17 100644 --- a/rootfs/standard/var/www/mynode/api.py +++ b/rootfs/standard/var/www/mynode/api.py @@ -78,6 +78,7 @@ def api_get_service_status(): data["status"] = get_application_status(service) data["color"] = get_application_status_color(service) data["sso_token"] = get_application_sso_token(service) + data["sso_token_enabled"] = get_application_sso_token_enabled(service) return jsonify(data) @mynode_api.route("/api/get_app_info") diff --git a/rootfs/standard/var/www/mynode/application_info.py b/rootfs/standard/var/www/mynode/application_info.py index c7d4ff96..364ef595 100644 --- a/rootfs/standard/var/www/mynode/application_info.py +++ b/rootfs/standard/var/www/mynode/application_info.py @@ -349,9 +349,15 @@ def get_application_status_color(short_name): def get_application_sso_token(short_name): # Make sure app is valid if not is_application_valid(short_name): - return "APP NOT FOUND" + return "APP_NOT_FOUND" return get_sso_token(short_name) +def get_application_sso_token_enabled(short_name): + # Make sure app is valid + if not is_application_valid(short_name): + return "APP_NOT_FOUND" + return get_sso_token_enabled(short_name) + def restart_application(short_name): try: subprocess.check_output('systemctl restart {}'.format(short_name), shell=True) diff --git a/rootfs/standard/var/www/mynode/device_info.py b/rootfs/standard/var/www/mynode/device_info.py index 91c5c645..be969799 100644 --- a/rootfs/standard/var/www/mynode/device_info.py +++ b/rootfs/standard/var/www/mynode/device_info.py @@ -930,6 +930,27 @@ def reset_specter_config(): os.system("rm -rf /mnt/hdd/mynode/specter/config.json") os.system("systemctl restart specter") +#================================== +# BTC RPC Explorer Functions +#================================== +def is_btcrpcexplorer_token_enabled(): + if os.path.isfile("/mnt/hdd/mynode/settings/.btcrpcexplorer_disable_token"): + return False + return True + +def enable_btcrpcexplorer_token(): + os.system("rm -rf /mnt/hdd/mynode/settings/.btcrpcexplorer_disable_token") + os.system("sync") + if is_service_enabled("btcrpcexplorer"): + restart_service("btcrpcexplorer") + + +def disable_btcrpcexplorer_token(): + os.system("touch /mnt/hdd/mynode/settings/.btcrpcexplorer_disable_token") + os.system("sync") + if is_service_enabled("btcrpcexplorer"): + restart_service("btcrpcexplorer") + #================================== # Tor Functions #================================== @@ -1105,6 +1126,12 @@ def get_sso_token(short_name): token = "UNKOWN_APP" return to_string(token) +def get_sso_token_enabled(short_name): + enabled = False + if short_name == "btcrpcexplorer": + enabled = is_btcrpcexplorer_token_enabled() + return enabled + #================================== # QR Code Functions diff --git a/rootfs/standard/var/www/mynode/mynode.py b/rootfs/standard/var/www/mynode/mynode.py index 55133b3c..b9f1bb1f 100644 --- a/rootfs/standard/var/www/mynode/mynode.py +++ b/rootfs/standard/var/www/mynode/mynode.py @@ -532,6 +532,7 @@ def index(): "lnd_channels": get_lightning_channels(), "electrs_active": electrs_active, "btcpayserver_onion": get_onion_url_btcpay(), + "btcrpcexplorer_token_enabled": is_btcrpcexplorer_token_enabled(), "lndhub_onion": get_onion_url_lndhub(), "lnbits_onion": get_onion_url_lnbits(), "is_testnet_enabled": is_testnet_enabled(), diff --git a/rootfs/standard/var/www/mynode/settings.py b/rootfs/standard/var/www/mynode/settings.py index e9e7cfc9..9ded30f2 100644 --- a/rootfs/standard/var/www/mynode/settings.py +++ b/rootfs/standard/var/www/mynode/settings.py @@ -89,6 +89,7 @@ def page_settings(): "is_uploader_device": is_uploader(), "download_rate": download_rate, "upload_rate": upload_rate, + "btcrpcexplorer_token_enabled": is_btcrpcexplorer_token_enabled(), "is_btc_lnd_tor_enabled": is_btc_lnd_tor_enabled(), "is_aptget_tor_enabled": is_aptget_tor_enabled(), "skip_fsck": skip_fsck(), @@ -780,19 +781,33 @@ def page_set_https_forced_page(): flash("HTTPS Settings Saved", category="message") return redirect(url_for(".page_settings")) + + +@mynode_settings.route("/settings/btcrpcexplorer_token") +def page_btcrpcexplorer_token(): + check_logged_in() + + enable = request.args.get('enable') + if enable == "1": + enable_btcrpcexplorer_token() + else: + disable_btcrpcexplorer_token() + + flash("BTC RPC Explorer Token Setting Saved", category="message") + return redirect(url_for(".page_settings")) @mynode_settings.route("/settings/enable_aptget_tor") def page_enable_aptget_tor(): check_logged_in() - - check_and_mark_reboot_action("enable_aptget_tor") enable = request.args.get('enable') if enable == "1": enable_aptget_tor() else: disable_aptget_tor() + + flash("Tor Setting Saved", category="message") return redirect(url_for(".page_settings")) @mynode_settings.route("/settings/mynode_logs.tar.gz") diff --git a/rootfs/standard/var/www/mynode/templates/main.html b/rootfs/standard/var/www/mynode/templates/main.html index 8bd349f6..ea21422a 100644 --- a/rootfs/standard/var/www/mynode/templates/main.html +++ b/rootfs/standard/var/www/mynode/templates/main.html @@ -100,6 +100,9 @@ if ("sso_token" in data && data["sso_token"] != null && data["sso_token"] != "") { application_data[short_name]["sso_token"] = data["sso_token"] } + if ("sso_token_enabled" in data) { + application_data[short_name]["sso_token_enabled"] = data["sso_token_enabled"] + } } function refresh_page() { @@ -473,7 +476,11 @@ if (location.protocol == "https:") { port="3003" } - url = location.protocol+'//'+hostname+':'+port+'/?'+'token='+application_data["btcrpcexplorer"]["sso_token"] + token_string="" + if (application_data["btcrpcexplorer"]["sso_token_enabled"]) { + token_string='?'+'token='+application_data["btcrpcexplorer"]["sso_token"] + } + url = location.protocol+'//'+hostname+':'+port+'/'+token_string window.open(url,'_blank'); }) diff --git a/rootfs/standard/var/www/mynode/templates/settings.html b/rootfs/standard/var/www/mynode/templates/settings.html index 77eb2a14..907ca806 100644 --- a/rootfs/standard/var/www/mynode/templates/settings.html +++ b/rootfs/standard/var/www/mynode/templates/settings.html @@ -445,6 +445,21 @@ } }); + $('#btcrpcexplorer_token_checkbox').change(function () { + $("#btcrpcexplorer_token").show(); + }); + $("#btcrpcexplorer_token").on("click", function() { + enabled=$('#btcrpcexplorer_token_checkbox').is(":checked") + if (enabled) + { + window.location.href='/settings/btcrpcexplorer_token?enable=1' + } + else + { + window.location.href='/settings/btcrpcexplorer_token?enable=0' + } + }); + $('#aptget_tor_checkbox').change(function () { $("#aptget_tor").show(); }); @@ -800,6 +815,23 @@ +
+ +
BTC RPC Explorer
+ +
Access Token
+ To improve security, a token is required to access BTC RPC Explorer. This restricts access to people who have logged into myNode and navigated to + BTC RPC Explorer via the interface. To allow access to all users on the network, you can disable requiring the token. This is less secure. +

+ +

+ +
+ +
Mempool