blob: 09d71386cd54fa6daf6fabf0d760d3b20edfc306 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
_bc_user=bitcoin
_bc_group=bitcoin
post_install() {
_mkuser
_mkssl
# disable Copy-On-Write (btrfs directories only)
for _dir in /srv/bitcoin; do
_is_btrfs "$_dir" && _disable_cow "$_dir"
done
chown -R $_bc_user:$_bc_group /etc/bitcoin /srv/bitcoin
printf "%b\n" "$bitcoin"
}
post_upgrade() {
_mkuser
chown -R $_bc_user:$_bc_group /etc/bitcoin /srv/bitcoin
printf "%b\n" "$bitcoin"
}
post_remove() {
_rmuser
rm -rf /srv/bitcoin
}
# ------------------------------------------------------------------------------
# helper functions for creating bitcoin-core user / group
# ------------------------------------------------------------------------------
_mkuser() {
getent passwd $_bc_user &>/dev/null || {
echo -n "Creating bitcoin user... "
grep -E "^$_bc_group:" /etc/group >/dev/null || groupadd $_bc_group
useradd -m -d /etc/bitcoin -g $_bc_group -s /usr/bin/nologin $_bc_user 2>/dev/null
echo "done"
}
}
_rmuser() {
echo -n "Removing bitcoin user... "
userdel -rf $_bc_user 2>/dev/null
echo "done"
}
# ------------------------------------------------------------------------------
# helper function for enabling SSL in bitcoin-core
# ------------------------------------------------------------------------------
_mkssl() {
echo -n "Enabling SSL..." # https://en.bitcoin.it/wiki/Enabling_SSL_on_original_client_daemon
mkdir -p /{etc,srv}/bitcoin
openssl genrsa -out /etc/bitcoin/server.pem 2048
expect <<EOF | perl -ne 'print if /-----BEGIN\sCERTIFICATE-----/../-----END\sCERTIFICATE-----/' > /etc/bitcoin/server.cert
spawn openssl req -new -x509 -nodes -sha1 -days 3650 -key /etc/bitcoin/server.pem
expect "Country*" {
send "\r"
}
expect "State*" {
send "\r"
}
expect "Locality*" {
send "\r"
}
expect "Organization*" {
send "\r"
}
expect "Organizational*" {
send "\r"
}
expect "Common*" {
send "\r"
}
expect "Email*" {
send "\r"
}
expect eof
EOF
echo "done"
}
# ------------------------------------------------------------------------------
# helper functions for disabling btrfs Copy-On-Write (CoW)
# https://wiki.archlinux.org/index.php/Btrfs#Copy-On-Write_.28CoW.29
# ------------------------------------------------------------------------------
# check if dir is btrfs
_is_btrfs() {
if [[ $(findmnt --target $1 --output FSTYPE --noheadings) == 'btrfs' ]]; then
return 0
else
return 1
fi
}
# disable btrfs CoW
_chattrify() {
# original dir, with trailing slash stripped if it exists
_orig_dir=$( echo "$1" | sed 's@/$@@' )
# if original dir exists, back it up
[[ -d "$1" ]] && mv "$1" "${_orig_dir}"_old
# re-make original dir
mkdir -p "$1"
# set permissions on re-made dir
chmod "$2" "$1"
# disable btrfs CoW on re-made dir
chattr +C "$1"
# recursive copy to restore backed up dir while maintaining disabled CoW
[[ -d "${_orig_dir}"_old ]] \
&& find "${_orig_dir}"_old -mindepth 1 -maxdepth 1 -exec cp -R '{}' "$1" \;
# set ownership on re-made dir
chown -R $3:$4 "$1"
# purge backed up dir
[[ -d "${_orig_dir}"_old ]] && rm -rf "${_orig_dir}"_old
}
_disable_cow() {
_chattrify "$1" "700" "$_bc_user" "$_bc_group"
}
read -d '' bitcoin <<'EOF'
########################################################################
########################################################################
## ##
## Bitcoin Core ##
## ____________ ##
## ##
## To start bitcoin-core: ##
## ##
## # systemctl start bitcoin ##
## ##
## To communicate with bitcoin-core as a normal user: ##
## ##
## $ mkdir -p ~/.bitcoin ##
## $ cat > ~/.bitcoin/bitcoin.conf <<'EOF' ##
## rpcconnect=127.0.0.1 ##
## rpcport=8332 ##
## rpcuser=bitcoin ##
## rpcpassword=secret ##
## rpcssl=1 ##
## EOF ##
## ##
## $ bitcoin-cli getmininginfo ##
## ##
## Config: /etc/bitcoin/bitcoin.conf ##
## Blockchain: /var/lib/bitcoind ##
## Documentation: /usr/share/doc/bitcoin ##
## ##
########################################################################
########################################################################
EOF
|