Retropex/raspiblitz
1
0
Fork 0
mirror of https://github.com/Retropex/raspiblitz.git synced 2025-06-03 07:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

#2691 detect locked c-lightning wallet from logs

Browse Source
This commit is contained in:
openoms 2022-02-09 14:31:23 +00:00
parent 9fadcda73e
commit 3fd49e7331
No known key found for this signature in database
GPG Key ID: 5BFB77609B081B65
3 changed files with 46 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
home.admin/_background.scan.sh
View File

@ -793,7 +793,7 @@ do
/home/admin/_cache.sh set ln_cl_${CHAIN}net_running "${ln_cl_running}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_running "${ln_cl_running}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_ready "${ln_cl_ready}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_ready "${ln_cl_ready}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_online "${ln_cl_online}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_online "${ln_cl_online}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_locked "0" /home/admin/_cache.sh set ln_cl_${CHAIN}net_locked "${ln_cl_locked}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_error_short "${ln_cl_error_short}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_error_short "${ln_cl_error_short}"
/home/admin/_cache.sh set ln_cl_${CHAIN}net_error_full "${ln_cl_error_full}" /home/admin/_cache.sh set ln_cl_${CHAIN}net_error_full "${ln_cl_error_full}"
if [ "${isDefaultLightning}" == "1" ] && [ "${isDefaultChain}" == "1" ]; then if [ "${isDefaultLightning}" == "1" ] && [ "${isDefaultChain}" == "1" ]; then
@ -802,7 +802,7 @@ do
/home/admin/_cache.sh set ln_default_running "${lc_running}" /home/admin/_cache.sh set ln_default_running "${lc_running}"
/home/admin/_cache.sh set ln_default_ready "${cl_ready}" /home/admin/_cache.sh set ln_default_ready "${cl_ready}"
/home/admin/_cache.sh set ln_default_online "${cl_online}" /home/admin/_cache.sh set ln_default_online "${cl_online}"
/home/admin/_cache.sh set ln_default_locked "0" /home/admin/_cache.sh set ln_default_locked "${ln_cl_locked}"
/home/admin/_cache.sh set ln_default_error_short "${cl_error_short}" /home/admin/_cache.sh set ln_default_error_short "${cl_error_short}"
/home/admin/_cache.sh set ln_default_error_full "${cl_error_full}" /home/admin/_cache.sh set ln_default_error_full "${cl_error_full}"
fi fi

12
home.admin/config.scripts/cl.hsmtool.sh
View File

@ -255,6 +255,7 @@ seedwords6x4='${seedwords6x4}'
exit 0 exit 0
elif [ "$1" = "unlock" ]; then elif [ "$1" = "unlock" ]; then
# check if unlocked # check if unlocked
attempt=0 attempt=0
@ -280,7 +281,7 @@ elif [ "$1" = "unlock" ]; then
sudo systemctl restart ${netprefix}lightningd sudo systemctl restart ${netprefix}lightningd
justUnlocked=1 justUnlocked=1
else else
echo "# Waiting to unlock wallet (2) ... " echo "# waiting to unlock wallet (2) ... "
sleep 5 sleep 5
fi fi
@ -314,18 +315,20 @@ elif [ "$1" = "unlock" ]; then
echo echo
exit 1 exit 1
fi fi
echo "# Waiting to unlock wallet ... " echo "# waiting to unlock wallet ... $((attempt*5))"
sleep 5 sleep 5
attempt=$((attempt+1)) attempt=$((attempt+1))
done done
echo "# Ok the ${netprefix}lightningd wallet is unlocked" echo "# Ok the ${netprefix}lightningd wallet is unlocked"
exit 0 exit 0
elif [ "$1" = "lock" ]; then elif [ "$1" = "lock" ]; then
shredPasswordFile shredPasswordFile
sudo systemctl restart ${netprefix}lightningd sudo systemctl restart ${netprefix}lightningd
exit 0 exit 0
elif [ "$1" = "encrypt" ]; then elif [ "$1" = "encrypt" ]; then
# check if sudo # check if sudo
@ -367,9 +370,11 @@ elif [ "$1" = "encrypt" ]; then
walletPassword=$3 walletPassword=$3
encryptHSMsecret $walletPassword encryptHSMsecret $walletPassword
elif [ "$1" = "decrypt" ]; then elif [ "$1" = "decrypt" ]; then
decryptHSMsecret decryptHSMsecret
elif [ "$1" = "autounlock-on" ]; then elif [ "$1" = "autounlock-on" ]; then
if grep -Eq "${netprefix}clEncryptedHSM=on" /mnt/hdd/raspiblitz.conf;then if grep -Eq "${netprefix}clEncryptedHSM=on" /mnt/hdd/raspiblitz.conf;then
echo "# Moving the password from $passwordFile to /home/bitcoin/.${netprefix}cl.pw" echo "# Moving the password from $passwordFile to /home/bitcoin/.${netprefix}cl.pw"
@ -383,6 +388,7 @@ elif [ "$1" = "autounlock-on" ]; then
echo "# Autounlock is on for C-lightning $CHAIN" echo "# Autounlock is on for C-lightning $CHAIN"
elif [ "$1" = "autounlock-off" ]; then elif [ "$1" = "autounlock-off" ]; then
if [ -f /home/bitcoin/.${netprefix}cl.pw ];then if [ -f /home/bitcoin/.${netprefix}cl.pw ];then
sudo cp /home/bitcoin/.${netprefix}cl.pw /dev/shm/.${netprefix}cl.pw sudo cp /home/bitcoin/.${netprefix}cl.pw /dev/shm/.${netprefix}cl.pw
@ -394,6 +400,7 @@ elif [ "$1" = "autounlock-off" ]; then
/home/admin/config.scripts/blitz.conf.sh set ${netprefix}clAutoUnlock "off" /home/admin/config.scripts/blitz.conf.sh set ${netprefix}clAutoUnlock "off"
echo "# Autounlock is off for C-lightning $CHAIN" echo "# Autounlock is off for C-lightning $CHAIN"
elif [ "$1" = "change-password" ]; then elif [ "$1" = "change-password" ]; then
decryptHSMsecret || exit 1 decryptHSMsecret || exit 1
walletPassword=$3 walletPassword=$3
@ -405,6 +412,7 @@ elif [ "$1" = "change-password" ]; then
fi fi
exit 0 exit 0
elif [ "$1" = "check" ]; then elif [ "$1" = "check" ]; then
# TODO https://github.com/rootzoll/raspiblitz/issues/2897 # TODO https://github.com/rootzoll/raspiblitz/issues/2897
# dumponchaindescriptors <path/to/hsm_secret> [network] # dumponchaindescriptors <path/to/hsm_secret> [network]

35
home.admin/config.scripts/cl.monitor.sh
View File

@ -48,10 +48,42 @@ if [ "$2" = "status" ]; then
cl_running=$(systemctl status ${netprefix}lightningd 2>/dev/null | grep -c "active (running)") cl_running=$(systemctl status ${netprefix}lightningd 2>/dev/null | grep -c "active (running)")
cl_ready="0" cl_ready="0"
cl_online="0" cl_online="0"
cl_locked="0"
cl_error_short="" cl_error_short=""
cl_error_full="" cl_error_full=""
if [ "${cl_running}" != "0" ]; then if [ "${cl_running}" = "0" ]; then
# check if error because wallet is locked
# the next release will have soecific error code for decryption error
# https://github.com/ElementsProject/lightning/pull/4908
source /mnt/hdd/raspiblitz.conf
# password file is on the disk if encrypted and auto-unlock is enabled
passwordFile="/dev/shm/.${netprefix}cl.pw"
if grep -Eq "${netprefix}clEncryptedHSM=on" /mnt/hdd/raspiblitz.conf;then
if grep -Eq "${netprefix}clAutoUnlock=on" /mnt/hdd/raspiblitz.conf;then
passwordFile=/home/bitcoin/.${netprefix}cl.pw
fi
fi
clError=$(sudo journalctl -n5 -u ${netprefix}lightningd)
# cases from 'cl.hsmtool.sh unlock'
if \
[ "$(eval echo \$${netprefix}clEncryptedHSM)" = "on" ] && [ ! -f $passwordFile ] || \
[ $(echo "${clError}" | \
grep -c 'encrypted-hsm: Could not read pass from stdin.') -gt 0 ] || \
[ $(echo "${clError}" | \
grep -c 'hsm_secret is encrypted, you need to pass the --encrypted-hsm startup option.') -gt 0 ] || \
[ $(echo "${clError}" | \
grep -c 'Wrong password for encrypted hsm_secret.') -gt 0 ]; then
# signal wallet locked
cl_locked="1"
# dont report it as error
cl_error_short=""
cl_error_full=""
fi
elif [ "${cl_running}" != "0" ]; then
cl_running="1" cl_running="1"
# test connection - record win & fail info # test connection - record win & fail info
@ -89,6 +121,7 @@ if [ "$2" = "status" ]; then
echo "ln_cl_running='${cl_running}'" echo "ln_cl_running='${cl_running}'"
echo "ln_cl_ready='${cl_ready}'" echo "ln_cl_ready='${cl_ready}'"
echo "ln_cl_online='${cl_online}'" echo "ln_cl_online='${cl_online}'"
echo "ln_cl_locked='${cl_locked}'"
echo "ln_cl_error_short='${cl_error_short}'" echo "ln_cl_error_short='${cl_error_short}'"
echo "ln_cl_error_full='${cl_error_full}'" echo "ln_cl_error_full='${cl_error_full}'"