├── .gitignore ├── CLA-signed ├── CLA.icculp.C076C96C1110EA901974F2324CE131ACA12429CC.asc ├── CLA.nochiel.45EA5C819B7EE915C2A27C64444411907BE883D.asc ├── cla.fonta1n3.3B3797FA0AE84BE5B4406591856401D7121C32FC.asc └── cla.shannona.7EC6B928606F27AD.asc ├── CLA.md ├── CODEOWNERS ├── CONTRIBUTING.md ├── LICENSE ├── README.md └── Scripts ├── .gitignore ├── LinodeStandUp.sh └── StandUp.sh /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Created by https://www.gitignore.io/api/swift,xcode,macos,carthage,cocoapods,objective-c 3 | # Edit at https://www.gitignore.io/?templates=swift,xcode,macos,carthage,cocoapods,objective-c 4 | 5 | ### Carthage ### 6 | # Carthage 7 | # 8 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 9 | Carthage/Checkouts 10 | 11 | Carthage/Build 12 | 13 | ### CocoaPods ### 14 | ## CocoaPods GitIgnore Template 15 | 16 | # CocoaPods - Only use to conserve bandwidth / Save time on Pushing 17 | # - Also handy if you have a large number of dependant pods 18 | # - AS PER https://guides.cocoapods.org/using/using-cocoapods.html NEVER IGNORE THE LOCK FILE 19 | Pods/ 20 | 21 | ### macOS ### 22 | # General 23 | .DS_Store 24 | .AppleDouble 25 | .LSOverride 26 | 27 | # Icon must end with two \r 28 | Icon 29 | 30 | # Thumbnails 31 | ._* 32 | 33 | # Files that might appear in the root of a volume 34 | .DocumentRevisions-V100 35 | .fseventsd 36 | .Spotlight-V100 37 | .TemporaryItems 38 | .Trashes 39 | .VolumeIcon.icns 40 | .com.apple.timemachine.donotpresent 41 | 42 | # Directories potentially created on remote AFP share 43 | .AppleDB 44 | .AppleDesktop 45 | Network Trash Folder 46 | Temporary Items 47 | .apdisk 48 | 49 | ### Objective-C ### 50 | # Xcode 51 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 52 | 53 | ## Build generated 54 | build/ 55 | DerivedData/ 56 | 57 | ## Various settings 58 | *.pbxuser 59 | !default.pbxuser 60 | *.mode1v3 61 | !default.mode1v3 62 | *.mode2v3 63 | !default.mode2v3 64 | *.perspectivev3 65 | !default.perspectivev3 66 | xcuserdata/ 67 | 68 | ## Other 69 | *.moved-aside 70 | *.xccheckout 71 | *.xcscmblueprint 72 | 73 | ## Obj-C/Swift specific 74 | *.hmap 75 | *.ipa 76 | *.dSYM.zip 77 | *.dSYM 78 | 79 | # CocoaPods 80 | # We recommend against adding the Pods directory to your .gitignore. However 81 | # you should judge for yourself, the pros and cons are mentioned at: 82 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control 83 | # Pods/ 84 | # Add this line if you want to avoid checking in source code from the Xcode workspace 85 | # *.xcworkspace 86 | 87 | # Carthage 88 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 89 | # Carthage/Checkouts 90 | 91 | 92 | # fastlane 93 | # It is recommended to not store the screenshots in the git repo. Instead, use fastlane to re-generate the 94 | # screenshots whenever they are needed. 95 | # For more information about the recommended setup visit: 96 | # https://docs.fastlane.tools/best-practices/source-control/#source-control 97 | 98 | fastlane/report.xml 99 | fastlane/Preview.html 100 | fastlane/screenshots/**/*.png 101 | fastlane/test_output 102 | 103 | # Code Injection 104 | # After new code Injection tools there's a generated folder /iOSInjectionProject 105 | # https://github.com/johnno1962/injectionforxcode 106 | 107 | iOSInjectionProject/ 108 | 109 | ### Objective-C Patch ### 110 | 111 | ### Swift ### 112 | # Xcode 113 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 114 | 115 | 116 | 117 | 118 | 119 | ## Playgrounds 120 | timeline.xctimeline 121 | playground.xcworkspace 122 | 123 | # Swift Package Manager 124 | # Add this line if you want to avoid checking in source code from Swift Package Manager dependencies. 125 | # Packages/ 126 | # Package.pins 127 | # Package.resolved 128 | .build/ 129 | # Add this line if you want to avoid checking in Xcode SPM integration. 130 | # .swiftpm/xcode 131 | 132 | # CocoaPods 133 | # We recommend against adding the Pods directory to your .gitignore. However 134 | # you should judge for yourself, the pros and cons are mentioned at: 135 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control 136 | # Pods/ 137 | # Add this line if you want to avoid checking in source code from the Xcode workspace 138 | # *.xcworkspace 139 | 140 | # Carthage 141 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 142 | # Carthage/Checkouts 143 | 144 | 145 | # Accio dependency management 146 | Dependencies/ 147 | .accio/ 148 | 149 | # fastlane 150 | # It is recommended to not store the screenshots in the git repo. Instead, use fastlane to re-generate the 151 | # screenshots whenever they are needed. 152 | # For more information about the recommended setup visit: 153 | # https://docs.fastlane.tools/best-practices/source-control/#source-control 154 | 155 | 156 | # Code Injection 157 | # After new code Injection tools there's a generated folder /iOSInjectionProject 158 | # https://github.com/johnno1962/injectionforxcode 159 | 160 | 161 | ### Xcode ### 162 | # Xcode 163 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 164 | 165 | ## User settings 166 | 167 | ## compatibility with Xcode 8 and earlier (ignoring not required starting Xcode 9) 168 | 169 | ## compatibility with Xcode 3 and earlier (ignoring not required starting Xcode 4) 170 | 171 | ## Xcode Patch 172 | *.xcodeproj/* 173 | !*.xcodeproj/project.pbxproj 174 | !*.xcodeproj/xcshareddata/ 175 | !*.xcworkspace/contents.xcworkspacedata 176 | /*.gcno 177 | 178 | ### Xcode Patch ### 179 | **/xcshareddata/WorkspaceSettings.xcsettings 180 | 181 | # End of https://www.gitignore.io/api/swift,xcode,macos,carthage,cocoapods,objective-c 182 | -------------------------------------------------------------------------------- /CLA-signed/CLA.icculp.C076C96C1110EA901974F2324CE131ACA12429CC.asc: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1 3 | Comment: A revocation certificate should follow 4 | 5 | iQGFBCABAgBvBQJg+iKHaB0CQWNjaWRlbnRhbGx5IHVwbG9hZGVkIHByaXZhdGUg 6 | a2V5IHRvIHB1YmxpYyBnaXRodWIgcmVwbzsgcmVtb3ZlZCBjb21taXRzIGJ1dCBz 7 | dGlsbCBpdCdzIGJlZW4gb3V0IHRoZXJlAAoJEEzhMayhJCnMhnoH/0HoVE58CR35 8 | LhSBBtOXrGSOnRo45ss9/G+sNzMsUGAwuwVqS9cELS+BJbJTsA/ZYCsq09AtNqy5 9 | thr9VrV4eonYZ9rZ2RIw89R15ytYBERO/R1mM+TCaMp7tFk3G9wNbkjaNPxQh4td 10 | 7mf4HExstLWy7LIGgQdsZWn4zcOH6SG4H82jZBNpRnp0L4T+tcDoRYYO2f6pOQm7 11 | k5ls05gjx50YeCUeVIwqqZYCoCao/NFJNDkL3GzBUes8Cvgx2s+oiZdpdcY4Nb0l 12 | z52CyHbVhqBcumbL5oirnLjTCLP+bKpb4CjafHZdYygYaZdSkbODIBbq17169g1j 13 | U7nqW0ryAH0= 14 | =sc+j 15 | -----END PGP PUBLIC KEY BLOCK----- 16 | 17 | -----BEGIN PGP SIGNED MESSAGE----- 18 | Hash: SHA256 19 | 20 | # Contributor License Agreement 21 | 22 | Version 1.0 23 | 24 | Name: Ian Culp 25 | 26 | E-Mail: icculp@gmail.com 27 | 28 | Legal Jurisdiction: Wyoming, United States of America 29 | 30 | Project: https://github.com/BlockchainCommons/Bitcoin-Standup-Scripts 31 | 32 | Date: 07/14/2021 33 | 34 | ## Purpose 35 | 36 | This agreement gives Blockchain Commons, LLC the permission it needs in order to accept my contributions into its open software project and to manage the intellectual property in that project over time. 37 | 38 | ## License 39 | 40 | I hereby license Blockchain Commons, LLC to: 41 | 42 | 1. do anything with my contributions that would otherwise infringe my copyright in them 43 | 44 | 2. do anything with my contributions that would otherwise infringe patents that I can or become able to license 45 | 46 | 3. sublicense these rights to others on any terms they like 47 | 48 | ## Reliability 49 | 50 | I understand that Blockchain Commons will rely on this license. I may not revoke this license. 51 | 52 | ## Awareness 53 | 54 | I promise that I am familiar with legal rules, like ["work made for hire" rules](http://worksmadeforhire.com), that can give employers and clients ownership of intellectual property in work that I do. I am also aware that legal agreements I might sign, like confidential information and invention assignment agreements, will usually give ownership of intellectual property in my work to employers, clients, and companies that I found. If someone else owns intellectual property in my work, I need their permission to license it. 55 | 56 | ## Copyright Guarantee 57 | 58 | I promise not to offer contributions to the project that contain copyrighted work that I do not have legally binding permission to contribute under these terms. When I offer a contribution with permission, I promise to document in the contribution who owns copyright in what work, and how they gave permission to contribute it. If I later become aware that one of my contributions may have copyrighted work of others that I did not have permission to contribute, I will notify Blockchain Commons, in confidence, immediately. 59 | 60 | ## Patent Guarantee 61 | 62 | I promise not to offer contributions to the project that I know infringe patents of others that I do not have permission to contribute under these terms. 63 | 64 | ## Open Source Guarantee 65 | 66 | I promise not to offer contributions that contain or depend on the work of others, unless that work is available under a license that [Blue Oak Council rates bronze or better](https://blueoakconcil.org/list), such as the MIT License, two- or three-clause BSD License, the Apache License Version 2.0, or the Blue Oak Model License 1.0.0. When I offer a contribution containing or depending on others' work, I promise to document in the contribution who licenses that work, along with copies of their license terms. 67 | 68 | ## Disclaimers 69 | 70 | ***As far as the law allows, my contributions come as is, without any warranty or condition. Other than under [Copyright Guarantee](#copyright-guarantee), [Patent Guarantee](#patent-guarantee), or [Open Source Guarantee](#open-source-guarantee), I will not be liable to anyone for any damages related to my contributions or this contributor license agreement, under any kind of legal claim.*** 71 | 72 | - --- 73 | 74 | To sign this Contributor License Agreement, fill in `$name`, `$email`, and `$date` above. Then sign using GPG using the following command `gpg --armor --clearsign --output ./signed-cla/CLA.YOURGITHUBNAME.YOURGPGFINGERPRINT.asc CLA.md`, then either submit your signed Contributor License Agreement to this repo as a GPG signed Pull Request or email it to [ChristopherA@BlockchainCommons.com](mailto:ChristopherA@BlockchainCommons.com). 75 | -----BEGIN PGP SIGNATURE----- 76 | Version: GnuPG v1 77 | 78 | iQEcBAEBCAAGBQJg7x7bAAoJEEzhMayhJCnMtXoIAK9ZAgLfubtalQzd5YNnfIfD 79 | pAgMR+JDJZ3sUYy6KkAFu1eLzVCbzPaCHyR3dbuJTpAMU0pRcQktvCSrhEei3+d1 80 | +3OMYeB7veZPv1/jUb1F4vo5gC53zAt9T2vxJwspY33OY0bOmtyUK9QilXHIX/3u 81 | UOtf9KYPnfkzgyXqJIbGwEvShBoegpcvPj5qVx2Jan5bpc4Q9eB8vfM7WYLiRqP9 82 | gJUuZo/DWBmWdKDLC8IuPVB5wKgWWYkxKyQW2AI2JZvlnCf2Wp3m+6ioaQ9rA/0L 83 | Qahr8Q7S3Q5bv59xDkQmFYhs5am3PwBurb7NmxbPYs9S4UvQRQIlmEA6wyaaSFo= 84 | =PXDd 85 | -----END PGP SIGNATURE----- 86 | -------------------------------------------------------------------------------- /CLA-signed/CLA.nochiel.45EA5C819B7EE915C2A27C64444411907BE883D.asc: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP SIGNED MESSAGE----- 2 | Hash: SHA256 3 | 4 | # Contributor License Agreement 5 | 6 | Version 1.0 7 | 8 | Name: Nicholas Ochiel 9 | 10 | E-Mail: nochiel@users.noreply.github.com 11 | 12 | Legal Jurisdiction: Wyoming, United States of America 13 | 14 | Project: https://github.com/BlockchainCommons/Bitcoin-Standup-Scripts 15 | 16 | Date: 2021-07-17 17 | 18 | ## Purpose 19 | 20 | This agreement gives Blockchain Commons, LLC the permission it needs in order to accept my contributions into its open software project and to manage the intellectual property in that project over time. 21 | 22 | ## License 23 | 24 | I hereby license Blockchain Commons, LLC to: 25 | 26 | 1. do anything with my contributions that would otherwise infringe my copyright in them 27 | 28 | 2. do anything with my contributions that would otherwise infringe patents that I can or become able to license 29 | 30 | 3. sublicense these rights to others on any terms they like 31 | 32 | ## Reliability 33 | 34 | I understand that Blockchain Commons will rely on this license. I may not revoke this license. 35 | 36 | ## Awareness 37 | 38 | I promise that I am familiar with legal rules, like ["work made for hire" rules](http://worksmadeforhire.com), that can give employers and clients ownership of intellectual property in work that I do. I am also aware that legal agreements I might sign, like confidential information and invention assignment agreements, will usually give ownership of intellectual property in my work to employers, clients, and companies that I found. If someone else owns intellectual property in my work, I need their permission to license it. 39 | 40 | ## Copyright Guarantee 41 | 42 | I promise not to offer contributions to the project that contain copyrighted work that I do not have legally binding permission to contribute under these terms. When I offer a contribution with permission, I promise to document in the contribution who owns copyright in what work, and how they gave permission to contribute it. If I later become aware that one of my contributions may have copyrighted work of others that I did not have permission to contribute, I will notify Blockchain Commons, in confidence, immediately. 43 | 44 | ## Patent Guarantee 45 | 46 | I promise not to offer contributions to the project that I know infringe patents of others that I do not have permission to contribute under these terms. 47 | 48 | ## Open Source Guarantee 49 | 50 | I promise not to offer contributions that contain or depend on the work of others, unless that work is available under a license that [Blue Oak Council rates bronze or better](https://blueoakconcil.org/list), such as the MIT License, two- or three-clause BSD License, the Apache License Version 2.0, or the Blue Oak Model License 1.0.0. When I offer a contribution containing or depending on others' work, I promise to document in the contribution who licenses that work, along with copies of their license terms. 51 | 52 | ## Disclaimers 53 | 54 | ***As far as the law allows, my contributions come as is, without any warranty or condition. Other than under [Copyright Guarantee](#copyright-guarantee), [Patent Guarantee](#patent-guarantee), or [Open Source Guarantee](#open-source-guarantee), I will not be liable to anyone for any damages related to my contributions or this contributor license agreement, under any kind of legal claim.*** 55 | 56 | - --- 57 | 58 | To sign this Contributor License Agreement, fill in `$name`, `$email`, and `$date` above. Then sign using GPG using the following command `gpg --armor --clearsign --output ./signed-cla/CLA.YOURGITHUBNAME.YOURGPGFINGERPRINT.asc CLA.md`, then either submit your signed Contributor License Agreement to this repo as a GPG signed Pull Request or email it to [ChristopherA@BlockchainCommons.com](mailto:ChristopherA@BlockchainCommons.com). 59 | -----BEGIN PGP SIGNATURE----- 60 | 61 | iQEzBAEBCAAdFiEERepcgZt+6RXConxkREQRkHvog9kFAmDyBO8ACgkQREQRkHvo 62 | g9kiVAf+MS0MSbntRiXnAPmJa0g8nC6/tlV5NFq/xH4ZA3S6ju59CTcWVKWE3JkH 63 | lBtwOG8qMBZFevyKg7FI4AwDpERV2XnTxocMQRYn8MPTdO+yxHyojjAWFiVnykK6 64 | KTcSpC1kwzVKUQGs0yZUx+Vw/o/efDpmuPgAAHuC1E2ph1iUWkOX6nGjqh90dydS 65 | atkP75fXrIXDP4IfX3hZYasEof7nZKG4gUSsju1VsXV3iqV8GlDKEA0NAOrVa4Tl 66 | O3R+VTaz4n4/YjiSjVtdoQBPpvhohwldHZWuSTqTxV+cu6OckApwE2ICb9HXHSvs 67 | IqvmPrHOOZ/yS1A1HLKhVjJLIvHL9w== 68 | =TlUN 69 | -----END PGP SIGNATURE----- 70 | -------------------------------------------------------------------------------- /CLA-signed/cla.fonta1n3.3B3797FA0AE84BE5B4406591856401D7121C32FC.asc: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP SIGNED MESSAGE----- 2 | Hash: SHA256 3 | 4 | # Contributor License Agreement 5 | 6 | Version 1.0 7 | 8 | Name: Peter Denton 9 | 10 | E-Mail: fontainedenton@gmail.com 11 | 12 | Legal Jurisdiction: Wyoming, United States of America 13 | 14 | Project: https://github.com/BlockchainCommons/Bitcoin-StandUp-Scripts 15 | 16 | Date: 2020 Feb 13 17 | 18 | ## Purpose 19 | 20 | This agreement gives Blockchain Commons, LLC the permission it needs in order to accept my contributions into its open software project and to manage the intellectual property in that project over time. 21 | 22 | ## License 23 | 24 | I hereby license Blockchain Commons, LLC to: 25 | 26 | 1. do anything with my contributions that would otherwise infringe my copyright in them 27 | 28 | 2. do anything with my contributions that would otherwise infringe patents that I can or become able to license 29 | 30 | 3. sublicense these rights to others on any terms they like 31 | 32 | ## Reliability 33 | 34 | I understand that Blockchain Commons will rely on this license. I may not revoke this license. 35 | 36 | ## Awareness 37 | 38 | I promise that I am familiar with legal rules, like ["work made for hire" rules](http://worksmadeforhire.com), that can give employers and clients ownership of intellectual property in work that I do. I am also aware that legal agreements I might sign, like confidential information and invention assignment agreements, will usually give ownership of intellectual property in my work to employers, clients, and companies that I found. If someone else owns intellectual property in my work, I need their permission to license it. 39 | 40 | ## Copyright Guarantee 41 | 42 | I promise not to offer contributions to the project that contain copyrighted work that I do not have legally binding permission to contribute under these terms. When I offer a contribution with permission, I promise to document in the contribution who owns copyright in what work, and how they gave permission to contribute it. If I later become aware that one of my contributions may have copyrighted work of others that I did not have permission to contribute, I will notify Blockchain Commons, in confidence, immediately. 43 | 44 | ## Patent Guarantee 45 | 46 | I promise not to offer contributions to the project that I know infringe patents of others that I do not have permission to contribute under these terms. 47 | 48 | ## Open Source Guarantee 49 | 50 | I promise not to offer contributions that contain or depend on the work of others, unless that work is available under a license that [Blue Oak Council rates bronze or better](https://blueoakconcil.org/list), such as the MIT License, two- or three-clause BSD License, the Apache License Version 2.0, or the Blue Oak Model License 1.0.0. When I offer a contribution containing or depending on others' work, I promise to document in the contribution who licenses that work, along with copies of their license terms. 51 | 52 | ## Disclaimers 53 | 54 | ***As far as the law allows, my contributions come as is, without any warranty or condition. Other than under [Copyright Guarantee](#copyright-guarantee), [Patent Guarantee](#patent-guarantee), or [Open Source Guarantee](#open-source-guarantee), I will not be liable to anyone for any damages related to my contributions or this contributor license agreement, under any kind of legal claim.*** 55 | 56 | - --- 57 | 58 | To sign this Contributor License Agreement, fill in `$name`, `$email`, and `$date` above. Then sign using GPG using the following command `gpg --armor --clearsign --output cla.YOURGITHUBNAME.YOURGPGFINGERPRINT.asc CLA.md`, then either submit your signed Contributor License Agreement to this repo as a GPG signed Pull Request or email it to [ChristopherA@BlockchainCommons.com](mailto:ChristopherA@BlockchainCommons.com). 59 | -----BEGIN PGP SIGNATURE----- 60 | 61 | iQIzBAEBCAAdFiEEOzeX+groS+W0QGWRhWQB1xIcMvwFAl5ErakACgkQhWQB1xIc 62 | MvzY9g//ccSF8YB/lZv6uckC4HyvYPKZV4S5+5PmocivnOQoHmKEL6bkcMSrOJRX 63 | L6vXElz746kxpK47pEU6+y9qkORLyUqRMX9QL7Yb/rzcfhVbrUkkzhmXcNGCxpoA 64 | TysuZ5BeBt/wCtsm4Joo/A+J670TZYM8PTacOkHR8EToVZwkhVBB59psABxnGUra 65 | h0l7CEZyv9d+DRJQHB+NzHWGF727doc484Oh3QoOvvK3nOleOQYVsRiaJbUyXozj 66 | voGJhSF5MJwo5utWsGR6/90vc/Lagg2Z8WshZyXQAugzqXFUoZ0O7ztw5QNZfTri 67 | foRXBfbV4bGRdXxhlcADPH7iMObPyeHL/J84O9Nq6eas672pbwWb6paO9iLAd14r 68 | 9t1+7QTzmfMaedhT+Munl0PbpAuFp6S58uUQXzp73/jv5L8iE205vxs4/PeGm0Ur 69 | QFtw7JjbhrfkKoUGfiWMIimh9fDeSteYZGOmH7HwT4unC2p8CnJ2+oLhjxaLg/Az 70 | 0F1cM9EDaw6HT81O4GuU4RKl2PJJd92/ZgpDLAStj+S+YgNQUcalpERKaawEWvrw 71 | Fm+ew7ClCTwuS8/flNOpZszdeRGmy3SNwriiRqpLeyehYT04eRykqaZHHDeKW6R8 72 | zxhi5361sJkNAZiSN5X8JE1Ag0B7t9XBtLw9Nzu0i0uq0qGuT18= 73 | =q3gB 74 | -----END PGP SIGNATURE----- 75 | -------------------------------------------------------------------------------- /CLA-signed/cla.shannona.7EC6B928606F27AD.asc: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP SIGNED MESSAGE----- 2 | Hash: SHA256 3 | 4 | # Contributor License Agreement 5 | 6 | Version 1.0 7 | 8 | Name: Shannon Appelcline 9 | 10 | E-Mail: shannon.appelcline@gmail.com 11 | 12 | Legal Jurisdiction: Wyoming, United States of America 13 | 14 | Project: https://github.com/BlockchainCommons/Bitcoin-StandUp-Scripts 15 | 16 | Date: 4/28/2020 17 | 18 | ## Purpose 19 | 20 | This agreement gives Blockchain Commons, LLC the permission it needs in order to accept my contributions into its open software project and to manage the intellectual property in that project over time. 21 | 22 | ## License 23 | 24 | I hereby license Blockchain Commons, LLC to: 25 | 26 | 1. do anything with my contributions that would otherwise infringe my copyright in them 27 | 28 | 2. do anything with my contributions that would otherwise infringe patents that I can or become able to license 29 | 30 | 3. sublicense these rights to others on any terms they like 31 | 32 | ## Reliability 33 | 34 | I understand that Blockchain Commons will rely on this license. I may not revoke this license. 35 | 36 | ## Awareness 37 | 38 | I promise that I am familiar with legal rules, like ["work made for hire" rules](http://worksmadeforhire.com), that can give employers and clients ownership of intellectual property in work that I do. I am also aware that legal agreements I might sign, like confidential information and invention assignment agreements, will usually give ownership of intellectual property in my work to employers, clients, and companies that I found. If someone else owns intellectual property in my work, I need their permission to license it. 39 | 40 | ## Copyright Guarantee 41 | 42 | I promise not to offer contributions to the project that contain copyrighted work that I do not have legally binding permission to contribute under these terms. When I offer a contribution with permission, I promise to document in the contribution who owns copyright in what work, and how they gave permission to contribute it. If I later become aware that one of my contributions may have copyrighted work of others that I did not have permission to contribute, I will notify Blockchain Commons, in confidence, immediately. 43 | 44 | ## Patent Guarantee 45 | 46 | I promise not to offer contributions to the project that I know infringe patents of others that I do not have permission to contribute under these terms. 47 | 48 | ## Open Source Guarantee 49 | 50 | I promise not to offer contributions that contain or depend on the work of others, unless that work is available under a license that [Blue Oak Council rates bronze or better](https://blueoakconcil.org/list), such as the MIT License, two- or three-clause BSD License, the Apache License Version 2.0, or the Blue Oak Model License 1.0.0. When I offer a contribution containing or depending on others' work, I promise to document in the contribution who licenses that work, along with copies of their license terms. 51 | 52 | ## Disclaimers 53 | 54 | ***As far as the law allows, my contributions come as is, without any warranty or condition. Other than under [Copyright Guarantee](#copyright-guarantee), [Patent Guarantee](#patent-guarantee), or [Open Source Guarantee](#open-source-guarantee), I will not be liable to anyone for any damages related to my contributions or this contributor license agreement, under any kind of legal claim.*** 55 | 56 | - --- 57 | 58 | To sign this Contributor License Agreement, fill in `$name`, `$email`, and `$date` above. Then sign using GPG using the following command `gpg --armor --clearsign --output cla.YOURGITHUBNAME.YOURGPGFINGERPRINT.asc CLA.md`, then either submit your signed Contributor License Agreement to this repo as a GPG signed Pull Request or email it to [ChristopherA@BlockchainCommons.com](mailto:ChristopherA@BlockchainCommons.com). 59 | -----BEGIN PGP SIGNATURE----- 60 | 61 | iQIzBAEBCAAdFiEEpIiaCfmBnYwFQARQfsa5KGBvJ60FAl6oodsACgkQfsa5KGBv 62 | J61D/w//V1E+eRhpvuuTwwKtcFFNoW6J3YpOqTYYL5zj2I6pEzTJgazd7Vry0A0E 63 | gxa2fa4VmymoE5XH/6OrtDIAjEP10fsPPRjYtU8fkG2Qckv+3luJZHh8YRsTO64R 64 | O8zNgIFtThdziVGP4OgbOHIM2mYpok1ZJ7X+itKbvk3vtD9DbtxYFE5OZAdEzphN 65 | YHWj8IVmQAsgxvX+ZMYFOdQ1Oqi1+foZ/BuY+x87sLYarf7N5XEvyaDIavuP8AFZ 66 | i9Uwj+6IWNnhzKU/pDzdLU/NrP5q6wdZvnhIjX4QibWdzGiEqM2d7yb4ysvHBagK 67 | 4+gFS2ei/TKzlF3+AgRM6OW1wP20ERHaNd9PM2gqzSfVlmmFuMs7LMUQGSRoZtq6 68 | FERphN1s3UABjQTlXkR/61Ja23QlHVjiUfBCcecXWTfEPT4TEKLuRWSRotre5+eN 69 | eEOr45hB8eIlFo2ZxqF99zbTluZcP/iEndeAF3gTFFH00EODXJG79LGPaWsw+Q2H 70 | qHUaiVhlGlRVSnjXLnvKeE4hpgKbXTLwL8ZjZBdm3WWEzTzEFNwSvUrEHkBlqbDq 71 | ohZse1tNKjYk4a3V4+ZS2yFFrtR+T6MEbrHrkQ31I6tEMsejNyqkhf0PcwZrhu6u 72 | kveBODPKX4RmW7otG2IsCOigHB4rc9qeDMKeA0oJdGAAbU5fksA= 73 | =Vr0W 74 | -----END PGP SIGNATURE----- 75 | -------------------------------------------------------------------------------- /CLA.md: -------------------------------------------------------------------------------- 1 | # Contributor License Agreement 2 | 3 | Version 1.0 4 | 5 | Name: `$name` 6 | 7 | E-Mail: `$email` 8 | 9 | Legal Jurisdiction: Wyoming, United States of America 10 | 11 | Project: https://github.com/BlockchainCommons/Bitcoin-Standup-Scripts 12 | 13 | Date: `$date` 14 | 15 | ## Purpose 16 | 17 | This agreement gives Blockchain Commons, LLC the permission it needs in order to accept my contributions into its open software project and to manage the intellectual property in that project over time. 18 | 19 | ## License 20 | 21 | I hereby license Blockchain Commons, LLC to: 22 | 23 | 1. do anything with my contributions that would otherwise infringe my copyright in them 24 | 25 | 2. do anything with my contributions that would otherwise infringe patents that I can or become able to license 26 | 27 | 3. sublicense these rights to others on any terms they like 28 | 29 | ## Reliability 30 | 31 | I understand that Blockchain Commons will rely on this license. I may not revoke this license. 32 | 33 | ## Awareness 34 | 35 | I promise that I am familiar with legal rules, like ["work made for hire" rules](http://worksmadeforhire.com), that can give employers and clients ownership of intellectual property in work that I do. I am also aware that legal agreements I might sign, like confidential information and invention assignment agreements, will usually give ownership of intellectual property in my work to employers, clients, and companies that I found. If someone else owns intellectual property in my work, I need their permission to license it. 36 | 37 | ## Copyright Guarantee 38 | 39 | I promise not to offer contributions to the project that contain copyrighted work that I do not have legally binding permission to contribute under these terms. When I offer a contribution with permission, I promise to document in the contribution who owns copyright in what work, and how they gave permission to contribute it. If I later become aware that one of my contributions may have copyrighted work of others that I did not have permission to contribute, I will notify Blockchain Commons, in confidence, immediately. 40 | 41 | ## Patent Guarantee 42 | 43 | I promise not to offer contributions to the project that I know infringe patents of others that I do not have permission to contribute under these terms. 44 | 45 | ## Open Source Guarantee 46 | 47 | I promise not to offer contributions that contain or depend on the work of others, unless that work is available under a license that [Blue Oak Council rates bronze or better](https://blueoakconcil.org/list), such as the MIT License, two- or three-clause BSD License, the Apache License Version 2.0, or the Blue Oak Model License 1.0.0. When I offer a contribution containing or depending on others' work, I promise to document in the contribution who licenses that work, along with copies of their license terms. 48 | 49 | ## Disclaimers 50 | 51 | ***As far as the law allows, my contributions come as is, without any warranty or condition. Other than under [Copyright Guarantee](#copyright-guarantee), [Patent Guarantee](#patent-guarantee), or [Open Source Guarantee](#open-source-guarantee), I will not be liable to anyone for any damages related to my contributions or this contributor license agreement, under any kind of legal claim.*** 52 | 53 | --- 54 | 55 | To sign this Contributor License Agreement, fill in `$name`, `$email`, and `$date` above. Then sign using GPG using the following command `gpg --armor --clearsign --output ./CLA-signed/CLA.YOURGITHUBNAME.YOURGPGFINGERPRINT.asc CLA.md`, then either submit your signed Contributor License Agreement to this repo as a GPG signed Pull Request or email it to [ChristopherA@BlockchainCommons.com](mailto:ChristopherA@BlockchainCommons.com). 56 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # Owner of everything! 2 | * @ChristopherA 3 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | We love your input! We want to make contributing to this project as easy and transparent as possible, whether it's: 4 | 5 | - Reporting a bug 6 | - Discussing the current state of the code 7 | - Submitting a fix 8 | - Proposing new features 9 | - Becoming a maintainer 10 | 11 | ## We Develop with Github 12 | We use GitHub to host code, to track issues and feature requests, and to accept Pull Requests. 13 | 14 | ## Report Bugs using Github's [issues](https://github.com/briandk/transcriptase-atom/issues) 15 | 16 | If you find bugs, mistakes, or inconsistencies in this project's code or documents, please let us know by [opening a new issue](./issues), but consider searching through existing issues first to check and see if the problem has already been reported. If it has, it never hurts to add a quick "+1" or "I have this problem too". This helps prioritize the most common problems and requests. 17 | 18 | ### Write Bug Reports with Detail, Background, and Sample Code 19 | 20 | [This is an example](http://stackoverflow.com/q/12488905/180626) of a good bug report by @briandk. Here's [another example from craig.hockenberry](http://www.openradar.me/11905408). 21 | 22 | **Great Bug Reports** tend to have: 23 | 24 | - A quick summary and/or background 25 | - Steps to reproduce 26 | - Be specific! 27 | - Give sample code if you can. [The stackoverflow bug report](http://stackoverflow.com/q/12488905/180626) includes sample code that *anyone* with a base R setup can run to reproduce what I was seeing 28 | - What you expected would happen 29 | - What actually happens 30 | - Notes (possibly including why you think this might be happening, or stuff you tried that didn't work) 31 | 32 | People *love* thorough bug reports. I'm not even kidding. 33 | 34 | ## Submit Code Changes through Pull Requests 35 | 36 | Simple Pull Requests to fix typos, to document, or to fix small bugs are always welcome. 37 | 38 | We ask that more significant improvements to the project be first proposed before anybody starts to code as an [issue](./issues) or as a [draft Pull Request](./pulls), which is a [nice new feature](https://github.blog/2019-02-14-introducing-draft-pull-requests/) that gives other contributors a chance to point you in the right direction, give feedback on the design, and maybe discuss if related work is already under way. 39 | 40 | ### Use a Consistent Coding Style 41 | 42 | * We indent using two spaces (soft tabs) 43 | * We ALWAYS put spaces after list items and method parameters ([1, 2, 3], not [1,2,3]), around operators (x += 1, not x+=1), and around hash arrows. 44 | * This is open-source software. Consider the people who will read your code, and make it look nice for them. It's sort of like driving a car: Perhaps you love doing donuts when you're alone, but with passengers the goal is to make the ride as smooth as possible. 45 | 46 | ### Use [Github Flow](https://guides.github.com/introduction/flow/index.html) for Pull Requests 47 | 48 | We use [Github Flow](https://guides.github.com/introduction/flow/index.html). When you submit Pull Requests, please: 49 | 50 | 1. Fork the repo and create your branch from `master`. 51 | 2. If you've added code that should be tested, add tests. 52 | 3. If you've changed APIs, update the documentation. 53 | 4. Ensure the test suite passes. 54 | 5. Make sure your code lints. 55 | 6. Issue that Pull Request! 56 | 57 | ### Submit Under the BSD-2-Clause Plus Patent License 58 | 59 | In short, when you submit code changes, your submissions are understood to be available under the same [BSD-2-Clause Plus Patent License](./LICENSE.md) that covers the project. We also ask all code contributors to GPG sign the [Contributor License Agreement (CLA.md)](./CLA.md) to protect future users of this project. Feel free to contact the maintainers if that's a concern. 60 | 61 | ## References 62 | 63 | Portions of this CONTRIBUTING.md document were adopted from best practices of a number of open source projects, including: 64 | * [Facebook's Draft](https://github.com/facebook/draft-js/blob/a9316a723f9e918afde44dea68b5f9f39b7d9b00/CONTRIBUTING.md) 65 | * [IPFS Contributing](https://github.com/ipfs/community/blob/master/CONTRIBUTING.md) 66 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | BSD-2-Clause Plus Patent License 3 | 4 | SPDX-License-Identifier: [BSD-2-Clause-Patent](https://spdx.org/licenses/BSD-2-Clause-Patent.html) 5 | 6 | Copyright © 2019 Blockchain Commons, LLC 7 | 8 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 9 | 10 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 11 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 12 | Subject to the terms and conditions of this license, each copyright holder and contributor hereby grants to those receiving rights under this license a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except for failure to satisfy the conditions of this license) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer this software, where such license applies only to those patent claims, already acquired or hereafter acquired, licensable by such copyright holder or contributor that are necessarily infringed by: 13 | 14 | (a) their Contribution(s) (the licensed copyrights of copyright holders and non-copyrightable additions of contributors, in source or binary form) alone; or 15 | (b) combination of their Contribution(s) with the work of authorship to which such Contribution(s) was added by such copyright holder or contributor, if, at the time the Contribution is added, such addition causes such combination to be necessarily infringed. The patent license shall not apply to any other combinations which include the Contribution. 16 | Except as expressly stated above, no rights or licenses from any copyright holder or contributor is granted under this license, whether expressly, by implication, estoppel or otherwise. 17 | 18 | DISCLAIMER 19 | 20 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 21 | 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 🛠 Bitcoin-Standup Linux Scripts 2 | ### _by Peter Denton, Shannon Appelcline, and Christopher Allen_ 3 | 4 | This script installs the latest stable version of Tor, Bitcoin Core, Uncomplicated Firewall (UFW), Debian updates, enables automatic updates for Debian for good security practices, installs a random number generator, and optionally a QR encoder and an image displayer. 5 | 6 | ## Additional Information 7 | 8 | For more information on *Bitcoin-Standup*: 9 | 10 | 1. The [Main *Bitcoin-Standup* Repo](https://github.com/BlockchainCommons/Bitcoin-Standup) contains general information on the project. 11 | 2. [Why Run a Full Node?](https://github.com/BlockchainCommons/Gordian/blob/master/Docs/Why-Full.md) details why you would want to run a full node in the first place. 12 | 3. [Security for Bitcoin-Standup](https://github.com/BlockchainCommons/Gordian/blob/master/Docs/Security.md) offers notes on ensuring the security of your *Bitcoin-Standup* node. 13 | 14 | ## Status — Work-in-Progress (0.8) 15 | 16 | The *Bitcoin-Standup-Scripts* are updated every year or two for the newest versions of Bitcoin and Debian, and so remain a work-in-progress. We're also working toward improving the modularity of various plug-ins that could be installed. 17 | 18 | ## Version History 19 | 20 | ### 0.8.0, October 6, 2021 21 | 22 | * Added Cypherpunkpay Installation, courtesy of [@nochiel](https://github.com/nochiel) and sponsorship from [HRF](https://hrf.org/). 23 | * Updated scripts to Bitcoin Core 22.0 24 | 25 | ## Installation Instructions 26 | 27 | There are two linux based StandUp scripts; `StandUp.sh` and `LinodeStandUp.sh`. 28 | 29 | * `LinodeStandUp.sh` is built as a StackScript for the Linode platform and can be used as is. It's been tested on Debian 12 (Bookworm), with previous versions tested on Debian 9 (Stretch), Debian 10 (Buster) and Debian 11 (Bullseye). 30 | * `StandUp.sh` can be used on a Debian VPS and has been tested on Debian 12 (Bookworm), with previous versions tested on Debian 9 (Stretch), Debian 11 (Bullseye) and Ubuntu 18.04. 31 | 32 | You will use different installation methods depending on which script you use (or if you want to run the installation entirely by hand) 33 | 34 | ### Method One: Install Using `Standup.sh` 35 | 36 | In order to run this script you need to be logged in as root, and enter in the commands listed below. 37 | The `$` represents a terminal command prompt; do not actually type in a `$`. 38 | 39 | 1. Give the root user a password: 40 | `$ sudo passwd` 41 | 42 | 2. Switch to the root user: 43 | `$ su - root` 44 | 45 | 3. Create the file for the script: 46 | `$ nano standup.sh` 47 | 48 | - Nano is a text editor that works in a terminal, you need to paste the entire contents of the [Standup script](Scripts/StandUp.sh) into your terminal after running the above command. Then you can type: 49 | - `control x` (this starts to exit nano) 50 | - `y` (this confirms you want to save the file) 51 | - `return` (just press enter to confirm you want to save and exit) 52 | 53 | 4. Make sure the script is executable: 54 | `$ chmod +x standup.sh` 55 | 56 | 5. Run the script with the optional arguments like : 57 | `$ ./standup.sh "" "" "" "" ""` 58 | - It is highly recommended to add a `Tor V3 pubkey` for cookie authentication, so that even if your QR code is compromised an attacker would not be able to access your node. 59 | - The `node type` is "Mainnet", "Pruned Mainnet", "Testnet", "Pruned Testnet", or "Private Regtest", default is "Pruned Testnet". 60 | - If you supply a `SSH_KEY` in the arguments, you will be able to easily access your node via SSH using your rsa pubkey. 61 | - If you add `SYS_SSH_IP`, you host willl only accept SSH connections from those IPs. 62 | - The `password` is used for a user called `standup`. 63 | 64 | ### Method Two: Install Using `LinodeStandup.sh` 65 | 66 | The `LinodeStandup.sh` script is intended for use at [Linode.com](https://linode.com). You can find more precise information on using it from our [Learning Bitcoin from the Command Line course](https://github.com/BlockchainCommons/Learning-Bitcoin-from-the-Command-Line/blob/master/02_1_Setting_Up_a_Bitcoin-Core_VPS_with_StackScript.md). The following is a summary. 67 | 68 | First, copy the `LinodeStandup.sh` script to your Linode: 69 | 70 | 1. Copy the complete [LinodeStandup.sh script](https://github.com/BlockchainCommons/Bitcoin-Standup-Scripts/blob/master/Scripts/LinodeStandUp.sh). 71 | 2. Go to the [Stackscripts page](https://cloud.linode.com/stackscripts?type=account) on your Linode account; choose [Create New Stackscript](https://cloud.linode.com/stackscripts/create) 72 | 3. Paste `LinodeStandup.sh` into the "Script" area. Make sure you got it all, from the "#!/bin/bash" to the "exit 1"! 73 | 4. Choose "Debian 12" (Bookworm) for the "Target Images". 74 | 5. Click "Save". 75 | 76 | Second, create a node based on the script: 77 | 78 | 6. On the [Stackscripts page](https://cloud.linode.com/stackscripts?type=account), click on the "..." to the right of your new script and choose "Deploy New Linode". 79 | 7. Fill in a hostname and the password for the "standup" user. 80 | 8. Choose an Installation Type in your options. This is likely "Mainnet" or "Pruned Mainnet" if you are setting up a node for usage and "Pruned Testnet" if you're just playing around. 81 | 9. Fill in any other advanced options. 82 | 10. Choose a region for where the Linode will be located. 83 | 11. Choose a Linnode plan. Our general experience is that a Linode 8GB is needed to store the whole blockchain if you choose unpruned "Mainnet", while for testnet and the pruned options (and regtest) you'll instead be dependent on memory, where a Linode 4GB will definitely be sufficient, and a Linode 2GB has worked or not on various versions of Bitcoin Core. (If it fails, you'll get out-of-memory errors.) For deployment you may wish to use "Dedicated CPU", but for everything else a "Shared CPU" should be sufficient. 84 | 12. Enter a root password. 85 | 13. Click "Create". 86 | 87 | ### Method Three: Install by Hand (Not Recommended) 88 | 89 | Finally, if you prefer, you can install all of the packages for *Bitcoin-Standup* by hand. The [Learning Bitcoin from the Command Line](https://github.com/ChristopherA/Learning-Bitcoin-from-the-Command-Line) course has [instructions on how to do so](https://github.com/BlockchainCommons/Learning-Bitcoin-from-the-Command-Line/blob/master/02_2_Setting_Up_Bitcoin_Core_Other.md), but those methodologies will only install a full node, not include `tor` and not linking with the Quick Connect API. As such, this methodology is not recommended, but is simply included to provide you with the widest breadth of options. 90 | 91 | Because this by-hand methodology does not embody the full *Bitcoin-Standup* protocol, the following notes on what to do next do not apply. 92 | 93 | ### After Installation 94 | 95 | By default the scripts set up a pruned testnet node and a Tor V3 hidden service controlling your `rpcport` and enable the firewall to only allow incoming connections for SSH. Tor and Bitcoin Core are set up as `systemd` services so that they start automatically after crashes or reboots. 96 | 97 | 1. You should check the *Bitcoin-Standup* logs to ensure that the installation went correctly: 98 | `$ cat /standup.err` 99 | `$ cat /standup.log` 100 | 101 | 2. You can now scan a QR code from *Bitcoin-Standup* to link to a remote app such as [FullyNoded 2](https://github.com/BlockchainCommons/FullyNoded-2). There are two ways to do so. 102 | * A `btcstandup://` uri appears in plain text in the `/standup.log`. You can convert that to a QR Code. 103 | * Alternatively, you can directly access `/qrcode.png`, which you can open and scan. One way to do so is to `sudo apt-get install fim` then `fim -a qrcode.png` to display the QR in a terminal (as root). 104 | 105 | 3. After reviewing your logs and accessing your QR code, you should remove the `/btcstandup.uri`, `/qrcode.png`, `/standup.log`, and `/standup.err` files. 106 | 107 | ``` 108 | rm -R -f standup.log 109 | rm -R -f standup.err 110 | rm -R -f btcstandup.uri 111 | rm -R -f qrcode.png 112 | ``` 113 | 114 | ## Installation Instructions Cypherpunkpay 115 | 116 | Version 0.8.0 of the Bitcoin Standup Scripts added support for [Cypherpunkpay installation](https://cypherpunkpay.org/). Cypherpunkpay may be installed by inputting four variables: 117 | 118 | * USECYPHERPUNKPAY ; set to YES 119 | * CPPLITE ; for a lighter installation, usually set to YES 120 | * XPUB ; the xpub for the wallet where you will receive your funds 121 | * CPPCAUSE ; the title for your Cyperpunkpay donations 122 | 123 | If you use the Linode Stackscript, you will be able to set these variables on the Stackscript deployment page; if you use the `.sh` scripts, you must find these lines in the script, uncomment them, and edit them as appropriate (particularly the `XPUB` and `CPPCAUSE` variables). 124 | 125 | After running the script, you can verify that Cypherpunkpay is running with `systemctl status cypherpunkpay`: 126 | ``` 127 | # systemctl status cypherpunkpay 128 | ● cypherpunkpay.service - CypherpunkPay 129 | Loaded: loaded (/lib/systemd/system/cypherpunkpay.service; enabled; vendor preset: enabled) 130 | Active: active (running) since Thu 2021-10-07 00:49:18 UTC; 1min 28s ago 131 | Main PID: 9136 (cypherpunkpay) 132 | Tasks: 37 (limit: 4680) 133 | Memory: 63.6M 134 | CPU: 1.404s 135 | CGroup: /system.slice/cypherpunkpay.service 136 | └─9136 /opt/venvs/cypherpunkpay/bin/python /usr/bin/cypherpunkpay 137 | ``` 138 | Once Cypherpunkpay is running, you will need to [integrate it into your website](https://cypherpunkpay.org/merchant/quick-start/). 139 | 140 | ## Financial Support 141 | 142 | *Bitcoin-Standup* is a project of [Blockchain Commons](https://www.blockchaincommons.com/). We are proudly a "not-for-profit" social benefit corporation committed to open source & open development. Our work is funded entirely by donations and collaborative partnerships with people like you. Every contribution will be spent on building open tools, technologies, and techniques that sustain and advance blockchain and internet security infrastructure and promote an open web. 143 | 144 | To financially support further development of *Bitcoin-Standup* and other projects, please consider becoming a Patron of Blockchain Commons through ongoing monthly patronage as a [GitHub Sponsor](https://github.com/sponsors/BlockchainCommons). You can also support Blockchain Commons with bitcoins at our [BTCPay Server](https://btcpay.blockchaincommons.com/). 145 | 146 | ## Contributing 147 | 148 | We encourage public contributions through issues and pull requests! Please review [CONTRIBUTING.md](./CONTRIBUTING.md) for details on our development process. All contributions to this repository require a GPG signed [Contributor License Agreement](./CLA.md). 149 | 150 | ### Discussions 151 | 152 | The best place to talk about Blockchain Commons and its projects is in our GitHub Discussions areas. 153 | 154 | [**Gordian User Community**](https://github.com/BlockchainCommons/Gordian/discussions). For users of the Gordian reference apps, including [Gordian Coordinator](https://github.com/BlockchainCommons/iOS-GordianCoordinator), [Gordian Seed Tool](https://github.com/BlockchainCommons/GordianSeedTool-iOS), [Gordian Server](https://github.com/BlockchainCommons/GordianServer-macOS), [Gordian Wallet](https://github.com/BlockchainCommons/GordianWallet-iOS), and [SpotBit](https://github.com/BlockchainCommons/spotbit) as well as our whole series of [CLI apps](https://github.com/BlockchainCommons/Gordian/blob/master/Docs/Overview-Apps.md#cli-apps). This is a place to talk about bug reports and feature requests as well as to explore how our reference apps embody the [Gordian Principles](https://github.com/BlockchainCommons/Gordian#gordian-principles). 155 | 156 | [**Blockchain Commons Discussions**](https://github.com/BlockchainCommons/Community/discussions). For developers, interns, and patrons of Blockchain Commons, please use the discussions area of the [Community repo](https://github.com/BlockchainCommons/Community) to talk about general Blockchain Commons issues, the intern program, or topics other than those covered by the [Gordian Developer Community](https://github.com/BlockchainCommons/Gordian-Developer-Community/discussions) or the 157 | [Gordian User Community](https://github.com/BlockchainCommons/Gordian/discussions). 158 | ### Other Questions & Problems 159 | 160 | As an open-source, open-development community, Blockchain Commons does not have the resources to provide direct support of our projects. Please consider the discussions area as a locale where you might get answers to questions. Alternatively, please use this repository's [issues](https://github.com/BlockchainCommons/Bitcoin-Standup-Scripts/issues) feature. Unfortunately, we can not make any promises on response time. 161 | 162 | If your company requires support to use our projects, please feel free to contact us directly about options. We may be able to offer you a contract for support from one of our contributors, or we might be able to point you to another entity who can offer the contractual support that you need. 163 | 164 | ### Credits 165 | 166 | The following people directly contributed to this repository. You can add your name here by getting involved. The first step is learning how to contribute from our [CONTRIBUTING.md](./CONTRIBUTING.md) documentation. 167 | 168 | | Name | Role | Github | Email | GPG Fingerprint | 169 | | ----------------- | ------------------- | ------------------------------------------------- | ----------------------------------------------------------- | -------------------------------------------------- | 170 | | Christopher Allen | Principal Architect | [@ChristopherA](https://github.com/ChristopherA) | \ | FDFE 14A5 4ECB 30FC 5D22 74EF F8D3 6C91 3574 05ED | 171 | | Peter Denton | Project Lead | [@Fonta1n3](https://github.com/Fonta1n3) | <[fonta1n3@protonmail.com](mailto:fonta1n3@protonmail.com)> | 3B37 97FA 0AE8 4BE5 B440 6591 8564 01D7 121C 32FC | 172 | 173 | ## Responsible Disclosure 174 | 175 | We want to keep all of our software safe for everyone. If you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner. We are unfortunately not able to offer bug bounties at this time. 176 | 177 | We do ask that you offer us good faith and use best efforts not to leak information or harm any user, their data, or our developer community. Please give us a reasonable amount of time to fix the issue before you publish it. Do not defraud our users or us in the process of discovery. We promise not to bring legal action against researchers who point out a problem provided they do their best to follow the these guidelines. 178 | 179 | ### Reporting a Vulnerability 180 | 181 | Please report suspected security vulnerabilities in private via email to ChristopherA@BlockchainCommons.com (do not use this email for support). Please do NOT create publicly viewable issues for suspected security vulnerabilities. 182 | 183 | The following keys may be used to communicate sensitive information to developers: 184 | 185 | | Name | Fingerprint | 186 | | ----------------- | -------------------------------------------------- | 187 | | Christopher Allen | FDFE 14A5 4ECB 30FC 5D22 74EF F8D3 6C91 3574 05ED | 188 | 189 | You can import a key by running the following command with that individual’s fingerprint: `gpg --recv-keys ""` Ensure that you put quotes around fingerprints that contain spaces. 190 | -------------------------------------------------------------------------------- /Scripts/.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Created by https://www.gitignore.io/api/swift,xcode,macos,carthage,cocoapods,objective-c 3 | # Edit at https://www.gitignore.io/?templates=swift,xcode,macos,carthage,cocoapods,objective-c 4 | 5 | ### Carthage ### 6 | # Carthage 7 | # 8 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 9 | Carthage/Checkouts 10 | 11 | Carthage/Build 12 | 13 | ### CocoaPods ### 14 | ## CocoaPods GitIgnore Template 15 | 16 | # CocoaPods - Only use to conserve bandwidth / Save time on Pushing 17 | # - Also handy if you have a large number of dependant pods 18 | # - AS PER https://guides.cocoapods.org/using/using-cocoapods.html NEVER IGNORE THE LOCK FILE 19 | Pods/ 20 | 21 | ### macOS ### 22 | # General 23 | .DS_Store 24 | .AppleDouble 25 | .LSOverride 26 | 27 | # Icon must end with two \r 28 | Icon 29 | 30 | # Thumbnails 31 | ._* 32 | 33 | # Files that might appear in the root of a volume 34 | .DocumentRevisions-V100 35 | .fseventsd 36 | .Spotlight-V100 37 | .TemporaryItems 38 | .Trashes 39 | .VolumeIcon.icns 40 | .com.apple.timemachine.donotpresent 41 | 42 | # Directories potentially created on remote AFP share 43 | .AppleDB 44 | .AppleDesktop 45 | Network Trash Folder 46 | Temporary Items 47 | .apdisk 48 | 49 | ### Objective-C ### 50 | # Xcode 51 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 52 | 53 | ## Build generated 54 | build/ 55 | DerivedData/ 56 | 57 | ## Various settings 58 | *.pbxuser 59 | !default.pbxuser 60 | *.mode1v3 61 | !default.mode1v3 62 | *.mode2v3 63 | !default.mode2v3 64 | *.perspectivev3 65 | !default.perspectivev3 66 | xcuserdata/ 67 | 68 | ## Other 69 | *.moved-aside 70 | *.xccheckout 71 | *.xcscmblueprint 72 | 73 | ## Obj-C/Swift specific 74 | *.hmap 75 | *.ipa 76 | *.dSYM.zip 77 | *.dSYM 78 | 79 | # CocoaPods 80 | # We recommend against adding the Pods directory to your .gitignore. However 81 | # you should judge for yourself, the pros and cons are mentioned at: 82 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control 83 | # Pods/ 84 | # Add this line if you want to avoid checking in source code from the Xcode workspace 85 | # *.xcworkspace 86 | 87 | # Carthage 88 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 89 | # Carthage/Checkouts 90 | 91 | 92 | # fastlane 93 | # It is recommended to not store the screenshots in the git repo. Instead, use fastlane to re-generate the 94 | # screenshots whenever they are needed. 95 | # For more information about the recommended setup visit: 96 | # https://docs.fastlane.tools/best-practices/source-control/#source-control 97 | 98 | fastlane/report.xml 99 | fastlane/Preview.html 100 | fastlane/screenshots/**/*.png 101 | fastlane/test_output 102 | 103 | # Code Injection 104 | # After new code Injection tools there's a generated folder /iOSInjectionProject 105 | # https://github.com/johnno1962/injectionforxcode 106 | 107 | iOSInjectionProject/ 108 | 109 | ### Objective-C Patch ### 110 | 111 | ### Swift ### 112 | # Xcode 113 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 114 | 115 | 116 | 117 | 118 | 119 | ## Playgrounds 120 | timeline.xctimeline 121 | playground.xcworkspace 122 | 123 | # Swift Package Manager 124 | # Add this line if you want to avoid checking in source code from Swift Package Manager dependencies. 125 | # Packages/ 126 | # Package.pins 127 | # Package.resolved 128 | .build/ 129 | # Add this line if you want to avoid checking in Xcode SPM integration. 130 | # .swiftpm/xcode 131 | 132 | # CocoaPods 133 | # We recommend against adding the Pods directory to your .gitignore. However 134 | # you should judge for yourself, the pros and cons are mentioned at: 135 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control 136 | # Pods/ 137 | # Add this line if you want to avoid checking in source code from the Xcode workspace 138 | # *.xcworkspace 139 | 140 | # Carthage 141 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 142 | # Carthage/Checkouts 143 | 144 | 145 | # Accio dependency management 146 | Dependencies/ 147 | .accio/ 148 | 149 | # fastlane 150 | # It is recommended to not store the screenshots in the git repo. Instead, use fastlane to re-generate the 151 | # screenshots whenever they are needed. 152 | # For more information about the recommended setup visit: 153 | # https://docs.fastlane.tools/best-practices/source-control/#source-control 154 | 155 | 156 | # Code Injection 157 | # After new code Injection tools there's a generated folder /iOSInjectionProject 158 | # https://github.com/johnno1962/injectionforxcode 159 | 160 | 161 | ### Xcode ### 162 | # Xcode 163 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 164 | 165 | ## User settings 166 | 167 | ## compatibility with Xcode 8 and earlier (ignoring not required starting Xcode 9) 168 | 169 | ## compatibility with Xcode 3 and earlier (ignoring not required starting Xcode 4) 170 | 171 | ## Xcode Patch 172 | *.xcodeproj/* 173 | !*.xcodeproj/project.pbxproj 174 | !*.xcodeproj/xcshareddata/ 175 | !*.xcworkspace/contents.xcworkspacedata 176 | /*.gcno 177 | 178 | ### Xcode Patch ### 179 | **/xcshareddata/WorkspaceSettings.xcsettings 180 | 181 | # End of https://www.gitignore.io/api/swift,xcode,macos,carthage,cocoapods,objective-c 182 | -------------------------------------------------------------------------------- /Scripts/LinodeStandUp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # LinodeStandUp.sh - Installs Bitcore-Core full node (pruned or archival) behind a tor address. 4 | # 5 | # Created by Peter on 2019-02-12-19. 6 | # Updated to install Bitcoin-Core 23.0 on 2022-06-08 7 | 8 | # DISCLAIMER: It is not a good idea to store large amounts of Bitcoin on a VPS, 9 | # ideally you should use this as a watch-only wallet. This script is expiramental 10 | # and has not been widely tested. The creators are not responsible for loss of 11 | # funds. If you are not familiar with running a node or how Bitcoin works then we 12 | # urge you to use this in testnet so that you can use it as a learning tool. 13 | 14 | # This script installs the latest stable version of Tor, Bitcoin Core, 15 | # Uncomplicated Firewall (UFW), debian updates, enables automatic updates for 16 | # debian for good security practices, installs a random number generator, and 17 | # a QR encoder. 18 | 19 | # The script will display a btcstandup:// uri in plain text which you can convert 20 | # to a QR Code and scan with FullyNoded to connect remotely. 21 | 22 | # Upon completion of the script their will be a QR code saved to /qrcode.png which 23 | # you can open and scan. You can use `sudo apt-get install fim` then: 24 | # `fim -a qrcode.png` to display the QR in a terminal (as root). 25 | 26 | # It is highly recommended to add a Tor V3 pubkey for cookie authentication so that 27 | # even if your QR code is compromised an attacker would not be able to access your 28 | # node. It is also recommended to delete the /qrcode.png, /standup.log, and 29 | # /standup.err files. 30 | 31 | # LindodeStandUp.sh sets Tor and Bitcoin Core up as systemd services so that they 32 | # start automatically after crashes or reboots. By default it sets up a pruned 33 | # testnet node, a Tor V3 hidden service controlling your rpcports and enables the 34 | # firewall to only allow incoming connections for SSH. If you supply a SSH_KEY in 35 | # the arguments it allows you to easily access your node via SSH using your rsa 36 | # pubkey, if you add SYS_SSH_IP's it will only accept SSH connections from those 37 | # IP's. 38 | 39 | # LindodeStandUp.sh will create a user called standup, and assign the optional 40 | # password you give it in the arguments. 41 | 42 | # LindodeStandUp.sh will create two logs in your root directory, to read them run: 43 | # $ cat standup.err 44 | # $ cat standup.log 45 | 46 | # This block defines the variables the user of the script needs to input 47 | # when deploying using this script. 48 | # 49 | # 50 | # USERPASSWORD= 51 | # 52 | # BTCTYPE= 53 | # 54 | # HOSTNAME= 55 | # 56 | # FQDN= 57 | # 58 | # REGION= 59 | # 60 | # PUBKEY= 61 | # 62 | # SSH_KEY= 63 | # 64 | # SYS_SSH_IP= 65 | # 66 | # USE_CYPHERPUNKPAY= 67 | # 68 | # CPPLITE= 69 | # 70 | # XPUB= 71 | # 72 | # CPPCAUSE= 73 | 74 | # Force check for root, if you are not logged in as root then the script will not execute 75 | if ! [ "$(id -u)" = 0 ] 76 | then 77 | 78 | echo "$0 - You need to be logged in as root!" 79 | exit 1 80 | 81 | fi 82 | 83 | # CURRENT BITCOIN RELEASE: 84 | # Change as necessary 85 | export BITCOIN="bitcoin-core-23.0" 86 | 87 | # Output stdout and stderr to ~root files 88 | exec > >(tee -a /standup.log) 2> >(tee -a /standup.log /standup.err >&2) 89 | 90 | #### 91 | # 1. Update Hostname 92 | #### 93 | 94 | echo $HOSTNAME > /etc/hostname 95 | /bin/hostname $HOSTNAME 96 | 97 | # Set the variable $IPADDR to the IP address the new Linode receives. 98 | IPADDR=`hostname -I | awk '{print $1}'` 99 | 100 | echo "$0 - Set hostname as $FQDN ($IPADDR)" 101 | echo "$0 - TODO: Put $FQDN with IP $IPADDR in your main DNS file." 102 | 103 | # Add localhost aliases 104 | 105 | echo "127.0.0.1 localhost" > /etc/hosts 106 | echo "127.0.1.1 $FQDN $HOSTNAME" >> /etc/hosts 107 | 108 | echo "$0 - Set localhost" 109 | 110 | #### 111 | # 2. Update Timezone 112 | #### 113 | 114 | # Set Timezone 115 | 116 | echo "$0 - Set Time Zone to $REGION" 117 | 118 | echo $REGION > /etc/timezone 119 | cp /usr/share/zoneinfo/${REGION} /etc/localtime 120 | 121 | #### 122 | # 3. Bring Debian Up To Date 123 | #### 124 | 125 | echo "$0 - Starting Debian updates; this will take a while!" 126 | 127 | # Make sure all packages are up-to-date 128 | apt-get update -y 129 | apt-get upgrade -y 130 | apt-get dist-upgrade -y 131 | 132 | # Install haveged (a random number generator) 133 | apt-get install haveged -y 134 | 135 | # Install GPG 136 | apt-get install gnupg -y 137 | 138 | # Set system to automatically update 139 | echo "unattended-upgrades unattended-upgrades/enable_auto_updates boolean true" | debconf-set-selections 140 | apt-get -y install unattended-upgrades 141 | 142 | echo "$0 - Updated Debian Packages" 143 | 144 | # get uncomplicated firewall and deny all incoming connections except SSH 145 | sudo apt-get install ufw -y 146 | ufw allow ssh 147 | ufw enable 148 | 149 | #### 150 | # 4. Set Up User 151 | #### 152 | 153 | # Create "standup" user with optional password and give them sudo capability 154 | /usr/sbin/useradd -m -p `perl -e 'printf("%s\n",crypt($ARGV[0],"password"))' "$USERPASSWORD"` -g sudo -s /bin/bash standup 155 | /usr/sbin/adduser standup sudo 156 | 157 | echo "$0 - Setup standup with sudo access." 158 | 159 | # Setup SSH Key if the user added one as an argument 160 | if [ -n "$SSH_KEY" ] 161 | then 162 | 163 | mkdir ~standup/.ssh 164 | echo "$SSH_KEY" >> ~standup/.ssh/authorized_keys 165 | chown -R standup ~standup/.ssh 166 | 167 | echo "$0 - Added .ssh key to standup." 168 | 169 | fi 170 | 171 | # Setup SSH allowed IP's if the user added any as an argument 172 | if [ -n "$SYS_SSH_IP" ] 173 | then 174 | 175 | echo "sshd: $SYS_SSH_IP" >> /etc/hosts.allow 176 | echo "sshd: ALL" >> /etc/hosts.deny 177 | echo "$0 - Limited SSH access." 178 | 179 | else 180 | 181 | echo "$0 - WARNING: Your SSH access is not limited; this is a major security hole!" 182 | 183 | fi 184 | 185 | #### 186 | # 5. Install latest stable tor 187 | #### 188 | 189 | # Download tor 190 | 191 | # To use source lines with https:// in /etc/apt/sources.list the apt-transport-https package is required. Install it with: 192 | sudo apt install apt-transport-https -y 193 | 194 | # We need to set up our package repository before you can fetch Tor. First, you need to figure out the name of your distribution: 195 | DEBIAN_VERSION=$(lsb_release -c | awk '{ print $2 }') 196 | 197 | # You need to add the following entries to /etc/apt/sources.list: 198 | cat >> /etc/apt/sources.list << EOF 199 | deb https://deb.torproject.org/torproject.org $DEBIAN_VERSION main 200 | deb-src https://deb.torproject.org/torproject.org $DEBIAN_VERSION main 201 | EOF 202 | 203 | # Then add the gpg key used to sign the packages by running: 204 | sudo curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import 205 | sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add - 206 | 207 | # Update system, install and run tor as a service 208 | sudo apt update -y 209 | sudo apt install tor deb.torproject.org-keyring -y 210 | 211 | # Setup hidden service 212 | sed -i -e 's/#ControlPort 9051/ControlPort 9051/g' /etc/tor/torrc 213 | sed -i -e 's/#CookieAuthentication 1/CookieAuthentication 1/g' /etc/tor/torrc 214 | sed -i -e 's/## address y:z./## address y:z.\ 215 | \ 216 | HiddenServiceDir \/var\/lib\/tor\/standup\/\ 217 | HiddenServiceVersion 3\ 218 | HiddenServicePort 18332 127.0.0.1:18332\ 219 | HiddenServicePort 18443 127.0.0.1:18443\ 220 | HiddenServicePort 8332 127.0.0.1:8332\ 221 | \ 222 | HiddenServiceDir \/var\/lib\/tor\/cypherpunkpay\ 223 | HiddenServiceVersion 3\ 224 | HiddenServicePort 8081 127.0.0.1:8081\ 225 | /g' /etc/tor/torrc 226 | mkdir /var/lib/tor/standup 227 | chown -R debian-tor:debian-tor /var/lib/tor/standup 228 | chmod 700 /var/lib/tor/standup 229 | 230 | # Add standup to the tor group so that the tor authentication cookie can be read by bitcoind 231 | sudo usermod -a -G debian-tor standup 232 | 233 | # Restart tor to create the HiddenServiceDir 234 | sudo systemctl restart tor.service 235 | 236 | 237 | # add V3 authorized_clients public key if one exists 238 | if ! [[ $PUBKEY == "" ]] 239 | then 240 | 241 | # create the directory manually in case tor.service did not restart quickly enough 242 | mkdir /var/lib/tor/standup/authorized_clients 243 | 244 | # Create the file for the pubkey 245 | sudo touch /var/lib/tor/standup/authorized_clients/fullynoded.auth 246 | 247 | # Write the pubkey to the file 248 | sudo echo $PUBKEY > /var/lib/tor/standup/authorized_clients/fullynoded.auth 249 | 250 | # Restart tor for authentication to take effect 251 | sudo systemctl restart tor.service 252 | 253 | echo "$0 - Successfully added Tor V3 authentication" 254 | 255 | else 256 | 257 | echo "$0 - No Tor V3 authentication, anyone who gets access to your QR code can have full access to your node, ensure you do not store more then you are willing to lose and better yet use the node as a watch-only wallet" 258 | 259 | fi 260 | 261 | #### 262 | # 6. Install Bitcoin 263 | #### 264 | 265 | # Download Bitcoin 266 | echo "$0 - Downloading Bitcoin; this will also take a while!" 267 | 268 | export BITCOINPLAIN=`echo $BITCOIN | sed 's/bitcoin-core/bitcoin/'` 269 | 270 | sudo -u standup mkdir ~standup/.logs 271 | 272 | sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -O ~standup/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -a ~standup/.logs/wget 273 | sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/SHA256SUMS.asc -O ~standup/SHA256SUMS.asc -a ~standup/.logs/wget 274 | sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/SHA256SUMS -O ~standup/SHA256SUMS -a ~standup/.logs/wget 275 | 276 | sudo -u standup wget https://raw.githubusercontent.com/bitcoin/bitcoin/23.x/contrib/builder-keys/keys.txt -O ~standup/keys.txt -a ~standup/.logs/wget 277 | sudo -u standup sh -c 'while read fingerprint keyholder_name; do gpg --keyserver hkps://keys.openpgp.org --recv-keys ${fingerprint}; done < ~standup/keys.txt' 278 | 279 | cat ~standup/.logs/wget >> /standup.log 280 | cat ~standup/.logs/wget >> /standup.err 281 | rm -r ~standup/.logs 282 | 283 | # Verifying Bitcoin: Signature 284 | echo "$0 - Verifying Bitcoin." 285 | 286 | export SHASIG=`sudo -u standup /usr/bin/gpg --verify ~standup/SHA256SUMS.asc ~standup/SHA256SUMS 2>&1 | grep "Good signature"` 287 | export SHACOUNT=`sudo -u standup /usr/bin/gpg --verify ~standup/SHA256SUMS.asc ~standup/SHA256SUMS 2>&1 | grep "Good signature" | wc -l` 288 | 289 | if [ "$SHASIG" ] 290 | then 291 | 292 | echo "$0 - SIG VERIFICATION SUCCESS: $SHACOUNT GOOD SIGNATURES FOUND." 293 | echo "$SHASIG" 294 | 295 | else 296 | 297 | (>&2 echo "$0 - SIG VERIFICATION ERROR: No verified signatures for Bitcoin!") 298 | 299 | fi 300 | 301 | # Verify Bitcoin: SHA 302 | export SHACHECK=`sudo -u standup sh -c 'cd ~standup; /usr/bin/sha256sum -c --ignore-missing < ~standup/SHA256SUMS 2>&1 | grep "OK"'` 303 | 304 | if [ "$SHACHECK" ] 305 | then 306 | 307 | echo "$0 - SHA VERIFICATION SUCCESS / SHA: $SHACHECK" 308 | 309 | else 310 | 311 | (>&2 echo "$0 - SHA VERIFICATION ERROR: SHA for Bitcoin did not match!") 312 | 313 | fi 314 | 315 | # Install Bitcoin 316 | echo "$0 - Installing Bitcoin." 317 | 318 | sudo -u standup /bin/tar xzf ~standup/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -C ~standup 319 | /usr/bin/install -m 0755 -o root -g root -t /usr/local/bin ~standup/$BITCOINPLAIN/bin/* 320 | 321 | # Copy man pages. 322 | dest='/usr/local/share/man' 323 | if [[ ! -d $dest ]] 324 | then 325 | mkdir -p $dest 326 | fi 327 | 328 | cp -r ~standup/$BITCOINPLAIN/share/man/man1 /usr/local/share/man 329 | command -v mandb && mandb 330 | 331 | /bin/rm -rf ~standup/$BITCOINPLAIN/ 332 | 333 | # Start Up Bitcoin 334 | echo "$0 - Configuring Bitcoin." 335 | 336 | sudo -u standup /bin/mkdir ~standup/.bitcoin 337 | 338 | # The only variation between Mainnet and Testnet is that Testnet has the "testnet=1" variable 339 | # The only variation between Regular and Pruned is that Pruned has the "prune=550" variable, which is the smallest possible prune 340 | RPCPASSWORD=$(xxd -l 16 -p /dev/urandom) 341 | 342 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 343 | server=1 344 | dbcache=1536 345 | par=1 346 | maxuploadtarget=137 347 | maxconnections=16 348 | rpcuser=StandUp 349 | rpcpassword=$RPCPASSWORD 350 | rpcallowip=127.0.0.1 351 | debug=tor 352 | EOF 353 | 354 | if [[ "$BTCTYPE" == "" ]]; then 355 | 356 | BTCTYPE="Pruned Testnet" 357 | 358 | fi 359 | 360 | if [[ "$BTCTYPE" == "Mainnet" ]]; then 361 | 362 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 363 | txindex=1 364 | EOF 365 | 366 | elif [[ "$BTCTYPE" == "Pruned Mainnet" ]]; then 367 | 368 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 369 | prune=550 370 | EOF 371 | 372 | elif [[ "$BTCTYPE" == "Testnet" ]]; then 373 | 374 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 375 | txindex=1 376 | testnet=1 377 | EOF 378 | 379 | elif [[ "$BTCTYPE" == "Pruned Testnet" ]]; then 380 | 381 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 382 | prune=550 383 | testnet=1 384 | EOF 385 | 386 | elif [[ "$BTCTYPE" == "Private Regtest" ]]; then 387 | 388 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 389 | regtest=1 390 | txindex=1 391 | EOF 392 | 393 | else 394 | 395 | (>&2 echo "$0 - ERROR: Somehow you managed to select no Bitcoin Installation Type, so Bitcoin hasn't been properly setup. Whoops!") 396 | exit 1 397 | 398 | fi 399 | 400 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 401 | [test] 402 | rpcbind=127.0.0.1 403 | rpcport=18332 404 | [main] 405 | rpcbind=127.0.0.1 406 | rpcport=8332 407 | [regtest] 408 | rpcbind=127.0.0.1 409 | rpcport=18443 410 | EOF 411 | 412 | /bin/chown standup ~standup/.bitcoin/bitcoin.conf 413 | /bin/chmod 600 ~standup/.bitcoin/bitcoin.conf 414 | 415 | # Setup bitcoind as a service that requires Tor 416 | echo "$0 - Setting up Bitcoin as a systemd service." 417 | 418 | sudo cat > /etc/systemd/system/bitcoind.service << EOF 419 | # It is not recommended to modify this file in-place, because it will 420 | # be overwritten during package upgrades. If you want to add further 421 | # options or overwrite existing ones then use 422 | # $ systemctl edit bitcoind.service 423 | # See "man systemd.service" for details. 424 | 425 | # Note that almost all daemon options could be specified in 426 | # /etc/bitcoin/bitcoin.conf, except for those explicitly specified as arguments 427 | # in ExecStart= 428 | 429 | [Unit] 430 | Description=Bitcoin daemon 431 | After=tor.service 432 | Requires=tor.service 433 | 434 | [Service] 435 | ExecStart=/usr/local/bin/bitcoind -conf=/home/standup/.bitcoin/bitcoin.conf 436 | 437 | # Process management 438 | #################### 439 | Type=simple 440 | PIDFile=/run/bitcoind/bitcoind.pid 441 | Restart=on-failure 442 | 443 | # Directory creation and permissions 444 | #################################### 445 | 446 | # Run as bitcoin:bitcoin 447 | User=standup 448 | Group=sudo 449 | 450 | # /run/bitcoind 451 | RuntimeDirectory=bitcoind 452 | RuntimeDirectoryMode=0710 453 | 454 | # Hardening measures 455 | #################### 456 | 457 | # Provide a private /tmp and /var/tmp. 458 | PrivateTmp=true 459 | 460 | # Mount /usr, /boot/ and /etc read-only for the process. 461 | ProtectSystem=full 462 | 463 | # Disallow the process and all of its children to gain 464 | # new privileges through execve(). 465 | NoNewPrivileges=true 466 | 467 | # Use a new /dev namespace only populated with API pseudo devices 468 | # such as /dev/null, /dev/zero and /dev/random. 469 | PrivateDevices=true 470 | 471 | # Deny the creation of writable and executable memory mappings. 472 | MemoryDenyWriteExecute=true 473 | 474 | [Install] 475 | WantedBy=multi-user.target 476 | 477 | EOF 478 | 479 | echo "$0 - Starting bitcoind service" 480 | sudo systemctl enable bitcoind.service 481 | sudo systemctl start bitcoind.service 482 | 483 | #### 484 | # 7. Install QR encoder and displayer, and show the btcstandup:// uri in plain text incase the QR Code does not display 485 | #### 486 | 487 | # Get the Tor onion address for the QR code 488 | HS_HOSTNAME=$(sudo cat /var/lib/tor/standup/hostname) 489 | 490 | # Create the QR string 491 | QR="btcstandup://StandUp:$RPCPASSWORD@$HS_HOSTNAME:8332/?label=LinodeStandUp.sh" 492 | echo "$0 - Ready to display the QuickConnect QR, first we need to install qrencode and fim" 493 | 494 | # Get software packages for encoding a QR code and displaying it in a terminal 495 | sudo apt-get install qrencode -y 496 | 497 | # Create the QR 498 | sudo qrencode -m 10 -o qrcode.png "$QR" 499 | 500 | # Add uri to /standup.uri 501 | echo $QR | sudo tee -a /standup.uri 502 | 503 | # Install CypherpunkPay 504 | # Ref. https://cypherpunkpay.org/installation/quick-start/ 505 | if [[ "$USE_CYPHERPUNKPAY" == "YES" ]] 506 | then 507 | echo "$0 - Bonus: Installing Cypherpunkpay" 508 | wget -qO - https://deb.cypherpunkpay.org/cypherpunkpay-package-signer.asc | sudo apt-key add - 509 | 510 | echo 'deb [arch=amd64] https://deb.cypherpunkpay.org/apt/ubuntu/ focal main' | sudo tee /etc/apt/sources.list.d/cypherpunkpay.list 511 | 512 | sudo apt-get update -y && sudo apt-get install -y cypherpunkpay 513 | 514 | USE_NODE='true' 515 | if [[ "$CPPLITE" == 'YES' ]] 516 | then 517 | USE_NODE='false' 518 | fi 519 | 520 | echo "$0 - Editing Cypherpunkpay Conf" 521 | sed -i -e "s/listen = 127.0.0.1:8080/listen = 127.0.0.1:8081/; 522 | s/btc_network = testnet/btc_network = mainnet/; 523 | s/# btc_mainnet_account_xpub = REPLACE_ME_WITH_BTC_MAINNET_ACCOUNT_XPUB/btc_mainnet_account_xpub = $XPUB/; 524 | s/btc_mainnet_node_enabled = false/btc_mainnet_node_enabled = $USE_NODE/; 525 | s/btc_mainnet_node_rpc_user = bitcoin/btc_mainnet_node_rpc_user = StandUp/; 526 | s/btc_mainnet_node_rpc_password = secret/btc_mainnet_node_rpc_password = $RPCPASSWORD/; 527 | s/use_tor = false/use_tor = true/; 528 | s/donations_cause =.*$/donations_cause = $CPPCAUSE/" /etc/cypherpunkpay.conf 529 | 530 | 531 | echo "$0 - Starting Cypherpunkpay" 532 | sudo systemctl enable cypherpunkpay 533 | sudo systemctl start cypherpunkpay 534 | fi 535 | 536 | # Display the uri text 537 | 538 | echo "$0 - This is your btcstandup:// uri to convert into a QR which can be scanned with FullyNoded to connect remotely:" 539 | 540 | echo "$0 - **************************************************************************************************************" 541 | 542 | 543 | echo $QR 544 | 545 | 546 | echo "$0 - **************************************************************************************************************" 547 | 548 | 549 | echo "$0 - Bitcoin is setup as a service and will automatically start if your VPS reboots and so is Tor" 550 | echo "$0 - You can manually stop Bitcoin with: sudo systemctl stop bitcoind.service" 551 | echo "$0 - You can manually start Bitcoin with: sudo systemctl start bitcoind.service" 552 | 553 | # Finished, exit script 554 | exit 1 555 | -------------------------------------------------------------------------------- /Scripts/StandUp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Updated to install Bitcoin-Core 0.22.0 on 2021-09-21 4 | 5 | # DISCLAIMER: It is not a good idea to store large amounts of Bitcoin on a VPS, 6 | # ideally you should use this as a watch-only wallet. This script is expiramental 7 | # and has not been widely tested. The creators are not responsible for loss of 8 | # funds. If you are not familiar with running a node or how Bitcoin works then we 9 | # urge you to use this in testnet so that you can use it as a learning tool. 10 | 11 | # This script installs the latest stable version of Tor, Bitcoin Core, 12 | # Uncomplicated Firewall (UFW), debian updates, enables automatic updates for 13 | # debian for good security practices, installs a random number generator, and 14 | # optionally a QR encoder and an image displayer. 15 | 16 | # The script will display the uri in plain text which you can convert to a QR Code 17 | # yourself. It is highly recommended to add a Tor V3 pubkey for cookie authentication 18 | # so that even if your QR code is compromised an attacker would not be able to access 19 | # your node. 20 | 21 | # StandUp.sh sets Tor and Bitcoin Core up as systemd services so that they start 22 | # automatically after crashes or reboots. By default it sets up a pruned testnet node, 23 | # a Tor V3 hidden service controlling your rpcports and enables the firewall to only 24 | # allow incoming connections for SSH. If you supply a SSH_KEY in the arguments 25 | # it allows you to easily access your node via SSH using your rsa pubkey, if you add 26 | # SYS_SSH_IP's your VPS will only accept SSH connections from those IP's. 27 | 28 | # StandUp.sh will create a user called standup, and assign the optional password you 29 | # give it in the arguments. 30 | 31 | # StandUp.sh will create two logs in your root directory, to read them run: 32 | # $ cat standup.err 33 | # $ cat standup.log 34 | 35 | #### 36 | #0. Prerequisites 37 | #### 38 | 39 | # In order to run this script you need to be logged in as root, and enter in the commands 40 | # listed below: 41 | 42 | # (the $ represents a terminal commmand prompt, do not actually type in a $) 43 | 44 | # First you need to give the root user a password: 45 | # $ sudo passwd 46 | 47 | # Then you need to switch to the root user: 48 | # $ su - root 49 | 50 | # Then create the file for the script: 51 | # $ nano standup.sh 52 | 53 | # Nano is a text editor that works in a terminal, you need to paste the entire contents 54 | # of this script into your terminal after running the above command, 55 | # then you can type: 56 | # control x (this starts to exit nano) 57 | # y (this confirms you want to save the file) 58 | # return (just press enter to confirm you want to save and exit) 59 | 60 | # Then we need to make sure the script can be executable with: 61 | # $ chmod +x standup.sh 62 | 63 | # After that you can run the script with the optional arguments like so: 64 | # $ ./standup.sh "insert pubkey" "insert node type (see options below)" "insert ssh key" "insert ssh allowed IP's" "insert password for standup user" 65 | 66 | #### 67 | # 1. Set Initial Variables from command line arguments 68 | #### 69 | 70 | # The arguments are read as per the below variables: 71 | # ./standup.sh "PUBKEY" "BTCTYPE" "SSH_KEY" "SYS_SSH_IP" "USERPASSWORD" 72 | 73 | # If you want to omit an argument then input empty qoutes in its place for example: 74 | # ./standup "" "Mainnet" "" "" "aPasswordForTheUser" 75 | 76 | # If you do not want to add any arguments and run everything as per the defaults simply run: 77 | # ./standup.sh 78 | 79 | # To run Cypherpunk Pay: 80 | # Set USE_CYPHERPUNKPAY="YES" before running standup.sh if you want to install CypherpunkPay 81 | # Set CPPLITE='YES' before running standup.sh if you do not want to use a full node for CypherpunkPay. It will instead download blocks over Tor from randomised block explorers. 82 | # Set CYPHERPUNKPAY_CAUSE to something like "Please help Satoshi fund his digital cash project!". This message will appear on your donation's page. 83 | # Set XPUB to the mainnet xpub for your newly created wallet to receive Cypherpunkpay funds 84 | 85 | # You can uncomment and edit the following lines: 86 | # USE_CYPHERPUNKPAY="YES" 87 | # CPPLITE="YES" 88 | # CYPHERPUNKPAY_CAUSE="Donate to Us!" 89 | # XPUB="xpub..." 90 | 91 | # For Tor V3 client authentication (optional), you can run standup.sh like: 92 | # ./standup.sh "descriptor:x25519:NWJNEFU487H2BI3JFNKJENFKJWI3" 93 | # and it will automatically add the pubkey to the authorized_clients directory, which 94 | # means the user is Tor authenticated before the node is even installed. 95 | PUBKEY=$1 96 | 97 | # Can be one of the following: "Mainnet", "Pruned Mainnet", "Testnet", "Pruned Testnet", or "Private Regtest", default is "Pruned Testnet" 98 | BTCTYPE=$2 99 | 100 | # Optional key for automated SSH logins to standup non-privileged account - if you do not want to add one add "" as an argument 101 | SSH_KEY=$3 102 | 103 | # Optional comma separated list of IPs that can use SSH - if you do not want to add any add "" as an argument 104 | SYS_SSH_IP=$4 105 | 106 | # Optional password for the standup non-privileged account - if you do not want to add one add "" as an argument 107 | USERPASSWORD=$5 108 | 109 | # Force check for root, if you are not logged in as root then the script will not execute 110 | if ! [ "$(id -u)" = 0 ] 111 | then 112 | 113 | echo "$0 - You need to be logged in as root!" 114 | exit 1 115 | 116 | fi 117 | 118 | # Output stdout and stderr to ~root files 119 | exec > >(tee -a /standup.log) 2> >(tee -a /standup.log /standup.err >&2) 120 | 121 | #### 122 | # 2. Bring Debian Up To Date 123 | #### 124 | 125 | echo "$0 - Starting Debian updates; this will take a while!" 126 | 127 | # Make sure all packages are up-to-date 128 | apt-get update 129 | apt-get upgrade -y 130 | apt-get dist-upgrade -y 131 | 132 | # Install haveged (a random number generator) 133 | apt-get install haveged -y 134 | 135 | # Install GPG 136 | apt-get install gnupg -y 137 | 138 | # Install dirmngr 139 | apt-get install dirmngr 140 | 141 | # Set system to automatically update 142 | echo "unattended-upgrades unattended-upgrades/enable_auto_updates boolean true" | debconf-set-selections 143 | apt-get -y install unattended-upgrades 144 | 145 | echo "$0 - Updated Debian Packages" 146 | 147 | # get uncomplicated firewall and deny all incoming connections except SSH 148 | sudo apt-get install ufw 149 | ufw allow ssh 150 | ufw enable 151 | 152 | #### 153 | # 3. Set Up User 154 | #### 155 | 156 | # Create "standup" user with optional password and give them sudo capability 157 | /usr/sbin/useradd -m -p `perl -e 'printf("%s\n",crypt($ARGV[0],"password"))' "$USERPASSWORD"` -g sudo -s /bin/bash standup 158 | /usr/sbin/adduser standup sudo 159 | 160 | echo "$0 - Setup standup with sudo access." 161 | 162 | # Setup SSH Key if the user added one as an argument 163 | if [ -n "$SSH_KEY" ] 164 | then 165 | 166 | mkdir ~standup/.ssh 167 | echo "$SSH_KEY" >> ~standup/.ssh/authorized_keys 168 | chown -R standup ~standup/.ssh 169 | 170 | echo "$0 - Added .ssh key to standup." 171 | 172 | fi 173 | 174 | # Setup SSH allowed IP's if the user added any as an argument 175 | if [ -n "$SYS_SSH_IP" ] 176 | then 177 | 178 | echo "sshd: $SYS_SSH_IP" >> /etc/hosts.allow 179 | echo "sshd: ALL" >> /etc/hosts.deny 180 | echo "$0 - Limited SSH access." 181 | 182 | else 183 | 184 | echo "$0 - WARNING: Your SSH access is not limited; this is a major security hole!" 185 | 186 | fi 187 | 188 | #### 189 | # 4. Install latest stable tor 190 | #### 191 | 192 | # Download tor 193 | 194 | # To use source lines with https:// in /etc/apt/sources.list the apt-transport-https package is required. Install it with: 195 | sudo apt install apt-transport-https 196 | 197 | # We need to set up our package repository before you can fetch Tor. First, you need to figure out the name of your distribution: 198 | DEBIAN_VERSION=$(lsb_release -c | awk '{ print $2 }') 199 | 200 | # You need to add the following entries to /etc/apt/sources.list: 201 | cat >> /etc/apt/sources.list << EOF 202 | deb https://deb.torproject.org/torproject.org $DEBIAN_VERSION main 203 | deb-src https://deb.torproject.org/torproject.org $DEBIAN_VERSION main 204 | EOF 205 | 206 | # Then add the gpg key used to sign the packages by running: 207 | sudo apt-key adv --recv-keys --keyserver keys.gnupg.net 74A941BA219EC810 208 | sudo wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import 209 | sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add - 210 | 211 | # Update system, install and run tor as a service 212 | sudo apt update 213 | sudo apt install tor deb.torproject.org-keyring 214 | 215 | # Setup hidden service 216 | 217 | sed -i -e 's/#ControlPort 9051/ControlPort 9051/g' /etc/tor/torrc 218 | sed -i -e 's/#CookieAuthentication 1/CookieAuthentication 1/g' /etc/tor/torrc 219 | 220 | cat >> /etc/tor/torrc << EOF 221 | HiddenServiceDir /var/lib/tor/bitcoin/mainnet/ 222 | HiddenServiceVersion 3 223 | HiddenServicePort 8332 127.0.0.1:8332 224 | 225 | HiddenServiceDir /var/lib/tor/bitcoin/testnet/ 226 | HiddenServiceVersion 3 227 | HiddenServicePort 18332 127.0.0.1:18332 228 | 229 | HiddenServiceDir /var/lib/tor/bitcoin/regtest/ 230 | HiddenServiceVersion 3 231 | HiddenServicePort 18443 127.0.0.1:18443 232 | 233 | HiddenServiceDir /var/lib/tor/lightning/ 234 | HiddenServiceVersion 3 235 | HiddenServicePort 8080 127.0.0.1:8080 236 | 237 | HiddenServiceDir /var/lib/tor/cypherpunkpay 238 | HiddenServiceVersion 3 239 | HiddenServicePort 8081 127.0.0.1:8081 240 | EOF 241 | 242 | mkdir /var/lib/tor/bitcoin 243 | chown -R debian-tor:debian-tor /var/lib/tor/bitcoin 244 | chmod 700 /var/lib/tor/bitcoin 245 | 246 | mkdir /var/lib/tor/bitcoin/mainnet 247 | chown -R debian-tor:debian-tor /var/lib/tor/bitcoin/mainnet 248 | chmod 700 /var/lib/tor/bitcoin/mainnet 249 | 250 | mkdir /var/lib/tor/bitcoin/testnet 251 | chown -R debian-tor:debian-tor /var/lib/tor/bitcoin/testnet 252 | chmod 700 /var/lib/tor/bitcoin/testnet 253 | 254 | mkdir /var/lib/tor/bitcoin/regtest 255 | chown -R debian-tor:debian-tor /var/lib/tor/bitcoin/regtest 256 | chmod 700 /var/lib/tor/bitcoin/regtest 257 | 258 | mkdir /var/lib/tor/lightning 259 | chown -R debian-tor:debian-tor /var/lib/tor/lightning 260 | chmod 700 /var/lib/tor/lightning 261 | 262 | # Add standup to the tor group so that the tor authentication cookie can be read by bitcoind 263 | sudo usermod -a -G debian-tor standup 264 | 265 | # Restart tor to create the HiddenServiceDir 266 | sudo systemctl restart tor.service 267 | 268 | 269 | # add V3 authorized_clients public key if one exists 270 | if ! [ "$PUBKEY" == "" ] 271 | then 272 | 273 | # create the directory manually incase tor.service did not restart quickly enough 274 | mkdir /var/lib/tor/standup/authorized_clients 275 | 276 | # need to assign the owner 277 | chown -R debian-tor:debian-tor /var/lib/tor/standup/authorized_clients 278 | 279 | # Create the file for the pubkey 280 | sudo touch /var/lib/tor/standup/authorized_clients/fullynoded.auth 281 | 282 | # Write the pubkey to the file 283 | sudo echo "$PUBKEY" > /var/lib/tor/standup/authorized_clients/fullynoded.auth 284 | 285 | # Restart tor for authentication to take effect 286 | sudo systemctl restart tor.service 287 | 288 | echo "$0 - Successfully added Tor V3 authentication" 289 | 290 | else 291 | 292 | echo "$0 - No Tor V3 authentication, anyone who gets access to your QR code can have full access to your node, ensure you do not store more then you are willing to lose and better yet use the node as a watch-only wallet" 293 | 294 | fi 295 | 296 | #### 297 | # 5. Install Bitcoin 298 | #### 299 | 300 | # Download Bitcoin 301 | echo "$0 - Downloading Bitcoin; this will also take a while!" 302 | 303 | # CURRENT BITCOIN RELEASE: 304 | # Change as necessary 305 | export BITCOIN="bitcoin-core-23.0" 306 | export BITCOINPLAIN=`echo $BITCOIN | sed 's/bitcoin-core/bitcoin/'` 307 | 308 | sudo -u standup mkdir ~standup/.logs 309 | 310 | sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -O ~standup/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -a ~standup/.logs/wget 311 | sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/SHA256SUMS.asc -O ~standup/SHA256SUMS.asc -a ~standup/.logs/wget 312 | sudo -u standup wget https://bitcoincore.org/bin/$BITCOIN/SHA256SUMS -O ~standup/SHA256SUMS -a ~standup/.logs/wget 313 | 314 | sudo -u standup wget https://raw.githubusercontent.com/bitcoin/bitcoin/23.x/contrib/builder-keys/keys.txt -O ~standup/keys.txt -a ~standup/.logs/wget 315 | sudo -u standup sh -c 'while read fingerprint keyholder_name; do gpg --keyserver hkps://keys.openpgp.org --recv-keys ${fingerprint}; done < ~standup/keys.txt' 316 | 317 | cat ~standup/.logs/wget >> /standup.log 318 | cat ~standup/.logs/wget >> /standup.err 319 | rm -r ~standup/.logs 320 | 321 | # Verifying Bitcoin: Signature 322 | echo "$0 - Verifying Bitcoin." 323 | 324 | export SHASIG=`sudo -u standup /usr/bin/gpg --verify ~standup/SHA256SUMS.asc ~standup/SHA256SUMS 2>&1 | grep "Good signature"` 325 | export SHACOUNT=`sudo -u standup /usr/bin/gpg --verify ~standup/SHA256SUMS.asc ~standup/SHA256SUMS 2>&1 | grep "Good signature" | wc -l` 326 | 327 | if [[ "$SHASIG" ]] 328 | then 329 | 330 | echo "$0 - SIG VERIFICATION SUCCESS: $SHACOUNT GOOD SIGNATURES FOUND." 331 | echo "$SHASIG" 332 | 333 | else 334 | 335 | (>&2 echo "$0 - SIG VERIFICATION ERROR: No verified signatures for Bitcoin!") 336 | 337 | fi 338 | 339 | # Verify Bitcoin: SHA 340 | export SHACHECK=`sudo -u standup sh -c 'cd ~standup; /usr/bin/sha256sum -c --ignore-missing < ~standup/SHA256SUMS 2>&1 | grep "OK"'` 341 | 342 | if [ "$SHACHECK" ] 343 | then 344 | 345 | echo "$0 - SHA VERIFICATION SUCCESS / SHA: $SHACHECK" 346 | 347 | else 348 | 349 | (>&2 echo "$0 - SHA VERIFICATION ERROR: SHA for Bitcoin did not match!") 350 | 351 | fi 352 | 353 | # Install Bitcoin 354 | echo "$0 - Installing Bitcoin." 355 | 356 | sudo -u standup /bin/tar xzf ~standup/$BITCOINPLAIN-x86_64-linux-gnu.tar.gz -C ~standup 357 | /usr/bin/install -m 0755 -o root -g root -t /usr/local/bin ~standup/$BITCOINPLAIN/bin/* 358 | 359 | # Copy man pages. 360 | dest='/usr/local/share/man' 361 | if [[ ! -d $dest ]] 362 | then 363 | mkdir -p $dest 364 | fi 365 | 366 | cp -r ~standup/$BITCOINPLAIN/share/man/man1 /usr/local/share/man 367 | command -v mandb && mandb 368 | 369 | /bin/rm -rf ~standup/$BITCOINPLAIN/ 370 | 371 | # Start Up Bitcoin 372 | echo "$0 - Configuring Bitcoin." 373 | 374 | sudo -u standup /bin/mkdir ~standup/.bitcoin 375 | 376 | # The only variation between Mainnet and Testnet is that Testnet has the "testnet=1" variable 377 | # The only variation between Regular and Pruned is that Pruned has the "prune=550" variable, which is the smallest possible prune 378 | RPCPASSWORD=$(xxd -l 16 -p /dev/urandom) 379 | 380 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 381 | server=1 382 | rpcuser=StandUp 383 | rpcpassword=$RPCPASSWORD 384 | rpcallowip=127.0.0.1 385 | debug=tor 386 | EOF 387 | 388 | if [ "$BTCTYPE" == "" ]; then 389 | 390 | BTCTYPE="Pruned Testnet" 391 | 392 | fi 393 | 394 | if [ "$BTCTYPE" == "Mainnet" ]; then 395 | 396 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 397 | txindex=1 398 | EOF 399 | 400 | elif [ "$BTCTYPE" == "Pruned Mainnet" ]; then 401 | 402 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 403 | prune=550 404 | EOF 405 | 406 | elif [ "$BTCTYPE" == "Testnet" ]; then 407 | 408 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 409 | txindex=1 410 | testnet=1 411 | EOF 412 | 413 | elif [ "$BTCTYPE" == "Pruned Testnet" ]; then 414 | 415 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 416 | prune=550 417 | testnet=1 418 | EOF 419 | 420 | elif [ "$BTCTYPE" == "Private Regtest" ]; then 421 | 422 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 423 | regtest=1 424 | txindex=1 425 | EOF 426 | 427 | else 428 | 429 | (>&2 echo "$0 - ERROR: Somehow you managed to select no Bitcoin Installation Type, so Bitcoin hasn't been properly setup. Whoops!") 430 | exit 1 431 | 432 | fi 433 | 434 | cat >> ~standup/.bitcoin/bitcoin.conf << EOF 435 | [test] 436 | rpcbind=127.0.0.1 437 | rpcport=18332 438 | [main] 439 | rpcbind=127.0.0.1 440 | rpcport=8332 441 | [regtest] 442 | rpcbind=127.0.0.1 443 | rpcport=18443 444 | EOF 445 | 446 | /bin/chown standup ~standup/.bitcoin/bitcoin.conf 447 | /bin/chmod 600 ~standup/.bitcoin/bitcoin.conf 448 | 449 | # Setup bitcoind as a service that requires Tor 450 | echo "$0 - Setting up Bitcoin as a systemd service." 451 | 452 | sudo cat > /etc/systemd/system/bitcoind.service << EOF 453 | # It is not recommended to modify this file in-place, because it will 454 | # be overwritten during package upgrades. If you want to add further 455 | # options or overwrite existing ones then use 456 | # $ systemctl edit bitcoind.service 457 | # See "man systemd.service" for details. 458 | # Note that almost all daemon options could be specified in 459 | # /etc/bitcoin/bitcoin.conf, except for those explicitly specified as arguments 460 | # in ExecStart= 461 | [Unit] 462 | Description=Bitcoin daemon 463 | After=tor.service 464 | Requires=tor.service 465 | [Service] 466 | ExecStart=/usr/local/bin/bitcoind -conf=/home/standup/.bitcoin/bitcoin.conf 467 | # Process management 468 | #################### 469 | Type=simple 470 | PIDFile=/run/bitcoind/bitcoind.pid 471 | Restart=on-failure 472 | # Directory creation and permissions 473 | #################################### 474 | # Run as bitcoin:bitcoin 475 | User=standup 476 | Group=sudo 477 | # /run/bitcoind 478 | RuntimeDirectory=bitcoind 479 | RuntimeDirectoryMode=0710 480 | # Hardening measures 481 | #################### 482 | # Provide a private /tmp and /var/tmp. 483 | PrivateTmp=true 484 | # Mount /usr, /boot/ and /etc read-only for the process. 485 | ProtectSystem=full 486 | # Disallow the process and all of its children to gain 487 | # new privileges through execve(). 488 | NoNewPrivileges=true 489 | # Use a new /dev namespace only populated with API pseudo devices 490 | # such as /dev/null, /dev/zero and /dev/random. 491 | PrivateDevices=true 492 | # Deny the creation of writable and executable memory mappings. 493 | MemoryDenyWriteExecute=true 494 | [Install] 495 | WantedBy=multi-user.target 496 | EOF 497 | 498 | echo "$0 - Starting bitcoind service" 499 | sudo systemctl enable bitcoind.service 500 | sudo systemctl start bitcoind.service 501 | 502 | #### 503 | # 6. Install QR encoder and displayer, and show the btcstandup:// uri in plain text incase the QR Code does not display 504 | #### 505 | 506 | # Get the Tor onion address for the QR code 507 | HS_HOSTNAME=$(sudo cat /var/lib/tor/bitcoin/testnet/hostname) 508 | 509 | # Create the QR string 510 | QR="btcstandup://StandUp:$RPCPASSWORD@$HS_HOSTNAME:18332/?label=CLightningNode2" 511 | 512 | # Get software packages for encoding a QR code and displaying it in a terminal 513 | sudo apt-get install qrencode -y 514 | 515 | /# Create the QR 516 | sudo qrencode -m 10 -o /qrcode.png "$QR" 517 | 518 | echo $QR | sudo tee -a /standup.uri 519 | 520 | # Display the uri text incase QR code does not work 521 | echo "$0 - **************************************************************************************************************" 522 | echo "$0 - This is your btcstandup:// uri to convert into a QR which can be scanned with FullyNoded to connect remotely:" 523 | echo $QR 524 | echo "$0 - **************************************************************************************************************" 525 | echo "$0 - Bitcoin is setup as a service and will automatically start if your VPS reboots and so is Tor" 526 | echo "$0 - You can manually stop Bitcoin with: sudo systemctl stop bitcoind.service" 527 | echo "$0 - You can manually start Bitcoin with: sudo systemctl start bitcoind.service" 528 | 529 | # Install CypherpunkPay 530 | # Ref. https://cypherpunkpay.org/installation/quick-start/ 531 | 532 | USE_NODE='true' 533 | if [[ "$CPPLITE" == 'YES' ]] 534 | then 535 | USE_NODE='false' 536 | fi 537 | 538 | if [[ "$USE_CYPHERPUNKPAY" == "YES" ]] 539 | then 540 | 541 | echo "$0 - Bonus: Installing Cypherpunkpay" 542 | wget -qO - https://deb.cypherpunkpay.org/cypherpunkpay-package-signer.asc | sudo apt-key add - 543 | 544 | echo 'deb [arch=amd64] https://deb.cypherpunkpay.org/apt/ubuntu/ focal main' | sudo tee /etc/apt/sources.list.d/cypherpunkpay.list 545 | 546 | sudo apt-get update -y && sudo apt-get install -y cypherpunkpay 547 | 548 | echo "$0 - Editing Cypherpunkpay Config" 549 | sed -i -e "s/listen = 127.0.0.1:8080/listen = 127.0.0.1:8081/; 550 | s/btc_network = testnet/btc_network = mainnet/; 551 | s/# btc_mainnet_account_xpub = REPLACE_ME_WITH_BTC_MAINNET_ACCOUNT_XPUB/btc_mainnet_account_xpub = $XPUB/; 552 | s/btc_mainnet_node_enabled = false/btc_mainnet_node_enabled = $USE_NODE/; 553 | s/btc_mainnet_node_rpc_user = bitcoin/btc_mainnet_node_rpc_user = StandUp/; 554 | s/btc_mainnet_node_rpc_password = secret/btc_mainnet_node_rpc_password = $RPCPASSWORD/; 555 | s/use_tor = false/use_tor = true/; 556 | s/donations_cause =.*$/donations_cause = $CYPHERPUNKPAY_CAUSE/" /etc/cypherpunkpay.conf 557 | 558 | sudo systemctl enable cypherpunkpay 559 | sudo systemctl start cypherpunkpay 560 | fi 561 | 562 | # Finished, exit script 563 | exit 1 564 | --------------------------------------------------------------------------------