-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbtc-node
121 lines (121 loc) · 5.87 KB
/
btc-node
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/bin/bash
set -e
#
if [ "$UID" -ne "0" ]; then
echo -e "This program must be run as root."
sleep 2
exit 0
fi
clear
echo -e "Hidden service relay? (Y/no)"
read HS_RELAY
if [[ "$HS_RELAY" -ne "no" ]]; then
echo -e "Stop tor."
service tor stop
chattr -i /etc/resolv.conf
echo "nameserver 8.8.8.8" > /etc/resolv.conf
fi
echo -e "Collecting external ip"
wget -q wtfismyip.com/text -O /root/ip
IP="$(cat /root/ip)"
echo -e "SSH setup?"
read SSH_SETUP
if [[ "$SSH_SETUP" -ne "no" ]]; then
SSH_CONF=/etc/ssh/sshd_config
mv "$SSH_CONF" /etc/ssh/sshd_config.bak
touch "$SSH_CONF"
echo -e "Please select the new port for ssh (default is 22).\nIt should be a number that is 5 digits."
read SSH_PORT
if [[ "$SSH_PORT" -ge "1" || "$SSH_PORT" -le 99999 ]]; then
echo -e "\nPort $SSH_PORT\n" > "$SSH_CONF"
else
echo -e "THAT WAS NOT AN ACCEPTABLE PORT!!!! RE-RUN THE SCRIPT AND PUT SOMETHING SENSIBLE HERE BEFORE YOU LOCK YOURSELF OUT!!"
exit 0
fi
echo -e "Do you want to add an ssh key? (Y/no)"
read HAVE_KEY
if [[ "$HAVE_KEY" = "no" ]]; then
sleep 1
else
echo -e "Please paste your public key (beginning with ssh-rsa)."
read SSH_KEY
if [[ -e /"$USER"/.ssh ]]; then
echo -e "\n"$SSH_KEY"" >> /"$USER"/.ssh/authorized_keys
else
mkdir /"$USER"/.ssh/
echo -e "$SSH_KEY" > /"$USER"/.ssh/authorized_keys
fi
fi
echo -e "\nProtocol 2\n\nHostKey /etc/ssh/ssh_host_rsa_key\n\nHostKey /etc/ssh/ssh_host_dsa_key\n\nHostKey /etc/ssh/ssh_host_ecdsa_key\n\nHostKey /etc/ssh/ssh_host_ed25519_key\n\nUsePrivilegeSeparation yes\n\nKeyRegenerationInterval 3600\n\nServerKeyBits 1024\n\nSyslogFacility AUTH\n\nLogLevel INFO\n\nLoginGraceTime 120\n\nPermitRootLogin yes\n\nStrictModes yes\n\nRSAAuthentication yes\n\nPubkeyAuthentication yes\n\nAuthorizedKeysFile /root/.ssh/authorized_keys\n\nIgnoreRhosts yes\n\nHostbasedAuthentication no\n\nRhostsRSAAuthentication no\nPermitEmptyPasswords no\n\nChallengeResponseAuthentication no\n\nPasswordAuthentication no\n\nKerberosAuthentication no\n\nGSSAPIAuthentication no\n\nX11Forwarding yes\n\nX11DisplayOffset 10\n\nPrintMotd no\n\nPrintLastLog yes\n\nTCPKeepAlive yes\n\nAcceptEnv LANG LC_*\n\nSubsystem sftp /usr/lib/openssh/sftp-server\n\nCiphers aes256-ctr,aes256-cbc,aes128-ctr,aes128-cbc,3des-cbc\n\nUsePAM no" >> "$SSH_CONF"
mv "$SSH_CONF" /root/temp.sshconf
sed '/^$/d' /root/temp.sshconf > "$SSH_CONF"
rm -f /root/temp.sshconf
chmod 0700 /root/.ssh
chmod 0600 /root/.ssh/*
service ssh restart
fi
apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade
apt-get install -y nano screen sudo pwgen ntp ntpdate haveged attr
echo -e "\nhardstatus on\nhardstatus alwayslastline\n$(echo 'hardstatus string "%{.bW}%-w%{.rW}%n %t%{-}%+w %=%{..G} %H %{..Y} %m/%d %C%a "')\n" >> /etc/screenrc
service ntp stop
ntpdate 0.europe.pool.ntp.org
service ntp start
rm -rf /root/bitcoinsrc
mkdir /root/bitcoinsrc
cd /root/bitcoinsrc
rm -rf /home/bitnode/.bitcoin
# Not so fast to build
echo "Build from source? (Y/no)"
read FRESH_BUILD
if [[ "$FRESH_BUILD" != "no" ]]; then
apt-get install -y automake pkg-config build-essential libtool autotools-dev autoconf libssl-dev libboost-all-dev libdb-dev libdb++-dev
git clone https://github.com/bitcoin/bitcoin
cd bitcoin
git checkout master
./autogen.sh
./configure --disable-wallet --with-cli --without-gui --without-miniupnpc
make
make install
echo -e "sudo –u bitnode –i bitcoind\nexit 0" > /etc/rc.local
else
wget https://bitcoin.org/bin/bitcoin-core-0.10.2/bitcoin-0.10.2-linux64.tar.gz
tar xf *.tar.gz
rm -rf *.tar.gz
echo -e "sudo –u bitnode –i /home/bitnode/bitcoin-0.10.2/bin/bitcoind\nexit 0" > /etc/rc.local
fi
adduser bitnode --disabled-password
adduser bitnode sudo
rm -rf /home/bitnode/.bitcoin
mkdir /home/bitnode/.bitcoin
touch /home/bitnode/.bitcoin/bitcoin.conf
mv /root/bitcoinsrc/bitcoin* /home/bitnode/
RPC_PASS=$(pwgen -n -s 68 1)
RPC_USER=user$(pwgen -B -n -s 10 1)
if [[ "$HS_RELAY" != "no" ]]; then
service tor start
echo -e "HiddenServiceDir /var/lib/tor/bitcoin-server/\nHiddenServicePort 8333 127.0.0.1:8333\n" >> /etc/tor/torrc
service tor reload
HS_URL=$(sudo cat /var/lib/tor/bitcoin-server/hostname)
echo -e "Hidden service address is:"
echo -e "$HS_URL""\033[0m"
echo -d "\nEnter to continue"
echo "nameserver 127.0.0.1" > /etc/resolv.conf
chattr +i /etc/resolv.conf
read
echo -e "txindex=1\ndaemon=1\nrpcuser="$RPC_USER"\nrpcpassword="$RPC_PASS"\nmaxconnections=700\nproxy=127.0.0.1:9050\nexternalip="$HS_URL"\nlisten=1\nbind=127.0.0.1:8333" > /home/bitnode/.bitcoin/bitcoin.conf
echo -e "Do you want your node to be accessible to all or only tor users? (all/tor)"
read TOR_ALL
if [[ "$TOR_ALL" = "all" ]]; then
echo -e "bind=0.0.0.0:8334\nexternalip="$IP"" >> /home/bitnode/.bitcoin/bitcoin.conf
else
echo "onlynet=onion" >> /home/bitnode/.bitcoin/bitcoin.conf
fi
echo -e "\nhardstatus on\nhardstatus alwayslastline\n$(echo 'hardstatus string "%{.bW}%-w%{.rW}%n %t%{-}%+w %=%{..G} %H %{..Y} %m/%d %C%a "')\n" >> /etc/screenrc
chown -R bitnode /home/bitnode/.bitcoin
else
echo -e "txindex=1\ndaemon=1\nrpcuser="$RPC_USER"\nrpcpassword="$RPC_PASS"\nmaxconnections=700\nlisten=1\nbind=0.0.0.0:8333\nexternalip="$IP"" > /home/bitnode/.bitcoin/bitcoin.conf
chown -R bitnode /home/bitnode/.bitcoin
fi
sudo -u bitnode -i /home/bitnode/bitcoin-0.10.2/bin/bitcoind
rm -rf /root/ip
exit 0