Last active
September 7, 2020 21:09
-
-
Save uniibu/e9a554dc8d587845fd1136839caf7be5 to your computer and use it in GitHub Desktop.
Raspiblitz Manual LND Install
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# "*** Raspiblitz Manual LND ***" | |
## Copied from https://github.com/rootzoll/raspiblitz/blob/v1.6/build_sdcard.sh#L97-L108 | |
echo "Detect CPU architecture ..." | |
isARM=$(uname -m | grep -c 'arm') | |
isAARCH64=$(uname -m | grep -c 'aarch64') | |
isX86_64=$(uname -m | grep -c 'x86_64') | |
if [ ${isARM} -eq 0 ] && [ ${isAARCH64} -eq 0 ] && [ ${isX86_64} -eq 0 ] ; then | |
echo "!!! FAIL !!!" | |
echo "Can only build on ARM, aarch64, x86_64 or i386 not on:" | |
uname -m | |
exit 1 | |
else | |
echo "OK running on $(uname -m) architecture." | |
fi | |
## Copied from https://github.com/rootzoll/raspiblitz/blob/v1.6/build_sdcard.sh#L584-L684 | |
lndVersion="0.10.4-beta" | |
# olaoluwa | |
PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc" | |
PGPcheck="9769140D255C759B1EB77B46A96387A57CAAE94D" | |
# bitconner | |
#PGPpkeys="https://keybase.io/bitconner/pgp_keys.asc" | |
#PGPcheck="9C8D61868A7C492003B2744EE7D737B67FA592C7" | |
# Joost Jager | |
#PGPpkeys="https://keybase.io/joostjager/pgp_keys.asc" | |
#PGPcheck="D146D0F68939436268FA9A130E26BB61B76C4D3A" | |
# get LND resources | |
cd /home/admin/download | |
# download lnd binary checksum manifest | |
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/manifest-v${lndVersion}.txt | |
# check if checksums are signed by lnd dev team | |
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/manifest-v${lndVersion}.txt.sig | |
sudo -u admin wget --no-check-certificate -N -O "pgp_keys.asc" ${PGPpkeys} | |
gpg ./pgp_keys.asc | |
fingerprint=$(sudo gpg "pgp_keys.asc" 2>/dev/null | grep "${PGPcheck}" -c) | |
if [ ${fingerprint} -lt 1 ]; then | |
echo "" | |
echo "!!! BUILD WARNING --> LND PGP author not as expected" | |
echo "Should contain PGP: ${PGPcheck}" | |
echo "PRESS ENTER to TAKE THE RISK if you think all is OK" | |
read key | |
fi | |
gpg --import ./pgp_keys.asc | |
sleep 3 | |
verifyResult=$(gpg --verify manifest-v${lndVersion}.txt.sig 2>&1) | |
goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c) | |
echo "goodSignature(${goodSignature})" | |
correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${GPGcheck}" -c) | |
echo "correctKey(${correctKey})" | |
if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then | |
echo "" | |
echo "!!! BUILD FAILED --> LND PGP Verify not OK / signature(${goodSignature}) verify(${correctKey})" | |
exit 1 | |
else | |
echo "" | |
echo "****************************************" | |
echo "OK --> SIGNATURE LND MANIFEST IS CORRECT" | |
echo "****************************************" | |
echo "" | |
fi | |
# get the lndSHA256 for the corresponding platform from manifest file | |
if [ ${isARM} -eq 1 ] ; then | |
lndOSversion="armv7" | |
lndSHA256=$(grep -i "linux-$lndOSversion" manifest-v$lndVersion.txt | cut -d " " -f1) | |
fi | |
if [ ${isAARCH64} -eq 1 ] ; then | |
lndOSversion="arm64" | |
lndSHA256=$(grep -i "linux-$lndOSversion" manifest-v$lndVersion.txt | cut -d " " -f1) | |
fi | |
if [ ${isX86_64} -eq 1 ] ; then | |
lndOSversion="amd64" | |
lndSHA256=$(grep -i "linux-$lndOSversion" manifest-v$lndVersion.txt | cut -d " " -f1) | |
fi | |
echo "" | |
echo "*** LND v${lndVersion} for ${lndOSversion} ***" | |
echo "SHA256 hash: $lndSHA256" | |
echo "" | |
# get LND binary | |
binaryName="lnd-linux-${lndOSversion}-v${lndVersion}.tar.gz" | |
if [ ! -f "./${binaryName}" ]; then | |
sudo -u admin wget -N https://github.com/lightningnetwork/lnd/releases/download/v${lndVersion}/${binaryName} | |
fi | |
# check binary was not manipulated (checksum test) | |
binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1) | |
if [ "${binaryChecksum}" != "${lndSHA256}" ]; then | |
echo "!!! FAIL !!! Downloaded LND BINARY not matching SHA256 checksum: ${lndSHA256}" | |
rm -v ./${binaryName} | |
exit 1 | |
else | |
echo "" | |
echo "****************************************" | |
echo "OK --> VERIFIED LND CHECKSUM IS CORRECT" | |
echo "****************************************" | |
echo "" | |
fi | |
# install | |
sudo -u admin tar -xzf ${binaryName} | |
sudo install -m 0755 -o root -g root -t /usr/local/bin lnd-linux-${lndOSversion}-v${lndVersion}/* | |
sleep 3 | |
installed=$(sudo -u admin lnd --version) | |
if [ ${#installed} -eq 0 ]; then | |
echo "" | |
echo "!!! BUILD FAILED --> Was not able to install LND" | |
exit 1 | |
fi | |
sudo systemctl start lnd | |
sleep 5 | |
echo "" | |
echo "Installed ${installed}" | |
sleep 15 | |
lncli unlock |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment