From 2d95af9ac0aee21d0fcc7d2965df2aedf9a5cb51 Mon Sep 17 00:00:00 2001 From: qo-op Date: Sun, 17 May 2020 21:15:35 +0200 Subject: [PATCH 1/4] Astroport datastructure check -> BAN peer --- zen/ipfs_SWARM_refresh.sh | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/zen/ipfs_SWARM_refresh.sh b/zen/ipfs_SWARM_refresh.sh index 1a1872e..396f96c 100755 --- a/zen/ipfs_SWARM_refresh.sh +++ b/zen/ipfs_SWARM_refresh.sh @@ -50,14 +50,32 @@ echo "REFRESHING /home/$YOU/.zen/ipfs_swarm/ from my SWARM peers" count=1 # Search for All peers Nodes. ## TODO: To be changed when Swarm is too big or not expanding #for id in $(ls -d ~/.zen/ipfs_swarm/.Qm* | cut -d '.' -f 3); # Alternative search... -for id in $(ipfs swarm peers | grep 'ip4' | awk -F '/' '{print $7}'); +for peer in $(ipfs swarm peers); do + id=$(echo "$peer" | grep 'ip4' | awk -F '/' '{print $7}') # FULL REFRESH (allow deletion, for DEV period) # TODO: COMMENT TO LOWER DISK USAGE echo "Refreshing /home/$YOU/.zen/ipfs_swarm/.$id ($count)" + [[ "$id" == "" ]] && continue rm -Rf /home/$YOU/.zen/ipfs_swarm/.$id $MY_PATH/tools/timeout.sh -t 30 ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$id count=$((count+1)) + + #### IPFS SWARM - BLOB SHAPING CONTROL - + ### Astroport Station Database Coherence? + if [[ ! -d /home/$YOU/.zen/ipfs_swarm/.$id ]]; then + echo "This $peer is NOT having regular Astroport Identification !!" + ipfs swarm disconnect $peer + ipfs bootstrap rm $peer + fi + ### Is "ipfs_swarm/.$id/G1SSB/_ssb.whoami" my SSB friend?? + ssbID=$(cat /home/$YOU/.zen/ipfs_swarm/.$id/G1SSB/_ssb.whoami) + isMyFriend=$(grep -Rwl "$ssbID" /tmp/ssb-friends.txt) + [[ ! $isMyFriend ]] && echo "$peer is NOT my friend" # TODO: PROD ACTIVATE # && ipfs swarm disconnect $peer && ipfs bootstrap rm $peer + + ## TODO: Use fail2ban if same node continue entering our swarm... + + done # TODO: TASK treatment. From 8f5a291eab29fb46de85b02aae8604863fad4957 Mon Sep 17 00:00:00 2001 From: qo-op Date: Sun, 17 May 2020 21:21:42 +0200 Subject: [PATCH 2/4] Is "ipfs_swarm/.$id/G1SSB/_ssb.whoami" my SSB friend --- zen/ipfs_SWARM_refresh.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/zen/ipfs_SWARM_refresh.sh b/zen/ipfs_SWARM_refresh.sh index 396f96c..d4db444 100755 --- a/zen/ipfs_SWARM_refresh.sh +++ b/zen/ipfs_SWARM_refresh.sh @@ -55,23 +55,24 @@ do id=$(echo "$peer" | grep 'ip4' | awk -F '/' '{print $7}') # FULL REFRESH (allow deletion, for DEV period) # TODO: COMMENT TO LOWER DISK USAGE + [[ "$id" == "" ]] && echo "WARNING! ID empty for $peer " && continue echo "Refreshing /home/$YOU/.zen/ipfs_swarm/.$id ($count)" - [[ "$id" == "" ]] && continue rm -Rf /home/$YOU/.zen/ipfs_swarm/.$id $MY_PATH/tools/timeout.sh -t 30 ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$id count=$((count+1)) #### IPFS SWARM - BLOB SHAPING CONTROL - - ### Astroport Station Database Coherence? + ### CHECK Astroport Station Database Coherence? if [[ ! -d /home/$YOU/.zen/ipfs_swarm/.$id ]]; then - echo "This $peer is NOT having regular Astroport Identification !!" + echo "WARNING! $peer is NOT an Astroport Station !!" ipfs swarm disconnect $peer ipfs bootstrap rm $peer fi + ### Is "ipfs_swarm/.$id/G1SSB/_ssb.whoami" my SSB friend?? ssbID=$(cat /home/$YOU/.zen/ipfs_swarm/.$id/G1SSB/_ssb.whoami) isMyFriend=$(grep -Rwl "$ssbID" /tmp/ssb-friends.txt) - [[ ! $isMyFriend ]] && echo "$peer is NOT my friend" # TODO: PROD ACTIVATE # && ipfs swarm disconnect $peer && ipfs bootstrap rm $peer + [[ ! $isMyFriend ]] && echo "WARNING! $peer is NOT my SSB Friend..." # TODO: PROD ACTIVATE # && ipfs swarm disconnect $peer && ipfs bootstrap rm $peer ## TODO: Use fail2ban if same node continue entering our swarm... From 2f5c7d87ce65ce5af841d5a9f7f308cfec09871c Mon Sep 17 00:00:00 2001 From: qo-op Date: Sun, 17 May 2020 22:13:55 +0200 Subject: [PATCH 3/4] ~/.zen/ipfs/.$ipfsnodeid/G1SSB/_g1.cesium_name --- zen/ipfs_SWARM_refresh.sh | 2 +- zen/ssb_INIT.sh | 1 + zen/zen_MAKE.sh | 16 ++++++++++------ 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/zen/ipfs_SWARM_refresh.sh b/zen/ipfs_SWARM_refresh.sh index d4db444..876f14c 100755 --- a/zen/ipfs_SWARM_refresh.sh +++ b/zen/ipfs_SWARM_refresh.sh @@ -72,7 +72,7 @@ do ### Is "ipfs_swarm/.$id/G1SSB/_ssb.whoami" my SSB friend?? ssbID=$(cat /home/$YOU/.zen/ipfs_swarm/.$id/G1SSB/_ssb.whoami) isMyFriend=$(grep -Rwl "$ssbID" /tmp/ssb-friends.txt) - [[ ! $isMyFriend ]] && echo "WARNING! $peer is NOT my SSB Friend..." # TODO: PROD ACTIVATE # && ipfs swarm disconnect $peer && ipfs bootstrap rm $peer + [[ ! $isMyFriend ]] && echo "WARNING! $peer is NOT my SSB Friend... $ssbID" # TODO: PROD ACTIVATE # && ipfs swarm disconnect $peer && ipfs bootstrap rm $peer ## TODO: Use fail2ban if same node continue entering our swarm... diff --git a/zen/ssb_INIT.sh b/zen/ssb_INIT.sh index 67f9288..559e038 100755 --- a/zen/ssb_INIT.sh +++ b/zen/ssb_INIT.sh @@ -188,6 +188,7 @@ ipfs ls /ipns/$ipfsnodeid " # COPY NODE G1SSB ID to IPFS +curl -s ${CESIUM}/user/profile/${g1pub} | jq -r '._source.title' > ~/.zen/ipfs/.$ipfsnodeid/G1SSB/_g1.cesium_name echo "$ssbpub" > ~/.zen/ipfs/.$ipfsnodeid/G1SSB/_ssb.whoami echo "$g1pub" > ~/.zen/ipfs/.$ipfsnodeid/G1SSB/_g1.pubkey diff --git a/zen/zen_MAKE.sh b/zen/zen_MAKE.sh index d941639..9400aa6 100755 --- a/zen/zen_MAKE.sh +++ b/zen/zen_MAKE.sh @@ -19,6 +19,7 @@ PASSENGER="$3" # ~/.zen/miam/timestamp/src_id.ext in ZenTag (add to IPFS datastr METADATA="$4" READ="$5" # Zen amount asked to allow passenger reading PARK="$6" # Zen amount payed for IPFS PIN by passenger everyday +# Add any "parameters" needed by CONTRACT.sh echo " ######################################################################## @@ -29,7 +30,7 @@ echo " ########################################################################" # If PASSENGER file, then must provide METADATA! -[[ $PASSENGER != "" ]] && [[ $METADATA == "" ]] && echo "PASSENGER needs METADATA !!! Please verify and correct..." && exit 1 +[[ $PASSENGER != "" ]] && [[ $METADATA == "" ]] && echo "ERROR PASSENGER needs METADATA !!! Please verify and correct..." && exit 1 [[ $READ == "" ]] && READ=1 [[ $PARK == "" ]] && PARK=10 ############################################## @@ -285,6 +286,8 @@ exit 0 EOF fi +# END PASSENGER FILE +#################### ########################################################### # Copy TAG into IPFS + ipfs name publish -k ${AA}.key @@ -375,9 +378,8 @@ echo " # READ QRCODE qrencode -s 5 -o ~/.zen/tag/${AAH}/_QRCODE.read.png "RJ:${AA}#${J}" # WRITE QRCODE -# TODO: best security cypher? but it is better to defend system than file ??? I think so. -# So consider well before using this code not under DEBIAN 10 it is tested for! qrencode -s 5 -o ~/.zen/tag/${AAH}/_QRCODE.write.png "BJ:${BB}#${J}" +## TODO PROD REMOVE WRITE FILE echo "QRCodes CREATED !! See it : @@ -386,6 +388,7 @@ xviewer ~/.zen/tag/${AAH}/_QRCODE.write.png & ${AA} " + [[ $(which xviewer) ]] && xviewer ~/.zen/tag/${AAH}/_QRCODE.read.png & [[ $(which xviewer) ]] && xviewer ~/.zen/tag/${AAH}/_QRCODE.write.png & @@ -393,11 +396,11 @@ ${AA} ######################################################################## # SBOT PUBLISH ######################################################################## -if [[ "${PASSENGERNAME}" != "" ]]; then +if [[ "${PASSENGERNAME}" != "" ]]; then echo "$ISSUER" msg="$(sbotc get '{"id":"'"$ISSUER"'"}')" # echo "$msg" | jq #DEBUG - [[ $msg == "" ]] && echo "ERROR No SSB message for PASSENGER in $tstamp" && exit 1 + [[ $msg == "" ]] && echo "ERROR No SSB message for PASSENGER (timestamp: $tstamp)" && exit 1 msg_root=$(printf %s "$msg" | jq -r .value.content.root) [[ $msg_root == "null" ]] && msg_root=$ISSUER msg_branch=$(printf %s "$msg" | jq -r .value.content.branch) @@ -447,7 +450,8 @@ sbotc publish '{"type":"post", "branch": "'"$msg_branch"'", "root": "'"$msg_root else # REGULAR ZenTAG, Send QRCode to INPUT TX emitter - +### TODO PRINT AND SEND BY SSB WITH WHEN PASSENGER TOO +# CAREFULL IN THAT CASE ISSUER IS A G1WALLET ssbid="@$(echo $ISSUER | base58 -d | base64).ed25519" file=~/.zen/tag/${AAH}/_QRCODE.read.png From 9b6111cec19b7a615d4179824ec3bb4f77904f8f Mon Sep 17 00:00:00 2001 From: qo-op Date: Sun, 17 May 2020 23:44:45 +0200 Subject: [PATCH 4/4] loveland coming... --- .install/loveland.sh | 52 ++++++++++++++++++++++++++++++++++---------- cron_MINUTE.sh | 7 +++--- 2 files changed, 44 insertions(+), 15 deletions(-) diff --git a/.install/loveland.sh b/.install/loveland.sh index d17f424..0589b18 100755 --- a/.install/loveland.sh +++ b/.install/loveland.sh @@ -32,7 +32,7 @@ echo ' \____/\____/ .___/\__, /_____/\__,_/_/ |_|\__,_/\__,_/_/\____/ /_/ /____/ -Multimedia Layer installation +Multimedia Layer installation https://copylaradio.com ' ######## YOUTUBE-DL ########## if [[ ! $(which youtube-dl) ]]; then @@ -52,16 +52,15 @@ sudo cp -f /home/$YOU/.zen/astroport/.install/templates/copylaradio/mpd.conf /et sudo sed -i "s/_USER_/$USER/g" /etc/mpd.conf || err=1 mkdir ~/.config/mpd && sudo cp -f /etc/mpd.conf ~/.config/mpd/mpd.conf && sudo chown $USER ~/.config/mpd/mpd.conf +## MULTIMEDIA ## VIDEO & AUDIO & PLAYLISTS ~/.zen/ DIR mkdir -p ~/.zen/video mkdir -p ~/.zen/audio mkdir -p ~/.zen/playlists -## CHOWN mpd FILES STRUCTURE ( -echo "TODO: CHECK if mpd start after a reboot !!" +## CHOWN mpd FILES STRUCTURE sudo chown -R $USER /var/lib/mpd/ /var/run/mpd /run/mpd /var/log/mpd sudo service mpd restart || err=1 -## TODO add to system start (/etc/rc.local?) ### INSTALL NGINX echo ' @@ -75,7 +74,7 @@ echo ' ' sudo apt-get install fail2ban nginx ssl-cert php-curl php-sqlite3 php-gd php-json php-xml php-mbstring php-fpm sqlite -y || err=1 -# KILL RUNNING OASIS +# IN CASE, KILL RUNNING OASIS kill -9 $(ps auxf --sort=+utime | grep -w oasis | grep -v -E 'color=auto|grep' | tail -n 1 | awk '{print $2}') echo "REstarting OASIS with good $nodename & network config" [[ ! $(which nslookup) ]] && sudo apt-get install lolcat dnsutils -y @@ -90,7 +89,7 @@ echo ' ' | lolcat myip=$(hostname -I | awk '{print $1}') -# Check if IP is from reserved LAN addresses +# Check if IP is from reserved LAN addresses (Thanks a lot to https://stackoverflow.com) isLAN=$(echo $myip | grep -E "/(^127\.)|(^192\.168\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") # Find 1st route gateway myRouter=$(sudo route -n | head -n 3 | tail -n 1 | awk '{print $2}') @@ -102,7 +101,6 @@ echo $nodename if [[ ! $isLAN ]]; then oasis --allow-host $nodename 2>&1>/dev/null & echo "BE CAREFULL your SSB identity could be publicly controled..." - echo "TODO correct 'Not Found' error (cors problem related)" else oasis --allow-host $nodename --host $nodename 2>&1>/dev/null & fi @@ -111,20 +109,50 @@ sleep 5 # CONFIG NGINX - LOVE LAND FRONTAL WEB PAGE sudo cp -f /home/$YOU/.zen/astroport/www/loveland.conf /etc/nginx/conf.d/ +## TODO optimise loveland.conf +### Each Extra Flavour take a new +sudo cp /etc/nginx/conf.d/loveland.conf /etc/nginx/conf.d/10010.conf +sudo cp /etc/nginx/conf.d/loveland.conf /etc/nginx/conf.d/10020.conf +sudo cp /etc/nginx/conf.d/loveland.conf /etc/nginx/conf.d/10030.conf +sudo cp /etc/nginx/conf.d/loveland.conf /etc/nginx/conf.d/10030.conf -PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}') -sudo sed -i "s/_PHPVERSION_/$PHPVERSION/g" /etc/nginx/conf.d/loveland.conf -sudo sed -i "s/_SERVERNAME_/$nodename/g" /etc/nginx/conf.d/loveland.conf -sudo sed -i "s/_PORT_/10010/g" /etc/nginx/conf.d/loveland.conf -sudo sed -i "s/_APPLI_//g" /etc/nginx/conf.d/loveland.conf echo "INSTALL LOVELand WebSite" if [[ ! -L /var/www/loveland ]]; then sudo ln -s /home/$YOU/.zen/astroport/www/LOVELand /var/www/loveland fi + +# RompR JUKEBOX sudo chmod -R 777 /var/www/loveland/jukebox/albumart sudo chmod -R 777 /var/www/loveland/jukebox/prefs +PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}') +### ASTROPORT STATION PORTAL +sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astroport/www/loveland.conf /etc/nginx/conf.d/loveland.conf +sudo sed -i "s/_SERVERNAME_/$nodename/g" /etc/nginx/conf.d/loveland.conf +sudo sed -i "s/_PORT_/10010/g" /etc/nginx/conf.d/loveland.conf +sudo sed -i "s/_APPLI_//g" /etc/nginx/conf.d/loveland.conf + +### GCHANGE G1 Zen +sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astroport/www/loveland.conf /etc/nginx/conf.d/gchange.conf +sudo sed -i "s/_SERVERNAME_/$nodename/g" /etc/nginx/conf.d/gchange.conf +sudo sed -i "s/_PORT_/10020/g" /etc/nginx/conf.d/gchange.conf +sudo sed -i "s/_APPLI_/gchange/g" /etc/nginx/conf.d/gchange.conf + +### CESIUM G1 Zen +sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astroport/www/loveland.conf /etc/nginx/conf.d/cesium.conf +sudo sed -i "s/_SERVERNAME_/$nodename/g" /etc/nginx/conf.d/cesium.conf +sudo sed -i "s/_PORT_/10030/g" /etc/nginx/conf.d/cesium.conf +sudo sed -i "s/_APPLI_/cesium/g" /etc/nginx/conf.d/cesium.conf + +### SSB OASIS Zen +sudo sed "s/_SERVERNAME_/$nodename/g" /home/$YOU/.zen/astroport/www/oasis.conf /etc/nginx/conf.d/oasis.conf +sudo sed -i "s/_PORT_/10040/g" /etc/nginx/conf.d/oasis.conf +sudo sed -i "s/_LPORT_/3000/g" /etc/nginx/conf.d/oasis.conf +sudo sed -i "s/_APPLI_//g" /etc/nginx/conf.d/oasis.conf + + + # Disabling default website # sudo rm -f /etc/nginx/sites-enabled/default diff --git a/cron_MINUTE.sh b/cron_MINUTE.sh index 9738650..7555f87 100755 --- a/cron_MINUTE.sh +++ b/cron_MINUTE.sh @@ -26,13 +26,14 @@ export isG1smsRunning=$(ps auxf --sort=+utime | grep -w gammu | grep -v -E 'colo && echo "ipfs daemon not running. EXIT" \ && exit 1 -export YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1); -export IPFSNODEID=$(ipfs id -f='\n') - # CORRECT PATH [[ ! $(echo $PATH | grep "/usr/local/bin") ]] && export PATH="$PATH:/usr/local/bin" [[ ! $(echo $PATH | grep "~/.local/bin") ]] && export PATH="$PATH:~/.local/bin" +export YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1); +export IPFSNODEID=$(ipfs id -f='\n') + + ipfsnodeid=$(ipfs id -f='\n') g1pub=$(cat ~/.ssb/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2)