-
Notifications
You must be signed in to change notification settings - Fork 7
/
jam-entrypoint.sh
136 lines (115 loc) · 4.96 KB
/
jam-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#!/bin/bash
set -e
# ensure jm working directory exists
mkdir --parents "${DATADIR}/"
# ensure log directory exists
mkdir --parents /var/log/jam
# touch jmwalletd log file to preserve read permissions for nginx (644)
touch /var/log/jam/jmwalletd_stdout.log
# restore the default config
if [ ! -f "$CONFIG" ] || [ "${RESTORE_DEFAULT_CONFIG}" = "true" ]; then
cp --force "$DEFAULT_CONFIG" "$CONFIG"
fi
# remove leftover lockfiles from possible unclean shutdowns before startup
if [ "${REMOVE_LOCK_FILES}" = "true" ]; then
echo "Remove leftover wallet lockfiles before startup..."
rm --force --verbose "${DATADIR}"/wallets/.*.jmdat.lock
fi
# setup basic authentication
if [ -n "${APP_USER}" ]; then
BASIC_AUTH_USER=${APP_USER:?APP_USER empty or unset}
BASIC_AUTH_PASS=${APP_PASSWORD:?APP_PASSWORD empty or unset}
echo -e "${BASIC_AUTH_USER}:$(openssl passwd -quiet -6 <<< echo "${BASIC_AUTH_PASS}")\n" > /etc/nginx/.htpasswd
sed -i 's/auth_basic off;/auth_basic "JoinMarket WebUI";/g' /etc/nginx/conf.d/default.conf
fi
# generate ssl certificates for jmwalletd
if [ ! -f "${DATADIR}/ssl/key.pem" ]; then
subj="/C=US/ST=Utah/L=Lehi/O=Your Company, Inc./OU=IT/CN=example.com"
mkdir --parents "${DATADIR}/ssl/" \
&& pushd "$_" \
&& openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out cert.pem -keyout key.pem -subj "$subj" \
&& popd
fi
declare -A jmenv
while IFS='=' read -r -d '' envkey parsedval; do
n="${envkey,,}" # lowercase
if [[ "$n" = jm_* ]]; then
n="${n:3}" # drop jm_
jmenv[$n]="${!envkey}" # reread environment variable - characters might have been dropped (e.g 'ending in =')
fi
done < <(env -0)
# ensure a wallet name is present
jmenv['rpc_wallet_file']=${jmenv['rpc_wallet_file']:-'jm_webui_default'}
# make sure `max_cj_fee_abs` and `max_cj_fee_rel` are set
# `max_cj_fee_abs` between 5000 - 10000 sats if not provided
jmenv['max_cj_fee_abs']=${jmenv['max_cj_fee_abs']:-"$(shuf -i 5000-10000 -n1)"}
# `max_cj_fee_rel` between 0.01 - 0.03% if not provided
jmenv['max_cj_fee_rel']=${jmenv['max_cj_fee_rel']:-"0.000$((RANDOM%3+1))"}
# adapt 'blockchain_source' if missing and we're in regtest mode
if [ "${jmenv['network']}" = "regtest" ] && [ "${jmenv['blockchain_source']}" = "" ]; then
jmenv['blockchain_source']='regtest'
fi
# there is no 'regtest' value for config 'network': make sure to use "testnet" in regtest mode
if [ "${jmenv['network']}" = "regtest" ]; then
jmenv['network']='testnet'
fi
# For every env variable JM_FOO=BAR, replace the default configuration value of 'foo' by 'BAR'
for key in "${!jmenv[@]}"; do
val="${jmenv[${key}]}"
sed -i "s/^$key =.*/$key = $val/g" "$CONFIG" || echo "Couldn't set : $key = $val, please modify $CONFIG manually"
done
# wait for a ready file to be created if necessary
if [ "${READY_FILE}" ] && [ "${READY_FILE}" != "false" ]; then
echo "Waiting for file $READY_FILE to be created..."
while [ ! -f "$READY_FILE" ]; do sleep 1; done
echo "Successfully waited for file $READY_FILE to be created."
fi
btcuser="${jmenv['rpc_user']}:${jmenv['rpc_password']}"
btchost="http://${jmenv['rpc_host']}:${jmenv['rpc_port']}"
# wait for bitcoind to accept RPC requests if necessary
if [ "${WAIT_FOR_BITCOIND}" != "false" ]; then
echo "Waiting for bitcoind to accept RPC requests..."
# use `getblockchaininfo` command here, as this is the first request JM is
# performing during initialization
getblockchaininfo_payload="{\
\"jsonrpc\":\"2.0\",\
\"id\":\"curl\",\
\"method\":\"getblockchaininfo\",\
\"params\":{}\
}"
# generally only testing for a non-error response would be enough, but
# waiting for blocks >= 100 is needed for regtest environments as well!
until curl --silent --show-error --user "${btcuser}" --data-binary "${getblockchaininfo_payload}" "${btchost}" 2>&1 | jq -e ".result.blocks >= 100" > /dev/null 2>&1
do
sleep 5
done
echo "Successfully waited for bitcoind to accept RPC requests."
fi
# ensure that a wallet exists and is loaded if necessary
if [ "${ENSURE_WALLET}" = "true" ]; then
wallet_name="${jmenv['rpc_wallet_file']}"
echo "Creating wallet $wallet_name if missing..."
create_payload="{\
\"jsonrpc\":\"2.0\",\
\"id\":\"curl\",\
\"method\":\"createwallet\",\
\"params\":{\
\"wallet_name\":\"${wallet_name}\",\
\"descriptors\":false,\
\"load_on_startup\":true\
}\
}"
curl --silent --user "${btcuser}" --data-binary "${create_payload}" "${btchost}" > /dev/null || true
echo "Loading wallet $wallet_name..."
load_payload="{\
\"jsonrpc\":\"2.0\",\
\"id\":\"curl\",\
\"method\":\"loadwallet\",\
\"params\":{\
\"filename\":\"${wallet_name}\",\
\"load_on_startup\":true\
}\
}"
curl --silent --user "${btcuser}" --data-binary "${load_payload}" "${btchost}" > /dev/null || true
fi
exec /sbin/dinit --container