2020-01-12 11:52:38 -08:00
|
|
|
#!/usr/bin/env bash
|
2018-11-22 15:51:16 -08:00
|
|
|
|
2020-10-23 01:45:49 -07:00
|
|
|
set -euo pipefail
|
|
|
|
|
2019-11-27 05:04:30 -08:00
|
|
|
opensslConf=${1:-openssl.cnf}
|
2018-11-22 15:51:16 -08:00
|
|
|
|
2020-01-12 11:52:38 -08:00
|
|
|
makePasswordSecret() {
|
2020-12-15 16:28:12 -08:00
|
|
|
# Passwords have alphabet {a-z, A-Z, 0-9} and ~119 bits of entropy
|
|
|
|
[[ -e $1 ]] || pwgen -s 20 1 > "$1"
|
2020-01-12 11:52:38 -08:00
|
|
|
}
|
2020-08-27 03:17:41 -07:00
|
|
|
makeHMAC() {
|
|
|
|
user=$1
|
|
|
|
rpcauth $user $(cat bitcoin-rpcpassword-$user) | grep rpcauth | cut -d ':' -f 2 > bitcoin-HMAC-$user
|
|
|
|
}
|
2020-01-12 11:52:38 -08:00
|
|
|
|
2020-06-22 05:10:54 -07:00
|
|
|
makePasswordSecret bitcoin-rpcpassword-privileged
|
2020-08-12 07:47:56 -07:00
|
|
|
makePasswordSecret bitcoin-rpcpassword-btcpayserver
|
2020-06-22 05:10:54 -07:00
|
|
|
makePasswordSecret bitcoin-rpcpassword-public
|
2020-01-12 11:52:38 -08:00
|
|
|
makePasswordSecret lnd-wallet-password
|
|
|
|
makePasswordSecret liquid-rpcpassword
|
|
|
|
makePasswordSecret lightning-charge-token
|
|
|
|
makePasswordSecret spark-wallet-password
|
2020-06-11 04:39:17 -07:00
|
|
|
makePasswordSecret backup-encryption-password
|
2020-09-11 04:53:12 -07:00
|
|
|
makePasswordSecret jm-wallet-password
|
2020-01-12 11:52:38 -08:00
|
|
|
|
2020-08-27 03:17:41 -07:00
|
|
|
[[ -e bitcoin-HMAC-privileged ]] || makeHMAC privileged
|
|
|
|
[[ -e bitcoin-HMAC-public ]] || makeHMAC public
|
2020-08-12 07:47:56 -07:00
|
|
|
[[ -e bitcoin-HMAC-btcpayserver ]] || makeHMAC btcpayserver
|
2020-01-12 11:52:38 -08:00
|
|
|
[[ -e lightning-charge-env ]] || echo "API_TOKEN=$(cat lightning-charge-token)" > lightning-charge-env
|
|
|
|
[[ -e nanopos-env ]] || echo "CHARGE_TOKEN=$(cat lightning-charge-token)" > nanopos-env
|
|
|
|
[[ -e spark-wallet-login ]] || echo "login=spark-wallet:$(cat spark-wallet-password)" > spark-wallet-login
|
2020-06-11 04:39:17 -07:00
|
|
|
[[ -e backup-encryption-env ]] || echo "PASSPHRASE=$(cat backup-encryption-password)" > backup-encryption-env
|
2018-11-22 15:51:16 -08:00
|
|
|
|
2020-01-12 11:52:38 -08:00
|
|
|
if [[ ! -e lnd-key || ! -e lnd-cert ]]; then
|
|
|
|
openssl ecparam -genkey -name prime256v1 -out lnd-key
|
|
|
|
openssl req -config $opensslConf -new -sha256 -key lnd-key -out lnd.csr -subj '/CN=localhost/O=lnd'
|
|
|
|
openssl req -config $opensslConf -x509 -sha256 -days 1825 -key lnd-key -in lnd.csr -out lnd-cert
|
2019-11-27 05:04:29 -08:00
|
|
|
rm lnd.csr
|
2019-08-22 10:23:53 -07:00
|
|
|
fi
|
2020-09-15 01:46:15 -07:00
|
|
|
|
|
|
|
if [[ ! -e loop-key || ! -e loop-cert ]]; then
|
|
|
|
openssl ecparam -genkey -name prime256v1 -out loop-key
|
|
|
|
openssl req -config $opensslConf -new -sha256 -key loop-key -out loop.csr -subj '/CN=localhost/O=loopd'
|
|
|
|
openssl req -config $opensslConf -x509 -sha256 -days 1825 -key loop-key -in loop.csr -out loop-cert
|
|
|
|
rm loop.csr
|
|
|
|
fi
|