#!/bin/bash
################################################################
# Colors #
################################################################
# Reset
Off='\033[0m' # Text Reset
# Regular Colors
Red='\033[0;31m' # Red
Green='\033[0;32m' # Green
Yellow='\033[0;33m' # Yellow
Purple='\033[0;35m' # Purple
White='\033[0;37m' # White
# Background
On_Black='\033[40m' # Black
OkBullet="${Green}${On_Black}:: ${White}${On_Black}"
WarnBullet="${Yellow}${On_Black}:: ${White}${On_Black}"
ErrBullet="${Red}${On_Black}:: ${White}${On_Black}"
Ok="${Green}${On_Black} ok.${Off}"
Fail="${Red}${On_Black} failed!${Off}"
Nok="${Yellow}${On_Black} nok.${Off}"
Stat="${Purple}${On_Black}"
StatInfo="${White}${On_Black}"
################################################################
# Vars #
################################################################
VERSION="v0.3.1"
XMRSH_INSTALL_CMD="sudo bash -c \"\$(curl -sLSf https://get.xmr.sh)\""
XMRSH_DIR="/opt/xmr.sh"
XMRSH_BRANCH="main"
XMRSH_URL="https://github.com/vdo/xmr.sh"
XMRSH_LOG_FILE="/tmp/xmr.sh-$(date +%Y%m%d-%H%M%S).log"
DOCKER_INSTALLED=false
DOCKER_COMPOSE_INSTALLED=false
DOCKER_COMPOSE_VERSION="v2.5.0"
DEPENDENCIES="git curl"
ONION="Not Available"
TLS_PORT="443"
TLS_DOMAIN=""
TLS_EMAIL=""
NETWORK="mainnet"
ENABLE_GRAFANA=""
################################################################
# Functions #
################################################################
header() {
echo -e "${Red}${On_Black} _ "
echo -e "__ ___ __ ___ _ __ ___| |__ "
echo -e "\ \/ / '_ ' _ \| '__/ __| '_ \ "
echo -e " > <| | | | | | | _\__ \ | | |"
echo -e "/_/\_\_| |_| |_|_|(_)___/_| |_|"
echo -e " Version ${VERSION}${Off}\n"
}
detect_root() {
echo -ne "${OkBullet}Checking root... ${Off}"
if [[ $EUID -ne 0 ]]; then
echo -e "${Fail}"
echo -e "${ErrBullet}You need to run this script as root (UID=0).${Off}"
exit 1
fi
echo -e "${Ok}"
}
detect_pipe() {
echo -ne "${OkBullet}Checking script execution... ${Off}"
if [ -p /dev/stdin ]; then
echo -e "${Fail}"
echo -e "${ErrBullet}This script can't be piped! Instead, use the command: ${XMRSH_INSTALL_CMD}${Off}"
exit 1
fi
echo -e "${Ok}"
}
check_deps() {
echo -ne "${OkBullet}Checking and installing dependencies... ${Off}"
# shellcheck disable=SC2068
for pkg in ${DEPENDENCIES[@]}; do
if ! command -v "${pkg}" >>"${XMRSH_LOG_FILE}" 2>&1; then
install_pkg "${pkg}"
check_return $?
fi
done
echo -e "${Ok}"
}
install_pkg() {
# This detects both ubuntu and debian
if grep -q "debian" /etc/os-release; then
apt-get update >>"${XMRSH_LOG_FILE}" 2>&1
apt-get install -y "$1" >>"${XMRSH_LOG_FILE}" 2>&1
elif grep -q "fedora" /etc/os-release || grep -q "centos" /etc/os-release; then
dnf install -y "$1" >>"${XMRSH_LOG_FILE}" 2>&1
else
echo -e "${ErrBullet}Cannot detect your distribution package manager.${Off}"
exit 1
fi
}
detect_curl() {
echo -ne "${OkBullet}Checking curl... ${Off}"
# docker --version >>"${XMRSH_LOG_FILE}" 2>&1 | grep -q "Docker version"
if curl --version >>"${XMRSH_LOG_FILE}" 2>&1; then
echo -e "${Ok}"
else
echo -e "${Nok}"
echo -e "${ErrBullet}Please install curl first.${Off}"
exit 1
fi
}
detect_docker() {
echo -ne "${OkBullet}Checking docker... ${Off}"
# docker --version >>"${XMRSH_LOG_FILE}" 2>&1 | grep -q "Docker version"
if docker --version >>"${XMRSH_LOG_FILE}" 2>&1; then
DOCKER_INSTALLED=true
echo -e "${Ok}"
else
echo -e "${Nok}"
fi
}
detect_docker_compose() {
echo -ne "${OkBullet}Checking docker compose... ${Off}"
#docker-compose --version >>"${XMRSH_LOG_FILE}" 2>&1 | grep -q "Docker Compose version"
if docker-compose --version >>"${XMRSH_LOG_FILE}" 2>&1; then
DOCKER_COMPOSE_INSTALLED=true
echo -e "${Ok}"
else
echo -e "${Nok}"
fi
}
install_docker() {
echo -ne "${OkBullet}Installing docker... ${Off}"
# Docker Installer as provided in
curl -fsSL https://get.docker.com -o - | bash >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
# Fedora and Centos need to enable & start the daemon
if grep -q "fedora" /etc/os-release || grep -q "centos" /etc/os-release; then
systemctl enable docker >>"${XMRSH_LOG_FILE}" 2>&1
systemctl start docker >>"${XMRSH_LOG_FILE}" 2>&1
fi
echo -e "${Ok}"
}
install_docker_compose() {
echo -ne "${OkBullet}Installing compose... ${Off}"
# Install docker-compose binary, even if "docker compose" exists, for consistency.
curl -SL "https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-linux-$(uname -m)" -o /usr/local/bin/docker-compose >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
chmod +x /usr/local/bin/docker-compose >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
echo -e "${Ok}"
}
install_xmrsh() {
echo -ne "${OkBullet}Installing xmr.sh... ${Off}"
if [ ! -d "$XMRSH_DIR" ]; then
git clone -b "${XMRSH_BRANCH}" "${XMRSH_URL}" "${XMRSH_DIR}" >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
pushd "${XMRSH_DIR}" >>"${XMRSH_LOG_FILE}" 2>&1 || return
chown -R "1000:1000" ./data >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
else
echo -e "${Ok}"
echo -e "${ErrBullet}Error: xmr.sh already present in ${XMRSH_DIR}. Run the uninstall script first."
exit 1
fi
echo -e "${Ok}"
}
configure_network() {
echo -e "${OkBullet}Select the desired node network (mainnet, testnet, stagenet)"
PS3=":: Enter a number: "
options=("mainnet" "testnet" "stagenet")
select opt in "${options[@]}"; do
case $opt in
"mainnet")
break
;;
"testnet")
NETWORK="testnet"
sed -i "s/MONEROD_P2P_PORT=.*/MONEROD_P2P_PORT=28080/g" .env
sed -i "/MONEROD_EXTRA_PARAMS/s/$/ --testnet/g" .env
break
;;
"stagenet")
NETWORK="stagenet"
sed -i "s/MONEROD_P2P_PORT=.*/MONEROD_P2P_PORT=38080/g" .env
sed -i "/MONEROD_EXTRA_PARAMS/s/$/ --stagenet/g" .env
break
;;
*) echo "Invalid network choice!" ;;
esac
done
}
configure_tls_domain() {
echo -e "${OkBullet}Enter the desired domain for the Let's Encrypt SSL certificate."
read -r -e -p " Leave empty to use a self signed certificate []: " TLS_DOMAIN
if [ -n "${TLS_DOMAIN}" ]; then
while ! echo "${TLS_DOMAIN}" | grep -qP '(?=^.{5,254}$)(^(?:(?!\d+\.)[a-zA-Z0-9_\-]{1,63}\.?)+(?:[a-zA-Z]{2,})$)'; do
echo -e "${WarnBullet}Domain not valid."
read -r -p " Enter again your desired domain []: " TLS_DOMAIN
done
echo -e "${OkBullet}Enter the desired email for the Let's Encrypt SSL certificate."
read -r -e -p " Enter a valid email. Let's Encrypt validates it! []: " TLS_EMAIL
while ! echo "${TLS_EMAIL}" | grep -qP '^[A-Za-z0-9+._-]+@([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}$'; do
echo -e "${WarnBullet}Email not valid."
read -r -p " Enter again your desired email []: " TLS_EMAIL
done
# Set domain and email address in vars
sed -i "s/DOMAIN=.*/DOMAIN=${TLS_DOMAIN}/g" .env
sed -i "s/TRAEFIK_ACME_EMAIL=.*/TRAEFIK_ACME_EMAIL=${TLS_EMAIL}/g" .env
# Enable LE settings in compose
sed -i '/#!le/s/# //g' docker-compose.yml
sed -i '/#!nole/s/- /# - /g' docker-compose.yml
sed -i "/#\!traefik-command/s/\*traefik-command-nole/\*traefik-command-le/g" docker-compose.yml
fi
}
configure_tls_port() {
echo -e "${OkBullet}Enter the desired TLS/HTTPS port."
read -r -e -p " Leave empty to use the default [443]: " TLS_PORT
if [ -n "${TLS_PORT}" ]; then
while ! echo "${TLS_PORT}" | grep -qP '^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$'; do
echo -e "${WarnBullet}Port not valid."
read -r -p " Enter again your desired port: " TLS_PORT
done
# Set port in vars
sed -i "s/TRAEFIK_TLS_PORT=.*/TRAEFIK_TLS_PORT=${TLS_PORT}/g" .env
else
TLS_PORT="443"
fi
}
configure_pruning() {
echo -e "${OkBullet}Configuring pruning..."
while true; do
read -r -e -p " Do you want to enable blockchain pruning? [y/n]: " yn
case $yn in
[Yy]*)
sed -i "/MONEROD_EXTRA_PARAMS/s/$/ --prune-blockchain/g" .env
break
;;
[Nn]*) break ;;
*) echo " Please answer yes or no." ;;
esac
done
}
configure_cors() {
echo -e "${OkBullet}Configuring CORS..."
while true; do
read -r -e -p " Do you want to enable CORS headers so the node can be used in web apps? [y/n]: " yn
case $yn in
[Yy]*)
sed -i '/#!cors/s/# //g' docker-compose.yml
break
;;
[Nn]*) break ;;
*) echo " Please answer yes or no." ;;
esac
done
}
configure_tor() {
echo -e "${OkBullet}Configuring tor..."
while true; do
read -r -e -p " Do you want to enable a Tor hidden service? [y/n]: " yn
case $yn in
[Yy]*)
sed -i '/#!tor/s/# //g' docker-compose.yml
ENABLE_TOR=true
break
;;
[Nn]*) break ;;
*) echo " Please answer yes or no." ;;
esac
done
}
configure_explorer() {
echo -e "${OkBullet}Configuring explorer..."
while true; do
read -r -e -p " Do you want to enable an explorer service? [y/n]: " yn
case $yn in
[Yy]*)
sed -i '/#!explorer/s/# //g' docker-compose.yml
ENABLE_EXPLORER=true
break
;;
[Nn]*) break ;;
*) echo " Please answer yes or no." ;;
esac
done
}
configure_grafana() {
echo -e "${OkBullet}Configuring grafana..."
while true; do
read -r -e -p " Do you want to enable a grafana monitoring dashboard? [y/n]: " yn
case $yn in
[Yy]*)
ENABLE_GRAFANA=true
sed -i '/#!monero-exporter/s/# //g' docker-compose.yml
sed -i '/#!grafana/s/# //g' docker-compose.yml
sed -i '/#!prometheus/s/# //g' docker-compose.yml
GRAFANA_PASSWORD="$(openssl rand -base64 9 | tr '\/' '-')"
sed -i "s/GF_SECURITY_ADMIN_PASSWORD=.*/GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}/g" .env
break
;;
[Nn]*) break ;;
*) echo " Please answer yes or no." ;;
esac
done
}
configure_watchtower() {
echo -e "${OkBullet}Configuring watchtower..."
while true; do
read -r -e -p " Do you want to enable automatic updates using watchtower? [y/n]: " yn
case $yn in
[Yy]*)
sed -i '/#!watchtower/s/# //g' docker-compose.yml
break
;;
[Nn]*) break ;;
*) echo " Please answer yes or no." ;;
esac
done
}
# get_public_ip() {
# # Using dig:
# # dig +short txt ch whoami.cloudflare @1.0.0.1
# PUBLIC_IP=$(curl -s ifconfig.co)
# }
start_xmrsh() {
echo -ne "${OkBullet}Starting monero node and services... ${Off}"
docker-compose pull >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
docker-compose up -d >>"${XMRSH_LOG_FILE}" 2>&1
check_return $?
if [[ $ENABLE_TOR == true ]]; then
sleep 4
ONION=$(docker logs tor 2>&1 | grep Entrypoint | cut -d " " -f 8)
fi
echo -e "${Ok}"
}
check_return() {
if [ "$1" -ne 0 ]; then
echo -e "${Fail}"
echo -e "${ErrBullet}Installation failed. Check the logs in ${XMRSH_LOG_FILE}${Off}"
exit "$1"
fi
}
completed() {
echo -e "${OkBullet}Deployment complete.${Off}"
PUBLIC_IP=$(curl -4 -s ifconfig.co 2>>"${XMRSH_LOG_FILE}")
if [ -n "$TLS_DOMAIN" ]; then
HOST="${TLS_DOMAIN}"
else
HOST="${PUBLIC_IP}"
fi
if [[ $TLS_PORT == "443" ]]; then
PORT_SUFF=""
else
PORT_SUFF=":${TLS_PORT}"
fi
echo
echo -e " ${Red}┌───────────────────────────────────────────────────────────────────────────[info]──"
echo -e " ${Red}│${Stat} Network: ${StatInfo}${NETWORK}"
echo -e " ${Red}│${Stat} URL: ${StatInfo}https://${HOST}${PORT_SUFF}"
echo -e " ${Red}│${Stat} Public IP: ${StatInfo}${PUBLIC_IP}"
if [ "$ENABLE_TOR" = true ]; then
echo -e " ${Red}│${Stat} Onion Service: ${StatInfo}$ONION"
fi
if [ "$ENABLE_EXPLORER" = true ]; then
echo -e " ${Red}│${Stat} Explorer URL: ${StatInfo}https://${HOST}${PORT_SUFF}/explorer"
fi
if [ "$ENABLE_GRAFANA" = true ]; then
echo -e " ${Red}│${Stat} Grafana URL: ${StatInfo}https://${HOST}${PORT_SUFF}/grafana"
echo -e " ${Red}│${Stat} Grafana user: ${StatInfo}admin"
echo -e " ${Red}│${Stat} Grafana password: ${StatInfo}${GRAFANA_PASSWORD}"
fi
echo -e " ${Red}│${Stat} Project files installed in: ${StatInfo}${XMRSH_DIR}"
echo -e " ${Red}│${Off}"
echo
}
header
detect_root
detect_pipe
check_deps
detect_docker
detect_docker_compose
if [ $DOCKER_INSTALLED = false ]; then
install_docker
install_docker_compose
fi
if [ $DOCKER_INSTALLED = true ] && [ $DOCKER_COMPOSE_INSTALLED = false ]; then
install_docker_compose
fi
install_xmrsh
configure_network
configure_tls_domain
configure_tls_port
# configure_pruning
configure_cors
configure_tor
# Deployment of explorer disabled until it's stable.
# configure_explorer
configure_watchtower
configure_grafana
# configure_lws
start_xmrsh
completed
exit 0