Debian Static IP Configuration – Bitcoin Exchange Script
How to create a PPA in Launchpad and sign a Debian package
Install Bitcoind | CryptoCoins Info Club
Bitcoin Core version 0.19.0.1 released
[IDEA] [PROPOSAL] Monero Debian (deb) packages / Debian package repository deb.getmonero.org (I can do)
I have the skills to implement this if wanted. Possible User Experience This is a proposal, i.e. not implemented yet. Instructions for users, simplified. How to install monero using apt-get Download the repository signing key. wget https://www.getmonero.org/monero.asc Add the signing key. sudo apt-key --keyring /etc/apt/trusted.gpg.d/monero.gpg add ~/monero.asc Add APT repository. echo "deb https://deb.getmonero.org buster main" | sudo tee /etc/apt/sources.list.d/monero.list Update your package lists. sudo apt-get update Install monero. sudo apt-get install monero A few technical implementation details I would simply grab the binaries provided by getmonero.org, download them, check software (gpg) signatures, put these into deb packages, add these to a repository, and upload the repository. What I would not do is creating the binaries during package creation. While this is nice to have, it doesn't help user experience and blocks the progress on reaching this goal. See next chapter. Why simply put the pre-build Monero binaries into a deb package? 1) After bitcoin existing for more than 10 years, being popular and being in Debian unstable (sid) it still never made its way into Debian testing, let alone stable. Reason being explained that a difference in underlying libraries (even just security fixes) during compilation may result in a network split. Binaries compiled during packaging on different versions of Linux distributions might have different libraries that might cause a network fork / chain split. References:
(Note: above website saying Tags: fixed-upstream is probably a mistake as discussion at bottom says.) 2) The github issue of packaging monero stalled. 3) By shipping the same binaries as provided by getmonero.org reduces the chances of introducing a backdoor. Many Options
By adding Monero to Whonix repository, a effort for creating a separate Monero repository could be saved. I.e. instead of deb https://deb.getmonero.org buster main users could do deb https://deb.whonix.org buster main. It's really just about the upload location. By providing DNS, even upload to Whonix server can offer https://deb.getmonero.org.
Either I create the build instructions and source code of this implementation (Debian package and repository creation) the long term maintenance of putting new binaries into updated packages or only create build instructions and source code and someone from Monero team could create the actual deb packages and deb repository.
gpg signed debs. Either gpg signed debs or an apt repository. Or both. Your choice.
I'd start with Debian and perhaps Ubuntu packages for 64bit. Perhaps also 32bit. Potentially I could also do packaging for Feodra based distributions.
Timeline Doable quickly. The electrum (bitcoin) AppImage was recently added to a Debian package (binaries-freedom) by me and is now easily installable in Whonix. Pre-installed in testers version of Whonix already. About Me I am the founder of Whonix, which I am maintaining at present for more than 7 years. Whonix (formerly TorBOX) is a Debian GNU/Linux–based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. You can see an overview of packages I am maintaining on my github profile. To proof that this forum account adrelanos corresponds the same person maintaining whonix.org, it is added here. Questions What happened to, what is the successor of the forum funding system?
Why is does it take so long to shut down an node used only as a JSON-RPC server?
I'm trying to sync a full node that will only be used as a JSON-RPC server (no mining). I tried to modify the config file and added a service unit, so that the node can run in a low-end VPS with minimum RAM and CPU capabilities. The problem is that the server takes too long to stop, and it's terminated by the system, so it always start rewinding blocks that have been already downloaded. Here is my configuration file:
server=1 daemon=1 #debug=mempool debug=rpc # If run on the test network instead of the real bitcoin network # testnet=1 # You must set rpcuser and rpcpassword to secure the JSON-RPC api # Please make rpcpassword to something secure, `5gKAgrJv8CQr2CGUhjVbBFLSj29HnE6YGXvfykHJzS3k` for example. # Listen for JSON-RPC connections on (default: 8332 or testnet: 18332) rpcuser=myuser rpcpassword=pypassword rpcport=8332 # Enable blocks pruning #prune=550 # Limit dbcache=50 maxconnections=4 rpcthreads=2
And the service unit:
# It is not recommended to modify this file in-place, because it will # be overwritten during package upgrades. If you want to add further # options or overwrite existing ones then use # $ systemctl edit bitcoind.service # See "man systemd.service" for details. # Note that almost all daemon options could be specified in # /etc/bitcoin/bitcoin.conf [Unit] Description=Bitcoin daemon After=network.target [Service] ExecStart=/usbin/bitcoind -daemon=0 -datadir=/home/jsonrpc/bitcoin -conf=/home/jsonrpc/bitcoin/settings.conf ExecStop=/usbin/bitcoin-cli -datadir=/home/jsonrpc/bitcoin -conf=/home/jsonrpc/bitcoin/settings.conf stop # Creates /run/bitcoind owned by bitcoin #RuntimeDirectory=/home/jsonrpc/bitcoin WorkingDirectory=/home/jsonrpc/bitcoin User=jsonrpc Group=jsonrpc TimeoutStopSec=15m #CPUQuota=4% #MemoryLimit=128M #IOReadIOPSMax=10 #IOWriteIOPSMax=10 Type=simple #Restart=on-failure # Hardening measures #################### # Provide a private /tmp and /vatmp. PrivateTmp=true # Mount /usr, /boot/ and /etc read-only for the process. ProtectSystem=full # Disallow the process and all of its children to gain # new privileges through execve(). NoNewPrivileges=true # Use a new /dev namespace only populated with API pseudo devices # such as /dev/null, /dev/zero and /dev/random. PrivateDevices=true # Deny the creation of writable and executable memory mappings. # Commented out as it's not supported on Debian 8 or Ubuntu 16.04 LTS #MemoryDenyWriteExecute=true [Install] WantedBy=multi-user.target
bitcoin daemon service gets stuck in the command-line
I modified bitcoin.service like follows
# It is not recommended to modify this file in-place, because it will # be overwritten during package upgrades. If you want to add further # options or overwrite existing ones then use # $ systemctl edit bitcoind.service # See "man systemd.service" for details. # Note that almost all daemon options could be specified in # /etc/bitcoin/bitcoin.conf [Unit] Description=Bitcoin daemon After=network.target [Service] ExecStart=/usbin/bitcoind -daemon -datadir=/home/deploy/.bitcoin -conf=/home/deploy/.bitcoin/bitcoin.conf -pid=/run/bitcoind.pid # Creates /run/bitcoind owned by bitcoin RuntimeDirectory=bitcoind User=deploy Group=deploy Type=forking PIDFile=/run/bitcoind.pid Restart=on-failure # Hardening measures #################### # Provide a private /tmp and /vatmp. PrivateTmp=true # Mount /usr, /boot/ and /etc read-only for the process. ProtectSystem=full # Disallow the process and all of its children to gain # new privileges through execve(). NoNewPrivileges=true # Use a new /dev namespace only populated with API pseudo devices # such as /dev/null, /dev/zero and /dev/random. PrivateDevices=true # Deny the creation of writable and executable memory mappings. # Commented out as it's not supported on Debian 8 or Ubuntu 16.04 LTS #MemoryDenyWriteExecute=true [Install] WantedBy=multi-user.target
so that the settings and data are kept under the user deploy's home directory, the only problem is that when I run the command to start the service, it gets stuck as if it wasn't running in daemon mode. Then I have to enter CTR-C to get the command prompt again.
$ sudo systemctl start bitcoind ^C $ sudo systemctl status bitcoind ● bitcoind.service - Bitcoin daemon Loaded: loaded (/lib/systemd/system/bitcoind.service; disabled; vendor preset: enabled) Active: activating (start) since Thu 2018-10-04 01:45:26 CEST; 25s ago Process: 51145 ExecStart=/usbin/bitcoind -daemon -datadir=/home/deploy/.bitcoin -conf=/home/deploy/.bitcoin/bitcoin.conf -pid=/run/bitcoind.pid (code=exited, status=0/SUCCESS) Tasks: 12 Memory: 578.0M CPU: 14.100s CGroup: /system.slice/bitcoind.service └─51147 /usbin/bitcoind -daemon -datadir=/home/deploy/.bitcoin -conf=/home/deploy/.bitcoin/bitcoin.conf -pid=/run/bitcoind.pid Oct 04 01:45:26 host systemd: Starting Bitcoin daemon... Oct 04 01:45:26 host systemd: bitcoind.service: PID file /run/bitcoind.pid not readable (yet?) after start: No such file or directory
Hello, i think that established DNM vendors should move out from centralized escrow and start their own direct store so loss of funds, LE seizures and exit scams and anonymart seems to fit very well the purpose. The whole point is that these personal vendors seller should be something considered disposable, son even in the case of hack/seizures no money should be lost and noone should be hamred. Starting from this point there is the necessity of these things: 1) Server should be bought anonymously and not linkable to anyone (i'm writing a guide about that) 2) No money or private keys should be stored on the server 3) Payment address should be signed with owner pgp key to prevent payment address substitution via hacking 4) All personal information should be encrypted when stored on the server and deleted as soon as they are not needed As i understand you have implemented 2 and 4 well, while currently 3 can not be implemented because of the payment address generation. I've tried to deploy anonymart on a fresh Debian 7 x64 but i had the following problems: 1) Composer run out of memory on a 512MB VPS. While this can be solved adding swap, this amount of ram is more than enough to run this type of webserver stack. Requiring more just for composer would be stupid, but you can simply add swap creation and deletion to your init/update script. 2) I had multiple troubles with ufw. I haven't understand yet how but it seems to to cut me out on ssh even when in your script it's specifically allowed. 3) Nginx show nothing in the error log but when i access the newly created hidden service it redirect me to /settings/create which outputs just "Whoops, looks like something went wrong." At that point i don't know how to troubleshoot the problem. 4) Are all these php dependencies really needed? What's the transmission composer package for? I fell like this is horrible for security and even worse assuming you have auto-update. Even if one of them is poorly coded, backdoored (or taken over and backdoored later) or anything else all install would be compromised. I understand the concept of 'not reinventing the wheel', but for the reduced features it offers, i feel like there's really too much required. Obviously that's just an opinion, but this list seems pretty huge even removing symfony and laravel components:
Installing fgrosse/php asn1 (1.3.1) Loading from cache
It would also be nice if there were integrated some sort of api, like for example a json list of the products so it would be easy to build a search engine for all anonymart based stores. I'm also working on modifying the init script to harden the server (add a waf, disable unsecure php functions ecc.).
bitcoin-qt - graphical user interface for Bitcoin Core SYNOPSIS¶ bitcoin-qt [command-line options] DESCRIPTION¶ Graphical user interface for Bitcoin Core OPTIONS¶-? Print this help message and exit-alertnotify=<cmd> Execute command when a relevant alert is received or we see a really long fork (%s in cmd is replaced by message) On the Main tab, click Start Bitcoin on system login. Click the Ok button to save the new settings. The next time you login to your desktop, Bitcoin Core GUI should be automatically started as an icon in the tray. If Bitcoin Core GUI does not automatically start, you may need to add it to an .xinit or .xsession file as described here. The minimum supported miniUPnPc API version is set to 10. This keeps compatibility with Ubuntu 16.04 LTS and Debian 8 libminiupnpc-dev packages. Please note, on Debian this package is still vulnerable to CVE-2017-8798 (in jessie only) and CVE-2017-1000494 (both in jessie and in stretch). 0.19.0 change log Consensus Debian Package Creation HowTo. SXI ADMIN. February 12, 2020. 1. Preface. Being responsible for a machine means taking care of the hardware as well as the software components. As seen in every day life as a system administrator it is much better to install software as a software package rather than a bunch of source files. This reduces the costs Bitcoin is a free open source peer-to-peer electronic cash system that: is completely decentralized, without the need for a central server or: trusted parties. Users hold the crypto keys to their own money and: transact directly with each other, with the help of a P2P network to: check for double-spending.. This package provides bitcoin-tx, a
How to Create Debian Package for Python Application
*Ensure you input your current Bitcoin address so all found bitcoins go to your bitcoin address. It does this by creating a Transaction ... Second Stimulus Check Update and Stimulus Package ... Welcome to Debian Package of the Day, where we explore a package from the Debian archives. In today's edition we take a look at toot, a utility that lets interact with a mastodon instance from the ... How To Create Debian Packages Note: Commands here are just for examples. They will NOT run as they are shown here. You have to adapt them to your own needs and system. 1. Create the directory to ... #mkdir debian 3) Create "debian/changelog" file #dch--create 4) Create an empty copyright File #vim debian/copyright 5) Create an empty compat File #vim debian/compat 6) Create an empty rules File ... Take a look at how to build a Debian package from a simple program or script, Debian packages (*.Deb) are easy to share, install and uninstall, they can also automatically add your programs to ...