Stream logs to dashboard for easier debugging.

The partitioning utility doesn't support drives where any partition except sda1 is the main partition.

Noticed that sometimes (especially on the first startup) /v1/bitcoind/status returns { operational: false } even when bitcoind is running and even accessible via bitcoin-cli.

We have an issue currently where there is a discrepancy between dependencies installed by the Umbrel OS image builder and dependencies installed on Umbrel OS via OTA updates.

For example if we move the TTY QR script into getumbrel/umbrel we could easily forget that that OTA update also needs to install the python3-qrcode dependency via apt, otherwise all the OTA updated Umbrels will fail to boot after update.

Likewise if we add a new feature directly in getumbrel/umbrel via OTA that needs a dependency but forget to add it to getumbrel/umbrel-os then existing users will be able to update via OTA and boot fine but the Umbrel OS images will be unbootable.

This worries me a bit as it seems like it would be very easy to miss this stuff without automated E2E testing.

Ideally we'd setup E2E testing but a quick solution now to remove the duplication would be to have a script like ./scripts/umbrel-os/install-dependencies inside getumbrel/umbrel that lists all apt packages, pip3 stuff, or whatever other dependencies we need on Umbrel OS.

Any time we need a new Umbrel OS dependency we add it to that script.

Each OTA update should execute that script.

And also the Umbrel OS image builder should execute that same script.

That gives us one central place to keep track of all dependencies for Umbrel OS.

Our partitioning utility needs to be fixed to support existing Umbrel drives, so even if the user re-flashes Umbrel OS on their SD card, they can continue where they left-off.

Can't find the old issue but this is still the case right now where if the SD card is reflashed there is a chance the install is st

I've experienced this and have seen it pop up on our telegram a few times.

Notes

• Affects "Umbrel OS v0.0.4-beta.4", but will check master too and see if this is still the case

Add a note about default prune size (550) to readme and how to change it.

Furthermore we could look at putting this into the configure script also.

We need a way for the users to reliably update their umbrel node over-the-air.

Whenever a new release of umbrel-compose is made, it should prompt the user on his dashboard about the new update, and should only install the update after the user explicitly confirms.

The update prompt should also include a changelog listing all the changes.

My experience with mender.io didn't bear much fruit in this regard, as mender only allows a maximum of 24 hours for the update to be deployed on a device after it's been released (as their product is focused on IoT devices and not end-user interactive devices).

Nonetheless, the update scripts that I wrote when testing mender's update module can still very much be used by our custom solution.

If there is no drives connected and not enough space there needs to be pruning again.

It would be awesome if some user of myNode or Raspiblitz could migrate to Umbrel, in a simple process while keeping all relevant data, (blockchain and LN channels)

For security purposes Move and test services out without host networking.

Only services which should have external access are:

• bitcoind port 8333
• lnd port 9735
• nginx port 80

What needs to happen:

• LND v0.10.0 upgraded
• Tor container
• Generate tor passwords and write to lnd config file

Allow the configuration script to be run multiple times so it can re-configure stuff instead of being a one-time deal.

Whenever I try to do the docker compose up section of the docs, it fails with the following text:

I'm running these exact commands:

curl "https://raw.githubusercontent.com/getumbrel/umbrel/v0.1.5-beta/install-box.sh" | sh
sudo ./configure-box.sh
sudo docker-compose up -d

Creating dashboard ... done
Creating nginx     ... 
Creating manager   ... error
Creating nginx     ... done
ERROR: for manager  Cannot create container for service manager: invalid volume specification: '.:.:rw': invalid mount config for type "volume": invalid mount path: '.' mount path must be absolute

ERROR: for manager  Cannot create container for service manager: invalid volume specification: '.:.:rw': invalid mount config for type "volume": invalid mount path: '.' mount path must be absolute
ERROR: Encountered errors while bringing up the project.

Testnet and regtest modes would really help to quickly set up and try out new clean installations for development and testing purposes.

Currently it is UID=0

Rollback update by recovering from the backup directory in case there's an error during the OTA update, or a power/network failure.

Issue

• The user cannot start using his lightning or bitcoin wallet until bitcoind has fully synchronized. This adds a lot of friction due to the long delay, creating a very frustrating experience.

• If bitcoind lags behind for some reason, such as when the user had his node turned off for a few days/weeks, the same problem reoccurs.

Solution

Neutrino filters can solve this problem. We need an automatic, recurring way to switch lnd's bitcoin mode to neutrino from bitcoind as soon as bitcoind lags behind by a certain number of blocks from its best header.

Ideas

Perhaps it's a good idea to create a new service that runs 24x7 via a container called lnd-switch that uses the following environment variables:

BITCOIN_HOST: "0.0.0.0"
BITCOIN_RPC_PORT: "8332"
BITCOIN_RPC_USER: "umbrel"
BITCOIN_RPC_PASSWORD: "1234567890"
LND_CONFIG_FILE: "/home/umbrel/lnd/lnd.conf"
SWITCH_TO_NEUTRINO: "144" (switch to neutrino when bitcoind is *at least* 144 blocks behind)
SWITCH_TO_BITCOIND: "3" (switch to bitcoind when bitcoind is *at max* 3 blocks behind)

Considering the above example variables, lnd-switch will update the bitcoin node in LND_CONFIG_FILE from bitcoin.node=bitcoind to bitcoin.node=neutrino as soon as bitcoind's headers - blocks >= 144 and update it from bitcoin.node=neutrino to bitcoin.node=bitcoind as soon as bitcoind's headers - blocks <= 3. It also needs a way to restart the lnd container after every config file change.

I'm not sure if this is the right approach or not. If it is, then lnd-switch can be a tiny FOSS project on its own that (I think) many more people will find useful.

cc @nolim1t @meeDamian

Tried running the latest release on a brand new SSD with no partitions.

Logs of umbrel-external-storage.service:

Aug 15 11:35:43 umbrel systemd[1]: Starting External Storage Mounter...
Aug 15 11:35:43 umbrel external storage mounter[378]: Running external storage mount script...
Aug 15 11:35:43 umbrel external storage mounter[378]: Found device "External USB3.0"
Aug 15 11:35:43 umbrel external storage mounter[378]: Checking if device contains an Umbrel install...
Aug 15 11:35:43 umbrel external storage mounter[378]: mount: /mnt/data: special device /dev/sda1 does not exist.
Aug 15 11:35:43 umbrel systemd[1]: umbrel-external-storage.service: Main process exited, code=exited, status=32/n/a
Aug 15 11:35:43 umbrel systemd[1]: umbrel-external-storage.service: Failed with result 'exit-code'.

SSD's partition table:

umbrel@umbrel:~ $ lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda           8:0    0 931.5G  0 disk 

Tried to debug an Umbrel for a friend over TeamViewer. It wouldn't start, so I checked the rc.local status for any errors and found this:

He used a brand new SSD, so it had no partition (no sda1, only sda).

Neutrino switcher has RPC username hardcoded which is why it doesn't work with the new release of Umbrel. It should accept the RPC username from an env variable.

Proposal

Update neutrino-switcher's logic to create a more general-purpose utility (called tip-top?) that removes IBD optimizations once the sync is complete.

What it needs to do:

• Enable Tor in bitcoin.conf (should be disabled by-default otherwise IBD will end up taking forever)
• Reduce dbcache in bitcoin.conf to the default 300mb
• Disable blocksonly in bitcoin.conf
• Switch lnd's backend from neutrino to bitcoind

Update partitioner to store Tor data directory on /mnt/ext.

Posted by @shawnyeager on our Telegram:

If script 01-run.sh fails for some reason, 03-run.sh prunes currently used Docker images :(

We should bring the pruning logic to script 01-run.sh (right after the new containers are started) so we know for sure that the pruned images are definitely going to be the ones that aren't being used.

Hi,
I just setup umbrel with the provided documentation on a spare pc to test it out. Was a bit shocked that i did not see any HTTPS encryption. Did i do something wrong?
Reason for this is i also run Tor relay nodes and if a user connects to the provisioned tor adress the pw is sent in cleartext....

Can some one point me in the right direction what i did miss? because if this is by design (beta) no one should put any funds on it even for testing purposes.

Because of #115, we need to manually bind mount the SD card root at /sd-root, or else the SD card Umbrel installation won't be upgraded. In future releases, the updated mount script will take care of doing that.

Especially when the IBD is in progress. Need to increase the http timeout from the default 60s to 120s using Umbrel OS-specific environment variables.

Try the following hosts (mainnet)

024800ef3df70dc53bd2182dbe913a7abf8c0cb655fcc6ac494dfd250c0b74244f@n3k54z5gwxsv3nndkqwhhkcsyqilv6vrpqo4e3lzq6pkqb65xj3txjad.onion:9735

027cf9967a2d79631c665417b363d7113764bdede6c7bc21897062655448cd3581@flh6m6hd4wg4o2e5bfdelg4cobvsmcp5cxftaujsvwou5wg5iuwe5wad.onion:9735

Just use nc -x localhost:9050 onionname 9735 to test the connections, and they seem to fail

I guess if this doesn't work we might have to revert back to host networking.

Reproducing Information

LND

1. Install and configure docker-compose framework
2. Remove all the other services in docker-compose.yml so we just sync up lnd (and tor obviously)
3. Try to connect to the LND from another server

Bitcoind

1. Install and configure docker-compose framework
2. Remove all services except for bitcoind and tor
3. Grab the tor host docker exec -it bitcoin bitcoin-cli getnetworkinfo
4. Try to connect to the tor host using nc -x localhost:9050 -vz onionaddress port on another host

Situation

When running a node it is expected that channels stay open and that LND actually monitors them (right now theres no watchtowers). This allows for our umbrel network to actively route payments to each other.

Solution

• Have an option with a warning about enabling the lnd unlock functionality
• Use the lnd-unlock container. The container does not do anything if the unlock password file doesn't exist.

It makes it easier to manage and doesn't clutter the filesystem unnecessarily.

Set DEVICE_HOST to http://<device-ip> to allow users to access their Umbrel on their device's IP address.

wrong repository, meant to be posted in umbrel-os

Add database directories used by https://github.com/getumbrel/umbrel-manager to store user password, encrypted seed, JWT public/private key, etc.

Unlocking wallet is handled by https://github.com/getumbrel/umbrel-manager now

Create a 2GB swapfile on the SSD after the mount. This is crucial for low-RAM devices such as RPi 3 and RPi 4 /w 2GB RAM or else bitcoin crashes during the sync.

Don't let karen spawn multiple copies of herself. One karen is more than enough to handle.

configure-box.sh should add RPC_USER and RPC_PASSWORD to the middleware service in docker-compose.yml.

middleware:
                image: getumbrel/middleware:v0.0.5
                depends_on: [ bitcoin, lnd ]
                logging: *default-logging
                restart: on-failure
                network_mode: host
                volumes:
                    - "${HOME}/lnd:/lnd"
                environment:
                    BITCOIN_HOST: "0.0.0.0"
                    RPC_PORT: "8332"
                    RPC_USER: "<bitcoind rpc username here>"
                    RPC_PASSWORD: "<bitcoind rpc password here>"
                    LND_NETWORK: "mainnet"
                    LND_HOST: "127.0.0.1"

UID 1000 is hardcoded everywhere for permissions stuff. Docker containers run rootless with UID 1000. Probably not worth supporting non-1000 UID atm but should make it clear in the docs.

So that if someone re-flashes Umbrel OS that has the latest version of Umbrel, they can run that version instead of the older version on their SSD.

The current bitcoind and lnd images we use are alpine-based, and we have not run into any issues...

...yet.

Be careful using Alpine, I wouldn't recommend it for mission critical stuff like Bitcoin
It's uses musl instead of glibc, so lots of software requires patching to compile properly, so then you're using non-standard untested software. Even if software compiles without patching, you can't be sure subtle libc differences won't have significant effects on runtime behaviour.

Maybe the next block hits some strange edge case that triggers a libc bug or one of your patches which effects consensus and you end up on a fork, maybe not an issue if you're just using it for testing but is a big issue if it's used in Umbrel and all Umbrel users get forked off.

The ~100MB you save is not worth the potential headaches it can cause, especially when the core of your system is a 300GB database lol.

Also consider theres a vuln in some 3rd party package, who do you thinks gonna patch it and update their repositories first, a huge project like Debian or a relatively much smaller project like Alpine.

musl is superior to glibc in theory, but in practise until most software is developed and tested against musl you're just asking for issues.

The fact that most distros ship glibc means people generally only develop/test for glibc which means compiling that code against musl could result in unpredictable behaviour.

- As penned down by @lukechilds in the team chat

Going forward, let's look into switching to ubuntu or debian-based bitcoind and lnd images, and also do a performance benchmark test comparing bitcoin sync performance on an alpine container vs an ubuntu/debian container.

When checking for $UMBREL_EXTERNAL_ROOT/.umbrel, we should first check if the partition is ext4, and if not, nuke it.

Encrypt and store channel.backup along with db/user.json on Umbrel's server for seamless recovery.

Add https://github.com/getumbrel/umbrel-manager container service to docker-compose.yml

When umbrel-dashboard polls for shutdown status, it pings umbrel-manager to determine if the system is up or not. However, if nginx shuts down before umbrel-manager, umbrel-dashboard's request can't make it, and it thus sends a false positive that the system has shut down.

I propose that we move as much as possible the fixed configurable items (environment variables) to config/ (example please discuss) and use env_file directive instead.

That way upgrades are less painful to script.