mempool/install

#!/usr/local/bin/zsh
set -e
echo -n "Initializing..."

case `uname -s` in
    FreeBSD)
            OS=FreeBSD
        ;;
    Linux)
        if [ "$(grep -Ei 'debian|buntu|mint' /etc/*release)" ]; then
            OS=Debian
        else
            echo "Your distribution of Linux is not yet supported by this installation script"
            exit 1
        fi
        ;;
    *)
        echo "Unsupported OS"
        exit 1
        ;;
esac

########################################
##### mempool installation options #####
########################################

# tor onion and clearnet hostname
TOR_INSTALL=true
CERTBOT_INSTALL=true

# install 3 network daemons
BITCOIN_INSTALL=true
BISQ_INSTALL=true
ELEMENTS_INSTALL=true

# configure 4 network instances
BITCOIN_MAINNET_ENABLE=true
BITCOIN_TESTNET_ENABLE=true
BISQ_MAINNET_ENABLE=true
ELEMENTS_LIQUID_ENABLE=true

# enable lightmode and disable compaction to fit on 1TB SSD drive
BITCOIN_ELECTRS_LIGHT_MODE=true
BITCOIN_ELECTRS_COMPACTION=false
ELEMENTS_ELECTRS_LIGHT_MODE=true
ELEMENTS_ELECTRS_COMPACTION=false

# automaitcally configure firewall
FIREWALL_CONFIGURE=true

############
# probe OS #
############

HOSTNAME=$(hostname)

# get newest zpool if using zfs
ZPOOL=""
[ "${OS}" = FreeBSD ] && ZPOOL=$(zpool list -H|tail -1|cut -f 1)

MD5=md5sum
[ "${OS}" = FreeBSD ] && MD5=md5

##################################################
##### P2P / RPC / HTTP network communication #####
##################################################

# used for bisq and firewall configuration
BITCOIN_MAINNET_P2P_HOST=127.0.0.1
BITCOIN_MAINNET_P2P_PORT=8333
# used for RPC communication
BITCOIN_MAINNET_RPC_HOST=127.0.0.1
BITCOIN_MAINNET_RPC_PORT=8332
# generate random hex string
BITCOIN_MAINNET_RPC_USER=$(head -150 /dev/urandom | ${MD5} | awk '{print $1}')
BITCOIN_MAINNET_RPC_PASS=$(head -150 /dev/urandom | ${MD5} | awk '{print $1}')

# used for firewall configuration
BITCOIN_TESTNET_P2P_HOST=127.0.0.1
BITCOIN_TESTNET_P2P_PORT=18333
# used for RPC communication
BITCOIN_TESTNET_RPC_HOST=127.0.0.1
BITCOIN_TESTNET_RPC_PORT=18332
# generate random hex string
BITCOIN_TESTNET_RPC_USER=$(head -150 /dev/urandom | ${MD5} | awk '{print $1}')
BITCOIN_TESTNET_RPC_PASS=$(head -150 /dev/urandom | ${MD5} | awk '{print $1}')

# used by bisq to receive notifications from bitcoind about new blocks
BISQ_BLOCKNOTIFY_HOST=127.0.0.1
BISQ_BLOCKNOTIFY_PORT=5120

# used for firewall configuration
ELEMENTS_LIQUID_P2P_HOST=127.0.0.1
ELEMENTS_LIQUID_P2P_PORT=7042
# used for RPC communication
ELEMENTS_LIQUID_RPC_HOST=127.0.0.1
ELEMENTS_LIQUID_RPC_PORT=7041
# generate random hex string
ELEMENTS_LIQUID_RPC_USER=$(head -150 /dev/urandom | ${MD5} | awk '{print $1}')
ELEMENTS_LIQUID_RPC_PASS=$(head -150 /dev/urandom | ${MD5} | awk '{print $1}')

# set either socket or TCP host/port, not both
#ELECTRS_MAINNET_HTTP_SOCK=/tmp/bitcoin.mainnet.electrs
ELECTRS_MAINNET_HTTP_HOST=127.0.0.1
ELECTRS_MAINNET_HTTP_PORT=3000

# set either socket or TCP host/port, not both
#ELECTRS_TESTNET_HTTP_SOCK=/tmp/bitcoin.testnet.electrs
ELECTRS_TESTNET_HTTP_HOST=127.0.0.1
ELECTRS_TESTNET_HTTP_PORT=3002

# set either socket or TCP host/port, not both
#ELECTRS_LIQUID_HTTP_SOCK=/tmp/elements.liquid.electrs
ELECTRS_LIQUID_HTTP_HOST=127.0.0.1
ELECTRS_LIQUID_HTTP_PORT=3001

# set either socket or TCP host/port, not both
#MEMPOOL_MAINNET_HTTP_SOCK=/tmp/bitcoin.mainnet.mempool
MEMPOOL_MAINNET_HTTP_HOST=127.0.0.1
MEMPOOL_MAINNET_HTTP_PORT=8999

# set either socket or TCP host/port, not both
#MEMPOOL_TESTNET_HTTP_SOCK=/tmp/bitcoin.testnet.mempool
MEMPOOL_TESTNET_HTTP_HOST=127.0.0.1
MEMPOOL_TESTNET_HTTP_PORT=8997

# set either socket or TCP host/port, not both
#MEMPOOL_BISQ_HTTP_SOCK=/tmp/bitcoin.bisq.mempool
MEMPOOL_BISQ_HTTP_HOST=127.0.0.1
MEMPOOL_BISQ_HTTP_PORT=8996

# set either socket or TCP host/port, not both
#MEMPOOL_LIQUID_HTTP_SOCK=/tmp/elements.liquid.mempool
MEMPOOL_LIQUID_HTTP_HOST=127.0.0.1
MEMPOOL_LIQUID_HTTP_PORT=8998

##### OS options, should be automatically detected

# where systemd services get installed
DEBIAN_SERVICE_HOME=/etc/systemd/system
# where environment variables for services are set
DEBIAN_ENV_HOME=/etc/default

# mempool data folder and user/group
MEMPOOL_HOME=/mempool
MEMPOOL_USER=mempool
MEMPOOL_GROUP=mempool
# name of Tor hidden service in torrc
MEMPOOL_TOR_HS=mempool

# bitcoin user/group
BITCOIN_USER=bitcoin
BITCOIN_GROUP=bitcoin
# bitcoin core data folder, needs about 300GB
BITCOIN_HOME=/bitcoin

# bitcoin testnet data
BITCOIN_TESTNET_DATA=${BITCOIN_HOME}/testnet3
# bitcoin electrs source/binaries
BITCOIN_ELECTRS_HOME=${BITCOIN_HOME}/electrs

# electrs database root
ELECTRS_DATA_ROOT=/electrs
# bitcoin electrs data, needs about 350GB, and uses double that during compaction
ELECTRS_MAINNET_ZPOOL=${ZPOOL}
ELECTRS_MAINNET_DATA=${ELECTRS_DATA_ROOT}/mainnet
# bitcoin testnet electrs database, only a few GB
ELECTRS_TESTNET_ZPOOL=${ZPOOL}
ELECTRS_TESTNET_DATA=${ELECTRS_DATA_ROOT}/testnet
# liquid electrs data, needs about 5GB
ELECTRS_LIQUID_ZPOOL=${ZPOOL}
ELECTRS_LIQUID_DATA=/electrs

# bisq user/group
BISQ_USER=bisq
BISQ_GROUP=bisq
# bisq home folder, needs about 1GB
BISQ_HOME=/bisq

# liquid user/group
ELEMENTS_USER=elements
ELEMENTS_GROUP=elements
# liquid home/data/blockchain folder, needs about 10GB
ELEMENTS_HOME=/elements
# elements electrs source/binaries
ELEMENTS_ELECTRS_HOME=${ELEMENTS_HOME}/electrs

# tor package from apt-get or pkg
TOR_PKG=tor
# tor user/group
TOR_USER=debian-tor
TOR_GROUP=debian-tor

NGINX_CONFIGURATION=/etc/nginx/nginx.conf

TOR_HOME=/etc/tor
TOR_CONFIGURATION=/etc/tor/torrc
TOR_RESOURCES=/var/lib/tor

ROOT_USER=root
ROOT_GROUP=root
ROOT_HOME=/root

##### git repo settings, shouldn't need changing

MEMPOOL_REPO_URL=https://github.com/mempool/mempool
MEMPOOL_REPO_NAME=mempool
MEMPOOL_REPO_BRANCH=master
MEMPOOL_LATEST_RELEASE=master

BITCOIN_REPO_URL=https://github.com/bitcoin/bitcoin
BITCOIN_REPO_NAME=bitcoin
BITCOIN_REPO_BRANCH=master
#BITCOIN_LATEST_RELEASE=$(curl -s https://api.github.com/repos/bitcoin/bitcoin/releases/latest|grep tag_name|head -1|cut -d '"' -f4)
BITCOIN_LATEST_RELEASE=master
echo -n '.'

BISQ_REPO_URL=https://github.com/bisq-network/bisq
BISQ_REPO_NAME=bisq
BISQ_REPO_BRANCH=master
#BISQ_LATEST_RELEASE=$(curl -s https://api.github.com/repos/bisq-network/bisq/releases/latest|grep tag_name|head -1|cut -d '"' -f4)
BISQ_LATEST_RELEASE=master
echo -n '.'

ELEMENTS_REPO_URL=https://github.com/ElementsProject/elements
ELEMENTS_REPO_NAME=elements
ELEMENTS_REPO_BRANCH=master
#ELEMENTS_LATEST_RELEASE=$(curl -s https://api.github.com/repos/ElementsProject/elements/releases/latest|grep tag_name|head -1|cut -d '"' -f4)
ELEMENTS_LATEST_RELEASE=master
echo -n '.'

BITCOIN_ELECTRS_REPO_URL=https://github.com/mempool/electrs
BITCOIN_ELECTRS_REPO_NAME=electrs
BITCOIN_ELECTRS_REPO_BRANCH=new-index
BITCOIN_ELECTRS_LATEST_RELEASE=new-index

ELEMENTS_ELECTRS_REPO_URL=https://github.com/mempool/electrs
ELEMENTS_ELECTRS_REPO_NAME=electrs
ELEMENTS_ELECTRS_REPO_BRANCH=new-index
ELEMENTS_ELECTRS_LATEST_RELEASE=new-index

#######################
##### OS packages #####
#######################

# package needed for just certbot test before full install
FREEBSD_CERTBOT_PKG=py37-certbot
DEBIAN_CERTBOT_PKG=python-certbot

# packages needed for mempool ecosystem
DEBIAN_PKG=()
DEBIAN_PKG+=(zsh vim curl screen openssl python3)
DEBIAN_PKG+=(build-essential git git-lfs clang cmake)
DEBIAN_PKG+=(autotools-dev autoconf automake pkg-config bsdmainutils)
DEBIAN_PKG+=(libevent-dev libdb-dev libssl-dev libtool-dev autotools-dev)
DEBIAN_PKG+=(libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev)
DEBIAN_PKG+=(nodejs npm mariadb-server nginx-core python-certbot-nginx rsync ufw)

# packages needed for mempool ecosystem
FREEBSD_PKG=()
FREEBSD_PKG+=(zsh sudo git screen vim-console curl wget calc neovim)
FREEBSD_PKG+=(openssh-portable open-vm-tools-nox11 py27-pip py37-pip)
FREEBSD_PKG+=(boost-libs autoconf automake gmake gcc libevent libtool pkgconf)
FREEBSD_PKG+=(node npm nginx rsync py37-certbot-nginx mariadb-server)

#############################
##### utility functions #####
#############################

osSudo()
{
    SUDO_USER=$1
    shift
    case $OS in
        FreeBSD)
            sudo -H -i -u "${SUDO_USER}" $*
            ;;
        Debian)
            sudo -H -i -u "${SUDO_USER}" $*
            ;;
    esac
}

osPackageUpdate()
{
    echo "[*] Updating OS sources"
    case $OS in
        FreeBSD)
            osSudo "${ROOT_USER}" pkg update -y
            ;;
        Debian)
            osSudo "${ROOT_USER}" DEBIAN_FRONTEND=noninteractive apt-get update -q
            ;;
    esac
}

osPackageUpgrade()
{
    echo "[*] Upgrading OS packages $*"
    case $OS in
        FreeBSD)
            osSudo "${ROOT_USER}" pkg upgrade -y $*
            ;;
        Debian)
            osSudo "${ROOT_USER}" DEBIAN_FRONTEND=noninteractive apt-get upgrade -qq -y $*
            ;;
    esac
}

osPackageInstall()
{
    echo "[*] Installing OS packages $*"
    case $OS in
        FreeBSD)
            osSudo "${ROOT_USER}" pkg install -y $*
            ;;
        Debian)
            osSudo "${ROOT_USER}" DEBIAN_FRONTEND=noninteractive apt-get install -qq -y $*
            ;;
    esac
}

osPackageInstallAll()
{
    case $OS in
        FreeBSD)
            osPackageInstall ${FREEBSD_PKG[@]}
            ;;
        Debian)
            osPackageInstall ${DEBIAN_PKG[@]}
            ;;
    esac
}

osUserCreate()
{
    case $OS in
        FreeBSD)
            osSudo "${ROOT_USER}" pw useradd $*
            ;;
        Debian)
            osSudo "${ROOT_USER}" useradd $*
            ;;
    esac
}

osCertbotDryRun()
{
    if [ ! -z "${HOSTNAME}" ];then
        case $OS in
            FreeBSD)
                osPackageInstall "${FREEBSD_PKG_CERTBOT}"
                ;;
            Debian)
                osPackageInstall "${DEBIAN_PKG_CERTBOT}"
                ;;
        esac

        certbot certonly --dry-run --standalone --agree-tos --register-unsafely-without-email -d "${HOSTNAME}"
    fi
}

zfsCreateFilesystems()
{
    zfs create -o "mountpoint=${ELEMENTS_HOME}" "${ZPOOL}/elements"
    zfs create -o "mountpoint=${BITCOIN_HOME}" "${ZPOOL}/bitcoin"
    zfs create -o "mountpoint=${ELECTRS_HOME}" "${ZPOOL}/electrs"

    zfs create -o "mountpoint=${ELEMENTS_HOME}/liquidv1" "${ZPOOL}/elements/liquidv1"
    zfs create -o "mountpoint=${ELEMENTS_ELECTRS_HOME}" "${ZPOOL}/elements/electrs"

    # Bitcoin Mainnet
    zfs create -o "mountpoint=${BITCOIN_HOME}/chainstate" "${ZPOOL}/bitcoin/chainstate"
    zfs create -o "mountpoint=${BITCOIN_HOME}/indexes" "${ZPOOL}/bitcoin/indexes"
    zfs create -o "mountpoint=${BITCOIN_HOME}/blocks" "${ZPOOL}/bitcoin/blocks"

    # Bitcoin Testnet
    zfs create -o "mountpoint=${BITCOIN_TESTNET_DATA}" "${ZPOOL}/bitcoin/testnet"
    zfs create -o "mountpoint=${BITCOIN_TESTNET_DATA}/blocks" "${ZPOOL}/bitcoin/testnet/blocks"
    zfs create -o "mountpoint=${BITCOIN_TESTNET_DATA}/chainstate" "${ZPOOL}/bitcoin/testnet/chainstate"
    zfs create -o "mountpoint=${BITCOIN_TESTNET_DATA}/indexes" "${ZPOOL}/bitcoin/testnet/indexes"

    zfs create -o "mountpoint=${BITCOIN_ELECTRS_HOME}" "${ZPOOL}/bitcoin/electrs"

    # electrs mainnet data
    if [ "${BITCOIN_MAINNET_ENABLE}" = true ];then
        zfs create -o "mountpoint=${ELECTRS_MAINNET_DATA}" "${ELECTRS_MAINNET_ZPOOL}/electrs/mainnet"
        for folder in cache history txstore
        do
            zfs create -o "mountpoint=${ELECTRS_MAINNET_DATA}/mainnet/newindex/${folder}" "${ELECTRS_MAINNET_ZPOOL}/electrs/mainnet/${folder}"
        done
    fi

    # electrs testnet data
    if [ "${BITCOIN_TESTNET_ENABLE}" = true ];then
        zfs create -o "mountpoint=${ELECTRS_TESTNET_DATA}" "${ELECTRS_TESTNET_ZPOOL}/electrs/testnet"
        for folder in cache history txstore
        do
            zfs create -o "mountpoint=${ELECTRS_TESTNET_DATA}/testnet/newindex/${folder}" "${ELECTRS_TESTNET_ZPOOL}/electrs/testnet/${folder}"
        done
    fi

    # electrs liquid data
    if [ "${ELEMENTS_LIQUID_ENABLE}" = true ];then
        zfs create -o "mountpoint=${ELECTRS_LIQUID_DATA}" "${ELECTRS_LIQUID_ZPOOL}/electrs/liquid"
        for folder in cache history txstore
        do
            zfs create -o "mountpoint=${ELECTRS_LIQUID_DATA}/liquid/newindex/${folder}" "${ELECTRS_LIQUID_ZPOOL}/electrs/liquid/${folder}"
        done
    fi

    if [ "${BISQ_INSTALL}" = true ];then
        zfs create -o "mountpoint=${BISQ_HOME}" "${ZPOOL}/bisq"
    fi

    zfs create -o "mountpoint=/mempool" "${ZPOOL}/mempool"
    zfs create -o "mountpoint=/mysql" "${ZPOOL}/mysql"
}

##### Perform sanity checks before trying anything

# what OS running, what FS partitions, etc.
# how much free disk space available?
# is something listening on port 80 already?
# is nginx or apache running?

##### Determine what actually needs to be installed

# does bitcoin exist?

# dialog

: ${DIALOG=dialog}

: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255}

: ${SIG_NONE=0}
: ${SIG_HUP=1}
: ${SIG_INT=2}
: ${SIG_QUIT=3}
: ${SIG_KILL=9}
: ${SIG_TERM=15}

input=`tempfile 2>/dev/null` || input=/tmp/input$$
output=`tempfile 2>/dev/null` || output=/tmp/test$$
trap "rm -f $input $output" $SIG_NONE $SIG_HUP $SIG_INT $SIG_TRAP $SIG_TERM


case "x$DIALOGOPTS" in
*--no-items*|*--noitem*)
	CUT="cut -d: -f1,3"
	;;
*)
	CUT="cat"
	;;
esac

$CUT >$input <<-EOF
	Apple:It's an apple.:off
	Dog:No, that's not my dog.:ON
	Orange:Yeah, that's juicy.:off
	Chicken:Normally not a pet.:off
	Cat:No, never put a dog and a cat together!:oN
	Fish:Cats like fish.:On
	Lemon:You know how it tastes.:on
EOF
cat $input | sed -e 's/^/"/' -e 's/:/" "/g' -e 's/$/"/' >$output
cat $output >$input

$DIALOG --backtitle "No Such Organization" \
	--title "CHECKLIST BOX" "$@" \
        --checklist "Hi, this is a checklist box. You can use this to \n\
present a list of choices which can be turned on or \n\
off. If there are more items than can fit on the \n\
screen, the list will be scrolled. You can use the \n\
UP/DOWN arrow keys, the first letter of the choice as a \n\
hot key, or the number keys 1-9 to choose an option. \n\
Press SPACE to toggle an option on/off. \n\n\
  Which of the following are fruits?" 20 61 5 \
	--file $input 2> $output

retval=$?

tempfile=$output
case $retval in
  $DIALOG_OK)
    echo "Result: `cat $tempfile`";;
  $DIALOG_CANCEL)
    echo "Cancel pressed.";;
  $DIALOG_HELP)
    echo "Help pressed: `cat $tempfile`";;
  $DIALOG_EXTRA)
    echo "Extra button pressed.";;
  $DIALOG_ITEM_HELP)
    echo "Item-help button pressed: `cat $tempfile`";;
  $DIALOG_ESC)
    if test -s $tempfile ; then
      cat $tempfile
    else
      echo "ESC pressed."
    fi
    ;;
esac

DIALOG_ERROR=254
export DIALOG_ERROR

backtitle="Mempool Fullnode Installer"
returncode=0

while test $returncode != 1 && test $returncode != 250
do
exec 3>&1
value=`$DIALOG --ok-label "Submit" \
	  --backtitle "$backtitle" "$@" \
	  --form "Your fullnode will be installed as follows:" \
20 60 0 \
	"Hostname:" 1 1	"$HOSTNAME" 1 10 40 0 \
	"UID:"      2 1	"$uid"      2 10  8 0 \
	"GID:"      3 1	"$gid"      3 10  8 0 \
	"HOME:"     4 1	"$home"     4 10 40 0 \
2>&1 1>&3`
returncode=$?
exec 3>&-

show=`echo "$value" |sed -e 's/^/	/'`

	case $returncode in
	$DIALOG_CANCEL)
		"$DIALOG" \
		--clear \
		--backtitle "$backtitle" \
		--yesno "Really quit?" 10 30
		case $? in
		$DIALOG_OK)
			break
			;;
		$DIALOG_CANCEL)
			returncode=99
			;;
		esac
		;;
	$DIALOG_OK)
		"$DIALOG" \
		--clear \
		--backtitle "$backtitle" --no-collapse --cr-wrap \
		--msgbox "Resulting data:\n\
$show" 10 40
		;;
	$DIALOG_ERROR)
		echo "ERROR!$value"
		exit
		;;
	$DIALOG_ESC)
		echo "ESC pressed."
		exit
		;;
	*)
		echo "Return code was $returncode"
		exit
		;;
	esac
done



############################
# START DOING ACTUAL STUFF #
############################

date
echo "[*] Mempool installation script for ${OS}"

set
exit 0

###################################
# create filesystems if necessary #
###################################

###############################
# Install all the OS packages #
###############################

osPackageUpdate
osPackageUpgrade
osPackageInstallAll

##########################
# Mempool top-level repo #
##########################

echo "[*] Creating Mempool user with Tor access"
osUserCreate -d "${MEMPOOL_HOME}" -g "${MEMPOOL_GROUP}" -G "${TOR_GROUP}" "${MEMPOOL_USER}"
id "${MEMPOOL_USER}"
echo "[*] Creating Mempool data folder"
osSudo "${ROOT_USER}" mkdir -p "${MEMPOOL_HOME}"
osSudo "${ROOT_USER}" chown "${MEMPOOL_USER}:${MEMPOOL_GROUP}" "${MEMPOOL_HOME}"
echo "[*] Cloning Mempool repo from ${MEMPOOL_REPO_URL}"
osSudo "${MEMPOOL_USER}" git config --global advice.detachedHead false
osSudo "${MEMPOOL_USER}" git clone --branch "${MEMPOOL_REPO_BRANCH}" "${MEMPOOL_REPO_URL}" "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}"

####################
# Tor installation #
####################

if [ "${TOR_INSTALL}" = true ];then

    echo "[*] Installing Tor package"
    osPackageInstall "${TOR_PKG}"

    echo "[*] Installing Tor base configuration"
    osSudo "${ROOT_USER}" install -c -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/torrc" "${TOR_HOME}/torrc"

    echo "[*] Adding Tor HS configuration"
    if ! grep "${MEMPOOL_TOR_HS}" /etc/tor/torrc >/dev/null 2>&1;then
        osSudo "${ROOT_USER}" /bin/sh -c "echo HiddenServiceDir ${TOR_RESOURCES}/${MEMPOOL_TOR_HS}/ >> ${TOR_CONFIGURATION}"
        osSudo "${ROOT_USER}" /bin/sh -c "echo HiddenServicePort 80 127.0.0.1:81 >> ${TOR_CONFIGURATION}"
        osSudo "${ROOT_USER}" /bin/sh -c "echo HiddenServiceVersion 3 >> ${TOR_CONFIGURATION}"
    fi

    # start tor now so it can bootstrap in time for bitcoin starting a few mins later
    echo "[*] Starting Tor service"
    osSudo "${ROOT_USER}" service tor start
fi

########################
# Bitcoin installation #
########################

if [ "${BITCOIN_INSTALL}" = true ];then

    echo "[*] Creating Bitcoin user with Tor access"
    osSudo "${ROOT_USER}" useradd -d "${BITCOIN_HOME}" -G "${TOR_GROUP}" "${BITCOIN_USER}"
    echo "[*] Creating Bitcoin data folder"
    osSudo "${ROOT_USER}" mkdir -p "${BITCOIN_HOME}"
    osSudo "${ROOT_USER}" chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_HOME}"
    osSudo "${BITCOIN_USER}" ln -s . .bitcoin
    echo "[*] Cloning Bitcoin repo from ${BITCOIN_REPO_URL}"
    osSudo "${BITCOIN_USER}" git config --global advice.detachedHead false
    osSudo "${BITCOIN_USER}" git clone --branch "${BITCOIN_REPO_BRANCH}" "${BITCOIN_REPO_URL}" "${BITCOIN_HOME}/${BITCOIN_REPO_NAME}"

    echo "[*] Building Bitcoin from source repo"
    osSudo "${BITCOIN_USER}" sh -c "cd ${BITCOIN_REPO_NAME} && ./autogen.sh --quiet && ./configure --quiet --disable-wallet --with-incompatible-bdb && make -j4"
    echo "[*] Installing Bitcoin binaries into OS"
    osSudo "${ROOT_USER}" sh -c "cd ${BITCOIN_HOME}/${BITCOIN_REPO_NAME} && make install"
    echo "[*] Installing Bitcoin configuration"
    osSudo "${ROOT_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/bitcoin.conf" "${BITCOIN_HOME}/bitcoin.conf"

fi

#########################
# Elements installation #
#########################

if [ "${ELEMENTS_INSTALL}" = true ];then

    echo "[*] Creating Elements user with Tor access"
    osSudo "${ROOT_USER}" useradd -d "${ELEMENTS_HOME}" -G "${TOR_GROUP}" "${ELEMENTS_USER}"
    echo "[*] Creating Elements data folder"
    osSudo "${ROOT_USER}" mkdir -p "${ELEMENTS_HOME}"
    osSudo "${ROOT_USER}" chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_HOME}"
    osSudo "${ELEMENTS_USER}" ln -s . .elements
    echo "[*] Cloning Elements repo from ${ELEMENTS_REPO_URL}"
    osSudo "${ELEMENTS_USER}" git config --global advice.detachedHead false
    osSudo "${ELEMENTS_USER}" git clone --branch "${ELEMENTS_REPO_BRANCH}" "${ELEMENTS_REPO_URL}" "${ELEMENTS_HOME}/${ELEMENTS_REPO_NAME}"

    echo "[*] Building Elements from source repo"
    osSudo "${ELEMENTS_USER}" sh -c "cd ${ELEMENTS_REPO_NAME} && ./autogen.sh --quiet && ./configure --quiet --disable-wallet --with-incompatible-bdb && make -j4"
    echo "[*] Installing Elements binaries into OS"
    osSudo "${ROOT_USER}" sh -c "cd ${ELEMENTS_HOME}/${ELEMENTS_REPO_NAME} && make install"
    echo "[*] Installing Elements configuration"
    osSudo "${ROOT_USER}" install -c -o "${ELEMENTS_USER}" -g "${ELEMENTS_GROUP}" -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/bitcoin.conf" "${ELEMENTS_HOME}/bitcoin.conf"

fi

###################################
# Bitcoin -> Electrs installation #
###################################

echo "[*] Creating Bitcoin Electrs data folder"
osSudo "${ROOT_USER}" mkdir -p "${BITCOIN_ELECTRS_HOME}"
osSudo "${ROOT_USER}" chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_ELECTRS_HOME}"

echo "[*] Cloning Bitcoin Electrs repo from ${BITCOIN_ELECTRS_REPO_URL}"
osSudo "${BITCOIN_USER}" git config --global advice.detachedHead false
osSudo "${BITCOIN_USER}" git clone --branch "${ELECTRS_REPO_BRANCH}" "${ELECTRS_REPO_URL}" "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}"

echo "[*] Installing Rust from rustup.rs"
osSudo "${BITCOIN_USER}" sh -c "cd ${BITCOIN_ELECTRS_HOME} && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"

echo "[*] Building Bitcoin Electrs release binary"
osSudo "${BITCOIN_USER}" sh -c "cd ${BITCOIN_ELECTRS_HOME} && cargo run --release --bin electrs -- --version"

##################################
# Liquid -> Electrs installation #
##################################

echo "[*] Creating Liquid Electrs data folder"
osSudo "${ROOT_USER}" mkdir -p "${ELEMENTS_ELECTRS_HOME}"
osSudo "${ROOT_USER}" chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_ELECTRS_HOME}"

echo "[*] Cloning Liquid Electrs repo from ${ELEMENTS_ELECTRS_REPO_URL}"
osSudo "${ELEMENTS_USER}" git config --global advice.detachedHead false
osSudo "${ELEMENTS_USER}" git clone --branch "${ELECTRS_REPO_BRANCH}" "${ELECTRS_REPO_URL}" "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}"

echo "[*] Installing Rust from rustup.rs"
osSudo "${ELEMENTS_USER}" sh -c "cd ${ELEMENTS_ELECTRS_HOME} && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"

echo "[*] Building Liquid Electrs release binary"
osSudo "${ELEMENTS_USER}" sh -c "cd ${ELEMENTS_ELECTRS_HOME} && cargo run --release --features liquid --bin electrs -- --network liquid --version"

#####################
# Bisq installation #
#####################

if [ "${BISQ_INSTALL}" = true ];then

    echo "[*] Creating Bisq user with Tor access"
    osSudo "${BISQ_USER}" useradd -d "${BISQ_HOME}" -G "${TOR_GROUP}" "${BISQ_USER}"

    echo "[*] Creating Bisq data folder"
    osSudo "${BISQ_USER}" mkdir -p "${BISQ_HOME}"
    osSudo "${BISQ_USER}" chown "${BISQ_USER}:${BISQ_GROUP}" "${BISQ_HOME}"

    echo "[*] Cloning Bisq top-level repo"
    osSudo "${BISQ_USER}" git clone --branch "${BISQ_REPO_BRANCH}" "${BISQ_REPO_URL}" "${BISQ_HOME}/${BISQ_REPO_NAME}"

    echo "[*] Installing OpenJDK 10.0.2 from Bisq install_java.sh script"
    osSudo "${ROOT_USER}" "${BISQ_HOME}/${BISQ_REPO_NAME}/scripts/install_java.sh"
fi

################################
# Bitcoin instance for Mainnet #
################################

if [ "${BITCOIN_MAINNET_ENABLE}" = true ];then
    echo "[*] Installing Bitcoin Mainnet RPC credentials"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_MAINNET_RPC_USER__/${BITCOIN_MAINNET_RPC_USER}/" "${BITCOIN_HOME}/bitcoin.conf"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_MAINNET_RPC_PASS__/${BITCOIN_MAINNET_RPC_PASS}/" "${BITCOIN_HOME}/bitcoin.conf"

    echo "[*] Installing Bitcoin Mainnet service"
    osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/bitcoin-mainnet.service" "${DEBIAN_SERVICE_HOME}"
fi

################################
# Bitcoin instance for Testnet #
################################

if [ "${BITCOIN_TESTNET_ENABLE}" = true ];then
    echo "[*] Installing Bitcoin Testnet RPC credentials"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_TESTNET_RPC_USER__/${BITCOIN_TESTNET_RPC_USER}/" "${BITCOIN_TESTNET_DATA}/bitcoin.conf"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_TESTNET_RPC_PASS__/${BITCOIN_TESTNET_RPC_PASS}/" "${BITCOIN_TESTNET_DATA}/bitcoin.conf"

    echo "[*] Installing Bitcoin Testnet service"
    osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/bitcoin-testnet.service" "${DEBIAN_SERVICE_HOME}"
fi

########################################
# Electrs instance for Bitcoin Mainnet #
########################################

if [ "${BITCOIN_MAINNET_ENABLE}" = true ];then
fi

########################################
# Electrs instance for Bitcoin Testnet #
########################################

if [ "${BITCOIN_TESTNET_ENABLE}" = true ];then
fi

########################################
# Electrs instance for Elements Liquid #
########################################

if [ "${ELEMENTS_LIQUID_ENABLE}" = true ];then
fi

#####################################
# Bisq instance for Bitcoin Mainnet #
#####################################

if [ "${BISQ_MAINNET_ENABLE}" = true ];then
    echo "[*] Installing Bisq service"
    osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq.service" "${DEBIAN_SERVICE_HOME}/bisq.service"
    osSudo "${ROOT_USER}" sed -i -e "s/#Requires=bitcoin.service/Requires=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service"
    osSudo "${ROOT_USER}" sed -i -e "s/#BindsTo=bitcoin.service/BindsTo=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service"
    osSudo "${ROOT_USER}" sed -i -e "s/__BISQ_REPO_NAME__/${BISQ_REPO_NAME}/" "${DEBIAN_SERVICE_HOME}/bisq.service"
    osSudo "${ROOT_USER}" sed -i -e "s!__BISQ_HOME__!${BISQ_HOME}!" "${DEBIAN_SERVICE_HOME}/bisq.service"

    echo "[*] Installing Bisq environment file"
    osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq.env" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s!__BISQ_APP_NAME__!${BISQ_APP_NAME}!" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s!__BISQ_HOME__!${BISQ_HOME}!" "${DEBIAN_ENV_HOME}/bisq.env"

    echo "[*] Configuring Bisq environment file with Bitcoin RPC credentials"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_P2P_HOST__/${BITCOIN_MAINNET_P2P_HOST}/" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_P2P_PORT__/${BITCOIN_MAINNET_P2P_PORT}/" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_RPC_HOST__/${BITCOIN_MAINNET_RPC_HOST}/" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_RPC_PORT__/${BITCOIN_MAINNET_RPC_PORT}/" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_RPC_USER__/${BITCOIN_MAINNET_RPC_USER}/" "${DEBIAN_ENV_HOME}/bisq.env"
    osSudo "${ROOT_USER}" sed -i -e "s/__BITCOIN_RPC_PASS__/${BITCOIN_MAINNET_RPC_PASS}/" "${DEBIAN_ENV_HOME}/bisq.env"

    echo "[*] Checking out Bisq ${BISQ_LATEST_RELEASE}"
    osSudo "${BISQ_USER}" sh -c "cd ${BISQ_HOME}/${BISQ_REPO_NAME} && git checkout ${BISQ_LATEST_RELEASE}"

    echo "[*] Performing Git LFS pull"
    osSudo "${BISQ_USER}" sh -c "cd ${BISQ_HOME}/${BISQ_REPO_NAME} && git lfs pull"

    echo "[*] Building Bisq from source"
    osSudo "${BISQ_USER}" sh -c "cd ${BISQ_HOME}/${BISQ_REPO_NAME} && ./gradlew build -x test < /dev/null" # redirect from /dev/null is necessary to workaround gradlew non-interactive shell hanging issue

    echo "[*] Updating Bitcoin configuration for Bisq"
    osSudo "${ROOT_USER}" sed -i -e "s/#blocknotify/blocknotify/" "${BITCOIN_HOME}/bitcoin.conf"
    osSudo "${BITCOIN_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 755 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/blocknotify.sh" "${BITCOIN_HOME}/blocknotify.sh"
fi

##### Mempool -> Bitcoin Mainnet instance

if [ "${BITCOIN_MAINNET_ENABLE}" = true ];then
    echo "[*] Creating Mempool instance for Bitcoin Mainnet"
    osSudo "${MEMPOOL_USER}" git config --global advice.detachedHead false
    osSudo "${MEMPOOL_USER}" git clone --branch "${MEMPOOL_REPO_BRANCH}" "${MEMPOOL_REPO_URL}" "${MEMPOOL_HOME}/mainnet"
fi

##### nginx

echo "[*] Adding Nginx configuration"
osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/nginx.conf" "${NGINX_CONFIGURATION}"

echo "[*] Restarting Nginx"
osSudo "${ROOT_USER}" service nginx restart

##### OS systemd

echo "[*] Updating systemd daemon configuration"
osSudo "${ROOT_USER}" systemctl daemon-reload
if [ "${TOR_ENABLE}" = true ];then
    osSudo "${ROOT_USER}" systemctl enable tor.service
fi
if [ "${BITCOIN_MAINNET_ENABLE}" = true ];then
    osSudo "${ROOT_USER}" systemctl enable bitcoin.service
    osSudo "${ROOT_USER}" systemctl enable electrs.service
    osSudo "${ROOT_USER}" systemctl enable mempool.service
fi
if [ "${BITCOIN_TESTNET_ENABLE}" = true ];then
    osSudo "${ROOT_USER}" systemctl enable bitcoin-testnet.service
    osSudo "${ROOT_USER}" systemctl enable electrs-testnet.service
    osSudo "${ROOT_USER}" systemctl enable mempool-testnet.service
fi
if [ "${BISQ_MAINNET_ENABLE}" = true ];then
    osSudo "${ROOT_USER}" systemctl enable bisq.service
    osSudo "${ROOT_USER}" systemctl enable mempool-bisq.service
fi
if [ "${ELEMENTS_LIQUID_ENABLE}" = true ];then
    osSudo "${ROOT_USER}" systemctl enable liquid.service
    osSudo "${ROOT_USER}" systemctl enable electrs-liquid.service
    osSudo "${ROOT_USER}" systemctl enable mempool-liquid.service
fi

##### OS services

if [ "${BITCOIN_MAINNET_ENABLE}" = true ];then
    echo "[*] Starting Bitcoin Mainnet"
    osSudo "${ROOT_USER}" systemctl start bitcoin
    osSudo "${ROOT_USER}" systemctl start electrs
    osSudo "${ROOT_USER}" journalctl --no-pager --unit bitcoin
fi

if [ "${BITCOIN_TESTNET_ENABLE}" = true ];then
    echo "[*] Starting Bitcoin Testnet"
    osSudo "${ROOT_USER}" systemctl start bitcoin-testnet
    osSudo "${ROOT_USER}" systemctl start electrs-testnet
    osSudo "${ROOT_USER}" journalctl --no-pager --unit bitcoin-testnet
fi
if [ "${ELEMENTS_LIQUID_ENABLE}" = true ];then
    echo "[*] Starting Elements Liquid"
    osSudo "${ROOT_USER}" systemctl start liquid
    osSudo "${ROOT_USER}" systemctl start electrs-liquid
    osSudo "${ROOT_USER}" journalctl --no-pager --unit liquid
fi

osSudo "${ROOT_USER}" tail "${BITCOIN_HOME}/debug.log"

##### OS notes

echo "[*] Adding notes to motd"
osSudo "${ROOT_USER}" sh -c 'echo " " >> /etc/motd'

##### OS firewall

echo "[*] Preparing firewall"
osSudo "${ROOT_USER}" ufw default deny incoming
osSudo "${ROOT_USER}" ufw default allow outgoing
osSudo "${ROOT_USER}" ufw allow from any to any port ${BITCOIN_MAINNET_P2P_PORT} proto tcp
osSudo "${ROOT_USER}" ufw allow from any to any port ${BITCOIN_TESTNET_P2P_PORT} proto tcp
osSudo "${ROOT_USER}" ufw allow from any to any port ${ELEMENTS_LIQUID_P2P_PORT} proto tcp

##### finish

echo '[*] Done!'

echo '  '
echo '[*] Follow all the README instructions!'
echo '[*] AND DONT FORGET TO ENABLE FIREWALL!!!11'
echo '[*] type "ufw enable" to enable firewall'
echo '  '

exit 0