From 98abb979fd9e08187650c4eb3a10bcd0b36fcb1c Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 10:00:08 -0600
Subject: [PATCH 1/7] update to 0.12.11

---
 Dockerfile                     | 4 ++--
 manifest.yaml                  | 4 ++--
 scripts/services/migrations.ts | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4dd12cf..b4581d2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM lnbits/lnbits:0.12.10 AS builder
+FROM lnbits/lnbits:v0.12.11 AS builder
 
 # arm64 or amd64
 ARG PLATFORM
@@ -6,7 +6,7 @@ ARG PLATFORM
 RUN apt-get update && apt-get install -y bash curl sqlite3 tini --no-install-recommends
 RUN curl -sS https://webi.sh/yq | sh
 
-FROM lnbits/lnbits:0.12.10 AS final
+FROM lnbits/lnbits:v0.12.11 AS final
 
 COPY --from=builder /usr/bin/tini /usr/bin/tini
 COPY --from=builder /usr/bin/sqlite3 /usr/bin/sqlite3
diff --git a/manifest.yaml b/manifest.yaml
index 237c03c..a2baef7 100644
--- a/manifest.yaml
+++ b/manifest.yaml
@@ -1,8 +1,8 @@
 id: lnbits
 title: "LNBits"
-version: 0.12.10
+version: 0.12.11
 release-notes: |
-  * Update LNbits to 0.12.10 - Full release notes available [here](https://github.com/lnbits/lnbits/releases/tag/0.12.10).
+  * Update LNbits to 0.12.11 - Full release notes available [here](https://github.com/lnbits/lnbits/releases/tag/v0.12.11).
 license: MIT
 wrapper-repo: "https://github.com/Start9Labs/lnbits-startos"
 upstream-repo: "https://github.com/lnbits/lnbits"
diff --git a/scripts/services/migrations.ts b/scripts/services/migrations.ts
index d15995e..8f46073 100644
--- a/scripts/services/migrations.ts
+++ b/scripts/services/migrations.ts
@@ -19,5 +19,5 @@ export const migration: T.ExpectedExports.migration = compat.migrations
         ),
   },
 },
-"0.12.10",
+"0.12.11",
 );

From 8a3384ed7b86ea237d63f9ad3b7969cca28b4eff Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 10:06:15 -0600
Subject: [PATCH 2/7] minor readme edits

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index cf4e9e9..8f65e54 100644
--- a/README.md
+++ b/README.md
@@ -8,12 +8,12 @@ lnbits-startos contains the [lnbits](https://github.com/lnbits/lnbits) software
 
 ## Dependencies
 
+- [deno](https://deno.land/)
 - [docker](https://docs.docker.com/get-docker)
 - [docker-buildx](https://docs.docker.com/buildx/working-with-buildx/)
-- [yq](https://mikefarah.gitbook.io/yq)
-- [deno](https://deno.land/)
 - [make](https://www.gnu.org/software/make/)
-- [start-sdk](https://github.com/Start9Labs/start-os/tree/sdk)
+- [start-sdk](https://github.com/Start9Labs/start-os/blob/v0.3.5.1/core/install-sdk.sh)
+- [yq](https://mikefarah.gitbook.io/yq)
 
 ## Build environment
 

From d274860e4ce34a1029c77a49be7ca30205563aa0 Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 10:10:09 -0600
Subject: [PATCH 3/7] minor isntructions copy changes

---
 instructions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/instructions.md b/instructions.md
index 15770e2..21f32d0 100644
--- a/instructions.md
+++ b/instructions.md
@@ -10,7 +10,7 @@ To use LNbits, simply click `LAUNCH UI` where you will be prompted to login or r
 ## Superuser
 LNbits includes a `Superuser Account` which can also be found in `Properties` along with the default username and password. This account can be used to manage the server, allowing the user to add extensions, topup wallets, etc.
 
-The `Superuser Account` can also change the authentication required to access accounts. By default authentication is not required for users updating to 0.12.2, meaning accounts remain accessible via the URLs found in properties; accounts can also be accessed using username/password (provided these have been set). For fresh installations of 0.12.2 username and password are required by default. Allowed authentication methods can be updated by opening the Superuser account and navivating to `Server` > `Security`.
+The `Superuser Account` can also change the authentication required to access accounts. By default authentication is not required for users who updated to 0.12.2 from an earlier version, meaning accounts remain accessible via the URLs found in properties; accounts can also be accessed using username/password (provided these have been set). For fresh installations >= 0.12.2 username and password are required by default. Allowed authentication methods can be updated by opening the Superuser account and navivating to `Server` > `Security`.
 
 **Warning** If authentication is updated to only allow the `username-password` method, this will make any accounts which have not yet setup a username and password *inaccessible* until authentication is reverted to include the `user-id-only` method. Before changing the allowed authentication methods, it is highly recommended to ensure any existing accounts have been updated to include both a username and a password; login credentials should be stored securely (i.e. within Vaultwarden).
 

From 978dee3b979237c2b75935f2a091e318efc60850 Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 10:57:20 -0600
Subject: [PATCH 4/7] remove sensitive data from logs

---
 docker_entrypoint.sh | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh
index 6ce986d..f3315c6 100755
--- a/docker_entrypoint.sh
+++ b/docker_entrypoint.sh
@@ -41,11 +41,6 @@ if [ -f $FILE ]; then
     sqlite3 ./data/database.sqlite3 'select id from accounts;' >>account.res
     mapfile -t LNBITS_ACCOUNTS <account.res
     echo "Found ${#LNBITS_ACCOUNTS[*]} existing LNBits account(s)."
-    echo "Navigate to the following URLs to access these accounts:"
-    for USER_ID in "${LNBITS_ACCOUNTS[@]}"; do
-        ACCOUNT_URL="http://$TOR_ADDRESS/wallet?usr=$USER_ID"
-        printf "$ACCOUNT_URL\n"
-    done
 else
     echo 'No LNBits accounts found.'
 fi

From afbfd1a1ea7c2a01b115c5792be653f98150de5d Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 11:23:09 -0600
Subject: [PATCH 5/7] refactoring

---
 docker_entrypoint.sh | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh
index f3315c6..af24e36 100755
--- a/docker_entrypoint.sh
+++ b/docker_entrypoint.sh
@@ -29,20 +29,18 @@ if [ -f $FILE ]; then
         echo "Deleting previous LN implementation data"
         rm $FILE
         rm /app/data/start9/stats.yaml
+    else
+        echo "Looking for existing accounts and wallets..."
+        sqlite3 ./data/database.sqlite3 'select id from accounts;' >>account.res
+        mapfile -t LNBITS_ACCOUNTS <account.res
+        echo "Found ${#LNBITS_ACCOUNTS[*]} existing LNBits account(s)."
     fi
     # Create flag for Auth Initilization
     if ! [ -f '/app/data/start9/auth_initialized' ]; then
       touch /app/data/start9/auth_initialized
     fi
-fi
-
-if [ -f $FILE ]; then
-    echo "Looking for existing accounts and wallets..."
-    sqlite3 ./data/database.sqlite3 'select id from accounts;' >>account.res
-    mapfile -t LNBITS_ACCOUNTS <account.res
-    echo "Found ${#LNBITS_ACCOUNTS[*]} existing LNBits account(s)."
 else
-    echo 'No LNBits accounts found.'
+    echo "No existing database found. Starting LNbits with a new database using $LNBITS_BACKEND_WALLET_CLASS"
 fi
 
 if [ $LNBITS_BACKEND_WALLET_CLASS == "LndRestWallet" ]; then

From ef2db4133c560d2a73a3787b53d06fdf30580a20 Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 12:32:51 -0600
Subject: [PATCH 6/7] only show account URLs in Properties if user-id-only is
 enabled

---
 docker_entrypoint.sh | 109 ++++++++++++++++++++++---------------------
 instructions.md      |   5 +-
 2 files changed, 58 insertions(+), 56 deletions(-)

diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh
index af24e36..a195151 100755
--- a/docker_entrypoint.sh
+++ b/docker_entrypoint.sh
@@ -66,6 +66,7 @@ configurator() {
             ADMIN_PASS=$(cat /app/data/start9/admin_password.txt)
             LNBITS_SETTINGS=$(sqlite3 ./data/database.sqlite3 'select editable_settings from settings;')
             PUBLIC_UI=$(echo "$LNBITS_SETTINGS" | jq ".lnbits_public_node_ui")
+            USER_ID_ONLY=$(sqlite3 ./data/database.sqlite3 'select editable_settings from settings;' | jq '.auth_allowed_methods | any(index("user-id-only"))')
 
             echo 'version: 2' >/app/data/start9/stats.yaml
             echo 'data:' >>/app/data/start9/stats.yaml
@@ -97,60 +98,62 @@ configurator() {
                 echo '    qr: true' >>/app/data/start9/stats.yaml
             fi
             
-            echo "  Superuser Account: " >>/app/data/start9/stats.yaml
-            echo '    type: string' >>/app/data/start9/stats.yaml
-            echo "    value: \"$SUPERUSER_ACCOUNT_URL_PROP\"" >>/app/data/start9/stats.yaml
-            echo '    description: LNBits Superuser Account' >>/app/data/start9/stats.yaml
-            echo '    copyable: true' >>/app/data/start9/stats.yaml
-            echo '    masked: true' >>/app/data/start9/stats.yaml
-            echo '    qr: true' >>/app/data/start9/stats.yaml
-            echo "  (Tor) Superuser Account: " >>/app/data/start9/stats.yaml
-            echo '    type: string' >>/app/data/start9/stats.yaml
-            echo "    value: \"$SUPERUSER_ACCOUNT_URL_TOR\"" >>/app/data/start9/stats.yaml
-            echo '    description: LNBits Superuser Account' >>/app/data/start9/stats.yaml
-            echo '    copyable: true' >>/app/data/start9/stats.yaml
-            echo '    masked: true' >>/app/data/start9/stats.yaml
-            echo '    qr: true' >>/app/data/start9/stats.yaml
-
-            sqlite3 ./data/database.sqlite3 'select id from accounts;' >account.res
-            mapfile -t LNBITS_ACCOUNTS <account.res
-            # Iterate over the indices of the array in reverse order
-            for i in $(seq $((${#LNBITS_ACCOUNTS[@]} - 1)) -1 0); do {
-                # Access the array element at the current index
-                USER_ID=${LNBITS_ACCOUNTS[$i]}
-                # get wallets for this user account
-                sqlite3 ./data/database.sqlite3 'select id from wallets where user="'$USER_ID'";' >wallet.res
-                mapfile -t LNBITS_WALLETS <wallet.res
-                # Iterate over the indices of the array in reverse order
-                for j in $(seq $((${#LNBITS_WALLETS[@]} - 1)) -1 0); do {
-                    # Access the array element at the current index
-
-                    export WALLET_ID=${LNBITS_WALLETS[$j]}
-                    export ACCOUNT_URL_PROP="https://$LAN_ADDRESS/wallet?usr=$USER_ID&wal=$WALLET_ID"
-                    export ACCOUNT_URL_TOR="http://$TOR_ADDRESS/wallet?usr=$USER_ID&wal=$WALLET_ID"
-                    export LNBITS_WALLET_NAME=$(sqlite3 ./data/database.sqlite3 'select name from wallets where id="'$WALLET_ID'";')
-                    export LNBITS_WALLET_DELETED=$(sqlite3 ./data/database.sqlite3 'select deleted from wallets where id="'$WALLET_ID'";')
-
-                    if ! [ "$SUPERUSER_ACCOUNT" = "$USER_ID" ] && [ $LNBITS_WALLET_DELETED = 0 ]; then
-                        echo "  LNBits Account $USER_ID - Wallet $LNBITS_WALLET_NAME: " >>/app/data/start9/stats.yaml
-                        echo '    type: string' >>/app/data/start9/stats.yaml
-                        echo "    value: \"$ACCOUNT_URL_PROP\"" >>/app/data/start9/stats.yaml
-                        echo '    description: LNBits Account' >>/app/data/start9/stats.yaml
-                        echo '    copyable: true' >>/app/data/start9/stats.yaml
-                        echo '    masked: true' >>/app/data/start9/stats.yaml
-                        echo '    qr: true' >>/app/data/start9/stats.yaml
-                        echo "  (Tor) LNBits Account $USER_ID - Wallet $LNBITS_WALLET_NAME: " >>/app/data/start9/stats.yaml
-                        echo '    type: string' >>/app/data/start9/stats.yaml
-                        echo "    value: \"$ACCOUNT_URL_TOR\"" >>/app/data/start9/stats.yaml
-                        echo '    description: LNBits Account' >>/app/data/start9/stats.yaml
-                        echo '    copyable: true' >>/app/data/start9/stats.yaml
-                        echo '    masked: true' >>/app/data/start9/stats.yaml
-                        echo '    qr: true' >>/app/data/start9/stats.yaml
-                    fi
-                }; done
-            }; done
+            if [ "$USER_ID_ONLY" == "true" ]; then
+              echo "  Superuser Account: " >>/app/data/start9/stats.yaml
+              echo '    type: string' >>/app/data/start9/stats.yaml
+              echo "    value: \"$SUPERUSER_ACCOUNT_URL_PROP\"" >>/app/data/start9/stats.yaml
+              echo '    description: LNBits Superuser Account' >>/app/data/start9/stats.yaml
+              echo '    copyable: true' >>/app/data/start9/stats.yaml
+              echo '    masked: true' >>/app/data/start9/stats.yaml
+              echo '    qr: true' >>/app/data/start9/stats.yaml
+              echo "  (Tor) Superuser Account: " >>/app/data/start9/stats.yaml
+              echo '    type: string' >>/app/data/start9/stats.yaml
+              echo "    value: \"$SUPERUSER_ACCOUNT_URL_TOR\"" >>/app/data/start9/stats.yaml
+              echo '    description: LNBits Superuser Account' >>/app/data/start9/stats.yaml
+              echo '    copyable: true' >>/app/data/start9/stats.yaml
+              echo '    masked: true' >>/app/data/start9/stats.yaml
+              echo '    qr: true' >>/app/data/start9/stats.yaml
+
+              sqlite3 ./data/database.sqlite3 'select id from accounts;' >account.res
+              mapfile -t LNBITS_ACCOUNTS <account.res
+              # Iterate over the indices of the array in reverse order
+              for i in $(seq $((${#LNBITS_ACCOUNTS[@]} - 1)) -1 0); do {
+                  # Access the array element at the current index
+                  USER_ID=${LNBITS_ACCOUNTS[$i]}
+                  # get wallets for this user account
+                  sqlite3 ./data/database.sqlite3 'select id from wallets where user="'$USER_ID'";' >wallet.res
+                  mapfile -t LNBITS_WALLETS <wallet.res
+                  # Iterate over the indices of the array in reverse order
+                  for j in $(seq $((${#LNBITS_WALLETS[@]} - 1)) -1 0); do {
+                      # Access the array element at the current index
+
+                      export WALLET_ID=${LNBITS_WALLETS[$j]}
+                      export ACCOUNT_URL_PROP="https://$LAN_ADDRESS/wallet?usr=$USER_ID&wal=$WALLET_ID"
+                      export ACCOUNT_URL_TOR="http://$TOR_ADDRESS/wallet?usr=$USER_ID&wal=$WALLET_ID"
+                      export LNBITS_WALLET_NAME=$(sqlite3 ./data/database.sqlite3 'select name from wallets where id="'$WALLET_ID'";')
+                      export LNBITS_WALLET_DELETED=$(sqlite3 ./data/database.sqlite3 'select deleted from wallets where id="'$WALLET_ID'";')
+
+                      if ! [ "$SUPERUSER_ACCOUNT" = "$USER_ID" ] && [ $LNBITS_WALLET_DELETED = 0 ]; then
+                          echo "  LNBits Account $USER_ID - Wallet $LNBITS_WALLET_NAME: " >>/app/data/start9/stats.yaml
+                          echo '    type: string' >>/app/data/start9/stats.yaml
+                          echo "    value: \"$ACCOUNT_URL_PROP\"" >>/app/data/start9/stats.yaml
+                          echo '    description: LNBits Account' >>/app/data/start9/stats.yaml
+                          echo '    copyable: true' >>/app/data/start9/stats.yaml
+                          echo '    masked: true' >>/app/data/start9/stats.yaml
+                          echo '    qr: true' >>/app/data/start9/stats.yaml
+                          echo "  (Tor) LNBits Account $USER_ID - Wallet $LNBITS_WALLET_NAME: " >>/app/data/start9/stats.yaml
+                          echo '    type: string' >>/app/data/start9/stats.yaml
+                          echo "    value: \"$ACCOUNT_URL_TOR\"" >>/app/data/start9/stats.yaml
+                          echo '    description: LNBits Account' >>/app/data/start9/stats.yaml
+                          echo '    copyable: true' >>/app/data/start9/stats.yaml
+                          echo '    masked: true' >>/app/data/start9/stats.yaml
+                          echo '    qr: true' >>/app/data/start9/stats.yaml
+                      fi
+                  }; done
+              }; done
+            fi
         else
-            echo 'No accounts to populate'
+            echo 'No existing database found.'
         fi
         sleep 10
     }; done
diff --git a/instructions.md b/instructions.md
index 21f32d0..1def63c 100644
--- a/instructions.md
+++ b/instructions.md
@@ -4,15 +4,14 @@ LNbits is a robust and versatile platform, serving as a comprehensive hub for Li
 
 ## Using LNbits
 
-To use LNbits, simply click `LAUNCH UI` where you will be prompted to login or register. StartOS automatically saves your wallet URLs and displays them in the `Properties` page of your LNbits service dashboard. If an existing LNbits account is already logged in, `LAUNCH UI` will open that account instead of prompting the user to login or register. If an account is already logged in and you would like to register another account, you will first need to log out of the logged in account. As a corollary, only one LNbits account can be logged into the same browser at a time. If a LNbits account is already logged in and the URL for a different account is opened you may encounter the error `Wallet not found` or the previously logged in account may be displayed - in either case hard refreshing the page will log in the account of the URL entered and log out the other account. 
-
+To use LNbits, simply click `LAUNCH UI` where you will be prompted to login or register. If `user-id-only` is enabled as an 'Authorization Method' (not recommended for security) StartOS will automatically save your wallet URLs and display them in the `Properties` page of your LNbits service dashboard. If an existing LNbits account is already logged in, `LAUNCH UI` will open that account instead of prompting the user to login or register. If an account is already logged in and you would like to register another account, you will first need to log out of the logged in account. As a corollary, only one LNbits account can be logged into a given browser at a time. If a LNbits account is already logged in and the URL for a different account is opened you may encounter the error `Wallet not found` or the previously logged in account may be displayed - in either case hard refreshing the page will log in the account of the URL entered and log out the other account. 
 
 ## Superuser
 LNbits includes a `Superuser Account` which can also be found in `Properties` along with the default username and password. This account can be used to manage the server, allowing the user to add extensions, topup wallets, etc.
 
 The `Superuser Account` can also change the authentication required to access accounts. By default authentication is not required for users who updated to 0.12.2 from an earlier version, meaning accounts remain accessible via the URLs found in properties; accounts can also be accessed using username/password (provided these have been set). For fresh installations >= 0.12.2 username and password are required by default. Allowed authentication methods can be updated by opening the Superuser account and navivating to `Server` > `Security`.
 
-**Warning** If authentication is updated to only allow the `username-password` method, this will make any accounts which have not yet setup a username and password *inaccessible* until authentication is reverted to include the `user-id-only` method. Before changing the allowed authentication methods, it is highly recommended to ensure any existing accounts have been updated to include both a username and a password; login credentials should be stored securely (i.e. within Vaultwarden).
+**Warning** If authentication previously allowed the `user-id-only` method is updated to disallow this method, any accounts which have not yet setup a username and password will be *inaccessible* until authentication is reverted to include the `user-id-only` method. Before changing the allowed authentication methods, it is highly recommended to ensure any existing accounts have been updated to include both a username and a password; login credentials should be stored securely (i.e. within Vaultwarden).
 
 **If the Superuser password is updated via the LNbits UI, make sure this password is stored securely as it will *NOT* be updated in `Properties`**
 

From 0f2bff29a11d202e3511f42aaa38762106c5a126 Mon Sep 17 00:00:00 2001
From: Shadowy Super Coder <musashidisciple@proton.me>
Date: Tue, 17 Sep 2024 12:52:48 -0600
Subject: [PATCH 7/7] update release notes

---
 manifest.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/manifest.yaml b/manifest.yaml
index a2baef7..6070346 100644
--- a/manifest.yaml
+++ b/manifest.yaml
@@ -3,6 +3,8 @@ title: "LNBits"
 version: 0.12.11
 release-notes: |
   * Update LNbits to 0.12.11 - Full release notes available [here](https://github.com/lnbits/lnbits/releases/tag/v0.12.11).
+  * Optimizations and refactoring
+  * Update README and Instructions
 license: MIT
 wrapper-repo: "https://github.com/Start9Labs/lnbits-startos"
 upstream-repo: "https://github.com/lnbits/lnbits"