Pages:
Author

Topic: Umbrel — Discussion, issues, solutions - page 2. (Read 2185 times)

legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
December 12, 2022, 11:22:46 AM
#77
is there actually already a possibility for umbrel, where tor can be deactivated and one acts as a full-fledged network node?

As of now, no.
https://community.getumbrel.com/t/umbrel-clearnet/9993

There are other nodes in a box that are not forced TOR.
Check out https://runcitadel.space/
I am not sure if it's TOR or not, it's forked from Umbrel but I have not been following it.

-Dave
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
December 07, 2022, 01:44:13 PM
#76
is there actually already a possibility for umbrel, where tor can be deactivated and one acts as a full-fledged network node?
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
October 27, 2022, 02:26:01 PM
#75


this - and whether this is an umbrel or another node Wink
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
October 25, 2022, 04:41:20 PM
#74
I really like Umbrel, as of now it's my default recommendation for a pre-built node.
Since the time I began this thread, it must have upgraded. I saw an umbrel-app-store somewhere and got impressed. Definitely a recommendation for non-tech people who want to run a, mostly, Lightning node.

The one thing I still would prefer is the ability to connect without TOR.
This is pretty much the reason I uninstalled Umbrel. It didn't allow me sync fast. It takes about twice to sync that way. Also, I had very poor connectivity. There were times that it had 0 outgoing connections, and paused syncing. 
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
October 25, 2022, 02:58:00 PM
#73
Updated mine with no problems.

I really like Umbrel, as of now it's my default recommendation for a pre-built node.
The one thing I still would prefer is the ability to connect without TOR. There are a few things that it really does lower the usefulness of with everything as TOR only but it is what it is can't have it all.

-Dave
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
October 25, 2022, 11:41:40 AM
#72
since today there is a new update with version 0.5.2 for the umbrel node
this release also contains several bugfixes and performance improvements. the complete changelog can be found on github at the following link:
https://github.com/getumbrel/umbrel/releases/tag/v0.5.2
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
September 16, 2022, 11:42:46 AM
#71
Just did a test with a node in a box that I was going to re-image anyway. RPi4, 4GB, SSD.

That actually brings up a good point.  I've never plugged a hard drive directly into my RPi, just mounted SSD NAS directory to use for the blockchain data.  One time I even tried mounting the NAS directory at /var/lib, but still no joy.  Every time I've tried I would allow bitdoind to fully synch the blockchain before installing ElectrumX.  Most of the time the system would become unusable while synchronizing ElectrumX.  One time I got ElectrumX fully synchronized but it crashed shortly after that.  That's when I finally gave up.

I have a couple of servers (enterprise hardware) collecting dust in my garage, which I've been planning to spin up soon.  One has two Xeon processors and 64GB of ram, which I plan to set up with three or four VMs to do do most of the stuff I've currently got running on the Dells and the RPi.  I just been dragging my feet because I don't have a rack to house them in at the moment.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
September 16, 2022, 10:17:49 AM
#70
Honestly I've never had good luck running bitcoind and electrumx server on a RPi, not even version 4.  I blame myself; I've never cared for Raspian, and always run them with the latest version of Ubuntu server.  I've given away all my Raspberry Pis except for one version 4 that I use as a media server.

Currently I have a Dell SFF PC with an i5 processor, 16GB RAM, and a 1tb SSD on which I've installed Umbrel over Ubuntu Server 22.04.1.  Umbrel is running Bitcoind, Electrs, LND, Mempool, and Tailscale.  I also have Lightning Terminal and Ride the Lightning installed as well.  I've had this set up running for about two weeks now without any issues.

Just did a test with a node in a box that I was going to re-image anyway. RPi4, 4GB, SSD.

I tried to install everything in the app store and it would not. Crashed to the point that I could not even SSH into it. Did a power cycle and it came back but crashed again the same way. Could be that it's not actually crashing but taking so long to respond that both the web browser and SSH client timeout before it responds.

So yeah, you can shoot yourself in the foot quite well with it.

On the system you have. Assuming it's a 3rd gen i5 or better you could probably get away with installing everything.

-Dave
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
September 12, 2022, 10:22:40 AM
#69
Didn't follow through with how Umbrel developed, but doesn't Umbrel since the first start already paved its way as a platform for self-hosting apps? not the one that was specifically made to run the Bitcoin ecosystem.
I'm 99% sure it always had self-hosting specifically Bitcoin software at its core concept since the very start. Media hosting and such, came later.

Below is an excerpt from the ReedMe file of version 0.1.2:

They always had the app store, but IMO it's going with too many things. And since it is designed to be run on an RPi, and one again IMO there is no 'stop new users from shooting themselves in the foot' setting. You can install everything and your node WILL crash (or at least both of mine did) due to lack of resources.

Yes you can do the same with Windows, OSX, *nix, and so on. Bu and once again IMO since it's supposed to be a BTC / Lightning node having all these other things, although nice is probably going to cause more issues.

-Dave

Honestly I've never had good luck running bitcoind and electrumx server on a RPi, not even version 4.  I blame myself; I've never cared for Raspian, and always run them with the latest version of Ubuntu server.  I've given away all my Raspberry Pis except for one version 4 that I use as a media server.

Currently I have a Dell SFF PC with an i5 processor, 16GB RAM, and a 1tb SSD on which I've installed Umbrel over Ubuntu Server 22.04.1.  Umbrel is running Bitcoind, Electrs, LND, Mempool, and Tailscale.  I also have Lightning Terminal and Ride the Lightning installed as well.  I've had this set up running for about two weeks now without any issues.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
September 10, 2022, 06:28:20 AM
#68
I'm 99% sure it always had self-hosting specifically Bitcoin software at its core concept since the very start. Media hosting and such, came later.

They always had the app store, but IMO it's going with too many things. And since it is designed to be run on an RPi, and one again IMO there is no 'stop new users from shooting themselves in the foot' setting. You can install everything and your node WILL crash (or at least both of mine did) due to lack of resources.

Yes you can do the same with Windows, OSX, *nix, and so on. Bu and once again IMO since it's supposed to be a BTC / Lightning node having all these other things, although nice is probably going to cause more issues.

-Dave
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
September 09, 2022, 05:41:08 PM
#67
To me it really is just about paranoid security. I have enough to worry about with me screwing up, I don't need to worry about other unrelated things screwing up.

Just a bit of paranoia on my part, not saying I am 100% correct it's just the way I look at it.
I do agree, yes. Self-hosting is no trivial task, even for professionals; no wonder webhosting and email hosting businesses have been thriving for the last 20 years.
Ever since I created my full node install guide, I noticed how often it has to be updated, even with just 4 individual pieces of software on it. Maintaining a self-hosted server of any kind is not a cakewalk, especially not for unexperienced users.

Bitcoin Core is kind of unique in the way it requires as many nodes as possible to run it 24/7, but it's also unique in the high level of security it has; so it's much less critical if someone runs an outdated version for a few more months.

Didn't follow through with how Umbrel developed, but doesn't Umbrel since the first start already paved its way as a platform for self-hosting apps? not the one that was specifically made to run the Bitcoin ecosystem.
I'm 99% sure it always had self-hosting specifically Bitcoin software at its core concept since the very start. Media hosting and such, came later.
legendary
Activity: 1932
Merit: 1273
September 09, 2022, 09:23:55 AM
#66
Didn't follow through with how Umbrel developed, but doesn't Umbrel since the first start already paved its way as a platform for self-hosting apps? not the one that was specifically made to run the Bitcoin ecosystem. Looking at how it will seem to continue to develop, I think if someone wants to use a platform or OS that is specifically made for Bitcoin, they should have sought an alternative.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
September 09, 2022, 09:06:49 AM
#65

First CVE require user download malicious torrent file while second CVE require user to enable remote access feature. I wouldn't worry too much when linux kernel has 194 new CVE this year[1]. Additionally, Transmission only can access config and download folder[2].


I don't use those software. Last time i checked, it's closed source and show annoying ads.

The problem is that as you add more and more things there are more and more issues to keep track of and the possibility that you, the umbrel developers, the repository maintainers that umbrel uses or whoever misses something, does not add the updated packages or whatever and users are sitting there with an unpatched vulnerability.

--snip--

I get your point and actually i agree with your point. But don't forget all application is run inside Docker container[3], which reduce some security risks.

[1] https://www.cvedetails.com/vulnerability-list.php?vendor_id=33&product_id=&version_id=&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=2022&month=0&cweid=0&order=3&trc=194&sha=0b4324a03d1611b238026b0d9c1402ae680bada2
[2] https://github.com/getumbrel/umbrel-apps/blob/master/transmission/docker-compose.yml
[3] https://github.com/getumbrel/umbrel-apps/#umbrel-app-framework
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
September 09, 2022, 08:43:08 AM
#64
...Personally i would install Transmission...


https://www.cvedetails.com/cve/CVE-2018-10756/
https://www.cvedetails.com/cve/CVE-2018-5702/

...or other available BitTorrent client....

https://www.cvedetails.com/vulnerability-list/vendor_id-7690/Bittorrent.html
https://www.cvedetails.com/vulnerability-list/vendor_id-6117/year-2022/Utorrent.html

The problem is that as you add more and more things there are more and more issues to keep track of and the possibility that you, the umbrel developers, the repository maintainers that umbrel uses or whoever misses something, does not add the updated packages or whatever and users are sitting there with an unpatched vulnerability. When you go to an ATM for your bank do you want it to also have some video games on it that you can play while waiting to possibly get some money out [wait I just invented the slot machine]. When you are on your online banking site do you want it to have things on it that are not related to banking / that bank?

To me it really is just about paranoid security. I have enough to worry about with me screwing up, I don't need to worry about other unrelated things screwing up.

Just a bit of paranoia on my part, not saying I am 100% correct it's just the way I look at it.

-Dave
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
September 08, 2022, 01:56:43 PM
#63
But, all that aside, once it's out of beta do you really want it to be running more then just crypto apps?
I'm all for separation of privileges, sandboxing etc., but don't feel too secure by putting some (potentially insecure) web service on a different machine in the same LAN as your Bitcoin node.
As long as you don't take the right precautions like setting up VLAN or a decent firewall setup within the LAN, if you get your 'non-Bitcoin machine' infected, all your other devices are at risk, too.

Personally, I'd limit the amount of ports I open and publicly accessible services I run, in general.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
September 08, 2022, 10:01:08 AM
#62
with plex, jellyfin, transmission, sonarr, radarr, lidarr and prowlarr 7 new apps launched in the umbrel app store yesterday

None of them related with cryptocurrency in any way. I wonder if decent amount of Umbrel user want to make their Raspberry become more useful since those 7 apps is added in single commit[1].

It's a device that holds your finances, no reason to be doing that much more.

In first place, people shouldn't hold their Bitcoin on Umbrel. It's still on beta and not considered secure by the developer[1].

[1] https://github.com/getumbrel/umbrel-apps/commit/60878f278d544b204d8e7c96240c797f43a9b319
[2] https://github.com/getumbrel/umbrel/blob/master/SECURITY.md

As I have always said with hot / online wallets. It comes down to the risk vs convenience amount and everyone's number is going to be different.

I have a non raided - beta software - SBC - always online - tor connected umbrel lightning node with more funds on it then the hot wallet on my phone. Because even with all the above I still think it's more secure. And I probably won't forget it on a table at a restaurant and leave it there.

Others will feel differently. Bill Gates could leave $10000s on one and not care.

But, all that aside, once it's out of beta do you really want it to be running more then just crypto apps?

-Dave
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
September 07, 2022, 08:57:44 AM
#61
i was thinking the same thing and actually it would be perfectly sufficient if umbrel only offers Bitcoin specific apps in their own app store ... so slowly this degenerates into another/wrong direction Roll Eyes
the umbrel node should continue to function as its own stable Bitcoin node including lightning and run without problems
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
September 07, 2022, 08:43:27 AM
#60
Although I really like the concept of all these apps, every time you add stuff to a project like this you do compromise security and add things that can go wrong.

Also, most people are still running it on a RPi, there is a limit to what it can do. You know there are people out there that will install every app and then wonder why it's taking forever for the node to sync or why this or that is going wrong and it's just the RPi CPU screaming while trying to keep up.

It's a device that holds your finances, no reason to be doing that much more.

-Dave
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
You can do it with parameter -connect= or adding connect= to bitcoin.conf file.

For now Umbrel is TOR only, will it still connect to a non TOR node even if it's local? I never tried.
Also, although it should not matter, changing the conf file for some of the preconfigured nodes may cause other issues. I know once you change any of the conf files in mynode it will not change them itself even if an update to bitcoind or other app requires it. It's the you touch it, it's yours theory.

-Dave


I don't know how Umbrel configure Bitcoin Core, but AFAIK -connect= is categorized as manual connection can ignore -onlynet=onion. But i agree it's not ideal option, considering you could mess Umbrel and he have option to copy Bitcoin Core directory to Pi 400.

Quote from: bitcoind --help
  -onlynet=
       Make automatic outbound connections only to network (ipv4, ipv6,
       onion, i2p, cjdns). Inbound and manual connections are not
       affected by this option. It can be specified multiple times to
       allow multiple networks.
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
September 07, 2022, 08:24:51 AM
#59
with plex, jellyfin, transmission, sonarr, radarr, lidarr and prowlarr 7 new apps launched in the umbrel app store yesterday
Pages:
Jump to: