Running Bisq on Tails

From Bisq Wiki
Revision as of 19:33, 19 March 2022 by W000000t (talk | contribs) (add persistent storage instructions by https://github.com/amosgroth)
Jump to navigation Jump to search

To run Bisq on the Tails OS, a few manual steps are required.

Preparations

Warn
Tails does not persist data by default, so while following these directions will allow you to run Bisq on Tails, all data will be erased as soon as you reboot. This means you will lose your Bisq keys, wallet data, and everything else in the data directory.

Make sure to set up persistent storage and dotfiles to have your Bisq data persisted across sessions.

Install

After restarting Tails, go to https://github.com/bisq-network/bisq/releases using your Tor Browser and download the Bisq-64bit-[version].deb and .asc files.

You may have to use wget, because curl may not use Tor and could be blocked from using the internet.

Verify your download

  • wget https://bisq.network/pubkey/[keyid].asc should result in a file [keyid].asc in your working directory. See "Verification" section of release notes for the exact key ID you should use (it's 29CDFD3B as of this writing) to verify your download.
  • Import the key to gpg by gpg --import [keyid].asc
  • Check the signature with gpg --digest-algo SHA256 --verify [yourbinaryhere]{.asc*,} which should give you something like this
[snip]
gpg: Good signature from "Christoph Atteneder...
[snip]

Install Bisq

Do a simple sudo dpkg -i [yourbinaryhere].

Configure

  • Make authcookie readable:
sudo chmod o+r /var/run/tor/control.authcookie
  • Configure onion-grater.

Create a file /etc/onion-grater.d/bisq.yml with contents:

---
- apparmor-profiles:
    - '/opt/bisq/bin/Bisq'
  users:
    - 'amnesia'
  commands:
    AUTHCHALLENGE:
      - 'SAFECOOKIE .*'
    SETEVENTS:
      - 'CIRC WARN ERR'
      - 'CIRC ORCONN INFO NOTICE WARN ERR HS_DESC HS_DESC_CONTENT'
    GETINFO:
      - 'net/listeners/socks'
    ADD_ONION:
      - pattern:     'NEW:(\S+) Port=9999,(\S+)'
        replacement: 'NEW:{} Port=9999,{client-address}:{}'
      - pattern:     '(\S+):(\S+) Port=9999,(\S+)'
        replacement: '{}:{} Port=9999,{client-address}:{}'
    DEL_ONION:
      - '.+'
    HSFETCH:
      - '.+'
  events:
    CIRC:
      suppress: true
    ORCONN:
      suppress: true
    INFO:
      suppress: true
    NOTICE:
      suppress: true
    WARN:
      suppress: true
    ERR:
      suppress: true
    HS_DESC:
      response:
        - pattern:     '650 HS_DESC CREATED (\S+) (\S+) (\S+) \S+ (.+)'
          replacement: '650 HS_DESC CREATED {} {} {} redacted {}'
        - pattern:     '650 HS_DESC UPLOAD (\S+) (\S+) .*'
          replacement: '650 HS_DESC UPLOAD {} {} redacted redacted'
        - pattern:     '650 HS_DESC UPLOADED (\S+) (\S+) .+'
          replacement: '650 HS_DESC UPLOADED {} {} redacted'
        - pattern:     '650 HS_DESC REQUESTED (\S+) NO_AUTH'
          replacement: '650 HS_DESC REQUESTED {} NO_AUTH'
        - pattern:     '650 HS_DESC REQUESTED (\S+) NO_AUTH \S+ \S+'
          replacement: '650 HS_DESC REQUESTED {} NO_AUTH redacted redacted'
        - pattern:     '650 HS_DESC RECEIVED (\S+) NO_AUTH \S+ \S+'
          replacement: '650 HS_DESC RECEIVED {} NO_AUTH redacted redacted'
        - pattern:     '.*'
          replacement: ''
    HS_DESC_CONTENT:
      suppress: true

Then restart the onion-grater service with service onion-grater restart.

  • In /usr/share/applications/bisq-Bisq.desktop, replace:
Exec=/opt/bisq/bin/Bisq

with:

Exec=/opt/bisq/bin/Bisq --torControlPort 9051 --torControlCookieFile=/var/run/tor/control.authcookie --torControlUseSafeCookieAuth

Run Bisq

Click Applications > Other > Bisq.

Or via terminal:

/opt/bisq/bin/Bisq --torControlPort 9051 --torControlCookieFile=/var/run/tor/control.authcookie --torControlUseSafeCookieAuth

Persistent Data Directory

Either you want a fresh install or you had Bisq installed somewhere else and would like to keep your Bisq user identity and data. In both cases, you need to make sure that the Bisq data directory doesn't get lost after restarting Tails.

After the first start, Bisq has automatically created its data directory in the ~/.local/share/Bisq directory and from there it gets deleted after a Tails restart.

New User

  • Quit Bisq after the first start, once synchronisation and setup are completed
  • Move the data directory to the dotfiles [3]

mv ~/.local/share/Bisq/* /live/persistence/TailsData_unlocked/dotfiles/.local/share/Bisq

  • Restart Tails

Existing User

cp -r /[yourdirectoryhere]/Bisq /live/persistence/TailsData_unlocked/dotfiles/.local/share/Bisq

  • Restart Tails

Installation Script

Because Tails doesn't persist the Bisq for the next session, you have to repeat the installation [5] and configuration [6] after every restart. To make life easier, you can automate this in a bash script. Make sure this script is saved somewhere in the Tails persistent directory.

  • Create script file:

touch ~/Persistent/install-bisq.sh

  • Make script executable:

chmod +x ~/Persistent/install-bisq.sh

  • Edit and save file:
#!/bin/bash

dpkg -i [yourbinaryhere]
echo "Change access rights of /var/run/tor/control.authcookie ..."
chmod o+r /var/run/tor/control.authcookie
echo "Create /etc/onion-grater.d/bisq.yml ..."
echo "---
- apparmor-profiles:
    - '/opt/bisq/bin/Bisq'
  users:
    - 'amnesia'
  commands:
    AUTHCHALLENGE:
      - 'SAFECOOKIE .*'
    SETEVENTS:
      - 'CIRC WARN ERR'
      - 'CIRC ORCONN INFO NOTICE WARN ERR HS_DESC HS_DESC_CONTENT'
    GETINFO:
      - 'net/listeners/socks'
    ADD_ONION:
      - pattern:     'NEW:(\S+) Port=9999,(\S+)'
        replacement: 'NEW:{} Port=9999,{client-address}:{}'
      - pattern:     '(\S+):(\S+) Port=9999,(\S+)'
        replacement: '{}:{} Port=9999,{client-address}:{}'
    DEL_ONION:
      - '.+'
    HSFETCH:
      - '.+'
  events:
    CIRC:
      suppress: true
    ORCONN:
      suppress: true
    INFO:
      suppress: true
    NOTICE:
      suppress: true
    WARN:
      suppress: true
    ERR:
      suppress: true
    HS_DESC:
      response:
        - pattern:     '650 HS_DESC CREATED (\S+) (\S+) (\S+) \S+ (.+)'
          replacement: '650 HS_DESC CREATED {} {} {} redacted {}'
        - pattern:     '650 HS_DESC UPLOAD (\S+) (\S+) .*'
          replacement: '650 HS_DESC UPLOAD {} {} redacted redacted'
        - pattern:     '650 HS_DESC UPLOADED (\S+) (\S+) .+'
          replacement: '650 HS_DESC UPLOADED {} {} redacted'
        - pattern:     '650 HS_DESC REQUESTED (\S+) NO_AUTH'
          replacement: '650 HS_DESC REQUESTED {} NO_AUTH'
        - pattern:     '650 HS_DESC REQUESTED (\S+) NO_AUTH \S+ \S+'
          replacement: '650 HS_DESC REQUESTED {} NO_AUTH redacted redacted'
        - pattern:     '650 HS_DESC RECEIVED (\S+) NO_AUTH \S+ \S+'
          replacement: '650 HS_DESC RECEIVED {} NO_AUTH redacted redacted'
        - pattern:     '.*'
          replacement: ''
    HS_DESC_CONTENT:
      suppress: true" > /etc/onion-grater.d/bisq.yml
echo "Restart onion-grater service ..."
service onion-grater restart
echo "Edit Bisq executable file ..."
sed -i 's+Exec=/opt/bisq/bin/Bisq+Exec=/opt/bisq/bin/Bisq --torControlPort 9051 --torControlCookieFile=/var/run/tor/control.authcookie --torControlUseSafeCookieAuth+' /usr/share/applications/bisq-Bisq.desktop
echo "Bisq installed successfully."

Now you might run this script everytime you want to install and run Bisq after a Tails restart: sudo ./install-bisq.sh<?code>