Usually, the first contact with Bitcoin happens on an exchange. You buy it online and it appears as just another number in an account. That experience doesn’t help you understand what is really happening or what makes it different from traditional money, and it creates a sense of distance that makes adoption even harder.

The lack of a physical experience makes Bitcoin feel abstract. Without tangible interaction, it’s difficult to internalize it and explain it in simple terms. That’s exactly where the need arises to bring Bitcoin into the real world and make it visible through direct experience.

The idea: a DIY Bitcoin ATM to learn using real coins

The idea was simple: build a DIY Bitcoin ATM (do it yourself) that would allow anyone to experience Bitcoin directly, without prior knowledge or technical explanations. A physical device that connects an everyday action with the real operation of the network.

The ATM works as a bridge between the physical world and Bitcoin. The user inserts a coin, the system detects it, and once the operation is finished, the user receives satoshis directly in their wallet via the Lightning Network. In just a few seconds, a physical coin turns into real Bitcoin.

A satoshi (or sat) is the smallest unit of Bitcoin (BTC), equal to one hundred millionth of a Bitcoin (0.00000001 BTC).

This approach turns learning into a hands-on experience. There’s no need to talk about nodes, blocks, or private keys. The person sees something happen, understands that value has been exchanged, and walks away with Bitcoin in their own wallet.

The goal of the project is not to sell Bitcoin or provide a financial service, but to educate. It’s a tool designed for workshops, meetups, events, or simply to show friends and family how Bitcoin works in a clear and accessible way.

Lightning Network is key in this context. It enables instant, very low-value payments, which is essential for making exchanges with physical coins practical and immediate. Without Lightning, this experience would not be possible.

Lightning Network is a second-layer protocol built on top of Bitcoin that enables instant off-chain payments.

The heart of the project: LightningATM and the educational approach

After researching different options to build a DIY Bitcoin ATM, I came across an open-source project called LightningATM. From the very beginning it matched exactly what I had in mind: a simple, functional ATM designed specifically for education.

LightningATM is not meant to be a commercial ATM or an industrial solution. Its purpose is to demonstrate, in a practical way, how Bitcoin works through the Lightning Network. It only accepts physical coins and converts them into small amounts of satoshis, just enough to make the experience immediate and understandable.

One of the aspects that caught my attention most was the evolution of the project itself. Early versions were built in cardboard boxes, almost like an improvised experiment, and over time they incorporated improvements, eventually reaching more refined designs, even with 3D-printable enclosures. That maker mindset—iterative and without commercial ambitions—fit perfectly with the spirit of this project.

It’s important to emphasize that the authors themselves make it clear this is a hobby project. It’s not designed to withstand attacks or operate in professional environments. And that’s not a weakness, but a conscious decision: prioritizing simplicity and learning over extreme robustness.

During the research phase I also considered other alternatives, such as the DIY ATMs from Bleskomat. It’s a very solid open-source project, with a more advanced approach and aimed at more complete deployments. It’s definitely worth exploring, although in my case I was looking for something more minimalist and focused exclusively on the educational experience.

Choosing LightningATM was a purpose-driven decision. I didn’t want the most complete or the most secure ATM, but the one that explained Bitcoin best with the fewest possible parts and concepts.

How the DIY Bitcoin ATM works

The ATM’s operation is intentionally simple. The idea is that anyone can understand what’s happening without needing technical knowledge of Bitcoin.

Everything starts when the user inserts a coin into the ATM. The coin acceptor detects the type of coin and sends a signal to the Raspberry Pi. Each coin is translated into a specific number of satoshis, calculated in real time based on the BTC/EUR exchange rate.

The user can insert as many coins as they like. The screen shows the accumulated value in satoshis in a clear and transparent way. When finished, the user presses a button to confirm the operation.

At that moment, the ATM generates a QR code. That QR represents the request to receive the accumulated satoshis. The user simply scans it with their Lightning wallet and, within seconds, the funds arrive in their wallet.

There are no accounts, no user records, and no intermediate steps. The ATM doesn’t “store” Bitcoin for the user; it simply facilitates the exchange between a physical coin and an immediate Lightning payment. The experience is direct and easy to follow, even for someone who has never used Bitcoin before.

This simple flow is exactly what makes the ATM a good educational tool. Each step is visible, logical, and easy to explain, which helps remove many of the common doubts around Bitcoin and digital payments.

Software and hardware of the DIY Bitcoin ATM

The ATM is built on a very simple and accessible hardware base. The core of the system is a Raspberry Pi, which handles the ATM logic, communicates with the peripherals, and displays information on the screen. This choice keeps costs low and makes it easy for anyone to replicate or modify the project.

On the hardware side, each component has a very specific role: the coin acceptor detects insertions and sends electrical pulses, the display shows the operation status, and the button allows the user to confirm when they want to receive their satoshis. The entire system is designed so that every element has a clear and visible purpose.

On the software side, the LightningATM project runs directly on the Raspberry Pi and acts as an intermediary between the physical hardware and the Lightning network. The software interprets the coin acceptor signals, calculates the corresponding satoshi value in real time, and manages the generation of the QR code for withdrawing funds.

One advantage of this approach is flexibility. Parameters such as coin value, maximum limits per operation, or interface behavior can be easily adjusted. This makes it possible to adapt the ATM to different contexts, from quick demos to longer educational workshops.

Components list

Below is the complete list of components used to build the DIY Bitcoin ATM. All elements are easy to source and can be adapted depending on availability or personal preference.

Instructions to build your own ATM

The original project repository includes a detailed step-by-step guide to assemble and configure the DIY Bitcoin ATM from scratch. By following those instructions, it’s possible to build a fully functional ATM without additional modifications.

In my case, the final design includes some hardware and enclosure customizations, but the core system follows the original project instructions closely. Anyone who follows the guide can create their own educational ATM and later adapt it to their needs or aesthetic preferences.

The documentation covers everything from software installation to initial system setup, making it a solid starting point both for reproducing the project as-is and for using it as a base for experimentation.

Step-by-step installation guide:
https://github.com/21isenough/LightningATM?tab=readme-ov-file#installation-guideline

The challenge of creating a unique enclosure

From the start, I knew I didn’t want to mount the ATM in a generic box or a standard 3D-printed case. The project had an educational side, but also an emotional one. If I wanted to capture the attention of someone who knows nothing about Bitcoin, the object itself had to spark curiosity.

I enjoy reusing and recycling old objects, giving them a second life while respecting their history. I had an old electronic voltmeter from the 1950s–60s, brand LME, made in Barcelona. It no longer worked, but its aesthetics were amazing: metal body, analog scale, industrial typography, and a presence that invited interaction.

Turning an instrument designed to measure volts into a Bitcoin ATM felt too good to pass up. It connected two worlds separated by more than half a century: classic analog electronics and decentralized digital money.

Adapting the voltmeter wasn’t trivial. The interior had to be completely emptied, the original enclosure preserved, and a way found to integrate the display, coin acceptor, and buttons without breaking the device’s aesthetic. The priority wasn’t ease of assembly, but maintaining the object’s original character.

The final result doesn’t aim to look like a modern commercial product. On the contrary, it feels like a machine from another era, and that actually benefits the project. People approach it out of curiosity, ask what it is, and only then discover they’re interacting with Bitcoin and the Lightning Network.

Reusing this kind of old hardware not only reduces waste, it also adds a narrative layer to the project. The ATM stops being just a technical device and becomes a piece that tells a story even before it’s used.

The final prototype

Once all the hardware was integrated into the voltmeter, the ATM started to take shape as a complete object. At this stage, the focus shifted from internal functionality to presentation, interaction, and visual coherence.

Early versions of the prototype used a Raspberry Pi 3B, simply because it was available and convenient for development and testing. Once the project was validated, the system was migrated to a Raspberry Pi Zero W, which is more compact and better suited for a final device of this kind. Functionally nothing changed, but size and internal simplicity improved significantly.

For this reason, some process photos still show the Raspberry Pi 3B, as they belong to the early build iterations.

The layout of the elements was designed with user experience in mind. The screen sits in a clearly visible position, the buttons are placed intuitively, and the coin acceptor is integrated while respecting the voltmeter’s original aesthetic. There are no visible instructions or complex prompts; interaction feels natural.

The result is an ATM that doesn’t look like a modern tech device. At first glance it could pass for an old industrial instrument, and that ambiguity is exactly what sparks curiosity. People approach it, ask what it is, and only then realize they’re interacting with Bitcoin.

The final prototype fulfills its main goal: to serve as a functional, stable, and easy-to-use educational tool, without pretending to be a commercial product or a closed design.

Connection with LNbits

To manage the satoshis distributed by the ATM, the project relies on LNbits as a backend. LNbits acts as the funding source and makes it easy to control how much Bitcoin the ATM can dispense.

The ATM uses LNURL-withdraw, which generates a QR code that allows users to withdraw satoshis directly into their Lightning wallet. This fits perfectly with the educational goal of the project, as it removes intermediate steps and makes the process immediate.

From LNbits, limits can be set, balance can be topped up, and ATM usage can be monitored without complexity. There’s no need to expose nodes or configure advanced settings on the device itself, which greatly simplifies maintenance and reduces the risk of issues during demonstrations.

Conclusions and possible improvements

This project achieves its original goal: bringing Bitcoin into the physical world and making it easier to understand through direct experience. Turning a coin into satoshis, in seconds and right in front of the user, is far more effective than any theoretical explanation.

Using recycled hardware and an enclosure with history adds a narrative layer that amplifies the ATM’s impact. It’s not just a functional machine, but an object that invites questions and interaction.

Looking ahead, there’s room to explore improvements such as a more informative interface, demo modes without real value, or greater modularity in the design. Even in its current state, however, the ATM fulfills its role as a simple, effective, and replicable educational tool.

In short, this DIY Bitcoin ATM doesn’t aim to be perfect or final. It aims to be useful. And above all, it aims to make Bitcoin stop feeling abstract and become something you can see, touch, and understand.

In A Coruña, a group of enthusiasts and makers began meeting at Bricolabs to build nodes using affordable designs like fakeTek and EA3GRN’s videos. The experience was fun, but it also revealed a clear issue: the classic solar setup was overly complex and far from beginner-friendly.

From that need came MASN (Mesh Autonomous Solar Node) — a PCB designed so anyone can assemble a fully autonomous solar node in about an hour, without microscopes or messy wiring. The idea isn’t just to make it work, but to help you learn through the process. Building your own node gives you a deeper understanding of the Meshtastic ecosystem and lets you get the most out of it.

MASN PCB variants

MASN currently has two variants, identical in every aspect except for the LoRa radio module they use. The schematic, firmware, assembly process and overall behavior are exactly the same.

MASN – Core1262 version
Uses the Waveshare Core1262 HF module, based on the SX1262 chip. This is the original version of the project.

MASN – HT-RA62 version
Uses the HT-RA62 module. It is functionally compatible and intended as an alternative to the Core1262.

Throughout the article, most references mention the Core1262 version. If you build the HT-RA62 variant, the process is exactly the same. You only need to select the corresponding PCB and radio module in the bill of materials.

What MASN Solves

MASN is designed to simplify a process that, in its classic version, is messy and impractical.
Breadboard-based builds often end up with a jungle of wires, unreliable connections, and an overall setup that easily leads to mistakes.

The MASN PCB solves this by integrating everything into a single, compact design.

It’s easier to see the difference when you compare them:

Advantages

• Uses only THT components, easy to solder.
• Integrates all connections into the board — no messy wiring.
• Accepts standard modules that plug in directly.
• Includes an MPPT solar charger and telemetry features.
• Simplifies maintenance: swap a module without rebuilding the whole node.

MASN PCB Specifications

Main Components

• MCU: NiceNano (NRF52840)
• LoRa module: Waveshare Core1262 HF (MASN PCB Core1262 version) or HT-RA62 (MASN PCB HT-RA62 version), both for EU868 or any other band allowed in your region.
• Solar Charger: MPPT CN3791
• Current and Voltage Sensor: INA3221 (three channels)
  • Channel 1: node & sensors.
  • Channel 2: output of the MPPT module.
  • Channel 3: solar panel.
• Temperature and Humidity Sensor: BME280
• User and Control Buttons
• Connectors for Solar Panel, Battery, and Antenna

Dimensions and Mounting

• PCB Size: 63.4 mm × 96.9 mm
• Mounting Holes: 56.7 mm × 90 mm

MASN Core1262 schematic

MASN HT-RA62 schematic

Bill of Materials (BOM)

The node’s electronics are built from the following components.
Since purchase links may stop working over time, we’ve also included reference photos for each part so you can easily identify and source them elsewhere if needed.

In a second block, you’ll find the optional enclosure materials — you can mount the PCB in any weatherproof box you already have or can find.

MASN Core1262 Components

MASN HT-RA62 Components

Components shared by both versions

Enclosure Materials (Optional)

Safety and Important Warnings

 Never power on the node without an antenna connected. You can permanently damage the LoRa module.

 Do not power the board via USB and solar/battery at the same time. It may damage your computer’s USB port.

If soldering header pins on the LoRa module, make sure the antenna connector doesn’t touch pin 1 (RF output). When mounted directly to the PCB as SMD, this issue doesn’t occur.

Ordering MASN PCBs

You can order the MASN PCBs directly from pcbway.com (the design files are linked in the Bill of Materials).

The process is very simple — just upload the provided files, choose your options, and place the order. I also walk through the process step by step in the following video (Spanish).

Firmware Installation

Before soldering anything, it’s a good idea to make sure the microcontroller works properly and boots without issues. This quick step helps you avoid problems later in the build.

Check or Update the Bootloader

To install the Meshtastic firmware, your microcontroller must have a bootloader version 0.8 or higher. You can check it by following these steps:

• Connect the NiceNano (NRF52840) board via USB.
• Make two quick touches (using metal tweezers) between the RESET and GND pins (see reference photo below) to enter DFU mode.
• Your computer will mount a USB drive named NICENANO or similar.
• Check that the bootloader version is 0.8 or higher. You can verify this by opening the file INFO_UF2.TXT inside the USB drive that appears when entering DFU mode.
  • If it is inferior, copy the file update-nice_nano_bootloader-0.9.2_nosd.uf2 into the drive.
  • If you need another version, check the official repository.
• After copying, the board will automatically reboot (give it a few seconds).
• If your board doesn’t include a bootloader, follow the official procedure linked in the bootloader guide.

Install the Meshtastic Firmware

• Enter DFU mode (as explained above).
• Open https://flasher.meshtastic.org.
• Select the device NRF52 Pro-micro DIY.
• Choose the latest stable version (or beta if you want to test new features).
• Download the file and drag it into the DFU USB drive.
• Once copied, the board will reboot automatically and start running the Meshtastic firmware.

After this process, you’ll know your microcontroller is healthy and ready to integrate into the node.

Step-by-Step Assembly

The physical assembly is straightforward if you follow the right order.
The key is to prepare the modules first, then populate the PCB, and finally connect the antenna and power.

Prepare the Modules

Solder the pins to each module: the temperature sensor, the MPPT charger, the microcontroller, and the LoRa radio module.

For the INA3221, follow these steps to solder the 90° pins on the channel side and add the SDA bridge.

Step-by-step summary:

1. Using the 90° header pins, cut three groups of three pins
2. Remove the middle pin with tweezers
3. Place the remaining pins in position
4. Trim them so they only make contact with the pad
5. Solder the pins onto the INA3221 channel pads
6. Solder the SDA bridge

Populate the PCB

• Place the modules on the board. You can choose to use female sockets (to make modules swappable) or solder them directly to the PCB.
• Add the buttons, switches, and connectors in their positions.

Prepare the Solar Panel

• Remove any factory electronics (LEDs, regulators, etc.) to avoid unnecessary power drain.
• Solder a pair of wires to the terminals and always identify positive and negative — ideally using different wire colors.

Connect Antenna and Power

 Never power on the node without an antenna connected. You could burn the LoRa module.

• Connect the antenna before powering the system.
• Connect the battery.
• Connect the solar panel (preferably covered while doing so).

After these steps, your node hardware will be fully assembled and ready for configuration.

Basic Meshtastic Configuration

With the hardware ready, it’s time to power up the node (by switching on the toggles) and check that it communicates correctly. For this, we’ll use the official Meshtastic app, available for Android and iOS. You can also use the web version if you prefer.

• Connect to the node via Bluetooth using the app (default PIN: 123456).
• Set the region of use. In the European Union, select EU868 MHz.
• Assign a new Bluetooth PIN for future connections (and make sure to write it down).
• Give your node a short name (4 characters) — this will be its identifier on the mesh network. Example: CHR3.
• In the Telemetry section, enable Power and Environment. This will start transmitting data such as temperature, pressure, current, and voltage.

After saving the changes, the node will begin sending telemetry and will automatically join the network. From the app, you can now check coverage, neighboring nodes, and power consumption.

Remote Control (Remote Admin)

If you plan to leave the node in a remote or hard-to-access location, it’s a good idea to configure it for remote administration. This allows you to change parameters from another node (through the mesh) without needing to plug in a cable or travel to the site.

• Go to the Admin Messages menu and add the private key of one or more of your nodes.
• From that point on, you’ll be able to send configuration commands remotely. These are transmitted as encrypted messages through the mesh network.

By default, for security reasons, nodes only accept commands via USB, Bluetooth, or TCP.
When you enable this option, you expand control capabilities — but use it with caution.

Recommendation: test any configuration change on a test node before applying it to a remote one. That way, you avoid locking yourself out or making the node inaccessible.

Full documentation: https://meshtastic.org/docs/configuration/remote-admin/

Status LEDs and Indicators

INA3221 Current Sensor

• VS ON Power is present on the board.
• PV ON The enabled channels are detecting valid voltage.

More info: https://done.land/components/power/measuringcurrent/viashunt/ina3221/

MPPT CN3791 Charger

• No light No sunlight or the panel isn’t providing power.
• Solid red Charging.
• Solid blue Battery fully charged.
• Fast red blinking Battery not detected.

More info about the CN3791: Datasheet

NRF52840 Microcontroller

• Flashing red The board is powered and running correctly.

Outdoor Enclosure

To install the node outdoors, proper protection is essential.
The enclosure must be weatherproof, sun-resistant, and allow for some ventilation to prevent condensation and excessive heat buildup.

Choosing the Enclosure

• Use an IP65 or higher electrical box. This is a common standard and provides enough protection against rain and dust.
• The recommended size is 158×90×60 mm, although it depends on your battery and connector layout.
• Material: PVC or ABS. If possible, choose a UV-resistant version.

Antenna

If you want to connect the antenna directly, you can mount the SMA connector on the top of the enclosure. However, if you prefer to use an external pigtail to the antenna, the ideal position is on the bottom side of the box.

Connections

• Cable glands: Essential for routing the solar panel cable while keeping the enclosure sealed.
• Vent plug: Prevents condensation buildup and balances internal air pressure.

Internal Mounts

• 3D-print the mounts for the PCB and the battery (links provided in the Bill of Materials). PETG filament is recommended for better temperature resistance.
• Place the threaded inserts into the raised holes.
• Push the inserts in using a soldering iron so they settle into position.
• Position the battery in its mount with the wires facing upward.

Thermal Management

• Interior temperatures can easily exceed 40 °C under direct sunlight.
• Painting the enclosure white or placing it in partial shade helps reduce heat.
• You can also add a small sun shield or mount it on a mast for natural ventilation.
• A practical idea: insulate the battery from the wall of the box that gets the most sunlight. You can use a thin foam sheet or a similar spacer. This keeps the battery cooler and extends its lifespan.

The enclosure doesn’t just protect against rain and dust — it’s also key to the node’s long-term durability. Spending a bit of time choosing and preparing it properly will make a big difference in the project’s lifespan.

Once all the parts are assembled, the enclosure should look like the photo below:

Practical Details and Usage Tips

A few practical details to keep in mind once your node is assembled:

Legal Power Limits

Always respect your region’s regulations.
In Europe, the applicable standard is ETSI EN 300-220, which limits the effective radiated power (EIRP). Using an antenna with too much gain could make your node non-compliant or illegal.

Charging Current

The battery used supports a maximum of 1 A. The MPPT charger can deliver up to 2 A, so you have two options:

• Replace the MPPT shunt resistor with a 0.12 Ω (2512) one to limit the charging current.
• Use a solar panel that doesn’t exceed 1 A of output current.

Nighttime Leakage

The suggested CN3791 MPPT charger doesn’t include a blocking diode, so you’ll see a small negative current (~2 mA) flowing toward the panel at night. That equals about 24 mAh/day, or roughly 0.6% of a 4000 mAh battery — negligible in practical use.

License: CERN OHL-S v2

MASN is an open and free hardware project, licensed under the CERN Open Hardware Licence Version 2 – Strongly Reciprocal (CERN OHL-S v2).

This means you can use, manufacture, modify, and share this design freely, even for commercial purposes — as long as you keep the same license and publish any modifications you make.

The goal is to ensure that knowledge and improvements remain accessible to everyone, fostering an open, collaborative, and transparent ecosystem.

Acknowledgments

Thanks to everyone who contributed ideas, tested prototypes, and shared feedback during our meetings in A Coruña and the Bricolabs group, which came together to move this project forward. Special thanks to EA3GRN for his videos and to the fakeTec project, which served as the foundation for this work. Also, heartfelt appreciation to the Meshtastic España community for their support, resources, and active involvement in improving and spreading the project.

Additional thanks to PCBWay, who contacted us and are collaborating with the project by providing free PCBs for our prototype iterations, making faster experimentation and open development possible.

Disclaimer

This project is shared as is, without warranty. Each person is responsible for assembling and using their own node. If you decide to deploy it, make sure you comply with your region’s radio regulations.

The problem: why doesn’t the camera work on TailsOS?

The FaceTime HD (Broadcom 1570) camera is a proprietary hardware component that requires specific drivers to function properly. Since TailsOS is a privacy-focused operating system based on Debian, it does not include support for this type of hardware by default.

This means that after starting TailsOS, the camera won’t be detected until the necessary drivers are installed.

General information about the FaceTime HD driver on Linux

The driver for the FaceTime HD camera is developed by the open-source community and is available on GitHub: patjak/facetimehd. This driver allows PCIe Broadcom 1570 cameras, found in recent MacBooks, to work on Linux-based systems like TailsOS.

The installation process includes:

• Downloading the necessary files.
• Compiling the driver.
• Installing the modules to enable the camera.

Kernel check before installation

Before running the script, it’s essential to check the exact version of your system’s kernel to avoid package installation errors.

Open a terminal and type:

uname -r

This will show a result like:

6.1.0-28-amd64

In the installation script (which you’ll see below), replace linux-headers- with your specific version:

If your result was 6.1.0-28-amd64, the line should be:

apt install -y make linux-headers-6.1.0-28-amd64 libssl-dev checkinstall mplayer

Alternative in case of failure
If the above command fails, try using the generic package:

apt install -y make linux-headers-generic libssl-dev checkinstall mplayer

Driver installation and script configuration

Create the persistent storage folder

Ensure that Persistent Storage is enabled. If you haven’t set it up, follow the official TailsOS instructions to configure it.

• Recommended Path: ~/Persistent/camera/

Save the installation script in the folder

Create a file named install-camera.sh and paste the following content:

#!/bin/bash

echo "Updating packages"
apt update

echo "Installing modules make linux-headers-6.1.0-28-amd64 libssl-dev checkinstall mplayer"
apt install -y make linux-headers-6.1.0-28-amd64 libssl-dev checkinstall mplayer

echo "Cloning repos facetimehd-firmware & bcwc_pcie"
cd /home/amnesia/Downloads
sudo -u amnesia git clone https://github.com/patjak/facetimehd-firmware.git
sudo -u amnesia git clone https://github.com/patjak/bcwc_pcie.git

echo "Installing facetimehd-firmware"
cd /home/amnesia/Downloads/facetimehd-firmware
sudo -u amnesia make
make install

echo "Installing bcwc_pcie"
cd /home/amnesia/Downloads/bcwc_pcie
sudo -u amnesia make
checkinstall -y
depmod
modprobe facetimehd

echo "Finished - Testing cam"
sudo -u amnesia mplayer tv://

Make the script executable

Open a terminal and type:

chmod +x ~/Persistent/camera/install-camera.sh

How to use the script after system boot

Since TailsOS resets the system on reboot, you need to run the script each time you start the system.

1. Connect to the internet: make sure you are connected to a network before running the script, as it will download necessary packages.
   
2. Run the script in the terminal:

sudo ~/Persistent/camera/install-camera.sh

Final thoughts: time to use your camera on TailsOS

While TailsOS prioritizes privacy and disables proprietary hardware by default, you can enable the MacBook FaceTime HD camera thanks to the facetimehd open-source driver. By following these steps, you can conduct video calls or conferences while keeping your system secure without sacrificing essential features.

If you have any questions or encounter issues during the installation, feel free to share your concerns in the comments. I hope this guide has been helpful!

Project goal

We want the oscillator to be as close as possible to the desired frequency (in this case, 14 MHz). We’ll use a calibrated receiver, such as a radio or an SDR, to measure the resulting frequency and, with this data, correct the frequency of the SI5351’s crystal.

Warning: this way of calibrating the SI5351 works correctly for transmitting on a given band (the one you calibrate with). If you calibrate at 10MHz but then transmit at 144MHz you will not have the frequency centered.

Required tools

1. SI5351 Module and an Arduino or ESP32 microcontroller.
2. The Si5351Arduino library (available on GitHub: etherkit/Si5351Arduino).
3. A calibrated radio or SDR (to compare the resulting frequency).

Preparation: Arduino code for initial setup

To start, install the library and set the initial crystal frequency to 25 MHz. Next, set the desired frequency to 14 MHz. Upload the code and measure the resulting frequency on your radio or SDR.

I have prepared a test code for calibration that, once connected, emits a signal at 14 MHz.

#include <si5351.h>
#include "Wire.h"

#define SI5351_REF     25000000UL         // si5351’s crystal frequency, 25 Mhz or 27 MHz
unsigned long freq     = 14000000UL;      // Change this for different band frequencies, unit is Hz. 
                                          
Si5351 si5351;
 
void setup()
{
  Serial.begin(115200);
  while (!Serial)
    ;

  Serial.println("Initializing radio module");

  bool i2c_found;

  // Start serial and initialize the Si5351
  i2c_found = si5351.init(SI5351_CRYSTAL_LOAD_8PF, SI5351_REF, 0);
  if(!i2c_found)
  {
    Serial.println("Device not found on I2C bus!");
  }

  // Set freq and CLK0 output
  si5351.set_freq(freq * 100, SI5351_CLK0);
  si5351.drive_strength(SI5351_CLK0, SI5351_DRIVE_8MA); // Set for max power, 10dbm output

  // Test the output for 60 seconds
  si5351.set_clock_pwr(SI5351_CLK0, 1);
  Serial.println("Testing singal");
  delay(500);

}

void loop()
{

}

Calculating the adjusted crystal frequency

To adjust the crystal, we’ll use a small JavaScript tool that calculates the precise frequency that should be set for the crystal to achieve the desired frequency.

1. Enter the desired frequency: in this case, 14 MHz (enter it in Hz: 14000000).
2. Enter the obtained frequency: the frequency observed on the radio or SDR, for example, 14.055000 MHz(14055000 Hz).
3. Enter the initial crystal frequency: the nominal frequency of the SI5351’s crystal, typically 25 MHz (25000000 Hz).

By clicking Calculate, the tool will output the adjusted crystal frequency, which you should use in your Arduino sketch instead of the initial frequency.

With this method, you can accurately adjust the SI5351 without specialized instruments. This solution is practical for radio enthusiasts and hobbyists, providing an excellent way to optimize your project without additional costs.

Adjusted crystal frequency calculation

Enter the values to calculate the adjusted crystal frequency:

Result:

This combination is powerful for those looking to maintain self-custody of their Lightning funds while handling payments easily. By exposing your setup to the clearnet, you can enable easier access for clients or services but must ensure proper security measures to protect your funds and server.

Warning: it goes without saying, but this guide doesn’t go into the necessary security steps in detail, and can’t take on liability for any things breaking or losing funds.

Ensure you don’t get reckless, start with small funds you’re ok to lose. Keep an eye on developments or in touch with the active Telegram groups, to get news and updates with low delays. Also, would recommend to do those steps with a peer, so you follow a second pair of eye review. Lastly, 2FA / yubikeys are your friends!

1. Requirements

For this guide we need:

• Some basic knowledge of Linux commands
• Virtual Private Server (VPS). You can get one on Lunanode or Digitalocean (free $200 in credit over 60 days)
• A domain name (or a sub-domain)

2. Setup VPS

To setup your Ubuntu Server VPS, please refer to this guide:

3. Adding Phoenixd

Phoenixd is a minimal, specialized Lightning node designed for developers and businesses to easily send and receive Lightning payments. It runs on a server, uses an HTTP API, and features automated liquidity management, making it ideal for use cases like merchant payments and crowdfunding.

Phoenixd focuses on simplifying interactions with the Lightning Network while maintaining self-custody, with no need for channel or peer management. Upon setup, it generates a 12-word recovery phrase to secure funds.

3.1 Install Phoenixd:

# Create directory
$ mkdir phoenixd
$ cd phoenixd

# Install
$ wget https://github.com/ACINQ/phoenixd/releases/download/v0.3.3/phoenix-0.3.3-linux-x64.zip
$ unzip -j phoenix-0.3.3-linux-x64.zip

# Run the daemon: that's it!
$ ./phoenixd

3.2 Backup your seed

After installation and first run, make sure to do a seed backup or you risk losing your funds. Please store this offline.

cat ~/.phoenix/seed.dat

3.3 Create & run Phoenixd service

Running Phoenixd as a system service ensures that it automatically starts with your server and is properly managed by the system. It increases reliability by enabling automatic restarts in case of crashes or reboots, making sure Phoenixd is always available to handle Lightning transactions without manual intervention.

Create a new file for the service:

sudo nano /etc/systemd/system/phoenixd.service

Add the following content:

[Unit]
Description=phoenixd
After=network.target

[Service]
ExecStart=/home/<your-user>/phoenixd/phoenixd
WorkingDirectory=/home/<your-user>/phoenixd
User=<your-user>
Restart=always
TimeoutSec=120
RestartSec=30

[Install]
WantedBy=multi-user.target

Run service:

sudo systemctl daemon-reload
sudo systemctl start phoenixd
sudo systemctl enable phoenixd

4. Adding LNbits

LNbits is an open-source, lightweight wallet and payment server designed to work with the Bitcoin Lightning Network. It provides a flexible, extensible platform for developers and businesses to create and manage multiple Lightning wallets, handle micropayments, and build custom applications or services.

LNbits offers a modular architecture with various plugins to add features like paywalls, point-of-sale systems, and tipping services. It aims to make interacting with the Lightning Network simple and adaptable while maintaining the benefits of self-custody.

4.1 Install LNbits:

To install LNbits please refer to https://docs.lnbits.org/guide/installation.html. I’ll describe how I installed using Poetry and SQLite.

It is recommended to use the latest version of Poetry. Make sure you have Python version 3.12 or higher installed.

Verify Python version:

python3 --version

Install Poetry:

curl -sSL https://install.python-poetry.org | python3 -
# Once the above poetry install is completed, use the installation path printed to terminal and replace in the following command

export PATH="/home/<your-user>/.local/bin:$PATH"

git clone https://github.com/lnbits/lnbits.git
cd lnbits
git checkout main

poetry install --only main

cp .env.example .env

Running LNbits server:

poetry run lnbits
# To change port/host pass 'poetry run lnbits --port 9000 --host 0.0.0.0'
# adding --debug in the start-up command above to help your troubleshooting and generate a more verbose output
# Note that you have to add the line DEBUG=true in your .env file, too.

4.2 Create & run LNbits service

Setting LNbits as a service ensures the same benefits as Phoenixd. It will automatically start with your VPS, recover from crashes, and maintain uptime, allowing uninterrupted wallet management and payments. By running it as a service, you simplify maintenance and reduce the chance of manual errors or downtimes.

Create a new file for the service:

sudo nano /etc/systemd/system/lnbits.service

Add the following content:

[Unit]
Description=LNbits
# you can uncomment these lines if you know what you're doing
# it will make sure that lnbits starts after phoenixd (replace with your own backend service)
Wants=phoenixd.service
After=phoenixd.service

[Service]
# replace with the absolute path of your lnbits installation
WorkingDirectory=/home/<your-user>/lnbits
# same here. run `which poetry` if you can't find the poetry binary
ExecStart=/home/<your-user>/.local/bin/poetry run lnbits
# replace with the user that you're running lnbits on
User=<your-user>
Restart=always
TimeoutSec=120
RestartSec=30
Environment=PYTHONUNBUFFERED=1

[Install]
WantedBy=multi-user.target

Run service:

sudo systemctl daemon-reload
sudo systemctl start lnbits
sudo systemctl enable lnbits

4.3 Setup Nginx

Setting up Nginx acts as a reverse proxy, which handles web traffic and routes it to your LNbits server running locally on your VPS. Adding SSL encryption with a certificate from Let’s Encrypt ensures that any data transferred between users and the server is secured, protecting sensitive information like wallet credentials and transactions. This is critical when exposing services to the clearnet.

Before doing the Nginx setup you need to point your domain to the VPS server.

Replace your-domain.com with your real domain name.

Install Nginx:

apt-get install nginx certbot

Create a SSL certificate with LetsEncrypt:

certbot certonly --nginx --agree-tos -d your-domain.com

Create an nginx vhost at /etc/nginx/sites-enabled/your-domain.com:

cat <<EOF > /etc/nginx/sites-enabled/your-domain.com
server {
    server_name your-domain.com;

    location / {
        proxy_pass http://127.0.0.1:5000;
    }

    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass_request_headers on;

    # WebSocket support
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";

    listen [::]:443 ssl;
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
EOF

Restart nginx:

service restart nginx

4.4 LNbits initial setup

Here we’ll activate the Admin UI inside LNbits to have a nice UI to tweak. So the first step is to activate the Admin UI:

$ sudo systemctl stop lnbits.service
$ cd ~/lnbits
$ sudo nano .env

Set: 

LNBITS_ADMIN_UI=true

Now start LNbits once in the terminal window:

$ poetry run lnbits

After that, you can obtain the Super User ID:

$ cat data/.super_user
123de4bfdddddbbeb48c8bc8382fe123

You can access your super user account at your-domain.com/wallet?usr=super_user_id.

After accessing, you will find the Server section under Manage.

Here you can design the interface, it has TOPUP to fill wallets and you can restrict access rights to extensions only for admins or generally deactivated for everyone. You can make users admins or set up Allowed Users if you want to restrict access. And of course the classic settings of the .env file, e.g. to change the funding source wallet or set a charge fee.

After doing the setup, do not forget to start the service again:

sudo systemctl start lnbits.service

4.5 Add Phoenixd as a funding source

Go to Server / Funding / Funding Sources and select Phoenixd, fill:

• Endpoint: http://127.0.0.1:9740
• Key: your Phoenixd API password (http-password) from:

cat ~/.phoenix/phoenix.conf

Save and restart server.

5. Open your first channel in Phoenixd to start receiving payments

Please read:

• Auto-liquidity
• Understanding and predicting fees
• Estimating liquidity fees

Note: In newer versions of Phoenixd there will be a new command to check for fees before opening a new channel /getfees --2M

On Phoenixd the first payments are used for the service/mining fees of the auto-liquidity and no channel is opened until these fees are payed.

Follow this steps for opening the first 2M sats channel:

• Enter the LNbits superuser account.
• Create invoice for 30,000 sats (please estimate amount as stated on auto-liquidity docs).
• Pay invoice with an external wallet.
• Use the Phoenixd command line to check if the channel is opened with /listchannels or /getinfo.

# Check if channel is opened
$ ./phoenix-cli getinfo

{
    "nodeId": "...",
    "channels": [
        {
            "state": "Normal",
            "channelId": "...",
            "balanceSat": 7074,
            "inboundLiquiditySat": 2011465,
            "capacitySat": 2022294,
            "fundingTxId": "..."
        }
    ],
    "chain": "mainnet",
    "blockHeight": 858977,
    "version": "0.3.3-4e805ad"
}

The cannel capacity is 2,022,294 sats and the opening fees were 30,000 – 7,074 = 22,926 sats with mempool at 6sat/vB.

5.1 Turn off auto-liquidity feature in Phoenixd

After opening the first 2M channel successfully, we’ll disable the auto-liquidity feature to avoid new channel openings/fees.

Edit phoenix.conf and add auto-liquidity=off:

$ nano ~/.phoenix/phoenix.conf

# Add auto-liquidity setting to off
auto-liquidity=off
http-password=...
http-password-limited-access=...
webhook-secret=...

Reset the service:

sudo systemctl restart phoenixd

6. Create a regular user account and start using LNbits

At this point, your channel with Phoenixd is active. It’s highly recommended that you create a regular user account instead of continuing to use the super admin account for daily operations. This way, you can safely start using LNbits to receive payments, connect devices, and explore its features without compromising the security of your administrative access.

To create a regular user account:

1. Log out from your super admin account.
2. Visit your LNbits instance (e.g., your-domain.com).
3. Sign up as a new user, and create your wallet.
4. Begin receiving payments, configuring extensions, and connecting devices.

Now, you’re ready to fully utilize LNbits with Phoenixd!

7. Verify running services

Create a script to check running services:

nano ~/check_services.sh

Add the following content:

#!/bin/bash
if systemctl is-active --quiet phoenixd; then
    echo "phoenixd is running."
else
    echo "phoenixd is not running."
fi

if systemctl is-active --quiet lnbits; then
    echo "LNbits is running."
else
    echo "LNbits is not running."
fi

if systemctl is-active --quiet nginx; then
    echo "Nginx is running."
else
    echo "Nginx is not running."
fi

Make the script executable and run it:

chmod +x ~/check_services.sh
~/check_services.sh

8. Backups

It’s important to do backups of your server. In this case we are using LNbits with the default SQLite database. If you use PostgreSQL you also need to do a backup there.

To backup LNbits we are going to copy ~/lnbits/data folder.

To backup Phoenixd we’ll copy the files inside ~/.phoenix leaving seed.dat outside the backup. This file is very sensitive and must be secured in other way as it includes the access to your funds.

9. Maintain & update your server

9.1 Update Ubuntu Server

When you login to your VPS you can see in the terminal window if new updates for Ubuntu are available. To perform updates please do:

sudo systemctl stop lnbits.service
sudo systemctl stop phoenixd.service
sudo su -
apt update && apt upgrade -y
reboot

9.2 Update Phoenixd

Simply replace the binary and restart the daemon. Phoenixd inherits from the same simplicity as the mobile version, upgrades are fully transparent.

9.3 Update LNbits

Stop LNbits and perform update:

sudo systemctl stop lnbits.service
cd ~/lnbits
git pull --rebase
poetry self update
poetry install --only main

Restart LNbits and read logs:

sudo systemctl start lnbits.service
sudo journalctl -u lnbits -f --since "2 hour ago"

Check if your LNbits server was started correctly in the logs (journal) and on the website.

Possibilities to check the version

If the update was successful, you can see on the LNbits website at the bottom left. There you can see e.g.

LNbits version: 0.12.9

You can check which “version” is current. Execute the command $ git show. As result you get Merge pull request #1234 .... This is the number of the last pull request that was merged. If you now go to the GitHub page of LNbits, you can see there which PR was the last merge. This is a good way to see how far behind you are. You can get out of “git show” with key q.

Are new functions added? Then check the .env file

With an update only the code of LNbits is updated, but not your database or configuration file .env. If there were changes / extensions, you must check independently or take the file from the .env.example as a template and create the .env again. You could compare the content very well by opening the .env file once with $ sudo nano ~/lnbits/.env and looking in a second window at the last .env.example state on GitHub.

After any changes applied on the .env file restart LNbits with

sudo systemctl restart lnbits.service

10. Security warning

This guide focuses on the technical aspects of setting up LNbits and Phoenixd, but it does not dive deeply into the necessary security measures. You are responsible for ensuring that your setup is secure. To help protect your funds and server, follow these important guidelines:

• Use Strong Passwords: Ensure that all system users and services (like LNbits and Phoenixd) use strong, unique passwords. Consider using a password manager to store them securely.
  
• Enable Two-Factor Authentication (2FA): Use 2FA wherever possible to secure access to your server and services like LNbits. Yubikeys or apps like Google Authenticator can help add an extra layer of protection.
  
• Configure a Firewall (UFW): Install and configure a firewall, like ufw (Uncomplicated Firewall), to restrict incoming and outgoing traffic to only the necessary services. This can prevent unwanted access to your server.
  
• Regularly Monitor Logs: Keep an eye on your server logs (e.g., Nginx, LNbits, Phoenixd) for any suspicious activity or unexpected errors. This can help you detect potential security breaches early.
  
• Keep Your Server and Software Updated: Regularly update your Ubuntu system and installed software (LNbits, Phoenixd, Nginx, etc.) to ensure you’re protected against the latest vulnerabilities.
  
• Use SSL (HTTPS): Ensure that your server is only accessible over HTTPS, with a valid SSL certificate. This encrypts communication between users and your server, preventing sensitive data from being intercepted.
  
• Backup Regularly: Backup your LNbits database and Phoenixd configuration (excluding seed files) regularly. Make sure your backup locations are secure and that you have offline backups for critical data like your Phoenixd seed.
  
• Monitor Security Developments: Keep up to date with security developments in the Lightning and Bitcoin ecosystems by joining Telegram groups or forums. This way, you’ll be alerted about any vulnerabilities, best practices, or new tools.

11. Additional documentation and sources

Docs

• Phoenixd docs https://phoenix.acinq.co/server/get-started
• LNbits docs https://github.com/lnbits/lnbits/wiki/LNbits-Documentation
• LNBits installation https://docs.lnbits.org/guide/installation.html

Guides

• LNbits on Phoenixd by Yvette https://github.com/arbadacarbaYK/LNbits.on.phoenixd.on.MacOS/blob/main/Ubuntu.md
• LNbits server by Axel Hamburch https://ereignishorizont.xyz/lnbits-server/en/
• VPS LNbits by Trezor Hannes https://github.com/trezorhannes/vps-lnbits?tab=readme-ov-file

By the end of this guide, you will have created a new user with administrative privileges, changed the default SSH port, configured a firewall, set up SSH keys for secure access, installed a basic security measure with Fail2ban (optional), and taken a server snapshot for future replication.

Getting started with a VPS

Before diving into the setup, you’ll need a Virtual Private Server (VPS) to host your Ubuntu server. There are several providers to choose from, and here are two great options:

• DigitalOcean: Get started with $200 in free credits over 60 days. DigitalOcean offers a user-friendly platform with various tutorials to help you get up and running quickly.
• Lunanode: A flexible VPS provider that allows payments with Bitcoin, providing an alternative for those who prefer privacy-focused payment options.

Once you’ve set up your VPS, follow the steps below to configure your Ubuntu server.

Why these steps matter

Configuring an Ubuntu server involves several essential steps to ensure that it is prepared for deployment and has a baseline level of security. Implementing these measures from the start can help prevent common vulnerabilities and establish a reliable foundation. Each step we’ll cover is designed to provide basic protection against unauthorized access, simplify server management, and enhance overall performance.

1. Log in as root

When you first connect to your server, you will need to log in as the root user. The root user has complete control over the system, which is necessary to perform the initial configuration.

To log in as the root user, you will need to use the following command from your local machine:

ssh root@yourserverIP

Replace yourserverIP with the IP address of your server.

Once you have logged in for the first time, update the packages:

apt update && apt upgrade -y

2. Create a new user

Using the root user for regular tasks is not recommended due to security concerns. Instead, you should create a new user with limited privileges to perform most tasks.

Replace yournewuser with your preferred username:

adduser yournewuser

Follow the prompts to set up a password and fill in optional information.

3. Grant administrative privileges

To allow the new user to perform administrative tasks, you need to add it to the sudo group, which provides elevated privileges.

Add the new user to the sudo group:

usermod -aG sudo yournewuser

4. Log in as the new user

Now that you have created a new user and granted it administrative privileges, log out from the root user and log back in as the new user:

ssh yournewuser@yourserverIP

From this point forward, use this new user account for all administrative tasks, using sudo before commands that require root privileges.

5. Change default SSH port

To enhance your server’s security, change the default SSH port from 22 to a non-standard port. This step helps reduce automated attacks that target default ports.

Check the current SSH port
To verify the port currently used by SSH (default is 22), run:

sudo systemctl status ssh

Change the port to 62539 (or any number you prefer)
Edit the SSH configuration file:

sudo nano /etc/ssh/sshd_config

Find the line that reads #Port 22 and change it to Port 62539. Remember to delete the “#” character.

Update systemd SSH socket configuration
Change the ListenStream setting to match your new port:

sudo nano /etc/systemd/system/sockets.target.wants/ssh.socket

Reload and restart SSH service

sudo systemctl daemon-reload  
sudo systemctl restart ssh

Connect to your server with the new port

ssh -p 62539 yournewuser@yourserverIP

6. Set up a basic firewall

Configuring a firewall helps to control incoming and outgoing traffic on your server, allowing only the necessary services. In this case, we will configure ufw (Uncomplicated Firewall) to allow traffic only on the SSH port you configured earlier.

Allow SSH connections on the new port

sudo ufw allow 62539/tcp

Allow HTTP and HTTPS traffic

sudo ufw allow http  
sudo ufw allow https

Enable the firewall

sudo ufw enable

Check the firewall status

sudo ufw status

7. Connect using SSH keys and disable password authentication

SSH keys provide a more secure way to log into your server than using a password alone.

Generate SSH keys on the client machine
If you haven’t created SSH keys yet, run:

ssh-keygen -t rsa -b 4096

Follow the prompts to save the key and set a passphrase.

Copy the public key to the server

ssh-copy-id -p 62539 yournewuser@yourserverIP

Test the SSH connection
Open a new terminal and run:

ssh -p 62539 yournewuser@yourserverIP

Disable password authentication and root login
Edit the SSH configuration file to disable password authentication and root login:

sudo nano /etc/ssh/sshd_config

Change PasswordAuthentication yes to PasswordAuthentication no. Also change PermitRootLogin yes to PermitRootLogin no

Restart SSH service

sudo systemctl daemon-reload  
sudo systemctl restart ssh

8. Fail2ban (optional)

Fail2Ban is a Linux-based security tool that prevents brute-force attacks by blocking suspicious IP addresses.
It works by monitoring log files from the system and various services like SSH, Apache, or Nginx.

When it detects malicious patterns (e.g., multiple failed login attempts), it adds temporary firewall rules (like iptables)to block that IP.

Use cases

• Highly recommended if you allow login via password on your system.
• If you only use SSH with private key authentication, it’s not strictly needed for system access (still useful for other exposed services).

Services it can protect

• SSH servers
• HTTP/HTTPS servers (Apache, Nginx)
• Webmail (Roundcube, SquirrelMail)
• Web applications (WordPress, phpMyAdmin, etc.)
• Proxy servers (Squid, etc.)
• FTP servers
• Email servers (Postfix, Dovecot, Exim)
• DNS servers

More information

• https://www.digitalocean.com/community/tutorials/how-fail2ban-works-to-protect-services-on-a-linux-server
• https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-22-04

9. Take a server snapshot

Once your server is configured correctly and securely, it’s a good idea to take a snapshot. This allows you to replicate the server setup quickly in the future.

Most VPS providers offer an option to create a snapshot in their management console.

Additional resources and documentation

To further secure and manage your Ubuntu server, refer to these additional guides:

• Initial Server Setup with Ubuntu 20.04
• How to Harden OpenSSH on Ubuntu 20.04
• How to Set Up SSH Keys on Ubuntu 20.04

Start your own VPS with free credits

If you want to try setting up your Ubuntu server, you can get free $200 credit over 60 days from DigitalOcean.

Join the conversation

If you have any suggestions or additional steps that could strengthen this article, feel free to share them in the comments or get in touch directly. I’d love to hear your ideas and incorporate them to make this guide even more comprehensive!

The idea of automating predictions emerged during a probe hunt with EB1A. As we approached the site, there was a “sudden silence” — we discovered that the probe had already been picked up. That was when I decided to develop a system to make this task easier, providing accurate predictions and automatic notifications.

And so, HAB Predictor was born.

What is a weather probe?

A weather probe is a compact device equipped with sensors that measure essential atmospheric variables such as temperature, pressure, and humidity. These probes are launched into the sky attached to helium balloons, allowing them to ascend to the stratosphere, reaching altitudes over 30 kilometers.

During its ascent, the probe transmits real-time data to ground stations, allowing meteorologists to obtain a detailed view of conditions at different layers of the atmosphere. This data is essential for improving weather forecasts and studying atmospheric phenomena.

The launch of probes is carried out in a synchronized manner worldwide, ensuring global coverage of atmospheric data. This process is vital for modern meteorology and has applications in areas as diverse as aviation, scientific research, and disaster forecasting.

In A Coruña, Spain, two probes are launched daily from Monte de Bens, contributing to this global observation network. The hunt for these probes is a fascinating activity for radio amateurs and other enthusiasts who seek to recover them once they have completed their mission.

The inspiration behind the project

The idea of developing an automated prediction system for weather probes came from a personal experience I had with EB1A, an avid radio amateur. As part of our hobby, we decided to try and hunt a weather probe that had been launched that very morning. Armed with our radios and the hope of locating it, we headed to the expected landing site.

However, as we approached the location, we realized something was wrong. Despite our efforts, we weren’t picking up any signals. After a while of unsuccessful searching, we discovered that someone else had already found and collected the probe just minutes before our arrival.

This small setback led us to a conversation about how we could improve our chances in future probe hunts. EB1A told me about a website that published daily predictions about the probes’ trajectories.

It was then that I realized we could automate the entire process, from data collection to notification of results.

The idea was simple: to create software that, based on available data, could predict the landing spot of the probes. Additionally, this system would send automatic alerts when conditions were favorable, allowing us to be better prepared to “go on the hunt.”

Software description

HAB Predictor is a Node.js application designed to facilitate the prediction and tracking of weather probes. This software automates the collection and analysis of data, allowing users to accurately anticipate where and when probes will land and receive automated notifications when conditions are favorable for their recovery, according to each user’s personal preferences.

Key features

1. Automatic data collection of trajectories
   The software connects daily to a website powered by the Global Forecast System (GFS) to obtain data on the trajectories of weather probes. This information is crucial for calculating the likely route that the probe will follow from its launch to its landing.
   
2. Calculation of distance between base and landing site
   Once the trajectory data is obtained, HAB Predictor calculates the distance between your base location (predefined in the software settings) and the predicted landing site of the probe. This allows users to determine if the probe will fall within a radius of interest, making its recovery feasible.
   
3. Determination of land or water landing
   Through integration with the isitwater API, the software checks whether the predicted landing site is on solid ground or water. This information is essential since recovering probes that fall into bodies of water is much more challenging.
   
4. Generation of static maps
   To better visualize the landing site, HAB Predictor uses the Mapbox API to generate static map images. These images accurately display the predicted location, making it easier to plan the trip to recover the probe.
   
5. Automatic notifications
   When certain predefined conditions are met (for example, when the landing site is within a certain radius and on solid ground), the software sends an automatic email notification. This alert includes the prediction results and the generated static map image, so you can act immediately.
   
6. Configurability through environment variables
   The software’s behavior is fully customizable via a .env file. Here, you can adjust key parameters such as the latitude and longitude of the launch and base locations, the maximum search radius, and the API keys required for integrations with isitwater and Mapbox.

Daily operation

HAB Predictor is scheduled to automatically run the prediction process daily at 11:00 UTC. At this time, the software retrieves the most recent data, performs the necessary calculations, and, if the configured conditions are met, sends a notification. This daily automation ensures that you are always aware of probe recovery opportunities without needing to intervene manually.

Key integrations

• isitwater API
  Determines whether the probe will fall on solid ground or water.
  
• Mapbox Static Images API
  Generates static maps to visualize the predicted landing area.
  
• Mailgun API
  Facilitates the sending of email notifications based on the prediction results.

How to run the software

If you want to use HAB Predictor for your weather probe hunting activities, the easiest and quickest way is to deploy it on Railway, a cloud hosting platform that offers a free plan. You don’t need prior experience with servers or complicated configurations. Additionally, to make things even simpler, I’ve created a template you can use directly.

Simple option: deploy on Railway

Railway is perfect for beginners or those who want to avoid technical complications. Follow these steps to get HAB Predictor up and running in minutes:

1. Create an account on Railway
   Visit Railway and sign up with your GitHub account or email. The platform offers a free plan, ideal for this project.
   
2. Use the project template
   To simplify the process, I’ve created a template on Railway. You only need to click on the link and follow these steps:
   
3. Set up environment variables
   Once the template is loaded, you need to configure the environment variables for the application to work correctly:
   • Go to the “Variables” tab of your new project on Railway.
   • Add the necessary variables, such as LAUNCH_LAT, LAUNCH_LON, BASE_LAT, BASE_LON, MAX_DISTANCE, NOTIFICATION_EMAILS, SEND_NOTIFICATIONS, and the keys for isitwater, Mapbox, and Mailgun.
     
4. Deploy the application
   With the environment variables configured, click “Deploy.” Railway will automatically handle the installation and execution of the application.
   
5. Enjoy the automatic operation
   Once deployed, HAB Predictor will start working. You can check the logs in the “Logs” tab on Railway to ensure everything is in order. And that’s it! You’ll start receiving notifications based on the configured conditions.

Advanced option: run on your own server/machine or using Docker

If you prefer more control and wish to run HAB Predictor on your own server, machine, or VPS, follow the detailed instructions in the README of the GitHub repository.

Software demo

To give you an idea of how HAB Predictor works, I’ve prepared a simple demo that shows a screenshot of the email you’ll receive when the software detects an interesting weather probe for you.

In this screenshot, you will see:

• Coordinates of the possible landing site.
• Distance from your base location.
• Whether the result is “favorable” or “not favorable” based on your configured settings.
• A static map that visually shows the probe’s location, along with a link to enlarge the map.

Community invitation

HAB Predictor was born from a real need to optimize weather probe hunting for an amateur in radio frequencies. By automating predictions and sending notifications when conditions are favorable, this software removes uncertainty and randomness from the process, allowing you to always be prepared and maximize your chances.

Additionally, the software is easy to deploy, even for those without server configuration experience, thanks to the template I’ve created on Railway. This lets you get started quickly, without complications, and receive automatic email notifications whenever there’s a probe worth tracking.

Now, I’d love to hear your thoughts. Have you tried HAB Predictor? Do you have any suggestions or ideas for improvement? I invite everyone interested to leave their comments and opinions. Feedback is essential to continue developing and enhancing this tool.

If you feel like contributing, you are more than welcome to collaborate. You can visit the GitHub repository, fork it, create a new branch, and submit your improvements through a pull request. Every contribution is valuable and will help make this tool even more useful for the community.

Image used in the article is from EB1A

What is LNbits and what is it used for?

LNbits is an account and payment management tool that allows you to interact with the Bitcoin Lightning Network. With LNbits, you can create and manage wallets, generate invoices, make payments, and much more. It is especially useful for merchants and developers looking to integrate Bitcoin payments in a simple and efficient manner.

Advantages of using LNbits

• Ease of Use: intuitive interface and easy to configure.
• Versatility: Compatible with multiple applications and services.
• Security: Complete control over your funds and transactions.

Step-by-step guide to install and configure LNbits on Start9

1. Install Bitcoin Core

First, you need to install Bitcoin Core on Start9. Bitcoin Core is the main Bitcoin software that enables the validation of transactions and blocks.

• Access your Start9 server.
• Install Bitcoin Core from the Start9 app marketplace.
• Configure Bitcoin Core following the on-screen instructions.
• Ensure that Bitcoin Core is fully synchronized with the network.

2. Install LND (Lightning Network Daemon)

LND is the software that enables the creation and management of payment channels on the Lightning Network.

• From the Start9 app marketplace, install LND.
• Configure LND with the instructions provided by Start9.

3. Install RTL (Ride the Lightning)

RTL is a graphical interface for managing your Lightning node.

• Install RTL from the Start9 app marketplace.

4. Install LNbits

Finally, install LNbits on your Start9 server.

• Find LNbits in the Start9 app marketplace.
• Install and configure LNbits following the on-screen instructions.

The magic of Start9

The amazing thing about using software like Start9 is that you don’t need to connect the services you’ve installed manually, as they connect to each other automatically. That’s incredible.

How to open your first payment channel

1. Add funds to the LND node

To open a channel, you first need funds in your LND node.

• Access RTL and create an on-chain address to receive funds.
• Transfer funds to that address created in your LND node.
• Wait for the transactions to get the necessary confirmations and appear in RTL.

2. Select a node to open the channel

Select a node with a good reputation and well-connected on 1ML or mempool.space.

• Search and select a suitable node.
• Add it as a peer from RTL.

3. Open the channel

Open a channel with the selected node.

• Initiate the channel opening process in RTL. In this example, I used a private channel and Taproot, but you can change these options according to your needs and objectives.
• Once confirmed, your channel will be open and ready to use.

4. Manage channel liquidity

Initially, you will have liquidity only on your side of the channel, so you can only spend.

If you want to have incoming liquidity to receive payments:

• You can make a payment via the Lightning Network.
• Perform a swap-out to on-chain. For this, you can use Boltz.

It’s important not to empty the channel, as your counterpart could close it. Ideally, you should keep it balanced.

5. Restart LNbits

After the channel is confirmed and open, restart LNbits from Start9 to update the available balances.

Conclusion

Setting up LNbits on Start9 and opening your first payment channel might seem complicated at first, but by following these steps, you can do it efficiently. This guide is designed to help you start in the world of Bitcoin and the Lightning Network in a simple and secure way.

Special thanks to Arkad for clearing up many doubts.

This article provides a detailed, step-by-step guide to connecting Sparrow Wallet to your Bitcoin node using Tails, emphasizing the importance of security and anonymity in the process.

Preparing Tails

Before installing Sparrow Wallet, it’s crucial to prepare Tails to ensure a secure foundation:

• Install Tails: Make sure Tails is correctly installed on your computer. You can find an installation guide on the official website.
• Set up persistent storage (optional): To save Sparrow Wallet and its settings between sessions, you can configure persistent storage on Tails. See the official documentation for more details.

Installing Sparrow Wallet

Installing Sparrow Wallet on Tails requires specific steps due to its focus on security and privacy.

You can visit my article on how to install Sparrow Wallet on TailsOS persistently. There, you will find the step-by-step on how to install it.

You can also install it every time you start the system by following the steps in the official documentation and verifying the software each time.

How Tails manages internet connections

Tails ensures robust security for users by guaranteeing that all internet activities are conducted through the Tor network.

Given that we cannot predict which software will attempt to connect to the network or whether its proxy settings are configured to use the Tor SOCKS proxy appropriately, we adopt an essential security measure: blocking all outgoing traffic to the Internet, except for traffic that goes through Tor.

https://tails.net/contribute/design/Tor_enforcement/Network_filter/

For this purpose, it’s necessary to explicitly configure all applications to use this method, thus ensuring the privacy and security of our users while browsing the Internet.

Therefore, if you want an application to use the Tor network and have internet access, you must configure the following parameters in the application:

• Type: SOCKS5
• Host/Proxy: localhost (or 127.0.0.1)
• Port: 9050

Connect your Bitcoin node to Sparrow Wallet from Tails

The first thing you need to do is to make sure you’re connected to the Tor network; you can follow the wizard that appears when you start Tails.

Once connected to the Tor network, you will have access to the internet.

Please ensure that your Bitcoin node is online and that Electrum Server is also online and access is restricted to Tor only. This adds privacy to your infrastructure and allows you to connect to your node anonymously.

The next step is to go into Sparrow’s settings and activate the following parameters inside Server preferences:

Use proxy: enabled
Proxy URL: localhost (or 127.0.0.1)
Port: 9050

Finally, select Private Electrum and enter your node’s onion address and port. To avoid the mistake I made, do not enter the protocol (http:// or tcp://) in the onion URL, just enter the address followed by .onion.

You can test this by clicking on Test connection.

The same configuration applies whether you’re connecting to your node via Bitcoin Core or to a public server.

Conclusion

Connecting Sparrow Wallet to your Bitcoin node using Tails is a crucial step for those who value privacy and security in managing their bitcoin. This article has guided you through the process, from the initial preparation of Tails to the detailed setup of Sparrow Wallet to use it from Tails.

The importance of verifying software and properly configuring applications to use the Tor network cannot be overstated, ensuring that all online activity is conducted with the highest security. By following the detailed steps in this article, users can establish a secure and private connection to their Bitcoin node, leveraging the unique capabilities of Tails and Sparrow Wallet.

I hope this guide has provided you with the necessary knowledge to perform this setup confidently, and I encourage you to continue exploring ways to enhance the security and privacy of your Bitcoin transactions.

TailsOS? What on earth is that magic?

TailsOS, short for “The Amnesic Incognito Live System,” is a Linux-based operating system designed to preserve users’ privacy and anonymity. It runs from a USB drive or DVD and aims to provide a secure and anonymous environment for online activities.

TailsOS includes encryption and anonymity tools like Tor, which routes traffic through a network of servers to hide the user’s identity and location. Furthermore, TailsOS is designed not to leave any trace on the device it’s used on, as it doesn’t save information permanently, thus offering an additional layer of protection for those seeking to browse the internet discreetly and safely.

And what is Sparrow Wallet?

Sparrow Wallet is a Bitcoin wallet designed for those who value financial sovereignty. With a focus on security, privacy, and ease of use, Sparrow doesn’t conceal information but provides comprehensive details about transactions and UTXOs in a manageable way.

The wallet supports standard features of modern Bitcoin wallets, such as full support for single and multisig wallets, multiple connection options, compatibility with hardware wallets, full control over coins and fees, and transaction labeling.

Moreover, Sparrow is unique in offering a fully-featured transaction editor that also functions as a blockchain explorer, allowing for the editing and inspection of transaction bytes before transmission. Sparrow encourages privacy and promotes cold storage practices, being user-friendly even for advanced users.

Add Sparrow to persistent storage

So far, all the guides I’ve found that use Sparrow on TailsOS do so by installing and configuring Sparrow each time the system starts. It’s a secure strategy, but it requires time investment every time you boot up the system.

Keep in mind that this guide is not a recommendation on how to use Sparrow with TailsOS; it simply proposes one way to do things. You’ll need to evaluate whether in your personal case you want to store the data or not.

Do not use this method if you’re going to store any seeds in Sparrow. This would be ideal if you want to store a “Watch Only Wallet” and label the UTXOs (for example).

Enable persistent storage in TailsOS

Once you activate persistent storage in TailsOS from Applications → Tails → Persistent Storage, you should activate among others:

• Personal Documents → Persistent Folder
• System Settings → Welcome Screen (optional for convenience)
• Network → Network Connections (optional for convenience)
• Advanced Settings → Dotfiles

Download Sparrow Wallet on TailsOS

We are going to download the Sparrow Wallet (desktop version) binary from https://sparrowwallet.com/download/. Since I am using a device with Intel, I will go for the Linux (Intel/AMD) Standalone version (it is important that you download the Standalone version).

At the time of writing this article, the version is sparrow-1.8.2-x86_64.tar.gz.

Don’t forget to verify the integrity of the downloaded files following the guide at the bottom of the download page.

Organizing persistent storage in TailsOS

Once the integrity of the downloaded data has been verified, let’s create some folders in the persistent storage:

• ~/Persistent/Programas
• ~/Persistent/Programas/Sparrow
• ~/Persistent/Programas/Sparrow/data

You can create all the folders with the following command:

mkdir -p ~/Persistent/Programas/Sparrow/data

The next step will be to extract the contents of the downloaded file sparrow-1.8.2-x86_64.tar.gz into the folder Programas/Sparrow.

Now you will have 3 folders inside Programas/Sparrow: bin, data, and lib.

Let’s do a quick test to see if we can run Sparrow from the terminal:

~/Persistent/Programas/Sparrow/bin/Sparrow -d ~/Persistent/Programas/Sparrow/data

What we’re indicating with the parameter -d when running Sparrow is to assign our data directory. You can see the parameters here: https://sparrowwallet.com/docs/faq.html#how-can-i-run-testnet

If the test goes well, we know that the paths are correct and that our persistent storage has been organized as we wanted.

Close Sparrow.

Add Sparrow Wallet to our applications in TailsOS

The next step is to add Sparrow Wallet to the list of applications in TailsOS. To do this, we need to create some more folders, this time within the dotfiles folder:

• /live/persistence/TailsData_unlocked/dotfiles/.local
• /live/persistence/TailsData_unlocked/dotfiles/.local/share
• /live/persistence/TailsData_unlocked/dotfiles/.local/share/applications

Keep in mind that if you go to the /live/persistence/TailsData_unlocked/dotfiles/ folder and create a .local folder, you won’t see it from the file explorer since it’s a hidden file. If you want to view the folder, you’ll need to enable the option to View Hidden Files in the folder.

You can create all the folders with the following command.

mkdir -p /live/persistence/TailsData_unlocked/dotfiles/.local/share/applications

Now we are going to create a new file Sparrow.desktop and edit it with nano:

nano /live/persistence/TailsData_unlocked/dotfiles/.local/share/applications/Sparrow.desktop

The content we are going to put inside that file is the following:

[Desktop Entry]
Name=Sparrow
Comment=Sparrow
Exec=/home/amnesia/Persistent/Programas/Sparrow/bin/Sparrow -d /home/amnesia/Persistent/Programas/Sparrow/data %U
Icon=/home/amnesia/Persistent/Programas/Sparrow/lib/Sparrow.png
Terminal=false
Type=Application
Categories=Unknown
MimeType=application/psbt;application/bitcoin-transaction;x-scheme-handler/bitcoin;x-scheme-handler/auth47;x-scheme-handler/lightning

The source of this file is https://github.com/sparrowwallet/sparrow/blob/80fab6df995afde64a7334cb6faad341b99b6fbe/src/main/deploy/package/linux/Sparrow.desktop, the only details we have changed are the paths to the executable and the icon.

Launch Sparrow and test persistent storage

Here we have two options: one is to test the entire system we’ve set up right away like crazy , or the other is to restart the computer.

If you can’t wait and want to test before restarting, you just need to copy the file we’ve just created to your Home folder, with the following command:

cp /live/persistence/TailsData_unlocked/dotfiles/.local/share/applications/Sparrow.desktop ~/.local/share/applications/Sparrow.desktop

Once you have copied the file, you will see Sparrow Wallet icon appear among the list of applications.

Open Sparrow and configure a server in the preferences.

To connect Sparrow through Tor in TailsOS, you must enable and use the proxy in the server preferences.
Use proxy: enabled
Proxy URL: localhost (or 127.0.0.1)
Port: 9050

If you’re having trouble connecting to your node from Sparrow on Tails, visit this article: How to connect Sparrow Wallet to your Bitcoin node on Tails.

Then make sure that in the folder ~/Persistent/Programas/Sparrow/data, some files have appeared (the classic ones from the Sparrow configuration).

If you’ve reached this point and everything above has gone well, it’s time to restart the machine.

Once you restart, log in by unlocking the persistent storage first. Connect to the Tor network and finally open the TailsOS applications. You will see the Sparrow icon, and once you click on it, Sparrow will open with the stored configuration.

Update sparrow on tailsos (future upgrades)

This section applies exclusively to future updates of Sparrow Wallet once it has already been properly installed in the persistent storage of TailsOS.

It is not part of the initial installation process.

Each new version must be downloaded in Standalone format, always verifying its integrity and signature before proceeding.

After extracting the .tar.gz file, the usual folders will appear:

• bin
• lib

The previously configured persistent directory is:

~/Persistent/Programas/Sparrow/

To update correctly:

1. Delete the existing bin and lib folders.
2. Copy the new version’s bin and lib folders into the persistent directory.
3. Keep the data folder.

The data directory contains wallets, configuration files, labels, and metadata. Deleting it would result in losing the previously configured environment.

As a conservative measure, the previous installation can be renamed before copying the new version.

Conclusion

We have set up Sparrow on TailsOS to keep it running in persistent storage and avoid installing it every time we start the system.

To create this article, I have referenced these threads:

• https://forobits.com/t/tails-como-so-para-cryptomonedas/45506/6
• https://forum.blocktrainer.de/t/anleitung-tails-linux-mit-sparrow-wallet/28775

If this article has been helpful to you, please share to help others.