Complete cic-cache bootstrap and setup

2021-11-10 09:43:30 +01:00 · 2021-11-10 09:43:30 +01:00 · 1ebd39d510
parent ee526d0855
commit 1ebd39d510
5 changed files with 173 additions and 19 deletions
--- a/cic_cache_server_start.sh
+++ b/cic_cache_server_start.sh
@ -0,0 +1,5 @@
+#!/bin/bash
+
+t=`mktemp`
+f=`python -c "import cic_cache; import os; s = os.path.dirname(cic_cache.__file__); print(os.path.join(s, 'runnable', 'daemons', 'server.py'))"`
+uwsgi --wsgi-file $f --http $SERVER_HOST:$SERVER_PORT --pyargv "-c $HOME/.config/cic/cache $@"
--- a/requirements.txt
+++ b/requirements.txt
@ -1,2 +1,2 @@
-cic-cache==0.2.1a9
-clicada==0.0.1a6
+cic-cache==0.2.1a10
+clicada==0.0.1a7
--- a/setup.sh
+++ b/setup.sh
@ -1,7 +1,7 @@
 #!/bin/bash

-want_cic_cache_version=0.2.1a9
-want_cicada_version=0.0.1a6
+want_cic_cache_version=0.2.1a10
+want_cicada_version=0.0.1a7
 want_evm=bloxberg

 . aux/bdbg/bdbg.sh
@ -12,12 +12,76 @@ PIP_EXTRA_ARGS=$PIP_EXTRA_ARGS
 PIP_EXTRA_INDEX_URL=${PIP_EXTRA_INDEX_URL:-https://pip.grassrootseconomics.net:8433}
 PIP_INDEX_URL=${PIP_INDEX_URL:-"https://pypi.org/simple"}
 CIC_SETUP_TRUSTED_FINGERPRINT=${CIC_SETUP_TRUSTED_FINGERPRINT:-0826EDA1702D1E87C6E2875121D2E7BB88C2A746}
+CIC_ROOT_URL=${CIC_ROOT_URL:-https://root.grassrootseconomics.net}

 if [ "$UID" -eq 0 ]; then
 	dbg $dbg_error "This cannot be run as root"
 	exit 1
 fi

+. setup_check.sh
+
+
+
+dbg $dbg_debug "importing keys"
+for f in ./keys/*.asc; do
+	gpg --import $f
+done
+
+
+t=`mktemp`
+dbg $dbg_debug "identify root values"
+
+# check if we have existing setup
+if [ ! -f  "$HOME/.config/cic/staff-client/key_fingerprint" ]; then
+	dbg $dbg_debug "load default environment"
+
+	config_directives=(CIC_REGISTRY_ADDRESS CIC_TRUST_ADDRESS META_URL TX_CACHE_URL CHAIN_SPEC)
+
+	for c in ${config_directives[@]}; do
+		v=${!c}
+		if [ -z "$v" ]; then
+			v=`curl -X GET $CIC_ROOT_URL/cic-staff-client/$c`
+			#gpg --verify $v
+			echo $v >> $t
+			dbg $dbg_debug "fetched environment variable $v"
+		else
+			dbg $dbg_debug "using predefined environment variable for $c = $v"
+		fi
+	done
+	
+	echo seting
+	cat $t	
+	
+	set -a
+	. $t
+	set +a
+
+	# DATABASE_NAME set here works as long as only one database is involved...
+	export DATABASE_PREFIX=$HOME/.local/share/cic/cache/${DATABASE_PREFIX:-staffclient}
+	#export DATABASE_HOST=${DATABASE_HOST:-localhost}
+	#export DATABASE_PORT=${DATABASE_PORT:-5432}
+	export DATABASE_ENGINE=sqlite
+	export DATABASE_DRIVER=pysqlite
+	export DATABASE_DEBUG=0
+	export DATABASE_POOL_SIZE=0
+	export DATABASE_USER=postgres
+	export DATABASE_PASSWORD=`dd if=/dev/urandom bs=32 count=1 2> /dev/null | hexdump -v -n 32 -e '1/1 "%02x"'`
+
+	dbg $dbg_debug "set up keys"
+	if [ -z "$AUTH_KEY" ]; then
+		. setup_key.sh
+	else
+		t=`mktemp`
+		gpg --export -a $AUTH_KEY > $t
+		#gpg --list-packets $t | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint
+		#gpg --list-packets $t | awk '/keyid:/ { print $2; }'
+		#gpg --list-packets $t | awk '/keyid:/ { print $2; }' > $HOME/.config/cic/staff-client/key_fingerprint
+		#fp=`cat $HOME/.config/cic/staff-client/key_fingerprint`
+		echo -n $AUTH_KEY > $HOME/.config/cic/staff-client/key_fingerprint
+		dbg $dbg_info "using key $AUTH_KEY"
+	fi
+fi

 dbg $dbg_debug "checking installed versions"

@ -30,7 +94,7 @@ elif [ "$v" != "$want_cic_cache_version" ]; then
 	dbg $dbg_warn "cli-cache version $v installed but need $want_cic_cache_version, will update"
 	update=1
 else
-	dbg $dbg_info "cli-cache version $v ok"
+	dbg $dbg_info "cli-cache version $v found"
 fi

 v=`pip show clicada | awk '/^Version/ {print $2;}'`
@ -41,7 +105,7 @@ elif [ "$v" != "$want_cicada_version" ]; then
 	dbg $dbg_warn "clicada version $v installed but need $want_cicada_version, will update"
 	update=1
 else
-	dbg $dbg_info "clicada version $v ok"
+	dbg $dbg_info "clicada version $v found"
 fi

 set -e
@ -54,33 +118,56 @@ if [ $update -gt 0 ]; then
 		debug_flag="-v"
 	fi
 	pip install --index-url $PIP_INDEX_URL --extra-index-url $PIP_EXTRA_INDEX_URL $PIP_EXTRA_ARGS $debug_flag -r requirements.txt
+
+	dbg $dbg_debug "executing database migrations"
 fi

-dbg $dbg_debug "importing keys"
-for f in ./keys/*.asc; do
-	gpg --import $f
-done
+
+#dbg $dbg_info "using CIC_REGISTRY $CIC_REGISTRY_ADDRESS"
+
+#if [ -z "$CIC_TRUST_ADDRESS" ]; then
+#	u="$CIC_ROOT_URL/cic_trust_address"
+#	dbg $dbg_trace "retrieve trust address from $u"
+#	curl -X GET $u -o cic_trust_address
+#	gpg --verify cic_trust_address
+#	export CIC_TRUST_ADDRESS=`gpg -d cic_trust_address`
+#fi
+#dbg $dbg_info "using CIC_TRUST_ADDRESS $CIC_TRUST_ADDRESS"
+
+#popd

 dbg $dbg_debug "installing configurations"
-
 t=`mktemp`
 if [ -f $HOME/.config/cic/cache/config.ini ]; then
 	dbg $dbg_debug "migrating existing configuration"
-	config_flag="-c $HOME/.config/cic/cache"
+	cic_cache_config_flag="-c $HOME/.config/cic/cache"
 fi
-cic-cache-trackerd --dumpconfig ini $config_flag -vv > $t
+cic-cache-trackerd --dumpconfig ini $cic_cache_config_flag -vv > $t
 mkdir -vp $HOME/.config/cic/cache
-mv -v $t $HOME/.config/cic/cache/confini.ini
+mv -v $t $HOME/.config/cic/cache/config.ini

 if [ -d $HOME/.config/cic/clicada/config.ini ]; then
 	dbg $dbg_debug "migrating existing clicada configuration"
-	config_flag="-c $HOME/.config/cic/clicada"
+	clicada_config_flag="-c $HOME/.config/cic/clicada"
 fi
-clicada --dumpconfig ini $config_flag -vv > $t
+clicada --dumpconfig ini $clicada_config_flag > $t
 mkdir -vp $HOME/.config/cic/clicada
-mv -v $t $HOME/.config/cic/clicada/confini.ini
+mv -v $t $HOME/.config/cic/clicada/config.ini
+
+t=`mktemp`
+cic-cache-trackerd --dumpconfig env $cic_cache_config_flag -vv > $t
+. $t
+
+
+dbg $dbg_debug "execute database migrations"
+
+mkdir -vp $HOME/.local/share/cic/cache
+
+python ../cic-internal-integration/apps/cic-cache/scripts/migrate.py -c /home/lash/.config/cic/cache/

 if [ ! -z $want_evm ]; then
 	. setup_${want_evm}.sh
-fi	
-set +e
+fi
+
+
+
--- a/setup_check.sh
+++ b/setup_check.sh
@ -0,0 +1,15 @@
+function checkk {
+	which $1 > /dev/null 2>&1
+	if [ "$?" -gt 0 ]; then
+		dbg $dbg_error "The dependency '$1' seems to be missing."
+		dbg $dbg_error "Please install your corresponding OS package and try again"
+		exit 1
+	fi
+}
+
+exec=(clang git rustup gcc cmake pip python3 psql postgres)
+
+for e in ${exec[@]}; do
+	dbg $dbg_trace "Checking for dependency $e"
+	checkk $e    
+done
--- a/setup_key.sh
+++ b/setup_key.sh
@ -0,0 +1,47 @@
+echo You have not selected a key to use. We will now make a new one.
+echo The personal details you provide below will not be shared anywhere without getting your permission first.
+
+pgp_ok=
+while [ -z $pgp_ok ]; do
+	echo
+	echo -n "Your name: "
+	read pgp_name
+	echo -n "Your email: "
+	read pgp_email
+	echo 
+	echo "You have entered: "
+	echo "Name:	$pgp_name"
+	echo "Email:	$pgp_email"
+	echo
+	echo -n "(Yes/No): "
+	read pgp_r
+	r=${pgp_r:0:1}
+	if [ "$r" == "y" ]; then
+		pgp_ok=1
+	elif [ "$r" == "Y" ]; then
+		pgp_ok=1
+	fi
+	echo 
+	echo "Ok, let's try again..."
+done
+
+echo -e "\e[0;93mYou will now be asked for a passphrase to protect your new key."
+echo "It will not be shown back to you as you type, nor after you have typed it in."
+echo "If you lose this passphrase you WILL lose access to your key PERMANENTLY."
+echo "Keep it secret."
+echo -e "Keep it safe.\e[0m"
+
+t=`mktemp -d`
+gpg --homedir $t --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0
+
+
+echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already"
+echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m"
+
+mkdir -vp $HOME/.config/cic/staff-client/.gnupg
+chmod 0700 -v $HOME/.config/cic/staff-client/.gnupg
+
+gpg --homedir $t --export-secret-keys | gpg --homedir $HOME/.config/cic/staff-client/.gnupg --import
+#gpg --homedir $HOME/.config/cic/staff-client/.gnupg --export -a > $HOME/.config/cic/staff-client/user.asc
+
+gpg --list-packets $HOME/.config/cic/staff-client/user.asc | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint