diff --git a/cic_cache_server_start.sh b/cic_cache_server_start.sh new file mode 100644 index 0000000..dc50002 --- /dev/null +++ b/cic_cache_server_start.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +t=`mktemp` +f=`python -c "import cic_cache; import os; s = os.path.dirname(cic_cache.__file__); print(os.path.join(s, 'runnable', 'daemons', 'server.py'))"` +uwsgi --wsgi-file $f --http $SERVER_HOST:$SERVER_PORT --pyargv "-c $HOME/.config/cic/cache $@" diff --git a/requirements.txt b/requirements.txt index 67da78d..f24f6eb 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -cic-cache==0.2.1a9 -clicada==0.0.1a6 +cic-cache==0.2.1a10 +clicada==0.0.1a7 diff --git a/setup.sh b/setup.sh index e657866..7b82e97 100644 --- a/setup.sh +++ b/setup.sh @@ -1,7 +1,7 @@ #!/bin/bash -want_cic_cache_version=0.2.1a9 -want_cicada_version=0.0.1a6 +want_cic_cache_version=0.2.1a10 +want_cicada_version=0.0.1a7 want_evm=bloxberg . aux/bdbg/bdbg.sh @@ -12,12 +12,76 @@ PIP_EXTRA_ARGS=$PIP_EXTRA_ARGS PIP_EXTRA_INDEX_URL=${PIP_EXTRA_INDEX_URL:-https://pip.grassrootseconomics.net:8433} PIP_INDEX_URL=${PIP_INDEX_URL:-"https://pypi.org/simple"} CIC_SETUP_TRUSTED_FINGERPRINT=${CIC_SETUP_TRUSTED_FINGERPRINT:-0826EDA1702D1E87C6E2875121D2E7BB88C2A746} +CIC_ROOT_URL=${CIC_ROOT_URL:-https://root.grassrootseconomics.net} if [ "$UID" -eq 0 ]; then dbg $dbg_error "This cannot be run as root" exit 1 fi +. setup_check.sh + + + +dbg $dbg_debug "importing keys" +for f in ./keys/*.asc; do + gpg --import $f +done + + +t=`mktemp` +dbg $dbg_debug "identify root values" + +# check if we have existing setup +if [ ! -f "$HOME/.config/cic/staff-client/key_fingerprint" ]; then + dbg $dbg_debug "load default environment" + + config_directives=(CIC_REGISTRY_ADDRESS CIC_TRUST_ADDRESS META_URL TX_CACHE_URL CHAIN_SPEC) + + for c in ${config_directives[@]}; do + v=${!c} + if [ -z "$v" ]; then + v=`curl -X GET $CIC_ROOT_URL/cic-staff-client/$c` + #gpg --verify $v + echo $v >> $t + dbg $dbg_debug "fetched environment variable $v" + else + dbg $dbg_debug "using predefined environment variable for $c = $v" + fi + done + + echo seting + cat $t + + set -a + . $t + set +a + + # DATABASE_NAME set here works as long as only one database is involved... + export DATABASE_PREFIX=$HOME/.local/share/cic/cache/${DATABASE_PREFIX:-staffclient} + #export DATABASE_HOST=${DATABASE_HOST:-localhost} + #export DATABASE_PORT=${DATABASE_PORT:-5432} + export DATABASE_ENGINE=sqlite + export DATABASE_DRIVER=pysqlite + export DATABASE_DEBUG=0 + export DATABASE_POOL_SIZE=0 + export DATABASE_USER=postgres + export DATABASE_PASSWORD=`dd if=/dev/urandom bs=32 count=1 2> /dev/null | hexdump -v -n 32 -e '1/1 "%02x"'` + + dbg $dbg_debug "set up keys" + if [ -z "$AUTH_KEY" ]; then + . setup_key.sh + else + t=`mktemp` + gpg --export -a $AUTH_KEY > $t + #gpg --list-packets $t | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint + #gpg --list-packets $t | awk '/keyid:/ { print $2; }' + #gpg --list-packets $t | awk '/keyid:/ { print $2; }' > $HOME/.config/cic/staff-client/key_fingerprint + #fp=`cat $HOME/.config/cic/staff-client/key_fingerprint` + echo -n $AUTH_KEY > $HOME/.config/cic/staff-client/key_fingerprint + dbg $dbg_info "using key $AUTH_KEY" + fi +fi dbg $dbg_debug "checking installed versions" @@ -30,7 +94,7 @@ elif [ "$v" != "$want_cic_cache_version" ]; then dbg $dbg_warn "cli-cache version $v installed but need $want_cic_cache_version, will update" update=1 else - dbg $dbg_info "cli-cache version $v ok" + dbg $dbg_info "cli-cache version $v found" fi v=`pip show clicada | awk '/^Version/ {print $2;}'` @@ -41,7 +105,7 @@ elif [ "$v" != "$want_cicada_version" ]; then dbg $dbg_warn "clicada version $v installed but need $want_cicada_version, will update" update=1 else - dbg $dbg_info "clicada version $v ok" + dbg $dbg_info "clicada version $v found" fi set -e @@ -54,33 +118,56 @@ if [ $update -gt 0 ]; then debug_flag="-v" fi pip install --index-url $PIP_INDEX_URL --extra-index-url $PIP_EXTRA_INDEX_URL $PIP_EXTRA_ARGS $debug_flag -r requirements.txt + + dbg $dbg_debug "executing database migrations" fi -dbg $dbg_debug "importing keys" -for f in ./keys/*.asc; do - gpg --import $f -done + +#dbg $dbg_info "using CIC_REGISTRY $CIC_REGISTRY_ADDRESS" + +#if [ -z "$CIC_TRUST_ADDRESS" ]; then +# u="$CIC_ROOT_URL/cic_trust_address" +# dbg $dbg_trace "retrieve trust address from $u" +# curl -X GET $u -o cic_trust_address +# gpg --verify cic_trust_address +# export CIC_TRUST_ADDRESS=`gpg -d cic_trust_address` +#fi +#dbg $dbg_info "using CIC_TRUST_ADDRESS $CIC_TRUST_ADDRESS" + +#popd dbg $dbg_debug "installing configurations" - t=`mktemp` if [ -f $HOME/.config/cic/cache/config.ini ]; then dbg $dbg_debug "migrating existing configuration" - config_flag="-c $HOME/.config/cic/cache" + cic_cache_config_flag="-c $HOME/.config/cic/cache" fi -cic-cache-trackerd --dumpconfig ini $config_flag -vv > $t +cic-cache-trackerd --dumpconfig ini $cic_cache_config_flag -vv > $t mkdir -vp $HOME/.config/cic/cache -mv -v $t $HOME/.config/cic/cache/confini.ini +mv -v $t $HOME/.config/cic/cache/config.ini if [ -d $HOME/.config/cic/clicada/config.ini ]; then dbg $dbg_debug "migrating existing clicada configuration" - config_flag="-c $HOME/.config/cic/clicada" + clicada_config_flag="-c $HOME/.config/cic/clicada" fi -clicada --dumpconfig ini $config_flag -vv > $t +clicada --dumpconfig ini $clicada_config_flag > $t mkdir -vp $HOME/.config/cic/clicada -mv -v $t $HOME/.config/cic/clicada/confini.ini +mv -v $t $HOME/.config/cic/clicada/config.ini + +t=`mktemp` +cic-cache-trackerd --dumpconfig env $cic_cache_config_flag -vv > $t +. $t + + +dbg $dbg_debug "execute database migrations" + +mkdir -vp $HOME/.local/share/cic/cache + +python ../cic-internal-integration/apps/cic-cache/scripts/migrate.py -c /home/lash/.config/cic/cache/ if [ ! -z $want_evm ]; then . setup_${want_evm}.sh -fi -set +e +fi + + + diff --git a/setup_check.sh b/setup_check.sh new file mode 100644 index 0000000..e764dc9 --- /dev/null +++ b/setup_check.sh @@ -0,0 +1,15 @@ +function checkk { + which $1 > /dev/null 2>&1 + if [ "$?" -gt 0 ]; then + dbg $dbg_error "The dependency '$1' seems to be missing." + dbg $dbg_error "Please install your corresponding OS package and try again" + exit 1 + fi +} + +exec=(clang git rustup gcc cmake pip python3 psql postgres) + +for e in ${exec[@]}; do + dbg $dbg_trace "Checking for dependency $e" + checkk $e +done diff --git a/setup_key.sh b/setup_key.sh new file mode 100644 index 0000000..13ef6a5 --- /dev/null +++ b/setup_key.sh @@ -0,0 +1,47 @@ +echo You have not selected a key to use. We will now make a new one. +echo The personal details you provide below will not be shared anywhere without getting your permission first. + +pgp_ok= +while [ -z $pgp_ok ]; do + echo + echo -n "Your name: " + read pgp_name + echo -n "Your email: " + read pgp_email + echo + echo "You have entered: " + echo "Name: $pgp_name" + echo "Email: $pgp_email" + echo + echo -n "(Yes/No): " + read pgp_r + r=${pgp_r:0:1} + if [ "$r" == "y" ]; then + pgp_ok=1 + elif [ "$r" == "Y" ]; then + pgp_ok=1 + fi + echo + echo "Ok, let's try again..." +done + +echo -e "\e[0;93mYou will now be asked for a passphrase to protect your new key." +echo "It will not be shown back to you as you type, nor after you have typed it in." +echo "If you lose this passphrase you WILL lose access to your key PERMANENTLY." +echo "Keep it secret." +echo -e "Keep it safe.\e[0m" + +t=`mktemp -d` +gpg --homedir $t --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0 + + +echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already" +echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m" + +mkdir -vp $HOME/.config/cic/staff-client/.gnupg +chmod 0700 -v $HOME/.config/cic/staff-client/.gnupg + +gpg --homedir $t --export-secret-keys | gpg --homedir $HOME/.config/cic/staff-client/.gnupg --import +#gpg --homedir $HOME/.config/cic/staff-client/.gnupg --export -a > $HOME/.config/cic/staff-client/user.asc + +gpg --list-packets $HOME/.config/cic/staff-client/user.asc | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint