Complete cic-cache bootstrap and setup

This commit is contained in:
nolash 2021-11-10 09:43:30 +01:00
parent ee526d0855
commit 1ebd39d510
Signed by: lash
GPG Key ID: 21D2E7BB88C2A746
5 changed files with 173 additions and 19 deletions

View File

@ -0,0 +1,5 @@
#!/bin/bash
t=`mktemp`
f=`python -c "import cic_cache; import os; s = os.path.dirname(cic_cache.__file__); print(os.path.join(s, 'runnable', 'daemons', 'server.py'))"`
uwsgi --wsgi-file $f --http $SERVER_HOST:$SERVER_PORT --pyargv "-c $HOME/.config/cic/cache $@"

View File

@ -1,2 +1,2 @@
cic-cache==0.2.1a9 cic-cache==0.2.1a10
clicada==0.0.1a6 clicada==0.0.1a7

119
setup.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
want_cic_cache_version=0.2.1a9 want_cic_cache_version=0.2.1a10
want_cicada_version=0.0.1a6 want_cicada_version=0.0.1a7
want_evm=bloxberg want_evm=bloxberg
. aux/bdbg/bdbg.sh . aux/bdbg/bdbg.sh
@ -12,12 +12,76 @@ PIP_EXTRA_ARGS=$PIP_EXTRA_ARGS
PIP_EXTRA_INDEX_URL=${PIP_EXTRA_INDEX_URL:-https://pip.grassrootseconomics.net:8433} PIP_EXTRA_INDEX_URL=${PIP_EXTRA_INDEX_URL:-https://pip.grassrootseconomics.net:8433}
PIP_INDEX_URL=${PIP_INDEX_URL:-"https://pypi.org/simple"} PIP_INDEX_URL=${PIP_INDEX_URL:-"https://pypi.org/simple"}
CIC_SETUP_TRUSTED_FINGERPRINT=${CIC_SETUP_TRUSTED_FINGERPRINT:-0826EDA1702D1E87C6E2875121D2E7BB88C2A746} CIC_SETUP_TRUSTED_FINGERPRINT=${CIC_SETUP_TRUSTED_FINGERPRINT:-0826EDA1702D1E87C6E2875121D2E7BB88C2A746}
CIC_ROOT_URL=${CIC_ROOT_URL:-https://root.grassrootseconomics.net}
if [ "$UID" -eq 0 ]; then if [ "$UID" -eq 0 ]; then
dbg $dbg_error "This cannot be run as root" dbg $dbg_error "This cannot be run as root"
exit 1 exit 1
fi fi
. setup_check.sh
dbg $dbg_debug "importing keys"
for f in ./keys/*.asc; do
gpg --import $f
done
t=`mktemp`
dbg $dbg_debug "identify root values"
# check if we have existing setup
if [ ! -f "$HOME/.config/cic/staff-client/key_fingerprint" ]; then
dbg $dbg_debug "load default environment"
config_directives=(CIC_REGISTRY_ADDRESS CIC_TRUST_ADDRESS META_URL TX_CACHE_URL CHAIN_SPEC)
for c in ${config_directives[@]}; do
v=${!c}
if [ -z "$v" ]; then
v=`curl -X GET $CIC_ROOT_URL/cic-staff-client/$c`
#gpg --verify $v
echo $v >> $t
dbg $dbg_debug "fetched environment variable $v"
else
dbg $dbg_debug "using predefined environment variable for $c = $v"
fi
done
echo seting
cat $t
set -a
. $t
set +a
# DATABASE_NAME set here works as long as only one database is involved...
export DATABASE_PREFIX=$HOME/.local/share/cic/cache/${DATABASE_PREFIX:-staffclient}
#export DATABASE_HOST=${DATABASE_HOST:-localhost}
#export DATABASE_PORT=${DATABASE_PORT:-5432}
export DATABASE_ENGINE=sqlite
export DATABASE_DRIVER=pysqlite
export DATABASE_DEBUG=0
export DATABASE_POOL_SIZE=0
export DATABASE_USER=postgres
export DATABASE_PASSWORD=`dd if=/dev/urandom bs=32 count=1 2> /dev/null | hexdump -v -n 32 -e '1/1 "%02x"'`
dbg $dbg_debug "set up keys"
if [ -z "$AUTH_KEY" ]; then
. setup_key.sh
else
t=`mktemp`
gpg --export -a $AUTH_KEY > $t
#gpg --list-packets $t | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint
#gpg --list-packets $t | awk '/keyid:/ { print $2; }'
#gpg --list-packets $t | awk '/keyid:/ { print $2; }' > $HOME/.config/cic/staff-client/key_fingerprint
#fp=`cat $HOME/.config/cic/staff-client/key_fingerprint`
echo -n $AUTH_KEY > $HOME/.config/cic/staff-client/key_fingerprint
dbg $dbg_info "using key $AUTH_KEY"
fi
fi
dbg $dbg_debug "checking installed versions" dbg $dbg_debug "checking installed versions"
@ -30,7 +94,7 @@ elif [ "$v" != "$want_cic_cache_version" ]; then
dbg $dbg_warn "cli-cache version $v installed but need $want_cic_cache_version, will update" dbg $dbg_warn "cli-cache version $v installed but need $want_cic_cache_version, will update"
update=1 update=1
else else
dbg $dbg_info "cli-cache version $v ok" dbg $dbg_info "cli-cache version $v found"
fi fi
v=`pip show clicada | awk '/^Version/ {print $2;}'` v=`pip show clicada | awk '/^Version/ {print $2;}'`
@ -41,7 +105,7 @@ elif [ "$v" != "$want_cicada_version" ]; then
dbg $dbg_warn "clicada version $v installed but need $want_cicada_version, will update" dbg $dbg_warn "clicada version $v installed but need $want_cicada_version, will update"
update=1 update=1
else else
dbg $dbg_info "clicada version $v ok" dbg $dbg_info "clicada version $v found"
fi fi
set -e set -e
@ -54,33 +118,56 @@ if [ $update -gt 0 ]; then
debug_flag="-v" debug_flag="-v"
fi fi
pip install --index-url $PIP_INDEX_URL --extra-index-url $PIP_EXTRA_INDEX_URL $PIP_EXTRA_ARGS $debug_flag -r requirements.txt pip install --index-url $PIP_INDEX_URL --extra-index-url $PIP_EXTRA_INDEX_URL $PIP_EXTRA_ARGS $debug_flag -r requirements.txt
dbg $dbg_debug "executing database migrations"
fi fi
dbg $dbg_debug "importing keys"
for f in ./keys/*.asc; do #dbg $dbg_info "using CIC_REGISTRY $CIC_REGISTRY_ADDRESS"
gpg --import $f
done #if [ -z "$CIC_TRUST_ADDRESS" ]; then
# u="$CIC_ROOT_URL/cic_trust_address"
# dbg $dbg_trace "retrieve trust address from $u"
# curl -X GET $u -o cic_trust_address
# gpg --verify cic_trust_address
# export CIC_TRUST_ADDRESS=`gpg -d cic_trust_address`
#fi
#dbg $dbg_info "using CIC_TRUST_ADDRESS $CIC_TRUST_ADDRESS"
#popd
dbg $dbg_debug "installing configurations" dbg $dbg_debug "installing configurations"
t=`mktemp` t=`mktemp`
if [ -f $HOME/.config/cic/cache/config.ini ]; then if [ -f $HOME/.config/cic/cache/config.ini ]; then
dbg $dbg_debug "migrating existing configuration" dbg $dbg_debug "migrating existing configuration"
config_flag="-c $HOME/.config/cic/cache" cic_cache_config_flag="-c $HOME/.config/cic/cache"
fi fi
cic-cache-trackerd --dumpconfig ini $config_flag -vv > $t cic-cache-trackerd --dumpconfig ini $cic_cache_config_flag -vv > $t
mkdir -vp $HOME/.config/cic/cache mkdir -vp $HOME/.config/cic/cache
mv -v $t $HOME/.config/cic/cache/confini.ini mv -v $t $HOME/.config/cic/cache/config.ini
if [ -d $HOME/.config/cic/clicada/config.ini ]; then if [ -d $HOME/.config/cic/clicada/config.ini ]; then
dbg $dbg_debug "migrating existing clicada configuration" dbg $dbg_debug "migrating existing clicada configuration"
config_flag="-c $HOME/.config/cic/clicada" clicada_config_flag="-c $HOME/.config/cic/clicada"
fi fi
clicada --dumpconfig ini $config_flag -vv > $t clicada --dumpconfig ini $clicada_config_flag > $t
mkdir -vp $HOME/.config/cic/clicada mkdir -vp $HOME/.config/cic/clicada
mv -v $t $HOME/.config/cic/clicada/confini.ini mv -v $t $HOME/.config/cic/clicada/config.ini
t=`mktemp`
cic-cache-trackerd --dumpconfig env $cic_cache_config_flag -vv > $t
. $t
dbg $dbg_debug "execute database migrations"
mkdir -vp $HOME/.local/share/cic/cache
python ../cic-internal-integration/apps/cic-cache/scripts/migrate.py -c /home/lash/.config/cic/cache/
if [ ! -z $want_evm ]; then if [ ! -z $want_evm ]; then
. setup_${want_evm}.sh . setup_${want_evm}.sh
fi fi
set +e

15
setup_check.sh Normal file
View File

@ -0,0 +1,15 @@
function checkk {
which $1 > /dev/null 2>&1
if [ "$?" -gt 0 ]; then
dbg $dbg_error "The dependency '$1' seems to be missing."
dbg $dbg_error "Please install your corresponding OS package and try again"
exit 1
fi
}
exec=(clang git rustup gcc cmake pip python3 psql postgres)
for e in ${exec[@]}; do
dbg $dbg_trace "Checking for dependency $e"
checkk $e
done

47
setup_key.sh Normal file
View File

@ -0,0 +1,47 @@
echo You have not selected a key to use. We will now make a new one.
echo The personal details you provide below will not be shared anywhere without getting your permission first.
pgp_ok=
while [ -z $pgp_ok ]; do
echo
echo -n "Your name: "
read pgp_name
echo -n "Your email: "
read pgp_email
echo
echo "You have entered: "
echo "Name: $pgp_name"
echo "Email: $pgp_email"
echo
echo -n "(Yes/No): "
read pgp_r
r=${pgp_r:0:1}
if [ "$r" == "y" ]; then
pgp_ok=1
elif [ "$r" == "Y" ]; then
pgp_ok=1
fi
echo
echo "Ok, let's try again..."
done
echo -e "\e[0;93mYou will now be asked for a passphrase to protect your new key."
echo "It will not be shown back to you as you type, nor after you have typed it in."
echo "If you lose this passphrase you WILL lose access to your key PERMANENTLY."
echo "Keep it secret."
echo -e "Keep it safe.\e[0m"
t=`mktemp -d`
gpg --homedir $t --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0
echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already"
echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m"
mkdir -vp $HOME/.config/cic/staff-client/.gnupg
chmod 0700 -v $HOME/.config/cic/staff-client/.gnupg
gpg --homedir $t --export-secret-keys | gpg --homedir $HOME/.config/cic/staff-client/.gnupg --import
#gpg --homedir $HOME/.config/cic/staff-client/.gnupg --export -a > $HOME/.config/cic/staff-client/user.asc
gpg --list-packets $HOME/.config/cic/staff-client/user.asc | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint