From 341194291a6a26fba6d1f637534d939b302d11c6 Mon Sep 17 00:00:00 2001 From: nolash Date: Thu, 11 Nov 2021 08:29:03 +0100 Subject: [PATCH] Add systemd initialization --- setup.sh | 18 +++++++++- setup_check.sh | 2 +- setup_key.sh | 36 ++++++++++++++++--- setup_path.sh | 2 +- setup_systemd.sh | 20 +++++++++++ .../bin/cic_cache_server_start.sh | 2 +- systemd/cic-cache-server.service | 10 ++++++ systemd/cic-cache-tracker.service | 4 +-- systemd/env/01-cic-cache-server.conf | 6 ++++ systemd/env/01-cic-cache-tracker.conf | 4 +-- 10 files changed, 92 insertions(+), 12 deletions(-) create mode 100644 setup_systemd.sh rename cic_cache_server_start.sh => systemd/bin/cic_cache_server_start.sh (60%) create mode 100644 systemd/cic-cache-server.service create mode 100644 systemd/env/01-cic-cache-server.conf diff --git a/setup.sh b/setup.sh index 72e4e62..26aec73 100644 --- a/setup.sh +++ b/setup.sh @@ -32,6 +32,7 @@ done t=`mktemp` dbg $dbg_debug "identify root values" +set -e # check if we have existing setup if [ ! -f "$HOME/.config/cic/staff-client/key_fingerprint" ]; then dbg $dbg_debug "load default environment" @@ -81,7 +82,12 @@ if [ ! -f "$HOME/.config/cic/staff-client/key_fingerprint" ]; then echo -n $AUTH_KEY > $HOME/.config/cic/staff-client/key_fingerprint dbg $dbg_info "using key $AUTH_KEY" fi + export AUTH_KEY=`cat $HOME/.config/cic/staff-client/key_fingerprint` + export AUTH_KEYRING_PATH=$HOME/.config/staff-client/.gnupg + export + fi +set +e dbg $dbg_debug "checking installed versions" @@ -149,14 +155,16 @@ if [ -d $HOME/.config/cic/clicada/config.ini ]; then dbg $dbg_debug "migrating existing clicada configuration" clicada_config_flag="-c $HOME/.config/cic/clicada" fi + clicada --dumpconfig ini $clicada_config_flag > $t mkdir -vp $HOME/.config/cic/clicada mv -v $t $HOME/.config/cic/clicada/config.ini t=`mktemp` cic-cache-trackerd --dumpconfig env $cic_cache_config_flag -vv > $t +set -a . $t - +set +a dbg $dbg_debug "execute database migrations" @@ -167,3 +175,11 @@ python ../cic-internal-integration/apps/cic-cache/scripts/migrate.py -c $HOME/.c if [ ! -z $want_evm ]; then . setup_${want_evm}.sh fi + +t=`mktemp` +clicada --dumpconfig env $clicada_config_flag -vv > $t +set -a +. $t +set +a + +. setup_systemd.sh diff --git a/setup_check.sh b/setup_check.sh index e764dc9..c34c5ce 100644 --- a/setup_check.sh +++ b/setup_check.sh @@ -7,7 +7,7 @@ function checkk { fi } -exec=(clang git rustup gcc cmake pip python3 psql postgres) +exec=(systemctl clang git rustup gcc cmake pip python3 psql postgres) for e in ${exec[@]}; do dbg $dbg_trace "Checking for dependency $e" diff --git a/setup_key.sh b/setup_key.sh index 1092af2..9653e4c 100644 --- a/setup_key.sh +++ b/setup_key.sh @@ -33,17 +33,45 @@ echo "If you lose this passphrase you WILL lose access to your key PERMANENTLY." echo "Keep it secret." echo -e "Keep it safe.\e[0m" +stty -echo +password_match= +while [ -z $password_match ]; do + echo + echo -n "password: " + read password + echo + echo -n "password again: " + read password_again + echo + + if [ "$password" == "$password_again" ]; then + password_match=1 + else + echo "passwords do not match, try again" + fi +done +stty echo + +password_file=`mktemp` +touch $password_file +chmod -v 600 $password_file +echo -n $password > $password_file + t=`mktemp -d` -gpg --homedir $t --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0 +gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0 -echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already" -echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m" +#echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already" +#echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m" mkdir -vp $HOME/.config/cic/staff-client/.gnupg chmod 0700 -v $HOME/.config/cic/staff-client/.gnupg -gpg --homedir $t --export-secret-keys | gpg --homedir $HOME/.config/cic/staff-client/.gnupg --import +gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --export-secret-keys | gpg --pinentry-mode loopback --passphrase-file $password_file --homedir $HOME/.config/cic/staff-client/.gnupg --import gpg --homedir $HOME/.config/cic/staff-client/.gnupg --export -a > $HOME/.config/cic/staff-client/user.asc gpg --list-packets $HOME/.config/cic/staff-client/user.asc | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint + +gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --quick-add-key `cat $HOME/.config/cic/staff-client/key_fingerprint` default encrypt 0 + +shred -v $password_file diff --git a/setup_path.sh b/setup_path.sh index 3378baf..05c3b27 100644 --- a/setup_path.sh +++ b/setup_path.sh @@ -10,7 +10,7 @@ function update_path { fi done if [ -z "$matchpath" ]; then - dbg dbg_info "Adding executable path $pathdir to \$PATH" + dbg $dbg_info "Adding executable path $pathdir to \$PATH" export PATH=$PATH:$pathdir echo "export PATH=\$PATH:$pathdir" >> $HOME/.bashrc fi diff --git a/setup_systemd.sh b/setup_systemd.sh new file mode 100644 index 0000000..cb234cf --- /dev/null +++ b/setup_systemd.sh @@ -0,0 +1,20 @@ +mkdir -vp $HOME/.config/systemd/user +mkdir -vp $HOME/.config/environment.d + +. aux/bdbg/bdbg.sh + +_level=2 +_debug=1 + +cp -v systemd/*.service $HOME/.config/systemd/user/ +for f in systemd/env/*.conf; do + b=`basename $f` + p=$HOME/.config/environment.d/$b + dbg $dbg_debug "writing rendered environment file $p" + ./aux/bash-templater/templater.sh $f > $p +done + +#cp -v systemd/env/*.conf $HOME/.config/environment.d/ +cp -v systemd/bin/cic_cache_server_start.sh $HOME/.local/bin/ + +chmod -v 750 $HOME/.local/bin/cic_cache_server_start.sh diff --git a/cic_cache_server_start.sh b/systemd/bin/cic_cache_server_start.sh similarity index 60% rename from cic_cache_server_start.sh rename to systemd/bin/cic_cache_server_start.sh index dc50002..cc05e89 100644 --- a/cic_cache_server_start.sh +++ b/systemd/bin/cic_cache_server_start.sh @@ -2,4 +2,4 @@ t=`mktemp` f=`python -c "import cic_cache; import os; s = os.path.dirname(cic_cache.__file__); print(os.path.join(s, 'runnable', 'daemons', 'server.py'))"` -uwsgi --wsgi-file $f --http $SERVER_HOST:$SERVER_PORT --pyargv "-c $HOME/.config/cic/cache $@" +uwsgi --plugin python --wsgi-file $f --http $SERVER_HOST:$SERVER_PORT --pyargv "-c $HOME/.config/cic/cache $@" diff --git a/systemd/cic-cache-server.service b/systemd/cic-cache-server.service new file mode 100644 index 0000000..d74d501 --- /dev/null +++ b/systemd/cic-cache-server.service @@ -0,0 +1,10 @@ +[Unit] +Description=CIC transaction cache syncer +After=network.target + +[Service] +ExecStart=%h/.local/bin/cic_cache_server_start.sh -vv +Restart=always + +[Install] +WantedBy=network.target diff --git a/systemd/cic-cache-tracker.service b/systemd/cic-cache-tracker.service index 91a4ca5..93fb849 100644 --- a/systemd/cic-cache-tracker.service +++ b/systemd/cic-cache-tracker.service @@ -3,8 +3,8 @@ Description=CIC transaction cache syncer After=network.target [Service] -ExecStart="cic-cache-trackerd -c %h/.config/cic/cache" +ExecStart=%h/.local/bin/cic-cache-trackerd -c %h/.config/cic/cache Restart=always [Install] -After=network.target +WantedBy=network.target diff --git a/systemd/env/01-cic-cache-server.conf b/systemd/env/01-cic-cache-server.conf new file mode 100644 index 0000000..a2167b6 --- /dev/null +++ b/systemd/env/01-cic-cache-server.conf @@ -0,0 +1,6 @@ +RPC_PROVIDER={{RPC_PROVIDER}} +CHAIN_SPEC={{CHAIN_SPEC}} +SERVER_HOST=localhost +SERVER_PORT=8636 +TX_CACHE_URL=http://localhost:8636 +#META_URL= diff --git a/systemd/env/01-cic-cache-tracker.conf b/systemd/env/01-cic-cache-tracker.conf index e07c995..7ca3bcb 100644 --- a/systemd/env/01-cic-cache-tracker.conf +++ b/systemd/env/01-cic-cache-tracker.conf @@ -1,2 +1,2 @@ -RPC_PROVIDER={{RPC_PROVIDER=http://localhost:8545}} -CHAIN_SPEC={{CHAIN_SPEC=evm:byzantium:8995:bloxberg}} +RPC_PROVIDER={{RPC_PROVIDER}} +CHAIN_SPEC={{CHAIN_SPEC}}