Allow to create a package and install a package compiled from GitHub
Also add nginx config for reverse proxying and set up Let's Encrypt automatically
This commit is contained in:
Greg Karékinian
@@ -0,0 +1,69 @@
|
||||
#
|
||||
# Cookbook Name:: kosmos-parity
|
||||
# Recipe:: create_package_from_github
|
||||
#
|
||||
# Copyright 2017, Kosmos
|
||||
#
|
||||
# All rights reserved - Do Not Redistribute
|
||||
#
|
||||
|
||||
include_recipe 'kosmos-parity::user'
|
||||
include_recipe 'build-essential'
|
||||
package %w(git libssl-dev pkg-config libudev-dev)
|
||||
gem_package 'fpm' do
|
||||
version '1.8.1'
|
||||
end
|
||||
|
||||
rust_version = '1.17.0'
|
||||
architecture = node['kernel']['machine']
|
||||
rust_canonical_basename = "rust-#{rust_version}-#{architecture}-unknown-linux-gnu"
|
||||
rust_path = "/usr/local/rust_#{rust_version}"
|
||||
|
||||
url = "https://static.rust-lang.org/dist/#{rust_canonical_basename}.tar.gz"
|
||||
|
||||
ark "rust_#{rust_version}" do
|
||||
url url
|
||||
path "/usr/local"
|
||||
action :put
|
||||
notifies :run, "execute[install rust]", :immediately
|
||||
end
|
||||
|
||||
execute "install rust" do
|
||||
command "./install.sh"
|
||||
cwd "#{rust_path}"
|
||||
action :nothing
|
||||
end
|
||||
|
||||
parity_revision = "0d8920347a72fc50e82b540855eba94c8bbb2c0f"
|
||||
|
||||
git "/home/parity/parity" do
|
||||
repository "https://github.com/paritytech/parity.git"
|
||||
revision parity_revision
|
||||
user "parity"
|
||||
group "parity"
|
||||
notifies :run, "execute[build parity]", :immediately
|
||||
end
|
||||
|
||||
execute "build parity" do
|
||||
cwd "/home/parity/parity"
|
||||
environment "HOME" => "/home/parity"
|
||||
command "cargo build --release"
|
||||
action :nothing
|
||||
user "parity"
|
||||
group "parity"
|
||||
notifies :run, "execute[copy parity]", :immediately
|
||||
end
|
||||
|
||||
execute "copy parity" do
|
||||
command "cp /home/parity/parity/target/release/parity /usr/bin/"
|
||||
action :run
|
||||
notifies :run, "execute[create package]", :immediately
|
||||
end
|
||||
|
||||
timestamp = Time.now.strftime('%s')
|
||||
parity_version = node['kosmos-parity']['package_version']
|
||||
execute "create package" do
|
||||
cwd node['kosmos-parity']['debian_package_dir']
|
||||
command "fpm -s dir -t deb -n parity -v #{parity_version}-#{timestamp} -p parity_#{parity_version}-#{timestamp}.deb /usr/bin/parity"
|
||||
action :nothing
|
||||
end
|
||||
@@ -7,17 +7,7 @@
|
||||
# All rights reserved - Do Not Redistribute
|
||||
#
|
||||
|
||||
group "parity" do
|
||||
gid 72748
|
||||
end
|
||||
|
||||
user "parity" do
|
||||
system true
|
||||
manage_home true
|
||||
comment "parity user"
|
||||
uid 72748
|
||||
gid 72748
|
||||
end
|
||||
include_recipe 'kosmos-parity::user'
|
||||
|
||||
parity_version = node['kosmos-parity']['version']
|
||||
parity_package_path = "#{Chef::Config[:file_cache_path]}/parity_#{parity_version}_amd64.deb"
|
||||
|
||||
27
site-cookbooks/kosmos-parity/recipes/from_package.rb
Normal file
27
site-cookbooks/kosmos-parity/recipes/from_package.rb
Normal file
@@ -0,0 +1,27 @@
|
||||
#
|
||||
# Cookbook Name:: kosmos-parity
|
||||
# Recipe:: default
|
||||
#
|
||||
# Copyright 2017, Kosmos
|
||||
#
|
||||
# All rights reserved - Do Not Redistribute
|
||||
#
|
||||
|
||||
include_recipe 'kosmos-parity::user'
|
||||
|
||||
parity_version = node['kosmos-parity']['package_version']
|
||||
package_timestamp = node['kosmos-parity']['package_timestamp']
|
||||
parity_filename = "parity_#{parity_version}-#{package_timestamp}.deb"
|
||||
|
||||
parity_package_path = "#{Chef::Config[:file_cache_path]}/#{parity_filename}"
|
||||
remote_file parity_package_path do
|
||||
source "https://dl.5apps.com/#{parity_filename}"
|
||||
checksum node['kosmos-parity']['checksum']
|
||||
mode 0750
|
||||
notifies :install, "dpkg_package[parity]", :immediately
|
||||
end
|
||||
|
||||
dpkg_package "parity" do
|
||||
source parity_package_path
|
||||
version "#{parity_version}-#{package_timestamp}"
|
||||
end
|
||||
40
site-cookbooks/kosmos-parity/recipes/letsencrypt.rb
Normal file
40
site-cookbooks/kosmos-parity/recipes/letsencrypt.rb
Normal file
@@ -0,0 +1,40 @@
|
||||
#
|
||||
# Cookbook Name:: kosmos-parity
|
||||
# Recipe:: letsencrypt
|
||||
#
|
||||
# Copyright 2017, Kosmos
|
||||
#
|
||||
# All rights reserved - Do Not Redistribute
|
||||
#
|
||||
|
||||
include_recipe "kosmos-base::letsencrypt"
|
||||
|
||||
hostname = node['kosmos-parity']['hostname']
|
||||
|
||||
directory "/var/www/#{hostname}/.well-known/acme-challenge" do
|
||||
owner node["nginx"]["user"]
|
||||
group node["nginx"]["group"]
|
||||
action :create
|
||||
recursive true
|
||||
end
|
||||
|
||||
template "#{node['nginx']['dir']}/sites-available/#{hostname}" do
|
||||
source 'nginx_conf_parity_letsencrypt.erb'
|
||||
owner 'www-data'
|
||||
mode 0640
|
||||
variables server_name: hostname,
|
||||
ssl_cert: "/etc/letsencrypt/live/#{hostname}/fullchain.pem",
|
||||
ssl_key: "/etc/letsencrypt/live/#{hostname}/privkey.pem"
|
||||
notifies :reload, 'service[nginx]', :delayed
|
||||
end
|
||||
|
||||
nginx_site "#{hostname}" do
|
||||
action :enable
|
||||
end
|
||||
|
||||
execute "letsencrypt cert for #{hostname}" do
|
||||
command "./certbot-auto certonly --webroot --agree-tos --email ops@5apps.com --webroot-path /var/www/#{hostname} -d #{hostname} -n"
|
||||
cwd "/usr/local/certbot"
|
||||
not_if { File.exist? "/etc/letsencrypt/live/#{hostname}/fullchain.pem" }
|
||||
notifies :reload, "service[nginx]", :delayed
|
||||
end
|
||||
@@ -7,6 +7,9 @@
|
||||
# All rights reserved - Do Not Redistribute
|
||||
#
|
||||
|
||||
rpc_proxy_port = 8545
|
||||
rpc_port = 18545
|
||||
|
||||
parity_node "dev" do
|
||||
password "parityparity"
|
||||
config parity: {
|
||||
@@ -18,18 +21,33 @@ parity_node "dev" do
|
||||
warp: true,
|
||||
},
|
||||
rpc: {
|
||||
port: 8545,
|
||||
port: rpc_port,
|
||||
cors: "*",
|
||||
apis: ["safe"],
|
||||
hosts: ["all"],
|
||||
},
|
||||
dapps: {
|
||||
port: 8090,
|
||||
disable: true,
|
||||
},
|
||||
ui: {
|
||||
port: 8180,
|
||||
force: true,
|
||||
disable: true,
|
||||
},
|
||||
websockets: {
|
||||
disable: true,
|
||||
},
|
||||
mining: {
|
||||
reseal_min_period: 0,
|
||||
}
|
||||
rpc_proxy_port rpc_proxy_port
|
||||
end
|
||||
|
||||
# The firewall_rule doesn't appear to work inside a resource, that's why we're
|
||||
# doing it here
|
||||
unless node.chef_environment == "development"
|
||||
include_recipe 'firewall'
|
||||
firewall_rule "parity_dev" do
|
||||
port rpc_proxy_port
|
||||
protocol :tcp
|
||||
command :allow
|
||||
end
|
||||
end
|
||||
|
||||
@@ -13,6 +13,7 @@ parity_node "mainnet" do
|
||||
password credentials["mainnet_password"]
|
||||
config parity: {
|
||||
chain: "homestead",
|
||||
no_download: true, # Don't Download Updates
|
||||
},
|
||||
network: {
|
||||
port: 30305,
|
||||
|
||||
@@ -13,6 +13,7 @@ parity_node "testnet" do
|
||||
password credentials["testnet_password"]
|
||||
config parity: {
|
||||
chain: "ropsten",
|
||||
no_download: true, # Don't Download Updates
|
||||
},
|
||||
network: {
|
||||
port: 30304,
|
||||
|
||||
20
site-cookbooks/kosmos-parity/recipes/user.rb
Normal file
20
site-cookbooks/kosmos-parity/recipes/user.rb
Normal file
@@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: kosmos-parity
|
||||
# Recipe:: user
|
||||
#
|
||||
# Copyright 2017, Kosmos
|
||||
#
|
||||
# All rights reserved - Do Not Redistribute
|
||||
#
|
||||
|
||||
group "parity" do
|
||||
gid 72748
|
||||
end
|
||||
|
||||
user "parity" do
|
||||
system true
|
||||
manage_home true
|
||||
comment "parity user"
|
||||
uid 72748
|
||||
gid 72748
|
||||
end
|
||||
Reference in New Issue
Block a user