From 47105b2a1cf0cb6d26a5faf5899fbff0b9f598ec Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Thu, 5 Dec 2019 12:28:00 +0300 Subject: [PATCH 01/20] Initial version of bitcoin cookbook --- .../kosmos-bitcoin/.delivery/project.toml | 34 ++++++ site-cookbooks/kosmos-bitcoin/.gitignore | 22 ++++ site-cookbooks/kosmos-bitcoin/CHANGELOG.md | 11 ++ site-cookbooks/kosmos-bitcoin/LICENSE | 3 + site-cookbooks/kosmos-bitcoin/Policyfile.rb | 16 +++ site-cookbooks/kosmos-bitcoin/README.md | 3 + .../kosmos-bitcoin/attributes/default.rb | 2 + site-cookbooks/kosmos-bitcoin/chefignore | 110 ++++++++++++++++++ site-cookbooks/kosmos-bitcoin/kitchen.yml | 32 +++++ site-cookbooks/kosmos-bitcoin/metadata.rb | 20 ++++ .../kosmos-bitcoin/recipes/default.rb | 44 +++++++ .../kosmos-bitcoin/spec/spec_helper.rb | 2 + .../spec/unit/recipes/default_spec.rb | 29 +++++ .../test/integration/default/default_test.rb | 16 +++ 14 files changed, 344 insertions(+) create mode 100644 site-cookbooks/kosmos-bitcoin/.delivery/project.toml create mode 100644 site-cookbooks/kosmos-bitcoin/.gitignore create mode 100644 site-cookbooks/kosmos-bitcoin/CHANGELOG.md create mode 100644 site-cookbooks/kosmos-bitcoin/LICENSE create mode 100644 site-cookbooks/kosmos-bitcoin/Policyfile.rb create mode 100644 site-cookbooks/kosmos-bitcoin/README.md create mode 100644 site-cookbooks/kosmos-bitcoin/attributes/default.rb create mode 100644 site-cookbooks/kosmos-bitcoin/chefignore create mode 100644 site-cookbooks/kosmos-bitcoin/kitchen.yml create mode 100644 site-cookbooks/kosmos-bitcoin/metadata.rb create mode 100644 site-cookbooks/kosmos-bitcoin/recipes/default.rb create mode 100644 site-cookbooks/kosmos-bitcoin/spec/spec_helper.rb create mode 100644 site-cookbooks/kosmos-bitcoin/spec/unit/recipes/default_spec.rb create mode 100644 site-cookbooks/kosmos-bitcoin/test/integration/default/default_test.rb diff --git a/site-cookbooks/kosmos-bitcoin/.delivery/project.toml b/site-cookbooks/kosmos-bitcoin/.delivery/project.toml new file mode 100644 index 0000000..2868a95 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/.delivery/project.toml @@ -0,0 +1,34 @@ +# Delivery for Local Phases Execution +# +# This file allows you to execute test phases locally on a workstation or +# in a CI pipeline. The delivery-cli will read this file and execute the +# command(s) that are configured for each phase. You can customize them +# by just modifying the phase key on this file. +# +# By default these phases are configured for Cookbook Workflow only +# + +[local_phases] +unit = "chef exec rspec spec/" +lint = "chef exec cookstyle" +# Foodcritic includes rules only appropriate for community cookbooks +# uploaded to Supermarket. We turn off any rules tagged "supermarket" +# by default. If you plan to share this cookbook you should remove +# '-t ~supermarket' below to enable supermarket rules. +syntax = "chef exec foodcritic . -t ~supermarket" +provision = "chef exec kitchen create" +deploy = "chef exec kitchen converge" +smoke = "chef exec kitchen verify" +# The functional phase is optional, you can define it by uncommenting +# the line below and running the command: `delivery local functional` +# functional = "" +cleanup = "chef exec kitchen destroy" + +# Remote project.toml file +# +# Instead of the local phases above, you may specify a remote URI location for +# the `project.toml` file. This is useful for teams that wish to centrally +# manage the behavior of the `delivery local` command across many different +# projects. +# +# remote_file = "https://url/project.toml" diff --git a/site-cookbooks/kosmos-bitcoin/.gitignore b/site-cookbooks/kosmos-bitcoin/.gitignore new file mode 100644 index 0000000..9abf29f --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/.gitignore @@ -0,0 +1,22 @@ +.vagrant +*~ +*# +.#* +\#*# +.*.sw[a-z] +*.un~ + +# Bundler +Gemfile.lock +gems.locked +bin/* +.bundle/* + +# test kitchen +.kitchen/ +kitchen.local.yml + +# Chef +Berksfile.lock +.zero-knife.rb +Policyfile.lock.json diff --git a/site-cookbooks/kosmos-bitcoin/CHANGELOG.md b/site-cookbooks/kosmos-bitcoin/CHANGELOG.md new file mode 100644 index 0000000..533e3aa --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/CHANGELOG.md @@ -0,0 +1,11 @@ +# kosmos-bitcoin CHANGELOG + +This file is used to list changes made in each version of the kosmos-bitcoin cookbook. + +# 0.1.0 + +Initial release. + +- change 0 +- change 1 + diff --git a/site-cookbooks/kosmos-bitcoin/LICENSE b/site-cookbooks/kosmos-bitcoin/LICENSE new file mode 100644 index 0000000..10b5688 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/LICENSE @@ -0,0 +1,3 @@ +Copyright 2019 The Authors + +All rights reserved, do not redistribute. diff --git a/site-cookbooks/kosmos-bitcoin/Policyfile.rb b/site-cookbooks/kosmos-bitcoin/Policyfile.rb new file mode 100644 index 0000000..333e86e --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/Policyfile.rb @@ -0,0 +1,16 @@ +# Policyfile.rb - Describe how you want Chef Infra Client to build your system. +# +# For more information on the Policyfile feature, visit +# https://docs.chef.io/policyfile.html + +# A name that describes what the system you're building with Chef does. +name 'kosmos-bitcoin' + +# Where to find external cookbooks: +default_source :supermarket + +# run_list: chef-client will run these recipes in the order specified. +run_list 'kosmos-bitcoin::default' + +# Specify a custom source for a single cookbook: +cookbook 'kosmos-bitcoin', path: '.' diff --git a/site-cookbooks/kosmos-bitcoin/README.md b/site-cookbooks/kosmos-bitcoin/README.md new file mode 100644 index 0000000..85db7e1 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/README.md @@ -0,0 +1,3 @@ +# kosmos-bitcoin + +Installs/configures bitcoin core node diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb new file mode 100644 index 0000000..c0b0831 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -0,0 +1,2 @@ +node.default['bitcoin']['username'] = 'satoshi' +node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' diff --git a/site-cookbooks/kosmos-bitcoin/chefignore b/site-cookbooks/kosmos-bitcoin/chefignore new file mode 100644 index 0000000..5039e1c --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/chefignore @@ -0,0 +1,110 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db + +# SASS # +######## +.sass-cache + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +mkmf.log +REVISION +TAGS* +tmtags + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out + +# Testing # +########### +.circleci/* +.codeclimate.yml +.foodcritic +.kitchen* +.rspec +.rubocop.yml +.travis.yml +.watchr +azure-pipelines.yml +examples/* +features/* +Guardfile +kitchen.yml* +Procfile +Rakefile +spec/* +spec/* +spec/fixtures/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Cookbooks # +############# +CHANGELOG* +CONTRIBUTING* +TESTING* +CODE_OF_CONDUCT* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/site-cookbooks/kosmos-bitcoin/kitchen.yml b/site-cookbooks/kosmos-bitcoin/kitchen.yml new file mode 100644 index 0000000..e5bbf3c --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/kitchen.yml @@ -0,0 +1,32 @@ +--- +driver: + name: vagrant + +## The forwarded_port port feature lets you connect to ports on the VM guest via +## localhost on the host. +## see also: https://www.vagrantup.com/docs/networking/forwarded_ports.html + +# network: +# - ["forwarded_port", {guest: 80, host: 8080}] + +provisioner: + name: chef_zero + + ## product_name and product_version specifies a specific Chef product and version to install. + ## see the Chef documentation for more details: https://docs.chef.io/config_yml_kitchen.html + # product_name: chef + # product_version: 15 + +verifier: + name: inspec + +platforms: + - name: ubuntu-18.04 + - name: centos-7 + +suites: + - name: default + verifier: + inspec_tests: + - test/integration/default + attributes: diff --git a/site-cookbooks/kosmos-bitcoin/metadata.rb b/site-cookbooks/kosmos-bitcoin/metadata.rb new file mode 100644 index 0000000..f2f0bb3 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/metadata.rb @@ -0,0 +1,20 @@ +name 'kosmos-bitcoin' +maintainer 'The Authors' +maintainer_email 'you@example.com' +license 'All Rights Reserved' +description 'Installs/Configures kosmos-bitcoin' +long_description 'Installs/Configures kosmos-bitcoin' +version '0.1.0' +chef_version '>= 14.0' + +# The `issues_url` points to the location where issues for this cookbook are +# tracked. A `View Issues` link will be displayed on this cookbook's page when +# uploaded to a Supermarket. +# +# issues_url 'https://github.com//kosmos-bitcoin/issues' + +# The `source_url` points to the development repository for this cookbook. A +# `View Source` link will be displayed on this cookbook's page when uploaded to +# a Supermarket. +# +# source_url 'https://github.com//kosmos-bitcoin' diff --git a/site-cookbooks/kosmos-bitcoin/recipes/default.rb b/site-cookbooks/kosmos-bitcoin/recipes/default.rb new file mode 100644 index 0000000..594251e --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/recipes/default.rb @@ -0,0 +1,44 @@ +# +# Cookbook:: kosmos-bitcoin +# Recipe:: default +# +# The MIT License (MIT) +# +# Copyright:: 2019, Kosmos Developers +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. +# + +package 'snapd' + +snap_package 'bitcoin-core' + +bitcoin_user = node['bitcoin']['username'] + +# TODO create bitcoin datadir +# TODO create bitcoin.conf in datadir + +mount "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do + device node['bitcoin']['data_dir'] + fstype 'none' + options 'bind' + action [:mount] +end + +# TODO create systemd service for bitcoin-core.daemon diff --git a/site-cookbooks/kosmos-bitcoin/spec/spec_helper.rb b/site-cookbooks/kosmos-bitcoin/spec/spec_helper.rb new file mode 100644 index 0000000..6cd61e5 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/spec/spec_helper.rb @@ -0,0 +1,2 @@ +require 'chefspec' +require 'chefspec/policyfile' diff --git a/site-cookbooks/kosmos-bitcoin/spec/unit/recipes/default_spec.rb b/site-cookbooks/kosmos-bitcoin/spec/unit/recipes/default_spec.rb new file mode 100644 index 0000000..f4b411c --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/spec/unit/recipes/default_spec.rb @@ -0,0 +1,29 @@ +# +# Cookbook:: kosmos-bitcoin +# Spec:: default +# +# Copyright:: 2019, The Authors, All Rights Reserved. + +require 'spec_helper' + +describe 'kosmos-bitcoin::default' do + context 'When all attributes are default, on Ubuntu 18.04' do + # for a complete list of available platforms and versions see: + # https://github.com/chefspec/fauxhai/blob/master/PLATFORMS.md + platform 'ubuntu', '18.04' + + it 'converges successfully' do + expect { chef_run }.to_not raise_error + end + end + + context 'When all attributes are default, on CentOS 7' do + # for a complete list of available platforms and versions see: + # https://github.com/chefspec/fauxhai/blob/master/PLATFORMS.md + platform 'centos', '7' + + it 'converges successfully' do + expect { chef_run }.to_not raise_error + end + end +end diff --git a/site-cookbooks/kosmos-bitcoin/test/integration/default/default_test.rb b/site-cookbooks/kosmos-bitcoin/test/integration/default/default_test.rb new file mode 100644 index 0000000..71aba37 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/test/integration/default/default_test.rb @@ -0,0 +1,16 @@ +# InSpec test for recipe kosmos-bitcoin::default + +# The InSpec reference, with examples and extensive documentation, can be +# found at https://www.inspec.io/docs/reference/resources/ + +unless os.windows? + # This is an example test, replace with your own test. + describe user('root'), :skip do + it { should exist } + end +end + +# This is an example test, replace it with your own test. +describe port(80), :skip do + it { should_not be_listening } +end From 09527e693b3ff0644b90e33748e0b62e22f6eff4 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Tue, 21 Jan 2020 15:18:10 -0500 Subject: [PATCH 02/20] WIP bitcoind config --- Vagrantfile | 3 +- .../kosmos-bitcoin/attributes/default.rb | 26 ++++++- .../recipes/{default.rb => snapd.rb} | 26 +++++-- .../kosmos-bitcoin/templates/andromeda.conf | 69 +++++++++++++++++++ .../kosmos-bitcoin/templates/bitcoin.conf.erb | 34 +++++++++ 5 files changed, 151 insertions(+), 7 deletions(-) rename site-cookbooks/kosmos-bitcoin/recipes/{default.rb => snapd.rb} (68%) create mode 100644 site-cookbooks/kosmos-bitcoin/templates/andromeda.conf create mode 100644 site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb diff --git a/Vagrantfile b/Vagrantfile index cc353fa..2b3b4aa 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -95,7 +95,8 @@ Vagrant.configure(2) do |config| chef.environment = 'development' chef.add_recipe 'kosmos-base' chef.add_recipe 'kosmos_encfs' - # chef.add_recipe 'kosmos-postgresql::default' + # chef.add_recipe 'kosmos-bitcoin::snapd' + # chef.add_recipe 'kosmos-mediawiki' # chef.add_recipe 'kosmos-wordpress' # chef.add_recipe 'kosmos-ejabberd' # chef.add_recipe 'kosmos-hubot::botka_freenode' diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index c0b0831..62d6aca 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -1,2 +1,24 @@ -node.default['bitcoin']['username'] = 'satoshi' -node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' +node.default['bitcoin']['username'] = 'bitcoind' +node.default['bitcoin']['usergroup'] = 'bitcoind' +node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' + +node.default['bitcoin']['conf'] = { + testnet: 0, + irc: 1, + dnsseed: 1, + upnp: 1, + checkblocks: 10, + checklevel: 1, + txindex: 1, + whitelist: "127.0.0.1", + listen: 1, + server: 1, + rpcport: 8332, + rpcssl: 0, + rpcuser: 'bitcoind', + rpcbind: "127.0.0.1:8336", + port: 8335, + gen: 0, + zmqpubrawblock: "tcp://127.0.0.1:8337", + zmqpubrawtx: "tcp://127.0.0.1:8338" +} diff --git a/site-cookbooks/kosmos-bitcoin/recipes/default.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb similarity index 68% rename from site-cookbooks/kosmos-bitcoin/recipes/default.rb rename to site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 594251e..a19b861 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -1,6 +1,6 @@ # # Cookbook:: kosmos-bitcoin -# Recipe:: default +# Recipe:: snapd # # The MIT License (MIT) # @@ -29,10 +29,28 @@ package 'snapd' snap_package 'bitcoin-core' -bitcoin_user = node['bitcoin']['username'] +bitcoin_user = node['bitcoin']['username'] +bitcoin_group = node['bitcoin']['usergroup'] +bitcoin_datadir = node['bitcoin']['datadir'] -# TODO create bitcoin datadir -# TODO create bitcoin.conf in datadir +directory bitcoin_datadir do + owner bitcoin_user + group bitcoin_group + mode '0755' + recursive true + action :create +end + +template "#{bitcoin_datadir}/bitcoin.conf" do + owner bitcoin_user + group bitcoin_group + variables conf: node['bitcoin']['conf'], + mainnet_conf: node['bitcoin']['mainnet_conf'], + testnet_conf: node['bitcoin']['testnet_conf'], + regtest_conf: node['bitcoin']['regtest_conf'] + action :create + # notifies :reload, "service[bitcoin]", :delayed +end mount "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do device node['bitcoin']['data_dir'] diff --git a/site-cookbooks/kosmos-bitcoin/templates/andromeda.conf b/site-cookbooks/kosmos-bitcoin/templates/andromeda.conf new file mode 100644 index 0000000..12ad02b --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/templates/andromeda.conf @@ -0,0 +1,69 @@ +# Network-related settings: + +testnet=0 +irc=1 +dnsseed=1 +upnp=1 +checkblocks=10 +checklevel=1 +txindex=1 +whitelist=127.0.0.1 + +# Maximum number of inbound+outbound connections. +#maxconnections= + +listen=1 + + +# JSON-RPC options (for controlling a running Bitcoin/bitcoind process) + +# server=1 tells Bitcoin to accept JSON-RPC commands. +server=1 + +# You must set rpcuser and rpcpassword to secure the JSON-RPC api +rpcuser=kosmos +rpcpassword=yunobuttcoin + +# By default, only RPC connections from localhost are allowed. Specify +# as many rpcallowip= settings as you like to allow connections from +# other hosts (and you may use * as a wildcard character): +#rpcallowip=192.168.1.* +rpcallowip=127.0.0.1 + +# Listen for RPC connections on this TCP port: +rpcbind=127.0.0.1:8336 + + +# Listen for P2P connections on this TCP port: +port=8335 + +# Use Secure Sockets Layer (also known as TLS or HTTPS) to communicate +# with Bitcoin -server or bitcoind +rpcssl=0 + +# OpenSSL settings used when rpcssl=1 +#rpcsslciphers=TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH + + +# Miscellaneous options + +# Set gen=1 to attempt to generate bitcoins +gen=0 + +# Use SSE instructions to try to generate bitcoins faster. +#4way=1 + +# Pre-generate this many public/private key pairs, so wallet backups will be valid for +# both prior transactions and several dozen future transactions. +#keypool=100 + +# Pay an optional transaction fee every time you send bitcoins. Transactions with fees +# are more likely than free transactions to be included in generated blocks, so may +# be validated sooner. +#paytxfee=0.00 + +# Allow direct connections for the 'pay via IP address' feature. +#allowreceivebyip=1 + +zmqpubrawblock=tcp://127.0.0.1:8337 +zmqpubrawtx=tcp://127.0.0.1:8338 diff --git a/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb b/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb new file mode 100644 index 0000000..9e04e05 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb @@ -0,0 +1,34 @@ +## +## bitcoin.conf configuration file. Lines beginning with # are comments. +## +## Generated by Chef. Do not edit directly, or your changes will be overwritten +## during the next Chef run! +## + +<% @conf.each do |key, value| %> + <%= "#{key}=#{value}" %> +<% end %> + +<% if @mainnet_conf %> +# Options only for mainnet +[main] +<% @mainnet_conf.each do |key, value| %> + <%= "#{key}=#{value}" %> +<% end %> +<% end %> + +<% if @testnet_conf %> +# Options only for testnet +[test] +<% @testnet_conf.each do |key, value| %> + <%= "#{key}=#{value}" %> +<% end %> +<% end %> + +<% if @regtest_conf %> +# Options only for regtest +[regtest] +<% @regtest_conf.each do |key, value| %> + <%= "#{key}=#{value}" %> +<% end %> +<% end %> From 1b9a4aad17024c31f5e5a13f96fa29c705b2fd1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 22 Jan 2020 12:32:38 +0100 Subject: [PATCH 03/20] Work around a bug in Chef's snap_package resource https://github.com/chef/chef/issues/8827 `snap install` returns 0 when a package is already installed, so no need for a guard clause --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index a19b861..0a777fc 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -25,9 +25,9 @@ # THE SOFTWARE. # -package 'snapd' - -snap_package 'bitcoin-core' +# FIXME: Switch to the snap_package resource when it gets fixed: +# https://github.com/chef/chef/issues/8827 +execute "snap install bitcoin-core" bitcoin_user = node['bitcoin']['username'] bitcoin_group = node['bitcoin']['usergroup'] From 069246cf4103924cc932acccaabc4a89aebc3a9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 22 Jan 2020 12:33:29 +0100 Subject: [PATCH 04/20] Create the bitcoind user and its home directory --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 0a777fc..9cf8895 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -33,6 +33,10 @@ bitcoin_user = node['bitcoin']['username'] bitcoin_group = node['bitcoin']['usergroup'] bitcoin_datadir = node['bitcoin']['datadir'] +user bitcoin_user do + manage_home true +end + directory bitcoin_datadir do owner bitcoin_user group bitcoin_group From aedf7bcb62ed3353d337635ba7b9644859cce6ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 22 Jan 2020 12:34:18 +0100 Subject: [PATCH 05/20] Create the snap mount directory in the user's home --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 9cf8895..7b0e6f4 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -56,6 +56,14 @@ template "#{bitcoin_datadir}/bitcoin.conf" do # notifies :reload, "service[bitcoin]", :delayed end +directory "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do + owner bitcoin_user + group bitcoin_group + mode '0750' + recursive true + action :create +end + mount "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do device node['bitcoin']['data_dir'] fstype 'none' From e31f480f2775b386c51f5358128d0ecd1690ada0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 22 Jan 2020 12:34:38 +0100 Subject: [PATCH 06/20] Fix the attribute name --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 7b0e6f4..e9c9b03 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -65,7 +65,7 @@ directory "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do end mount "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do - device node['bitcoin']['data_dir'] + device node['bitcoin']['datadir'] fstype 'none' options 'bind' action [:mount] From 4a6a02c137d868eec492e00a586ecebc58983096 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Wed, 22 Jan 2020 13:35:52 -0500 Subject: [PATCH 07/20] Use 0.19 stable channel Instead of relying on the default channel --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index e9c9b03..405e6f7 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -27,7 +27,7 @@ # FIXME: Switch to the snap_package resource when it gets fixed: # https://github.com/chef/chef/issues/8827 -execute "snap install bitcoin-core" +execute "snap install bitcoin-core --channel=0.19/stable" bitcoin_user = node['bitcoin']['username'] bitcoin_group = node['bitcoin']['usergroup'] From c8122a44f1e572d5105eed001bfd1405288b6c68 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Wed, 22 Jan 2020 13:37:00 -0500 Subject: [PATCH 08/20] Add systemd service Plus some refactoring --- .../kosmos-bitcoin/recipes/snapd.rb | 36 ++++++++-- .../kosmos-bitcoin/templates/andromeda.conf | 69 ------------------- .../kosmos-bitcoin/templates/bitcoin.conf.erb | 8 +-- 3 files changed, 35 insertions(+), 78 deletions(-) delete mode 100644 site-cookbooks/kosmos-bitcoin/templates/andromeda.conf diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 405e6f7..43e8153 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -32,9 +32,11 @@ execute "snap install bitcoin-core --channel=0.19/stable" bitcoin_user = node['bitcoin']['username'] bitcoin_group = node['bitcoin']['usergroup'] bitcoin_datadir = node['bitcoin']['datadir'] +bitcoin_snapdir = "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" user bitcoin_user do manage_home true + shell "/bin/bash" end directory bitcoin_datadir do @@ -53,10 +55,10 @@ template "#{bitcoin_datadir}/bitcoin.conf" do testnet_conf: node['bitcoin']['testnet_conf'], regtest_conf: node['bitcoin']['regtest_conf'] action :create - # notifies :reload, "service[bitcoin]", :delayed + # notifies :reload, "service[bitcoind]", :delayed end -directory "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do +directory bitcoin_snapdir do owner bitcoin_user group bitcoin_group mode '0750' @@ -64,11 +66,35 @@ directory "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do action :create end -mount "/home/#{bitcoin_user}/snap/bitcoin-core/common/.bitcoin" do - device node['bitcoin']['datadir'] +execute "chown -R #{bitcoin_user}:#{bitcoin_group} /home/#{bitcoin_user}/snap" + +mount bitcoin_snapdir do + device bitcoin_datadir fstype 'none' options 'bind' action [:mount] end -# TODO create systemd service for bitcoin-core.daemon +systemd_unit 'bitcoind.service' do + content({ + Unit: { + Description: 'Bitcoin Core daemon', + Documentation: ['https://bitcoincore.org'], + After: 'network.target' + }, + Service: { + User: bitcoin_user, + Type: 'exec', + ExecStart: '/snap/bin/bitcoin-core.daemon', + PIDFile: "#{bitcoin_snapdir}/bitcoind.pid", + Restart: 'on-failure', + }, + Install: { + WantedBy: 'multi-user.target' + } + }) + + verify false + triggers_reload true + action :create +end diff --git a/site-cookbooks/kosmos-bitcoin/templates/andromeda.conf b/site-cookbooks/kosmos-bitcoin/templates/andromeda.conf deleted file mode 100644 index 12ad02b..0000000 --- a/site-cookbooks/kosmos-bitcoin/templates/andromeda.conf +++ /dev/null @@ -1,69 +0,0 @@ -# Network-related settings: - -testnet=0 -irc=1 -dnsseed=1 -upnp=1 -checkblocks=10 -checklevel=1 -txindex=1 -whitelist=127.0.0.1 - -# Maximum number of inbound+outbound connections. -#maxconnections= - -listen=1 - - -# JSON-RPC options (for controlling a running Bitcoin/bitcoind process) - -# server=1 tells Bitcoin to accept JSON-RPC commands. -server=1 - -# You must set rpcuser and rpcpassword to secure the JSON-RPC api -rpcuser=kosmos -rpcpassword=yunobuttcoin - -# By default, only RPC connections from localhost are allowed. Specify -# as many rpcallowip= settings as you like to allow connections from -# other hosts (and you may use * as a wildcard character): -#rpcallowip=192.168.1.* -rpcallowip=127.0.0.1 - -# Listen for RPC connections on this TCP port: -rpcbind=127.0.0.1:8336 - - -# Listen for P2P connections on this TCP port: -port=8335 - -# Use Secure Sockets Layer (also known as TLS or HTTPS) to communicate -# with Bitcoin -server or bitcoind -rpcssl=0 - -# OpenSSL settings used when rpcssl=1 -#rpcsslciphers=TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH - - -# Miscellaneous options - -# Set gen=1 to attempt to generate bitcoins -gen=0 - -# Use SSE instructions to try to generate bitcoins faster. -#4way=1 - -# Pre-generate this many public/private key pairs, so wallet backups will be valid for -# both prior transactions and several dozen future transactions. -#keypool=100 - -# Pay an optional transaction fee every time you send bitcoins. Transactions with fees -# are more likely than free transactions to be included in generated blocks, so may -# be validated sooner. -#paytxfee=0.00 - -# Allow direct connections for the 'pay via IP address' feature. -#allowreceivebyip=1 - -zmqpubrawblock=tcp://127.0.0.1:8337 -zmqpubrawtx=tcp://127.0.0.1:8338 diff --git a/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb b/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb index 9e04e05..b28ceea 100644 --- a/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb +++ b/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb @@ -6,14 +6,14 @@ ## <% @conf.each do |key, value| %> - <%= "#{key}=#{value}" %> +<%= "#{key}=#{value}" %> <% end %> <% if @mainnet_conf %> # Options only for mainnet [main] <% @mainnet_conf.each do |key, value| %> - <%= "#{key}=#{value}" %> +<%= "#{key}=#{value}" %> <% end %> <% end %> @@ -21,7 +21,7 @@ # Options only for testnet [test] <% @testnet_conf.each do |key, value| %> - <%= "#{key}=#{value}" %> +<%= "#{key}=#{value}" %> <% end %> <% end %> @@ -29,6 +29,6 @@ # Options only for regtest [regtest] <% @regtest_conf.each do |key, value| %> - <%= "#{key}=#{value}" %> +<%= "#{key}=#{value}" %> <% end %> <% end %> From 4889f40c6a9e1e219d13236053b1a4d748c571ea Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sat, 15 Feb 2020 13:14:56 -0500 Subject: [PATCH 09/20] WIP --- environments/development.json | 22 +++++++++++++++++++ .../kosmos-bitcoin/attributes/default.rb | 10 ++++----- .../kosmos-bitcoin/recipes/snapd.rb | 5 ++--- 3 files changed, 28 insertions(+), 9 deletions(-) diff --git a/environments/development.json b/environments/development.json index a6f79ca..7f8bff0 100644 --- a/environments/development.json +++ b/environments/development.json @@ -16,6 +16,28 @@ }, "kosmos-dirsrv": { "master_hostname": "localhost" + }, + "bitcoin": { + "conf": { + "testnet": 1, + "irc": 1, + "dnsseed": 1, + "upnp": 1, + "checkblocks": 10, + "checklevel": 1, + "txindex": 1, + "whitelist": "127.0.0.1", + "listen": 1, + "server": 1, + "rpcport": 8332, + "rpcssl": 0, + "rpcuser": "bitcoind", + "rpcbind": "127.0.0.1:8336", + "port": 8335, + "gen": 0, + "zmqpubrawblock": "tcp://127.0.0.1:8337", + "zmqpubrawtx": "tcp://127.0.0.1:8338" + } } } } diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index 62d6aca..591a364 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -1,24 +1,22 @@ node.default['bitcoin']['username'] = 'bitcoind' node.default['bitcoin']['usergroup'] = 'bitcoind' node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' +node.default['bitcoin']['network'] = 'mainnet' node.default['bitcoin']['conf'] = { - testnet: 0, irc: 1, dnsseed: 1, upnp: 1, checkblocks: 10, checklevel: 1, txindex: 1, - whitelist: "127.0.0.1", + whitelist: '127.0.0.1', listen: 1, server: 1, - rpcport: 8332, rpcssl: 0, rpcuser: 'bitcoind', rpcbind: "127.0.0.1:8336", - port: 8335, gen: 0, - zmqpubrawblock: "tcp://127.0.0.1:8337", - zmqpubrawtx: "tcp://127.0.0.1:8338" + zmqpubrawblock: 'tcp://127.0.0.1:8337', + zmqpubrawtx: 'tcp://127.0.0.1:8338' } diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 43e8153..5d233aa 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -55,7 +55,7 @@ template "#{bitcoin_datadir}/bitcoin.conf" do testnet_conf: node['bitcoin']['testnet_conf'], regtest_conf: node['bitcoin']['regtest_conf'] action :create - # notifies :reload, "service[bitcoind]", :delayed + notifies :restart, "systemd_unit[bitcoind.service]", :delayed end directory bitcoin_snapdir do @@ -93,8 +93,7 @@ systemd_unit 'bitcoind.service' do WantedBy: 'multi-user.target' } }) - verify false triggers_reload true - action :create + action [:create, :enable, :start] end From 476316e13b509eb575c2fa70ed1a387a6cec68c6 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 16 Aug 2020 16:20:43 +0200 Subject: [PATCH 10/20] Always use latest/stable channel for bitcoind snap --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 5d233aa..7970f59 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -27,7 +27,7 @@ # FIXME: Switch to the snap_package resource when it gets fixed: # https://github.com/chef/chef/issues/8827 -execute "snap install bitcoin-core --channel=0.19/stable" +execute "snap install bitcoin-core --channel=latest/stable" bitcoin_user = node['bitcoin']['username'] bitcoin_group = node['bitcoin']['usergroup'] From bbbd0f7408c56e3be8042e8099ba02078c73c792 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 16 Aug 2020 16:25:06 +0200 Subject: [PATCH 11/20] Change default username --- site-cookbooks/kosmos-bitcoin/attributes/default.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index 591a364..cb33666 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -1,5 +1,5 @@ -node.default['bitcoin']['username'] = 'bitcoind' -node.default['bitcoin']['usergroup'] = 'bitcoind' +node.default['bitcoin']['username'] = 'satoshi' +node.default['bitcoin']['usergroup'] = 'satoshi' node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' node.default['bitcoin']['network'] = 'mainnet' From 4606773440b43dc808947b7edfd0d1a0152308a1 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 16 Aug 2020 16:25:14 +0200 Subject: [PATCH 12/20] Update license note --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 7970f59..4339bf5 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -4,7 +4,7 @@ # # The MIT License (MIT) # -# Copyright:: 2019, Kosmos Developers +# Copyright:: 2020, Kosmos Developers # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal From 9795e77fdef09cbc167ffeebcf71edcbf06cff1e Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 16 Aug 2020 19:27:10 +0200 Subject: [PATCH 13/20] Bitcoin source recipe --- data_bags/credentials/bitcoin.json | 10 ++ nodes/draco.kosmos.org.json | 7 +- .../kosmos-bitcoin/attributes/default.rb | 10 +- site-cookbooks/kosmos-bitcoin/metadata.rb | 14 +- .../kosmos-bitcoin/recipes/source.rb | 144 ++++++++++++++++++ .../kosmos-bitcoin/templates/bitcoin.conf.erb | 8 +- 6 files changed, 178 insertions(+), 15 deletions(-) create mode 100644 data_bags/credentials/bitcoin.json create mode 100644 site-cookbooks/kosmos-bitcoin/recipes/source.rb diff --git a/data_bags/credentials/bitcoin.json b/data_bags/credentials/bitcoin.json new file mode 100644 index 0000000..3be7b2d --- /dev/null +++ b/data_bags/credentials/bitcoin.json @@ -0,0 +1,10 @@ +{ + "id": "bitcoin", + "rpcpassword": { + "encrypted_data": "dBXJXEYJIoWzo+TPg8CzaKfTo94SdowFDdQKVL/njQ==\n", + "iv": "UNragm2xuewXZu0v\n", + "auth_tag": "tfjO8qfvti3k5L3Ms2jPLw==\n", + "version": 3, + "cipher": "aes-256-gcm" + } +} \ No newline at end of file diff --git a/nodes/draco.kosmos.org.json b/nodes/draco.kosmos.org.json index e266fe1..34a8a7c 100644 --- a/nodes/draco.kosmos.org.json +++ b/nodes/draco.kosmos.org.json @@ -8,7 +8,7 @@ "automatic": { "fqdn": "draco.kosmos.org", "os": "linux", - "os_version": "5.4.0-37-generic", + "os_version": "5.4.0-42-generic", "hostname": "draco", "ipaddress": "148.251.237.73", "roles": [ @@ -20,6 +20,7 @@ "kosmos_encfs", "kosmos_encfs::default", "kosmos-postgresql::replica", + "kosmos-bitcoin::source", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -35,6 +36,7 @@ "hostname::default", "firewall::default", "chef-sugar::default", + "ark::default", "build-essential::default" ], "platform": "ubuntu", @@ -54,6 +56,7 @@ "run_list": [ "recipe[kosmos-base]", "recipe[kosmos_encfs]", - "role[postgresql_replica]" + "role[postgresql_replica]", + "recipe[kosmos-bitcoin::source]" ] } \ No newline at end of file diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index cb33666..4c01630 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -1,7 +1,9 @@ +node.default['bitcoin']['version'] = '0.20.1' +node.default['bitcoin']['checksum'] = '4bbd62fd6acfa5e9864ebf37a24a04bc2dcfe3e3222f056056288d854c53b978' node.default['bitcoin']['username'] = 'satoshi' -node.default['bitcoin']['usergroup'] = 'satoshi' -node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' +node.default['bitcoin']['usergroup'] = 'bitcoin' node.default['bitcoin']['network'] = 'mainnet' +node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' node.default['bitcoin']['conf'] = { irc: 1, @@ -14,8 +16,8 @@ node.default['bitcoin']['conf'] = { listen: 1, server: 1, rpcssl: 0, - rpcuser: 'bitcoind', - rpcbind: "127.0.0.1:8336", + rpcuser: 'satoshi', + rpcbind: "127.0.0.1:8332", gen: 0, zmqpubrawblock: 'tcp://127.0.0.1:8337', zmqpubrawtx: 'tcp://127.0.0.1:8338' diff --git a/site-cookbooks/kosmos-bitcoin/metadata.rb b/site-cookbooks/kosmos-bitcoin/metadata.rb index f2f0bb3..60121e3 100644 --- a/site-cookbooks/kosmos-bitcoin/metadata.rb +++ b/site-cookbooks/kosmos-bitcoin/metadata.rb @@ -1,9 +1,9 @@ name 'kosmos-bitcoin' -maintainer 'The Authors' -maintainer_email 'you@example.com' -license 'All Rights Reserved' -description 'Installs/Configures kosmos-bitcoin' -long_description 'Installs/Configures kosmos-bitcoin' +maintainer 'Kosmos Developers' +maintainer_email 'mail@kosmos.org' +license 'MIT' +description 'Installs/Configures Bitcoin Core' +long_description 'Installs/Configures Bitcoin Core' version '0.1.0' chef_version '>= 14.0' @@ -18,3 +18,7 @@ chef_version '>= 14.0' # a Supermarket. # # source_url 'https://github.com//kosmos-bitcoin' + +depends "ark" +depends "kosmos_encfs" +depends "ulimit" diff --git a/site-cookbooks/kosmos-bitcoin/recipes/source.rb b/site-cookbooks/kosmos-bitcoin/recipes/source.rb new file mode 100644 index 0000000..2766420 --- /dev/null +++ b/site-cookbooks/kosmos-bitcoin/recipes/source.rb @@ -0,0 +1,144 @@ +# +# Cookbook:: kosmos-bitcoin +# Recipe:: source +# +# The MIT License (MIT) +# +# Copyright:: 2020, Kosmos Developers +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. +# + +include_recipe 'ark' + +build_essential + +%w{ libtool autotools-dev make automake cmake curl g++-multilib libtool + binutils-gold bsdmainutils pkg-config python3 patch }.each do |pkg| + apt_package pkg +end + +ark 'bitcoind' do + url "https://bitcoincore.org/bin/bitcoin-core-#{node['bitcoin']['version']}/bitcoin-#{node['bitcoin']['version']}.tar.gz" + checksum node['bitcoin']['checksum'] + action :put +end + +execute "Compile bitcoin-core dependencies" do + cwd "/usr/local/bitcoind/depends" + command "make NO_QT=1" + not_if { ::File.directory?("/usr/local/bitcoind/depends/x86_64-pc-linux-gnu") } +end + +execute "Configure bitcoin-core" do + cwd "/usr/local/bitcoind" + command [ + "./autogen.sh", + "./configure --prefix=$PWD/depends/x86_64-pc-linux-gnu" + ] + not_if { ::File.exist?("/usr/local/bitcoind/src/bitcoind") } +end + +execute "Compile bitcoin-core" do + cwd "/usr/local/bitcoind" + command "make" + not_if { ::File.exist?("/usr/local/bitcoind/src/bitcoind") } +end + +link "/usr/local/bin/bitcoind" do + to "/usr/local/bitcoind/src/bitcoind" +end + +link "/usr/local/bin/bitcoin-cli" do + to "/usr/local/bitcoind/src/bitcoin-cli" +end + +bitcoin_user = node['bitcoin']['username'] +bitcoin_group = node['bitcoin']['usergroup'] +bitcoin_datadir = node['bitcoin']['datadir'] +credentials = Chef::EncryptedDataBagItem.load('credentials', 'bitcoin') + +group bitcoin_group + +user bitcoin_user do + manage_home true + gid bitcoin_group + shell "/bin/bash" +end + +directory bitcoin_datadir do + owner bitcoin_user + group bitcoin_group + mode '0750' + recursive true + action :create +end + +template "#{bitcoin_datadir}/bitcoin.conf" do + owner bitcoin_user + group bitcoin_group + mode '0640' + # TODO Create new in data bag and use here + variables conf: node['bitcoin']['conf'].merge({rpcpassword: credentials["rpcpassword"]}), + mainnet_conf: node['bitcoin']['mainnet_conf'], + testnet_conf: node['bitcoin']['testnet_conf'], + regtest_conf: node['bitcoin']['regtest_conf'] + action :create + notifies :restart, "systemd_unit[bitcoind.service]", :delayed +end + +systemd_unit 'bitcoind.service' do + content({ + Unit: { + Description: 'Bitcoin Core daemon', + Documentation: ['https://bitcoincore.org'], + After: 'network.target' + }, + Service: { + User: bitcoin_user, + Type: 'simple', + ExecStart: "bitcoind -datadir=#{bitcoin_datadir} -pid=#{bitcoin_datadir}/bitcoind.pid", + PIDFile: "#{bitcoin_datadir}/bitcoind.pid", + Restart: 'always', + PrivateTmp: true, + LimitNOFILE: 'infinity', + TimeoutStopSec: '60s', + TimeoutStartSec: '20s', + StartLimitInterval: '60s', + StartLimitBurst: '2' + }, + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :start] +end + +# Creates/starts a Path unit which starts the bitcoind service when the +# encrypted data directory is mounted +# TODO move to custom kosmos cookbook before publishing bitcoin cookbook +encfs_path_activation_unit 'bitcoind.service' + +firewall_rule 'bitcoind' do + port [8333] # TODO adjust for testnet + protocol :tcp + command :allow +end diff --git a/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb b/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb index b28ceea..d2a8438 100644 --- a/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb +++ b/site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb @@ -5,14 +5,14 @@ ## during the next Chef run! ## -<% @conf.each do |key, value| %> +<% @conf.sort.each do |key, value| %> <%= "#{key}=#{value}" %> <% end %> <% if @mainnet_conf %> # Options only for mainnet [main] -<% @mainnet_conf.each do |key, value| %> +<% @mainnet_conf.sort.each do |key, value| %> <%= "#{key}=#{value}" %> <% end %> <% end %> @@ -20,7 +20,7 @@ <% if @testnet_conf %> # Options only for testnet [test] -<% @testnet_conf.each do |key, value| %> +<% @testnet_conf.sort.each do |key, value| %> <%= "#{key}=#{value}" %> <% end %> <% end %> @@ -28,7 +28,7 @@ <% if @regtest_conf %> # Options only for regtest [regtest] -<% @regtest_conf.each do |key, value| %> +<% @regtest_conf.sort.each do |key, value| %> <%= "#{key}=#{value}" %> <% end %> <% end %> From d65363f964df127da92fed03bc534e186cdd686d Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Mon, 17 Aug 2020 10:51:54 +0200 Subject: [PATCH 14/20] Remove obsolete ulimit dep --- site-cookbooks/kosmos-bitcoin/metadata.rb | 1 - site-cookbooks/kosmos-bitcoin/recipes/source.rb | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/metadata.rb b/site-cookbooks/kosmos-bitcoin/metadata.rb index 60121e3..37f95f4 100644 --- a/site-cookbooks/kosmos-bitcoin/metadata.rb +++ b/site-cookbooks/kosmos-bitcoin/metadata.rb @@ -21,4 +21,3 @@ chef_version '>= 14.0' depends "ark" depends "kosmos_encfs" -depends "ulimit" diff --git a/site-cookbooks/kosmos-bitcoin/recipes/source.rb b/site-cookbooks/kosmos-bitcoin/recipes/source.rb index 2766420..e3c8e8f 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/source.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/source.rb @@ -137,6 +137,7 @@ end # TODO move to custom kosmos cookbook before publishing bitcoin cookbook encfs_path_activation_unit 'bitcoind.service' +# TODO move to custom kosmos cookbook before publishing bitcoin cookbook firewall_rule 'bitcoind' do port [8333] # TODO adjust for testnet protocol :tcp From b0daa3d463b1a4e1ca92666ba7a143ae56379019 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Mon, 17 Aug 2020 16:46:59 +0200 Subject: [PATCH 15/20] Only store wallet in encrypted dir Storing all chain data in encfs caused unsolvable issues with leveldb. So now we're only storing wallet data in the encrypted dir. --- .../kosmos-bitcoin/attributes/default.rb | 3 +- .../kosmos-bitcoin/recipes/source.rb | 30 +++++++++++-------- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index 4c01630..33fd5ca 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -3,7 +3,8 @@ node.default['bitcoin']['checksum'] = '4bbd62fd6acfa5e9864ebf37a24a04bc2dcfe3e3 node.default['bitcoin']['username'] = 'satoshi' node.default['bitcoin']['usergroup'] = 'bitcoin' node.default['bitcoin']['network'] = 'mainnet' -node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin' +node.default['bitcoin']['datadir'] = '/home/satoshi/.bitcoin' +node.default['bitcoin']['walletdir'] = '/mnt/data/bitcoin' node.default['bitcoin']['conf'] = { irc: 1, diff --git a/site-cookbooks/kosmos-bitcoin/recipes/source.rb b/site-cookbooks/kosmos-bitcoin/recipes/source.rb index e3c8e8f..2c32084 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/source.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/source.rb @@ -69,10 +69,11 @@ link "/usr/local/bin/bitcoin-cli" do to "/usr/local/bitcoind/src/bitcoin-cli" end -bitcoin_user = node['bitcoin']['username'] -bitcoin_group = node['bitcoin']['usergroup'] -bitcoin_datadir = node['bitcoin']['datadir'] -credentials = Chef::EncryptedDataBagItem.load('credentials', 'bitcoin') +bitcoin_user = node['bitcoin']['username'] +bitcoin_group = node['bitcoin']['usergroup'] +bitcoin_datadir = node['bitcoin']['datadir'] +bitcoin_walletdir = node['bitcoin']['walletdir'] +credentials = Chef::EncryptedDataBagItem.load('credentials', 'bitcoin') group bitcoin_group @@ -82,20 +83,25 @@ user bitcoin_user do shell "/bin/bash" end -directory bitcoin_datadir do - owner bitcoin_user - group bitcoin_group - mode '0750' - recursive true - action :create +[bitcoin_datadir, bitcoin_walletdir].each do |path| + directory path do + owner bitcoin_user + group bitcoin_group + mode '0750' + recursive true + action :create + end end +config = node['bitcoin']['conf'].merge({ + rpcpassword: credentials["rpcpassword"] +}) + template "#{bitcoin_datadir}/bitcoin.conf" do owner bitcoin_user group bitcoin_group mode '0640' - # TODO Create new in data bag and use here - variables conf: node['bitcoin']['conf'].merge({rpcpassword: credentials["rpcpassword"]}), + variables conf: config, mainnet_conf: node['bitcoin']['mainnet_conf'], testnet_conf: node['bitcoin']['testnet_conf'], regtest_conf: node['bitcoin']['regtest_conf'] From 23588760fa3a5b7e34f28963546af3983da8196a Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Mon, 17 Aug 2020 21:43:56 +0200 Subject: [PATCH 16/20] Add walletdir flag to bitcoind service start --- site-cookbooks/kosmos-bitcoin/recipes/source.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/source.rb b/site-cookbooks/kosmos-bitcoin/recipes/source.rb index 2c32084..5f5f02f 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/source.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/source.rb @@ -119,7 +119,7 @@ systemd_unit 'bitcoind.service' do Service: { User: bitcoin_user, Type: 'simple', - ExecStart: "bitcoind -datadir=#{bitcoin_datadir} -pid=#{bitcoin_datadir}/bitcoind.pid", + ExecStart: "bitcoind -datadir=#{bitcoin_datadir} -walletdir=#{bitcoin_walletdir} -pid=#{bitcoin_datadir}/bitcoind.pid", PIDFile: "#{bitcoin_datadir}/bitcoind.pid", Restart: 'always', PrivateTmp: true, From 97ae73c987e73f6a4ccff31c5e9dc816a36bd20c Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Tue, 18 Aug 2020 14:38:16 +0200 Subject: [PATCH 17/20] Improve variable name --- site-cookbooks/kosmos-bitcoin/recipes/source.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/source.rb b/site-cookbooks/kosmos-bitcoin/recipes/source.rb index 5f5f02f..c1261c8 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/source.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/source.rb @@ -93,7 +93,7 @@ end end end -config = node['bitcoin']['conf'].merge({ +bitcoin_config = node['bitcoin']['conf'].merge({ rpcpassword: credentials["rpcpassword"] }) @@ -101,7 +101,7 @@ template "#{bitcoin_datadir}/bitcoin.conf" do owner bitcoin_user group bitcoin_group mode '0640' - variables conf: config, + variables conf: bitcoin_config, mainnet_conf: node['bitcoin']['mainnet_conf'], testnet_conf: node['bitcoin']['testnet_conf'], regtest_conf: node['bitcoin']['regtest_conf'] From c98be94404ea6feac4544354b38876d2017f4d2c Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Tue, 18 Aug 2020 14:44:23 +0200 Subject: [PATCH 18/20] Add rpcpassword support to bitcoin snap recipe --- site-cookbooks/kosmos-bitcoin/recipes/snapd.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb index 4339bf5..59d15f4 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/snapd.rb @@ -47,10 +47,14 @@ directory bitcoin_datadir do action :create end +bitcoin_config = node['bitcoin']['conf'].merge({ + rpcpassword: credentials["rpcpassword"] +}) + template "#{bitcoin_datadir}/bitcoin.conf" do owner bitcoin_user group bitcoin_group - variables conf: node['bitcoin']['conf'], + variables conf: bitcoin_config, mainnet_conf: node['bitcoin']['mainnet_conf'], testnet_conf: node['bitcoin']['testnet_conf'], regtest_conf: node['bitcoin']['regtest_conf'] From 1a8c3e4350f8a9ed4239cb46a2096c5a13f416fb Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Wed, 19 Aug 2020 15:28:00 +0200 Subject: [PATCH 19/20] Suggest bitcoin source recipe for dev --- Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Vagrantfile b/Vagrantfile index 2b3b4aa..4cf5ee3 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -95,7 +95,7 @@ Vagrant.configure(2) do |config| chef.environment = 'development' chef.add_recipe 'kosmos-base' chef.add_recipe 'kosmos_encfs' - # chef.add_recipe 'kosmos-bitcoin::snapd' + # chef.add_recipe 'kosmos-bitcoin::source' # chef.add_recipe 'kosmos-mediawiki' # chef.add_recipe 'kosmos-wordpress' # chef.add_recipe 'kosmos-ejabberd' From 5c105f00d1c9b245b0effeae97e73d66c2200ea2 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Wed, 19 Aug 2020 15:29:18 +0200 Subject: [PATCH 20/20] Use MIT license for bitcoin cookbook --- site-cookbooks/kosmos-bitcoin/LICENSE | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/site-cookbooks/kosmos-bitcoin/LICENSE b/site-cookbooks/kosmos-bitcoin/LICENSE index 10b5688..f518b02 100644 --- a/site-cookbooks/kosmos-bitcoin/LICENSE +++ b/site-cookbooks/kosmos-bitcoin/LICENSE @@ -1,3 +1,20 @@ -Copyright 2019 The Authors +Copyright (c) 2020 Kosmos Developers -All rights reserved, do not redistribute. +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.