Merge pull request 'Back up LND files and channels to S3' (#370) from feature/359-lnd_channel_backups into master
Reviewed-on: #370
This commit is contained in:
commit
62ff4e51b7
|
@ -23,6 +23,7 @@
|
|||
"kosmos-bitcoin::source",
|
||||
"kosmos-bitcoin::c-lightning",
|
||||
"kosmos-bitcoin::lnd",
|
||||
"kosmos-bitcoin::lnd-scb-s3",
|
||||
"kosmos-bitcoin::rtl",
|
||||
"kosmos-bitcoin::lndhub",
|
||||
"kosmos_postgresql::hostsfile",
|
||||
|
@ -48,6 +49,9 @@
|
|||
"git::default",
|
||||
"git::package",
|
||||
"golang::default",
|
||||
"backup::default",
|
||||
"logrotate::default",
|
||||
"kosmos-bitcoin::aws-client",
|
||||
"kosmos-nodejs::default",
|
||||
"nodejs::nodejs_from_package",
|
||||
"nodejs::repo",
|
||||
|
@ -70,9 +74,7 @@
|
|||
"nginx::commons_dir",
|
||||
"nginx::commons_script",
|
||||
"nginx::commons_conf",
|
||||
"kosmos-nginx::firewall",
|
||||
"backup::default",
|
||||
"logrotate::default"
|
||||
"kosmos-nginx::firewall"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "20.04",
|
||||
|
@ -94,6 +96,7 @@
|
|||
"recipe[kosmos-bitcoin::source]",
|
||||
"recipe[kosmos-bitcoin::c-lightning]",
|
||||
"recipe[kosmos-bitcoin::lnd]",
|
||||
"recipe[kosmos-bitcoin::lnd-scb-s3]",
|
||||
"recipe[kosmos-bitcoin::rtl]",
|
||||
"recipe[kosmos-bitcoin::lndhub]",
|
||||
"role[btcpay]"
|
||||
|
|
|
@ -2,26 +2,6 @@
|
|||
# Cookbook Name:: backup
|
||||
# Recipe:: default
|
||||
#
|
||||
# Copyright 2012, Appcache Ltd / 5apps.com
|
||||
#
|
||||
# Permission is hereby granted, free of charge, to any person obtaining
|
||||
# a copy of this software and associated documentation files (the
|
||||
# "Software"), to deal in the Software without restriction, including
|
||||
# without limitation the rights to use, copy, modify, merge, publish,
|
||||
# distribute, sublicense, and/or sell copies of the Software, and to
|
||||
# permit persons to whom the Software is furnished to do so, subject to
|
||||
# the following conditions:
|
||||
#
|
||||
# The above copyright notice and this permission notice shall be
|
||||
# included in all copies or substantial portions of the Software.
|
||||
#
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
||||
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
||||
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
||||
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
build_essential 'backup gem'
|
||||
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
#
|
||||
# Cookbook:: kosmos-bitcoin
|
||||
# Recipe:: aws-client
|
||||
#
|
||||
|
||||
package "awscli"
|
||||
|
||||
directory "/root/.aws"
|
||||
|
||||
credentials = Chef::EncryptedDataBagItem.load('credentials', 'backup')
|
||||
|
||||
file "/root/.aws/config" do
|
||||
mode "600"
|
||||
content lazy { <<-EOF
|
||||
[default]
|
||||
region = #{credentials["s3_region"]}
|
||||
EOF
|
||||
}
|
||||
end
|
||||
|
||||
file "/root/.aws/credentials" do
|
||||
mode "600"
|
||||
content lazy { <<-EOF
|
||||
[default]
|
||||
aws_access_key_id = #{credentials["s3_access_key_id"]}
|
||||
aws_secret_access_key = #{credentials["s3_secret_access_key"]}
|
||||
EOF
|
||||
}
|
||||
end
|
|
@ -0,0 +1,47 @@
|
|||
#
|
||||
# Cookbook:: kosmos-bitcoin
|
||||
# Recipe:: lnd-scb-s3
|
||||
#
|
||||
# Static Channel Backup for LND channel states
|
||||
#
|
||||
|
||||
include_recipe "kosmos-bitcoin::aws-client"
|
||||
|
||||
package "inotify-tools"
|
||||
|
||||
backup_script_path = "/opt/lnd-channel-backup-s3.sh"
|
||||
|
||||
template backup_script_path do
|
||||
source "lnd-channel-backup-s3.sh.erb"
|
||||
mode '0740'
|
||||
variables lnd_dir: node['lnd']['lnd_dir'],
|
||||
bitcoin_network: node['bitcoin']['network'],
|
||||
s3_bucket: node['backup']['s3']['bucket'],
|
||||
s3_scb_dir: "#{node['name']}/lnd/#{node['bitcoin']['network']}"
|
||||
notifies :restart, "systemd_unit[lnd-channel-backup.service]", :delayed
|
||||
end
|
||||
|
||||
systemd_unit 'lnd-channel-backup.service' do
|
||||
content({
|
||||
Unit: {
|
||||
Description: 'LND Static Channel Backup',
|
||||
Documentation: ['https://gist.github.com/alexbosworth/2c5e185aedbdac45a03655b709e255a3'],
|
||||
Requires: 'lnd.service',
|
||||
After: 'lnd.service'
|
||||
},
|
||||
Service: {
|
||||
User: 'root',
|
||||
Group: 'root',
|
||||
Type: 'simple',
|
||||
ExecStart: backup_script_path,
|
||||
Restart: 'always',
|
||||
RestartSec: 1
|
||||
},
|
||||
Install: {
|
||||
WantedBy: 'multi-user.target'
|
||||
}
|
||||
})
|
||||
verify false
|
||||
triggers_reload true
|
||||
action [:create, :enable, :start]
|
||||
end
|
|
@ -118,3 +118,8 @@ if node['bitcoin']['tor_enabled']
|
|||
node.override['tor']['ControlPort'] = 9051
|
||||
node.override['tor']['CookieAuthentication'] = true
|
||||
end
|
||||
|
||||
unless node.chef_environment == 'development'
|
||||
node.override['backup']['archives']['lnd'] = [node['lnd']['lnd_dir']]
|
||||
include_recipe 'backup'
|
||||
end
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
set -xe -o pipefail
|
||||
|
||||
while true; do
|
||||
inotifywait <%= @lnd_dir %>/data/chain/bitcoin/<%= @bitcoin_network %>/channel.backup
|
||||
aws s3 cp <%= @lnd_dir %>/data/chain/bitcoin/<%= @bitcoin_network %>/channel.backup "s3://<%= @s3_bucket %>/<%= @s3_scb_dir %>/channel.backup"
|
||||
done
|
Loading…
Reference in New Issue