kosmos/chef
kosmos
/
chef
8
3
Fork 0
Code Issues 34 Pull Requests 1 Projects 1 Activity

Bitcoin source recipe

This commit is contained in:
Basti 2020-08-16 19:27:10 +02:00
parent 4606773440
commit 9795e77fde
Signed by untrusted user: basti
GPG Key ID: 9F88009D31D99C72
6 changed files with 178 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
data_bags/credentials/bitcoin.json Normal file
View File

@ -0,0 +1,10 @@
{
"id": "bitcoin",
"rpcpassword": {
"encrypted_data": "dBXJXEYJIoWzo+TPg8CzaKfTo94SdowFDdQKVL/njQ==\n",
"iv": "UNragm2xuewXZu0v\n",
"auth_tag": "tfjO8qfvti3k5L3Ms2jPLw==\n",
"version": 3,
"cipher": "aes-256-gcm"
}
}

7
nodes/draco.kosmos.org.json
View File

@ -8,7 +8,7 @@
"automatic": {
"fqdn": "draco.kosmos.org",
"os": "linux",
"os_version": "5.4.0-37-generic",
"os_version": "5.4.0-42-generic",
"hostname": "draco",
"ipaddress": "148.251.237.73",
"roles": [
@ -20,6 +20,7 @@
"kosmos_encfs",
"kosmos_encfs::default",
"kosmos-postgresql::replica",
"kosmos-bitcoin::source",
"apt::default",
"timezone_iii::default",
"timezone_iii::debian",
@ -35,6 +36,7 @@
"hostname::default",
"firewall::default",
"chef-sugar::default",
"ark::default",
"build-essential::default"
],
"platform": "ubuntu",
@ -54,6 +56,7 @@
"run_list": [
"recipe[kosmos-base]",
"recipe[kosmos_encfs]",
"role[postgresql_replica]"
"role[postgresql_replica]",
"recipe[kosmos-bitcoin::source]"
]
}

10
site-cookbooks/kosmos-bitcoin/attributes/default.rb
View File

@ -1,7 +1,9 @@
node.default['bitcoin']['version'] = '0.20.1'
node.default['bitcoin']['checksum'] = '4bbd62fd6acfa5e9864ebf37a24a04bc2dcfe3e3222f056056288d854c53b978'
node.default['bitcoin']['username'] = 'satoshi'
node.default['bitcoin']['usergroup'] = 'satoshi'
node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin'
node.default['bitcoin']['usergroup'] = 'bitcoin'
node.default['bitcoin']['network'] = 'mainnet'
node.default['bitcoin']['datadir'] = '/mnt/data/bitcoin'
node.default['bitcoin']['conf'] = {
irc: 1,
@ -14,8 +16,8 @@ node.default['bitcoin']['conf'] = {
listen: 1,
server: 1,
rpcssl: 0,
rpcuser: 'bitcoind',
rpcbind: "127.0.0.1:8336",
rpcuser: 'satoshi',
rpcbind: "127.0.0.1:8332",
gen: 0,
zmqpubrawblock: 'tcp://127.0.0.1:8337',
zmqpubrawtx: 'tcp://127.0.0.1:8338'

14
site-cookbooks/kosmos-bitcoin/metadata.rb
View File

@ -1,9 +1,9 @@
name 'kosmos-bitcoin'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'All Rights Reserved'
description 'Installs/Configures kosmos-bitcoin'
long_description 'Installs/Configures kosmos-bitcoin'
maintainer 'Kosmos Developers'
maintainer_email 'mail@kosmos.org'
license 'MIT'
description 'Installs/Configures Bitcoin Core'
long_description 'Installs/Configures Bitcoin Core'
version '0.1.0'
chef_version '>= 14.0'
@ -18,3 +18,7 @@ chef_version '>= 14.0'
# a Supermarket.
#
# source_url 'https://github.com/<insert_org_here>/kosmos-bitcoin'
depends "ark"
depends "kosmos_encfs"
depends "ulimit"

144
site-cookbooks/kosmos-bitcoin/recipes/source.rb Normal file
View File

@ -0,0 +1,144 @@
#
# Cookbook:: kosmos-bitcoin
# Recipe:: source
#
# The MIT License (MIT)
#
# Copyright:: 2020, Kosmos Developers
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
#
include_recipe 'ark'
build_essential
%w{ libtool autotools-dev make automake cmake curl g++-multilib libtool
binutils-gold bsdmainutils pkg-config python3 patch }.each do |pkg|
apt_package pkg
end
ark 'bitcoind' do
url "https://bitcoincore.org/bin/bitcoin-core-#{node['bitcoin']['version']}/bitcoin-#{node['bitcoin']['version']}.tar.gz"
checksum node['bitcoin']['checksum']
action :put
end
execute "Compile bitcoin-core dependencies" do
cwd "/usr/local/bitcoind/depends"
command "make NO_QT=1"
not_if { ::File.directory?("/usr/local/bitcoind/depends/x86_64-pc-linux-gnu") }
end
execute "Configure bitcoin-core" do
cwd "/usr/local/bitcoind"
command [
"./autogen.sh",
"./configure --prefix=$PWD/depends/x86_64-pc-linux-gnu"
]
not_if { ::File.exist?("/usr/local/bitcoind/src/bitcoind") }
end
execute "Compile bitcoin-core" do
cwd "/usr/local/bitcoind"
command "make"
not_if { ::File.exist?("/usr/local/bitcoind/src/bitcoind") }
end
link "/usr/local/bin/bitcoind" do
to "/usr/local/bitcoind/src/bitcoind"
end
link "/usr/local/bin/bitcoin-cli" do
to "/usr/local/bitcoind/src/bitcoin-cli"
end
bitcoin_user = node['bitcoin']['username']
bitcoin_group = node['bitcoin']['usergroup']
bitcoin_datadir = node['bitcoin']['datadir']
credentials = Chef::EncryptedDataBagItem.load('credentials', 'bitcoin')
group bitcoin_group
user bitcoin_user do
manage_home true
gid bitcoin_group
shell "/bin/bash"
end
directory bitcoin_datadir do
owner bitcoin_user
group bitcoin_group
mode '0750'
recursive true
action :create
end
template "#{bitcoin_datadir}/bitcoin.conf" do
owner bitcoin_user
group bitcoin_group
mode '0640'
# TODO Create new in data bag and use here
variables conf: node['bitcoin']['conf'].merge({rpcpassword: credentials["rpcpassword"]}),
mainnet_conf: node['bitcoin']['mainnet_conf'],
testnet_conf: node['bitcoin']['testnet_conf'],
regtest_conf: node['bitcoin']['regtest_conf']
action :create
notifies :restart, "systemd_unit[bitcoind.service]", :delayed
end
systemd_unit 'bitcoind.service' do
content({
Unit: {
Description: 'Bitcoin Core daemon',
Documentation: ['https://bitcoincore.org'],
After: 'network.target'
},
Service: {
User: bitcoin_user,
Type: 'simple',
ExecStart: "bitcoind -datadir=#{bitcoin_datadir} -pid=#{bitcoin_datadir}/bitcoind.pid",
PIDFile: "#{bitcoin_datadir}/bitcoind.pid",
Restart: 'always',
PrivateTmp: true,
LimitNOFILE: 'infinity',
TimeoutStopSec: '60s',
TimeoutStartSec: '20s',
StartLimitInterval: '60s',
StartLimitBurst: '2'
},
Install: {
WantedBy: 'multi-user.target'
}
})
verify false
triggers_reload true
action [:create, :start]
end
# Creates/starts a Path unit which starts the bitcoind service when the
# encrypted data directory is mounted
# TODO move to custom kosmos cookbook before publishing bitcoin cookbook
encfs_path_activation_unit 'bitcoind.service'
firewall_rule 'bitcoind' do
port [8333] # TODO adjust for testnet
protocol :tcp
command :allow
end

8
site-cookbooks/kosmos-bitcoin/templates/bitcoin.conf.erb
View File

@ -5,14 +5,14 @@
## during the next Chef run!
##
<% @conf.each do |key, value| %>
<% @conf.sort.each do |key, value| %>
<%= "#{key}=#{value}" %>
<% end %>
<% if @mainnet_conf %>
# Options only for mainnet
[main]
<% @mainnet_conf.each do |key, value| %>
<% @mainnet_conf.sort.each do |key, value| %>
<%= "#{key}=#{value}" %>
<% end %>
<% end %>
@ -20,7 +20,7 @@
<% if @testnet_conf %>
# Options only for testnet
[test]
<% @testnet_conf.each do |key, value| %>
<% @testnet_conf.sort.each do |key, value| %>
<%= "#{key}=#{value}" %>
<% end %>
<% end %>
@ -28,7 +28,7 @@
<% if @regtest_conf %>
# Options only for regtest
[regtest]
<% @regtest_conf.each do |key, value| %>
<% @regtest_conf.sort.each do |key, value| %>
<%= "#{key}=#{value}" %>
<% end %>
<% end %>