balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Docker: export "safe" RPCs from the container.

Browse Source
This commit is contained in:
Grégoire Henry 2017-04-17 02:25:20 +02:00
parent 9480d411a2
commit 72e200bfd3
8 changed files with 77 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitlab-ci.yml
View File

@ -173,6 +173,7 @@ build:docker:alphanet:
only: only:
- alphanet@tezos/tezos - alphanet@tezos/tezos
script: script:
- sed -i s/TEZOS/TEZOS_ALPHANET/ src/node/shell/distributed_db_message.ml
- patch -p1 < scripts/alphanet_constants.patch - patch -p1 < scripts/alphanet_constants.patch
- ./scripts/create_docker_image.sh - ./scripts/create_docker_image.sh
"${CI_REGISTRY_IMAGE}" "${CI_BUILD_REF}.patched" . "${CI_REGISTRY_IMAGE}" "${CI_BUILD_REF}.patched" .
@ -185,6 +186,7 @@ build:docker:alphanet_next:
only: only:
- master@tezos/tezos - master@tezos/tezos
script: script:
- sed -i s/TEZOS/TEZOS_ALPHANET_NEXT/ src/node/shell/distributed_db_message.ml
- patch -p1 < scripts/alphanet_constants.patch - patch -p1 < scripts/alphanet_constants.patch
- patch -p1 < scripts/alphanet_next.patch - patch -p1 < scripts/alphanet_next.patch
- ./scripts/create_docker_image.sh - ./scripts/create_docker_image.sh
@ -296,9 +298,7 @@ deploy:alphanet_next:
- echo "${CI_KH}" > ~/.ssh/known_hosts - echo "${CI_KH}" > ~/.ssh/known_hosts
- echo "${CI_PK_ALPHANET_NEXT}" > ~/.ssh/id_ed25519 - echo "${CI_PK_ALPHANET_NEXT}" > ~/.ssh/id_ed25519
- chmod 400 ~/.ssh/id_ed25519 - chmod 400 ~/.ssh/id_ed25519
- ssh greg@zo.gbzm.fr - echo | ssh -v greg@zo.gbzm.fr
- ssh tezos@35.167.138.212
- ssh tezos@35.165.227.4
allow_failure: true allow_failure: true
cleanup: cleanup:

9
scripts/Dockerfile.binaries.in
View File

@ -2,11 +2,11 @@ FROM alpine:$alpine_version
LABEL distro_style="apk" distro="alpine" distro_long="alpine-$alpine_version" arch="x86_64" operatingsystem="linux" LABEL distro_style="apk" distro="alpine" distro_long="alpine-$alpine_version" arch="x86_64" operatingsystem="linux"
RUN apk update && \ RUN adduser -S tezos && \
apk update && \
apk upgrade && \ apk upgrade && \
apk add sudo bash libssl1.0 libsodium libev gmp git && \ apk add sudo bash libssl1.0 libsodium libev gmp git nginx && \
rm -f /var/cache/apk/* && \ rm -f /var/cache/apk/* && \
adduser -S tezos && \
echo 'tezos ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/tezos && \ echo 'tezos ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/tezos && \
chmod 440 /etc/sudoers.d/tezos && \ chmod 440 /etc/sudoers.d/tezos && \
chown root:root /etc/sudoers.d/tezos && \ chown root:root /etc/sudoers.d/tezos && \
@ -30,6 +30,9 @@ RUN sudo cp scripts/docker_entrypoint.sh /usr/local/bin/tezos && \
RUN sudo mkdir -p /var/run/tezos && \ RUN sudo mkdir -p /var/run/tezos && \
sudo chown tezos /var/run/tezos sudo chown tezos /var/run/tezos
RUN sudo mkdir -p /run/nginx && \
sudo cp scripts/nginx.conf /etc/nginx
ENV EDITOR=vi ENV EDITOR=vi
VOLUME /var/run/tezos VOLUME /var/run/tezos

24
scripts/alphanet.sh
View File

@ -128,7 +128,7 @@ check_volume() {
clear_volume() { clear_volume() {
if check_volume ; then if check_volume ; then
docker volume rm "$docker_volume" docker volume rm "$docker_volume" > /dev/null
echo "\033[32mThe blockchain data has been removed from the disk.\033[0m" echo "\033[32mThe blockchain data has been removed from the disk.\033[0m"
else else
echo "\033[32mNo remaining data to be removed from the disk.\033[0m" echo "\033[32mNo remaining data to be removed from the disk.\033[0m"
@ -170,11 +170,13 @@ start_container() {
fi fi
docker rm "$docker_container" || true > /dev/null 2>&1 docker rm "$docker_container" || true > /dev/null 2>&1
echo "Launching the docker container..." echo "Launching the docker container..."
docker run -dit -p "$port:$port" \ docker run --rm -dit -p "$port:$port" -p "8732:80" \
-v $docker_volume:/var/run/tezos \ -v $docker_volume:/var/run/tezos \
--entrypoint /bin/sh \ --entrypoint /bin/sh \
--name "$docker_container" \ --name "$docker_container" \
"$docker_image" > /dev/null "$docker_image" > /dev/null
docker exec --user root --detach "$docker_container" \
nginx -c /etc/nginx/nginx.conf
may_restore_identity may_restore_identity
may_restore_accounts may_restore_accounts
fi fi
@ -188,7 +190,7 @@ stop_container() {
save_identity ## Saving again, just in case... save_identity ## Saving again, just in case...
save_accounts save_accounts
printf "Stopping the container... " printf "Stopping the container... "
docker stop "$docker_container" docker stop "$docker_container" >/dev/null
echo " done" echo " done"
} }
@ -400,10 +402,16 @@ assert_uptodate() {
update_script() { update_script() {
pull_image pull_image
tmp="$(docker run -dit --entrypoint /bin/true "$docker_image")" tmp="$(docker run --rm -dit --entrypoint /bin/true "$docker_image")"
docker cp "$tmp:home/tezos/scripts/alphanet.sh" "$0" docker cp "$tmp:home/tezos/scripts/alphanet.sh" ".alphanet.sh.new"
docker stop "$tmp" docker stop "$tmp" > /dev/null
if ! diff .alphanet.sh.new "$0" >/dev/null 2>&1 ; then
mv .alphanet.sh.new "$0"
echo "\033[32mThe script has been updated.\033[0m" echo "\033[32mThe script has been updated.\033[0m"
else
rm .alphanet.sh.new
echo "\033[32mThe script is up to date.\033[0m"
fi
} }
usage() { usage() {
@ -470,6 +478,10 @@ case "$command" in
exec "$0" start "$@" exec "$0" start "$@"
;; ;;
clear) clear)
if check_container; then
echo "\033[31mCannot clear data while the container is running.\033[0m"
exit 1
fi
clear_volume clear_volume
;; ;;
status) status)

12
scripts/alphanet_constants.patch
View File

@ -22,15 +22,3 @@ diff --git a/src/proto/alpha/constants_repr.ml b/src/proto/alpha/constants_repr.
max_signing_slot = 15 ; max_signing_slot = 15 ;
instructions_per_transaction = 16 * 1024 ; instructions_per_transaction = 16 * 1024 ;
proof_of_work_threshold = proof_of_work_threshold =
diff --git a/src/node/shell/distributed_db_message.ml b/src/node/shell/distributed_db_message.ml
--- a/src/node/shell/distributed_db_message.ml
+++ b/src/node/shell/distributed_db_message.ml
@@ -144,7 +144,7 @@ let encoding =
let versions =
let open P2p.Version in
- [ { name = "TEZOS" ;
+ [ { name = "TEZOS_ALPHANET" ;
major = 0 ;
minor = 5 ;
}

12
scripts/alphanet_next.patch
View File

@ -1,15 +1,3 @@
diff --git a/src/node/shell/distributed_db_message.ml b/src/node/shell/distributed_db_message.ml
--- a/src/node/shell/distributed_db_message.ml
+++ b/src/node/shell/distributed_db_message.ml
@@ -144,7 +144,7 @@ let encoding =
let versions =
let open P2p.Version in
- [ { name = "TEZOS_ALPHANET" ;
+ [ { name = "TEZOS_ALPHANET_NEXT" ;
major = 0 ;
minor = 5 ;
}
diff --git a/scripts/alphanet.sh b/scripts/alphanet.sh diff --git a/scripts/alphanet.sh b/scripts/alphanet.sh
--- a/scripts/alphanet.sh --- a/scripts/alphanet.sh
+++ b/scripts/alphanet.sh +++ b/scripts/alphanet.sh

6
scripts/client_lib.inc.sh
View File

@ -28,12 +28,12 @@ wait_for_the_node_to_be_bootstraped() {
may_create_identity() { may_create_identity() {
if ! $client get balance "my_identity" >/dev/null 2>&1 ; then if ! $client get balance "my_identity" >/dev/null 2>&1 ; then
echo "Generating new manager key (known as 'my_identity')..." echo "Generating new manager key (known as 'my_identity')..."
$client gen keys my_identity $client gen keys "my_identity"
fi fi
if ! $client get balance "my_account" >/dev/null 2>&1 ; then if ! $client get balance "my_account" >/dev/null 2>&1 ; then
echo "Creating new account for 'my_identity' (known as 'my_account')..." echo "Creating new account for 'my_identity' (known as 'my_account')..."
$client forget contract my_account || true >/dev/null 2>&1 $client forget contract "my_account" >/dev/null 2>&1 || true
$client originate free account my_account for my_identity $client originate free account "my_account" for "my_identity"
fi fi
} }

26
scripts/docker_entrypoint.inc.sh
View File

@ -7,20 +7,24 @@ node="${node:=tezos-node}"
client="${client:=tezos-client -base-dir \"$client_dir\"}" client="${client:=tezos-client -base-dir \"$client_dir\"}"
init() { init() {
if [ -f "$data_dir/alphanet_version" ] && \ if [ ! -f "$data_dir/alphanet_version" ] || \
[ "$(cat $data_dir/alphanet_version)" \ [ "$(cat "$data_dir/alphanet_version")" \
!= "$(cat ~/scripts/alphanet_version)" ]; then != "$(cat ~/scripts/alphanet_version)" ]; then
echo "\033[33mThe alphanet chain has been reset\033[0m" echo -e "\033[33mThe alphanet chain has been reset\033[0m"
mv "$node_dir/identity.json" /tmp mkdir -p "$data_dir/bak"
mv "$client_dir/public key hashs" /tmp mv "$node_dir/identity.json" \
mv "$client_dir/public keys" /tmp "$client_dir/public key hashs" \
mv "$client_dir/secret keys" /tmp "$client_dir/public keys" \
"$client_dir/secret keys" \
"$data_dir/bak"
rm -rf "$node_dir" "$client_dir" rm -rf "$node_dir" "$client_dir"
mkdir -p "$node_dir" "$client_dir" mkdir -p "$node_dir" "$client_dir"
mv "/tmp/identity.json" "$node_dir/" mv "$data_dir/bak/identity.json" "$node_dir/"
mv "/tmp/public key hashs" "$client_dir/" mv "$data_dir/bak/public key hashs" "$client_dir/"
mv "/tmp/public keys" "$client_dir/" mv "$data_dir/bak/public keys" "$client_dir/"
mv "/tmp/secret keys" "$client_dir/" mv "$data_dir/bak/secret keys" "$client_dir/"
rmdir "$data_dir/bak"
cp ~/scripts/alphanet_version "$data_dir/alphanet_version"
fi fi
if [ ! -f "$node_dir/config.json" ]; then if [ ! -f "$node_dir/config.json" ]; then
"$node" config init \ "$node" config init \

31
scripts/nginx.conf Normal file
View File

@ -0,0 +1,31 @@
# /etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log off;
events {
worker_connections 1024;
}
http {
server_tokens off;
client_max_body_size 0;
keepalive_timeout 65;
tcp_nodelay on;
access_log off;
server {
listen 80 default_server;
listen [::]:80 default_server;
location / {
proxy_pass http://127.0.0.1:8732/;
}
location ~ ^/(validate_block|network/connection/.*/kick|network/connect/|(forge|inject)_(block|operation|protocol)/) {
return 404;
}
location = /404.html {
internal;
}
}
}