balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Docker: export "safe" RPCs from the container.

Browse Source
This commit is contained in:
Grégoire Henry 2017-04-17 02:25:20 +02:00
parent 9480d411a2
commit 72e200bfd3
8 changed files with 77 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitlab-ci.yml
View File

@ -173,6 +173,7 @@ build:docker:alphanet:
only:
- alphanet@tezos/tezos
script:
- sed -i s/TEZOS/TEZOS_ALPHANET/ src/node/shell/distributed_db_message.ml
- patch -p1 < scripts/alphanet_constants.patch
- ./scripts/create_docker_image.sh
"${CI_REGISTRY_IMAGE}" "${CI_BUILD_REF}.patched" .
@ -185,6 +186,7 @@ build:docker:alphanet_next:
only:
- master@tezos/tezos
script:
- sed -i s/TEZOS/TEZOS_ALPHANET_NEXT/ src/node/shell/distributed_db_message.ml
- patch -p1 < scripts/alphanet_constants.patch
- patch -p1 < scripts/alphanet_next.patch
- ./scripts/create_docker_image.sh
@ -296,9 +298,7 @@ deploy:alphanet_next:
- echo "${CI_KH}" > ~/.ssh/known_hosts
- echo "${CI_PK_ALPHANET_NEXT}" > ~/.ssh/id_ed25519
- chmod 400 ~/.ssh/id_ed25519
- ssh greg@zo.gbzm.fr
- ssh tezos@35.167.138.212
- ssh tezos@35.165.227.4
- echo | ssh -v greg@zo.gbzm.fr
allow_failure: true
cleanup:

9
scripts/Dockerfile.binaries.in
View File

@ -2,11 +2,11 @@ FROM alpine:$alpine_version
LABEL distro_style="apk" distro="alpine" distro_long="alpine-$alpine_version" arch="x86_64" operatingsystem="linux"
RUN apk update && \
RUN adduser -S tezos && \
apk update && \
apk upgrade && \
apk add sudo bash libssl1.0 libsodium libev gmp git && \
apk add sudo bash libssl1.0 libsodium libev gmp git nginx && \
rm -f /var/cache/apk/* && \
adduser -S tezos && \
echo 'tezos ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/tezos && \
chmod 440 /etc/sudoers.d/tezos && \
chown root:root /etc/sudoers.d/tezos && \
@ -30,6 +30,9 @@ RUN sudo cp scripts/docker_entrypoint.sh /usr/local/bin/tezos && \
RUN sudo mkdir -p /var/run/tezos && \
sudo chown tezos /var/run/tezos
RUN sudo mkdir -p /run/nginx && \
sudo cp scripts/nginx.conf /etc/nginx
ENV EDITOR=vi
VOLUME /var/run/tezos

24
scripts/alphanet.sh
View File

@ -128,7 +128,7 @@ check_volume() {
clear_volume() {
if check_volume ; then
docker volume rm "$docker_volume"
docker volume rm "$docker_volume" > /dev/null
echo "\033[32mThe blockchain data has been removed from the disk.\033[0m"
else
echo "\033[32mNo remaining data to be removed from the disk.\033[0m"
@ -170,11 +170,13 @@ start_container() {
fi
docker rm "$docker_container" || true > /dev/null 2>&1
echo "Launching the docker container..."
docker run -dit -p "$port:$port" \
docker run --rm -dit -p "$port:$port" -p "8732:80" \
-v $docker_volume:/var/run/tezos \
--entrypoint /bin/sh \
--name "$docker_container" \
"$docker_image" > /dev/null
docker exec --user root --detach "$docker_container" \
nginx -c /etc/nginx/nginx.conf
may_restore_identity
may_restore_accounts
fi
@ -188,7 +190,7 @@ stop_container() {
save_identity ## Saving again, just in case...
save_accounts
printf "Stopping the container... "
docker stop "$docker_container"
docker stop "$docker_container" >/dev/null
echo " done"
}
@ -400,10 +402,16 @@ assert_uptodate() {
update_script() {
pull_image
tmp="$(docker run -dit --entrypoint /bin/true "$docker_image")"
docker cp "$tmp:home/tezos/scripts/alphanet.sh" "$0"
docker stop "$tmp"
tmp="$(docker run --rm -dit --entrypoint /bin/true "$docker_image")"
docker cp "$tmp:home/tezos/scripts/alphanet.sh" ".alphanet.sh.new"
docker stop "$tmp" > /dev/null
if ! diff .alphanet.sh.new "$0" >/dev/null 2>&1 ; then
mv .alphanet.sh.new "$0"
echo "\033[32mThe script has been updated.\033[0m"
else
rm .alphanet.sh.new
echo "\033[32mThe script is up to date.\033[0m"
fi
}
usage() {
@ -470,6 +478,10 @@ case "$command" in
exec "$0" start "$@"
;;
clear)
if check_container; then
echo "\033[31mCannot clear data while the container is running.\033[0m"
exit 1
fi
clear_volume
;;
status)

12
scripts/alphanet_constants.patch
View File

@ -22,15 +22,3 @@ diff --git a/src/proto/alpha/constants_repr.ml b/src/proto/alpha/constants_repr.
max_signing_slot = 15 ;
instructions_per_transaction = 16 * 1024 ;
proof_of_work_threshold =
diff --git a/src/node/shell/distributed_db_message.ml b/src/node/shell/distributed_db_message.ml
--- a/src/node/shell/distributed_db_message.ml
+++ b/src/node/shell/distributed_db_message.ml
@@ -144,7 +144,7 @@ let encoding =
let versions =
let open P2p.Version in
- [ { name = "TEZOS" ;
+ [ { name = "TEZOS_ALPHANET" ;
major = 0 ;
minor = 5 ;
}

12
scripts/alphanet_next.patch
View File

@ -1,15 +1,3 @@
diff --git a/src/node/shell/distributed_db_message.ml b/src/node/shell/distributed_db_message.ml
--- a/src/node/shell/distributed_db_message.ml
+++ b/src/node/shell/distributed_db_message.ml
@@ -144,7 +144,7 @@ let encoding =
let versions =
let open P2p.Version in
- [ { name = "TEZOS_ALPHANET" ;
+ [ { name = "TEZOS_ALPHANET_NEXT" ;
major = 0 ;
minor = 5 ;
}
diff --git a/scripts/alphanet.sh b/scripts/alphanet.sh
--- a/scripts/alphanet.sh
+++ b/scripts/alphanet.sh

6
scripts/client_lib.inc.sh
View File

@ -28,12 +28,12 @@ wait_for_the_node_to_be_bootstraped() {
may_create_identity() {
if ! $client get balance "my_identity" >/dev/null 2>&1 ; then
echo "Generating new manager key (known as 'my_identity')..."
$client gen keys my_identity
$client gen keys "my_identity"
fi
if ! $client get balance "my_account" >/dev/null 2>&1 ; then
echo "Creating new account for 'my_identity' (known as 'my_account')..."
$client forget contract my_account || true >/dev/null 2>&1
$client originate free account my_account for my_identity
$client forget contract "my_account" >/dev/null 2>&1 || true
$client originate free account "my_account" for "my_identity"
fi
}

26
scripts/docker_entrypoint.inc.sh
View File

@ -7,20 +7,24 @@ node="${node:=tezos-node}"
client="${client:=tezos-client -base-dir \"$client_dir\"}"
init() {
if [ -f "$data_dir/alphanet_version" ] && \
[ "$(cat $data_dir/alphanet_version)" \
if [ ! -f "$data_dir/alphanet_version" ] || \
[ "$(cat "$data_dir/alphanet_version")" \
!= "$(cat ~/scripts/alphanet_version)" ]; then
echo "\033[33mThe alphanet chain has been reset\033[0m"
mv "$node_dir/identity.json" /tmp
mv "$client_dir/public key hashs" /tmp
mv "$client_dir/public keys" /tmp
mv "$client_dir/secret keys" /tmp
echo -e "\033[33mThe alphanet chain has been reset\033[0m"
mkdir -p "$data_dir/bak"
mv "$node_dir/identity.json" \
"$client_dir/public key hashs" \
"$client_dir/public keys" \
"$client_dir/secret keys" \
"$data_dir/bak"
rm -rf "$node_dir" "$client_dir"
mkdir -p "$node_dir" "$client_dir"
mv "/tmp/identity.json" "$node_dir/"
mv "/tmp/public key hashs" "$client_dir/"
mv "/tmp/public keys" "$client_dir/"
mv "/tmp/secret keys" "$client_dir/"
mv "$data_dir/bak/identity.json" "$node_dir/"
mv "$data_dir/bak/public key hashs" "$client_dir/"
mv "$data_dir/bak/public keys" "$client_dir/"
mv "$data_dir/bak/secret keys" "$client_dir/"
rmdir "$data_dir/bak"
cp ~/scripts/alphanet_version "$data_dir/alphanet_version"
fi
if [ ! -f "$node_dir/config.json" ]; then
"$node" config init \

31
scripts/nginx.conf Normal file
View File

@ -0,0 +1,31 @@
# /etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log off;
events {
worker_connections 1024;
}
http {
server_tokens off;
client_max_body_size 0;
keepalive_timeout 65;
tcp_nodelay on;
access_log off;
server {
listen 80 default_server;
listen [::]:80 default_server;
location / {
proxy_pass http://127.0.0.1:8732/;
}
location ~ ^/(validate_block|network/connection/.*/kick|network/connect/|(forge|inject)_(block|operation|protocol)/) {
return 404;
}
location = /404.html {
internal;
}
}
}