From 304edc16f4f30fb64427d054e8444d5f6e3154f4 Mon Sep 17 00:00:00 2001 From: Sjors Provoost Date: Sat, 9 Jun 2018 17:33:00 +0200 Subject: [PATCH] Armbian: Bionic build script, instructions for Virtual Box --- Gemfile | 2 +- Gemfile.lock | 3 +- INSTALL.md | 6 +- README.md | 2 +- vendor/AWS/Matreon.Template | 7 +- vendor/armbian/README.md | 337 ++++++++++++++++++++++++++++ vendor/armbian/customize-image.sh | 160 +++++++++++++ vendor/armbian/emmc-boot.service | 11 + vendor/armbian/emmc-boot.sh | 75 +++++++ vendor/armbian/lib.config | 14 ++ vendor/bitcoin/bitcoin-1GB-RAM.conf | 4 + vendor/bitcoin/bitcoin.conf | 2 +- vendor/www/rails.service | 4 +- 13 files changed, 616 insertions(+), 11 deletions(-) create mode 100644 vendor/armbian/README.md create mode 100644 vendor/armbian/customize-image.sh create mode 100644 vendor/armbian/emmc-boot.service create mode 100755 vendor/armbian/emmc-boot.sh create mode 100644 vendor/armbian/lib.config create mode 100644 vendor/bitcoin/bitcoin-1GB-RAM.conf diff --git a/Gemfile b/Gemfile index 85ae5a8..90cc294 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,4 @@ -ruby '2.4.2' +ruby '2.5.1' source 'https://rubygems.org' git_source(:github) do |repo_name| diff --git a/Gemfile.lock b/Gemfile.lock index 7c72136..3058e11 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -374,7 +374,6 @@ DEPENDENCIES mini_racer pg puma (~> 3.11) - rack-proxy rack-timeout rails (~> 5.1.6) rails-controller-testing @@ -395,7 +394,7 @@ DEPENDENCIES webpacker RUBY VERSION - ruby 2.4.2p198 + ruby 2.5.1p57 BUNDLED WITH 1.16.2 diff --git a/INSTALL.md b/INSTALL.md index 73f8436..6e0a6e3 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -58,9 +58,11 @@ heroku config:add PODCAST_URL=https://example.com/podcast.rss In Heroku click "Ad a new job", enter `rake podcast:fetch` and press `Save`. Suggested frequency is hourly. -## Other +## Armbian: Orange / Nano / etc Pi devices + +Instructions [here](/vendor/armbian). -Coming soon, hopefully: Ubuntu on [Orange Pi](https://github.com/Sjors/matreon/issues/53) and [Nanopi](https://github.com/Sjors/matreon/issues/54). +## Other In addition to the sections below, I suggest studying the [AWS template](/vendor/AWS/Matreon.Template) and the various scripts in [/vendor](/vendor). diff --git a/README.md b/README.md index 8729a60..e56b01e 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Once it's stopped, click on the Actions button -> Instance Settings -> Change ns This [blog post](https://medium.com/provoost-on-crypto/bitcoin-core-lightning-rails-on-aws-ad3bd45b11e0) explains the steps in more detail. -[INSTALL.md](/INSTALL.md) has instructions for Heroku and other platforms. +[INSTALL.md](/INSTALL.md) has instructions for Orange / Nano / etc Pi micro boards, Heroku and other platforms. ## Development diff --git a/vendor/AWS/Matreon.Template b/vendor/AWS/Matreon.Template index fc52a2f..6d9fbf8 100644 --- a/vendor/AWS/Matreon.Template +++ b/vendor/AWS/Matreon.Template @@ -272,8 +272,6 @@ Resources: gcc-c++: [] automake: [] libtool: [] - gmp-devel: [] - sqlite-devel: [] python3: [] net-tools: [] @@ -333,6 +331,11 @@ Resources: && ln -s /mnt/ssd/bitcoin /home/bitcoin/big-disk && chown -h bitcoin:bitcoin /home/bitcoin/big-disk install_lightningd: + packages: + yum: + gmp-devel: [] + sqlite-devel: [] + commands: 01_clone_repo: command: git clone https://github.com/ElementsProject/lightning /usr/local/src/lightning diff --git a/vendor/armbian/README.md b/vendor/armbian/README.md new file mode 100644 index 0000000..d38faa1 --- /dev/null +++ b/vendor/armbian/README.md @@ -0,0 +1,337 @@ +Use [Armbian](https://www.armbian.com) to (automagically) compile Linux for your device, +compile Bitcoin Core, Lightning and install all the other things you need, copy +the blockchain and create an image for your SD card. + +## Ingredients + +* a board supported by Armbian. I suggest >= 16 GB eMMC storage and >= 2 GB of RAM +* 1 microSD card >= 8 GB (only used for installation) +* 1 microSD card >= 64 GB (stays in device, you can also use it during installation) +* a computer (ideally >= 300 GB free space, >= 16 GB RAM) +* a microSD card reader + +## Download and prune blockchain + +Download and install Bitcoin Core on your computer and wait for the full blockchain +to sync. A few hints, if you open the Preferences (`Command` + `,` on macOS): + +* set "Size of database cache" to 1 GB less than your RAM (though no more than 10 GB). This makes things a lot faster. +* click Open Configuration File and enter `prune=1` +* if you have less than 200 GB of free disk space, use`prune=...` instead, with the amount in megabytes. Make it as large as possible, no less than 30000, but leave at least 50 GB free space. Unfortunately this does slow things down a bit. When you're done, you can reduce it all the way to 2 GB. +* if you have an existing installation, make a copy of your bitcoin data directory (see below). Delete your wallet from the copy. If you don't have space for a fully copy, you can also put this copy on a USB drive. + +When it's done, open Help -> Debug Window. Click on the console tab and enter: `pruneblockchain 504500` + +This deletes all the blocks from the days before Lightning, about 20 GB at the time of writing. + +## Put blocks on microSD + +Use the 64 GB disk. If you only have one microSD card, you should perform this step +after you finish [copying the bootable microSD image to eMMC](#Copy_microSD_card_to_device_eMMC). + +Format the disk as `ExFAT`, with GUID partitioning, if it isn't already. + +On a Mac, open Disk Utility. Find the SD card, right click an choose Wipe. Select +ExFAT under Structure and GUID below. Create a directory `bitcoin` on the disk, +and a directory `blocks` in side of it. For testnet, create `bitcoin/testnet3/blocks`. + +Find the Bitcoin data directory (`Library/Application Support/Bitcoin` on macOS) +and open its `blocks` directory. Copy all files in `blocks` to this directory, +except for the index folder. + +## Put rest of chain data in a shared folder + +Create a `shared` folder somewhere on your computer. Create a directory `bitcoin/blocks` +inside of it, copy only the `blocks/index` folder to it. Also copy the `chainstate` +directory to the `shared/bitcoin` folder. + +## Virtual Box + +Download [Virtual Box](https://www.virtualbox.org/wiki/Downloads), install it and +when it asks, also install the guest extensions. The latter lets you share a folder +between your computer and the VM. + +Armbian is picky about which Ubuntu version you use, so we'll use Ubuntu 18.04 Bionic +both for the virtual machine as well as the device. If that doesn't work for some reason, +the instructions below and all scripts most likely also work for Ubuntu 16.04 Xenial. + +If you already use Ubuntu 18.04 then of course you won't need the virtual machine, +though if you run into strange errors, it might be worth trying. + +Download the [Ubuntu Server installer](https://www.ubuntu.com/download/server). + +Here's a good [step by step guide](https://github.com/bitcoin-core/docs/blob/master/gitian-building/gitian-building-create-vm-debian.md) +for installing the VM, which some changes: + +* where it says "Debian", select "Ubuntu" +* whenever you need a machine / user / disk name, enter "armbian" +* give it as many CPU's as you have, but limit them to 90% so your machine doesn't freeze +* give it at least 4 GB RAM, or 2 GB for every CPU you have, whichever is more +* disk size: 50 GB should do +* you can skip the Network Tab section, but + * you should become familiar with SSH anyhow + * Ubuntu doesn't enable SSH by default, so type `sudo apt-get install shh` after installation +* the Ubuntu installer is pretty similar to the Debian one shown on that page (when in doubt, press enter) + * it skips the root user stuff, so you just need to create a single password + +Go to the settings page of +your virtual machine, to the Shared Folders tab. Click the + button, find the +folder you just created, enter `shared` as the name and check the auto mount box. + + + +Once the installation is complete, it should reboot the VM and you should see a +login prompt. Use the password you entered earlier. + +Click on the VM window and then select Insert Guest Editions CD from the Devices menu. + +TODO: put most of the below in a script, split between prep and (re)build. + +Get Ubuntu up to date: + +``` +sudo apt-get update +sudo apt-get upgrade +``` + +To install the Guest Editions: + +``` +sudo apt-get install build-essential linux-headers-`uname -r` +sudo /media/cdrom/./VBoxLinuxAdditions.run +``` + +If for some reason after inserting guest editions `/media/cdrom` doesn't exist, try: + +``` +sudo mkdir --p /media/cdrom +sudo mount -t auto /dev/cdrom /media/cdrom/ +cd /media/cdrom/ +sudo sh VBoxLinuxAdditions.run +``` + +Then reboot: `sudo reboot` + + +Mount the shared drive with the correct permissions: + +```sh +export USER_ID=`id -u` +export GROUP_ID=`id -g` +mkdir ~/shared +sudo mount -t vboxsf -o umask=0022,gid=$GROUP_ID,uid=$USER_ID shared ~/shared +``` + +Make sure everything is there: + +```sh +ls ~/shared +# bitcoin +ls ~/shared/bitcoin +# blocks chainstate +``` + +## Cross compile Bitcoin Core + +We need to cross-compile Bitcoin Core and C-Lightning, because it's too slow to +do this during customize-image. In addition, we're compiling the master branch +rather than the latest release tag, because we need ``-blocksdir`. + +```sh +sudo apt-get install automake autotools-dev libtool g++-aarch64-linux-gnu \ + g++-arm-linux-gnueabihf pkg-config ccache + +mkdir src +git clone https://github.com/bitcoin/bitcoin.git src/bitcoin + +# TODO: Switch to release v0.17 tag once available +# TODO: reuse install code between AWS and Armbian (with compile or fetch binary flag) + +pushd src/bitcoin + pushd depends + # TODO: check if 32 or 64 bit is required + # make HOST=arm-linux-gnueabihf NO_WALLET=1 NO_UPNP=1 NO_QT=1 -j5 + make HOST=aarch64-linux-gnu NO_WALLET=1 NO_UPNP=1 NO_QT=1 -j5 + popd + ./autogen.sh + # TODO: check if 32 or 64 bit is required + # ./configure --disable-bench --disable-tests --prefix=$PWD/depends/arm-linux-gnueabihf --enable-glibc-back-compat --enable-reduce-exports LDFLAGS=-static-libstdc++ + ./configure --disable-bench --disable-tests --prefix=$PWD/depends/aarch64-linux-gnu --enable-glibc-back-compat --enable-reduce-exports LDFLAGS=-static-libstdc++ + # TODO: get CPU count and memory + make -j5 +popd +``` + +## Cross compile C-Lightning + +TODO: figure out how to cross compile, see https://github.com/ElementsProject/lightning/pull/1558 + +## Armbian + +Clone the Armbian repo and the Matreon customization script: + +``` +git clone --depth 1 https://github.com/armbian/build +git clone https://github.com/Sjors/matreon.git +``` + +Copy the Matreon custom build scripts to the right place: + +```sh +mkdir -p build/userpatches/overlay/bin +cp matreon/vendor/armbian/customize-image.sh build/userpatches +cp matreon/vendor/armbian/lib.config build/userpatches +``` + +Copy bitcoind to the right place: + +```sh +cp src/bitcoin/src/bitcoind src/bitcoin/src/bitcoin-cli build/userpatches/overlay/bin +``` + +Copy block index and chainstate: + +```sh +mkdir -p ~/build/userpatches/overlay/bitcoin/blocks +cp -r ~/shared/bitcoin/blocks/index ~/build/userpatches/overlay/bitcoin/blocks +cp -r ~/shared/chainstate ~/build/userpatches/overlay/bitcoin +# Doesn't work, block and chainstate will be empty during the build: +# mkdir ~/build/userpatches/overlay/blocks +# mkdir ~/build/userpatches/overlay/chainstate +# sudo mount --bind ~/shared/blocks ~/build/userpatches/overlay/blocks +# sudo mount --bind ~/shared/chainstate ~/build/userpatches/overlay/chainstate +``` + +Create an SSH key if you don't have one already and then copy `~/.ssh/id_rsa.pub` +to the shared folder. If present, your pi will only be accessible via SSH using that +key, whereas password login will only work if you have physical access to the device. + +### Start Armbian build + +```sh +cd build +./compile.sh RELEASE=bionic BUILD_DESKTOP=no KERNEL_ONLY=no KERNEL_CONFIGURE=no PRIVATE_CCACHE=yes +``` + +After some initial work, it will ask you to select your board. Do so, and then sit +back and wait... If all goes well, it should output something like: + +``` +[ o.k. ] Writing U-boot bootloader [ /dev/loop1 ] +[ o.k. ] Done building [ /home/armbian/build/output/images/Armbian_5.46_Nanopineoplus2_Ubuntu_bionic_next_4.14.48.img ] +[ o.k. ] Runtime [ 30 min ] +``` + +Move the resulting image to the shared folder so you can access it: + +```sh +mv /home/armbian/build/output/images/Armbian*.img ~/shared +``` + +You can shut the VM down now. + +## Prepare bootable microSD card + +Use [Etcher](https://etcher.io) to put the resulting `.img` file on the 8 GB SD card. + +The first time you login your user is `pi` and your password is `pi` (you'll be ask to pick a new one). + +If everything works, you can delete the VM if you like, but if you keep it around, +the second time will be faster.I haven't worked out an upgrade mechanism yet. For +the most part the device could just update itself. But for more complex changes, +it might make more sense to build a new machine image from scratch and use it +on a backup of your data. + +This is a good time to enable wifi if your device supports it: + +```sh +nmcli d wifi list +sudo nmcli d wifi connect SSID password PASSWORD +sudo service network-manager start +``` + +To connect to it via SSH, first, find the IP address (most likely under wlan, `inet 192.168.x.x`): + +```sh +ifconfig +``` + +On your computer, edit `.ssh/config` and add: + +``` +Host pi-wifi + HostName 192.168.x.x + User pi +``` + +## Copy microSD card to device eMMC + +The device has eMMC storage which is faster than the microSD card, and you want +to be able to replace this card with the 64 GB one that holds the blocks. + +To copy it over: + +```sh +sudo nand-sata-install +``` + +This powers off the device when its done. Eject the 8 GB microSD card and start +the device. + +## Mount the blocks microSD card + +Insert the 64 GB card. Find it, using `lsblk`, which should look like this: + +``` +NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT +mmcblk2 179:0 0 7.3G 0 disk +└─mmcblk2p1 179:1 0 7.2G 0 part / +mmcblk2boot0 179:32 0 4M 1 disk +mmcblk2boot1 179:64 0 4M 1 disk +mmcblk0 179:96 0 63.8G 0 disk +├─mmcblk0p1 179:97 0 200M 0 part +└─mmcblk0p2 179:98 0 63.4G 0 part +``` + +You can recognize it by its size. To permanently mount it: + +``` +sudo -s +echo "/dev/mmcblk0 /mnt/sdcard exfat defaults 0 0" >> /etc/fstab +mount -a +``` + +The [emmc-boot service](/vendor/armbian/emmc-boot.sh) will detect this and +start spinning up Bitcoin, Lightning and the web server. It may take a few minutes. + +## Check + +In your browser, go to http://192.168.0.100/ (enter the device IP address). +You'll initially get a 500 error page (rather than nothing), but after a few minutes +you Matreon page should appear! + +Try signing up as your own fan and make a 1 satoshi payment. + +## Your domain & HTTPS + +Only do this if you're comfortable with the whole world knowing your IP address. +I'm working on Tor support as a more privacy friendly alternative. + +Your device needs to be visisble from the internet, so you have to forward port +80 and 443 from your router to the device. In addition you need to forward port 9735 +so your fans can connect to your Lightning node and pay you. Ideally you should +also forward port 8883 so other Bitcoin nodes can connect to you. + +You then need to create an A Record in your domains DNS settings that points to +your IP. + +Matreon will automatically obtain an HTTPS certificate for you if, during the +steps above [TODO...] you entered a domain name, enabled https and provided an +email address. As soon as it detects the A-Record, it will request the certificate +and your domain should now work at https://... + +## Congrats + +If you pulled this off successfully, you now have the right skills to help the +world verify that Bitcoin Core binaries are actually derived from the source code. +Consider [contributing a Gitian build](https://github.com/bitcoin-core/docs/blob/master/gitian-building.md). diff --git a/vendor/armbian/customize-image.sh b/vendor/armbian/customize-image.sh new file mode 100644 index 0000000..a9cec7f --- /dev/null +++ b/vendor/armbian/customize-image.sh @@ -0,0 +1,160 @@ +#!/bin/bash + +# arguments: $RELEASE $LINUXFAMILY $BOARD $BUILD_DESKTOP +# +# This is the image customization script + +# NOTE: It is copied to /tmp directory inside the image +# and executed there inside chroot environment +# so don't reference any files that are not already installed + +# NOTE: If you want to transfer files between chroot and host +# userpatches/overlay directory on host is bind-mounted to /tmp/overlay in chroot + +RELEASE=$1 +LINUXFAMILY=$2 +BOARD=$3 +BUILD_DESKTOP=$4 + +# TODO: exit with non-zero status if anything goes wrong + +sudo -s <<'EOF' + # Disable root login + passwd -l root + + # User with sudo rights and initial password: + useradd pi -m -s /bin/bash --groups sudo + echo "pi:pi" | chpasswd + passwd -e pi + echo "pi ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/pi + + # Create users (without password) and groups + useradd bitcoin -m -s /bin/bash && passwd -l bitcoin + useradd charge -m -s /bin/bash && passwd -l charge + useradd matreon -m -s /bin/bash && passwd -l matreon + useradd certbot -m -s /bin/bash && passwd -l certbot + + groupadd lightningrpc + usermod -a -G lightningrpc bitcoin + usermod -a -G lightningrpc charge +EOF + +# TODO copy ssh pubkey if found, disable password SSH login + +# Install NodeJS and Yarn +curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash - +sudo apt-get install -y nodejs +curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - +echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list +sudo apt-get update && sudo apt-get install yarn + +# Various installation scripts and systemd services: +mkdir src +pushd src + git clone https://github.com/Sjors/matreon.git /usr/local/src + + # Use branch: (TODO: switch to master) + cd /usr/local/src/matreon && git checkout 2018/06/armbian + + cp /usr/local/src/matreon/vendor/**/*.service /lib/systemd/system + cp /usr/local/src/matreon/vendor/**/*.path /lib/systemd/system +popd + +# Install Bitcoin Core +sudo cp /tmp/overlay/bin/bitcoin* /usr/local/bin + +# Configure Bitcoin Core: +sudo -s <<'EOF' + mkdir /home/bitcoin/.bitcoin + cp /usr/local/src/matreon/vendor/bitcoin/bitcoin.conf /home/bitcoin/.bitcoin + # TODO: get GB RAM from $BOARD or user input (menu?) + cat /usr/local/src/matreon/vendor/bitcoin/bitcoin-1GB-RAM.conf >> /home/bitcoin/.bitcoin/bitcoin.conf + + # TODO: this assumes >= 64 MB, handle 8 / 16/ 32 MB cards: + echo "prune=50000" >> /home/bitcoin/.bitcoin/bitcoin.conf + + # TODO: offer choice between mainnet and testnet + echo "testnet=1" >> /home/bitcoin/.bitcoin/bitcoin.conf + + # Copy block index and chain state from host: + echo "blocksdir=/mnt/sdcard/bitcoin" >> /home/bitcoin/.bitcoin/bitcoin.conf + mkdir -p /home/bitcoin/.bitcoin/blocks/index # Index stays in place when using -blocksdir + mkdir -p /home/bitcoin/.bitcoin/testnet3/blocks/index + mkdir /home/bitcoin/.bitcoin/chainstate + mkdir /home/bitcoin/.bitcoin/testnet3/chainstate + # cp /tmp/overlay/chainstate/* /home/bitcoin/.bitcoin/chainstate + cp /tmp/overlay/testnet3/chainstate/* /home/bitcoin/.bitcoin/testnet3/chainstate + # cp /tmp/overlay/blocks/index/* /home/bitcoin/.bitcoin/blocks/index + cp /tmp/overlay/testnet3/blocks/index/* /home/bitcoin/.bitcoin/testnet3/blocks/index + + chown -R bitcoin:bitcoin /home/bitcoin/.bitcoin +EOF + +# Install c-lightning +pushd src + git clone https://github.com/ElementsProject/lightning +popd + +pushd src/lightning + # TODO: too slow, cross-compile on host VM + make -j5 # TODO: get CPU count and memory + sudo make install +popd + +# Configure c-lightning +sudo -s <<'EOF' + mkdir /home/bitcoin/.lightning + cp src/matreon/vendor/lightning/config /home/bitcoin/.lightning + # TODO: offer choice + # echo "network=bitcoin" >> /home/bitcoin/.lightning/config + echo "network=testnet" >> /home/bitcoin/.lightning/config + chown -R bitcoin:bitcoin /home/bitcoin/.lightning +EOF + +# Start postgres server, create database +sudo service postgresql start +sudo su - postgres <<'EOF' + createuser matreon + createdb -O matreon matreon +EOF + +# Install Lightning Charge +sudo su - charge <<'EOF' + touch ~/.env + mkdir ~/.npm-global && npm config set prefix '~/.npm-global' + echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc + source ~/.bashrc + git clone https://github.com/Sjors/lightning-charge + cd lightning-charge + git checkout 2018/05/node-uri + npm link +EOF + +# Install Bundler for Ruby +sudo gem install bundler --no-document + +# Install Matreon Rails + +# Intentionally cloning this repo again, to allow seperate updating of the Rails +# app and the rest of the system: +sudo mkdir -p /var/www/matreon +sudo chown -R matreon:matreon /var/www/matreon +sudo su - matreon <<'EOF' + git clone https://github.com/Sjors/matreon.git /var/www/matreon + + # Use branch: (TODO: switch to master) + cd /var/www/matreon && git checkout 2018/06/armbian +EOF + +sudo -H -u matreon bash -c 'echo "RAILS_ENV=production +NODE_ENV=production +DATABASE_URL=postgres:///matreon +" > ~/.env' + +# Intall certbot +sudo add-apt-repository -y ppa:certbot/certbot +sudo apt-get update +sudo apt-get install -y python-certbot-nginx + +# Finish system configuration after first boot from eMMC: +systemctl enable emmc-boot.service diff --git a/vendor/armbian/emmc-boot.service b/vendor/armbian/emmc-boot.service new file mode 100644 index 0000000..5f7ffe8 --- /dev/null +++ b/vendor/armbian/emmc-boot.service @@ -0,0 +1,11 @@ +[Unit] +Description=eMMC boot script + +[Service] +ExecStart=/usr/local/src/matreon/vendor/armbian/emmc-boot.sh + +User=root +Type=oneshot + +[Install] +WantedBy=multi-user.target diff --git a/vendor/armbian/emmc-boot.sh b/vendor/armbian/emmc-boot.sh new file mode 100755 index 0000000..6a06a7d --- /dev/null +++ b/vendor/armbian/emmc-boot.sh @@ -0,0 +1,75 @@ +#!/usr/bin/env bash + +# Check that blocks are present, which implies we booted from eMMC and the +# SD card containing block files has been inserted: +if [ ! -f /mnt/sdcard/blocks ]; then + echo "blocks dir not found on SD card" + exit 1 +fi + +# Check if lightning charge secret is set: +if ! cat /home/charge/.env | grep API_TOKEN; then + TOKEN=`uuidgen` + echo "API_TOKEN=$TOKEN" >> /home/charge/.env + echo "LIGHTNING_CHARGE_API_TOKEN=$TOKEN" >> /home/matreon/.env +fi + +# Check if Rails secrets are set: +if ! cat /home/matreon/.env | grep SECRET_KEY_BASE; then + echo "SECRET_KEY_BASE=`uuidgen`" >> /home/matreon/.env +fi + +if ! cat /home/matreon/.env | grep DEVISE_SECRET_KEY; then + echo "DEVISE_SECRET_KEY=`uuidgen`" >> /home/matreon/.env +fi + +# Only do this once: +if [ ! -f /home/bitcoin/.ibd_service_finished ]; then + # Enable and start systemd services: + systemctl enable bitcoind.service + systemctl enable bitcoind.path + systemctl start bitcoind.path + + systemctl enable lightningd.service + systemctl enable lightningd.path + systemctl start lightningd.path + + systemctl enable lightning-charge.service + systemctl enable lightning-charge.path + systemctl start lightning-charge.path + + systemctl enable rails.service + systemctl start rails.service + + # Enable crons + crontab -u matreon /usr/local/src/matreon/vendor/AWS/crontab-matreon + + # Starts c-lightning and lightning charge. Lightning wallet and secrets are + # created at first launch. + touch /home/bitcoin/.ibd_service_finished + + # Configure nginx + cp /usr/local/src/matreon/vendor/www/nginx.conf /etc/nginx/nginx.conf + cp /usr/local/src/matreon/vendor/www/matreon.conf /etc/nginx/conf.d + cp /usr/local/src/matreon/vendor/www/matreon/listen /etc/nginx/conf.d/matreon + + # TODO: if DOMAIN is configured... + echo "server_name _;" /etc/nginx/conf.d/matreon/server_name + # echo "server_name ${Domain};" /etc/nginx/conf.d/matreon/server_name + + # /etc/nginx/conf.d/redirect_domain.conf.disabled: + # content: !Sub | + # server { + # server_name *.amazonaws.com; + # listen 80; + # return 301 http://${Domain}$request_uri; + # } + + systemctl enable nginx + systemctl start nginx + + # TODO: configure certbot + + # cp /usr/local/src/matreon/vendor/www/https_upgrade.conf /etc/nginx/conf.d/https_upgrade.conf.disabled + # echo "`shuf -i 00-59 -n 1` `shuf -i 00-23 -n 1` * * * /usr/bin/certbot renew --quiet" >> /usr/local/src/matreon/vendor/AWS/crontab-matreon +fi diff --git a/vendor/armbian/lib.config b/vendor/armbian/lib.config new file mode 100644 index 0000000..03aac82 --- /dev/null +++ b/vendor/armbian/lib.config @@ -0,0 +1,14 @@ +# C-lightning packages: +PACKAGE_LIST_ADDITIONAL="$PACKAGE_LIST_ADDITIONAL autoconf automake build-essential git libtool libgmp-dev libsqlite3-dev python python3 net-tools zlib1g-dev" + +# Postgres packages: +PACKAGE_LIST_ADDITIONAL="$PACKAGE_LIST_ADDITIONAL postgresql-10 libpq-dev" + +# Rails packages (Ruby 2.5) +PACKAGE_LIST_ADDITIONAL="$PACKAGE_LIST_ADDITIONAL ruby ruby-dev" + +# Ngninx packages +PACKAGE_LIST_ADDITIONAL="$PACKAGE_LIST_ADDITIONAL nginx" + +# Misc packages: +PACKAGE_LIST_ADDITIONAL="$PACKAGE_LIST_ADDITIONAL uuid-runtime exfat-utils exfat-fuse" diff --git a/vendor/bitcoin/bitcoin-1GB-RAM.conf b/vendor/bitcoin/bitcoin-1GB-RAM.conf new file mode 100644 index 0000000..10ec041 --- /dev/null +++ b/vendor/bitcoin/bitcoin-1GB-RAM.conf @@ -0,0 +1,4 @@ +dbcache=450 +maxmempool=100 +maxconnections=4 +rpcthreads=1 diff --git a/vendor/bitcoin/bitcoin.conf b/vendor/bitcoin/bitcoin.conf index c51b2b1..b90be53 100644 --- a/vendor/bitcoin/bitcoin.conf +++ b/vendor/bitcoin/bitcoin.conf @@ -2,4 +2,4 @@ maxuploadtarget=100 peerbloomfilters=0 rpcallowip=0.0.0.0/0 server=1 -disablewallet=1 +# disablewallet=1 diff --git a/vendor/www/rails.service b/vendor/www/rails.service index 8a63987..b394448 100644 --- a/vendor/www/rails.service +++ b/vendor/www/rails.service @@ -11,12 +11,12 @@ Type=simple Restart=on-failure PIDFile=/var/www/matreon/tmp/puma.pid -ExecStartPre=/usr/local/bin/bundle --without development:test +ExecStartPre=/usr/local/bin/bundle --without development:test --path vendor/bundle ExecStartPre=/usr/local/bin/bundle exec rake db:migrate ExecStartPre=/usr/bin/yarn ExecStartPre=/usr/local/bin/bundle exec rake assets:precompile -ExecStart=/usr/local/bin/bundle exec /home/matreon/bin/puma -C config/puma.rb +ExecStart=/usr/local/bin/bundle exec puma -C config/puma.rb [Install] WantedBy=multi-user.target