diff --git a/tfgrid3/casper/Dockerfile b/tfgrid3/casper/Dockerfile index f593649e..3841c66d 100755 --- a/tfgrid3/casper/Dockerfile +++ b/tfgrid3/casper/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM ubuntu:20.04 LABEL maintainer="abdul@incubaid.com" WORKDIR /opt @@ -41,10 +41,11 @@ RUN set -ex; \ software-properties-common \ git \ jq \ + ufw \ ; # Install zinit -RUN wget -O /sbin/zinit https://github.com/threefoldtech/zinit/releases/download/v0.2.5/zinit \ +RUN wget -O /sbin/zinit https://github.com/threefoldtech/zinit/releases/download/v0.2.14/zinit \ && chmod +x /sbin/zinit \ && mkdir -p /etc/zinit @@ -62,7 +63,7 @@ COPY config/init /tmp/ COPY scripts/start_casper / COPY scripts/check* /usr/bin/ COPY config/casper /var/www/html/ - + # Set Casperlabs Startup Script ENTRYPOINT ["/sbin/zinit", "init"] VOLUME /var/lib/casper diff --git a/tfgrid3/casper/scripts/casperlabs.yaml b/tfgrid3/casper/scripts/casperlabs.yaml index 44b8aebc..b3a64438 100644 --- a/tfgrid3/casper/scripts/casperlabs.yaml +++ b/tfgrid3/casper/scripts/casperlabs.yaml @@ -1 +1,3 @@ exec: bash -c "/start_casper" +after: + - ufw diff --git a/tfgrid3/casper/scripts/install_casper b/tfgrid3/casper/scripts/install_casper index 0e2e08a8..0a3ee43a 100755 --- a/tfgrid3/casper/scripts/install_casper +++ b/tfgrid3/casper/scripts/install_casper @@ -5,8 +5,8 @@ CASPER_VERSION=1_0_0 CASPER_NETWORK=casper ### Install Casper node -echo "deb https://repo.casperlabs.io/releases" bionic main | sudo tee -a /etc/apt/sources.list.d/casper.list -curl -O https://repo.casperlabs.io/casper-repo-pubkey.asc +echo "deb https://repo.casper.network/releases" bionic main | sudo tee -a /etc/apt/sources.list.d/casper.list +curl -O https://repo.casper.network/casper-repo-pubkey.asc sudo apt-key add casper-repo-pubkey.asc sudo apt update sudo apt install casper-node-launcher casper-client -y @@ -34,7 +34,7 @@ BRANCH="1.0.20" \ ### Build smart contracts cd ~ -git clone git://github.com/CasperLabs/casper-node.git +git clone https://github.com/casper-network/casper-node.git cd casper-node/ git checkout release-1.4.4 diff --git a/tfgrid3/casper/scripts/start_casper b/tfgrid3/casper/scripts/start_casper index 941ae027..d3505aa2 100755 --- a/tfgrid3/casper/scripts/start_casper +++ b/tfgrid3/casper/scripts/start_casper @@ -1,12 +1,14 @@ #!/usr/bin/env bash set -ex -CASPER_VERSION=1_0_0 +CASPER_VERSION=1_5_8 CASPER_NETWORK=casper # Frontend cat /opt/cronjobs | crontab - rm -f /var/www/html/index.html -mkdir /run/lock +if [ ! -d "/run/lock" ]; then + mkdir /run/lock +fi /usr/bin/checkheaders /usr/bin/checkip /etc/init.d/apache2 start @@ -14,13 +16,13 @@ mkdir /run/lock chmod 777 /tmp/* ### Generate node keys +rm /etc/casper/validator_keys/* cd /etc/casper/validator_keys sudo -u casper casper-client keygen . ### Set up configuration -sudo -u casper /etc/casper/pull_casper_node_version.sh $CASPER_NETWORK.conf $CASPER_VERSION -sudo -u casper /etc/casper/config_from_example.sh $CASPER_VERSION +sudo -u casper /etc/casper/node_util.py stage_protocols $CASPER_NETWORK.conf ### Get known validator IP KNOWN_ADDRESSES=$(sudo -u casper cat /etc/casper/$CASPER_VERSION/config.toml | grep known_addresses) @@ -41,21 +43,11 @@ done if [ -z ${KNOWN_VALIDATOR_IP} ]; then exit 1; fi # Get trusted_hash into config.toml -TRUSTED_HASH=$(casper-client get-block --node-address http://$KNOWN_VALIDATOR_IP:7777 -b 20 | jq -r .result.block.hash | tr -d '\n') -if [ "$TRUSTED_HASH" != "null" ]; then sudo -u casper sed -i "/trusted_hash =/c\trusted_hash = '$TRUSTED_HASH'" /etc/casper/$CASPER_VERSION/config.toml; fi +TRUSTED_HASH=$(casper-client get-block --node-address http://$KNOWN_VALIDATOR_IP:7777 | jq -r .result.block.hash | tr -d '\n') +if [ "$TRUSTED_HASH" != "null" ]; then sudo -u casper sed -i "7c\trusted_hash = '$TRUSTED_HASH'" /etc/casper/$CASPER_VERSION/config.toml; fi -### Stage the upgrades -curl -sSf genesis.casperlabs.io/casper/1_1_0/stage_1_1_0_upgrade.sh | sudo bash -curl -sSf genesis.casperlabs.io/casper/1_1_2/stage_upgrade.sh | sudo bash - -curl -sSf genesis.casperlabs.io/casper/1_2_0/stage_upgrade.sh | sudo bash - -curl -sSf genesis.casperlabs.io/casper/1_2_1/stage_upgrade.sh | sudo bash - -cd ~; curl -sSf genesis.casperlabs.io/casper/1_3_2/stage_upgrade.sh | sudo bash - -cd ~; curl -sSf genesis.casperlabs.io/casper/1_3_4/stage_upgrade.sh | sudo bash - -cd ~; curl -sSf genesis.casperlabs.io/casper/1_4_1/stage_upgrade.sh | sudo bash - -cd ~; curl -sSf genesis.casperlabs.io/casper/1_4_3/stage_upgrade.sh | sudo bash - -cd ~; curl -sSf genesis.casperlabs.io/casper/1_4_4/stage_upgrade.sh | sudo bash - ### Start the node -sudo logrotate -f /etc/logrotate.d/casper-node -exec casper-node-launcher > /var/www/html/node.log \ No newline at end of file +sudo /etc/casper/node_util.py rotate_logs +exec casper-node-launcher -f 1.5.8 diff --git a/tfgrid3/casper/scripts/ufw.sh b/tfgrid3/casper/scripts/ufw.sh new file mode 100644 index 00000000..26daa755 --- /dev/null +++ b/tfgrid3/casper/scripts/ufw.sh @@ -0,0 +1,13 @@ +#!/bin/bash +set -x + +ufw default deny incoming +ufw default allow outgoing +ufw allow ssh +ufw limit ssh +ufw allow 7777 +ufw allow 8888 +ufw allow 9999 +ufw allow 35000 +ufw allow 80 +ufw allow 443 diff --git a/tfgrid3/casper/scripts/ufw.yaml b/tfgrid3/casper/scripts/ufw.yaml new file mode 100644 index 00000000..6096b3c6 --- /dev/null +++ b/tfgrid3/casper/scripts/ufw.yaml @@ -0,0 +1,4 @@ +exec: ufw --force enable +oneshot: true +after: + - ufw_init diff --git a/tfgrid3/casper/scripts/ufw_init.yaml b/tfgrid3/casper/scripts/ufw_init.yaml new file mode 100644 index 00000000..85850737 --- /dev/null +++ b/tfgrid3/casper/scripts/ufw_init.yaml @@ -0,0 +1,5 @@ +exec: /bin/sh -eux -c " + chmod +x /etc/zinit/ufw.sh; + /etc/zinit/ufw.sh;" +oneshot: true +