From 5d4a746982ada5e93b8ccce50c0c4189dfb0c3da Mon Sep 17 00:00:00 2001 From: illuminatus Date: Sat, 21 Oct 2023 13:37:38 -0700 Subject: [PATCH] deploy-as-systemd.sh option for mithril signer --- .../cnode-helper-scripts/deploy-as-systemd.sh | 10 ++ .../cnode-helper-scripts/mithril-signer.sh | 157 ++++++++++++++++++ 2 files changed, 167 insertions(+) create mode 100755 scripts/cnode-helper-scripts/mithril-signer.sh diff --git a/scripts/cnode-helper-scripts/deploy-as-systemd.sh b/scripts/cnode-helper-scripts/deploy-as-systemd.sh index bb9026ae56..6662038a4c 100755 --- a/scripts/cnode-helper-scripts/deploy-as-systemd.sh +++ b/scripts/cnode-helper-scripts/deploy-as-systemd.sh @@ -37,6 +37,15 @@ if [[ ${yn} = [Yy]* ]]; then ./submitapi.sh -d fi +if command -v mithril-signer >/dev/null 2>&1 ; then + echo -e "\e[32m~~ Mithril Signer ~~\e[0m" + echo "Deploy Mithril Signer as a systemd service? [y|n]" + read -rsn1 yn + if [[ ${yn} = [Yy]* ]]; then + ./mithril-signer.sh -d + fi +fi + if command -v ogmios >/dev/null 2>&1 ; then echo -e "\e32m~~ Cardano Ogmios Server ~~\e[0m" echo "launches the ogmios.sh script to deploy ogmios" @@ -413,6 +422,7 @@ sudo systemctl daemon-reload [[ -f /etc/systemd/system/${vname}-cncli-validate.service ]] && sudo systemctl enable ${vname}-cncli-validate.service [[ -f /etc/systemd/system/${vname}-cncli-ptsendtip.service ]] && sudo systemctl enable ${vname}-cncli-ptsendtip.service [[ -f /etc/systemd/system/${vname}-cncli-ptsendslots.service ]] && sudo systemctl enable ${vname}-cncli-ptsendslots.service +[[ -f /etc/systemd/system/${vanem}-mithril-signer.service ]] && sudo systemctl enable ${vname}-mithril-signer.service echo diff --git a/scripts/cnode-helper-scripts/mithril-signer.sh b/scripts/cnode-helper-scripts/mithril-signer.sh new file mode 100755 index 0000000000..8e0d982031 --- /dev/null +++ b/scripts/cnode-helper-scripts/mithril-signer.sh @@ -0,0 +1,157 @@ +#!/usr/bin/env bash +# shellcheck disable=SC2086 +#shellcheck source=/dev/null + +. "$(dirname $0)"/env offline + +###################################### +# User Variables - Change as desired # +# Common variables set in env file # +###################################### + +#MITHRILBIN="${HOME}"/.local/bin/mithril-signer # Path for mithril-signer binary, if not in $PATH +#HOSTADDR=127.0.0.1 # Default Listen IP/Hostname for Mithril Signer Server +MITHRIL_HOME="/opt/mithril/mithril-signer" + +###################################### +# Do NOT modify code below # +###################################### + +##################### +# Functions # +##################### + +usage() { + cat <<-EOF + + Usage: $(basename "$0") [-d] [-u] + + Cardano Mithril signer wrapper script !! + -d Deploy mithril-signer as a systemd service + -u Update mithril-signer environment file + + EOF + exit 1 +} + +set_defaults() { + [[ -z "${MITHRILBIN}" ]] && MITHRILBIN="${HOME}"/.local/bin/mithril-signer + [[ -z "${MITHRIL_HOME}" ]] && MITHRIL_HOME=/opt/mithril/mithril-signer + if [[ -z "${NETWORK}" ]] || [[ -z "${POOL_NAME}" ]] || [[ "${POOL_NAME}" == "CHANGE_ME" ]]; then + echo "ERROR: The NETWORK and POOL_NAME must be set before deploying mithril-signer as a systemd service!!" + exit 1 + else + case "${NETWORK}" in + mainnet|preprod) + RELEASE="release" + ;; + *) + RELEASE="pre-release" + ;; + esac + fi + [[ -z ${RELEASE} ]] && echo "ERROR: Failed to set RELEASE variable, please check NETWORK variable in env file!!" && exit 1 +} + +pre_startup_sanity() { + [[ ! -f "${MITHRILBIN}" ]] && MITHRILBIN="$(command -v mithril-signer)" + if [[ ! -S "${CARDANO_NODE_SOCKET_PATH}" ]]; then + echo "ERROR: Could not locate socket file at ${CARDANO_NODE_SOCKET_PATH}, the node may not have completed startup !!" + exit 1 + fi + # Move logs to archive + [[ -f "${LOG_DIR}"/mithril-signer.log ]] && mv "${LOG_DIR}"/mithril-signer.log "${LOG_DIR}"/archive/ +} + +generate_environment_file() { + ERA_READER_ADDRESS=https://raw.githubusercontent.com/input-output-hk/mithril/main/mithril-infra/configuration/${RELEASE}-${NETWORK}/era.addr + ERA_READER_VKEY=https://raw.githubusercontent.com/input-output-hk/mithril/main/mithril-infra/configuration/${RELEASE}-${NETWORK}/era.vkey + sudo bash -c "cat <<-'EOF' > ${MITHRIL_HOME}/service.env + AGGREGATOR_ENDPOINT=https://aggregator.${RELEASE}-${NETWORK}.api.mithril.network/aggregator + KES_SECRET_KEY_PATH=${POOL_DIR}/${POOL_HOTKEY_SK_FILENAME} + OPERATIONAL_CERTIFICATE_PATH=${POOL_DIR}/${POOL_OPCERT_FILENAME} + PARTY_ID=$(cat ${POOL_DIR}/${POOL_ID_FILENAME}) + DB_DIRECTORY=${CNODE_HOME}/db + CARDANO_CLI_PATH=${HOME}/.local/bin/cardano-cli + DATA_STORES_DIRECTORY=${MITHRIL_HOME}/data-stores + ERA_READER_ADAPTER_TYPE=cardano-chain + ERA_READER_ADDRESS=https://raw.githubusercontent.com/input-output-hk/mithril/main/mithril-infra/configuration/${RELEASE}-${NETWORK}/era.addr + ERA_READER_VKEY=https://raw.githubusercontent.com/input-output-hk/mithril/main/mithril-infra/configuration/${RELEASE}-${NETWORK}/era.vkey + ERA_READER_ADAPTER_PARAMS=$(jq -nc --arg address $(wget -q -O - "${ERA_READER_ADDRESS}") --arg verification_key $(wget -q -O - "${ERA_READER_VKEY}") '{"address": $address, "verification_key": $verification_key}') + GENESIS_VERIFICATION_KEY=$(curl -s https://raw.githubusercontent.com/input-output-hk/mithril/main/mithril-infra/configuration/${RELEASE}-${NETWORK}/genesis.vkey) +EOF" +} + +deploy_systemd() { + echo "Creating ${CNODE_VNAME}-mithril-signer systemd service environment file.." + if [[ ! -f "${MITHRIL_HOME}"/service.env ]]; then + generate_environment_file && echo "Environment file created successfully!!" + fi + + echo "Deploying ${CNODE_VNAME}-mithril-signer as systemd service.." + sudo bash -c "cat <<-'EOF' > /etc/systemd/system/${CNODE_VNAME}-mithril-signer.service + [Unit] + Description=Cardano Mithril signer service + StartLimitIntervalSec=0 + Wants=network-online.target + After=network-online.target + + [Service] + Type=simple + Restart=always + RestartSec=5 + User=${USER} + EnvironmentFile=${MITHRIL_HOME}/service.env + ExecStart=/bin/bash -l -c \"exec ${HOME}/.local/bin/mithril-signer -vv + KillSignal=SIGINT + SuccessExitStatus=143 + StandardOutput=syslog + StandardError=syslog + SyslogIdentifier=${CNODE_VNAME}-mithril-signer + TimeoutStopSec=5 + KillMode=mixed + + [Install] + WantedBy=multi-user.target +EOF" && echo "${CNODE_VNAME}-mithril-signer.service deployed successfully!!" && sudo systemctl daemon-reload && sudo systemctl enable ${CNODE_VNAME}-mithril-signer.service +} + +################### +# Execution # +################### + +# Parse command line options +while getopts :du opt; do + case ${opt} in + d ) DEPLOY_SYSTEMD="Y" ;; + u ) UPDATE_ENVIRONMENT="Y" ;; + \? ) usage ;; + esac +done + +# Check if env file is missing in current folder (no update checks as will mostly run as daemon), source env if present +[[ ! -f "$(dirname $0)"/env ]] && echo -e "\nCommon env file missing, please ensure latest guild-deploy.sh was run and this script is being run from ${CNODE_HOME}/scripts folder! \n" && exit 1 +. "$(dirname $0)"/env +case $? in + 1) echo -e "ERROR: Failed to load common env file\nPlease verify set values in 'User Variables' section in env file or log an issue on GitHub" && exit 1;; + 2) clear ;; +esac + +# Set defaults and do basic sanity checks +set_defaults +#Deploy systemd if -d argument was specified +if [[ "${DEPLOY_SYSTEMD}" == "Y" ]]; then + deploy_systemd && exit 0 + exit 2 +elif [[ "${UPDATE_ENVIRONMENT}" == "Y" ]]; then + generate_environment_file && echo "Environment file updated successfully!!" && exit 0 + exit 2 +elif [[ "${UPDATE_ENVIRONMENT}" == "Y" ]] && [[ "${DEPLOY_SYSTEMD}" == "Y" ]]; then + generate_environment_file && deploy_systemd && exit 0 + exit 2 +fi + +pre_startup_sanity + +# Run Mithril Signer Server +"${MITHRILBIN}" -vvv >> "${LOG_DIR}"/mithril-signer.log 2>&1