From 71abbc3ff0eef4814b83a9b34eff061751cd82ed Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Fri, 3 May 2024 11:55:47 -0700 Subject: [PATCH 01/15] Ensure /var/cache/nginx dirs are created on Ubuntu --- production/install | 2 ++ 1 file changed, 2 insertions(+) diff --git a/production/install b/production/install index 30754863c3..eeaf4f5e11 100755 --- a/production/install +++ b/production/install @@ -633,6 +633,8 @@ zfsCreateFilesystems() ext4CreateDir() { mkdir -p "/backup" "${ELEMENTS_HOME}" "${BITCOIN_HOME}" "${MINFEE_HOME}" "${ELECTRS_HOME}" "${MEMPOOL_HOME}" "${MYSQL_HOME}" "${BITCOIN_ELECTRS_HOME}" "${ELEMENTS_HOME}/liquidv1" "${ELEMENTS_ELECTRS_HOME}" + mkdir -p /var/cache/nginx/services /var/cache/nginx/api + chown "${NGINX_USER}:${NGINX_GROUP}" /var/cache/nginx/services /var/cache/nginx/api # Bitcoin Mainnet if [ "${BITCOIN_MAINNET_ENABLE}" = ON ];then From 692594e711cf29735fa3297d9e4ecf07525ec03c Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Fri, 3 May 2024 11:59:02 -0700 Subject: [PATCH 02/15] Fix check for Liquid testnet --- production/install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/production/install b/production/install index eeaf4f5e11..12c7436071 100755 --- a/production/install +++ b/production/install @@ -1590,8 +1590,8 @@ fi # Bitcoin instance for Liquid Testnet # ####################################### -if [ "${ELEMENTS_LIQUID_ENABLE}" = ON ];then - echo "[*] Installing Bitcoin Liquid service" +if [ "${ELEMENTS_LIQUIDTESTNET_ENABLE}" = ON ];then + echo "[*] Installing Bitcoin Liquid Testnet service" case $OS in FreeBSD) From 08ebff8b2bcc3d05d4e64900c2edb46a1d915f40 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Fri, 3 May 2024 11:59:52 -0700 Subject: [PATCH 03/15] Fix typo --- production/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/production/install b/production/install index 12c7436071..67e482b217 100755 --- a/production/install +++ b/production/install @@ -1437,7 +1437,7 @@ fi if [ "${UNFURL_INSTALL}" = ON ];then - echo "[*] Insalling Unfurl source" + echo "[*] Installing Unfurl source" case $OS in FreeBSD) From ba0a3d9b0646ad83b4689a71e7fc02cf4d9af351 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Fri, 3 May 2024 12:00:48 -0700 Subject: [PATCH 04/15] Fix incorrect mainnet minfee check --- production/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/production/install b/production/install index 67e482b217..e4cdcdee37 100755 --- a/production/install +++ b/production/install @@ -1522,7 +1522,7 @@ fi # Bitcoin instance for Mainnet Minfee # ####################################### -if [ "${BITCOIN_TESTNET_ENABLE}" = ON ];then +if [ "${BITCOIN_MAINNET_MINFEE_ENABLE}" = ON ];then echo "[*] Installing Bitcoin Minfee service" case $OS in From c835aede51594487258e9fce6bf24ab61dbeac18 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Sun, 5 May 2024 21:25:26 -0700 Subject: [PATCH 05/15] Update Bisq install --- production/install | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/production/install b/production/install index e4cdcdee37..cd8877d627 100755 --- a/production/install +++ b/production/install @@ -384,6 +384,7 @@ DEBIAN_PKG+=(libevent-dev libdb-dev libssl-dev libtool autotools-dev) DEBIAN_PKG+=(libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev) DEBIAN_PKG+=(nodejs npm mariadb-server nginx-core python3-certbot-nginx rsync ufw) DEBIAN_PKG+=(geoipupdate) +DEBIAN_PKG+=(openjdk-11-jdk) DEBIAN_UNFURL_PKG=() DEBIAN_UNFURL_PKG+=(cups chromium-bsu libatk1.0 libatk-bridge2.0 libxkbcommon-dev libxcomposite-dev) @@ -1381,9 +1382,6 @@ if [ "${BISQ_INSTALL}" = ON ];then echo "[*] Cloning Bisq top-level repo" osSudo "${BISQ_USER}" git clone --branch "${BISQ_REPO_BRANCH}" "${BISQ_REPO_URL}" "${BISQ_HOME}/${BISQ_REPO_NAME}" - echo "[*] Installing OpenJDK from Bisq install_java_linux.sh script" - osSudo "${ROOT_USER}" "${BISQ_HOME}/${BISQ_REPO_NAME}/scripts/install_java_linux.sh" - echo "[*] Checking out Bisq ${BISQ_LATEST_RELEASE}" osSudo "${BISQ_USER}" sh -c "cd ${BISQ_HOME}/${BISQ_REPO_NAME} && git checkout ${BISQ_LATEST_RELEASE}" From 249af0355e065d4c705f2484a43f7a536e92cade Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Sun, 5 May 2024 21:26:18 -0700 Subject: [PATCH 06/15] Include cargo as necessary deb package --- production/install | 1 + 1 file changed, 1 insertion(+) diff --git a/production/install b/production/install index cd8877d627..36720f984d 100755 --- a/production/install +++ b/production/install @@ -384,6 +384,7 @@ DEBIAN_PKG+=(libevent-dev libdb-dev libssl-dev libtool autotools-dev) DEBIAN_PKG+=(libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev) DEBIAN_PKG+=(nodejs npm mariadb-server nginx-core python3-certbot-nginx rsync ufw) DEBIAN_PKG+=(geoipupdate) +DEBIAN_PKG+=(cargo) DEBIAN_PKG+=(openjdk-11-jdk) DEBIAN_UNFURL_PKG=() From 50fb4b371366e918670daf729ba6748d0083c6d1 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Sun, 5 May 2024 22:15:40 -0700 Subject: [PATCH 07/15] Accept CLA --- contributors/runbtc.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 contributors/runbtc.txt diff --git a/contributors/runbtc.txt b/contributors/runbtc.txt new file mode 100644 index 0000000000..7578d13808 --- /dev/null +++ b/contributors/runbtc.txt @@ -0,0 +1,3 @@ +I hereby accept the terms of the Contributor License Agreement in the CONTRIBUTING.md file of the mempool/mempool git repository as of May 5, 2024. + +Signed: runbtc \ No newline at end of file From d8d54ab5470a028283c53875ea553f56c9cfc385 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Sun, 5 May 2024 22:31:04 -0700 Subject: [PATCH 08/15] Install prerequisite packages --- production/install | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/production/install b/production/install index 36720f984d..4d3c6add72 100755 --- a/production/install +++ b/production/install @@ -375,9 +375,13 @@ LIQUIDTESTNET_ASSET_REGISTRY_DB_NAME=asset_registry_testnet_db ##### OS packages ##### ####################### +# packages needed to run this script +DEBIAN_PREREQ_PKG=() +DEBIAN_PREREQ_PKG+=(dialog) + # packages needed for mempool ecosystem DEBIAN_PKG=() -DEBIAN_PKG+=(zsh vim curl screen openssl python3 dialog cron) +DEBIAN_PKG+=(zsh vim curl screen openssl python3 cron) DEBIAN_PKG+=(build-essential git git-lfs clang cmake jq) DEBIAN_PKG+=(autotools-dev autoconf automake pkg-config bsdmainutils) DEBIAN_PKG+=(libevent-dev libdb-dev libssl-dev libtool autotools-dev) @@ -391,6 +395,10 @@ DEBIAN_UNFURL_PKG=() DEBIAN_UNFURL_PKG+=(cups chromium-bsu libatk1.0 libatk-bridge2.0 libxkbcommon-dev libxcomposite-dev) DEBIAN_UNFURL_PKG+=(libxdamage-dev libxrandr-dev libgbm-dev libpango1.0-dev libasound-dev) +# packages needed to run this script +FREEBSD_PREREQ_PKG=() +FREEBSD_PREREQ_PKG+=(dialog) + # packages needed for mempool ecosystem FREEBSD_PKG=() FREEBSD_PKG+=(zsh sudo git git-lfs screen curl wget calc neovim) @@ -472,6 +480,18 @@ osPackageInstallAll() esac } +osPackageInstallPreReq() +{ + case $OS in + FreeBSD) + osPackageInstall ${FREEBSD_PREREQ_PKG[@]} + ;; + Debian) + osPackageInstall ${DEBIAN_PREREQ_PKG[@]} + ;; + esac +} + # osUserCreate username home_directory main_groupname [additional_group] osUserCreate() { @@ -718,6 +738,11 @@ ext4CreateDir() fi } +################################# +# Install prerequisite packages # +################################# + +osPackageInstallPreReq ##### Perform sanity checks before trying anything From 937795875ad6d85d0e3c7b1180fe38b6215c723a Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Mon, 6 May 2024 07:54:52 -0700 Subject: [PATCH 09/15] Update Bisq configuration --- production/install | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/production/install b/production/install index 4d3c6add72..7d2db4103a 100755 --- a/production/install +++ b/production/install @@ -1428,6 +1428,7 @@ if [ "${BISQ_INSTALL}" = ON ];then ;; Debian) + echo "[*] Installing Bisq service file" osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq.service" "${DEBIAN_SERVICE_HOME}/bisq.service" osSudo "${ROOT_USER}" sed -i.orig "s/#Requires=bitcoin.service/Requires=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" osSudo "${ROOT_USER}" sed -i.orig "s/#BindsTo=bitcoin.service/BindsTo=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" @@ -1439,17 +1440,19 @@ if [ "${BISQ_INSTALL}" = ON ];then osSudo "${ROOT_USER}" sed -i.orig "s!__BISQ_APP_NAME__!${BISQ_APP_NAME}!" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s!__BISQ_HOME__!${BISQ_HOME}!" "${DEBIAN_ENV_HOME}/bisq.env" - echo "[*] Configuring Bisq environment file with Bitcoin RPC credentials" + echo "[*] Configuring Bisq environment file" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_P2P_HOST__/${BITCOIN_MAINNET_P2P_HOST}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_P2P_PORT__/${BITCOIN_MAINNET_P2P_PORT}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_RPC_HOST__/${BITCOIN_MAINNET_RPC_HOST}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_RPC_PORT__/${BITCOIN_MAINNET_RPC_PORT}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_RPC_USER__/${BITCOIN_RPC_USER}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_RPC_PASS__/${BITCOIN_RPC_PASS}/" "${DEBIAN_ENV_HOME}/bisq.env" + osSudo "${ROOT_USER}" sed -i.orig "s/BISQ_DUMP_BLOCKCHAIN=false/BISQ_DUMP_BLOCKCHAIN=true/" "${DEBIAN_ENV_HOME}/bisq.env" + osSudo "${ROOT_USER}" sed -i.orig "s/BISQ_DUMP_STATISTICS=false/BISQ_DUMP_STATISTICS=true/" "${DEBIAN_ENV_HOME}/bisq.env" - #echo "[*] Updating Bitcoin configuration for Bisq" - #osSudo "${ROOT_USER}" sed -i.orig "s/#blocknotify/blocknotify/" "${BITCOIN_HOME}/bitcoin.conf" - #osSudo "${BITCOIN_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 755 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/blocknotify.sh" "${BITCOIN_HOME}/blocknotify.sh" + echo "[*] Updating Bitcoin configuration for Bisq" + osSudo "${ROOT_USER}" sed -i.orig "1iblocknotify=${BITCOIN_HOME}/blocknotify.sh %s" "${BITCOIN_HOME}/bitcoin.conf" + osSudo "${BITCOIN_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 755 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/blocknotify.sh" "${BITCOIN_HOME}/blocknotify.sh" ;; esac From 51c198436b69fef0a689d4423da9d6422e2b516f Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Tue, 7 May 2024 23:39:54 -0700 Subject: [PATCH 10/15] Create bitcoin and elements socket files with custom ACL on Debian --- production/install | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/production/install b/production/install index 7d2db4103a..47bfcec1a1 100755 --- a/production/install +++ b/production/install @@ -381,7 +381,7 @@ DEBIAN_PREREQ_PKG+=(dialog) # packages needed for mempool ecosystem DEBIAN_PKG=() -DEBIAN_PKG+=(zsh vim curl screen openssl python3 cron) +DEBIAN_PKG+=(zsh vim curl screen openssl python3 cron acl) DEBIAN_PKG+=(build-essential git git-lfs clang cmake jq) DEBIAN_PKG+=(autotools-dev autoconf automake pkg-config bsdmainutils) DEBIAN_PKG+=(libevent-dev libdb-dev libssl-dev libtool autotools-dev) @@ -658,6 +658,12 @@ ext4CreateDir() mkdir -p /var/cache/nginx/services /var/cache/nginx/api chown "${NGINX_USER}:${NGINX_GROUP}" /var/cache/nginx/services /var/cache/nginx/api + # create /bitcoin/socket with custom ACL for electrs unix sockets + mkdir -p "${BITCOIN_HOME}/socket" + + # create /elements/socket with custom ACL for electrs unix sockets + mkdir -p "${ELEMENTS_HOME}/socket" + # Bitcoin Mainnet if [ "${BITCOIN_MAINNET_ENABLE}" = ON ];then for folder in chainstate indexes blocks @@ -1909,13 +1915,25 @@ echo "[*] Setting permissions for electrs sockets" case $OS in FreeBSD) + if [ "${BITCOIN_INSTALL}" = ON ];then setfacl -m "user:bitcoin:full_set:f:allow,user:mempool:full_set:f:allow,user:www:full_set:f:allow,everyone@::f:allow" "${BITCOIN_HOME}/socket" chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_HOME}/socket" + fi + if [ "${ELEMENTS_INSTALL}" = ON ];then setfacl -m "user:elements:full_set:f:allow,user:mempool:full_set:f:allow,user:www:full_set:f:allow,everyone@::f:allow" "${ELEMENTS_HOME}/socket" chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_HOME}/socket" + fi ;; Debian) + if [ "${BITCOIN_INSTALL}" = ON ];then + setfacl -m "u:bitcoin:rwx,u:mempool:rwx,u:www-data:rwx,o::rw-" "${BITCOIN_HOME}/socket" + chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_HOME}/socket" + fi + if [ "${ELEMENTS_INSTALL}" = ON ];then + setfacl -m "u:elements:rwx,u:mempool:rwx,u:www-data:rwx,o::rw-" "${ELEMENTS_HOME}/socket" + chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_HOME}/socket" + fi ;; esac From 7995e62d0182c0a090aa5a55d8c703fbdaf4608f Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Tue, 7 May 2024 23:41:49 -0700 Subject: [PATCH 11/15] Install redis on Debian --- production/install | 5 ++- production/linux/redis.conf | 79 +++++++++++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 production/linux/redis.conf diff --git a/production/install b/production/install index 47bfcec1a1..0206996479 100755 --- a/production/install +++ b/production/install @@ -387,7 +387,7 @@ DEBIAN_PKG+=(autotools-dev autoconf automake pkg-config bsdmainutils) DEBIAN_PKG+=(libevent-dev libdb-dev libssl-dev libtool autotools-dev) DEBIAN_PKG+=(libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev) DEBIAN_PKG+=(nodejs npm mariadb-server nginx-core python3-certbot-nginx rsync ufw) -DEBIAN_PKG+=(geoipupdate) +DEBIAN_PKG+=(geoipupdate redis) DEBIAN_PKG+=(cargo) DEBIAN_PKG+=(openjdk-11-jdk) @@ -1073,6 +1073,9 @@ case $OS in echo "[*] Installing syslog configuration" osSudo "${ROOT_USER}" install -c -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/linux/rsyslog.conf" /etc/rsyslog.d/10-mempool.conf osSudo "${ROOT_USER}" sed -i.orig -e 's/^\*\.\*;auth,authpriv\.none/*\.*;auth,authpriv\.none,local7\.none/' /etc/rsyslog.d/50-default.conf + + echo "[*] Installing redis configuration" + osSudo "${ROOT_USER}" install -c -m 644 "${MEMPOOL_HOME}/${MEMPOOL_REPO_NAME}/production/linux/redis.conf" /etc/redis/redis.conf ;; esac diff --git a/production/linux/redis.conf b/production/linux/redis.conf new file mode 100644 index 0000000000..19da4dbd13 --- /dev/null +++ b/production/linux/redis.conf @@ -0,0 +1,79 @@ +save 3600 1 300 100 60 10000 +unixsocket /tmp/redis.sock +unixsocketperm 666 + +bind 127.0.0.1 -::1 +protected-mode yes +port 6379 +tcp-backlog 511 +timeout 0 +tcp-keepalive 300 +daemonize yes +pidfile /var/run/redis/redis.pid +loglevel notice +logfile /var/log/redis/redis.log +databases 16 +always-show-logo no +set-proc-title yes +proc-title-template "{title} {listen-addr} {server-mode}" +#locale-collate "" +stop-writes-on-bgsave-error yes +rdbcompression yes +rdbchecksum yes +dbfilename dump.rdb +rdb-del-sync-files no +dir /var/lib/redis/ +replica-serve-stale-data yes +replica-read-only yes +repl-diskless-sync yes +repl-diskless-sync-delay 5 +repl-diskless-sync-max-replicas 0 +repl-diskless-load disabled +repl-disable-tcp-nodelay no +replica-priority 100 +acllog-max-len 128 +lazyfree-lazy-eviction no +lazyfree-lazy-expire no +lazyfree-lazy-server-del no +replica-lazy-flush no +lazyfree-lazy-user-del no +lazyfree-lazy-user-flush no +oom-score-adj no +oom-score-adj-values 0 200 800 +disable-thp yes +appendonly no +appendfilename "appendonly.aof" +appenddirname "appendonlydir" +appendfsync everysec +no-appendfsync-on-rewrite no +auto-aof-rewrite-percentage 100 +auto-aof-rewrite-min-size 64mb +aof-load-truncated yes +aof-use-rdb-preamble yes +aof-timestamp-enabled no + +slowlog-log-slower-than 10000 +slowlog-max-len 128 +latency-monitor-threshold 0 +notify-keyspace-events "" +hash-max-listpack-entries 512 +hash-max-listpack-value 64 +list-max-listpack-size -2 +list-compress-depth 0 +set-max-intset-entries 512 +#set-max-listpack-entries 128 +#set-max-listpack-value 64 +zset-max-listpack-entries 128 +zset-max-listpack-value 64 +hll-sparse-max-bytes 3000 +stream-node-max-bytes 4096 +stream-node-max-entries 100 +activerehashing yes +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit replica 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 +hz 10 +dynamic-hz yes +aof-rewrite-incremental-fsync yes +rdb-save-incremental-fsync yes +jemalloc-bg-thread yes From 28951b6aa3f536a112cba6b256737a75a3a65869 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Tue, 7 May 2024 23:50:33 -0700 Subject: [PATCH 12/15] Make specific Bisq config dependent on BITCOIN_INSTALL --- production/install | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/production/install b/production/install index 0206996479..38f0efe8d8 100755 --- a/production/install +++ b/production/install @@ -1439,8 +1439,11 @@ if [ "${BISQ_INSTALL}" = ON ];then Debian) echo "[*] Installing Bisq service file" osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq.service" "${DEBIAN_SERVICE_HOME}/bisq.service" - osSudo "${ROOT_USER}" sed -i.orig "s/#Requires=bitcoin.service/Requires=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" - osSudo "${ROOT_USER}" sed -i.orig "s/#BindsTo=bitcoin.service/BindsTo=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" + if [ "${BITCOIN_INSTALL}" = ON ];then + osSudo "${ROOT_USER}" sed -i.orig "s/After=network.target/After=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" + osSudo "${ROOT_USER}" sed -i.orig "s/#Requires=bitcoin.service/Requires=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" + osSudo "${ROOT_USER}" sed -i.orig "s/#BindsTo=bitcoin.service/BindsTo=bitcoin.service/" "${DEBIAN_SERVICE_HOME}/bisq.service" + fi osSudo "${ROOT_USER}" sed -i.orig "s/__BISQ_REPO_NAME__/${BISQ_REPO_NAME}/" "${DEBIAN_SERVICE_HOME}/bisq.service" osSudo "${ROOT_USER}" sed -i.orig "s!__BISQ_HOME__!${BISQ_HOME}!" "${DEBIAN_SERVICE_HOME}/bisq.service" @@ -1448,8 +1451,6 @@ if [ "${BISQ_INSTALL}" = ON ];then osSudo "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq.env" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s!__BISQ_APP_NAME__!${BISQ_APP_NAME}!" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s!__BISQ_HOME__!${BISQ_HOME}!" "${DEBIAN_ENV_HOME}/bisq.env" - - echo "[*] Configuring Bisq environment file" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_P2P_HOST__/${BITCOIN_MAINNET_P2P_HOST}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_P2P_PORT__/${BITCOIN_MAINNET_P2P_PORT}/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/__BITCOIN_RPC_HOST__/${BITCOIN_MAINNET_RPC_HOST}/" "${DEBIAN_ENV_HOME}/bisq.env" @@ -1459,9 +1460,11 @@ if [ "${BISQ_INSTALL}" = ON ];then osSudo "${ROOT_USER}" sed -i.orig "s/BISQ_DUMP_BLOCKCHAIN=false/BISQ_DUMP_BLOCKCHAIN=true/" "${DEBIAN_ENV_HOME}/bisq.env" osSudo "${ROOT_USER}" sed -i.orig "s/BISQ_DUMP_STATISTICS=false/BISQ_DUMP_STATISTICS=true/" "${DEBIAN_ENV_HOME}/bisq.env" - echo "[*] Updating Bitcoin configuration for Bisq" - osSudo "${ROOT_USER}" sed -i.orig "1iblocknotify=${BITCOIN_HOME}/blocknotify.sh %s" "${BITCOIN_HOME}/bitcoin.conf" - osSudo "${BITCOIN_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 755 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/blocknotify.sh" "${BITCOIN_HOME}/blocknotify.sh" + if [ "${BITCOIN_INSTALL}" = ON ];then + echo "[*] Updating Bitcoin configuration for Bisq" + osSudo "${ROOT_USER}" sed -i.orig "1iblocknotify=${BITCOIN_HOME}/blocknotify.sh %s" "${BITCOIN_HOME}/bitcoin.conf" + osSudo "${BITCOIN_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 755 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/blocknotify.sh" "${BITCOIN_HOME}/blocknotify.sh" + fi ;; esac @@ -1919,12 +1922,12 @@ case $OS in FreeBSD) if [ "${BITCOIN_INSTALL}" = ON ];then - setfacl -m "user:bitcoin:full_set:f:allow,user:mempool:full_set:f:allow,user:www:full_set:f:allow,everyone@::f:allow" "${BITCOIN_HOME}/socket" - chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_HOME}/socket" + setfacl -m "user:bitcoin:full_set:f:allow,user:mempool:full_set:f:allow,user:www:full_set:f:allow,everyone@::f:allow" "${BITCOIN_HOME}/socket" + chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_HOME}/socket" fi if [ "${ELEMENTS_INSTALL}" = ON ];then - setfacl -m "user:elements:full_set:f:allow,user:mempool:full_set:f:allow,user:www:full_set:f:allow,everyone@::f:allow" "${ELEMENTS_HOME}/socket" - chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_HOME}/socket" + setfacl -m "user:elements:full_set:f:allow,user:mempool:full_set:f:allow,user:www:full_set:f:allow,everyone@::f:allow" "${ELEMENTS_HOME}/socket" + chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_HOME}/socket" fi ;; From 8cf33f0a7c5847c55cd058766a21747fe1196d5f Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Fri, 10 May 2024 14:40:07 -0700 Subject: [PATCH 13/15] Replace DB socket path in backend configs based on OS --- production/mempool-build-all | 14 ++++++++++++++ production/mempool-config.bisq.json | 2 +- production/mempool-config.liquid.json | 2 +- production/mempool-config.liquidtestnet.json | 2 +- production/mempool-config.mainnet-lightning.json | 2 +- production/mempool-config.mainnet.json | 2 +- production/mempool-config.signet-lightning.json | 2 +- production/mempool-config.signet.json | 2 +- production/mempool-config.testnet-lightning.json | 2 +- production/mempool-config.testnet.json | 2 +- 10 files changed, 23 insertions(+), 9 deletions(-) diff --git a/production/mempool-build-all b/production/mempool-build-all index 63dadaac04..de353b5c21 100755 --- a/production/mempool-build-all +++ b/production/mempool-build-all @@ -1,4 +1,17 @@ #!/usr/bin/env zsh + +case `uname -s` in + + FreeBSD) + DB_SOCKET=/var/run/mysql/mysql.sock + ;; + + Linux) + DB_SOCKET=/run/mysqld/mysqld.sock + ;; + +esac + PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:$HOME/bin HOSTNAME=$(hostname) LOCATION=$(hostname|cut -d . -f2) @@ -110,6 +123,7 @@ build_backend() -e "s!__MEMPOOL_LIQUIDTESTNET_PASS__!${MEMPOOL_LIQUIDTESTNET_PASS}!" \ -e "s!__MEMPOOL_BISQ_USER__!${MEMPOOL_BISQ_USER}!" \ -e "s!__MEMPOOL_BISQ_PASS__!${MEMPOOL_BISQ_PASS}!" \ + -e "s!__DB_SOCKET__!${DB_SOCKET}!" \ "mempool-config.json" fi npm install --omit=dev --omit=optional || exit 1 diff --git a/production/mempool-config.bisq.json b/production/mempool-config.bisq.json index 4913cb9869..6ff25dcb4a 100644 --- a/production/mempool-config.bisq.json +++ b/production/mempool-config.bisq.json @@ -22,7 +22,7 @@ "DATABASE": { "ENABLED": false, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_BISQ_USER__", "PASSWORD": "__MEMPOOL_BISQ_PASS__", "DATABASE": "mempool_bisq" diff --git a/production/mempool-config.liquid.json b/production/mempool-config.liquid.json index 9051bba741..f70256a412 100644 --- a/production/mempool-config.liquid.json +++ b/production/mempool-config.liquid.json @@ -71,7 +71,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_LIQUID_USER__", "PASSWORD": "__MEMPOOL_LIQUID_PASS__", "DATABASE": "mempool_liquid" diff --git a/production/mempool-config.liquidtestnet.json b/production/mempool-config.liquidtestnet.json index ae6d7b1ac4..103aade69e 100644 --- a/production/mempool-config.liquidtestnet.json +++ b/production/mempool-config.liquidtestnet.json @@ -71,7 +71,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_LIQUIDTESTNET_USER__", "PASSWORD": "__MEMPOOL_LIQUIDTESTNET_PASS__", "DATABASE": "mempool_liquidtestnet" diff --git a/production/mempool-config.mainnet-lightning.json b/production/mempool-config.mainnet-lightning.json index b113a3c8a1..a1d258ea3b 100644 --- a/production/mempool-config.mainnet-lightning.json +++ b/production/mempool-config.mainnet-lightning.json @@ -84,7 +84,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_MAINNET_LIGHTNING_USER__", "PASSWORD": "__MEMPOOL_MAINNET_LIGHTNING_PASS__", "DATABASE": "mempool_mainnet_lightning" diff --git a/production/mempool-config.mainnet.json b/production/mempool-config.mainnet.json index 385f8cbdc1..53d861a885 100644 --- a/production/mempool-config.mainnet.json +++ b/production/mempool-config.mainnet.json @@ -84,7 +84,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_MAINNET_USER__", "PASSWORD": "__MEMPOOL_MAINNET_PASS__", "DATABASE": "mempool" diff --git a/production/mempool-config.signet-lightning.json b/production/mempool-config.signet-lightning.json index c087a9104b..2679c97cc2 100644 --- a/production/mempool-config.signet-lightning.json +++ b/production/mempool-config.signet-lightning.json @@ -79,7 +79,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_SIGNET_LIGHTNING_USER__", "PASSWORD": "__MEMPOOL_SIGNET_LIGHTNING_PASS__", "DATABASE": "mempool_signet_lightning" diff --git a/production/mempool-config.signet.json b/production/mempool-config.signet.json index 6ebd9e8b38..f90709b1ac 100644 --- a/production/mempool-config.signet.json +++ b/production/mempool-config.signet.json @@ -72,7 +72,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_SIGNET_USER__", "PASSWORD": "__MEMPOOL_SIGNET_PASS__", "DATABASE": "mempool_signet" diff --git a/production/mempool-config.testnet-lightning.json b/production/mempool-config.testnet-lightning.json index 130410dc41..e127a7c011 100644 --- a/production/mempool-config.testnet-lightning.json +++ b/production/mempool-config.testnet-lightning.json @@ -79,7 +79,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_TESTNET_LIGHTNING_USER__", "PASSWORD": "__MEMPOOL_TESTNET_LIGHTNING_PASS__", "DATABASE": "mempool_testnet_lightning" diff --git a/production/mempool-config.testnet.json b/production/mempool-config.testnet.json index 2394ac4675..aefa6a12ce 100644 --- a/production/mempool-config.testnet.json +++ b/production/mempool-config.testnet.json @@ -72,7 +72,7 @@ "DATABASE": { "ENABLED": true, "HOST": "127.0.0.1", - "SOCKET": "/var/run/mysql/mysql.sock", + "SOCKET": "__DB_SOCKET__", "USERNAME": "__MEMPOOL_TESTNET_USER__", "PASSWORD": "__MEMPOOL_TESTNET_PASS__", "DATABASE": "mempool_testnet" From e50e5e3aa5a14ad0b29ce358161b1fd2927256ea Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Sun, 19 May 2024 11:00:25 -0700 Subject: [PATCH 14/15] Replace redis socket path in backend configs based on OS --- production/linux/redis.conf | 2 +- production/mempool-build-all | 3 +++ production/mempool-config.mainnet.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/production/linux/redis.conf b/production/linux/redis.conf index 19da4dbd13..4426857d39 100644 --- a/production/linux/redis.conf +++ b/production/linux/redis.conf @@ -1,5 +1,5 @@ save 3600 1 300 100 60 10000 -unixsocket /tmp/redis.sock +unixsocket /var/run/redis/redis.sock unixsocketperm 666 bind 127.0.0.1 -::1 diff --git a/production/mempool-build-all b/production/mempool-build-all index de353b5c21..1b24c6e8a2 100755 --- a/production/mempool-build-all +++ b/production/mempool-build-all @@ -4,10 +4,12 @@ case `uname -s` in FreeBSD) DB_SOCKET=/var/run/mysql/mysql.sock + REDIS_SOCKET=/tmp/redis.sock ;; Linux) DB_SOCKET=/run/mysqld/mysqld.sock + REDIS_SOCKET=/var/run/redis/redis.sock ;; esac @@ -124,6 +126,7 @@ build_backend() -e "s!__MEMPOOL_BISQ_USER__!${MEMPOOL_BISQ_USER}!" \ -e "s!__MEMPOOL_BISQ_PASS__!${MEMPOOL_BISQ_PASS}!" \ -e "s!__DB_SOCKET__!${DB_SOCKET}!" \ + -e "s!__REDIS_SOCKET__!${REDIS_SOCKET}!" \ "mempool-config.json" fi npm install --omit=dev --omit=optional || exit 1 diff --git a/production/mempool-config.mainnet.json b/production/mempool-config.mainnet.json index 53d861a885..949ba08e3b 100644 --- a/production/mempool-config.mainnet.json +++ b/production/mempool-config.mainnet.json @@ -142,7 +142,7 @@ }, "REDIS": { "ENABLED": true, - "UNIX_SOCKET_PATH": "/tmp/redis.sock", + "UNIX_SOCKET_PATH": "__REDIS_SOCKET__", "BATCH_QUERY_BASE_SIZE": 5000 }, "MEMPOOL_SERVICES": { From 48975952cf2fd4aef536aa6bbc4752d7cba68127 Mon Sep 17 00:00:00 2001 From: runbtc <143069848+runbtc@users.noreply.github.com> Date: Sun, 19 May 2024 11:02:53 -0700 Subject: [PATCH 15/15] Ensure created socket files inherit the ACL --- production/install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/production/install b/production/install index 38f0efe8d8..778671c397 100755 --- a/production/install +++ b/production/install @@ -1933,11 +1933,11 @@ case $OS in Debian) if [ "${BITCOIN_INSTALL}" = ON ];then - setfacl -m "u:bitcoin:rwx,u:mempool:rwx,u:www-data:rwx,o::rw-" "${BITCOIN_HOME}/socket" + setfacl -Rdm "u:bitcoin:rwx,u:mempool:rwx,u:www-data:rwx,o::rw-" "${BITCOIN_HOME}/socket" chown "${BITCOIN_USER}:${BITCOIN_GROUP}" "${BITCOIN_HOME}/socket" fi if [ "${ELEMENTS_INSTALL}" = ON ];then - setfacl -m "u:elements:rwx,u:mempool:rwx,u:www-data:rwx,o::rw-" "${ELEMENTS_HOME}/socket" + setfacl -Rdm "u:elements:rwx,u:mempool:rwx,u:www-data:rwx,o::rw-" "${ELEMENTS_HOME}/socket" chown "${ELEMENTS_USER}:${ELEMENTS_GROUP}" "${ELEMENTS_HOME}/socket" fi ;;