From c6cdf13265670ebadeff048e0c3a43f88658fb24 Mon Sep 17 00:00:00 2001
From: e30chris <chris@simplifymy.cloud>
Date: Tue, 22 Oct 2024 21:08:54 -0700
Subject: [PATCH] nostr recipe yum

---
 config.toml.template               | 21 +++++++
 nginx-nostr-rs-relay.conf.template | 12 ++++
 nostr-rs-relay.service.template    | 12 ++++
 nostr.pkr.hcl                      | 72 +++++++++++++++++++++++
 setup_nostr.sh                     | 92 ++++++++++++++++++++++++++++++
 5 files changed, 209 insertions(+)
 create mode 100644 config.toml.template
 create mode 100644 nginx-nostr-rs-relay.conf.template
 create mode 100644 nostr-rs-relay.service.template
 create mode 100644 nostr.pkr.hcl
 create mode 100644 setup_nostr.sh

diff --git a/config.toml.template b/config.toml.template
new file mode 100644
index 0000000..6a6aa34
--- /dev/null
+++ b/config.toml.template
@@ -0,0 +1,21 @@
+[info]
+name = "NostrTheRelays"
+description = "A Nostr relay"
+pubkey = "npub1wy23yu45j6cydsdds9ktcs545usytsyfg5kyt40m6pmr969kt5pqhtq8ma"
+contact = "iq9@iq9.io"
+
+[network]
+port = 8080
+address = "0.0.0.0"
+
+[options]
+# delete_after = 3600
+
+[database]
+mode = "postgres"
+# host = "127.0.0.1"
+host = "/var/run/postgresql"
+port = 5432
+user = "nostr"
+password = "bmwbmwbmwbmw"
+database = "nostr"
\ No newline at end of file
diff --git a/nginx-nostr-rs-relay.conf.template b/nginx-nostr-rs-relay.conf.template
new file mode 100644
index 0000000..d254a05
--- /dev/null
+++ b/nginx-nostr-rs-relay.conf.template
@@ -0,0 +1,12 @@
+server {
+    listen 80;
+    server_name iq9.io;
+
+    location / {
+        proxy_pass http://localhost:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+    }
+}
\ No newline at end of file
diff --git a/nostr-rs-relay.service.template b/nostr-rs-relay.service.template
new file mode 100644
index 0000000..724ad0c
--- /dev/null
+++ b/nostr-rs-relay.service.template
@@ -0,0 +1,12 @@
+[Unit]
+Description=Nostr RS Relay
+After=network.target
+
+[Service]
+User=root
+WorkingDirectory=/root/nostr-rs-relay
+ExecStart=/root/nostr-rs-relay/target/release/nostr-rs-relay
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/nostr.pkr.hcl b/nostr.pkr.hcl
new file mode 100644
index 0000000..a032676
--- /dev/null
+++ b/nostr.pkr.hcl
@@ -0,0 +1,72 @@
+packer {
+  required_plugins {
+    digitalocean = {
+      version = ">= 1.0.0"
+      source  = "github.com/hashicorp/digitalocean"
+    }
+  }
+}
+
+source "digitalocean" "ubuntu" {
+  api_token     = var.do_token
+  image         = "ubuntu-22-04-x64"
+  region        = "sfo3"
+  size          = "s-4vcpu-8gb"
+  ssh_username  = "root"
+  snapshot_name = "ubuntu-nostr-relay-{{timestamp}}"
+
+  # Enable public networking
+  private_networking = false
+  ipv6               = false
+
+  # Add tags for identification
+  tags = ["nostr-relay", "packer-build"]
+
+  # Optional: Specify a droplet name for easier identification during build
+  droplet_name = "nostr-relay-packer-001"
+}
+
+build {
+  sources = ["source.digitalocean.ubuntu"]
+
+  # Add a shell provisioner to capture and use the public IP
+  provisioner "shell" {
+    inline = [
+      "export PUBLIC_IP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)",
+      "echo Public IP: $PUBLIC_IP",
+      "export DOMAIN_NAME=iq9.io", # Replace with your domain
+      "echo \"$PUBLIC_IP $DOMAIN_NAME\" >> /etc/hosts"
+    ]
+  }
+
+  provisioner "file" {
+    source      = "config.toml.template"
+    destination = "/tmp/config.toml"
+  }
+
+  provisioner "file" {
+    source      = "nostr-rs-relay.service.template"
+    destination = "/tmp/nostr-rs-relay.service"
+  }
+
+  provisioner "file" {
+    source      = "nginx-nostr-rs-relay.conf.template"
+    destination = "/tmp/nginx-nostr-rs-relay.conf"
+  }
+
+  provisioner "file" {
+    source      = "setup_nostr.sh"
+    destination = "/tmp/setup_nostr.sh"
+  }
+
+  provisioner "shell" {
+    environment_vars = [
+      "DOMAIN=iq9.io",   # Replace with your domain
+      "EMAIL=iq9@iq9.io" # Replace with your email
+    ]
+    inline = [
+      "chmod +x /tmp/setup_nostr.sh",
+      "/tmp/setup_nostr.sh"
+    ]
+  }
+}
\ No newline at end of file
diff --git a/setup_nostr.sh b/setup_nostr.sh
new file mode 100644
index 0000000..1f9fbf2
--- /dev/null
+++ b/setup_nostr.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+
+# Function to wait for apt to be available
+function wait_for_apt() {
+  while sudo fuser /var/lib/apt/lists/lock >/dev/null 2>&1 || sudo fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do
+    echo 'Waiting for apt locks to be released...'
+    sleep 5
+  done
+}
+
+# Function to handle apt operations with retries
+function apt_get_wrapper() {
+  local max_attempts=30
+  local attempt=1
+  while [ $attempt -le $max_attempts ]; do
+    if ! sudo fuser /var/lib/apt/lists/lock >/dev/null 2>&1 && ! sudo fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; then
+      sudo apt-get $@ && break
+    fi
+    echo "Attempt $attempt/$max_attempts: apt is locked. Waiting..."
+    sleep 10
+    attempt=$((attempt + 1))
+  done
+  if [ $attempt -gt $max_attempts ]; then
+    echo "Failed to execute apt-get after $max_attempts attempts"
+    exit 1
+  fi
+}
+
+# Wait for any initial apt operations to complete
+wait_for_apt
+
+# Use the wrapper function for apt operations
+apt_get_wrapper update
+apt_get_wrapper upgrade -y
+
+# Install dependencies
+apt_get_wrapper install -y git postgresql postgresql-contrib
+
+# Install Rust
+curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+. $HOME/.cargo/env
+
+# Set up PostgreSQL
+sudo -u postgres psql -c "CREATE USER nostr WITH PASSWORD 'bmwbmwbmwbmw';"
+sudo -u postgres psql -c "CREATE DATABASE nostr OWNER nostr;"
+
+# Clone and build nostr-rs-relay
+git clone https://github.com/scsibug/nostr-rs-relay.git
+cd nostr-rs-relay
+cargo build --release
+
+# Move config file to the correct location
+mv /tmp/config.toml /root/nostr-rs-relay/config.toml
+
+# Move systemd service file to the correct location
+mv /tmp/nostr-rs-relay.service /etc/systemd/system/nostr-rs-relay.service
+
+# Enable and start the service
+systemctl daemon-reload
+systemctl enable nostr-rs-relay
+systemctl start nostr-rs-relay
+
+# Install and configure Nginx
+apt_get_wrapper install -y nginx
+mv /tmp/nginx-nostr-rs-relay.conf /etc/nginx/sites-available/nostr-rs-relay
+ln -s /etc/nginx/sites-available/nostr-rs-relay /etc/nginx/sites-enabled/
+nginx -t
+systemctl reload nginx
+
+# Install Certbot and obtain SSL certificate
+#apt_get_wrapper install -y certbot python3-certbot-nginx
+
+# Run certbot with --staging flag first to test
+#certbot --nginx \
+#  --staging \
+#  -d ${DOMAIN} \
+#  --non-interactive \
+#  --agree-tos \
+#  --email ${EMAIL} \
+#  --verbose
+
+## If staging succeeds, run for real
+#if [ $? -eq 0 ]; then
+#  certbot --nginx \
+#    -d ${DOMAIN} \
+#    --non-interactive \
+#    --agree-tos \
+#    --email ${EMAIL}
+#else
+#  echo "Certbot staging failed, skipping production certificate"
+#  exit 1
+#fi
\ No newline at end of file