diff --git a/build.sh b/build.sh index d6544150..78502403 100755 --- a/build.sh +++ b/build.sh @@ -1,28 +1,10 @@ #!/bin/bash set -e -source ./common/scripts/prepare_docker_functions.sh BUILD_DIR=./build EXCLUSIONS="assets/traefik, build, data, .env, build.sh, .gitignore" NODES="iota-hornet iota-bee iota-goshimmer wasp shimmer-hornet" -HORNET_VERSION=1.2.1 -WASP_VERSION=0.3.8 -WASP_DEV_BRANCH="develop" - -prepare_dockerx_builder () { - shutdown_dockerx_builder - sudo apt-get install -y qemu qemu-user-static - docker buildx create --name iota-builder - docker buildx use iota-builder - docker buildx inspect --bootstrap -} - -shutdown_dockerx_builder () { - if [ "$(docker buildx ls | grep iota-builder)" != "" ]; then - docker buildx rm iota-builder - fi -} build_node () { node=$1 @@ -54,83 +36,6 @@ build_node () { echo "$node.tar.gz built successfully" } -build_hornet_image () { - imageName=dltgreen/iota-hornet:$HORNET_VERSION - buildDirHornet=$BUILD_DIR/tmp_hornet - - mkdir -p $buildDirHornet - #(cd $buildDirHornet; curl -L -o hornet.tar.gz https://github.com/iotaledger/hornet/archive/refs/tags/v${HORNET_VERSION}.tar.gz; tar -xvf hornet.tar.gz --strip 1) - (cd $BUILD_DIR; git clone https://github.com/iotaledger/hornet.git tmp_hornet; cd tmp_hornet; git checkout v${HORNET_VERSION}) - - if [ -f $buildDirHornet/docker/Dockerfile ]; then - (cd $buildDirHornet; docker build --no-cache -f docker/Dockerfile -t $imageName .) - fi - - docker save $imageName > $BUILD_DIR/iota-hornet-$HORNET_VERSION.tar - rm -Rf $buildDirHornet - - push_docker_image $imageName -} - -build_wasp_image () { - local repoTag=$1 - local name=$2 - local imageTag=$3 - - local imageName=dltgreen/$name:$imageTag - local buildDirWasp=$BUILD_DIR/tmp_wasp - - rm -Rf $buildDirWasp && mkdir -p $buildDirWasp - (cd $BUILD_DIR; git clone https://github.com/iotaledger/wasp.git tmp_wasp; cd tmp_wasp; git checkout $repoTag) - - if [ -f $buildDirWasp/Dockerfile ]; then - prepare_dockerx_builder - (cd $buildDirWasp; docker buildx build --platform linux/amd64,linux/arm64 -t $imageName --push .) - shutdown_dockerx_builder - fi - - rm -Rf $buildDirWasp -} - -build_wasp-cli_image () { - local repoTag=$1 - local name=$2 - local imageTag=$3 - - local imageName=dltgreen/$name:$imageTag - local buildDirWaspCli=$BUILD_DIR/tmp_wasp - - rm -Rf $buildDirWaspCli && mkdir -p $buildDirWaspCli - (cd $BUILD_DIR; git clone https://github.com/iotaledger/wasp.git tmp_wasp; cd tmp_wasp; git checkout $repoTag) - - #patch "$buildDirWaspCli/Dockerfile" < ./wasp-cli/Dockerfile_wasp-cli.diff - cp -f "$buildDirWaspCli/Dockerfile" "$buildDirWaspCli/Dockerfile.orig" - cp -f ./wasp-cli/Dockerfile "$buildDirWaspCli/Dockerfile" - rm -f $buildDirWaspCli/.dockerignore - echo .git > $buildDirWaspCli/.dockerignore - echo .github >> $buildDirWaspCli/.dockerignore - - prepare_dockerx_builder - (cd $buildDirWaspCli; docker buildx build --platform linux/amd64,linux/arm64 -t $imageName --push .) - shutdown_dockerx_builder - - rm -Rf $buildDirWaspCli -} - -push_docker_image () { - local imageName=$1 - - print_line - read -p "Push docker image to dockerhub? (y/n) " yn - echo "" - case $yn in - y) docker push $imageName - ;; - *) echo "Image has not been pushed" - ;; - esac -} - upload_build_artefacts () { envFile=$(dirname "$0")/.env if [ ! -e "$envFile" ]; then @@ -161,6 +66,11 @@ enter_to_continue () { echo $fl; read -p 'Press [Enter] key to continue... Press [STRG+C] to cancel...' W; echo $xx } +print_line () { + local columns="$1" + printf '%*s\n' "${columns:-$(tput cols)}" '' | tr ' ' - +} + print_menu () { local longestArgumentLength=0 for item in "$@"; do @@ -204,44 +114,15 @@ print_menu () { } MainMenu() { - print_menu "Docker images" "Node packages" "Build management" "Exit" + print_menu "Node packages" "Build management" "Exit" read -p '> ' n case $n in - 1) DockerImagesMenu ;; - 2) NodePackagesMenu ;; - 3) BuildManagementMenu ;; + 1) NodePackagesMenu ;; + 2) BuildManagementMenu ;; *) clear; exit ;; esac } -DockerImagesMenu() { - print_menu "iota-hornet ($HORNET_VERSION)" "wasp ($WASP_VERSION)" "wasp-cli ($WASP_VERSION)" "wasp (dev)" "Back" - read -p '> ' n - case $n in - 1) print_line - build_hornet_image - enter_to_continue - DockerImagesMenu - ;; - 2) print_line - build_wasp_image "v$WASP_VERSION" "wasp" "$WASP_VERSION" - enter_to_continue - DockerImagesMenu - ;; - 3) print_line - build_wasp-cli_image "v$WASP_VERSION" "wasp-cli" "$WASP_VERSION" - enter_to_continue - DockerImagesMenu - ;; - 4) print_line - build_wasp_image "$WASP_DEV_BRANCH" "wasp" "dev" - enter_to_continue - DockerImagesMenu - ;; - *) MainMenu ;; - esac -} - NodePackagesMenu() { print_menu "all" "iota-hornet" "iota-bee" "iota-goshimmer" "shimmer-hornet" "wasp" "Back" read -p '> ' n @@ -281,7 +162,7 @@ NodePackagesMenu() { } BuildManagementMenu() { - print_menu "Clean build dir" "Upload build artefacts" "Prepare dockerx builder" "Back" + print_menu "Clean build dir" "Upload build artefacts" "Back" read -p '> ' n case $n in 1) print_line @@ -293,11 +174,6 @@ BuildManagementMenu() { upload_build_artefacts enter_to_continue BuildManagementMenu - ;; - 3) print_line - prepare_dockerx_builder - enter_to_continue - DockerImagesMenu ;; *) MainMenu ;; esac diff --git a/node-installer.sh b/node-installer.sh index 6328dbd5..87aa131d 100644 --- a/node-installer.sh +++ b/node-installer.sh @@ -1,7 +1,7 @@ #!/bin/bash -VRSN="v.1.4.5" -BUILD="20221203_145700" +VRSN="v.1.4.6" +BUILD="20221221_211601" VAR_DOMAIN='' VAR_HOST='' @@ -15,8 +15,8 @@ VAR_IOTA_HORNET_VERSION='1.2.1' VAR_IOTA_BEE_VERSION='0.3.1' VAR_IOTA_GOSHIMMER_VERSION='0.9.8' VAR_IOTA_WASP_VERSION='0.2.5' -VAR_SHIMMER_HORNET_VERSION='2.0.0-rc.2' -VAR_SHIMMER_WASP_VERSION='0.3.8' +VAR_SHIMMER_HORNET_VERSION='2.0.0-rc.3' +VAR_SHIMMER_WASP_VERSION='0.4.0-alpha.1' VAR_INX_INDEXER_VERSION='1.0-rc' VAR_INX_MQTT_VERSION='1.0-rc' @@ -39,22 +39,22 @@ echo "$xx" InstallerHash=$(curl -L https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/checksum.txt) -IotaHornetHash='2f4e221d966a4cdbc5f6b5b03e085d055fea7914833bf1e6806f3f6bb4724c23' +IotaHornetHash='49d1b4547e2a2579a92276e2b14e09e7dad46cde5e584ecb6bada707bf1fa0b0' IotaHornetPackage="https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/iota-hornet.tar.gz" -IotaBeeHash='e3303c4f46dcb66c74c7a0633c1cf30f1c0252d82c4be9630d4a5c5e49b828c6' +IotaBeeHash='a28954411199cd940aebc9f038fe2e51e2364ccd6cfbbcd9254015e967fe6c96' IotaBeePackage="https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/iota-bee.tar.gz" -IotaGoshimmerHash='8ff8e93a51b042c23c083218b2fecea4b243faad0831d66d13953a7b775012b4' +IotaGoshimmerHash='d7a853474885d3322a5b793b9b77e92be47983cdd27fdeab5f56484daaf3edf9' IotaGoshimmerPackage="https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/iota-goshimmer.tar.gz" IotaWaspHash='577a5ffe6010f6f06687f6b4ddf7c5c47280da142a1f4381567536e4422e6283' IotaWaspPackage="https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/wasp_iota.tar.gz" -ShimmerHornetHash='82892e49d16ae29d05295157b8cf1a939f99fe1faea950f0be908b8f09252e1c' +ShimmerHornetHash='f4fdca5c01510a724b026aa49e4ab900ea5b154846134dd2fe992251ead24624' ShimmerHornetPackage="https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/shimmer-hornet.tar.gz" -ShimmerWaspHash='a30b536c2425b68caaa6932a5644a3a673a03d6d12bf85768b380711ad0eac8a' +ShimmerWaspHash='6a9eab5f2c8a23bbe3c428f5a458fddf25e7ba9f96a6c3ae6f6d381ed759bde0' ShimmerWaspPackage="https://github.com/dlt-green/node-installer-docker/releases/download/$VRSN/wasp_shimmer.tar.gz" SnapshotIotaGoshimmer="https://dbfiles-goshimmer.s3.eu-central-1.amazonaws.com/snapshots/nectar/snapshot-latest.bin" @@ -2638,7 +2638,7 @@ ShimmerWasp() { read -r -p '> ' VAR_USERNAME echo '' echo "Set the dashboard password:" - echo "(information: $ca""will be saved as text / don't leave it empty""$xx):" + echo "(information: $ca""will be saved as hash / don't leave it empty""$xx):" read -r -p '> ' VAR_PASSWORD echo '' @@ -2675,6 +2675,26 @@ ShimmerWasp() { else if [ -f .env ]; then sed -i "s/WASP_VERSION=.*/WASP_VERSION=$VAR_SHIMMER_WASP_VERSION/g" .env; fi VAR_HOST=$(cat .env | grep _HOST | cut -d '=' -f 2) + VAR_SALT=$(cat .env | grep DASHBOARD_SALT | cut -d '=' -f 2) + + if [ -z $VAR_SALT ]; then + VAR_PASSWORD=$(cat .env | grep DASHBOARD_PASSWORD | cut -d '=' -f 2) + + if [ -d /var/lib/shimmer-hornet ]; then cd /var/lib/shimmer-hornet || VAR_PASSWORD=''; fi + if [ -n $VAR_PASSWORD ]; then + credentials=$(docker compose run --rm hornet tool pwd-hash --json --password "$VAR_PASSWORD" | sed -e 's/\r//g') + + VAR_DASHBOARD_PASSWORD=$(echo "$credentials" | jq -r '.passwordHash') + VAR_DASHBOARD_SALT=$(echo "$credentials" | jq -r '.passwordSalt') + + if [ -d /var/lib/$VAR_DIR ]; then cd /var/lib/$VAR_DIR || exit; fi + + if [ -f .env ]; then sed -i "s/DASHBOARD_PASSWORD=.*/DASHBOARD_PASSWORD=$VAR_DASHBOARD_PASSWORD/g" .env; fi + echo "DASHBOARD_SALT=$VAR_DASHBOARD_SALT" >> .env + + fi + if [ -d /var/lib/$VAR_DIR ]; then cd /var/lib/$VAR_DIR || exit; fi + fi fi echo "$fl"; read -r -p 'Press [Enter] key to continue... Press [STRG+C] to cancel... ' W; echo "$xx" @@ -2697,10 +2717,21 @@ ShimmerWasp() { echo "╚═════════════════════════════════════════════════════════════════════════════╝" echo "" - VAR_DASHBOARD_PASSWORD=VAR_PASSWORD + if [ -d /var/lib/shimmer-hornet ]; then cd /var/lib/shimmer-hornet || VAR_PASSWORD=''; fi + + if [ -n $VAR_PASSWORD ]; then + credentials=$(docker compose run --rm hornet tool pwd-hash --json --password "$VAR_PASSWORD" | sed -e 's/\r//g') + + VAR_DASHBOARD_PASSWORD=$(echo "$credentials" | jq -r '.passwordHash') + VAR_DASHBOARD_SALT=$(echo "$credentials" | jq -r '.passwordSalt') + + if [ -d /var/lib/$VAR_DIR ]; then cd /var/lib/$VAR_DIR || exit; fi + fi echo "DASHBOARD_USERNAME=$VAR_USERNAME" >> .env - echo "DASHBOARD_PASSWORD=$VAR_PASSWORD" >> .env + echo "DASHBOARD_PASSWORD=$VAR_DASHBOARD_PASSWORD" >> .env + echo "DASHBOARD_SALT=$VAR_DASHBOARD_SALT" >> .env + fi echo "" diff --git a/wasp-cli/Dockerfile b/wasp-cli/Dockerfile deleted file mode 100644 index a87b4f8d..00000000 --- a/wasp-cli/Dockerfile +++ /dev/null @@ -1,50 +0,0 @@ -ARG GOLANG_IMAGE_TAG=1.18-bullseye - -# Build stage -FROM golang:${GOLANG_IMAGE_TAG} AS build -ARG BUILD_TAGS=rocksdb -ARG BUILD_LD_FLAGS="" -ARG BUILD_TARGET="." - -LABEL org.label-schema.description="Wasp" -LABEL org.label-schema.name="iotaledger/wasp" -LABEL org.label-schema.schema-version="1.0" -LABEL org.label-schema.vcs-url="https://github.com/iotaledger/wasp" - -# Ensure ca-certificates are up to date -RUN update-ca-certificates - -# Set the current Working Directory inside the container -RUN mkdir /scratch -WORKDIR /scratch - -# Prepare the folder where we are putting all the files -RUN mkdir /app -RUN mkdir /app/waspdb - -# Make sure that modules only get pulled when the module file has changed -COPY go.mod go.sum ./ - -# Download go modules -RUN go mod download -RUN go mod verify - -# Project build stage -COPY . . - -# Build the binary -RUN go build -o /app/wasp -a -tags="$BUILD_TAGS" -ldflags="${BUILD_LD_FLAGS}" ${BUILD_TARGET} -RUN cd tools/wasp-cli && go build -o /app/wasp-cli -tags="${BUILD_TAGS}" -ldflags="${BUILD_LD_FLAGS}" ${BUILD_TARGET} - -############################ -# Image -############################ -# https://console.cloud.google.com/gcr/images/distroless/global/cc-debian11 -# using distroless cc "nonroot" image, which includes everything in the base image (glibc, libssl and openssl) -FROM gcr.io/distroless/cc-debian11:nonroot - -WORKDIR /app - -COPY --chown=nonroot:nonroot --from=build /app/wasp-cli /app - -ENTRYPOINT ["/app/wasp-cli"] diff --git a/wasp/README.md b/wasp/README.md index 655cc6b5..70854514 100644 --- a/wasp/README.md +++ b/wasp/README.md @@ -19,8 +19,7 @@ ACME_EMAIL=your-email@example.com # WASP_SSL_KEY= WASP_LEDGER_NETWORK=iota # or shimmer -# WASP_IMAGE_REPOSITORY=iotaledger -WASP_VERSION=0.3.0 +WASP_VERSION=0.4.0-alpha.1 WASP_HOST=node.your-domain.com # WASP_HTTP_PORT=80 # WASP_HTTPS_PORT=443 @@ -28,41 +27,41 @@ WASP_HOST=node.your-domain.com # WASP_PEERING_PORT=4000 # WASP_NANO_MSG_PORT=5550 # WASP_DATA_DIR= - -WASP_LEDGER_CONNECTION=node.your-domain.com:5000 +# WASP_IDENTITY_PRIVATE_KEY= # DASHBOARD_USERNAME=admin -# DASHBOARD_PASSWORD=**** +DASHBOARD_PASSWORD= +DASHBOARD_SALT= # WASP_WEBAPI_AUTH_SCHEME=jwt -# WASP_JWT_DURATION_HOURS=24 +# WASP_JWT_DURATION=24h # WASP_TRUSTED_NODE_0_NETID=trusted.node:4000 # WASP_TRUSTED_NODE_0_PUBKEY= ``` -| Parameter | Mandatory | Default | Description | -| --------------------------------- | :-------: | :---------: | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SSL_CONFIG | | letsencrypt | Allowed values: `certs`, `letsencrypt`. Default: `letsencrypt`. If set to certs `WASP_SSL_CERT` and `WASP_SSL_KEY` are used otherwise letsencrypt is used by default. | -| WASP_SSL_CERT | (x) | | Absolute path to SSL certificate (mandatory if `SSL_CONFIG=certs`) | -| WASP_SSL_KEY | (x) | | Absolute path to SSL private key (mandatory if `SSL_CONFIG=certs`) | -| ACME_EMAIL | (x) | | Mail address used to fetch SSL certificate from letsencrypt (mandatory if `SSL_CONFIG` not set or is set to `letsencrypt`). | -| WASP_LEDGER_NETWORK | x | | Network this wasp note belongs to (iota or shimmer) | -| WASP_IMAGE_REPOSITORY | | iotaledger | Repository of wasp docker image e.g. iotaledger or dltgreen | -| WASP_VERSION | x | | Version of `dltgreen/wasp` docker image to use | -| WASP_HOST | x | | Host domain name e.g. `wasp.dlt.green` | -| WASP_HTTP_PORT | | 80 | HTTP port to access dashboard. Must be 80 if letsencrypt is used. | -| WASP_HTTPS_PORT | | 443 | HTTPS port to access dashboard | -| WASP_API_PORT | | 448 | HTTPS port to access webapi | -| WASP_PEERING_PORT | | 4000 | Peering port | -| WASP_NANO_MSG_PORT | | 5550 | nano MSG port | -| WASP_DATA_DIR | | .data | Directory containing configuration, database etc. | -| WASP_LEDGER_CONNECTION | x | | IOTA node url (txstream protocol) to connect to (GoShimmer txstream plugin uses port 5000 by default) WARNING: This parameter has no effect if WASP_LEDGER_NETWORK=shimmer | -| DASHBOARD_USERNAME | | admin | Username to access dashboard | -| DASHBOARD_PASSWORD | x | | Password in clear text (not hashed, so take care!!!) | -| WASP_WEBAPI_AUTH_SCHEME | | jwt | Defines scheme of authentication of client with the wasp node e.g. basic or jwt | -| WASP_JWT_DURATION_HOURS | | 24 | Defines how log jwt tokens are valid (is used for webapi and dashboard) | -| WASP_TRUSTED_NODE_\[0-9\]+_NETID | | | NetId of trusted node (the script `refresh_trusted_nodes.sh` reads all `WASP_TRUSTED_NODE_*` parameters from `.env` and calls `wasp-cli peering trust` to trust the configured nodes.) | -| WASP_TRUSTED_NODE_\[0-9\]+_PUBKEY | | | Pubkey of trusted node (the script `refresh_trusted_nodes.sh` reads all `WASP_TRUSTED_NODE_*` parameters from `.env` and calls `wasp-cli peering trust` to trust the configured nodes.) | +| Parameter | Mandatory | Default | Description | +| --------------------------------- | :-------: | :---------: | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| SSL_CONFIG | | letsencrypt | Allowed values: `certs`, `letsencrypt`. Default: `letsencrypt`. If set to certs `WASP_SSL_CERT` and `WASP_SSL_KEY` are used otherwise letsencrypt is used by default. | +| WASP_SSL_CERT | (x) | | Absolute path to SSL certificate (mandatory if `SSL_CONFIG=certs`) | +| WASP_SSL_KEY | (x) | | Absolute path to SSL private key (mandatory if `SSL_CONFIG=certs`) | +| ACME_EMAIL | (x) | | Mail address used to fetch SSL certificate from letsencrypt (mandatory if `SSL_CONFIG` not set or is set to `letsencrypt`). | +| WASP_LEDGER_NETWORK | x | | Network this wasp note belongs to (iota or shimmer) | +| WASP_VERSION | x | | Version of `dltgreen/wasp` docker image to use | +| WASP_HOST | x | | Host domain name e.g. `wasp.dlt.green` | +| WASP_HTTP_PORT | | 80 | HTTP port to access dashboard. Must be 80 if letsencrypt is used. | +| WASP_HTTPS_PORT | | 443 | HTTPS port to access dashboard | +| WASP_API_PORT | | 448 | HTTPS port to access webapi | +| WASP_PEERING_PORT | | 4000 | Peering port | +| WASP_NANO_MSG_PORT | | 5550 | nano MSG port | +| WASP_DATA_DIR | | .data | Directory containing configuration, database etc. | +| WASP_IDENTITY_PRIVATE_KEY | | | Private key used to derive the node identity | +| DASHBOARD_USERNAME | | wasp | Username to access dashboard | +| DASHBOARD_PASSWORD | x | | Password hash (can be generated with `docker run --rm -it iotaledger/hornet:2.0-rc tool pwd-hash` or non-interactively with `docker run --rm iotaledger/hornet:2.0-rc tool pwd-hash --json --password `) | +| DASHBOARD_SALT | x | | Password salt (can be generated with `docker run --rm -it iotaledger/hornet:2.0-rc tool pwd-hash` or non-interactively with `docker run --rm iotaledger/hornet:2.0-rc tool pwd-hash --json --password `) | +| WASP_WEBAPI_AUTH_SCHEME | | jwt | Defines scheme of authentication of client with the wasp node e.g. basic or jwt | +| WASP_JWT_DURATION | | 24h | Defines how log jwt tokens are valid (is used for webapi and dashboard) | +| WASP_TRUSTED_NODE_\[0-9\]+_NETID | | | NetId of trusted node (the script `refresh_trusted_nodes.sh` reads all `WASP_TRUSTED_NODE_*` parameters from `.env` and calls `wasp-cli peering trust` to trust the configured nodes.) | +| WASP_TRUSTED_NODE_\[0-9\]+_PUBKEY | | | Pubkey of trusted node (the script `refresh_trusted_nodes.sh` reads all `WASP_TRUSTED_NODE_*` parameters from `.env` and calls `wasp-cli peering trust` to trust the configured nodes.) | ## wasp-cli diff --git a/wasp/assets/wasp/docker_config.yml b/wasp/assets/wasp/docker_config.yml index aa489584..50711666 100644 --- a/wasp/assets/wasp/docker_config.yml +++ b/wasp/assets/wasp/docker_config.yml @@ -1,47 +1,98 @@ { - "inx": { - "address": "localhost:9029", - "maxConnectionAttempts": 30 - }, - "database": { - "directory": "waspdb" + "app": { + "checkForUpdates": true, + "shutdown": { + "stopGracePeriod": "5m", + "log": { + "enabled": true, + "filePath": "shutdown.log" + } + } }, "logger": { - "level": "debug", - "disableCaller": false, - "disableStacktrace": true, + "level": "info", + "disableCaller": true, + "disableStacktrace": false, + "stacktraceLevel": "panic", "encoding": "console", "outputPaths": [ - "stdout", - "wasp.log" + "stdout" ], "disableEvents": true }, - "network": { - "bindAddress": "0.0.0.0", - "externalAddress": "auto" + "inx": { + "address": "localhost:9029", + "maxConnectionAttempts": 30, + "targetNetworkName": "" }, - "node": { - "disablePlugins": [], - "enablePlugins": [] + "db": { + "engine": "rocksdb", + "chainState": { + "path": "waspdb/chains/data" + }, + "debugSkipHealthCheck": false }, - "users": { - "users": { - "wasp": { - "password": "wasp", - "permissions": [ - "dashboard", - "api", - "chain.read", - "chain.write" - ] - } + "p2p": { + "identity": { + "privateKey": "", + "filePath": "waspdb/identity/identity.key" + }, + "db": { + "path": "waspdb/p2pstore" } }, + "registries": { + "chains": { + "filePath": "waspdb/chains/chain_registry.json" + }, + "dkShares": { + "path": "waspdb/dkshares" + }, + "trustedPeers": { + "filePath": "waspdb/trusted_peers.json" + }, + "consensusState": { + "path": "waspdb/chains/consensus" + } + }, + "peering": { + "netID": "0.0.0.0:4000", + "port": 4000 + }, + "chains": { + "broadcastUpToNPeers": 2, + "broadcastInterval": "5s", + "apiCacheTTL": "5m", + "pullMissingRequestsFromCommittee": true + }, + "rawBlocks": { + "enabled": false, + "directory": "blocks" + }, + "profiling": { + "enabled": false, + "bindAddress": "0.0.0.0:6060" + }, + "prometheus": { + "enabled": true, + "bindAddress": "0.0.0.0:2112", + "nodeMetrics": true, + "nodeConnMetrics": true, + "blockWALMetrics": true, + "restAPIMetrics": true, + "goMetrics": true, + "processMetrics": true, + "promhttpMetrics": true + }, "webapi": { + "enabled": true, + "nodeOwnerAddresses": [], + "bindAddress": "0.0.0.0:9090", + "debugRequestLoggerEnabled": false, "auth": { + "scheme": "jwt", "jwt": { - "durationHours": 24 + "duration": "24h" }, "basic": { "username": "wasp" @@ -50,15 +101,22 @@ "whitelist": [ "127.0.0.1" ] - }, - "scheme": "ip" - }, - "bindAddress": "0.0.0.0:9090" + } + } + }, + "nanomsg": { + "enabled": true, + "port": 5550 }, "dashboard": { + "enabled": true, + "bindAddress": "0.0.0.0:7000", + "exploreAddressURL": "", + "debugRequestLoggerEnabled": false, "auth": { + "scheme": "basic", "jwt": { - "durationHours": 24 + "duration": "24h" }, "basic": { "username": "wasp" @@ -67,24 +125,7 @@ "whitelist": [ "127.0.0.1" ] - }, - "scheme": "basic" - }, - "bindAddress": "0.0.0.0:7000" - }, - "peering": { - "port": 4000, - "netid": "0.0.0.0:4000" - }, - "nanomsg": { - "port": 5550 - }, - "metrics": { - "bindAddress": "0.0.0.0:2112", - "enabled": true - }, - "wal": { - "directory": "wal", - "enabled": true + } + } } } \ No newline at end of file diff --git a/wasp/docker-compose.yml b/wasp/docker-compose.yml index d5068422..54ff5f08 100644 --- a/wasp/docker-compose.yml +++ b/wasp/docker-compose.yml @@ -2,7 +2,7 @@ version: '3' services: wasp: - image: ${WASP_IMAGE_REPOSITORY:-iotaledger}/wasp:${WASP_VERSION:?WASP_VERSION is missing} + image: iotaledger/wasp:${WASP_VERSION:?WASP_VERSION is missing} container_name: ${WASP_LEDGER_NETWORK:?WASP_LEDGER_NETWORK is missing}-wasp restart: unless-stopped ulimits: @@ -41,12 +41,15 @@ services: command: - "-c" - "/etc/wasp_config.json" + - "-u" + - "/etc/wasp_users.json" cap_drop: - ALL volumes: - "/etc/localtime:/etc/localtime:ro" - "${WASP_DATA_DIR:-./data}/waspdb:/app/waspdb" - "${WASP_DATA_DIR:-./data}/config/config.json:/etc/wasp_config.json:ro" + - "${WASP_DATA_DIR:-./data}/config/users.json:/etc/wasp_users.json:ro" logging: driver: "json-file" options: diff --git a/wasp/prepare_docker.sh b/wasp/prepare_docker.sh index d8301a18..735f1051 100755 --- a/wasp/prepare_docker.sh +++ b/wasp/prepare_docker.sh @@ -11,8 +11,8 @@ scriptDir=$(dirname "${0}") dataDir="${WASP_DATA_DIR:-${scriptDir}/data}" configFilename="config.json" configPath="${dataDir}/config/${configFilename}" - -# image="dltgreen/wasp:$WASP_VERSION" +usersConfigFilename="users.json" +usersConfigPath="${dataDir}/config/${usersConfigFilename}" validate_ssl_config "WASP_SSL_CERT" "WASP_SSL_KEY" copy_common_assets @@ -28,34 +28,29 @@ prepare_data_dir "${dataDir}" "config" "waspdb" create_docker_network "${WASP_LEDGER_NETWORK}" # Generate config -if [ "${WASP_VERSION}" == "0.2.5" ] || [ "${WASP_VERSION}" == "0.3.0" ]; then - extract_file_from_image "dltgreen/wasp" "${WASP_VERSION}" "/etc/wasp_config.json" "${configPath}" -else - cp assets/wasp/docker_config.yml "${configPath}" -fi +cp assets/wasp/docker_config.yml "${configPath}" echo "Adapting config with values from .env..." -set_config "${configPath}" ".database.directory" "\"/app/waspdb\"" -set_config "${configPath}" ".nanomsg.port" "${WASP_NANO_MSG_PORT:-5550}" -set_config "${configPath}" ".peering.port" "${WASP_PEERING_PORT:-4000}" -set_config "${configPath}" ".logger.outputPaths" "[\"stdout\"]" -set_config "${configPath}" ".peering.netid" "\"${WASP_HOST}:${WASP_PEERING_PORT:-4000}\"" - -set_config_if_field_exists "${configPath}" ".inx.address" "\"hornet:9029\"" -move_rename_config "${configPath}" ".users.users.wasp" ".users.users[\"${DASHBOARD_USERNAME:-wasp}\"]" -set_config_if_field_exists "${configPath}" ".users.users[\"${DASHBOARD_USERNAME:-wasp}\"].password" "\"${DASHBOARD_PASSWORD:-wasp}\"" "secret" -set_config_if_field_exists "${configPath}" ".webapi.auth.basic.username" "\"${DASHBOARD_USERNAME:-wasp}\"" -set_config_if_field_exists "${configPath}" ".webapi.auth.scheme" "\"${WASP_WEBAPI_AUTH_SCHEME:-jwt}\"" -set_config_if_field_exists "${configPath}" ".dashboard.auth.basic.username" "\"${DASHBOARD_USERNAME:-wasp}\"" -set_config_if_field_exists "${configPath}" ".webapi.auth.jwt.durationHours" "${WASP_JWT_DURATION_HOURS:-24}" -set_config_if_field_exists "${configPath}" ".dashboard.auth.jwt.durationHours" "${WASP_JWT_DURATION_HOURS:-24}" - -# wasp 0.2.5 -set_config_if_field_exists "${configPath}" ".dashboard.auth.username" "\"${DASHBOARD_USERNAME:-wasp}\"" -set_config_if_field_exists "${configPath}" ".dashboard.auth.password" "\"${DASHBOARD_PASSWORD:-wasp}\"" "secret" -set_config_if_field_exists "${configPath}" ".nodeconn.address" "\"${WASP_LEDGER_CONNECTION}\"" -# wasp 0.3.0 -set_config_if_field_exists "${configPath}" ".l1.inxAddress" "\"hornet:9029\"" -rm -f ${tmp} +sed -i 's|"waspdb/|"/app/waspdb/|g' "${configPath}" +set_config "${configPath}" ".logger.outputPaths" "[\"stdout\"]" +set_config "${configPath}" ".inx.address" "\"hornet:9029\"" +set_config "${configPath}" ".inx.targetNetworkName" "\"${WASP_LEDGER_NETWORK}\"" +set_config "${configPath}" ".p2p.identity.privateKey" "\"${WASP_IDENTITY_PRIVATE_KEY}\"" +set_config "${configPath}" ".peering.port" "${WASP_PEERING_PORT:-4000}" +set_config "${configPath}" ".peering.netID" "\"${WASP_HOST}:${WASP_PEERING_PORT:-4000}\"" +set_config "${configPath}" ".webapi.auth.scheme" "\"${WASP_WEBAPI_AUTH_SCHEME:-jwt}\"" +set_config "${configPath}" ".webapi.auth.jwt.duration" "\"${WASP_JWT_DURATION:-24h}\"" +set_config "${configPath}" ".webapi.auth.basic.username" "\"${DASHBOARD_USERNAME:-wasp}\"" +#set_config "${configPath}" ".webapi.ip.whitelist" "..." # TODO +set_config "${configPath}" ".nanomsg.port" "${WASP_NANO_MSG_PORT:-5550}" +set_config "${configPath}" ".dashboard.auth.scheme" "\"${WASP_DASHBOARD_AUTH_SCHEME:-basic}\"" +set_config "${configPath}" ".dashboard.auth.basic.username" "\"${DASHBOARD_USERNAME:-wasp}\"" +set_config "${configPath}" ".dashboard.auth.jwt.duration" "\"${WASP_JWT_DURATION:-24h}\"" + +echo "Configure users defined in .env..." +echo "{}" > "${usersConfigPath}" +set_config "${usersConfigPath}" ".users.users[\"${DASHBOARD_USERNAME:-wasp}\"].passwordHash" "\"${DASHBOARD_PASSWORD}\"" "secret" +set_config "${usersConfigPath}" ".users.users[\"${DASHBOARD_USERNAME:-wasp}\"].passwordSalt" "\"${DASHBOARD_SALT}\"" "secret" +set_config "${usersConfigPath}" ".users.users[\"${DASHBOARD_USERNAME:-wasp}\"].permissions" "[\"dashboard\", \"api\", \"chain.read\", \"chain.write\"]" echo "Finished" diff --git a/wasp/wasp-cli-wrapper.sh b/wasp/wasp-cli-wrapper.sh index 3b8fa2f6..3b879e30 100755 --- a/wasp/wasp-cli-wrapper.sh +++ b/wasp/wasp-cli-wrapper.sh @@ -13,7 +13,7 @@ source "${scriptDir}/.env" dataDir="${WASP_DATA_DIR:-${scriptDir}/data}" configPath="${dataDir}/config/wasp-cli.json" -imageTag="dltgreen/wasp-cli:${WASP_VERSION}" +imageTag="iotaledger/wasp:${WASP_VERSION}" if [ ! -f "${configPath}" ] && ! is_parameter_present "-v" $@; then (cd "${scriptDir}" && ./prepare_cli.sh >/dev/null)