diff --git a/.gitlab/ci/pipelines/debian_repository_full.yml b/.gitlab/ci/pipelines/debian_repository_full.yml index a21909683c26d8aa99b90f48f30d01e93a72bd88..b954c92d6e60be5ddb6b6934536ce159835764fd 100644 --- a/.gitlab/ci/pipelines/debian_repository_full.yml +++ b/.gitlab/ci/pipelines/debian_repository_full.yml @@ -699,6 +699,39 @@ oc.install_bin_debian_bookworm_systemd_custom_datadir: - stuck_or_timeout_failure - runner_system_failure +oc.install_bin_debian_bookworm_systemd_agnostic_baker: + image: ${GCP_REGISTRY}/tezos/docker-images/ci-docker:v1.12.0 + stage: publishing_tests + tags: + - gcp + needs: + - oc.docker-systemd_tests_debian + - apt_repo_debian + dependencies: [] + allow_failure: true + timeout: 60 minutes + before_script: + - ./scripts/ci/docker_initialize.sh + script: + - ./scripts/ci/systemd-packages-test.sh scripts/packaging/tests/deb/install-bin-deb.sh + images/packages/debian-systemd-tests.Dockerfile + services: + - docker:${DOCKER_VERSION}-dind + variables: + DOCKER_VERSION: 24.0.7 + FLAVOUR: systemd-tests + DEP_IMAGE: ${GCP_REGISTRY}/$CI_PROJECT_NAMESPACE/tezos/$FLAVOUR-$DISTRIBUTION-$RELEASE + DEP_IMAGE_PROTECTED: ${GCP_PROTECTED_REGISTRY}/tezos/tezos/$FLAVOUR-$DISTRIBUTION-$RELEASE + PREFIX: "" + DISTRIBUTION: debian + RELEASE: bookworm + AGNOSTIC_BAKER: "true" + retry: + max: 2 + when: + - stuck_or_timeout_failure + - runner_system_failure + oc.upgrade_bin_debian_bookworm-systemd: image: ${GCP_REGISTRY}/tezos/docker-images/ci-docker:v1.12.0 stage: publishing_tests diff --git a/.gitlab/ci/pipelines/debian_repository_partial.yml b/.gitlab/ci/pipelines/debian_repository_partial.yml index 97a09c2ac08e859c9fbad3b2956feb502d52ba2e..b6a9ec24ea73003b1f40a43e8755e194d215babc 100644 --- a/.gitlab/ci/pipelines/debian_repository_partial.yml +++ b/.gitlab/ci/pipelines/debian_repository_partial.yml @@ -423,6 +423,39 @@ oc.install_bin_debian_bookworm_systemd_custom_datadir: - stuck_or_timeout_failure - runner_system_failure +oc.install_bin_debian_bookworm_systemd_agnostic_baker: + image: ${GCP_REGISTRY}/tezos/docker-images/ci-docker:v1.12.0 + stage: publishing_tests + tags: + - gcp + needs: + - oc.docker-systemd_tests_debian + - apt_repo_debian + dependencies: [] + allow_failure: true + timeout: 60 minutes + before_script: + - ./scripts/ci/docker_initialize.sh + script: + - ./scripts/ci/systemd-packages-test.sh scripts/packaging/tests/deb/install-bin-deb.sh + images/packages/debian-systemd-tests.Dockerfile + services: + - docker:${DOCKER_VERSION}-dind + variables: + DOCKER_VERSION: 24.0.7 + FLAVOUR: systemd-tests + DEP_IMAGE: ${GCP_REGISTRY}/$CI_PROJECT_NAMESPACE/tezos/$FLAVOUR-$DISTRIBUTION-$RELEASE + DEP_IMAGE_PROTECTED: ${GCP_PROTECTED_REGISTRY}/tezos/tezos/$FLAVOUR-$DISTRIBUTION-$RELEASE + PREFIX: "" + DISTRIBUTION: debian + RELEASE: bookworm + AGNOSTIC_BAKER: "true" + retry: + max: 2 + when: + - stuck_or_timeout_failure + - runner_system_failure + oc.upgrade_bin_debian_bookworm-systemd: image: ${GCP_REGISTRY}/tezos/docker-images/ci-docker:v1.12.0 stage: publishing_tests diff --git a/.gitlab/ci/pipelines/debian_repository_partial_auto.yml b/.gitlab/ci/pipelines/debian_repository_partial_auto.yml index 97a09c2ac08e859c9fbad3b2956feb502d52ba2e..b6a9ec24ea73003b1f40a43e8755e194d215babc 100644 --- a/.gitlab/ci/pipelines/debian_repository_partial_auto.yml +++ b/.gitlab/ci/pipelines/debian_repository_partial_auto.yml @@ -423,6 +423,39 @@ oc.install_bin_debian_bookworm_systemd_custom_datadir: - stuck_or_timeout_failure - runner_system_failure +oc.install_bin_debian_bookworm_systemd_agnostic_baker: + image: ${GCP_REGISTRY}/tezos/docker-images/ci-docker:v1.12.0 + stage: publishing_tests + tags: + - gcp + needs: + - oc.docker-systemd_tests_debian + - apt_repo_debian + dependencies: [] + allow_failure: true + timeout: 60 minutes + before_script: + - ./scripts/ci/docker_initialize.sh + script: + - ./scripts/ci/systemd-packages-test.sh scripts/packaging/tests/deb/install-bin-deb.sh + images/packages/debian-systemd-tests.Dockerfile + services: + - docker:${DOCKER_VERSION}-dind + variables: + DOCKER_VERSION: 24.0.7 + FLAVOUR: systemd-tests + DEP_IMAGE: ${GCP_REGISTRY}/$CI_PROJECT_NAMESPACE/tezos/$FLAVOUR-$DISTRIBUTION-$RELEASE + DEP_IMAGE_PROTECTED: ${GCP_PROTECTED_REGISTRY}/tezos/tezos/$FLAVOUR-$DISTRIBUTION-$RELEASE + PREFIX: "" + DISTRIBUTION: debian + RELEASE: bookworm + AGNOSTIC_BAKER: "true" + retry: + max: 2 + when: + - stuck_or_timeout_failure + - runner_system_failure + oc.upgrade_bin_debian_bookworm-systemd: image: ${GCP_REGISTRY}/tezos/docker-images/ci-docker:v1.12.0 stage: publishing_tests diff --git a/ci/bin/debian_repository.ml b/ci/bin/debian_repository.ml index ec8f44558f281ca82a617f3827288ae36c4ca549..cdf571c92a51fcc037884bc04184b5f3ecf844be 100644 --- a/ci/bin/debian_repository.ml +++ b/ci/bin/debian_repository.ml @@ -556,6 +556,30 @@ let jobs pipeline_type = scripts/packaging/tests/deb/install-bin-deb.sh \ images/packages/debian-systemd-tests.Dockerfile"; ]; + job_install_systemd_bin + ~__POS__ + ~name:"oc.install_bin_debian_bookworm_systemd_agnostic_baker" + ~allow_failure:Yes + ~dependencies: + (Dependent + [ + Job job_docker_systemd_test_debian_dependencies; + Job job_apt_repo_debian; + ]) + ~variables: + (variables + ~kind:"systemd-tests" + [ + ("PREFIX", ""); + ("DISTRIBUTION", "debian"); + ("RELEASE", "bookworm"); + ("AGNOSTIC_BAKER", "true"); + ]) + [ + "./scripts/ci/systemd-packages-test.sh \ + scripts/packaging/tests/deb/install-bin-deb.sh \ + images/packages/debian-systemd-tests.Dockerfile"; + ]; job_install_systemd_bin ~__POS__ ~name:"oc.upgrade_bin_debian_bookworm-systemd" diff --git a/scripts/packaging/octez/debian/control b/scripts/packaging/octez/debian/control index 87c4a37961d20c9430505d6207d51e5d2f306f6c..b743da2a79287ce4def7e96e82e5d7bbbd0d2af5 100644 --- a/scripts/packaging/octez/debian/control +++ b/scripts/packaging/octez/debian/control @@ -68,6 +68,28 @@ Description: Octez baking software for the Tezos blockchain. octez-dal-node to be installed as well. For key management it is recommended to install a remote signer on a different host. +Package: octez-agnostic-baker +Architecture: amd64 arm64 +Pre-Depends: + octez-client (= ${source:Version}), + debconf (>= 0.5) | debconf-2.0 +Depends: + ${misc:Depends}, ${shlibs:Depends}, + octez-node (= ${source:Version}), + curl, systemd +Recommends: + octez-signer (= ${source:Version}), + octez-dal-node (= ${source:Version}) +Description: Octez baking software for the Tezos blockchain. + The Octez baker includes the necessary tools and functionalities for + participating in the baking process, such as block creation, attestations, and + protocol-specific consensus mechanisms. + . + This package installs the baker, the accuser and the Octez node. By default, + installing this package causes the recommended packages octez-signer and + octez-dal-node to be installed as well. For key management it is recommended + to install a remote signer on a different host. + Package: octez-signer Architecture: amd64 arm64 Depends: ${misc:Depends}, ${shlibs:Depends}, octez-client (= ${source:Version}), diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.config b/scripts/packaging/octez/debian/octez-agnostic-baker.config new file mode 100755 index 0000000000000000000000000000000000000000..87acf5ee5ccd5f85c6c8d4d9616b4a3bc5f0f77f --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.config @@ -0,0 +1,89 @@ +#!/bin/sh + +set -e + +echoerr() { echo "$@" 1>&2; } + +new=${2:-} + +# shellcheck disable=SC1091 +. /usr/share/debconf/confmodule +db_version 2.0 + +case "$new" in +"") + # fresh install + : nop + ;; +1:*) + echoerr "Upgrade from $new" + if [ -e /etc/default/octez-baker ]; then + #shellcheck disable=SC1091 + . /etc/default/octez-baker + db_set octez-agnostic-baker/liquidity-vote "$LQVOTE" + db_set octez-agnostic-baker/baker-key "$BAKER_KEY" + fi + ;; +*) + if [ -e /etc/octez/agnostic-baker.conf ]; then + echoerr "Legacy upgrade from $new" + echoerr "Updating baker configuration from old /etc/octez/agnostic-baker.conf" + # the values set here in debconf are going to be used in the + # postinst script to write the /etc/default/ files for this + # package + #shellcheck disable=SC1091 + . /etc/octez/agnostic-baker.conf + + if [ -n "${lq_vote:-}" ]; then + echoerr "set lq_vote=$lq_vote" + #shellcheck disable=SC2154 + db_set octez-agnostic-baker/liquidity-vote "$lq_vote" + fi + + if [ -n "${baking_key:-}" ]; then + echoerr "set baking_key=$baking_key" + #shellcheck disable=SC2154 + db_set octez-agnostic-baker/baker-key "$baking_key" + fi + + if [ -n "${dalurl:-}" ]; then + echoerr "set dalurl=$dalurl" + if [ "$dalurl" = "" ]; then + #shellcheck disable=SC2154 + db_set octez-agnostic-baker/dal-node false + else + db_set octez-agnostic-baker/dal-node true + db_set octez-agnostic-baker/dal-node-url "$dalurl" + fi + else + db_set octez-agnostic-baker/dal-node true + fi + + #shellcheck disable=SC2119 + db_go + fi + ;; +esac + +db_input high octez-agnostic-baker/liquidity-vote || true +# shellcheck disable=SC2119 +db_go || true + +db_input medium octez-agnostic-baker/baker-key || true +# shellcheck disable=SC2119 +db_go || true + +db_input medium octez-agnostic-baker/dal-node || true +# shellcheck disable=SC2119 +db_go || true + +db_get octez-agnostic-baker/dal-node +if [ "$RET" = "true" ]; then + db_get octez-agnostic-baker/dal-node-url + if [ -z "$RET" ]; then + db_set octez-agnostic-baker/dal-node-url "http://127.0.0.1:10732" + fi + db_input low octez-agnostic-baker/dal-node-url || true + # shellcheck disable=SC2119 + db_go || true +fi diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.default b/scripts/packaging/octez/debian/octez-agnostic-baker.default new file mode 100644 index 0000000000000000000000000000000000000000..1d5ddc13c9c9aa6fcbf0748cd4b3b56ae82f79f9 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.default @@ -0,0 +1,7 @@ + +# Data Directory +# we use the datadir defined in /etc/default/octez-node + +# Other options +# Keep the daemon process alive +RUNTIME_OPTS="--keep-alive --dal-node http://127.0.0.1:10732" diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.install b/scripts/packaging/octez/debian/octez-agnostic-baker.install new file mode 100644 index 0000000000000000000000000000000000000000..2746bc188ed73ac36f20b9ca522db0fea190e4fc --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.install @@ -0,0 +1,4 @@ +binaries/octez-agnostic-baker /usr/bin/ +binaries/octez-accuser-P* /usr/bin/ +scripts/wait-for-node-up.sh /usr/share/octez-agnostic-baker/ +scripts/systemd-octez-agnostic-baker.sh /usr/share/octez-agnostic-baker/ diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.lintian-overrides b/scripts/packaging/octez/debian/octez-agnostic-baker.lintian-overrides new file mode 100644 index 0000000000000000000000000000000000000000..07cf7978d2f6a7b3002c40e8bf8d3de0c6af929a --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.lintian-overrides @@ -0,0 +1 @@ +octez-agnostic-baker: initial-upload-closes-no-bugs diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.logrotate b/scripts/packaging/octez/debian/octez-agnostic-baker.logrotate new file mode 100644 index 0000000000000000000000000000000000000000..ff3f5fae73de715073b015a1d36c23b07c82ddd8 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.logrotate @@ -0,0 +1,35 @@ +/var/log/tezos/agnostic-baker.log{ + daily + # we use copytruncate to avoid stopping node. + copytruncate + rotate 5 + compress + minsize 1M +} + +/var/log/tezos/accuser.log{ + daily + # we use copytruncate to avoid stopping node. + copytruncate + rotate 5 + compress + minsize 1M +} + +/var/log/tezos/accuser-next.log{ + daily + # we use copytruncate to avoid stopping node. + copytruncate + rotate 5 + compress + minsize 1M +} + +/var/log/tezos/accuser-active.log{ + daily + # we use copytruncate to avoid stopping node. + copytruncate + rotate 5 + compress + minsize 1M +} diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.manpages b/scripts/packaging/octez/debian/octez-agnostic-baker.manpages new file mode 100644 index 0000000000000000000000000000000000000000..3f2d556c7342bc099ac4d2526ca469005e1d2504 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.manpages @@ -0,0 +1,2 @@ +manpages/octez-agnostic-baker.1 +manpages/octez-accuser.1 diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.octez-accuser.default b/scripts/packaging/octez/debian/octez-agnostic-baker.octez-accuser.default new file mode 100644 index 0000000000000000000000000000000000000000..ca9dff7577828037319508a37e2a956680624e5b --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.octez-accuser.default @@ -0,0 +1,2 @@ +# Keep the daemon process alive: when the connection with the node is lost +RUNTIME_OPTS="--keep-alive" diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.octez-accuser@.service b/scripts/packaging/octez/debian/octez-agnostic-baker.octez-accuser@.service new file mode 100644 index 0000000000000000000000000000000000000000..53bde9abe77a15fff99e4dcbdfa2fd1f4591fcd5 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.octez-accuser@.service @@ -0,0 +1,21 @@ +[Unit] +Description=Octez accuser for protocol %i +Documentation=https://octez.tezos.com/docs/ +After=network.target + +[Service] +EnvironmentFile=-/etc/default/octez-baker +EnvironmentFile=-/etc/default/octez-accuser +WorkingDirectory=~ +Restart=on-failure +User=tezos +ExecStart=/bin/sh -c "/usr/bin/octez-accuser-%i run $RUNTIME_OPTS" + +ExecStartPre=+touch /var/log/tezos/accuser-%i.log +ExecStartPre=+chown tezos:tezos /var/log/tezos/accuser-%i.log + +StandardOutput=append:/var/log/tezos/accuser-%i.log +StandardError=inherit + +[Install] +WantedBy=multi-user.target diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.octez-agnostic-baker-bin.service b/scripts/packaging/octez/debian/octez-agnostic-baker.octez-agnostic-baker-bin.service new file mode 100644 index 0000000000000000000000000000000000000000..3f1fd1165d3a02ea4b08618234be5b929dafff58 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.octez-agnostic-baker-bin.service @@ -0,0 +1,26 @@ +[Unit] +Description=Octez agnostic baker service +Documentation=https://octez.tezos.com/docs/ +After=network.target + +[Service] +Type=simple +Restart=on-failure +TimeoutStartSec=infinity +TimeoutStopSec=300 + +EnvironmentFile=-/etc/default/octez-node +EnvironmentFile=-/etc/default/octez-baker +WorkingDirectory=~ +User=tezos + +ExecStartPre=+touch /var/log/tezos/agnostic-baker.log +ExecStartPre=+chown tezos:tezos /var/log/tezos/agnostic-baker.log + +ExecStart=/bin/sh -c "/usr/bin/octez-agnostic-baker --base-dir $HOME/.tezos-client run with local node $DATADIR --liquidity-baking-toggle-vote $LQVOTE $RUNTIME_OPTS $BAKING_KEY" + +StandardOutput=append:/var/log/tezos/agnostic-baker.log +StandardError=inherit + +[Install] +WantedBy=multi-user.target diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.postinst b/scripts/packaging/octez/debian/octez-agnostic-baker.postinst new file mode 100755 index 0000000000000000000000000000000000000000..8e5e8796ca61eeaa36c540fb743252c78b14f1ae --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.postinst @@ -0,0 +1,94 @@ +#!/bin/sh + +set -e + +# shellcheck disable=SC1091 +. /usr/share/debconf/confmodule + +echoerr() { echo "$@" 1>&2; } + +db_version 2.0 + +# work directory to store temporary files associated to this package +mkdir -p /run/octez-agnostic-baker + +case "${1}" in +configure) + # if $2 is empty, then we're doing a fresh install. + # if $DPKG_RUNNING_VERSION" is empty a reconfigure + # Otherwise we're upgrading + if [ -z "${2:-}" ] || [ -z "$DPKG_RUNNING_VERSION" ]; then + echoerr "Fresh installation (or reconfigure) of the Octez agnostic baker" + + db_get octez-agnostic-baker/liquidity-vote + echo "LQVOTE=${RET}" > /etc/default/octez-baker + + db_get octez-agnostic-baker/baker-key + echo "BAKER_KEY=${RET}" >> /etc/default/octez-baker + + db_get octez-agnostic-baker/dal-node + DAL=${RET} + case "$DAL" in + true) + db_get octez-agnostic-baker/dal-node-url + DALURL=${RET} + echo "RUNTIME_OPTS=\"--keep-alive --dal-node $DALURL\"" >> /etc/default/octez-baker + ;; + false) + echo "RUNTIME_OPTS=--keep-alive --without-dal" >> /etc/default/octez-baker + ;; + esac + + mkdir -p /var/tezos/.tezos-client + chown tezos:tezos /var/tezos/.tezos-client + else + echoerr "Upgrading octez-agnostic-baker from version $2 ( postinst )" + # the configure script is called with the version of the old + # package in case of upgrade. We display a message to the user + # in this case. See octez-node.postinst for a detailed explanation. + case "$2" in + 1:*) + : noop + ;; + *) + echoerr "Setting defaults in /etc/default/octez-baker" + echoerr "Migrating values when possible" + + db_get octez-agnostic-baker/liquidity-vote + echo "LQVOTE=${RET}" >> /etc/default/octez-baker + echoerr "LQVOTE=${RET}" + + db_get octez-agnostic-baker/baker-key + echo "BAKER_KEY=${RET}" >> /etc/default/octez-baker + echoerr "BAKER_KEY=${RET}" + + db_get octez-agnostic-baker/dal-node + DAL=${RET} + case "$DAL" in + true) + db_get octez-agnostic-baker/dal-node-url + DALURL=${RET} + echo "RUNTIME_OPTS=\" --keep-alive --dal-node $DALURL\"" >> /etc/default/octez-baker + echoerr "RUNTIME_OPTS=--keep-alive --dal-node $DALURL" + ;; + false) + echo "RUNTIME_OPTS=--keep-alive --without-dal" >> /etc/default/octez-baker + echoerr "RUNTIME_OPTS=--keep-alive --without-dal" + ;; + esac + + db_input high octez-agnostic-baker/upgrade_note_current || true + #shellcheck disable=SC2119 + db_go || true + ;; + esac + fi + ;; +*) + : nop + ;; +esac + +systemctl daemon-reload || true + +#DEBHELPER# diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.postrm b/scripts/packaging/octez/debian/octez-agnostic-baker.postrm new file mode 100755 index 0000000000000000000000000000000000000000..08c87c94ca10ac3874576f855be218ed63e2f767 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.postrm @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +# Load debconf library +# shellcheck disable=SC1091 +. /usr/share/debconf/confmodule + +# systemctl should not be called directly. use this +# wrapper script if available +debsystemctl=$(command -v deb-systemd-invoke || echo systemctl) + +case "${1}" in +remove) + rm -Rf /run/octez-agnostic-baker + ;; +purge) + rm -Rf /run/octez-agnostic-baker + # Purge debconf data for the package in any case + # shellcheck disable=SC2119 + db_purge || true + echo "Octez agnostic baker purged" + ;; +upgrade) + echo "Restarting Octez agnostic baker daemon: octez-agnostic-baker" + $debsystemctl "start octez-agnostic-baker.service" + ;; +failed-upgrade | abort-install | abort-upgrade | disappear) ;; +*) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# Clean up the temporary file +rm -f /run/octez-agnostic-baker/*daemon_was_running + +#DEBHELPER# diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.preinst b/scripts/packaging/octez/debian/octez-agnostic-baker.preinst new file mode 100755 index 0000000000000000000000000000000000000000..0449ad9d7b751a31f74412d63d7259e1753669c6 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.preinst @@ -0,0 +1,77 @@ +#!/bin/sh + +set -e + +# shellcheck disable=SC1091 +. /usr/share/debconf/confmodule + +db_version 2.0 + +# work directory to store temporary files associated to this package +mkdir -p /run/octez-agnostic-baker + +case "${1}" in +install | upgrade) + # if $2 is empty, then we're doing a fresh install. + # Ohtwerwise we're upgrading + if [ -n "$2" ]; then + # the configure script is called with the version of the old + # package in case of upgrade. We display a message to the user + # in this case + echo "Upgrading Octez agnostic baker from version $2 ( preinst )" + case "$2" in + 1:*) + if [ -e /etc/default/octez-baker ]; then + #shellcheck disable=SC1091 + . /etc/default/octez-baker + db_set octez-agnostic-baker/liquidity-vote "$LQVOTE" + db_set octez-agnostic-baker/baker-key "$BAKER_KEY" + fi + ;; + *) + if [ -e /etc/octez/agnostic-baker.conf ]; then + echo "Updating baker configuration from old /etc/octez/agnostic-baker.conf" + # the values set here in debconf are going to be used in the + # postinst script to write the /etc/default/ files for this + # package + #shellcheck disable=SC1091 + . /etc/octez/agnostic-baker.conf + + if [ -n "${lq_vote:-}" ]; then + echo "set lq_vote=$lq_vote" + #shellcheck disable=SC2154 + db_set octez-agnostic-baker/liquidity-vote "$lq_vote" + fi + + if [ -n "${baking_key:-}" ]; then + echo "set baking_key=$baking_key" + #shellcheck disable=SC2154 + db_set octez-agnostic-baker/baker-key "$baking_key" + fi + + if [ -n "${dalurl:-}" ]; then + echo "set dalurl=$dalurl" + if [ "$dalurl" = "" ]; then + #shellcheck disable=SC2154 + db_set octez-agnostic-baker/dal-node false + else + db_set octez-agnostic-baker/dal-node true + db_set octez-agnostic-baker/dal-node-url "$dalurl" + fi + else + db_set octez-agnostic-baker/dal-node true + fi + + #shellcheck disable=SC2119 + db_go + fi + ;; + esac + fi + ;; +*) + echo "preinst noop" + ;; +esac + +#DEBHELPER# diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.prerm b/scripts/packaging/octez/debian/octez-agnostic-baker.prerm new file mode 100755 index 0000000000000000000000000000000000000000..e71b77c6bde39e44081bc447d447e978c6ee7584 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.prerm @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e + +# shellcheck disable=SC1091 +. /usr/share/debconf/confmodule + +# systemctl should not be called directly. use this +# wrapper script if available +debsystemctl=$(command -v deb-systemd-invoke || echo systemctl) + +# Check if the old daemon is active before stopping it +if systemctl is-active --quiet "octez-agnostic-baker.service"; then + echo "Stopping old octez-agnostic-baker" + $debsystemctl stop "octez-agnostic-baker.service" +fi diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.service b/scripts/packaging/octez/debian/octez-agnostic-baker.service new file mode 100644 index 0000000000000000000000000000000000000000..4e8cd41a2d64b4beb80eef7ee80c932998103a80 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.service @@ -0,0 +1,22 @@ +[Unit] +Description=Octez baker service +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=yes +Restart=on-failure +TimeoutStartSec=300 +TimeoutStopSec=300 + +EnvironmentFile=-/etc/default/octez-node +EnvironmentFile=-/etc/default/octez-baker + +# The baker is started only if the node is up and running +ExecStartPre=/usr/share/octez-agnostic-baker/wait-for-node-up.sh + +ExecStart=/usr/share/octez-agnostic-baker/systemd-octez-agnostic-baker.sh start +ExecStop=/usr/share/octez-agnostic-baker/systemd-octez-agnostic-baker.sh stop + +[Install] +WantedBy=multi-user.target diff --git a/scripts/packaging/octez/debian/octez-agnostic-baker.templates b/scripts/packaging/octez/debian/octez-agnostic-baker.templates new file mode 100644 index 0000000000000000000000000000000000000000..b15d336fae270fbe1363956055bf4440d03264c0 --- /dev/null +++ b/scripts/packaging/octez/debian/octez-agnostic-baker.templates @@ -0,0 +1,41 @@ +Template: octez-agnostic-baker/liquidity-vote +Description: Your choice for the liquidity vote: + Vote to continue or end the liquidity baking subsidy. The possible values for + this option are: "off" to request ending the subsidy, "on" to request + continuing or restarting the subsidy, and "pass" to abstain. + . + This option is mandatory to start the baker. +Type: select +Choices: off, on, pass + +Template: octez-agnostic-baker/baker-key +Description: The baker key to associate to this baker: + Name of the delegate to attest and bake for or the name of the consensus key + signing on the delegate's behalf. The key is required to run the baker, but it + can also be added later while configuring the baker. +Type: string + +Template: octez-agnostic-baker/dal-node +Type: boolean +Default: true +Description: Connect to the Octez DAL node? + By default, the octez-dal-node package is installed alongside the octez-agnostic-baker + package to participate to the DAL network. + . + Possible options: "--dal-node http://127.0.0.1:10732" or "--without-dal". + +Template: octez-agnostic-baker/dal-node-url +Type: string +Default: http://127.0.0.1:10732 +Description: Specify the url of the RPC server of the Octez DAL node: + By default the octez-dal-node package is installed alongside the octez-agnostic-baker. + +Template: octez-agnostic-baker/upgrade_note_current +Type: note +Description: Important upgrade information + This package has been upgraded to a new version. Please note that some changes + have been made that may affect your usage of the package. The configuration + of the package has been updated. If you did any customizations, please check + the configuration of the octez-agnostic-baker + . + Please review the release notes for more information. diff --git a/scripts/packaging/octez/debian/octez-baker.lintian-overrides b/scripts/packaging/octez/debian/octez-baker.lintian-overrides index c556086abac6010323ea26928a7cf555ad68ce51..b6af5634c937fc24c55a2ec391119bea0ed921a6 100644 --- a/scripts/packaging/octez/debian/octez-baker.lintian-overrides +++ b/scripts/packaging/octez/debian/octez-baker.lintian-overrides @@ -1,2 +1 @@ octez-baker: initial-upload-closes-no-bugs -octez-baker: malformed-question-in-templates diff --git a/scripts/packaging/octez/debian/octez-baker.preinst b/scripts/packaging/octez/debian/octez-baker.preinst index 0f5f7d667aaf7c7b9948528aff1ed88361bf0e10..adb81b1e927a514728fe4a20f2fc4a99b3d5e3b6 100755 --- a/scripts/packaging/octez/debian/octez-baker.preinst +++ b/scripts/packaging/octez/debian/octez-baker.preinst @@ -13,7 +13,7 @@ mkdir -p /run/octez-baker case "${1}" in install | upgrade) # if $2 is empty, then we're doing a fresh install. - # Ohtwerwise we're upgrading + # Otherwise we're upgrading if [ -n "$2" ]; then # the configure script is called with the version of the old # package in case of upgrade. We display a message to the user diff --git a/scripts/packaging/octez/debian/octez-baker.templates b/scripts/packaging/octez/debian/octez-baker.templates index 0cbd464f5e5ff3c1c8f5768b1a7abe97b5146d1c..06dbcc8e0d7b7e50c7a1232d7f03cbe0197b9b02 100644 --- a/scripts/packaging/octez/debian/octez-baker.templates +++ b/scripts/packaging/octez/debian/octez-baker.templates @@ -18,7 +18,7 @@ Type: string Template: octez-baker/dal-node Type: boolean Default: true -Description: Connect to the Octez DAL node ? +Description: Connect to the Octez DAL node? By default, the octez-dal-node package is installed alongside the octez-baker package to participate to the DAL network. . @@ -28,7 +28,7 @@ Template: octez-baker/dal-node-url Type: string Default: http://127.0.0.1:10732 Description: Specify the url of the RPC server of the Octez DAL node: - By default the octez-dal-node package is installed along side the octez-baker. + By default the octez-dal-node package is installed alongside the octez-baker. Template: octez-baker/upgrade_note_current Type: note diff --git a/scripts/packaging/octez/debian/rules b/scripts/packaging/octez/debian/rules index ec275fd93cfd6c299f6e9bfa43eecd3752ff2af3..0241714319ba9910199d10b73bc5f67ba6666b6b 100755 --- a/scripts/packaging/octez/debian/rules +++ b/scripts/packaging/octez/debian/rules @@ -21,12 +21,15 @@ override_dh_installman: do \ ln -s debian/octez-baker/usr/share/man/man1/octez-accuser.1.gz \ debian/octez-baker/usr/share/man/man1/$$bin.1.gz ; \ + ln -s debian/octez-agnostic-baker/usr/share/man/man1/octez-accuser.1.gz \ + debian/octez-agnostic-baker/usr/share/man/man1/$$bin.1.gz ; \ done override_dh_installdocs: dh_installdocs dh_installdocs -p octez-node docs/README.octez-node dh_installdocs -p octez-baker docs/README.octez-baker + dh_installdocs -p octez-agnostic-baker docs/README.octez-agnostic-baker dh_installdocs -p octez-signer docs/octez-signer.service dh_installdocs -p octez-signer docs/README.octez-signer @@ -36,15 +39,21 @@ override_dh_installsystemd: dh_installsystemd -p octez-smart-rollup-node --no-start dh_installsystemd -p octez-baker --no-start dh_installsystemd -p octez-baker --no-enable --no-start --name octez-accuser@ + dh_installsystemd -p octez-agnostic-baker --no-start + dh_installsystemd -p octez-agnostic-baker --no-enable --no-start --name octez-accuser@ + dh_installsystemd -p octez-agnostic-baker --no-enable --no-start --name octez-agnostic-baker-bin override_dh_installlogrotate: dh_installlogrotate --package=octez-node dh_installlogrotate --package=octez-baker + dh_installlogrotate --package=octez-agnostic-baker override_dh_install: dh_install mkdir -p debian/octez-baker/etc/default/ cp debian/octez-baker.octez-accuser.default debian/octez-baker/etc/default/octez-accuser + mkdir -p debian/octez-agnostic-baker/etc/default/ + cp debian/octez-agnostic-baker.octez-accuser.default debian/octez-agnostic-baker/etc/default/octez-accuser dh_installdebconf override_dh_fixperms: diff --git a/scripts/packaging/octez/docs/README.octez-agnostic-baker b/scripts/packaging/octez/docs/README.octez-agnostic-baker new file mode 100644 index 0000000000000000000000000000000000000000..79f246a70b2089dddbb2eda7572e946250f2b486 --- /dev/null +++ b/scripts/packaging/octez/docs/README.octez-agnostic-baker @@ -0,0 +1,48 @@ +# Octez Agnostic Baker + +The octez agnostic baker should be configured to run along side a remote signer. + +This package provides systemd services for both the baker and the accuser +and for the active and next protocol. For example, you can start the +baker using + +``` +$ sudo systemctl start octez-agnostic-baker +``` + +All services are enabled but not started by default. It's up to the user +to configure them. + +## Usage with a remote signer + +The remote signer can be located either on the same machine, or better +on a separate machine and connected to a ledger. + +This package does not make any assumption on how the final user will +configure its baker. We provide as an example some steps a user should +take to configure its baker service to communicate with a remote signer. + +We assume, for the sake of brevity, that the signer is configured to +answer on a local http connection running on localhost and will use +authentication. + +For example, assuming the octez-signer is already setup: +``` +$ octez-signer show address alice +Hash: tz1V7TgBR52wAjjqsh24w8y9CymFGdegt9qs +Public Key: edpkvGAz71r8SZomcvF7LGajXT3AnhYX9CrmK3JWgA2xk8rf8CudY8 + +# Tell the baker about this signer +$ sudo su tezos -c "octez-client -R tcp://localhost:7732 config update" + +# add the remote key to the baker +$ sudo su tezos -c "octez-client -R tcp://localhost:7732 import secret key alice remote:tz1V7TgBR52wAjjqsh24w8y9CymFGdegt9qs" + +# Check that everything is ok +# you should see the the operation in the logs of the signer +# journalctl --user-unit octez-signer +$ sudo su tezos -c "octez-client sign bytes 0x03 for alice" + +# Register your baking account +$ sudo su tezos -c "octez-client register key alice as delegate" +``` diff --git a/scripts/packaging/octez/manpages/octez-agnostic-baker.1 b/scripts/packaging/octez/manpages/octez-agnostic-baker.1 new file mode 100644 index 0000000000000000000000000000000000000000..cd5597596f25866e9d9646dc42db936fcbc9e64a --- /dev/null +++ b/scripts/packaging/octez/manpages/octez-agnostic-baker.1 @@ -0,0 +1,29 @@ +.TH OCTEZ-AGNOSTIC-BAKER 1 "January 2024" "Octez Agnostic Baker Manual" + +.SH NAME +octez-agnostic-baker \- Octez Baker Daemon + +.SH SYNOPSIS +.B octez-agnostic-baker +[\fIOPTION\fR]... \fI\fR [\fIARGS\fR]... + +.SH DESCRIPTION +.B octez-agnostic-baker +includes the necessary tools and functionalities for participating in the +baking process, such as block creation, attestations, and protocol-specific +consensus mechanisms. + +.SH OPTIONS +.TP +.B \-h, \-\-help +Display help information. + +.TP +.B \-\-version +Display version information. + +.SH SEE ALSO +Online Octez Documentation: https://tezos.gitlab.io/shell/cli-commands.html + +.SH BUGS +Report bugs to: https://gitlab.com/tezos/tezos/-/issues diff --git a/scripts/packaging/octez/scripts/systemd-octez-agnostic-baker.sh b/scripts/packaging/octez/scripts/systemd-octez-agnostic-baker.sh new file mode 100755 index 0000000000000000000000000000000000000000..9656c12e1ad10315e3d009a1182ac9ca2ce67b69 --- /dev/null +++ b/scripts/packaging/octez/scripts/systemd-octez-agnostic-baker.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# + +# Check if the argument is valid (start or stop) +if [ "$1" != "start" ] && [ "$1" != "stop" ]; then + echo "Usage: $0 {start|stop}" + exit 1 +fi + +# Loop through each file matching the pattern +# NB: we avoid selecting `-alpha` or `-next` bakers +for file in /usr/bin/octez-accuser-P*; do + file=$(basename "$file") + proto=$(echo "$file" | sed 's/^octez-accuser-//') + + # Enable or start/stop the systemd service based on the argument + if [ "$1" = "start" ]; then + if grep -q "\-\-dal-node" /etc/default/octez-baker; then + systemctl enable octez-dal-node + systemctl start octez-dal-node + fi + systemctl enable "octez-agnostic-baker-bin" + systemctl start "octez-agnostic-baker-bin" + systemctl enable "octez-accuser@$proto" + systemctl start "octez-accuser@$proto" + + elif [ "$1" = "stop" ]; then + systemctl stop "octez-accuser@$proto" + if grep -q "\-\-dal-node" /etc/default/octez-baker; then + systemctl stop octez-dal-node + fi + fi +done + +echo "systemd-octez-agnostic-baker.sh done" diff --git a/scripts/packaging/tests/deb/install-bin-deb.sh b/scripts/packaging/tests/deb/install-bin-deb.sh index 901537ee51dcb048a0880a86bbccb4b17060cc78..7c1438c49461dbbc7cdea3374c5ce1f02fe53160 100755 --- a/scripts/packaging/tests/deb/install-bin-deb.sh +++ b/scripts/packaging/tests/deb/install-bin-deb.sh @@ -6,7 +6,26 @@ set -x REPO="https://storage.googleapis.com/${GCP_LINUX_PACKAGES_BUCKET:-tezos-linux-repo}/$CI_COMMIT_REF_NAME" DISTRO=$1 RELEASE=$2 -DATADIR=${3:-} + +shift 2 +DATADIR= +AGNOSTIC_BAKER= +while [ $# -gt 0 ]; do + case "$1" in + --data-dir) + DATADIR="$2" + shift 2 + ;; + --agnostic-baker) + AGNOSTIC_BAKER="$2" + shift 2 + ;; + *) + echo "Unknown argument: $1" + exit 1 + ;; + esac +done # include apt-get function with retry . scripts/packaging/tests/tests-common.inc.sh @@ -37,6 +56,7 @@ octez-node octez-node/purge_warning boolean true octez-node octez-node/snapshot-import boolean true octez-node octez-node/snapshot-no-check boolean true octez-baker octez-baker/liquidity-vote select on +octez-agnostic-baker octez-baker/liquidity-vote select on debconf debconf/frontend select Noninteractive EOF # preseed the package @@ -46,7 +66,11 @@ EOF sudo debconf-get-selections | grep octez fi -apt-get install -y octez-baker +if [ "${AGNOSTIC_BAKER:-}" = "true" ]; then + apt-get install -y octez-agnostic-baker +else + apt-get install -y octez-baker +fi if [ -n "$DATADIR" ]; then echo "Setup Custom data dir" diff --git a/scripts/packaging/tests/systemd-docker-test.sh b/scripts/packaging/tests/systemd-docker-test.sh index 1746858d1fdad9001af97feb9e8da85804a02023..8a33ce287af6bd9cc2be66e866f250307673735f 100755 --- a/scripts/packaging/tests/systemd-docker-test.sh +++ b/scripts/packaging/tests/systemd-docker-test.sh @@ -50,6 +50,14 @@ while ! docker inspect -f '{{.State.Running}}' systemd 2> /dev/null | grep -q tr elapsed=$((elapsed + 1)) done +ARGS="" +if [ -n "${DATADIR:-}" ]; then + ARGS="$ARGS --data-dir $DATADIR" +fi +if [ -n "${AGNOSTIC_BAKER:-}" ]; then + ARGS="$ARGS --agnostic-baker $AGNOSTIC_BAKER" +fi + # Execute the command inside the container docker exec \ -e "PREFIX=$PREFIX" \ @@ -62,7 +70,7 @@ docker exec \ -e "CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA" \ -e "GCP_LINUX_PACKAGES_BUCKET=$GCP_LINUX_PACKAGES_BUCKET" \ -i systemd \ - /bin/sh -c "$TESTFILE $DISTRIBUTION $RELEASE ${DATADIR:-}" + /bin/sh -c "$TESTFILE $DISTRIBUTION $RELEASE $ARGS" # Capture exit status EXIT=$? diff --git a/scripts/packaging/tests/tests-systemd-common.inc.sh b/scripts/packaging/tests/tests-systemd-common.inc.sh index 76dff7855d36b4e54caa6d1e4f0c080f48f6f222..d70de7a0b00f99ed7598003717fb09cd4be654e3 100644 --- a/scripts/packaging/tests/tests-systemd-common.inc.sh +++ b/scripts/packaging/tests/tests-systemd-common.inc.sh @@ -6,13 +6,21 @@ systemctl start octez-node.service # give some time to the node to create the identity # otherwise the octez-client call below will give an error -/usr/share/octez-baker/wait-for-node-up.sh +if [ "${AGNOSTIC_BAKER:-}" = "true" ]; then + /usr/share/octez-agnostic-baker/wait-for-node-up.sh +else + /usr/share/octez-baker/wait-for-node-up.sh +fi su tezos -c "octez-client gen keys alice" key=$(su tezos -c "octez-client show address alice" | grep Hash: | awk '{ print $2 }') echo "BAKER_KEY=$key" >> /etc/default/octez-baker -systemctl start octez-baker.service +if [ "${AGNOSTIC_BAKER:-}" = "true" ]; then + systemctl start octez-agnostic-baker.service +else + systemctl start octez-baker.service +fi su tezos -c "octez-node config show" @@ -27,15 +35,24 @@ echo "Log: /var/log/tezos/node.log" echo "-----------------------" tail /var/log/tezos/node.log -systemctl status octez-baker.service +if [ "${AGNOSTIC_BAKER:-}" = "true" ]; then + systemctl status octez-agnostic-baker.service + systemctl status octez-agnostic-baker-bin.service -for logfile in /var/log/tezos/baker-P*.log; do - proto=$(basename "$logfile" | sed -E 's/baker-(P[^.]+).log/\1/') - systemctl status "octez-baker@$proto.service" - echo "Log: $logfile" + echo "Log: /var/log/tezos/agnostic-baker.log" echo "-----------------------" - tail "$logfile" -done + tail /var/log/tezos/agnostic-baker.log +else + systemctl status octez-baker.service + + for logfile in /var/log/tezos/baker-P*.log; do + proto=$(basename "$logfile" | sed -E 's/baker-(P[^.]+).log/\1/') + systemctl status "octez-baker@$proto.service" + echo "Log: $logfile" + echo "-----------------------" + tail "$logfile" + done +fi for logfile in /var/log/tezos/accuser-P*.log; do proto=$(basename "$logfile" | sed -E 's/accuser-(P[^.]+).log/\1/')