From 936afd98fb561107ec3de067feb1d08a7ebd89f2 Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Thu, 3 Aug 2023 11:17:08 +0200 Subject: [PATCH 1/5] packaging: add dpkg packages scripts --- scripts/dpkg/baker-control.in | 6 + scripts/dpkg/baker.postinst | 4 + scripts/dpkg/client-control.in | 6 + scripts/dpkg/experimental-control.in | 6 + scripts/dpkg/make_dpkg.sh | 133 ++++++++++++++++ scripts/dpkg/node-control.in | 6 + scripts/dpkg/node.postinst | 16 ++ scripts/dpkg/signer-control.in | 6 + scripts/dpkg/signer.postinst | 16 ++ scripts/dpkg/smartrollup-control.in | 6 + scripts/dpkg/smartrollup.postinst | 4 + scripts/pkg-common/baker-binaries.in | 2 + scripts/pkg-common/baker.conf | 29 ++++ scripts/pkg-common/baker.initd.in | 133 ++++++++++++++++ scripts/pkg-common/client-binaries.in | 4 + scripts/pkg-common/experimental-binaries | 8 + scripts/pkg-common/node-binaries | 2 + scripts/pkg-common/node-zcash | 2 + scripts/pkg-common/node.conf | 20 +++ scripts/pkg-common/node.initd.in | 102 ++++++++++++ scripts/pkg-common/signer-binaries | 1 + scripts/pkg-common/signer.conf | 73 +++++++++ scripts/pkg-common/signer.initd.in | 132 ++++++++++++++++ scripts/pkg-common/smartrollup-binaries.in | 3 + scripts/pkg-common/smartrollup.conf | 18 +++ scripts/pkg-common/smartrollup.initd.in | 120 ++++++++++++++ scripts/pkg-common/utils.sh | 176 +++++++++++++++++++++ scripts/pkg-common/vdf.initd.in | 112 +++++++++++++ 28 files changed, 1146 insertions(+) create mode 100644 scripts/dpkg/baker-control.in create mode 100644 scripts/dpkg/baker.postinst create mode 100644 scripts/dpkg/client-control.in create mode 100644 scripts/dpkg/experimental-control.in create mode 100755 scripts/dpkg/make_dpkg.sh create mode 100644 scripts/dpkg/node-control.in create mode 100644 scripts/dpkg/node.postinst create mode 100644 scripts/dpkg/signer-control.in create mode 100644 scripts/dpkg/signer.postinst create mode 100644 scripts/dpkg/smartrollup-control.in create mode 100644 scripts/dpkg/smartrollup.postinst create mode 100644 scripts/pkg-common/baker-binaries.in create mode 100644 scripts/pkg-common/baker.conf create mode 100755 scripts/pkg-common/baker.initd.in create mode 100644 scripts/pkg-common/client-binaries.in create mode 100644 scripts/pkg-common/experimental-binaries create mode 100644 scripts/pkg-common/node-binaries create mode 100644 scripts/pkg-common/node-zcash create mode 100644 scripts/pkg-common/node.conf create mode 100755 scripts/pkg-common/node.initd.in create mode 100644 scripts/pkg-common/signer-binaries create mode 100644 scripts/pkg-common/signer.conf create mode 100755 scripts/pkg-common/signer.initd.in create mode 100644 scripts/pkg-common/smartrollup-binaries.in create mode 100644 scripts/pkg-common/smartrollup.conf create mode 100755 scripts/pkg-common/smartrollup.initd.in create mode 100644 scripts/pkg-common/utils.sh create mode 100755 scripts/pkg-common/vdf.initd.in diff --git a/scripts/dpkg/baker-control.in b/scripts/dpkg/baker-control.in new file mode 100644 index 000000000000..46daf0c2b178 --- /dev/null +++ b/scripts/dpkg/baker-control.in @@ -0,0 +1,6 @@ +Package: @PKG@ +Version: @VERSION@ +Architecture: @ARCH@ +Maintainer: @MAINT@ +Description: The Octez Baker daemons +Depends: bash, @DPKG@-node (>=@VERSION@), @DEPENDS@ diff --git a/scripts/dpkg/baker.postinst b/scripts/dpkg/baker.postinst new file mode 100644 index 000000000000..ae06162aaad1 --- /dev/null +++ b/scripts/dpkg/baker.postinst @@ -0,0 +1,4 @@ +#!/bin/sh + +# Reload to get new init scripts +/usr/bin/systemctl daemon-reload diff --git a/scripts/dpkg/client-control.in b/scripts/dpkg/client-control.in new file mode 100644 index 000000000000..94ffeba473a5 --- /dev/null +++ b/scripts/dpkg/client-control.in @@ -0,0 +1,6 @@ +Package: @PKG@ +Version: @VERSION@ +Architecture: @ARCH@ +Maintainer: @MAINT@ +Description: The Octez client +Depends: @DEPENDS@ diff --git a/scripts/dpkg/experimental-control.in b/scripts/dpkg/experimental-control.in new file mode 100644 index 000000000000..7b9c8016cffc --- /dev/null +++ b/scripts/dpkg/experimental-control.in @@ -0,0 +1,6 @@ +Package: @PKG@ +Version: @VERSION@ +Architecture: @ARCH@ +Maintainer: @MAINT@ +Description: The Octez experimental binaries +Depends: @DPKG@-baker (>=@VERSION@), @DEPENDS@ diff --git a/scripts/dpkg/make_dpkg.sh b/scripts/dpkg/make_dpkg.sh new file mode 100755 index 000000000000..d31f1141b141 --- /dev/null +++ b/scripts/dpkg/make_dpkg.sh @@ -0,0 +1,133 @@ +#!/bin/sh + +# Debian/Ubuntu package build for Octez +# +# (c) Chris Pinnock 2022-3, Supplied under a MIT license. +# see ../pkg-common/utils.sh for more detail + +set -eu + +# Setup +# +myhome=scripts/dpkg +common=scripts/pkg-common +dieonwarn=${dieonwarn:-1} + +#shellcheck disable=SC1091 +. ${common}/utils.sh +protocols=${protocols:?protocols not specified} # Not used? + +warnings +pkg_vers=$(getOctezVersion) +staging_root=_dpkgstage + +# Checking prerequisites +# +if ! which dpkg-deb >/dev/null 2>&1; then + echo "Needs to run on a system with dpkg-deb in path" >&2 + exit 2 +fi + +# Get the local architecture +# +eval "$(dpkg-architecture)" +dpkg_arch=$DEB_BUILD_ARCH + +# For each control file in the directory, build a package +# +for control_file in "$myhome"/*control.in; do + pg=$(basename "$control_file" | sed -e 's/-control.in$//g') + echo "===> Building package $pg v$pkg_vers rev $OCTEZ_PKGREV" + + # Derivative variables + # + dpkg_name=${OCTEZ_PKGNAME}-${pg} + init_name=${OCTEZ_REALNAME}-${pg} + dpkg_dir="${dpkg_name}_${pkg_vers}-${OCTEZ_PKGREV}_${dpkg_arch}" + dpkg_fullname="${dpkg_dir}.deb" + + binaries=$(fixBinaryList "${common}/${pg}-binaries") + + if [ -f "$dpkg_fullname" ]; then + echo "built already - skipping" + continue + fi + + # Populate the staging directory with control scripts + # binaries and configuration as appropriate + # + staging_dir="$staging_root/$dpkg_dir" + + rm -rf "${staging_dir}" + mkdir -p "${staging_dir}/DEBIAN" + + if [ -n "$binaries" ]; then + echo "=> Populating directory with binaries" + mkdir -p "${staging_dir}/usr/bin" + for bin in ${binaries}; do + if [ -f "${bin}" ]; then + echo "Installing ${bin}" + install -s -t "${staging_dir}/usr/bin" "${bin}" + else + echo "WARN: ${bin} not found" + [ "$dieonwarn" = "1" ] && exit 1 + fi + done + + # Shared libraries + # + mkdir -p "${staging_dir}/debian" + touch "${staging_dir}/debian/control" + + echo "=> Finding shared library dependencies" + + deps=$(cd "${staging_dir}" && dpkg-shlibdeps -O usr/bin/* | sed -e 's/^shlibs://g' -e 's/^Depends=//g') + rm "${staging_dir}/debian/control" + rmdir "${staging_dir}/debian" + fi + + # Edit the control file to contain real values + # + sed -e "s/@ARCH@/${dpkg_arch}/g" -e "s/@VERSION@/$pkg_vers/g" \ + -e "s/@MAINT@/${OCTEZ_PKGMAINTAINER}/g" \ + -e "s/@PKG@/${dpkg_name}/g" \ + -e "s/@DPKG@/${OCTEZ_PKGNAME}/g" \ + -e "s/@DEPENDS@/${deps}/g" < "$control_file" \ + > "${staging_dir}/DEBIAN/control" + + # Install hook scripts (not used initially) + # + for src in postinst preinst postrm prerm; do + if [ -f "${myhome}/${pg}.$src" ]; then + cp "${myhome}/${pg}.$src" "${staging_dir}/DEBIAN/$src" + chmod +x "${staging_dir}/DEBIAN/$src" + fi + done + + + # init.d scripts + # + initdScripts "${common}/${pg}.initd.in" "${init_name}" "${staging_dir}" + if [ "$pg" = "baker" ]; then + initdScripts "${common}/vdf.initd.in" octez-vdf "${staging_dir}" + fi + + # Configuration files + # + if [ -f "${common}/${pg}.conf" ]; then + mkdir -p "${staging_dir}/etc/octez" + expand_PROTOCOL "${common}/${pg}.conf" > "${staging_dir}/etc/octez/${pg}.conf" + echo "/etc/octez/${pg}.conf" > "${staging_dir}/DEBIAN/conffiles" + fi + + # Zcash parameters ships with some packages + # + zcashParams "${common}/${pg}-zcash" \ + "${staging_dir}/usr/share/zcash-params" + + # Build the package + # + echo "=> Constructing package ${dpkg_fullname}" + dpkg-deb -v --build --root-owner-group "${staging_dir}" + mv "${staging_root}/${dpkg_fullname}" . +done diff --git a/scripts/dpkg/node-control.in b/scripts/dpkg/node-control.in new file mode 100644 index 000000000000..b77c13cb7419 --- /dev/null +++ b/scripts/dpkg/node-control.in @@ -0,0 +1,6 @@ +Package: @PKG@ +Version: @VERSION@ +Architecture: @ARCH@ +Maintainer: @MAINT@ +Description: The Octez node server +Depends: bash, adduser, @DPKG@-client (>=@VERSION@), @DEPENDS@ diff --git a/scripts/dpkg/node.postinst b/scripts/dpkg/node.postinst new file mode 100644 index 000000000000..f8cbb3970b38 --- /dev/null +++ b/scripts/dpkg/node.postinst @@ -0,0 +1,16 @@ +#!/bin/sh + +user=tezos +group=tezos +homedir=/var/tezos + +# Ensure the tezos user is created +getent group ${group} >/dev/null 2>&1 || addgroup --system ${group} +getent passwd ${user} >/dev/null 2>&1 || adduser --system \ + --home $homedir \ + --shell /bin/bash \ + --disabled-password \ + --ingroup ${group} ${user} + +# Reload to get new init scripts +/usr/bin/systemctl daemon-reload diff --git a/scripts/dpkg/signer-control.in b/scripts/dpkg/signer-control.in new file mode 100644 index 000000000000..7d1c2d5caf6b --- /dev/null +++ b/scripts/dpkg/signer-control.in @@ -0,0 +1,6 @@ +Package: @PKG@ +Version: @VERSION@ +Architecture: @ARCH@ +Maintainer: @MAINT@ +Description: The Octez Signer +Depends: adduser, @DEPENDS@ diff --git a/scripts/dpkg/signer.postinst b/scripts/dpkg/signer.postinst new file mode 100644 index 000000000000..0517aa58e002 --- /dev/null +++ b/scripts/dpkg/signer.postinst @@ -0,0 +1,16 @@ +#!/bin/sh + +user=tzsigner +group=tzsigner +homedir=/var/tzsigner + +# Ensure the tzsigner user is created +getent group ${group} >/dev/null 2>&1 || addgroup --system ${group} +getent passwd ${user} >/dev/null 2>&1 || adduser --system \ + --home $homedir \ + --shell /bin/bash \ + --disabled-password \ + --ingroup ${group} ${user} + +# Reload to get new init scripts +/usr/bin/systemctl daemon-reload diff --git a/scripts/dpkg/smartrollup-control.in b/scripts/dpkg/smartrollup-control.in new file mode 100644 index 000000000000..32f6b6509dca --- /dev/null +++ b/scripts/dpkg/smartrollup-control.in @@ -0,0 +1,6 @@ +Package: @PKG@ +Version: @VERSION@ +Architecture: @ARCH@ +Maintainer: @MAINT@ +Description: The Octez SCORU daemons +Depends: @DPKG@-node (>=@VERSION@), @DEPENDS@ diff --git a/scripts/dpkg/smartrollup.postinst b/scripts/dpkg/smartrollup.postinst new file mode 100644 index 000000000000..ae06162aaad1 --- /dev/null +++ b/scripts/dpkg/smartrollup.postinst @@ -0,0 +1,4 @@ +#!/bin/sh + +# Reload to get new init scripts +/usr/bin/systemctl daemon-reload diff --git a/scripts/pkg-common/baker-binaries.in b/scripts/pkg-common/baker-binaries.in new file mode 100644 index 000000000000..b0b2347ce358 --- /dev/null +++ b/scripts/pkg-common/baker-binaries.in @@ -0,0 +1,2 @@ +octez-baker-@PROTOCOL@ +octez-accuser-@PROTOCOL@ diff --git a/scripts/pkg-common/baker.conf b/scripts/pkg-common/baker.conf new file mode 100644 index 000000000000..53621ac7373c --- /dev/null +++ b/scripts/pkg-common/baker.conf @@ -0,0 +1,29 @@ +# User to run as +user=tezos +group=tezos + +# Wait for Node to bootstrap before starting bakers +waitfornode=yes + +# Keepalive - don't exit if node disappears (if yes) +keepalive=yes + +# Change this if your node is running on a non-standard RPC port +#rpcport=8732 + +# Override Protocols here, but if you do - remember to come +# back when you upgrade major versions! +#protocols="@PROTOCOLS@" + +# These must be set and are local to you +# +# Liquidity baking (must be set to yay, nay or pass) +#lq_vote="pass" + +# Once you have setup a wallet or ledger (or similar), you are ready +# to bake. Setup your key alias here (must be set). +#baking_key="ledger_tezos" + +# Other command line options to pass to the bakers +# +othercliopts_baker_@PROTOCOL@="" diff --git a/scripts/pkg-common/baker.initd.in b/scripts/pkg-common/baker.initd.in new file mode 100755 index 000000000000..4b4663290911 --- /dev/null +++ b/scripts/pkg-common/baker.initd.in @@ -0,0 +1,133 @@ +#!/bin/bash +# Start/stop the Octez Bakers and Accusers +# +### BEGIN INIT INFO +# Provides: octez-baker +# Required-Start: octez-node +# Required-Stop: +# Should-Start: $network $named +# Should-Stop: $network $named +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: The Octez Baking daemons +# Description: The Octez Bakers bake new blocks on the Tezos blockchain +# and the Accusers look for bad behaviour +### END INIT INFO + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +export DESC="octez baker" +NAME=octez-baker +PIDDIR=/var/run/tezos +PIDFILEA=$PIDDIR/octez-accuser.pid +PIDFILEB=$PIDDIR/octez-baker.pid +export SCRIPTNAME=/etc/init.d/"$NAME" + +if [ -f "/lib/lsb/init-functions" ]; then + . /lib/lsb/init-functions +else + . /etc/rc.d/init.d/functions +fi + +# Defaults +user=tezos +group=tezos +nodedir=/var/tezos/node +logdir=/var/log/tezos +rotateonstart=yes +protocols="@PROTOCOLS@" +waitfornode=yes +othercliopts_baker_@PROTOCOL@="" +keepalive=yes +keepalive_opt="-K" + +#shellcheck disable=SC1091 +[ -r /etc/octez/node.conf ] && . /etc/octez/node.conf +#shellcheck disable=SC1091 +[ -r /etc/octez/baker.conf ] && . /etc/octez/baker.conf + +logfile_basea="${logdir}/accuser_" +logfile_baseb="${logdir}/baker_" +baker="/usr/bin/octez-baker" +accuser="/usr/bin/octez-accuser" + +[ "${keepalive}" != "yes" ] && keepalive_opt="" + +initial_checks() +{ + mkdir -p ${PIDDIR} + chown $user:$group ${PIDDIR} + + mkdir -p ${logdir} + if [ -z "$lq_vote" ]; then + echo "lq_vote must be set in /etc/octez/baker.conf" >&2 + exit 3 + fi + if [ -z "$baking_key" ]; then + echo "baking_key must be set in /etc/octez/baker.conf" >&2 + exit 3 + fi + +} + +wait_for_bootstrap() +{ + echo "Waiting for node to be bootstrapped" >&2 + + while :; do + /usr/bin/octez-client bootstrapped >/dev/null 2>&1 && break + echo "Node not ready - sleeping for 30 seconds" >&2 + sleep 30 + + done + +} + +rotate_logs () +{ + if [ ${rotateonstart} = "yes" ]; then + for p in ${protocols}; do + mv -f "${logfile_baseb}${p}.log" "${logfile_baseb}${p}.log.1" + mv -f "${logfile_basea}${p}.log" "${logfile_basea}${p}.log.1" + done + fi +} + +case "$1" in +start) initial_checks + rotate_logs + [ "$waitfornode" = "yes" ] && wait_for_bootstrap + for p in ${protocols}; do + [ ! -x "${baker}-$p" ] && continue + + othercliopts="othercliopts_baker_$p" + su $user -c "${baker}-$p run with local node $nodedir $baking_key --liquidity-baking-toggle-vote $lq_vote --pidfile ${PIDFILEB}-$p ${keepalive_opt} ${!othercliopts} >> ${logfile_baseb}${p}.log 2>&1 &" + su $user -c "${accuser}-$p run ${keepalive_opt} --pidfile ${PIDFILEA}-$p >> ${logfile_basea}${p}.log 2>&1 &" + done + ;; +stop) + for p in ${protocols}; do + [ ! -x "${baker}-$p" ] && continue + kill "$(cat ${PIDFILEB}-$p)" + kill "$(cat ${PIDFILEA}-$p)" + rm -f ${PIDFILEB}-$p ${PIDFILEA}-$p + done + ;; +restart) + $0 stop + $0 start + ;; +reload|force-reload) + ;; +status) + for p in ${protocols}; do + [ ! -x "${baker}-$p" ] && continue + status_of_proc -p ${PIDFILEB}-$p ${baker}-$p $NAME || exit $? + status_of_proc -p ${PIDFILEA}-$p ${accuser}-$p $NAME || exit $? + done + exit 0 + ;; +*) echo "Usage: $0 {start|stop|status|restart|reload|force-reload}" >&2 + exit 2 + ;; +esac +exit 0 diff --git a/scripts/pkg-common/client-binaries.in b/scripts/pkg-common/client-binaries.in new file mode 100644 index 000000000000..64de04b614ac --- /dev/null +++ b/scripts/pkg-common/client-binaries.in @@ -0,0 +1,4 @@ +octez-client +octez-admin-client +octez-codec +octez-smart-rollup-client-@PROTOCOL@ diff --git a/scripts/pkg-common/experimental-binaries b/scripts/pkg-common/experimental-binaries new file mode 100644 index 000000000000..80aa101f8b35 --- /dev/null +++ b/scripts/pkg-common/experimental-binaries @@ -0,0 +1,8 @@ +octez-evm-proxy-server +octez-dac-node +octez-dac-client +octez-dal-node +octez-smart-rollup-node-alpha +octez-smart-rollup-client-alpha +octez-accuser-alpha +octez-baker-alpha diff --git a/scripts/pkg-common/node-binaries b/scripts/pkg-common/node-binaries new file mode 100644 index 000000000000..c7d9f218aabf --- /dev/null +++ b/scripts/pkg-common/node-binaries @@ -0,0 +1,2 @@ +octez-node +octez-proxy-server diff --git a/scripts/pkg-common/node-zcash b/scripts/pkg-common/node-zcash new file mode 100644 index 000000000000..3aa5d9f0de82 --- /dev/null +++ b/scripts/pkg-common/node-zcash @@ -0,0 +1,2 @@ +sapling-output.params +sapling-spend.params diff --git a/scripts/pkg-common/node.conf b/scripts/pkg-common/node.conf new file mode 100644 index 000000000000..dfe0b1139a5c --- /dev/null +++ b/scripts/pkg-common/node.conf @@ -0,0 +1,20 @@ +# User to run as +# +user=tezos +group=tezos + +# Data Directory +# An independent mount point of /var/tezos is recommended +# +nodedir=/var/tezos/node + +# Logfile +# +logdir=/var/log/tezos +logfile=${logdir}/node.log +rotateonstart=yes + +# Other options to pass the node +# +othercliopts_node="" + diff --git a/scripts/pkg-common/node.initd.in b/scripts/pkg-common/node.initd.in new file mode 100755 index 000000000000..891577cdec19 --- /dev/null +++ b/scripts/pkg-common/node.initd.in @@ -0,0 +1,102 @@ +#!/bin/sh +# Start/stop the Octez Node +# +### BEGIN INIT INFO +# Provides: octez-node +# Required-Start: +# Required-Stop: +# Should-Start: $network $named +# Should-Stop: $network $named +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: The Octez Node daemon +# Description: The Octez Node listens to the Tezos gossip network and +# maintains a local copy of the Tezos blockchain. +### END INIT INFO + +set -eu + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +export DESC="octez node" +NAME=octez-node +DAEMON=/usr/bin/octez-node +export SCRIPTNAME=/etc/init.d/"$NAME" +PIDDIR=/var/run/tezos +PIDFILE=${PIDDIR}/octez-node.pid + +test -f $DAEMON || exit 0 + +if [ -f "/lib/lsb/init-functions" ]; then + . /lib/lsb/init-functions +else + . /etc/rc.d/init.d/functions +fi + +# Defaults +user=tezos +group=tezos +nodedir=/var/tezos/node +logdir=/var/log/tezos +rotateonstart=yes +othercliopts_node="" + +#shellcheck disable=SC1091 +[ -r /etc/octez/node.conf ] && . /etc/octez/node.conf +[ -z "$logfile" ] && logfile=${logdir}/node.log + +initial_configuration () +{ + + # Check that the node has been configured + # + if [ ! -f "${nodedir}/config.json" ]; then + echo "Cannot find configuration" >&2 + exit 2 + fi + + mkdir -p ${PIDDIR} + chown ${user}:${group} ${PIDDIR} + +} + +rotate_logs () +{ + # Make log files and rotate if necessary + # + mkdir -p ${logdir} + chown -R $user:$group ${logdir} + if [ ${rotateonstart} = "yes" ]; then + [ -f "${logfile}" ] && mv "${logfile}" "${logfile}.1" + fi +} + +case "$1" in +start) initial_configuration + rotate_logs + if [ -f "${PIDFILE}" ]; then + echo "Octez node already running?" >&2 + exit 2 + fi + su $user -c "${DAEMON} run --data-dir ${nodedir} --log-output=${logfile} ${othercliopts_node} & echo \$! > ${PIDFILE}" & + ;; +stop) + if [ -f "${PIDFILE}" ]; then + kill "$(cat ${PIDFILE})" + rm -f ${PIDFILE} + fi + ;; +restart) + $0 stop + $0 start + ;; +reload|force-reload) + # cron reloads automatically + ;; +status) + pgrep octez-node && exit 0 || exit $? + ;; +*) echo "Usage: $0 {start|stop|status|restart|reload|force-reload}" >&2 + exit 2 + ;; +esac +exit 0 diff --git a/scripts/pkg-common/signer-binaries b/scripts/pkg-common/signer-binaries new file mode 100644 index 000000000000..b69fe724d024 --- /dev/null +++ b/scripts/pkg-common/signer-binaries @@ -0,0 +1 @@ +octez-signer diff --git a/scripts/pkg-common/signer.conf b/scripts/pkg-common/signer.conf new file mode 100644 index 000000000000..eb99406f7257 --- /dev/null +++ b/scripts/pkg-common/signer.conf @@ -0,0 +1,73 @@ +# User to run as +# +user=tzsigner +group=tzsigner + +# The Signer data directory +# +datadir=~${user}/.tezos-signer + +# Logfile +# +logdir=/var/log/tzsigner +logfile=${logdir}/signer.log +rotateonstart=yes + +# Type can be socket, local, http or https +# +type=http + +# For type=https (irrelevant for other methods) +# +httpsdir=/etc/octez-certs +https_cert=${httpsdir}/certificate +https_key=${httpsdir}/key + +# For Socket, HTTP & HTTPS you can adjust the port +# For HTTP & HTTPS you can specify the listen address +# WARNING: out of the box, the default is to listen only on +# the localhost address +# +port=6732 +#address=0.0.0.0 + +# For Local you can specify the Local UNIX socket file +# +socket_file=/var/tzsigner/sock + +# Authentication key. If set to yes, you will need to use +# "octez-signer add authorized key" +auth="no" + +# HWM restriction check (double bake check) +# +hwm_check=no + +# Restrict the signer to the following types - the default +# is to allow all types. This may not be what you want for your +# production system. +# +magic_bytes="" + +# For Baking and Attesting (Endorsing) you might want +#magic_bytes="0x11,0x12,0x13" +#hwm_check=yes + +# Magic bytes: +# +# Legacy block 0x01 +# Legacy end. 0x02 +# Transfer 0x03 +# Auth'ed signing request 0x04 +# Michelson data 0x05 +# Block 0x11 +# Pre-attest'n 0x12 +# Attestation 0x13 + +# Authentication key. If set, you will need to use +# "octez-signer add authorized key" +auth_key="" + +# Other options to pass the signer +# +othercliopts_signer="" diff --git a/scripts/pkg-common/signer.initd.in b/scripts/pkg-common/signer.initd.in new file mode 100755 index 000000000000..efa82aeaf477 --- /dev/null +++ b/scripts/pkg-common/signer.initd.in @@ -0,0 +1,132 @@ +#!/bin/bash +# Start/stop the Octez Remote Signer +# +### BEGIN INIT INFO +# Provides: octez-signer +# Required-Start: +# Required-Stop: +# Should-Start: $network $named +# Should-Stop: $network $named +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: The Octez Remote Signer +# Description: The Octez Remote Signer provides a layer between +# the key and the Baker. +### END INIT INFO + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DESC="octez signer" +NAME=octez-signer +DAEMON=/usr/bin/octez-signer +PIDDIR=/var/run/tzsigner +PIDFILE=${PIDDIR}/octez-signer.pid +SCRIPTNAME=/etc/init.d/"$NAME" + +if [ -f "/lib/lsb/init-functions" ]; then + . /lib/lsb/init-functions +else + . /etc/rc.d/init.d/functions +fi + +# Defaults +user=tzsigner +group=tzsigner +datadir=~${user}/.tezos-signer +logdir=/var/log/tzsigner +rotateonstart=yes +port=6732 +address="" +auth="no" +socket_file=/var/tzsigner/sock + +othercliopts_signer="" + +httpsdir=/etc/octez-certs +https_cert=${httpsdir}/certificate +https_key=${httpsdir}/key + +[ -r /etc/octez/signer.conf ] && . /etc/octez/signer.conf +[ -z "$logfile" ] && logfile=${logdir}/signer.log + +logfile="${logdir}/signer.log" + +https_cli="" +magic_cli="" +port_cli="-p $port" +hwm_cli="" +address_cli="" +auth_cli="" + +[ ! -z "$magic_bytes" ] && magic_cli="-M $magic_bytes" +[ "$hwm_check" = "yes" ] && hwm_cli="-W" +[ "$auth" = "yes" ] && auth_cli="-A" +[ ! -z "$address" ] && address_cli="-a $address" + +initial_checks() +{ + mkdir -p ${logdir} ${PIDDIR} + chown ${user}:${group} ${logdir} ${PIDDIR} + if [ -z "$type" ]; then + echo "type must be set in /etc/octez/signer.conf" >&2 + exit 3 + fi + + case $type in + https) + [ ! -f "$https_cert" ] && \ + echo "Cannot find TLS certificate for https" >&2 \ + && exit 3 + [ ! -f "$https_key" ] && \ + echo "Cannot find TLS key for https" >&2 \ + && exit 3 + https_cli="\"$https_cert\" \"$https_key\"" + ;; + http) + ;; + socket) + ;; + local) + address_cli="" + port_cli="-s \"$socket_file\"" + ;; + *) + echo "type must be one of http, https, local or socket" >&2 + exit 3 + esac +} + +rotate_logs () +{ + if [ ${rotateonstart} = "yes" ]; then + mv -f "${logfile}" "${logfile}.1" + fi +} + +case "$1" in +start) + initial_checks + rotate_logs + su $user -c "${DAEMON} -d ${datadir} ${auth_cli} \ + launch ${type} signer \ + ${https_cli} \ + -P ${PIDFILE} \ + ${magic_cli} ${port_cli} ${hwm_cli} \ + ${address_cli} ${othercliopts_signer} > ${logfile} 2>&1 &" + ;; +stop) + kill `cat ${PIDFILE}` + rm -f ${PIDFILE} + ;; +restart|reload|force-reload) + $0 stop + $0 start + ;; +status) + status_of_proc -p ${PIDFILE} ${DAEMON} $NAME || exit $? + exit 0 + ;; +*) echo "Usage: $0 {start|stop|status|restart|reload|force-reload}" >&2 + exit 2 + ;; +esac +exit 0 diff --git a/scripts/pkg-common/smartrollup-binaries.in b/scripts/pkg-common/smartrollup-binaries.in new file mode 100644 index 000000000000..458554c106db --- /dev/null +++ b/scripts/pkg-common/smartrollup-binaries.in @@ -0,0 +1,3 @@ +octez-smart-rollup-wasm-debugger +octez-smart-rollup-node +octez-smart-rollup-node-@PROTOCOL@ diff --git a/scripts/pkg-common/smartrollup.conf b/scripts/pkg-common/smartrollup.conf new file mode 100644 index 000000000000..01c37cbbd15e --- /dev/null +++ b/scripts/pkg-common/smartrollup.conf @@ -0,0 +1,18 @@ +# User to run as +#user=tezos +#group=tezos + +# Data directories +#clientdir=~tezos/.tezos-client +rollupdatadir=/var/tezos/smartrollup + +# Wait for Node to bootstrap before starting rollup node +waitfornode=yes + +# Protocols - override here +#protocols="@PROTOCOLS@" + + +# Other command line options to pass to the rollup daemons +# +othercliopts_smartrollup_@PROTOCOL@="" diff --git a/scripts/pkg-common/smartrollup.initd.in b/scripts/pkg-common/smartrollup.initd.in new file mode 100755 index 000000000000..9258c23d40d2 --- /dev/null +++ b/scripts/pkg-common/smartrollup.initd.in @@ -0,0 +1,120 @@ +#!/bin/bash +# Start/stop the Octez Bakers and Accusers +# +### BEGIN INIT INFO +# Provides: octez-smartrollup +# Required-Start: octez-node +# Required-Stop: +# Should-Start: $network $named +# Should-Stop: $network $named +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: The Octez Smart Rollup daemons +# Description: The Octez Smart Rollup daemons manage a rollup on the +# Tezos network. +### END INIT INFO + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DESC="octez smartrollup" +NAME=octez-smartrollup +PIDDIR=/var/run/tezos +SCRIPTNAME=/etc/init.d/"$NAME" + +if [ -f "/lib/lsb/init-functions" ]; then + . /lib/lsb/init-functions +else + . /etc/rc.d/init.d/functions +fi + +# Defaults +user=tezos +group=tezos +nodedir=/var/tezos/node +clientdir=~tezos/.tezos-client +logdir=/var/log/tezos +rotateonstart=yes +waitfornode=yes +rpcport=8732 +othercliopts_smartrollup="" + +[ -r /etc/octez/node.conf ] && . /etc/octez/node.conf +[ -r /etc/octez/smartrollup.conf ] && . /etc/octez/smartrollup.conf + +logfile="${logdir}/smartrollup.log" +sr="/usr/bin/octez-smart-rollup-node" + +initial_checks() +{ + mkdir -p ${PIDDIR} + chown $user:$group ${PIDDIR} + + mkdir -p ${logdir} + if [ -z "$rollupdatadir" ]; then + echo "rollupdatadir must be set in /etc/octez/smartrollup.conf" >&2 + exit 3 + fi + if [ -z "$clientdir" ]; then + echo "clientdir must be set" >&2 + exit 3 + fi + + if [ ! -f "$rollupdatadir/config.json" ]; then + echo "Rollup not configured" >&2 + exit 3 + fi + +} + +wait_for_bootstrap() +{ + echo "Waiting for node to be bootstrapped" >&2 + + while [ 1 = 1 ]; do + /usr/bin/octez-client -E http://127.0.0.1:$rpcport bootstrapped >/dev/null 2>&1 + [ "$?" = "0" ] && break + echo "Node not ready - sleeping for 30 seconds" >&2 + sleep 30 + done + + + +} + +rotate_logs () +{ + if [ ${rotateonstart} = "yes" ]; then + mv -f "${logfile}" "${logfile}.1" + fi +} + +case "$1" in +start) initial_checks + rotate_logs + [ "$waitfornode" = "yes" ] && wait_for_bootstrap + su $user -c "${sr} -d "$clientdir" run --data-dir "$rollupdatadir" ${othercliopts_smartrollup} >> ${logfile} 2>&1 &" + ;; +stop) + pkill octez-smart +# pkill refuses to match octez-smart-rollup XXX +# for p in ${protocols}; do +# [ ! -x "${sr}-$p" ] && continue +# done + ;; +restart) + $0 stop + $0 start + ;; +reload|force-reload) + ;; +status) + for p in ${protocols}; do + [ ! -x "${sr}-$p" ] && continue + status_of_proc ${sr}-$p $NAME || exit $? + done + exit 0 + ;; +*) echo "Usage: $0 {start|stop|status|restart|reload|force-reload}" >&2 + exit 2 + ;; +esac +exit 0 diff --git a/scripts/pkg-common/utils.sh b/scripts/pkg-common/utils.sh new file mode 100644 index 000000000000..928cb1e9840b --- /dev/null +++ b/scripts/pkg-common/utils.sh @@ -0,0 +1,176 @@ +#!/bin/sh + +# Common packaging routines for Octez +# + +# A better way to do this would be to build the package from source +# but given the various hurdles of Rust and OPAM during the build +# we construct packages afterwards. Which is not best practice :-) +# +# A better strategy would be to extract the version number, build a +# master spec file, build Octez and then make the packages from the +# master spec file. +# +# Place files in the dpkg directory to declare a package. e.g. +# +# baker-control.in - a template for the Debian control file +# +# Place files in the rpm directory to declare packages similarly: +# +# baker-spec.in - a template for the RPM SPEC file +# cf. https://rpm-packaging-guide.github.io/#binary-rpms +# +# These files are shared with the Debian package build in pkg-common +# +# baker.conf - an example configuration file (optional) +# baker-binaries.in - the list of binaries to include +# baker.initd.in - System V init script (optional) +# +# Where Protocol variations are needed use @PROTOCOL@ and @PROTOCOLS@ +# +# You can set OCTEZ_PKGMAINTAINER and OCTEZ_PKGNAME in the environment +# to change from the defaults. +# + + +# Initialise from active protocol versions +# +proto_file="script-inputs/active_protocol_versions_without_number" + +if [ ! -f $proto_file ]; then + echo "Cannot find active protocol list" + exit 2 +fi +protocols=$(tr '\n' ' ' < $proto_file | sed -e 's/ $//g') + +# Variables +# +# Where the zcash files are +zcashdir="_opam/share/zcash-params" +# +# Package maintainer +OCTEZ_PKGMAINTAINER=${OCTEZ_PKGMAINTAINER:-package@nomadic-labs.com} +# +# Package name used in dpkg or rpm name +OCTEZ_PKGNAME=${OCTEZ_PKGNAME:-octez} +# +# Real name used in scripts (usually octez) +OCTEZ_REALNAME=${OCTEZ_REALNAME:-octez} +# +# Revision +OCTEZ_PKGREV=${OCTEZ_PKGREV:-1} + +export OCTEZ_PKGMAINTAINER +export OCTEZ_PKGNAME +export OCTEZ_REALNAME +export OCTEZ_PKGREV + +# Expand protocols in configuration and init files +# +expand_PROTOCOL() { + file="$1" + protocols_formatted="" + protocols_list="" + + for i in $protocols; do + + if [ "$protocols_list" = "" ]; then + protocols_list="$i"; + else + protocols_list="$protocols_list $i" + fi + + if [ "$i" != "alpha" ]; then + # Alpha is handled in an experimental package + #shellcheck disable=SC1003 + protocols_formatted=$protocols_formatted'\'"1${i}"'\'"2\n" + fi + + done + + sed -e "s/@PROTOCOLS@/$protocols_list/g" \ + -e "/@PROTOCOL@/ { s/^\(.*\)@PROTOCOL@\(.*\)$/$protocols_formatted/; s/\\n$//; }" \ + "$file" + +} + +# Issue Warnings +# + +warnings() { + # BETA WARNING + echo "WARNING: This build script should be considered beta for now" + + # Generic warning about BLST_PORTABLE=yes + # + BLST_PORTABLE=${BLST_PORTABLE:-notused} + if [ "$BLST_PORTABLE" != "yes" ]; then + echo "WARNING: BLST_PORTABLE is not set to yes in your environment" + echo "If the binaries were not made with BLST_PORTABLE=yes then they" + echo "might not run on some platforms." + fi +} + +# Get Octez version from the build +# + +getOctezVersion() { + + if ! _vers=$(dune exec octez-version 2>/dev/null); then + echo "Cannot get version. Try eval \`opam env\`?" >&2 + exit 1 + fi + _vers_fix=$(echo "$_vers" | sed -e 's/\~//' -e 's/\+//') + echo "$_vers_fix" +} + +# Build init.d scripts +# + +initdScripts() { + _initin=$1 # Init script + _inittarget=$2 # The target (e.g. octez-node) + _stagedir=$3 # The staging area + _initd="${_stagedir}/etc/init.d" + + if [ -f "${_initin}" ]; then + mkdir -p "${_initd}" + expand_PROTOCOL "${_initin}" \ + > "${_initd}/${_inittarget}" + chmod +x "${_initd}/${_inittarget}" + fi + +} + +# Fix up the binary lists +# +fixBinaryList() { + _binlist=$1 + _binaries="" + if [ -f "${_binlist}.in" ]; then + expand_PROTOCOL "${_binlist}.in" > "${_binlist}" + fi + + if [ -f "${_binlist}" ]; then + _binaries=$(cat "${_binlist}" 2>/dev/null) + fi + echo "$_binaries" +} + +# Deal with Zcash parameters +# +zcashParams() { + _pkgzcash=$1 + _zcashtgt=$2 + + if [ -f "${_pkgzcash}" ]; then + zcashstuff=$(cat "${_pkgzcash}" 2>/dev/null) + echo "=> Zcash" + mkdir -p "${_zcashtgt}" + for shr in ${zcashstuff}; do + cp "${zcashdir}/${shr}" \ + "${_zcashtgt}" + done + fi +} + diff --git a/scripts/pkg-common/vdf.initd.in b/scripts/pkg-common/vdf.initd.in new file mode 100755 index 000000000000..4ae9194eefec --- /dev/null +++ b/scripts/pkg-common/vdf.initd.in @@ -0,0 +1,112 @@ +#!/bin/bash +# Start/stop the Octez Bakers and Accusers +# +### BEGIN INIT INFO +# Provides: octez-vdf +# Required-Start: octez-node +# Required-Stop: +# Should-Start: $network $named +# Should-Stop: $network $named +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: The Octez VDF daemon +# Description: The Octez VDF service inserts calculations into the +# blockchain to improve randomness. +### END INIT INFO + +set -ue + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +export DESC="octez vdf" +NAME=octez-vdf +PIDDIR=/var/run/tezos +PIDFILE=$PIDDIR/octez-vdf.pid +export SCRIPTNAME=/etc/init.d/"$NAME" + +if [ -f "/lib/lsb/init-functions" ]; then + . /lib/lsb/init-functions +else + . /etc/rc.d/init.d/functions +fi + +# Defaults +user=tezos +group=tezos +logdir=/var/log/tezos +rotateonstart=yes +protocols="@PROTOCOLS@" +waitfornode=yes + +#shellcheck disable=SC1091 +[ -r /etc/octez/node.conf ] && . /etc/octez/node.conf +#shellcheck disable=SC1091 +[ -r /etc/octez/baker.conf ] && . /etc/octez/baker.conf + +logfile_base="${logdir}/vdf_" +baker="/usr/bin/octez-baker" + +initial_checks() +{ + mkdir -p ${PIDDIR} + chown $user:$group ${PIDDIR} + + mkdir -p ${logdir} + +} + +wait_for_bootstrap() +{ + echo "Waiting for node to be bootstrapped" >&2 + + while :; do + /usr/bin/octez-client bootstrapped >/dev/null 2>&1 && break + echo "Node not ready - sleeping for 30 seconds" >&2 + sleep 30 + + done + +} + +rotate_logs () +{ + if [ ${rotateonstart} = "yes" ]; then + for p in ${protocols}; do + mv -f "${logfile_base}${p}.log" "${logfile_base}${p}.log.1" + done + fi +} + +case "$1" in +start) initial_checks + rotate_logs + [ "$waitfornode" == "yes" ] && wait_for_bootstrap + for p in ${protocols}; do + [ ! -x "${baker}-$p" ] && continue + su $user -c "${baker}-$p run vdf -K >> ${logfile_base}${p}.log 2>&1 & echo \$! > ${PIDFILE}-$p" + done + ;; +stop) + for p in ${protocols}; do + [ ! -x "${baker}-$p" ] && continue + kill "$(cat ${PIDFILE}-$p)" + rm -f ${PIDFILE}-$p + done + ;; +restart) + $0 stop + $0 start + ;; +reload|force-reload) + ;; +status) + for p in ${protocols}; do + [ ! -x "${baker}-$p" ] && continue + status_of_proc -p ${PIDFILE}-$p ${baker}-$p $NAME || exit $? + done + exit 0 + ;; +*) echo "Usage: $0 {start|stop|status|restart|reload|force-reload}" >&2 + exit 2 + ;; +esac +exit 0 -- GitLab From 9b7c60ae0b7621feb8849a25c098699ae7daaa64 Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Thu, 3 Aug 2023 11:17:43 +0200 Subject: [PATCH 2/5] packaging: add rpm packages scripts --- scripts/rpm/baker-spec.in | 28 +++++++ scripts/rpm/client-spec.in | 23 ++++++ scripts/rpm/experimental-spec.in | 26 ++++++ scripts/rpm/make_rpm.sh | 133 +++++++++++++++++++++++++++++++ scripts/rpm/node-spec.in | 32 ++++++++ scripts/rpm/signer-spec.in | 29 +++++++ scripts/rpm/smartrollup-spec.in | 28 +++++++ 7 files changed, 299 insertions(+) create mode 100644 scripts/rpm/baker-spec.in create mode 100644 scripts/rpm/client-spec.in create mode 100644 scripts/rpm/experimental-spec.in create mode 100755 scripts/rpm/make_rpm.sh create mode 100644 scripts/rpm/node-spec.in create mode 100644 scripts/rpm/signer-spec.in create mode 100644 scripts/rpm/smartrollup-spec.in diff --git a/scripts/rpm/baker-spec.in b/scripts/rpm/baker-spec.in new file mode 100644 index 000000000000..456ea542af9b --- /dev/null +++ b/scripts/rpm/baker-spec.in @@ -0,0 +1,28 @@ +Name: @PKG@ +Version: @VERSION@ +Release: @REVISION@ +Summary: The Octez Baker daemons + +License: MIT +URL: http://tezos.gitlab.io + +Packager: @MAINT@ +Requires: @DPKG@-node +Source0: @FAKESRC@ + +%prep +%setup -q + +%install +tar cpf - . | (cd $RPM_BUILD_ROOT && tar xpf -) + +%description +The Octez Baker daemons + +%files +%{_bindir}/octez-* +%{_sysconfdir}/init.d/octez-* +%config /etc/octez/baker.conf + +%post +/usr/bin/systemctl daemon-reload diff --git a/scripts/rpm/client-spec.in b/scripts/rpm/client-spec.in new file mode 100644 index 000000000000..ac357845fa6d --- /dev/null +++ b/scripts/rpm/client-spec.in @@ -0,0 +1,23 @@ +Name: @PKG@ +Version: @VERSION@ +Release: @REVISION@ +Summary: The Octez Client + +License: MIT +URL: http://tezos.gitlab.io + +Packager: @MAINT@ +Source0: @FAKESRC@ + +%prep +%setup -q + +%install +tar cpf - . | (cd $RPM_BUILD_ROOT && tar xpf -) + +%description +The Octez Client and Wallet + +%files +%{_bindir}/octez-* + diff --git a/scripts/rpm/experimental-spec.in b/scripts/rpm/experimental-spec.in new file mode 100644 index 000000000000..36ace9cc1afc --- /dev/null +++ b/scripts/rpm/experimental-spec.in @@ -0,0 +1,26 @@ +Name: @PKG@ +Version: @VERSION@ +Release: @REVISION@ +Summary: The Octez Experimental Binaries + +Packager: @MAINT@ +License: MIT +URL: http://tezos.gitlab.io + +Requires: @DPKG@-baker +Source0: @FAKESRC@ + +%prep +%setup -q + +%install +tar cpf - . | (cd $RPM_BUILD_ROOT && tar xpf -) + +%description +The Octez Experimental Binaries + +%files +%{_bindir}/octez-* + +%post +systemctl daemon-reload diff --git a/scripts/rpm/make_rpm.sh b/scripts/rpm/make_rpm.sh new file mode 100755 index 000000000000..38db14ef6e16 --- /dev/null +++ b/scripts/rpm/make_rpm.sh @@ -0,0 +1,133 @@ +#!/bin/sh + +# RPM package build for Octez +# +# (c) Chris Pinnock 2023, Supplied under a MIT license. +# see ../pkg-common/utils.sh for more detail + +set -eu + +# Setup +# +myhome=scripts/rpm +common=scripts/pkg-common +dieonwarn=${dieonwarn:-1} + +#shellcheck disable=SC1091 +. ${common}/utils.sh +protocols=${protocols:?protocols not specified} + +warnings +pkg_vers=$(getOctezVersion) + +### RPM specifc + +# Checking prerequisites +# +if ! which rpmbuild >/dev/null 2>&1; then + echo "Needs to run on a system with rpmbuild in path" >&2 + echo "yum install rpmdevtools" + exit 2 +fi + +rpmdev-setuptree +rpmbuild_root=$HOME/rpmbuild # Seems to be standard +spec_dir="${rpmbuild_root}/SPECS" +rpm_dir="${rpmbuild_root}/RPMS" +src_dir="${rpmbuild_root}/SOURCES" + +# Get the local architecture +# +rpm_arch=$(uname -m) + +# For each spec file in the directory, build a package +# +for specfile in "$myhome"/*spec.in; do + pg=$(basename "$specfile" | sed -e 's/-spec.in$//g') + echo "===> Building package $pg v$pkg_vers rev $OCTEZ_PKGREV" + + # Derivative variables + # + rpm_name=${OCTEZ_PKGNAME}-${pg} + init_name=${OCTEZ_REALNAME}-${pg} + rpm_fullname="${rpm_name}-${pkg_vers}-${OCTEZ_PKGREV}.${rpm_arch}.rpm" + + binaries=$(fixBinaryList "${common}/${pg}-binaries") + + + if [ -f "$rpm_fullname" ]; then + echo "built already - skipping" + continue + fi + + tar_name=${rpm_name}-${pkg_vers} + # Populate the staging directory with control scripts + # binaries and configuration as appropriate + # + staging_dir="_rpmbuild" + build_dir="${staging_dir}/${tar_name}" + + rm -rf "${staging_dir}" + mkdir -p "${build_dir}" + + if [ -n "$binaries" ]; then + echo "=> Populating directory with binaries" + mkdir -p "${build_dir}/usr/bin" + for bin in ${binaries}; do + if [ -f "${bin}" ]; then + echo "${bin}" + install -s -t "${build_dir}/usr/bin" "${bin}" + else + echo "WARN: ${bin} not found" + [ "$dieonwarn" = "1" ] && exit 1 + fi + done + fi + + + # init.d scripts + # + initdScripts "${common}/${pg}.initd.in" "${init_name}" "${build_dir}" + if [ "$pg" = "baker" ]; then + initdScripts "${common}/vdf.initd.in" octez-vdf \ + "${build_dir}" + fi + + + # Configuration files + # + if [ -f "${common}/${pg}.conf" ]; then + echo "=> Config files" + mkdir -p "${build_dir}/etc/octez" + expand_PROTOCOL "${common}/${pg}.conf" > "${build_dir}/etc/octez/${pg}.conf" + fi + + # Zcash parameters must ship with the node + # + zcashParams "${common}/${pg}-zcash" "${build_dir}/usr/share/zcash-params" + + # Edit the spec file to contain real values + # + spec_file="${pg}.spec" + sed -e "s/@ARCH@/${rpm_arch}/g" -e "s/@VERSION@/$pkg_vers/g" \ + -e "s/@REVISION@/${OCTEZ_PKGREV}/g" \ + -e "s/@MAINT@/${OCTEZ_PKGMAINTAINER}/g" \ + -e "s/@PKG@/${rpm_name}/g" \ + -e "s/@DPKG@/${OCTEZ_PKGNAME}/g" \ + -e "s/@FAKESRC@/${tar_name}.tar.gz/g" < "$specfile" \ + > "${spec_dir}/${spec_file}" + + # Stage the package + # + echo "=> Staging ${pg}" + (cd ${staging_dir} && tar zcf "${src_dir}/${tar_name}.tar.gz" "${tar_name}" ) + + # Build the package + # + echo "=> Constructing RPM package ${rpm_fullname}" + _flags="--quiet" + rpmbuild -bb ${_flags} "${spec_dir}/${spec_file}" + if [ -f "${rpm_dir}/${rpm_arch}/${rpm_fullname}" ]; then + mv "${rpm_dir}/${rpm_arch}/${rpm_fullname}" . + fi +done diff --git a/scripts/rpm/node-spec.in b/scripts/rpm/node-spec.in new file mode 100644 index 000000000000..ccd00103c76e --- /dev/null +++ b/scripts/rpm/node-spec.in @@ -0,0 +1,32 @@ +Name: @PKG@ +Version: @VERSION@ +Release: @REVISION@ +Summary: The Octez Node + +Packager: @MAINT@ +License: MIT +URL: http://tezos.gitlab.io + +Requires: @DPKG@-client +Source0: @FAKESRC@ + +%prep +%setup -q + +%install +tar cpf - . | (cd $RPM_BUILD_ROOT && tar xpf -) + +%description +The Octez Node daemons + +%files +%{_bindir}/octez-* +%{_sysconfdir}/init.d/octez-* +%doc /usr/share/zcash-params/* +%config /etc/octez/node.conf + +%post +getent group tezos >/dev/null 2>&1 || groupadd tezos +getent passwd tezos >/dev/null 2>&1 || useradd -g tezos tezos +/usr/bin/systemctl daemon-reload + diff --git a/scripts/rpm/signer-spec.in b/scripts/rpm/signer-spec.in new file mode 100644 index 000000000000..35dfa79fbe11 --- /dev/null +++ b/scripts/rpm/signer-spec.in @@ -0,0 +1,29 @@ +Name: @PKG@ +Version: @VERSION@ +Release: @REVISION@ +Summary: The Octez Signer + +Packager: @MAINT@ +License: MIT +URL: http://tezos.gitlab.io + +Source0: @FAKESRC@ + +%prep +%setup -q + +%install +tar cpf - . | (cd $RPM_BUILD_ROOT && tar xpf -) + +%description +The Octez Signer + +%files +%{_bindir}/octez-* +%{_sysconfdir}/init.d/octez-signer +%config /etc/octez/signer.conf + +%post +getent group tzsigner >/dev/null 2>&1 || groupadd tzsigner +getent passwd tzsigner >/dev/null 2>&1 || useradd -g tzsigner tzsigner +/usr/bin/systemctl daemon-reload diff --git a/scripts/rpm/smartrollup-spec.in b/scripts/rpm/smartrollup-spec.in new file mode 100644 index 000000000000..d28d3e81804e --- /dev/null +++ b/scripts/rpm/smartrollup-spec.in @@ -0,0 +1,28 @@ +Name: @PKG@ +Version: @VERSION@ +Release: @REVISION@ +Summary: The Octez Smart Rollup daemons + +Packager: @MAINT@ +License: MIT +URL: http://tezos.gitlab.io + +Requires: @DPKG@-node +Source0: @FAKESRC@ + +%prep +%setup -q + +%install +tar cpf - . | (cd $RPM_BUILD_ROOT && tar xpf -) + +%description +The Octez Smart Rollup daemons + +%files +%{_bindir}/octez-* +%{_sysconfdir}/init.d/octez-* +%config /etc/octez/smartrollup.conf + +%post +/usr/bin/systemctl daemon-reload -- GitLab From 923e834c772141abe8bdd404fcaf1adf5b5851af Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Thu, 3 Aug 2023 11:19:01 +0200 Subject: [PATCH 3/5] ci: add jobs to generate dpkg and rpm packages --- .gitlab/ci/jobs/build/bin_packages_manual.yml | 57 +++++++++++++++++++ .gitlab/ci/pipelines/before_merging.yml | 1 + 2 files changed, 58 insertions(+) create mode 100644 .gitlab/ci/jobs/build/bin_packages_manual.yml diff --git a/.gitlab/ci/jobs/build/bin_packages_manual.yml b/.gitlab/ci/jobs/build/bin_packages_manual.yml new file mode 100644 index 000000000000..44d5a8f4b590 --- /dev/null +++ b/.gitlab/ci/jobs/build/bin_packages_manual.yml @@ -0,0 +1,57 @@ +dpkg:amd64: + image: debian:bookworm + stage: manual + when: manual + needs: [] + script: + - apt update + - apt-get install -y rsync git m4 build-essential patch unzip wget opam jq bc autoconf cmake libev-dev libffi-dev libgmp-dev libhidapi-dev pkg-config zlib1g-dev + - wget https://sh.rustup.rs/rustup-init.sh + - chmod +x rustup-init.sh + - ./rustup-init.sh --profile minimal --default-toolchain 1.64.0 -y + - . $HOME/.cargo/env + - export OPAMYES="true" + - opam init --bare --disable-sandboxing + - make build-deps + - eval $(opam env) + - make dpkg + variables: + OCTEZ_PKGMAINTAINER: "dev@nomadic-labs.com" + BLST_PORTABLE: "yes" + tags: + - amd64 + artifacts: + name: "dpkg-$ARCH-$CI_COMMIT_REF_SLUG" + paths: + - octez-*.deb + expire_in: 1 day + when: on_success + +rpm:amd64: + image: fedora + stage: manual + when: manual + needs: [] + script: + - dnf update -y + - dnf install -y libev-devel gmp-devel hidapi-devel libffi-devel zlib-devel libpq-devel m4 perl git pkg-config rpmdevtools python3-devel python3-setuptools wget opam rsync which cargo autoconf mock systemd systemd-rpm-macros cmake python3-wheel python3-tox-current-env + - wget https://sh.rustup.rs/rustup-init.sh + - chmod +x rustup-init.sh + - ./rustup-init.sh --profile minimal --default-toolchain 1.64.0 -y + - . $HOME/.cargo/env + - export OPAMYES="true" + - opam init --bare --disable-sandboxing + - make build-deps + - eval $(opam env) + - make rpm + variables: + OCTEZ_PKGMAINTAINER: "dev@nomadic-labs.com" + BLST_PORTABLE: "yes" + tags: + - amd64 + artifacts: + name: "rpm-$ARCH-$CI_COMMIT_REF_SLUG" + paths: + - octez-*.rpm + expire_in: 1 day + when: on_success diff --git a/.gitlab/ci/pipelines/before_merging.yml b/.gitlab/ci/pipelines/before_merging.yml index 5b9813030122..839e5c837eb2 100644 --- a/.gitlab/ci/pipelines/before_merging.yml +++ b/.gitlab/ci/pipelines/before_merging.yml @@ -17,6 +17,7 @@ include: - .gitlab/ci/jobs/doc/build_all.yml - .gitlab/ci/jobs/build/docker_amd64_test_manual.yml - .gitlab/ci/jobs/build/docker_arm64_test_manual.yml + - .gitlab/ci/jobs/build/bin_packages_manual.yml - .gitlab/ci/jobs/build/tezt_fetch_records.yml # Stage: test -- GitLab From 42788abb4f18522b2d39ece2864f2e980f010120 Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Thu, 3 Aug 2023 11:19:36 +0200 Subject: [PATCH 4/5] make: add makefile targets for rpm and dpkg packages --- .gitignore | 6 ++++++ Makefile | 23 ++++++++++++++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 00ee8c57a89c..5a1850fa6765 100644 --- a/.gitignore +++ b/.gitignore @@ -74,6 +74,12 @@ __pycache__ *.install .merlin +*.deb +*.rpm +scripts/pkg-common/baker-binaries +scripts/pkg-common/smartrollup-binaries +scripts/pkg-common/client-binaries + *~ \#*\# .\#* diff --git a/Makefile b/Makefile index 2cff9ead9423..6908ab86bc5f 100644 --- a/Makefile +++ b/Makefile @@ -434,6 +434,15 @@ fmt-ocaml: fmt-python: @$(MAKE) -C docs fmt +.PHONY: dpkg +dpkg: all + @./scripts/dpkg/make_dpkg.sh + +.PHONY: rpm +rpm: all + @./scripts/rpm/make_rpm.sh + + .PHONY: build-deps build-deps: @./scripts/install_build_deps.sh @@ -527,8 +536,20 @@ uninstall: coverage-clean: @-rm -Rf ${COVERAGE_OUTPUT}/*.coverage ${COVERAGE_REPORT} +.PHONY: pkg-common-clean +pkg-common-clean: + @-rm -rf scripts/pkg-common/{baker,client,smartrollup}-binaries + +.PHONY: dpkg-clean +dpkg-clean: pkg-common-clean + @-rm -rf _dpkgstage *.deb + +.PHONY: rpm-clean +rpm-clean: pkg-common-clean + @-rm -rf _rpmbuild *.rpm + .PHONY: clean -clean: coverage-clean clean-old-names +clean: coverage-clean clean-old-names dpkg-clean rpm-clean @-dune clean @-rm -f ${ALL_EXECUTABLES} @-${MAKE} -C docs clean -- GitLab From 7e8fee123c8c991c586c5caaeb4d8a88b14ac3d2 Mon Sep 17 00:00:00 2001 From: Pietro Abate Date: Thu, 3 Aug 2023 11:19:56 +0200 Subject: [PATCH 5/5] CHANGES: add entry to dpkg and rpm packages --- CHANGES.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGES.rst b/CHANGES.rst index 89d346a5298b..87297d003e0d 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -141,3 +141,5 @@ Data Availability Committee (DAC) Miscellaneous ------------- + +- Beta scripts to build Debian and RedHat packages have been added to the tree. -- GitLab