-
Notifications
You must be signed in to change notification settings - Fork 362
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This simplify the staging servers system. It's using the docker image: [watchtower](https://github.com/containrrr/watchtower) to automatically pull-update new gno versions. It's currently deployed on the server: we now have - https://rpc.staging.gno.land - http://rpc.staging.gno.land:26657 - http://rpc.staging.gno.land:36657 (to be compliant with previous version) <details><summary>Contributors' checklist...</summary> - [ ] Added new tests, or not needed, or not feasible - [ ] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [ ] Updated the official documentation or not needed - [ ] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [ ] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details>
- Loading branch information
Showing
3 changed files
with
136 additions
and
117 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,130 +1,126 @@ | ||
version: "2" | ||
|
||
name: "staging-gno-land" | ||
services: | ||
traefik: | ||
image: "traefik:v2.11" | ||
restart: unless-stopped | ||
command: | ||
- "--api.insecure=true" | ||
- "--providers.docker=true" | ||
- "--providers.docker.exposedbydefault=false" | ||
- "--entrypoints.web.address=:80" | ||
- "--entrypoints.rpc.address=:26657" | ||
- "--entrypoints.web.http.redirections.entrypoint.to=websecure" | ||
- "--entrypoints.web.http.redirections.entrypoint.scheme=https" | ||
- "--entrypoints.web.http.redirections.entrypoint.permanent=true" | ||
- "--entryPoints.web.forwardedHeaders.insecure" | ||
- "--entrypoints.traefik.address=:8080" | ||
- "--entrypoints.websecure.address=:443" | ||
|
||
- "--certificatesresolvers.le.acme.tlschallenge=true" | ||
- "--certificatesresolvers.le.acme.email=dev@gno.land" | ||
- "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json" | ||
ports: | ||
- "80:80" | ||
- "443:443" | ||
- "26657:26657" | ||
volumes: | ||
- "/var/run/docker.sock:/var/run/docker.sock:ro" | ||
- ./letsencrypt:/letsencrypt | ||
|
||
gnoland: | ||
container_name: gnoland | ||
build: ../../.. | ||
image: ghcr.io/gnolang/gno/gnoland:master | ||
restart: unless-stopped | ||
entrypoint: /entrypoint.sh | ||
working_dir: /gnoroot | ||
environment: | ||
- VIRTUAL_HOST=rpc.staging.gno.land | ||
- VIRTUAL_PORT=26657 | ||
- LETSENCRYPT_HOST=rpc.staging.gno.land | ||
- LOG_LEVEL=4 | ||
working_dir: /opt/gno/src/gno.land | ||
command: | ||
- gnoland | ||
- start | ||
- --skip-failing-genesis-txs | ||
- --chainid=staging | ||
- --genesis-remote=staging.gno.land:26657 | ||
CHAIN_ID: staging | ||
MONIKER: gno-staging | ||
volumes: | ||
- "./data/gnoland:/opt/gno/src/gno.land/gnoland-data" | ||
ports: | ||
- 26656:26656 | ||
- 26657:26657 | ||
restart: on-failure | ||
logging: | ||
driver: "json-file" | ||
options: | ||
max-file: "10" | ||
max-size: "100m" | ||
- ./gnoland.entrypoint.sh:/entrypoint.sh | ||
#ports: | ||
# - 26656:26656 | ||
labels: | ||
com.centurylinklabs.watchtower.enable: "true" | ||
traefik.enable: "true" | ||
traefik.http.routers.gnoland.entrypoints: "web,websecure" | ||
traefik.http.routers.gnoland.rule: "Host(`rpc.staging.gno.land`)" | ||
traefik.http.routers.gnoland.service: gnoland-rpc | ||
traefik.http.routers.gnoland.tls: "true" | ||
traefik.http.routers.gnoland.tls.certresolver: "le" | ||
traefik.http.routers.gnoland-rpc.entrypoints: "rpc" | ||
traefik.http.routers.gnoland-rpc.rule: "PathPrefix(`/`)" | ||
traefik.http.routers.gnoland-rpc.service: gnoland-rpc | ||
traefik.http.services.gnoland-rpc.loadbalancer.server.port: 26657 | ||
|
||
gnoweb: | ||
container_name: gnoweb | ||
build: ../../.. | ||
command: | ||
image: ghcr.io/gnolang/gno/gnoweb:master | ||
restart: unless-stopped | ||
env_file: ".env" | ||
entrypoint: | ||
- gnoweb | ||
- --bind=0.0.0.0:80 | ||
- --remote=gnoland:26657 | ||
- --captcha-site=$RECAPTCHA_SITE_KEY | ||
- --faucet-url=https://faucet-staging.gno.land/ | ||
- --help-chainid=staging | ||
- --help-remote=staging.gno.land:26657 | ||
- --bind=0.0.0.0:8888 | ||
- --remote=http://traefik:26657 | ||
- --faucet-url=https://faucet-api.staging.gno.land | ||
- --captcha-site=$CAPTCHA_SITE_KEY | ||
- --with-analytics | ||
volumes: | ||
- "./overlay:/overlay:ro" | ||
links: | ||
- gnoland | ||
environment: | ||
- VIRTUAL_HOST=staging.gno.land | ||
- LETSENCRYPT_HOST=staging.gno.land | ||
# from .env | ||
- RECAPTCHA_SITE_KEY | ||
restart: on-failure | ||
logging: | ||
driver: "json-file" | ||
options: | ||
max-file: "10" | ||
max-size: "100m" | ||
- --help-chainid=staging | ||
- --help-remote=https://rpc.staging.gno.land:443 | ||
labels: | ||
com.centurylinklabs.watchtower.enable: "true" | ||
traefik.enable: "true" | ||
traefik.http.routers.gnoweb.entrypoints: "web,websecure" | ||
traefik.http.routers.gnoweb.rule: "Host(`staging.gno.land`)" | ||
traefik.http.routers.gnoweb.tls: "true" | ||
traefik.http.routers.gnoweb.tls.certresolver: "le" | ||
|
||
gnofaucet: | ||
container_name: gnofaucet | ||
build: ../../.. | ||
command: sh -xc " | ||
date && | ||
mkdir -p /.gno && | ||
expect -c \"set timeout -1; spawn gnokey add --home /.gno/ --recover faucet; expect \\\"Enter a passphrase\\\"; send \\\"$GNOKEY_PASS\\r\\\"; expect \\\"Repeat the passphrase\\\"; send \\\"$GNOKEY_PASS\\r\\\"; expect \\\"Enter your bip39 mnemonic\\\"; send \\\"$FAUCET_WORDS\\r\\\"; expect eof\" && | ||
while true; do | ||
expect -c \"set timeout -1; spawn gnofaucet serve --send 50000000ugnot --captcha-secret \\\"$RECAPTCHA_SECRET_KEY\\\" --remote gnoland:26657 --chain-id staging --home /.gno/ faucet; expect \\\"Enter password\\\"; send \\\"$GNOKEY_PASS\\r\\\"; expect eof\"; | ||
sleep 5; | ||
done | ||
" | ||
links: | ||
- gnoland | ||
environment: | ||
- VIRTUAL_HOST=faucet-staging.gno.land | ||
- VIRTUAL_PORT=5050 | ||
- LETSENCRYPT_HOST=faucet-staging.gno.land | ||
# from .env | ||
- RECAPTCHA_SECRET_KEY | ||
- FAUCET_WORDS | ||
- GNOKEY_PASS | ||
ports: | ||
- 5050 | ||
restart: on-failure | ||
logging: | ||
driver: "json-file" | ||
options: | ||
max-file: "10" | ||
max-size: "100m" | ||
image: ghcr.io/gnolang/gno/gnofaucet-slim | ||
restart: unless-stopped | ||
command: | ||
- "serve" | ||
- "--listen-address=0.0.0.0:5050" | ||
- "--chain-id=staging" | ||
- "--is-behind-proxy=true" | ||
- "--mnemonic=${FAUCET_MNEMONIC}" | ||
- "--num-accounts=1" | ||
- "--remote=http://traefik:26657" | ||
- "--captcha-secret=${CAPTCHA_SECRET_KEY}" | ||
env_file: ".env" | ||
# environment: | ||
# from .env | ||
# - RECAPTCHA_SECRET_KEY | ||
labels: | ||
com.centurylinklabs.watchtower.enable: "true" | ||
traefik.enable: "true" | ||
traefik.http.routers.gnofaucet-api.entrypoints: "websecure" | ||
traefik.http.routers.gnofaucet-api.rule: "Host(`faucet-api.staging.gno.land`) || Host(`faucet-api.staging.gnoteam.com`)" | ||
traefik.http.routers.gnofaucet-api.tls: "true" | ||
traefik.http.routers.gnofaucet-api.tls.certresolver: "le" | ||
traefik.http.middlewares.gnofaucet-ratelimit.ratelimit.average: "6" | ||
traefik.http.middlewares.gnofaucet-ratelimit.ratelimit.period: "1m" | ||
|
||
nginx-proxy: | ||
image: nginxproxy/nginx-proxy | ||
container_name: nginx-proxy | ||
ports: | ||
- "80:80" | ||
- "443:443" | ||
watchtower: | ||
image: containrrr/watchtower | ||
restart: unless-stopped | ||
command: --interval 30 --http-api-metrics --label-enable | ||
volumes: | ||
- conf:/etc/nginx/conf.d | ||
- vhost:/etc/nginx/vhost.d | ||
- html:/usr/share/nginx/html | ||
- certs:/etc/nginx/certs:ro | ||
- /var/run/docker.sock:/tmp/docker.sock:ro | ||
logging: | ||
driver: "json-file" | ||
options: | ||
max-file: "10" | ||
max-size: "100m" | ||
|
||
acme-companion: | ||
image: nginxproxy/acme-companion | ||
container_name: nginx-proxy-acme | ||
- /var/run/docker.sock:/var/run/docker.sock | ||
environment: | ||
- DEFAULT_EMAIL=noreply@gno.land | ||
volumes_from: | ||
- nginx-proxy | ||
volumes: | ||
- certs:/etc/nginx/certs:rw | ||
- acme:/etc/acme.sh | ||
- /var/run/docker.sock:/var/run/docker.sock:ro | ||
logging: | ||
driver: "json-file" | ||
options: | ||
max-file: "10" | ||
max-size: "100m" | ||
WATCHTOWER_HTTP_API_TOKEN: "mytoken" | ||
|
||
volumes: | ||
conf: | ||
vhost: | ||
html: | ||
certs: | ||
acme: | ||
restarter: | ||
image: docker:cli | ||
restart: unless-stopped | ||
entrypoint: [ "/bin/sh", "-c" ] | ||
working_dir: "/app" | ||
volumes: | ||
- ".:/app" | ||
- "/var/run/docker.sock:/var/run/docker.sock" | ||
command: | ||
- | | ||
while true; do | ||
if [ "$$(date +'%H:%M')" = '22:00' ]; then | ||
docker compose restart gnoland | ||
fi | ||
sleep 60 | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
#!/usr/bin/env sh | ||
|
||
set -ex | ||
|
||
MONIKER=${MONIKER:-"gnode"} | ||
P2P_LADDR=${P2P_LADDR:-"tcp://0.0.0.0:26656"} | ||
RPC_LADDR=${RPC_LADDR:-"tcp://0.0.0.0:26657"} | ||
|
||
CHAIN_ID=${CHAIN_ID:-"staging"} | ||
|
||
rm -rfv ./gnoland-data genesis.json | ||
|
||
gnoland config init | ||
gnoland secrets init | ||
|
||
gnoland config set moniker "${MONIKER}" | ||
gnoland config set rpc.laddr "${RPC_LADDR}" | ||
gnoland config set p2p.laddr "${P2P_LADDR}" | ||
|
||
exec gnoland start \ | ||
--skip-failing-genesis-txs \ | ||
--chainid="${CHAIN_ID}" \ | ||
--lazy |