From e60e4ca1925df141164998af0dcc0b3e997c1b12 Mon Sep 17 00:00:00 2001 From: Albert Le Batteux Date: Thu, 22 Aug 2024 17:02:18 +0200 Subject: [PATCH] chore: simplify staging (#2018) This simplify the staging servers system. It's using the docker image: [watchtower](https://github.com/containrrr/watchtower) to automatically pull-update new gno versions. It's currently deployed on the server: we now have - https://rpc.staging.gno.land - http://rpc.staging.gno.land:26657 - http://rpc.staging.gno.land:36657 (to be compliant with previous version)
Contributors' checklist... - [ ] Added new tests, or not needed, or not feasible - [ ] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [ ] Updated the official documentation or not needed - [ ] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [ ] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md).
--- docs/reference/network-config.md | 2 +- .../staging.gno.land/docker-compose.yml | 228 +++++++++--------- .../staging.gno.land/gnoland.entrypoint.sh | 23 ++ 3 files changed, 136 insertions(+), 117 deletions(-) create mode 100755 misc/deployments/staging.gno.land/gnoland.entrypoint.sh diff --git a/docs/reference/network-config.md b/docs/reference/network-config.md index 0dacc8e80d7..6d4fc9ea14a 100644 --- a/docs/reference/network-config.md +++ b/docs/reference/network-config.md @@ -9,7 +9,7 @@ id: network-config | Portal Loop | https://rpc.gno.land:443 | `portal-loop` | | Test4 | https://rpc.test4.gno.land:443 | `test4` | | Test3 | https://rpc.test3.gno.land:443 | `test3` | -| Staging | http://rpc.staging.gno.land:36657 | `staging` | +| Staging | https://rpc.staging.gno.land:443 | `staging` | ### WebSocket endpoints All networks follow the same pattern for websocket connections: diff --git a/misc/deployments/staging.gno.land/docker-compose.yml b/misc/deployments/staging.gno.land/docker-compose.yml index 3479067372d..7d264a34dbd 100644 --- a/misc/deployments/staging.gno.land/docker-compose.yml +++ b/misc/deployments/staging.gno.land/docker-compose.yml @@ -1,130 +1,126 @@ -version: "2" - +name: "staging-gno-land" services: + traefik: + image: "traefik:v2.11" + restart: unless-stopped + command: + - "--api.insecure=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.rpc.address=:26657" + - "--entrypoints.web.http.redirections.entrypoint.to=websecure" + - "--entrypoints.web.http.redirections.entrypoint.scheme=https" + - "--entrypoints.web.http.redirections.entrypoint.permanent=true" + - "--entryPoints.web.forwardedHeaders.insecure" + - "--entrypoints.traefik.address=:8080" + - "--entrypoints.websecure.address=:443" + + - "--certificatesresolvers.le.acme.tlschallenge=true" + - "--certificatesresolvers.le.acme.email=dev@gno.land" + - "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + - "26657:26657" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + - ./letsencrypt:/letsencrypt + gnoland: - container_name: gnoland - build: ../../.. + image: ghcr.io/gnolang/gno/gnoland:master + restart: unless-stopped + entrypoint: /entrypoint.sh + working_dir: /gnoroot environment: - - VIRTUAL_HOST=rpc.staging.gno.land - - VIRTUAL_PORT=26657 - - LETSENCRYPT_HOST=rpc.staging.gno.land - - LOG_LEVEL=4 - working_dir: /opt/gno/src/gno.land - command: - - gnoland - - start - - --skip-failing-genesis-txs - - --chainid=staging - - --genesis-remote=staging.gno.land:26657 + CHAIN_ID: staging + MONIKER: gno-staging volumes: - - "./data/gnoland:/opt/gno/src/gno.land/gnoland-data" - ports: - - 26656:26656 - - 26657:26657 - restart: on-failure - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "100m" + - ./gnoland.entrypoint.sh:/entrypoint.sh + #ports: + # - 26656:26656 + labels: + com.centurylinklabs.watchtower.enable: "true" + traefik.enable: "true" + traefik.http.routers.gnoland.entrypoints: "web,websecure" + traefik.http.routers.gnoland.rule: "Host(`rpc.staging.gno.land`)" + traefik.http.routers.gnoland.service: gnoland-rpc + traefik.http.routers.gnoland.tls: "true" + traefik.http.routers.gnoland.tls.certresolver: "le" + traefik.http.routers.gnoland-rpc.entrypoints: "rpc" + traefik.http.routers.gnoland-rpc.rule: "PathPrefix(`/`)" + traefik.http.routers.gnoland-rpc.service: gnoland-rpc + traefik.http.services.gnoland-rpc.loadbalancer.server.port: 26657 gnoweb: - container_name: gnoweb - build: ../../.. - command: + image: ghcr.io/gnolang/gno/gnoweb:master + restart: unless-stopped + env_file: ".env" + entrypoint: - gnoweb - - --bind=0.0.0.0:80 - - --remote=gnoland:26657 - - --captcha-site=$RECAPTCHA_SITE_KEY - - --faucet-url=https://faucet-staging.gno.land/ - - --help-chainid=staging - - --help-remote=staging.gno.land:26657 + - --bind=0.0.0.0:8888 + - --remote=http://traefik:26657 + - --faucet-url=https://faucet-api.staging.gno.land + - --captcha-site=$CAPTCHA_SITE_KEY - --with-analytics - volumes: - - "./overlay:/overlay:ro" - links: - - gnoland - environment: - - VIRTUAL_HOST=staging.gno.land - - LETSENCRYPT_HOST=staging.gno.land - # from .env - - RECAPTCHA_SITE_KEY - restart: on-failure - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "100m" + - --help-chainid=staging + - --help-remote=https://rpc.staging.gno.land:443 + labels: + com.centurylinklabs.watchtower.enable: "true" + traefik.enable: "true" + traefik.http.routers.gnoweb.entrypoints: "web,websecure" + traefik.http.routers.gnoweb.rule: "Host(`staging.gno.land`)" + traefik.http.routers.gnoweb.tls: "true" + traefik.http.routers.gnoweb.tls.certresolver: "le" gnofaucet: - container_name: gnofaucet - build: ../../.. - command: sh -xc " - date && - mkdir -p /.gno && - expect -c \"set timeout -1; spawn gnokey add --home /.gno/ --recover faucet; expect \\\"Enter a passphrase\\\"; send \\\"$GNOKEY_PASS\\r\\\"; expect \\\"Repeat the passphrase\\\"; send \\\"$GNOKEY_PASS\\r\\\"; expect \\\"Enter your bip39 mnemonic\\\"; send \\\"$FAUCET_WORDS\\r\\\"; expect eof\" && - while true; do - expect -c \"set timeout -1; spawn gnofaucet serve --send 50000000ugnot --captcha-secret \\\"$RECAPTCHA_SECRET_KEY\\\" --remote gnoland:26657 --chain-id staging --home /.gno/ faucet; expect \\\"Enter password\\\"; send \\\"$GNOKEY_PASS\\r\\\"; expect eof\"; - sleep 5; - done - " - links: - - gnoland - environment: - - VIRTUAL_HOST=faucet-staging.gno.land - - VIRTUAL_PORT=5050 - - LETSENCRYPT_HOST=faucet-staging.gno.land - # from .env - - RECAPTCHA_SECRET_KEY - - FAUCET_WORDS - - GNOKEY_PASS - ports: - - 5050 - restart: on-failure - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "100m" + image: ghcr.io/gnolang/gno/gnofaucet-slim + restart: unless-stopped + command: + - "serve" + - "--listen-address=0.0.0.0:5050" + - "--chain-id=staging" + - "--is-behind-proxy=true" + - "--mnemonic=${FAUCET_MNEMONIC}" + - "--num-accounts=1" + - "--remote=http://traefik:26657" + - "--captcha-secret=${CAPTCHA_SECRET_KEY}" + env_file: ".env" + # environment: + # from .env + # - RECAPTCHA_SECRET_KEY + labels: + com.centurylinklabs.watchtower.enable: "true" + traefik.enable: "true" + traefik.http.routers.gnofaucet-api.entrypoints: "websecure" + traefik.http.routers.gnofaucet-api.rule: "Host(`faucet-api.staging.gno.land`) || Host(`faucet-api.staging.gnoteam.com`)" + traefik.http.routers.gnofaucet-api.tls: "true" + traefik.http.routers.gnofaucet-api.tls.certresolver: "le" + traefik.http.middlewares.gnofaucet-ratelimit.ratelimit.average: "6" + traefik.http.middlewares.gnofaucet-ratelimit.ratelimit.period: "1m" - nginx-proxy: - image: nginxproxy/nginx-proxy - container_name: nginx-proxy - ports: - - "80:80" - - "443:443" + watchtower: + image: containrrr/watchtower + restart: unless-stopped + command: --interval 30 --http-api-metrics --label-enable volumes: - - conf:/etc/nginx/conf.d - - vhost:/etc/nginx/vhost.d - - html:/usr/share/nginx/html - - certs:/etc/nginx/certs:ro - - /var/run/docker.sock:/tmp/docker.sock:ro - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "100m" - - acme-companion: - image: nginxproxy/acme-companion - container_name: nginx-proxy-acme + - /var/run/docker.sock:/var/run/docker.sock environment: - - DEFAULT_EMAIL=noreply@gno.land - volumes_from: - - nginx-proxy - volumes: - - certs:/etc/nginx/certs:rw - - acme:/etc/acme.sh - - /var/run/docker.sock:/var/run/docker.sock:ro - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "100m" + WATCHTOWER_HTTP_API_TOKEN: "mytoken" -volumes: - conf: - vhost: - html: - certs: - acme: + restarter: + image: docker:cli + restart: unless-stopped + entrypoint: [ "/bin/sh", "-c" ] + working_dir: "/app" + volumes: + - ".:/app" + - "/var/run/docker.sock:/var/run/docker.sock" + command: + - | + while true; do + if [ "$$(date +'%H:%M')" = '22:00' ]; then + docker compose restart gnoland + fi + sleep 60 + done diff --git a/misc/deployments/staging.gno.land/gnoland.entrypoint.sh b/misc/deployments/staging.gno.land/gnoland.entrypoint.sh new file mode 100755 index 00000000000..90957e92da8 --- /dev/null +++ b/misc/deployments/staging.gno.land/gnoland.entrypoint.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env sh + +set -ex + +MONIKER=${MONIKER:-"gnode"} +P2P_LADDR=${P2P_LADDR:-"tcp://0.0.0.0:26656"} +RPC_LADDR=${RPC_LADDR:-"tcp://0.0.0.0:26657"} + +CHAIN_ID=${CHAIN_ID:-"staging"} + +rm -rfv ./gnoland-data genesis.json + +gnoland config init +gnoland secrets init + +gnoland config set moniker "${MONIKER}" +gnoland config set rpc.laddr "${RPC_LADDR}" +gnoland config set p2p.laddr "${P2P_LADDR}" + +exec gnoland start \ + --skip-failing-genesis-txs \ + --chainid="${CHAIN_ID}" \ + --lazy