diff --git a/cyphernodeconf_docker/lib/app.js b/cyphernodeconf_docker/lib/app.js index e9cb672f6..e90e432a3 100644 --- a/cyphernodeconf_docker/lib/app.js +++ b/cyphernodeconf_docker/lib/app.js @@ -88,6 +88,7 @@ module.exports = class App { lightning_version: process.env.LIGHTNING_VERSION, notifier_version: process.env.NOTIFIER_VERSION, setup_version: process.env.SETUP_VERSION, + cam_version: process.env.CAM_VERSION || 'latest', noWizard: !!options.noWizard, noSplashScreen: !!options.noSplashScreen, lightning_nodename: name.generate(), diff --git a/cyphernodeconf_docker/prompters/999_installer.js b/cyphernodeconf_docker/prompters/999_installer.js index 1d3ca184a..808124ac5 100644 --- a/cyphernodeconf_docker/prompters/999_installer.js +++ b/cyphernodeconf_docker/prompters/999_installer.js @@ -302,8 +302,8 @@ module.exports = { }, templates: function( props ) { if( props.installer_mode === 'docker' ) { - return ['config.sh','start.sh', 'stop.sh', 'testfeatures.sh', 'testdeployment.sh', path.join('docker', 'docker-compose.yaml')]; + return ['config.sh','start.sh', 'stop.sh', 'cam.sh', 'testfeatures.sh', 'testdeployment.sh', path.join('docker', 'docker-compose.yaml')]; } - return ['config.sh','start.sh', 'stop.sh', 'testfeatures.sh', 'testdeployment.sh']; + return ['config.sh','start.sh', 'stop.sh', 'cam.sh', 'testfeatures.sh', 'testdeployment.sh']; } }; diff --git a/cyphernodeconf_docker/templates/installer/cam.sh b/cyphernodeconf_docker/templates/installer/cam.sh new file mode 100644 index 000000000..6ebf2a6dc --- /dev/null +++ b/cyphernodeconf_docker/templates/installer/cam.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +current_path="$(cd "$(dirname "$0")" >/dev/null && pwd)" +# !!!!!!!!! DO NOT INCLUDE APPS WITHOUT REVIEW !!!!!!!!!! + +docker run -e CYPHERAPPS_INSTALL_DIR=/apps -v "$current_path"/apps:/apps -v "$current_path":/data --rm cyphernode/cam:<%= cam_version %> $* diff --git a/cyphernodeconf_docker/templates/installer/docker/docker-compose.yaml b/cyphernodeconf_docker/templates/installer/docker/docker-compose.yaml index 7971a8762..26c7771ef 100644 --- a/cyphernodeconf_docker/templates/installer/docker/docker-compose.yaml +++ b/cyphernodeconf_docker/templates/installer/docker/docker-compose.yaml @@ -8,6 +8,7 @@ services: ########################## bitcoin: + container_name: bitcoin image: cyphernode/bitcoin:<%= bitcoin_version %> command: $USER bitcoind <% if( bitcoin_expose ) { %> @@ -36,6 +37,7 @@ services: ########################## proxy: + container_name: proxy image: cyphernode/proxy:<%= proxy_version %> command: $USER ./startproxy.sh environment: @@ -85,6 +87,7 @@ services: ########################## proxycron: + container_name: proxycron image: cyphernode/proxycron:<%= proxycron_version %> environment: - "TX_CONF_URL=proxy:8888/executecallbacks" @@ -103,6 +106,7 @@ services: ########################## broker: + container_name: broker image: eclipse-mosquitto:1.6 networks: - cyphernodenet @@ -116,6 +120,7 @@ services: ########################## notifier: + container_name: notifier image: cyphernode/notifier:<%= notifier_version %> command: $USER ./startnotifier.sh networks: @@ -133,6 +138,7 @@ services: ########################## pycoin: + container_name: pycoin image: cyphernode/pycoin:<%= pycoin_version %> command: $USER ./startpycoin.sh environment: @@ -155,6 +161,7 @@ services: ########################## otsclient: + container_name: otsclient image: cyphernode/otsclient:<%= otsclient_version %> command: $USER /script/startotsclient.sh environment: @@ -181,6 +188,7 @@ services: gatekeeper: # HTTP authentication API gate + container_name: gatekeeper image: cyphernode/gatekeeper:<%= gatekeeper_version %> command: $USER environment: @@ -214,6 +222,7 @@ services: ########################## traefik: + container_name: traefik image: traefik:v1.7.9-alpine ports: - 80:80 @@ -238,6 +247,7 @@ services: ########################## lightning: + container_name: lightning image: cyphernode/clightning:<%= lightning_version %> command: $USER sh -c 'while [ ! -f "/bitcoin_monitor/up" ]; do echo "bitcoin not ready" ; sleep 10 ; done ; echo "bitcoin ready!" ; lightningd' <% if( lightning_expose ) { %> diff --git a/cyphernodeconf_docker/templates/installer/start.sh b/cyphernodeconf_docker/templates/installer/start.sh index dbc0b7408..cabe8bd57 100644 --- a/cyphernodeconf_docker/templates/installer/start.sh +++ b/cyphernodeconf_docker/templates/installer/start.sh @@ -2,11 +2,8 @@ . ./.cyphernodeconf/installer/config.sh -# be aware that randomly downloaded cyphernode apps will have access to -# your configuration and filesystem. +current_path="$(cd "$(dirname "$0")" >/dev/null && pwd)" # !!!!!!!!! DO NOT INCLUDE APPS WITHOUT REVIEW !!!!!!!!!! -# TODO: Test if we can mitigate this security issue by -# running app dockers inside a docker container start_apps() { local SCRIPT_NAME="start.sh" @@ -17,21 +14,16 @@ start_apps() { for i in $current_path/apps/* do APP_SCRIPT_PATH=$(echo $i) - if [ -d "$APP_SCRIPT_PATH" ] && [ ! -f "$APP_SCRIPT_PATH/ignoreThisApp" ]; then + if [ -d "$APP_SCRIPT_PATH" ]; then APP_START_SCRIPT_PATH="$APP_SCRIPT_PATH/$SCRIPT_NAME" APP_ID=$(basename $APP_SCRIPT_PATH) - if [ -f "$APP_START_SCRIPT_PATH" ]; then - . $APP_START_SCRIPT_PATH - elif [ -f "$APP_SCRIPT_PATH/docker-compose.yaml" ]; then - export SHARED_HTPASSWD_PATH - export GATEKEEPER_DATAPATH - export GATEKEEPER_PORT - export LIGHTNING_DATAPATH - export BITCOIN_DATAPATH - export APP_SCRIPT_PATH - export APP_ID + if [ -f "$APP_SCRIPT_PATH/docker-compose.yaml" ]; then + export GATEKEEPER_CERTS_PATH="$GATEKEEPER_DATAPATH/certs" + export UNSAFE__CLIGHTNING_PATH="$LIGHTNING_DATAPATH" + export APP_DATA="$APP_SCRIPT_PATH" export DOCKER_MODE + export GATEKEEPER_URL="https://gatekeeper:${GATEKEEPER_PORT}" if [ "$DOCKER_MODE" = "swarm" ]; then docker stack deploy -c $APP_SCRIPT_PATH/docker-compose.yaml $APP_ID diff --git a/cyphernodeconf_docker/templates/installer/stop.sh b/cyphernodeconf_docker/templates/installer/stop.sh index 4e6649c49..5f9407d1c 100644 --- a/cyphernodeconf_docker/templates/installer/stop.sh +++ b/cyphernodeconf_docker/templates/installer/stop.sh @@ -1,13 +1,9 @@ #!/bin/sh -current_path="$(cd "$(dirname "$0")" >/dev/null && pwd)" - +. ./.cyphernodeconf/installer/config.sh -# be aware that randomly downloaded cyphernode apps will have access to -# your configuration and filesystem. +current_path="$(cd "$(dirname "$0")" >/dev/null && pwd)" # !!!!!!!!! DO NOT INCLUDE APPS WITHOUT REVIEW !!!!!!!!!! -# TODO: Test if we can mitigate this security issue by -# running app dockers inside a docker container stop_apps() { local SCRIPT_NAME="stop.sh" @@ -18,21 +14,16 @@ stop_apps() { for i in $current_path/apps/* do APP_SCRIPT_PATH=$(echo $i) - if [ -d "$APP_SCRIPT_PATH" ] && [ ! -f "$APP_SCRIPT_PATH/ignoreThisApp" ]; then + if [ -d "$APP_SCRIPT_PATH" ]; then APP_STOP_SCRIPT_PATH="$APP_SCRIPT_PATH/$SCRIPT_NAME" APP_ID=$(basename $APP_SCRIPT_PATH) - if [ -f "$APP_STOP_SCRIPT_PATH" ]; then - . $APP_STOP_SCRIPT_PATH - elif [ -f "$APP_SCRIPT_PATH/docker-compose.yaml" ]; then - export SHARED_HTPASSWD_PATH - export GATEKEEPER_DATAPATH - export GATEKEEPER_PORT - export LIGHTNING_DATAPATH - export BITCOIN_DATAPATH - export APP_SCRIPT_PATH - export APP_ID + if [ -f "$APP_SCRIPT_PATH/docker-compose.yaml" ]; then + export GATEKEEPER_CERTS_PATH="$GATEKEEPER_DATAPATH/certs" + export UNSAFE__CLIGHTNING_PATH="$LIGHTNING_DATAPATH" + export APP_DATA="$APP_SCRIPT_PATH" export DOCKER_MODE + export GATEKEEPER_URL="https://gatekeeper:${GATEKEEPER_PORT}" if [ "$DOCKER_MODE" = "swarm" ]; then docker stack rm $APP_ID diff --git a/dist/setup.sh b/dist/setup.sh index 0d585933c..4f5c65313 100755 --- a/dist/setup.sh +++ b/dist/setup.sh @@ -193,6 +193,7 @@ configure() { -e BITCOIN_VERSION=$BITCOIN_VERSION \ -e LIGHTNING_VERSION=$LIGHTNING_VERSION \ -e SETUP_VERSION=$SETUP_VERSION \ + -e CAM_VERSION=$CAM_VERSION \ --log-driver=none$pw_env \ --network none \ --rm$interactive cyphernode/cyphernodeconf:$CONF_VERSION $user node index.js$recreate @@ -538,6 +539,7 @@ install_docker() { copy_file $cyphernodeconf_filepath/installer/testfeatures.sh $current_path/testfeatures.sh 0 copy_file $cyphernodeconf_filepath/installer/start.sh $current_path/start.sh 0 copy_file $cyphernodeconf_filepath/installer/stop.sh $current_path/stop.sh 0 + copy_file $cyphernodeconf_filepath/installer/cam.sh $current_path/cam.sh 0 copy_file $cyphernodeconf_filepath/installer/testdeployment.sh $current_path/testdeployment.sh 0 if [[ ! -x $current_path/start.sh ]]; then @@ -552,6 +554,12 @@ install_docker() { next fi + if [[ ! -x $current_path/cam.sh ]]; then + step " make cam.sh executable" + try chmod +x $current_path/cam.sh + next + fi + if [[ ! -x $current_path/testfeatures.sh ]]; then step " make testfeatures.sh executable" try chmod +x $current_path/testfeatures.sh @@ -690,12 +698,17 @@ sanity_checks_pre_install() { fi } -install_apps() { +install_default_apps() { if [ ! -d "$current_path/apps" ]; then - local apps_repo="https://github.com/SatoshiPortal/cypherapps.git" - echo " clone $apps_repo into apps" - docker run --rm -v "$current_path":/git --entrypoint git cyphernode/cyphernodeconf:$CONF_VERSION clone --single-branch -b ${CYPHERAPPS_VERSION} "$apps_repo" /git/apps > /dev/null 2>&1 - fi + sudo_if_required mkdir -p "$current_path/apps" + fi + ./cam.sh init + copy_file "$cyphernodeconf_filepath/gatekeeper/keys.properties" "$current_path/.cam/keys.properties" 1 $SUDO_REQUIRED + copy_file "$cyphernodeconf_filepath/cyphernode/info.json" "$current_path/.cam/cyphernode.json" 1 $SUDO_REQUIRED + ./cam.sh update + ./cam.sh app install G-bToO5cvzSg1dZbYSINSYs93ao@$CYPHERAPPS_VERSION #welcome from official repo + ./cam.sh app key add G-bToO5cvzSg1dZbYSINSYs93ao 000 #give welcome the stats key + ./cam.sh app install YFeXUM86dipa0ORC2iclAcMcSFU@$CYPHERAPPS_VERSION #sparkwallet from official repo } install() { @@ -726,6 +739,7 @@ PYCOIN_VERSION="v0.2.4" CYPHERAPPS_VERSION="v0.2.2" BITCOIN_VERSION="v0.18.0" LIGHTNING_VERSION="v0.7.1" +CAM_VERSION="v0.1.0" SETUP_DIR=$(dirname $(realpath $0)) @@ -813,7 +827,7 @@ if [[ $INSTALL == 1 ]]; then install modify_owner modify_permissions - install_apps + install_default_apps if [[ ! $AUTOSTART == 1 ]]; then cowsay fi