Docker and AWS CloudFormation support

Sjors · May 5, 2018 · 1c661a1 · 1c661a1
1 parent bb68b28
commit 1c661a1
Show file tree

Hide file tree

Showing 7 changed files with 436 additions and 7 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,11 @@
+FROM starefossen/ruby-node:2-8
+RUN apt-get update -qq && apt-get install -y build-essential libpq-dev
+RUN mkdir /matreon
+WORKDIR /matreon
+COPY Gemfile /matreon/Gemfile
+COPY Gemfile.lock /matreon/Gemfile.lock
+RUN bundle install
+COPY package.json /matreon/package.json
+COPY yarn.lock /matreon/yarn.lock
+RUN yarn install
+COPY . /matreon
diff --git a/Matreon.Template b/Matreon.Template
@@ -0,0 +1,274 @@
+{
+  "AWSTemplateFormatVersion" : "2010-09-09",
+
+  "Description" : "Creates a single EC2 instance with a pruned Bitcoin Core node, C-Lightning, Lightning Charge, Postgres, Ruby on Rails and Matreon.",
+
+  "Parameters" : {
+
+    "KeyName": {
+      "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances",
+      "Type": "AWS::EC2::KeyPair::KeyName",
+      "ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
+    },    
+
+    "InstanceType" : {
+      "Description" : "WebServer EC2 instance type",
+      "Type" : "String",
+      "Default" : "t2.small",
+      "AllowedValues" : [ "t2.micro", "t2.small", "t2.medium"],
+      "ConstraintDescription" : "must be a valid EC2 instance type."
+    },
+
+    "SSHLocation" : {
+      "Description" : "The IP address range that can be used to SSH to the EC2 instances",
+      "Type": "String",
+      "MinLength": "9",
+      "MaxLength": "18",
+      "Default": "0.0.0.0/0",
+      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
+      "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
+    },
+
+    "HostName": {
+      "Default": "http://example.com",
+      "Description" : "Hostname, no trailing slash",
+      "Type": "String",
+      "MinLength": "5",
+      "MaxLength": "100"
+    },
+
+    "FromEmail": {
+      "Default": "[email protected]",
+      "Description" : "From email address",
+      "Type": "String",
+      "MinLength": "5",
+      "MaxLength": "100"
+    },
+
+    "BugsEmail": {
+      "Default": "[email protected]",
+      "Description" : "Bug report email address",
+      "Type": "String",
+      "MinLength": "5",
+      "MaxLength": "100"
+    }
+  },
+
+  "Mappings" : {
+    "AWSInstanceType2Arch" : {
+      "t2.micro"    : { "Arch" : "HVM64"  },
+      "t2.small"    : { "Arch" : "HVM64"  },
+      "t2.medium"   : { "Arch" : "HVM64"  }
+    },
+
+    "AWSInstanceType2NATArch" : {
+      "t2.micro"    : { "Arch" : "NATHVM64"  },
+      "t2.small"    : { "Arch" : "NATHVM64"  },
+      "t2.medium"   : { "Arch" : "NATHVM64"  }
+
+    },
+
+    "AWSRegionArch2AMI" : {
+      "eu-central-1"     : {"HVM64" : "ami-5652ce39"}
+    }
+
+  },
+
+  "Resources" : {     
+
+    "WebServer": {  
+      "Type": "AWS::EC2::Instance",
+      "Metadata" : {
+        "AWS::CloudFormation::Init" : {
+          "configSets" : {
+            "full_install" : [ 
+              "install_cfn",
+              "install_docker",
+              "install_container_bitcoin",
+              "install_container_lightning",
+              "install_container_charge",
+              "install_matreon"
+            ]
+          },
+
+          "install_cfn" : {
+            "files" : {
+              "/etc/cfn/cfn-hup.conf" : {
+                "content" : { "Fn::Join" : ["", [
+                  "[main]\n",
+                  "stack=", { "Ref" : "AWS::StackId" }, "\n",
+                  "region=", { "Ref" : "AWS::Region" }, "\n"
+                ]]},
+                "mode"    : "000400",
+                "owner"   : "root",
+                "group"   : "root"
+              },
+
+              "/etc/cfn/hooks.d/cfn-auto-reloader.conf" : {
+                "content": { "Fn::Join" : ["", [
+                  "[cfn-auto-reloader-hook]\n",
+                  "triggers=post.update\n",
+                  "path=Resources.WebServer.Metadata.AWS::CloudFormation::Init\n",
+                  "action=/opt/aws/bin/cfn-init -v ",
+                  "         --stack ", { "Ref" : "AWS::StackName" },
+                  "         --resource WebServer ",
+                  "         --configsets full_install ",
+                  "         --region ", { "Ref" : "AWS::Region" }, "\n",
+                  "runas=root\n"
+                ]]},
+                "mode"    : "000400",
+                "owner"   : "root",
+                "group"   : "root"
+              }
+            },
+
+            "services" : {
+              "sysvinit" : {  
+                "cfn-hup" : { "enabled" : "true", "ensureRunning" : "true",
+                              "files" : ["/etc/cfn/cfn-hup.conf", "/etc/cfn/hooks.d/cfn-auto-reloader.conf"]}
+              }
+            }
+          },
+
+          "install_docker": {
+            "commands": {
+              "01_install_docker": {
+                "command": "yum install -y docker git"
+              },
+              "02_install_docker_compose": {
+                "command": {"Fn::Join" : ["", [
+                  "sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose &&",
+                  "sudo chmod +x /usr/local/bin/docker-compose"
+                ]]}
+              },
+              "03_start_service": {
+                "command": "service docker start"
+              }
+            }
+          },
+
+          "install_container_bitcoin": {
+            "commands": {
+              "01_configure_datadir": {
+                "command": "mkdir /root/bitcoin"
+              },
+              "02_clone_repo": {
+                "command": "git clone https://github.com/NicolasDorier/docker-bitcoin"
+              },
+              "03_docker_build": {
+                "command": "docker build docker-bitcoin/core/0.16.0 -t bitcoind:0.16.0"
+              }
+            }
+          },
+
+          "install_container_lightning": {
+            "commands": {
+              "01_configure_datadir": {
+                "command": "mkdir /root/lightning"
+              },
+              "02_clone_repo": {
+                "command": "git clone https://github.com/cdecker/dockerfiles"
+              },
+              "03_docker_build": {
+                "command": "docker build dockerfiles/lightning/node -f dockerfiles/lightning/node/Dockerfile.master -t lightningd:latest"
+              }
+            }
+          },
+
+          "install_container_charge": {
+            "commands": {
+              "01_configure_datadir": {
+                "command": "mkdir /root/charge"
+              },
+              "02_clone_repo": {
+                "command": "git clone https://github.com/ElementsProject/lightning-charge"
+              },
+              "03_docker_build": {
+                "command": "docker build lightning-charge -t charge:latest"
+              }
+            }
+          },
+
+          "install_matreon": {
+            "commands": {
+              "01_clone_repo": {
+                "command": "git clone https://github.com/Sjors/matreon.git && cd matreon && git checkout 2018/05/docker-compose-aws-cloud"
+              },
+              "02_build_rails_container": {
+                "command": "cd matreon && /usr/local/bin/docker-compose build"
+              },
+              "03_launch": {
+                "command": { "Fn::Join" : ["", [
+                  "cd matreon && DATADIR=/root API_TOKEN=1234 LIGHTNING_CHARGE_URL=http://", { "Ref" : "HostName" },":9112/",
+                  " FROM_EMAIL=", { "Ref" : "FromEmail" },
+                  " BUGS_TO=", { "Ref" : "BugsEmail" },
+                  " /usr/local/bin/docker-compose up -d"
+                ] ] }
+              },
+              "04_migrate_db": {
+                "command": "cd matreon && /usr/local/bin/docker-compose run web rake db:migrate"
+              }
+            }
+          }
+        }
+      },
+      "Properties": {
+        "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
+                          { "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
+        "InstanceType"   : { "Ref" : "InstanceType" },
+        "BlockDeviceMappings" : [
+           {
+             "DeviceName" : "/dev/xvda",
+                "Ebs" : {
+                   "VolumeSize" : "20"
+                 }
+           }
+        ],
+        "SecurityGroups" : [ {"Ref" : "WebServerSecurityGroup"} ],
+        "KeyName"        : { "Ref" : "KeyName" },
+        "UserData"       : { "Fn::Base64" : { "Fn::Join" : ["", [
+          "#!/bin/bash -xe\n",
+          "yum update -y aws-cfn-bootstrap\n",
+
+          "/opt/aws/bin/cfn-init -v ",
+          "         --stack ", { "Ref" : "AWS::StackId" },
+          "         --resource WebServer ",
+          "         --configsets full_install ",
+          "         --region ", { "Ref" : "AWS::Region" }, "\n",
+
+          "/opt/aws/bin/cfn-signal -e $? ",
+          "         --stack ", { "Ref" : "AWS::StackId" },
+          "         --resource WebServer ",
+          "         --region ", { "Ref" : "AWS::Region" }, "\n"
+        ]]}}        
+      },
+      "CreationPolicy" : {
+        "ResourceSignal" : {
+          "Timeout" : "PT30M"
+        }
+      }
+    },
+
+    "WebServerSecurityGroup" : {
+      "Type" : "AWS::EC2::SecurityGroup",
+      "Properties" : {
+        "GroupDescription" : "Enable SSH, Bitcoin P2P, Lightning P2P and Charge access",
+        "SecurityGroupIngress" : [
+          {"IpProtocol" : "tcp", "FromPort" : "8883", "ToPort" : "8883", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "18883", "ToPort" : "18883", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "9735", "ToPort" : "9735", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "9112", "ToPort" : "9112", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : { "Ref" : "SSHLocation"}}
+        ]
+      }      
+    }          
+  },
+
+  "Outputs" : {
+    "WebsiteURL" : {
+      "Value" : { "Fn::Join" : ["", ["http://", { "Fn::GetAtt" : [ "WebServer", "PublicDnsName" ]}, "/" ]] },
+      "Description" : "URL for your Matreon"
+    }
+  }
+}
diff --git a/README.md b/README.md
@@ -5,12 +5,68 @@ Current status: extremely experimental!
 
 Live instance: [matreon.sprovoost.nl](https://matreon.sprovoost.nl/)
 
-## Prerequisites
+## Deploy to AWS using Docker
 
-You need to run [c-lightning](https://github.com/ElementsProject/lightning) and [Lightning Charge](https://github.com/ElementsProject/lightning-charge) somewhere.
+This is currently quite brittle and not very secure. 
+
+Coming soon... 
+
+Install the Amazon CloudFormation template by downloading [Matreon.Template](https://raw.githubusercontent.com/Sjors/matreon/master/Matreon.Template) and then uploading it on the [CloudFormation stack creation page](https://eu-central-1.console.aws.amazon.com/cloudformation/home?region=eu-central-1&stackName=Matreon#/stacks/new).
+
+You'll need to enter some details:
+
+[SCREENSHOT]
+
+[HINTS]
+
+See the next section for what's happening under the hood.
+
+## Deploy elsewhere using Docker
+
+Install [Docker](https://docs.docker.com/install/).
+
+Work in progress. For now it just launches `bitcoind` and `c-lightning` and syncs the node.
+
+Create a directory to store the blockchain, wallet info, etc:
+
+```sh
+mkdir matreon-vol
+mkdir matreon-vol/bitcoin
+mkdir matreon-vol/lightning
+```
+
+We use Docker Compose to combine a number of containers. To minimize trust, we build these
+containers locally.
+
+### Container 1 - bitcoind
+
+```sh
+git clone https://github.com/NicolasDorier/docker-bitcoin
+docker build docker-bitcoin/core/0.16.0 -t bitcoind:0.16.0
+```
+
+### Docker Compose
+
+From the Matreon project directory:
+
+```sh
+BITCOIN_DATADIR=~/matreon-vol/bitcoin docker-compose up
+```
+
+To shut it down
+
+```
+docker-compose down
+```
 
 ## Deploy to Heroku
 
+### Prerequisites
+
+You need to run [c-lightning](https://github.com/ElementsProject/lightning) and [Lightning Charge](https://github.com/ElementsProject/lightning-charge) somewhere.
+
+### Heroku
+
 Create a new Heroku app `app-name` and add the Sendgrid Add-On.
 
 Clone this repo and:

diff --git a/config/database.yml b/config/database.yml
@@ -10,8 +10,16 @@ default: &default
   timeout: 5000
 
 development:
-  <<: *default
-  database: db/development.sqlite3
+  # <<: *default
+  # database: db/development.sqlite3
+  adapter: postgresql
+  encoding: unicode
+  host: db
+  username: postgres
+  password:
+  pool: 5
+
+
 
 # Warning: The database defined as "test" will be erased and
 # re-generated from your development database when you run "rake".