* force packer build * disable ami temporarially * apt and ufw * initial lotus config * rename correctly * apt-get instead of apt * undo temporary edits * install before upgrade * tmp - force digitalocean * reenable filters * uncomment ebs * tmp, remove filter for digitalocean build * doc * install ufw (for iams where it isn't installed) * more amazon regions * missing comma * missing comma * remove unavailable regions * switch to ubuntu, not minimal * pro server * change owner * change image * uncomment circleci filters * remove api from firewall * tmp: remove circleci filter * dpkg options * confold * try export * re-add filter
68 lines
1.8 KiB
68 lines
1.8 KiB
#!/usr/bin/env bash
# This script is executed by packer to setup the image.
# When this script is run, packer will have already copied binaries into the home directory of
# whichever user it has access too. This script is executed from within the home directory of that
# user. Bear in mind that different cloud providers, and different images on the same cloud
# provider will have a different initial user account.
set -x
# Become root, if we aren't already.
# Docker images will already be root. AMIs will have an SSH user account.
UID=$(id -u)
if [ x$UID != x0 ]
printf -v cmd_str '%q ' "$0" "$@"
exec sudo su -c "$cmd_str"
MANAGED_BINS=( lotus lotus-miner lotus-init.sh )
# install libs.
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get -y install libhwloc15 ocl-icd-libopencl1 ufw
apt-get -y upgrade -q -y -u -o Dpkg::Options::="--force-confold"
ln -s /usr/lib/x86_64-linux-gnu/libhwloc.so.15 /usr/lib/x86_64-linux-gnu/libhwloc.so.5
# Create lotus user
useradd -c "lotus system account" -r fc
install -o fc -g fc -d /var/lib/lotus
install -o fc -g fc -d /var/lib/lotus-miner
# Install software
for i in "${MANAGED_BINS[@]}"
install -o root -g root -m 755 -t /usr/local/bin $i
rm $i
# Install systemd and other files.
# Because packer doesn't copy files with root permisison,
# files are in the home directory of the ssh user. Copy
# these files into the right position.
for i in "${MANAGED_FILES[@]}"
fn=$(basename $i)
install -o root -g root -m 644 $fn $i
rm $fn
# Enable services
systemctl daemon-reload
systemctl enable lotus-daemon
# Setup firewall
ufw enable
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow 5678 #libp2p