diff --git a/.gitea/workflows/test.yml b/.gitea/workflows/test.yml index fd1c739c..beaf71d1 100644 --- a/.gitea/workflows/test.yml +++ b/.gitea/workflows/test.yml @@ -1,10 +1,16 @@ -name: Test +name: Integration Test on: pull_request: branches: '*' push: - branches: '*' + branches: + - main + - ci-test + +# Needed until we can incorporate docker startup into the executor container +env: + DOCKER_HOST: unix:///var/run/dind.sock jobs: test: @@ -25,5 +31,9 @@ jobs: run: ./scripts/create_build_tag_file.sh - name: "Build local shiv package" run: ./scripts/build_shiv_package.sh + - name: Start dockerd # Also needed until we can incorporate into the executor + run: | + dockerd -H $DOCKER_HOST --userland-proxy=false & + sleep 5 - name: "Run smoke tests" run: ./tests/smoke-test/run-smoke-test.sh diff --git a/app/build_containers.py b/app/build_containers.py index 5e8495cb..6cd8f2b8 100644 --- a/app/build_containers.py +++ b/app/build_containers.py @@ -95,6 +95,9 @@ def command(ctx, include, exclude, force_rebuild, extra_build_args): container_build_env.update({"CERC_SCRIPT_DEBUG": "true"} if debug else {}) container_build_env.update({"CERC_FORCE_REBUILD": "true"} if force_rebuild else {}) container_build_env.update({"CERC_CONTAINER_EXTRA_BUILD_ARGS": extra_build_args} if extra_build_args else {}) + docker_host_env = os.getenv("DOCKER_HOST") + if docker_host_env: + container_build_env.update({"DOCKER_HOST": docker_host_env}) def process_container(container): if not quiet: diff --git a/app/data/compose/docker-compose-fixturenet-eth.yml b/app/data/compose/docker-compose-fixturenet-eth.yml index 2024cacb..c687b326 100644 --- a/app/data/compose/docker-compose-fixturenet-eth.yml +++ b/app/data/compose/docker-compose-fixturenet-eth.yml @@ -27,7 +27,6 @@ services: - ../config/fixturenet-eth/fixturenet-eth.env image: cerc/fixturenet-eth-geth:local volumes: - - fixturenet_geth_accounts:/opt/testnet/build/el - fixturenet_eth_geth_1_data:/root/ethdata healthcheck: test: ["CMD", "nc", "-v", "localhost", "8545"] @@ -116,7 +115,6 @@ services: condition: service_healthy volumes: - fixturenet_geth_accounts: fixturenet_eth_bootnode_geth_data: fixturenet_eth_geth_1_data: fixturenet_eth_geth_2_data: diff --git a/app/data/compose/docker-compose-fixturenet-optimism.yml b/app/data/compose/docker-compose-fixturenet-optimism.yml index cc1d64d3..c651e5a7 100644 --- a/app/data/compose/docker-compose-fixturenet-optimism.yml +++ b/app/data/compose/docker-compose-fixturenet-optimism.yml @@ -13,6 +13,7 @@ services: CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG} CERC_L1_CHAIN_ID: ${CERC_L1_CHAIN_ID} CERC_L1_RPC: ${CERC_L1_RPC} + CERC_L1_ACCOUNTS_CSV_URL: ${CERC_L1_ACCOUNTS_CSV_URL} CERC_L1_ADDRESS: ${CERC_L1_ADDRESS} CERC_L1_PRIV_KEY: ${CERC_L1_PRIV_KEY} CERC_L1_ADDRESS_2: ${CERC_L1_ADDRESS_2} @@ -27,7 +28,6 @@ services: - ../container-build/cerc-optimism-contracts/hardhat-tasks/send-balance.ts:/app/packages/contracts-bedrock/tasks/send-balance.ts - ../config/fixturenet-optimism/optimism-contracts/update-config.js:/app/packages/contracts-bedrock/update-config.js - ../config/fixturenet-optimism/optimism-contracts/run.sh:/app/packages/contracts-bedrock/run.sh - - fixturenet_geth_accounts:/geth-accounts:ro - l2_accounts:/l2-accounts - l1_deployment:/app/packages/contracts-bedrock extra_hosts: @@ -126,7 +126,6 @@ services: - "host.docker.internal:host-gateway" volumes: - fixturenet_geth_accounts: l1_deployment: l2_accounts: l2_config: diff --git a/app/data/compose/docker-compose-kubo.yml b/app/data/compose/docker-compose-kubo.yml index 11c1d2ee..f5f8b06e 100644 --- a/app/data/compose/docker-compose-kubo.yml +++ b/app/data/compose/docker-compose-kubo.yml @@ -8,6 +8,6 @@ services: - ./ipfs/import:/import - ./ipfs/data:/data/ipfs ports: - - "8080" - - "4001" - - "5001" + - "0.0.0.0:8080:8080" + - "0.0.0.0:4001:4001" + - "0.0.0.0:5001:5001" diff --git a/app/data/compose/docker-compose-mobymask-app.yml b/app/data/compose/docker-compose-mobymask-app.yml index 6df48130..f2b30a4b 100644 --- a/app/data/compose/docker-compose-mobymask-app.yml +++ b/app/data/compose/docker-compose-mobymask-app.yml @@ -13,6 +13,7 @@ services: CERC_DEPLOYED_CONTRACT: ${CERC_DEPLOYED_CONTRACT} CERC_APP_WATCHER_URL: ${CERC_APP_WATCHER_URL} CERC_RELAY_NODES: ${CERC_RELAY_NODES} + CERC_BUILD_DIR: "@cerc-io/mobymask-ui/build" working_dir: /scripts # Waits for watcher server to be up before app build # Required when running with watcher stack to get deployed contract address @@ -28,12 +29,47 @@ services: ports: - "0.0.0.0:3002:80" healthcheck: - test: ["CMD", "nc", "-v", "localhost", "80"] + test: ["CMD", "nc", "-vz", "localhost", "80"] + interval: 20s + timeout: 5s + retries: 15 + start_period: 10s + extra_hosts: + - "host.docker.internal:host-gateway" + + # Builds and serves the LXDAO version of MobyMask react-app + lxdao-mobymask-app: + restart: unless-stopped + image: cerc/mobymask-ui:local + env_file: + - ../config/watcher-mobymask-v2/mobymask-params.env + environment: + CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG} + CERC_CHAIN_ID: ${CERC_CHAIN_ID} + CERC_DEPLOYED_CONTRACT: ${CERC_DEPLOYED_CONTRACT} + CERC_APP_WATCHER_URL: ${CERC_APP_WATCHER_URL} + CERC_RELAY_NODES: ${CERC_RELAY_NODES} + CERC_BUILD_DIR: "@cerc-io/mobymask-ui-lxdao/build" + working_dir: /scripts + # Waits for watcher server to be up before app build + # Required when running with watcher stack to get deployed contract address + command: + - sh + - -c + - ./wait-for-it.sh -h ${CERC_WATCHER_HOST:-$${DEFAULT_CERC_WATCHER_HOST}} -p ${CERC_WATCHER_PORT:-$${DEFAULT_CERC_WATCHER_PORT}} -s -t 0 -- ./mobymask-app-start.sh + volumes: + - ../config/wait-for-it.sh:/scripts/wait-for-it.sh + - ../config/watcher-mobymask-v2/mobymask-app-start.sh:/scripts/mobymask-app-start.sh + - peers_ids:/peers + - mobymask_deployment:/server + ports: + - "0.0.0.0:3004:80" + healthcheck: + test: ["CMD", "nc", "-vz", "localhost", "80"] interval: 20s timeout: 5s retries: 15 start_period: 10s - shm_size: '1GB' extra_hosts: - "host.docker.internal:host-gateway" diff --git a/app/data/compose/docker-compose-watcher-mobymask-v2.yml b/app/data/compose/docker-compose-watcher-mobymask-v2.yml index fa68d017..36c5f3f9 100644 --- a/app/data/compose/docker-compose-watcher-mobymask-v2.yml +++ b/app/data/compose/docker-compose-watcher-mobymask-v2.yml @@ -34,23 +34,20 @@ services: CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG} ENV: "PROD" CERC_L2_GETH_RPC: ${CERC_L2_GETH_RPC} + CERC_L1_ACCOUNTS_CSV_URL: ${CERC_L1_ACCOUNTS_CSV_URL} CERC_PRIVATE_KEY_DEPLOYER: ${CERC_PRIVATE_KEY_DEPLOYER} CERC_MOBYMASK_APP_BASE_URI: ${CERC_MOBYMASK_APP_BASE_URI} CERC_DEPLOYED_CONTRACT: ${CERC_DEPLOYED_CONTRACT} - # Waits for L2 Optimism Geth and Node servers to be up before deploying contract - command: - - sh - - -c - - | - ./wait-for-it.sh -h ${CERC_L2_GETH_HOST:-$${DEFAULT_CERC_L2_GETH_HOST}} -p ${CERC_L2_GETH_PORT:-$${DEFAULT_CERC_L2_GETH_PORT}} -s -t 0 && \ - ./wait-for-it.sh -h ${CERC_L2_NODE_HOST:-$${DEFAULT_CERC_L2_NODE_HOST}} -p ${CERC_L2_NODE_PORT:-$${DEFAULT_CERC_L2_NODE_PORT}} -s -t 0 && \ - ./deploy-and-generate-invite.sh + CERC_L2_GETH_HOST: ${CERC_L2_GETH_HOST} + CERC_L2_GETH_PORT: ${CERC_L2_GETH_PORT} + CERC_L2_NODE_HOST: ${CERC_L2_NODE_HOST} + CERC_L2_NODE_PORT: ${CERC_L2_NODE_PORT} + command: ["sh", "deploy-and-generate-invite.sh"] volumes: - ../config/wait-for-it.sh:/app/packages/server/wait-for-it.sh - ../config/watcher-mobymask-v2/secrets-template.json:/app/packages/server/secrets-template.json - ../config/watcher-mobymask-v2/deploy-and-generate-invite.sh:/app/packages/server/deploy-and-generate-invite.sh - mobymask_deployment:/app/packages/server - - fixturenet_geth_accounts:/geth-accounts:ro extra_hosts: - "host.docker.internal:host-gateway" @@ -83,6 +80,7 @@ services: environment: CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG} CERC_L2_GETH_RPC: ${CERC_L2_GETH_RPC} + CERC_L1_ACCOUNTS_CSV_URL: ${CERC_L1_ACCOUNTS_CSV_URL} CERC_PRIVATE_KEY_PEER: ${CERC_PRIVATE_KEY_PEER} CERC_RELAY_PEERS: ${CERC_RELAY_PEERS} CERC_RELAY_ANNOUNCE_DOMAIN: ${CERC_RELAY_ANNOUNCE_DOMAIN} @@ -94,7 +92,6 @@ services: - ../config/watcher-mobymask-v2/start-server.sh:/app/start-server.sh - peers_ids:/app/peers - mobymask_deployment:/server - - fixturenet_geth_accounts:/geth-accounts:ro # Expose GQL, metrics and relay node ports ports: - "0.0.0.0:3001:3001" @@ -135,4 +132,3 @@ volumes: mobymask_watcher_db_data: peers_ids: mobymask_deployment: - fixturenet_geth_accounts: diff --git a/app/data/config/fixturenet-optimism/l1-params.env b/app/data/config/fixturenet-optimism/l1-params.env index 6b23c872..5353e62f 100644 --- a/app/data/config/fixturenet-optimism/l1-params.env +++ b/app/data/config/fixturenet-optimism/l1-params.env @@ -6,9 +6,7 @@ DEFAULT_CERC_L1_RPC="http://fixturenet-eth-geth-1:8545" DEFAULT_CERC_L1_HOST="fixturenet-eth-geth-1" DEFAULT_CERC_L1_PORT=8545 -# Credentials for accounts on L1 to send balance to Optimism Proxy contract from +# URL to get CSV with credentials for accounts on L1 +# that are used to send balance to Optimism Proxy contract # (enables them to do transactions on L2) -DEFAULT_CERC_L1_ADDRESS= -DEFAULT_CERC_L1_PRIV_KEY= -DEFAULT_CERC_L1_ADDRESS_2= -DEFAULT_CERC_L1_PRIV_KEY_2= +DEFAULT_CERC_L1_ACCOUNTS_CSV_URL="http://fixturenet-eth-bootnode-geth:9898/accounts.csv" diff --git a/app/data/config/fixturenet-optimism/optimism-contracts/run.sh b/app/data/config/fixturenet-optimism/optimism-contracts/run.sh index a256ea64..eb55e1fd 100755 --- a/app/data/config/fixturenet-optimism/optimism-contracts/run.sh +++ b/app/data/config/fixturenet-optimism/optimism-contracts/run.sh @@ -7,10 +7,7 @@ fi CERC_L1_CHAIN_ID="${CERC_L1_CHAIN_ID:-${DEFAULT_CERC_L1_CHAIN_ID}}" CERC_L1_RPC="${CERC_L1_RPC:-${DEFAULT_CERC_L1_RPC}}" -CERC_L1_ADDRESS="${CERC_L1_ADDRESS:-${DEFAULT_CERC_L1_ADDRESS}}" -CERC_L1_PRIV_KEY="${CERC_L1_PRIV_KEY:-${DEFAULT_CERC_L1_PRIV_KEY}}" -CERC_L1_ADDRESS_2="${CERC_L1_ADDRESS_2:-${DEFAULT_CERC_L1_ADDRESS_2}}" -CERC_L1_PRIV_KEY_2="${CERC_L1_PRIV_KEY_2:-${DEFAULT_CERC_L1_PRIV_KEY_2}}" +CERC_L1_ACCOUNTS_CSV_URL="${CERC_L1_ACCOUNTS_CSV_URL:-${DEFAULT_CERC_L1_ACCOUNTS_CSV_URL}}" echo "Using L1 RPC endpoint ${CERC_L1_RPC}" @@ -62,15 +59,21 @@ PROPOSER_ADDRESS=$(echo "$KEYS_JSON" | jq -r '.Proposer.address') BATCHER_ADDRESS=$(echo "$KEYS_JSON" | jq -r '.Batcher.address') SEQUENCER_ADDRESS=$(echo "$KEYS_JSON" | jq -r '.Sequencer.address') -# Read the private key of L1 accounts -if [ -f /geth-accounts/accounts.csv ]; then - echo "Using L1 account credentials from the mounted volume" +# Get the private keys of L1 accounts +if [ -n "$CERC_L1_ACCOUNTS_CSV_URL" ] && \ + l1_accounts_response=$(curl -L --write-out '%{http_code}' --silent --output /dev/null "$CERC_L1_ACCOUNTS_CSV_URL") && \ + [ "$l1_accounts_response" -eq 200 ]; +then + echo "Fetching L1 account credentials using provided URL" + mkdir -p /geth-accounts + wget -O /geth-accounts/accounts.csv "$CERC_L1_ACCOUNTS_CSV_URL" + CERC_L1_ADDRESS=$(head -n 1 /geth-accounts/accounts.csv | cut -d ',' -f 2) CERC_L1_PRIV_KEY=$(head -n 1 /geth-accounts/accounts.csv | cut -d ',' -f 3) CERC_L1_ADDRESS_2=$(awk -F, 'NR==2{print $(NF-1)}' /geth-accounts/accounts.csv) CERC_L1_PRIV_KEY_2=$(awk -F, 'NR==2{print $NF}' /geth-accounts/accounts.csv) else - echo "Using L1 account credentials from env" + echo "Couldn't fetch L1 account credentials, using them from env" fi # Select a finalized L1 block as the starting point for roll ups diff --git a/app/data/config/watcher-mobymask-v2/deploy-and-generate-invite.sh b/app/data/config/watcher-mobymask-v2/deploy-and-generate-invite.sh index 2e6ffcf7..c7fc1c70 100755 --- a/app/data/config/watcher-mobymask-v2/deploy-and-generate-invite.sh +++ b/app/data/config/watcher-mobymask-v2/deploy-and-generate-invite.sh @@ -5,19 +5,32 @@ if [ -n "$CERC_SCRIPT_DEBUG" ]; then fi CERC_L2_GETH_RPC="${CERC_L2_GETH_RPC:-${DEFAULT_CERC_L2_GETH_RPC}}" -CERC_PRIVATE_KEY_DEPLOYER="${CERC_PRIVATE_KEY_DEPLOYER:-${DEFAULT_CERC_PRIVATE_KEY_DEPLOYER}}" +CERC_L1_ACCOUNTS_CSV_URL="${CERC_L1_ACCOUNTS_CSV_URL:-${DEFAULT_CERC_L1_ACCOUNTS_CSV_URL}}" CERC_MOBYMASK_APP_BASE_URI="${CERC_MOBYMASK_APP_BASE_URI:-${DEFAULT_CERC_MOBYMASK_APP_BASE_URI}}" CERC_DEPLOYED_CONTRACT="${CERC_DEPLOYED_CONTRACT:-${DEFAULT_CERC_DEPLOYED_CONTRACT}}" +# Check if CERC_DEPLOYED_CONTRACT environment variable set to skip contract deployment +if [ -n "$CERC_DEPLOYED_CONTRACT" ]; then + echo "CERC_DEPLOYED_CONTRACT is set to '$CERC_DEPLOYED_CONTRACT'" + echo "Skipping contract deployment" + exit 0 +fi + echo "Using L2 RPC endpoint ${CERC_L2_GETH_RPC}" -if [ -f /geth-accounts/accounts.csv ]; then - echo "Using L1 private key from the mounted volume" - # Read the private key of L1 account to deploy contract +if [ -n "$CERC_L1_ACCOUNTS_CSV_URL" ] && \ + l1_accounts_response=$(curl -L --write-out '%{http_code}' --silent --output /dev/null "$CERC_L1_ACCOUNTS_CSV_URL") && \ + [ "$l1_accounts_response" -eq 200 ]; +then + echo "Fetching L1 account credentials using provided URL" + mkdir -p /geth-accounts + wget -O /geth-accounts/accounts.csv "$CERC_L1_ACCOUNTS_CSV_URL" + + # Read the private key of an L1 account to deploy contract CERC_PRIVATE_KEY_DEPLOYER=$(head -n 1 /geth-accounts/accounts.csv | cut -d ',' -f 3) else - echo "Using CERC_PRIVATE_KEY_DEPLOYER from env" + echo "Couldn't fetch L1 account credentials, using CERC_PRIVATE_KEY_DEPLOYER from env" fi # Set the private key @@ -29,14 +42,15 @@ jq --arg rpcUrl "$CERC_L2_GETH_RPC" '.rpcUrl = $rpcUrl' secrets.json > secrets_u # Set the MobyMask app base URI jq --arg baseURI "$CERC_MOBYMASK_APP_BASE_URI" '.baseURI = $baseURI' secrets.json > secrets_updated.json && mv secrets_updated.json secrets.json -export RPC_URL="${CERC_L2_GETH_RPC}" +# Wait for L2 Optimism Geth and Node servers to be up before deploying contract +CERC_L2_GETH_HOST="${CERC_L2_GETH_HOST:-${DEFAULT_CERC_L2_GETH_HOST}}" +CERC_L2_GETH_PORT="${CERC_L2_GETH_PORT:-${DEFAULT_CERC_L2_GETH_PORT}}" +CERC_L2_NODE_HOST="${CERC_L2_NODE_HOST:-${DEFAULT_CERC_L2_NODE_HOST}}" +CERC_L2_NODE_PORT="${CERC_L2_NODE_PORT:-${DEFAULT_CERC_L2_NODE_PORT}}" +./wait-for-it.sh -h "${CERC_L2_GETH_HOST}" -p "${CERC_L2_GETH_PORT}" -s -t 0 +./wait-for-it.sh -h "${CERC_L2_GETH_PORT}" -p "${CERC_L2_NODE_PORT}" -s -t 0 -# Check if CERC_DEPLOYED_CONTRACT environment variable set to skip contract deployment -if [ -n "$CERC_DEPLOYED_CONTRACT" ]; then - echo "CERC_DEPLOYED_CONTRACT is set to '$CERC_DEPLOYED_CONTRACT'" - echo "Exiting without deploying contract" - exit 0 -fi +export RPC_URL="${CERC_L2_GETH_RPC}" # Check and exit if a deployment already exists (on restarts) if [ -f ./config.json ]; then diff --git a/app/data/config/watcher-mobymask-v2/optimism-params.env b/app/data/config/watcher-mobymask-v2/optimism-params.env index 6bdc7ea3..e0d2cd75 100644 --- a/app/data/config/watcher-mobymask-v2/optimism-params.env +++ b/app/data/config/watcher-mobymask-v2/optimism-params.env @@ -2,12 +2,13 @@ # L2 endpoints DEFAULT_CERC_L2_GETH_RPC="http://op-geth:8545" + +# Endpoints waited on before contract deployment DEFAULT_CERC_L2_GETH_HOST="op-geth" DEFAULT_CERC_L2_GETH_PORT=8545 DEFAULT_CERC_L2_NODE_HOST="op-node" DEFAULT_CERC_L2_NODE_PORT=8547 -# Credentials for accounts to perform txs on L2 -DEFAULT_CERC_PRIVATE_KEY_DEPLOYER= -DEFAULT_CERC_PRIVATE_KEY_PEER= +# URL to get CSV with credentials for accounts on L1 to perform txs on L2 +DEFAULT_CERC_L1_ACCOUNTS_CSV_URL="http://fixturenet-eth-bootnode-geth:9898/accounts.csv" diff --git a/app/data/config/watcher-mobymask-v2/start-server.sh b/app/data/config/watcher-mobymask-v2/start-server.sh index 02184842..b46a7c14 100755 --- a/app/data/config/watcher-mobymask-v2/start-server.sh +++ b/app/data/config/watcher-mobymask-v2/start-server.sh @@ -5,7 +5,7 @@ if [ -n "$CERC_SCRIPT_DEBUG" ]; then fi CERC_L2_GETH_RPC="${CERC_L2_GETH_RPC:-${DEFAULT_CERC_L2_GETH_RPC}}" -CERC_PRIVATE_KEY_PEER="${CERC_PRIVATE_KEY_PEER:-${DEFAULT_CERC_PRIVATE_KEY_PEER}}" +CERC_L1_ACCOUNTS_CSV_URL="${CERC_L1_ACCOUNTS_CSV_URL:-${DEFAULT_CERC_L1_ACCOUNTS_CSV_URL}}" CERC_RELAY_PEERS="${CERC_RELAY_PEERS:-${DEFAULT_CERC_RELAY_PEERS}}" CERC_RELAY_ANNOUNCE_DOMAIN="${CERC_RELAY_ANNOUNCE_DOMAIN:-${DEFAULT_CERC_RELAY_ANNOUNCE_DOMAIN}}" @@ -24,12 +24,18 @@ else CONTRACT_ADDRESS=$(jq -r '.address' /server/config.json | tr -d '"') fi -if [ -f /geth-accounts/accounts.csv ]; then - echo "Using L1 private key from the mounted volume" - # Read the private key of L1 account for sending txs from peer +if [ -n "$CERC_L1_ACCOUNTS_CSV_URL" ] && \ + l1_accounts_response=$(curl -L --write-out '%{http_code}' --silent --output /dev/null "$CERC_L1_ACCOUNTS_CSV_URL") && \ + [ "$l1_accounts_response" -eq 200 ]; +then + echo "Fetching L1 account credentials using provided URL" + mkdir -p /geth-accounts + wget -O /geth-accounts/accounts.csv "$CERC_L1_ACCOUNTS_CSV_URL" + + # Read the private key of an L1 account for sending txs from peer CERC_PRIVATE_KEY_PEER=$(awk -F, 'NR==2{print $NF}' /geth-accounts/accounts.csv) else - echo "Using CERC_PRIVATE_KEY_PEER from env" + echo "Couldn't fetch L1 account credentials, using CERC_PRIVATE_KEY_PEER from env" fi # Read in the config template TOML file and modify it diff --git a/app/data/container-build/cerc-mobymask-ui/Dockerfile b/app/data/container-build/cerc-mobymask-ui/Dockerfile index 3f04ec45..e5a804b4 100644 --- a/app/data/container-build/cerc-mobymask-ui/Dockerfile +++ b/app/data/container-build/cerc-mobymask-ui/Dockerfile @@ -31,7 +31,7 @@ RUN \ # Install additional OS packages. RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ - && apt-get -y install --no-install-recommends jq bash + && apt-get -y install --no-install-recommends jq bash netcat # We do this to get a yq binary from the published container, for the correct architecture we're building here COPY --from=docker.io/mikefarah/yq:latest /usr/bin/yq /usr/local/bin/yq @@ -48,8 +48,11 @@ RUN mkdir -p /config # Install simple web server for now (use nginx perhaps later) RUN yarn global add http-server -# Globally install the payload web app package -RUN yarn global add @cerc-io/mobymask-ui +# Globally install both versions of the payload web app package +# Install old version of MobyMask web app +RUN yarn global add @cerc-io/mobymask-ui@0.1.3 +# Install the LXDAO version of MobyMask web app +RUN yarn global add @cerc-io/mobymask-ui-lxdao@npm:@cerc-io/mobymask-ui@0.1.3-lxdao-0.1.0 # Expose port for http EXPOSE 80 diff --git a/app/data/container-build/cerc-mobymask-ui/start-serving-app.sh b/app/data/container-build/cerc-mobymask-ui/start-serving-app.sh index 4e0a976c..0e11b447 100755 --- a/app/data/container-build/cerc-mobymask-ui/start-serving-app.sh +++ b/app/data/container-build/cerc-mobymask-ui/start-serving-app.sh @@ -4,6 +4,6 @@ if [ -n "$CERC_SCRIPT_DEBUG" ]; then fi # TODO: Don't hard wire this: -webapp_files_dir=/usr/local/share/.config/yarn/global/node_modules/@cerc-io/mobymask-ui/build +webapp_files_dir="/usr/local/share/.config/yarn/global/node_modules/${CERC_BUILD_DIR}" /scripts/apply-webapp-config.sh /config/config.yml ${webapp_files_dir} MOBYMASK_HOSTED_CONFIG http-server -p 80 ${webapp_files_dir} diff --git a/app/data/container-build/cerc-mobymask/Dockerfile b/app/data/container-build/cerc-mobymask/Dockerfile index caa3e6b5..3bcebced 100644 --- a/app/data/container-build/cerc-mobymask/Dockerfile +++ b/app/data/container-build/cerc-mobymask/Dockerfile @@ -1,6 +1,6 @@ FROM node:16.17.1-alpine3.16 -RUN apk --update --no-cache add python3 alpine-sdk jq bash +RUN apk --update --no-cache add python3 alpine-sdk jq bash curl wget WORKDIR /app diff --git a/app/data/container-build/cerc-optimism-contracts/Dockerfile b/app/data/container-build/cerc-optimism-contracts/Dockerfile index cdc98b08..ed9c4b22 100644 --- a/app/data/container-build/cerc-optimism-contracts/Dockerfile +++ b/app/data/container-build/cerc-optimism-contracts/Dockerfile @@ -2,7 +2,7 @@ FROM cerc/foundry:local # Install node (local foundry is a debian based image) RUN apt-get update \ - && apt-get install -y curl \ + && apt-get install -y curl wget \ && curl --silent --location https://deb.nodesource.com/setup_16.x | bash - \ && apt-get update \ && apt-get install -y nodejs git busybox jq \ diff --git a/app/data/container-build/cerc-react-peer/Dockerfile b/app/data/container-build/cerc-react-peer/Dockerfile index f60ba504..191f986b 100644 --- a/app/data/container-build/cerc-react-peer/Dockerfile +++ b/app/data/container-build/cerc-react-peer/Dockerfile @@ -21,8 +21,7 @@ RUN mkdir -p /config RUN yarn global add http-server # Globally install the payload web app package -RUN yarn global add @cerc-io/test-app - +RUN yarn global add @cerc-io/test-app@0.2.33 # Expose port for http EXPOSE 80 diff --git a/app/data/container-build/cerc-watcher-mobymask-v2/Dockerfile b/app/data/container-build/cerc-watcher-mobymask-v2/Dockerfile index 9d1a70b7..c572658d 100644 --- a/app/data/container-build/cerc-watcher-mobymask-v2/Dockerfile +++ b/app/data/container-build/cerc-watcher-mobymask-v2/Dockerfile @@ -1,7 +1,7 @@ FROM ubuntu:22.04 RUN apt-get update \ - && apt-get install -y curl gnupg build-essential \ + && apt-get install -y curl wget gnupg build-essential \ && curl --silent --location https://deb.nodesource.com/setup_18.x | bash - \ && apt-get update \ && apt-get install -y nodejs git busybox jq \ diff --git a/app/data/stacks/fixturenet-eth/README.md b/app/data/stacks/fixturenet-eth/README.md index 86404af0..c54237aa 100644 --- a/app/data/stacks/fixturenet-eth/README.md +++ b/app/data/stacks/fixturenet-eth/README.md @@ -117,8 +117,8 @@ Clear volumes created by this stack: ```bash # List all relevant volumes -$ docker volume ls -q --filter "name=.*fixturenet_eth_bootnode_geth_data|.*fixturenet_eth_bootnode_lighthouse_data|.*fixturenet_eth_geth_1_data|.*fixturenet_eth_geth_2_data|.*fixturenet_eth_lighthouse_1_data|.*fixturenet_eth_lighthouse_2_data|.*fixturenet_geth_accounts" +$ docker volume ls -q --filter "name=.*fixturenet_eth_bootnode_geth_data|.*fixturenet_eth_bootnode_lighthouse_data|.*fixturenet_eth_geth_1_data|.*fixturenet_eth_geth_2_data|.*fixturenet_eth_lighthouse_1_data|.*fixturenet_eth_lighthouse_2_data" # Remove all the listed volumes -$ docker volume rm $(docker volume ls -q --filter "name=.*fixturenet_eth_bootnode_geth_data|.*fixturenet_eth_bootnode_lighthouse_data|.*fixturenet_eth_geth_1_data|.*fixturenet_eth_geth_2_data|.*fixturenet_eth_lighthouse_1_data|.*fixturenet_eth_lighthouse_2_data|.*fixturenet_geth_accounts") +$ docker volume rm $(docker volume ls -q --filter "name=.*fixturenet_eth_bootnode_geth_data|.*fixturenet_eth_bootnode_lighthouse_data|.*fixturenet_eth_geth_1_data|.*fixturenet_eth_geth_2_data|.*fixturenet_eth_lighthouse_1_data|.*fixturenet_eth_lighthouse_2_data") ``` diff --git a/app/data/stacks/fixturenet-optimism/README.md b/app/data/stacks/fixturenet-optimism/README.md index 5099cdd3..345e9a8d 100644 --- a/app/data/stacks/fixturenet-optimism/README.md +++ b/app/data/stacks/fixturenet-optimism/README.md @@ -76,10 +76,10 @@ Clear volumes created by this stack: ```bash # List all relevant volumes -docker volume ls -q --filter "name=.*fixturenet_geth_accounts|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data" +docker volume ls -q --filter "name=.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data" # Remove all the listed volumes -docker volume rm $(docker volume ls -q --filter "name=.*fixturenet_geth_accounts|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data") +docker volume rm $(docker volume ls -q --filter "name=.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data") ``` ## Troubleshooting diff --git a/app/data/stacks/fixturenet-optimism/l2-only.md b/app/data/stacks/fixturenet-optimism/l2-only.md index 821d16a8..957627d3 100644 --- a/app/data/stacks/fixturenet-optimism/l2-only.md +++ b/app/data/stacks/fixturenet-optimism/l2-only.md @@ -46,8 +46,13 @@ Create and update an env file to be used in the next step ([defaults](../../conf CERC_L1_HOST= CERC_L1_PORT= - # Credentials for accounts on L1 to send balance to Optimism Proxy contract from + # URL to get CSV with credentials for accounts on L1 + # that are used to send balance to Optimism Proxy contract # (enables them to do transactions on L2) + CERC_L1_ACCOUNTS_CSV_URL= + + # OR + # Specify the required account credentials CERC_L1_ADDRESS= CERC_L1_PRIV_KEY= CERC_L1_ADDRESS_2= @@ -91,10 +96,10 @@ Clear volumes created by this stack: ```bash # List all relevant volumes -docker volume ls -q --filter "name=.*fixturenet_geth_accounts|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data" +docker volume ls -q --filter "name=.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data" # Remove all the listed volumes -docker volume rm $(docker volume ls -q --filter "name=.*fixturenet_geth_accounts|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data") +docker volume rm $(docker volume ls -q --filter "name=.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data") ``` ## Troubleshooting diff --git a/app/data/stacks/kubo/README.md b/app/data/stacks/kubo/README.md new file mode 100644 index 00000000..e9b12321 --- /dev/null +++ b/app/data/stacks/kubo/README.md @@ -0,0 +1,30 @@ +# Kubo (IPFS) + +The Kubo stack currently uses the native IPFS docker image, therefore a single command will do: + +``` +laconic-so --stack kubo deploy up +``` + +If running locally, visit: http://localhost:5001/webui and explore the functionality of the WebUI. + +If running in the cloud, visit `IP:5001/webui` and you'll likely see this error: "Could not connect to the IPFS API". To fix it: + +1. Get the container name with `docker ps`: + +2. Go into the container (replace with your container name): + +``` +docker exec -it laconic-dbbf5498fd7d322930b9484121a6a5f4-ipfs-1 sh +``` + +3. Enable CORS as described in point 2 of the error message. Copy/paste/run each line in sequence, then run `exit` to exit the container. + +4. Restart the container: + +``` +laconic-so --stack kubo deploy down +laconic-so --stack kubo deploy up +``` + +5. Refresh the `IP:5001/webui` URL in your browser, you should now be connected to IPFS. diff --git a/app/data/stacks/kubo/stack.yml b/app/data/stacks/kubo/stack.yml new file mode 100644 index 00000000..2552df38 --- /dev/null +++ b/app/data/stacks/kubo/stack.yml @@ -0,0 +1,7 @@ +version: "1.0" +name: kubo +description: "Run kubo (IPFS)" +repos: +containers: +pods: + - kubo diff --git a/app/data/stacks/mobymask-v2/README.md b/app/data/stacks/mobymask-v2/README.md index fb4aebcd..ff67b55c 100644 --- a/app/data/stacks/mobymask-v2/README.md +++ b/app/data/stacks/mobymask-v2/README.md @@ -25,6 +25,10 @@ Checkout to the required versions and branches in repos cd ~/cerc/watcher-ts git checkout v0.2.39 +# mobymask-v2-watcher-ts +cd ~/cerc/mobymask-v2-watcher-ts +git checkout v0.1.0 + # MobyMask cd ~/cerc/MobyMask git checkout v0.1.2 @@ -114,8 +118,8 @@ Clear volumes created by this stack: ```bash # List all relevant volumes -docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment|.*fixturenet_geth_accounts|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data" +docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data" # Remove all the listed volumes -docker volume rm $(docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment|.*fixturenet_geth_accounts|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data") +docker volume rm $(docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment|.*l1_deployment|.*l2_accounts|.*l2_config|.*l2_geth_data") ``` diff --git a/app/data/stacks/mobymask-v2/demo.md b/app/data/stacks/mobymask-v2/demo.md index 953390cf..1e1d6f01 100644 --- a/app/data/stacks/mobymask-v2/demo.md +++ b/app/data/stacks/mobymask-v2/demo.md @@ -25,7 +25,7 @@ * Open the invite link in a new browser with different profile (to simulate remote browser) * Check that it is connected to any other peer in the network. -* In `Report a phishing attempt` section, report multiple phishers using the `submit` button. Click on the `Submit batch to p2p network` button. This broadcasts signed invocations to the connected peers. +* In `Report a phishing attempt` section, report multiple phishers using the `Submit` button. Click on the `Submit batch to p2p network` button. This broadcasts signed invocations to the connected peers. * In the `MESSAGES` tab of other browsers, a message can be seen with the signed invocations. diff --git a/app/data/stacks/mobymask-v2/mobymask-only.md b/app/data/stacks/mobymask-v2/mobymask-only.md index f4d25702..4cfb4ecf 100644 --- a/app/data/stacks/mobymask-v2/mobymask-only.md +++ b/app/data/stacks/mobymask-v2/mobymask-only.md @@ -9,7 +9,7 @@ Prerequisite: L2 Optimism Geth and Node RPC endpoints Clone required repositories: ```bash -laconic-so --stack mobymask-v2 setup-repositories --include cerc-io/MobyMask,cerc-io/watcher-ts +laconic-so --stack mobymask-v2 setup-repositories --include cerc-io/MobyMask,cerc-io/watcher-ts,cerc-io/mobymask-v2-watcher-ts # If this throws an error as a result of being already checked out to a branch/tag in a repo, remove the repositories mentioned below and re-run the command ``` @@ -19,7 +19,11 @@ Checkout to the required versions and branches in repos: ```bash # watcher-ts cd ~/cerc/watcher-ts -git checkout v0.2.35 +git checkout v0.2.39 + +# mobymask-v2-watcher-ts +cd ~/cerc/mobymask-v2-watcher-ts +git checkout v0.1.0 # MobyMask cd ~/cerc/MobyMask @@ -29,7 +33,7 @@ git checkout v0.1.2 Build the container images: ```bash -laconic-so --stack mobymask-v2 build-containers --include cerc/watcher-mobymask-v2,cerc/mobymask +laconic-so --stack mobymask-v2 build-containers --include cerc/watcher-ts,cerc/watcher-mobymask-v2,cerc/mobymask ``` This should create the required docker images in the local image registry @@ -43,13 +47,19 @@ Create and update an env file to be used in the next step ([defaults](../../conf ```bash # External L2 endpoints CERC_L2_GETH_RPC= + + # Endpoints waited on before contract deployment CERC_L2_GETH_HOST= CERC_L2_GETH_PORT= CERC_L2_NODE_HOST= CERC_L2_NODE_PORT= - # Credentials for accounts to perform txs on L2 + # URL to get CSV with credentials for accounts on L1 to perform txs on L2 + CERC_L1_ACCOUNTS_CSV_URL= + + # OR + # Specify the required account credentials CERC_PRIVATE_KEY_DEPLOYER= CERC_PRIVATE_KEY_PEER= @@ -118,8 +128,8 @@ Clear volumes created by this stack: ```bash # List all relevant volumes -docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment|.*fixturenet_geth_accounts" +docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment" # Remove all the listed volumes -docker volume rm $(docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment|.*fixturenet_geth_accounts") +docker volume rm $(docker volume ls -q --filter "name=.*mobymask_watcher_db_data|.*peers_ids|.*mobymask_deployment") ``` diff --git a/app/data/stacks/mobymask-v2/watcher-p2p-network.md b/app/data/stacks/mobymask-v2/watcher-p2p-network.md new file mode 100644 index 00000000..563012e8 --- /dev/null +++ b/app/data/stacks/mobymask-v2/watcher-p2p-network.md @@ -0,0 +1,306 @@ +# MobyMask Watcher P2P Network + +Instructions to setup and deploy a watcher that connects to the existing watcher p2p network + +## Prerequisites + +* Laconic Stack Orchestrator ([installation](/README.md#install)) +* A publicly reachable domain name with SSL setup + +This demo has been tested on a `Ubuntu 22.04 LTS` machine with `8GB` of RAM + +## Setup + +Clone required repositories: + + ```bash + laconic-so --stack mobymask-v2 setup-repositories --include cerc-io/MobyMask,cerc-io/watcher-ts,cerc-io/mobymask-v2-watcher-ts + + # This will clone the required repositories at ~/cerc + # If this throws an error as a result of being already checked out to a branch/tag in a repo, remove the repositories mentioned in the next step and re-run the command + + # Expected output: + + # Dev Root is: /home/xyz/cerc + # Checking: /home/xyz/cerc/watcher-ts: Needs to be fetched + # 100%|#############################################################################################################################################| 9.96k/9.96k [00:05<00:00, 1.70kB/s] + # Checking: /home/xyz/cerc/mobymask-v2-watcher-ts: Needs to be fetched + # 100%|################################################################################################################################################| 19.0/19.0 [00:01<00:00, 13.6B/s] + # Checking: /home/xyz/cerc/MobyMask: Needs to be fetched + # 100%|##############################################################################################################################################| 1.41k/1.41k [00:18<00:00, 76.4B/s] + ``` + +Checkout to the required versions and branches in repos: + + ```bash + # watcher-ts + cd ~/cerc/watcher-ts + git checkout v0.2.39 + + # mobymask-v2-watcher-ts + cd ~/cerc/mobymask-v2-watcher-ts + git checkout v0.1.0 + + # MobyMask + cd ~/cerc/MobyMask + git checkout v0.1.2 + ``` + +Build the container images: + + ```bash + laconic-so --stack mobymask-v2 build-containers --include cerc/watcher-ts,cerc/watcher-mobymask-v2,cerc/mobymask + ``` + +Check that the required images are created in the local image registry: + + ```bash + docker image ls + + # Expected output: + + # REPOSITORY TAG IMAGE ID CREATED SIZE + # cerc/watcher-mobymask-v2 local c4dba5dc8d48 24 seconds ago 1.02GB + # cerc/watcher-ts local 9ef61478c243 9 minutes ago 1.84GB + # cerc/mobymask local 9db3f1a69966 2 weeks ago 3.82GB + # . + # . + ``` + +## Deploy + +### Configuration + +Create an env file `mobymask-watcher.env`: + + ```bash + touch mobymask-watcher.env + ``` + +Add the following contents to `mobymask-watcher.env`: + + ```bash + # Domain to be used in the relay node's announce address + CERC_RELAY_ANNOUNCE_DOMAIN="example.com" + + + # DO NOT CHANGE THESE VALUES + CERC_DEPLOYED_CONTRACT="0x2B6AFbd4F479cE4101Df722cF4E05F941523EaD9" + CERC_ENABLE_PEER_L2_TXS=false + CERC_RELAY_PEERS=["/dns4/relay1.dev.vdb.to/tcp/443/wss/p2p/12D3KooWAx83SM9GWVPc9v9fNzLzftRX6EaAFMjhYiFxRYqctcW1", "/dns4/relay2.dev.vdb.to/tcp/443/wss/p2p/12D3KooWBycy6vHVEfUwwYRbPLBdb5gx9gtFSEMpErYPUjUkDNkm", "/dns4/relay3.dev.vdb.to/tcp/443/wss/p2p/12D3KooWARcUJsiGCgiygiRVVK94U8BNSy8DFBbzAF3B6orrabwn"] + ``` + +Replace `CERC_RELAY_ANNOUNCE_DOMAIN` with your public domain name + +### Deploy the stack + +```bash +laconic-so --stack mobymask-v2 deploy --cluster mobymask_v2 --include watcher-mobymask-v2 --env-file mobymask-watcher.env up + +# Expected output (ignore the "The X variable is not set. Defaulting to a blank string." warnings): + +# [+] Running 10/10 +# ✔ Network mobymask_v2_default Created 0.1s +# ✔ Volume "mobymask_v2_fixturenet_geth_accounts" Created 0.0s +# ✔ Volume "mobymask_v2_peers_ids" Created 0.0s +# ✔ Volume "mobymask_v2_mobymask_watcher_db_data" Created 0.0s +# ✔ Volume "mobymask_v2_mobymask_deployment" Created 0.0s +# ✔ Container mobymask_v2-mobymask-watcher-db-1 Healthy 22.2s +# ✔ Container mobymask_v2-mobymask-1 Exited 2.2s +# ✔ Container mobymask_v2-peer-ids-gen-1 Exited 23.9s +# ✔ Container mobymask_v2-mobymask-watcher-server-1 Healthy 43.6s +# ✔ Container mobymask_v2-peer-tests-1 Started 44.5s +``` + +This will run the `mobymask-v2-watcher` including: +* A relay node which is in a federated setup with relay nodes set in the env file +* A peer node which connects to the watcher relay node as an entrypoint to the MobyMask watcher p2p network. This peer listens for messages from other peers on the network and logs them out to the console + +The watcher endpoint is exposed on host port `3001` and the relay node endpoint is exposed on host port `9090` + +To list down and monitor the running containers: + + ```bash + laconic-so --stack mobymask-v2 deploy --cluster mobymask_v2 --include watcher-mobymask-v2 ps + + # Expected output: + + # Running containers: + # id: 25cc3a1cbda27fcd9c2ad4c772bd753ccef1e178f901a70e6ff4191d4a8684e9, name: mobymask_v2-mobymask-watcher-db-1, ports: 0.0.0.0:15432->5432/tcp + # id: c9806f78680d68292ffe942222af2003aa3ed5d5c69d7121b573f5028444391d, name: mobymask_v2-mobymask-watcher-server-1, ports: 0.0.0.0:3001->3001/tcp, 0.0.0.0:9001->9001/tcp, 0.0.0.0:9090->9090/tcp + # id: 6b30a1d313a88fb86f8a3b37a1b1a3bc053f238664e4b2d196c3ec74e04faf13, name: mobymask_v2-peer-tests-1, ports: + + + # With status + docker ps + + # Expected output: + + # CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES + # 6b30a1d313a8 cerc/watcher-ts:local "docker-entrypoint.s…" 5 minutes ago Up 4 minutes mobymask_v2-peer-tests-1 + # c9806f78680d cerc/watcher-mobymask-v2:local "sh start-server.sh" 5 minutes ago Up 5 minutes (healthy) 0.0.0.0:3001->3001/tcp, 0.0.0.0:9001->9001/tcp, 0.0.0.0:9090->9090/tcp mobymask_v2-mobymask-watcher-server-1 + # 25cc3a1cbda2 postgres:14-alpine "docker-entrypoint.s…" 5 minutes ago Up 5 minutes (healthy) 0.0.0.0:15432->5432/tcp mobymask_v2-mobymask-watcher-db-1 + + + # Check logs for a container + docker logs -f + ``` + +Check watcher container logs to get multiaddr advertised by the watcher's relay node and note it down for further usage: + + ```bash + laconic-so --stack mobymask-v2 deploy --cluster mobymask_v2 --include watcher-mobymask-v2 logs mobymask-watcher-server | grep -A 2 "Relay node started" + + # The multiaddr will be of form /dns4//tcp/443/wss/p2p/ + # Expected output: + + # mobymask_v2-mobymask-watcher-server-1 | 2023-04-20T04:22:57.069Z laconic:relay Relay node started with id 12D3KooWKef84LAcBNb9wZNs6jC5kQFXjddo47hK6AGHD2dSvGai (characteristic-black-pamella) + # mobymask_v2-mobymask-watcher-server-1 | 2023-04-20T04:22:57.069Z laconic:relay Listening on: + # mobymask_v2-mobymask-watcher-server-1 | 2023-04-20T04:22:57.070Z laconic:relay /dns4/example.com/tcp/443/wss/p2p/12D3KooWKef84LAcBNb9wZNs6jC5kQFXjddo47hK6AGHD2dSvGai + ``` + +## Web App + +To be able to connect to the relay node from remote peers, it needs to be publicly reachable. Configure your website with SSL and the `https` traffic forwarded to port `9090`. + +For example, a Nginx configuration for domain `example.com` would look something like: + + ```bash + server { + server_name example.com; + + # https://nginx.org/en/docs/http/websocket.html + location / { + proxy_pass http://127.0.0.1:9090; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + # set a large timeout to avoid websocket disconnects + proxy_read_timeout 86400; + } + + listen [::]:443 ssl ipv6only=on; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + } + + server { + if ($host = example.com) { + return 301 https://$host$request_uri; + } # managed by Certbot + + listen 80; + listen [::]:80; + + server_name example.com; + return 404; # managed by Certbot + } + ``` + +To connect a browser peer to the watcher's relay node: +* Visit https://mobymask-lxdao-app.dev.vdb.to/ +* Click on debug panel on bottom right of the homepage +* Select `` in `Primary Relay` dropdown on the right and enter the watcher relay node's multiaddr +* Click on `UPDATE` to refresh the page and connect to the watcher's relay node; you should see the relay node's multiaddr in `Self Node Info` on the debug panel +* Switch to the `GRAPH (PEERS)` tab to see peers connected to this browser node and the `GRAPH (NETWORK)` tab to see the whole MobyMask p2p network + +Perform transactions (invite required): +* Open the invite link in a browser and open the debug panel +* Confirm that the browser peer is connected to at least one other peer, then close the debug panel +* Check the status for a phisher to be reported in the `Check Phisher Status` section on homepage +* Select `Report Phisher` option in the `Pending reports` section, enter multiple phisher records and click on the `Submit batch to p2p network` button; this broadcasts signed invocations to peers on the network, including the watcher peer +* Check the watcher container logs to see the message received: + ```bash + docker logs $(docker ps -aq --filter name="mobymask-watcher-server") + + # Expected output: + + # . + # . + # 2023-04-20T04:42:01.072Z vulcanize:libp2p-utils [4:42:1] Received a message on mobymask P2P network from peer: 12D3KooWDKCke8hrjm4evwc9HzUzPZXeVTEQqmfLCkdNaXQ7efAZ + # 2023-04-20T04:42:01.072Z vulcanize:libp2p-utils Signed invocations: + # 2023-04-20T04:42:01.073Z vulcanize:libp2p-utils [ + # { + # "signature": "0x18dc2f4092473cbcc4636eb922f6abf17675368363675779e67d2c14bb0a135f6029da12671a3367463d41720938c84bb3ceed727721c3bbc50d8739859412801c", + # "invocations": { + # "batch": [ + # { + # "transaction": { + # "to": "0x2B6AFbd4F479cE4101Df722cF4E05F941523EaD9", + # "data": "0x6b6dc9de00000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000c5457543a70686973686572310000000000000000000000000000000000000000", + # "gasLimit": 500000 + # }, + # "authority": [ + # { + # "signature": "0x0f91c765faaf851550ddd4345d1bc11eebbf29fde0306a8051f9d3c679c6d6856f66753cad8fcff25203a3e0528b3d7673371343f66a39424f6281c474eada431c", + # "delegation": { + # "delegate": "0x1B85a1485582C3389F62EB9F2C88f0C89bb1C1F4", + # "authority": "0x0000000000000000000000000000000000000000000000000000000000000000", + # "caveats": [ + # { + # "enforcer": "0x2B6AFbd4F479cE4101Df722cF4E05F941523EaD9", + # "terms": "0x0000000000000000000000000000000000000000000000000000000000000000" + # } + # ] + # } + # } + # ] + # } + # ], + # "replayProtection": { + # "nonce": 1, + # "queue": 64298938 + # } + # } + # } + # ] + # 2023-04-20T04:42:01.087Z vulcanize:libp2p-utils method: claimIfPhisher, value: TWT:phisher1 + # 2023-04-20T04:42:01.087Z vulcanize:libp2p-utils ------------------------------------------ + # . + # . + ``` +* Now, check the status for reported phishers again and confirm that they have been registered + +## Clean up + +Stop all services running in the background: + + ```bash + laconic-so --stack mobymask-v2 deploy --cluster mobymask_v2 --include watcher-mobymask-v2 down + + # Expected output: + + # [+] Running 6/6 + # ✔ Container mobymask_v2-peer-tests-1 Removed 10.5s + # ✔ Container mobymask_v2-mobymask-watcher-server-1 Removed 10.8s + # ✔ Container mobymask_v2-peer-ids-gen-1 Removed 0.0s + # ✔ Container mobymask_v2-mobymask-1 Removed 0.0s + # ✔ Container mobymask_v2-mobymask-watcher-db-1 Removed 0.6s + # ✔ Network mobymask_v2_default Removed 0.5s + ``` + +Clear volumes created by this stack: + + ```bash + # List all relevant volumes + docker volume ls -q --filter "name=mobymask_v2*" + + # Expected output: + + # mobymask_v2_fixturenet_geth_accounts + # mobymask_v2_mobymask_deployment + # mobymask_v2_mobymask_watcher_db_data + # mobymask_v2_peers_ids + + + # Remove all the listed volumes + docker volume rm $(docker volume ls -q --filter "name=mobymask_v2*") + ``` + +## Troubleshooting + +* If you don't see any peer connections being formed in the debug panel on https://mobymask-lxdao-app.dev.vdb.to/, try clearing out the website's local storage and refreshing the page diff --git a/tests/smoke-test/run-smoke-test.sh b/tests/smoke-test/run-smoke-test.sh index 777c608e..0ee258ce 100755 --- a/tests/smoke-test/run-smoke-test.sh +++ b/tests/smoke-test/run-smoke-test.sh @@ -1,3 +1,11 @@ +#!/usr/bin/env bash +set -e +if [ -n "$CERC_SCRIPT_DEBUG" ]; then + set -x +fi +# Dump environment variables for debugging +echo "Environment variables:" +env # Basic simple test of stack-orchestrator functionality echo "Running stack-orchestrator smoke test" # Bit of a hack, test the most recent package @@ -19,6 +27,8 @@ $TEST_TARGET_SO --stack test setup-repositories $TEST_TARGET_SO --stack test build-containers # Build one example containers $TEST_TARGET_SO build-containers --include cerc/builder-js +echo "Images in the local registry:" +docker image ls -a # Deploy the test container $TEST_TARGET_SO --stack test deploy-system up # TODO: test that we can use the deployed container somehow