Ecosystem/serai
Ecosystem/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2024-11-16 17:07:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Redo Dockerfile generation (#530)

Browse source 
Moves from concatted Dockerfiles to pseudo-templated Dockerfiles via a dedicated Rust program.

Removes the unmaintained kubernetes, not because we shouldn't have/use it, but because it's unmaintained and needs to be reworked before it's present again.

Replaces the compose with the work in the new orchestrator binary which spawns everything as expected. While this arguably re-invents the wheel, it correctly manages secrets and handles the variadic Dockerfiles.

Also adds an unrelated patch for zstd and simplifies running services a bit by greater utilizing the existing infrastructure.

---

* Delete all Dockerfile fragments, add new orchestator to generate Dockerfiles

Enables greater templating.

Also delete the unmaintained kubernetes folder *for now*. This should be
restored in the future.

* Use Dockerfiles from the orchestator

* Ignore Dockerfiles in the git repo

* Remove CI job to check Dockerfiles are as expected now that they're no longer committed

* Remove old Dockerfiles from repo

* Use Debian for monero-wallet-rpc

* Remove replace_cmds for proper usage of entry-dev

Consolidates ports a bit.

Updates serai-docker-tests from "compose" to "build".

* Only write a new dockerfile if it's distinct

Preserves the updated time metadata.

* Update serai-docker-tests

* Correct the path Dockerfiles are built from

* Correct inclusion of orchestration folder in Docker builds

* Correct debug/release flagging in the cargo command

Apparently, --debug isn't an effective NOP yet an error.

* Correct path used to run the Serai node within a Dockerfile

* Correct path in Monero Dockerfile

* Attempt storing monerod in /usr/bin

* Use sudo to move into /usr/bin in CI

* Correct 18.3.0 to 18.3.1

* Escape * with quotes

* Update deny.toml, ADD orchestration in runtime Dockerfile

* Add --detach to the Monero GH CI

* Diversify dockerfiles by network

* Fixes to network-diversified orchestration

* Bitcoin and Monero testnet scripts

* Permissions and tweaks

* Flatten scripts folders

* Add missing folder specification to Monero Dockerfile

* Have monero-wallet-rpc specify the monerod login

* Have the Docker CMD specify env variables inserted at time of Dockerfile generation

They're overrideable with the global enviornment as for tests. This enables
variable generation in orchestrator and output to productionized Docker files
without creating a life-long file within the Docker container.

* Don't add Dockerfiles into Docker containers now that they have secrets

Solely add the source code for them as needed to satisfy the workspace bounds.

* Download arm64 Monero on arm64

* Ensure constant host architecture when reproducibly building the wasm

Host architecture, for some reason, can effect the generated code despite the
target architecture always being foreign to the host architecture.

* Randomly generate infrastructure keys

* Have orchestrator generate a key, be able to create/start containers

* Ensure bash is used over sh

* Clean dated docs

* Change how quoting occurs

* Standardize to sh

* Have Docker test build the dev Dockerfiles

* Only key_gen once

* cargo update

Adds a patch for zstd and reconciles the breaking nightly change which just
occurred.

* Use a dedicated network for Serai

Also fixes SERAI_HOSTNAME passed to coordinator.

* Support providing a key over the env for the Serai node

* Enable and document running daemons for tests via serai-orchestrator

Has running containers under the dev network port forward the RPC ports.

* Use volumes for bitcoin/monero

* Use bitcoin's run.sh in GH CI

* Only use the volume for testnet (not dev)
This commit is contained in:
Luke Parker 2024-02-09 02:48:44 -05:00 committed by GitHub
parent 347d4cf413
commit 337e54c672
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
131 changed files with 1403 additions and 2695 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
.github/actions/bitcoin/action.yml vendored
View file

@ -37,11 +37,4 @@ runs:
- name: Bitcoin Regtest Daemon
shell: bash
run: |
RPC_USER=serai
RPC_PASS=seraidex
bitcoind -txindex -regtest \
-rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \
-rpcbind=127.0.0.1 -rpcbind=$(hostname) -rpcallowip=0.0.0.0/0 \
-daemon
run: PATH=$PATH:/usr/bin ./orchestration/dev/coins/bitcoin/run.sh -daemon

9
.github/actions/monero-wallet-rpc/action.yml vendored
View file

@ -5,7 +5,7 @@ inputs:
version:
description: "Version to download and run"
required: false
default: v0.18.2.0
default: v0.18.3.1
runs:
using: "composite"
@ -41,4 +41,9 @@ runs:
- name: Monero Wallet RPC
shell: bash
run: ./monero-wallet-rpc --disable-rpc-login --rpc-bind-port 6061 --allow-mismatched-daemon-version --wallet-dir ./ --detach
run: |
./monero-wallet-rpc --allow-mismatched-daemon-version \
--daemon-address 0.0.0.0:18081 --daemon-login serai:seraidex \
--disable-rpc-login --rpc-bind-port 18082 \
--wallet-dir ./ \
--detach

10
.github/actions/monero/action.yml vendored
View file

@ -5,7 +5,7 @@ inputs:
version:
description: "Version to download and run"
required: false
default: v0.18.2.0
default: v0.18.3.1
runs:
using: "composite"
@ -14,7 +14,7 @@ runs:
id: cache-monerod
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2
with:
path: monerod
path: /usr/bin/monerod
key: monerod-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }}
- name: Download the Monero Daemon
@ -37,8 +37,10 @@ runs:
wget https://downloads.getmonero.org/cli/$FILE
tar -xvf $FILE
mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod monerod
sudo mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod /usr/bin/monerod
sudo chmod 777 /usr/bin/monerod
sudo chmod +x /usr/bin/monerod
- name: Monero Regtest Daemon
shell: bash
run: ./monerod --regtest --offline --fixed-difficulty=1 --detach
run: PATH=$PATH:/usr/bin ./orchestration/dev/coins/monero/run.sh --detach

2
.github/actions/test-dependencies/action.yml vendored
View file

@ -5,7 +5,7 @@ inputs:
monero-version:
description: "Monero version to download and run as a regtest node"
required: false
default: v0.18.2.0
default: v0.18.3.1
bitcoin-version:
description: "Bitcoin version to download and run as a regtest node"

2
.github/nightly-version vendored
View file

@ -1 +1 @@
nightly-2024-02-01
nightly-2024-02-07

6
.github/workflows/coordinator-tests.yml vendored
View file

@ -9,9 +9,8 @@ on:
- "crypto/**"
- "coins/**"
- "message-queue/**"
- "orchestration/message-queue/**"
- "coordinator/**"
- "orchestration/coordinator/**"
- "orchestration/**"
- "tests/docker/**"
- "tests/coordinator/**"
@ -21,9 +20,8 @@ on:
- "crypto/**"
- "coins/**"
- "message-queue/**"
- "orchestration/message-queue/**"
- "coordinator/**"
- "orchestration/coordinator/**"
- "orchestration/**"
- "tests/docker/**"
- "tests/coordinator/**"

8
.github/workflows/lint.yml vendored
View file

@ -73,14 +73,6 @@ jobs:
- name: Run rustfmt
run: cargo +${{ steps.nightly.outputs.version }} fmt -- --check
dockerfiles:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
- name: Verify Dockerfiles are up to date
# Runs the file which generates them and checks the diff has no lines
run: cd orchestration && ./dockerfiles.sh && git diff | wc -l | grep -x "0"
machete:
runs-on: ubuntu-latest
steps:

4
.github/workflows/message-queue-tests.yml vendored
View file

@ -8,7 +8,7 @@ on:
- "common/**"
- "crypto/**"
- "message-queue/**"
- "orchestration/message-queue/**"
- "orchestration/**"
- "tests/docker/**"
- "tests/message-queue/**"
@ -17,7 +17,7 @@ on:
- "common/**"
- "crypto/**"
- "message-queue/**"
- "orchestration/message-queue/**"
- "orchestration/**"
- "tests/docker/**"
- "tests/message-queue/**"

6
.github/workflows/processor-tests.yml vendored
View file

@ -9,9 +9,8 @@ on:
- "crypto/**"
- "coins/**"
- "message-queue/**"
- "orchestration/message-queue/**"
- "processor/**"
- "orchestration/processor/**"
- "orchestration/**"
- "tests/docker/**"
- "tests/processor/**"
@ -21,9 +20,8 @@ on:
- "crypto/**"
- "coins/**"
- "message-queue/**"
- "orchestration/message-queue/**"
- "processor/**"
- "orchestration/processor/**"
- "orchestration/**"
- "tests/docker/**"
- "tests/processor/**"

5
.gitignore vendored
View file

@ -1,3 +1,6 @@
target
.vscode
Dockerfile
!orchestration/runtime/Dockerfile
.test-logs
.vscode

122
Cargo.lock generated
View file

@ -139,9 +139,9 @@ dependencies = [
[[package]]
name = "anstyle"
version = "1.0.5"
version = "1.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2faccea4cc4ab4a667ce676a30e8ec13922a692c99bb8f5b11f1502c72e04220"
checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc"
[[package]]
name = "anstyle-parse"
@ -747,9 +747,9 @@ checksum = "c3ac9f8b63eca6fd385229b3675f6cc0dc5c8a5c8a54a59d4f52ffd670d87b0c"
[[package]]
name = "bytemuck"
version = "1.14.1"
version = "1.14.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed2490600f404f2b94c167e31d3ed1d5f3c225a0f3b80230053b3e0b7b962bd9"
checksum = "ea31d69bda4949c1c1562c1e6f042a1caefac98cdc8a298260a2ff41c1e2d42b"
[[package]]
name = "byteorder"
@ -1289,9 +1289,9 @@ dependencies = [
[[package]]
name = "curve25519-dalek"
version = "4.1.1"
version = "4.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c"
checksum = "0a677b8922c94e01bdbb12126b0bc852f00447528dee1782229af9c720c3f348"
dependencies = [
"cfg-if",
"cpufeatures",
@ -1675,9 +1675,9 @@ dependencies = [
[[package]]
name = "ed25519-dalek"
version = "2.1.0"
version = "2.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1f628eaec48bfd21b865dc2950cfa014450c01d2fa2b69a86c2fd5844ec523c0"
checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
dependencies = [
"curve25519-dalek",
"ed25519",
@ -2114,9 +2114,9 @@ dependencies = [
[[package]]
name = "fiat-crypto"
version = "0.2.5"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "27573eac26f4dd11e2b1916c3fe1baa56407c83c71a773a8ba17ec0bca03b6b7"
checksum = "1676f435fc1dadde4d03e43f5d62b259e1ce5f40bd4ffb21db2b42ebe59c1382"
[[package]]
name = "file-per-thread-logger"
@ -2783,9 +2783,9 @@ checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
[[package]]
name = "hermit-abi"
version = "0.3.4"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d3d0e0f38255e7fa3cf31335b3a56f05febd18025f4db5ef7a0cfb4f8da651f"
checksum = "d0c62115964e08cb8039170eb33c1d0e2388a256930279edca206fff675f82c3"
[[package]]
name = "hex"
@ -3271,9 +3271,9 @@ dependencies = [
[[package]]
name = "js-sys"
version = "0.3.67"
version = "0.3.68"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9a1d36f1235bc969acba30b7f5990b864423a6068a10f7c90ae8f0112e3a59d1"
checksum = "406cda4b368d531c842222cf9d2600a9a4acce8d29423695379c6868a143a9ee"
dependencies = [
"wasm-bindgen",
]
@ -4694,9 +4694,9 @@ dependencies = [
[[package]]
name = "num-complex"
version = "0.4.4"
version = "0.4.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ba157ca0885411de85d6ca030ba7e2a83a28636056c7c699b07c8b6f7383214"
checksum = "23c6602fda94a57c990fe0df199a035d83576b496aa29f4e634a8ac6004e68a6"
dependencies = [
"num-traits",
]
@ -4713,11 +4713,10 @@ dependencies = [
[[package]]
name = "num-integer"
version = "0.1.45"
version = "0.1.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9"
checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
dependencies = [
"autocfg",
"num-traits",
]
@ -4735,9 +4734,9 @@ dependencies = [
[[package]]
name = "num-traits"
version = "0.2.17"
version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "39e3200413f237f41ab11ad6d161bc7239c84dcb631773ccd7de3dfe4b5c267c"
checksum = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a"
dependencies = [
"autocfg",
"libm",
@ -5291,9 +5290,9 @@ checksum = "626dec3cac7cc0e1577a2ec3fc496277ec2baa084bebad95bb6fdbfae235f84c"
[[package]]
name = "polling"
version = "3.3.2"
version = "3.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "545c980a3880efd47b2e262f6a4bb6daad6555cf3367aa9c4e52895f69537a41"
checksum = "30054e72317ab98eddd8561db0f6524df3367636884b7b21b703e4b280a84a14"
dependencies = [
"cfg-if",
"concurrent-queue",
@ -7629,8 +7628,10 @@ dependencies = [
"clap",
"frame-benchmarking",
"futures-util",
"hex",
"jsonrpsee",
"pallet-transaction-payment-rpc",
"rand_core",
"sc-authority-discovery",
"sc-basic-authorship",
"sc-cli",
@ -7647,6 +7648,8 @@ dependencies = [
"sc-telemetry",
"sc-transaction-pool",
"sc-transaction-pool-api",
"schnorrkel",
"serai-env",
"serai-runtime",
"sp-api",
"sp-block-builder",
@ -7654,10 +7657,26 @@ dependencies = [
"sp-consensus-babe",
"sp-core",
"sp-io",
"sp-keystore",
"sp-timestamp",
"substrate-build-script-utils",
"substrate-frame-rpc-system",
"tokio",
"zeroize",
]
[[package]]
name = "serai-orchestrator"
version = "0.0.1"
dependencies = [
"ciphersuite",
"flexible-transcript",
"hex",
"home",
"rand_chacha",
"rand_core",
"zalloc",
"zeroize",
]
[[package]]
@ -9069,13 +9088,12 @@ checksum = "69758bda2e78f098e4ccb393021a0963bb3442eac05f135c30f61b7370bbafae"
[[package]]
name = "tempfile"
version = "3.9.0"
version = "3.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "01ce4141aa927a6d1bd34a041795abd0db1cccba5d5f24b009f694bdf3a1f3fa"
checksum = "a365e8cd18e44762ef95d87f284f4b5cd04107fec2ff3052bd6a3e6069669e67"
dependencies = [
"cfg-if",
"fastrand",
"redox_syscall 0.4.1",
"rustix",
"windows-sys 0.52.0",
]
@ -9804,9 +9822,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "wasm-bindgen"
version = "0.2.90"
version = "0.2.91"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1223296a201415c7fad14792dbefaace9bd52b62d33453ade1c5b5f07555406"
checksum = "c1e124130aee3fb58c5bdd6b639a0509486b0338acaaae0c84a5124b0f588b7f"
dependencies = [
"cfg-if",
"wasm-bindgen-macro",
@ -9814,9 +9832,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-backend"
version = "0.2.90"
version = "0.2.91"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fcdc935b63408d58a32f8cc9738a0bffd8f05cc7c002086c6ef20b7312ad9dcd"
checksum = "c9e7e1900c352b609c8488ad12639a311045f40a35491fb69ba8c12f758af70b"
dependencies = [
"bumpalo",
"log",
@ -9829,9 +9847,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-futures"
version = "0.4.40"
version = "0.4.41"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bde2032aeb86bdfaecc8b261eef3cba735cc426c1f3a3416d1e0791be95fc461"
checksum = "877b9c3f61ceea0e56331985743b13f3d25c406a7098d45180fb5f09bc19ed97"
dependencies = [
"cfg-if",
"js-sys",
@ -9841,9 +9859,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro"
version = "0.2.90"
version = "0.2.91"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3e4c238561b2d428924c49815533a8b9121c664599558a5d9ec51f8a1740a999"
checksum = "b30af9e2d358182b5c7449424f017eba305ed32a7010509ede96cdc4696c46ed"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
@ -9851,9 +9869,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.90"
version = "0.2.91"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bae1abb6806dc1ad9e560ed242107c0f6c84335f1749dd4e8ddb012ebd5e25a7"
checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66"
dependencies = [
"proc-macro2",
"quote",
@ -9864,9 +9882,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-shared"
version = "0.2.90"
version = "0.2.91"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4d91413b1c31d7539ba5ef2451af3f0b833a005eb27a631cec32bc0635a8602b"
checksum = "4f186bd2dcf04330886ce82d6f33dd75a7bfcf69ecf5763b89fcde53b6ac9838"
[[package]]
name = "wasm-encoder"
@ -10171,9 +10189,9 @@ dependencies = [
[[package]]
name = "web-sys"
version = "0.3.67"
version = "0.3.68"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "58cd2333b6e0be7a39605f0e255892fd7418a682d8da8fe042fe25128794d2ed"
checksum = "96565907687f7aceb35bc5fc03770a8a0471d82e479f25832f54a0e3f4b28446"
dependencies = [
"js-sys",
"wasm-bindgen",
@ -10406,9 +10424,9 @@ checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04"
[[package]]
name = "winnow"
version = "0.5.37"
version = "0.5.39"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a7cad8365489051ae9f054164e459304af2e7e9bb407c958076c8bf4aef52da5"
checksum = "5389a154b01683d28c77f8f68f49dea75f0a4da32557a58f68ee51ebba472d29"
dependencies = [
"memchr",
]
@ -10453,9 +10471,9 @@ dependencies = [
[[package]]
name = "x25519-dalek"
version = "2.0.0"
version = "2.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb66477291e7e8d2b0ff1bcb900bf29489a9692816d79874bea351e7a8b6de96"
checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277"
dependencies = [
"curve25519-dalek",
"rand_core",
@ -10569,10 +10587,8 @@ dependencies = [
[[package]]
name = "zstd"
version = "0.11.2+zstd.1.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "20cc960326ece64f010d2d2107537f26dc589a6573a316bd5b1dba685fa5fde4"
dependencies = [
"zstd-safe 5.0.2+zstd.1.5.2",
"zstd 0.12.4",
]
[[package]]
@ -10581,17 +10597,7 @@ version = "0.12.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1a27595e173641171fc74a1232b7b1c7a7cb6e18222c11e9dfb9888fa424c53c"
dependencies = [
"zstd-safe 6.0.6",
]
[[package]]
name = "zstd-safe"
version = "5.0.2+zstd.1.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d2a5585e04f9eea4b2a3d1eca508c4dee9592a89ef6f450c11719da0726f4db"
dependencies = [
"libc",
"zstd-sys",
"zstd-safe",
]
[[package]]

28
Cargo.toml
View file

@ -1,6 +1,18 @@
[workspace]
resolver = "2"
members = [
# Version patches
"patches/zstd",
"patches/proc-macro-crate",
# std patches
"patches/matches",
"patches/is-terminal",
# Rewrites/redirects
"patches/option-ext",
"patches/directories-next",
"common/std-shims",
"common/zalloc",
"common/db",
@ -57,6 +69,8 @@ members = [
"substrate/client",
"orchestration",
"mini",
"tests/no-std",
@ -67,12 +81,6 @@ members = [
"tests/coordinator",
"tests/full-stack",
"tests/reproducible-runtime",
"patches/is-terminal",
"patches/matches",
"patches/option-ext",
"patches/directories-next",
"patches/proc-macro-crate",
]
# Always compile Monero (and a variety of dependencies) with optimizations due
@ -102,6 +110,11 @@ lazy_static = { git = "https://github.com/rust-lang-nursery/lazy-static.rs", rev
# Needed due to dockertest's usage of `Rc`s when we need `Arc`s
dockertest = { git = "https://github.com/kayabaNerve/dockertest-rs", branch = "arc" }
# wasmtime pulls in an old version for this
zstd = { path = "patches/zstd" }
# proc-macro-crate 2 binds to an old version of toml for msrv so we patch to 3
proc-macro-crate = { path = "patches/proc-macro-crate" }
# is-terminal now has an std-based solution with an equivalent API
is-terminal = { path = "patches/is-terminal" }
# So does matches
@ -115,9 +128,6 @@ matches = { path = "patches/matches" }
option-ext = { path = "patches/option-ext" }
directories-next = { path = "patches/directories-next" }
# proc-macro-crate 2 binds to an old version of toml for msrv so we patch to 3
proc-macro-crate = { path = "patches/proc-macro-crate" }
[workspace.lints.clippy]
unwrap_or_default = "allow"
borrow_as_ptr = "deny"

2
coins/bitcoin/tests/runner.rs
View file

@ -12,7 +12,7 @@ pub fn SEQUENTIAL() -> &'static Mutex<()> {
#[allow(dead_code)]
pub(crate) async fn rpc() -> Rpc {
let rpc = Rpc::new("http://serai:seraidex@127.0.0.1:18443".to_string()).await.unwrap();
let rpc = Rpc::new("http://serai:seraidex@127.0.0.1:8332".to_string()).await.unwrap();
// If this node has already been interacted with, clear its chain
if rpc.get_latest_block_number().await.unwrap() > 0 {

2
coins/monero/tests/runner.rs
View file

@ -86,7 +86,7 @@ pub fn check_weight_and_fee(tx: &Transaction, fee_rate: Fee) {
}
pub async fn rpc() -> Rpc<HttpRpc> {
let rpc = HttpRpc::new("http://127.0.0.1:18081".to_string()).await.unwrap();
let rpc = HttpRpc::new("http://serai:seraidex@127.0.0.1:18081".to_string()).await.unwrap();
// Only run once
if rpc.get_height().await.unwrap() != 1 {

2
coins/monero/tests/wallet2_compatibility.rs
View file

@ -35,7 +35,7 @@ async fn make_integrated_address(rpc: &Rpc<HttpRpc>, payment_id: [u8; 8]) -> Str
}
async fn initialize_rpcs() -> (Rpc<HttpRpc>, Rpc<HttpRpc>, String) {
let wallet_rpc = HttpRpc::new("http://127.0.0.1:6061".to_string()).await.unwrap();
let wallet_rpc = HttpRpc::new("http://127.0.0.1:18082".to_string()).await.unwrap();
let daemon_rpc = runner::rpc().await;
#[derive(Debug, Deserialize)]

3
common/env/src/lib.rs vendored
View file

@ -3,6 +3,7 @@
// Obtain a variable from the Serai environment/secret store.
pub fn var(variable: &str) -> Option<String> {
// TODO: Move this to Kubernetes
// TODO: Move this to a proper secret store
// TODO: Unset this variable
std::env::var(variable).ok()
}

2
deny.toml
View file

@ -65,6 +65,8 @@ exceptions = [
{ allow = ["AGPL-3.0"], name = "serai-runtime" },
{ allow = ["AGPL-3.0"], name = "serai-node" },
{ allow = ["AGPL-3.0"], name = "serai-orchestrator" },
{ allow = ["AGPL-3.0"], name = "mini-serai" },
{ allow = ["AGPL-3.0"], name = "serai-docker-tests" },

32
docs/Getting Started.md
View file

@ -70,24 +70,22 @@ Running tests requires:
- A properly configured Bitcoin regtest node (available via Docker)
- A properly configured Monero regtest node (available via Docker)
- A properly configured monero-wallet-rpc instance (available via Docker)
- A debug Serai node (`cd substrate/node && cargo build`)
To start the required daemons, one may run:
```
cargo run -p serai-orchestrator -- key_gen dev
cargo run -p serai-orchestrator -- setup dev
```
and then:
```
cargo run -p serai-orchestrator -- start dev bitcoin-daemon monero-daemon monero-wallet-rpc
```
Finally, to run the tests:
```
cargo test --all-features
```
### Run Serai in Development Mode
```
./target/release/serai-node --dev
```
### Run Serai with Orchestration
Under `/orchestration`, you can find our orchestration components for running
the entire infrastructure of Serai in a local environment using Docker Compose
or Kubernetes.
[Run Serai with Docker Compose](../orchestration/README.md)
[Run Serai with Kubernetes](../orchestration/kubernetes/README.md)

30
orchestration/Cargo.toml Normal file
View file

@ -0,0 +1,30 @@
[package]
name = "serai-orchestrator"
version = "0.0.1"
description = "Generates Dockerfiles for Serai"
license = "AGPL-3.0-only"
repository = "https://github.com/serai-dex/serai/tree/develop/orchestration/"
authors = ["Luke Parker <lukeparker5132@gmail.com>"]
keywords = []
edition = "2021"
[package.metadata.docs.rs]
all-features = true
rustdoc-args = ["--cfg", "docsrs"]
[lints]
workspace = true
[dependencies]
hex = { version = "0.4", default-features = false, features = ["std"] }
zeroize = { version = "1", default-features = false, features = ["std"] }
rand_core = { version = "0.6", default-features = false, features = ["std", "getrandom"] }
rand_chacha = { version = "0.3", default-features = false, features = ["std"] }
transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std", "recommended"] }
ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] }
zalloc = { path = "../common/zalloc" }
home = "0.5"

6
orchestration/Dockerfile.parts/Dockerfile.alpine.start
View file

@ -1,6 +0,0 @@
FROM alpine:latest as image
COPY --from=mimalloc libmimalloc.so /usr/lib
ENV LD_PRELOAD=libmimalloc.so
RUN apk update && apk upgrade

6
orchestration/Dockerfile.parts/Dockerfile.debian.start
View file

@ -1,6 +0,0 @@
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean

39
orchestration/Dockerfile.parts/Dockerfile.serai.build
View file

@ -1,39 +0,0 @@
FROM rust:1.75-slim-bookworm as builder
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Add dev dependencies
RUN apt install -y pkg-config clang
# Dependencies for the Serai node
RUN apt install -y make protobuf-compiler
# Add the wasm toolchain
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Mount the caches and build
RUN --mount=type=cache,target=/root/.cargo \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/serai/target \
mkdir /serai/bin && \

11
orchestration/Dockerfile.parts/mimalloc/Dockerfile.alpine
View file

@ -1,11 +0,0 @@
FROM alpine:latest as mimalloc
RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so

11
orchestration/Dockerfile.parts/mimalloc/Dockerfile.debian
View file

@ -1,11 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so

69
orchestration/README.md
View file

@ -1,65 +1,12 @@
# Deploy
# Orchestration
## Run with Docker Compose
This folder contains the tool which generates various dockerfiles and manage
deployments of Serai.
Running the Serai infrastructure is easy with Docker.
To start, run:
We utilize compose profiles to easily orchestrate various pieces of the
infrastructure.
```sh
cargo run -p serai-orchestrator
```
**Example:** `docker compose --profile cluster-coins-sm up`
All commands are assumed to be ran from `/deploy`, not the root folder.
### Profiles:
* `bitcoin` - Bitcoin node
* `monero` - Monero node
* `ethereum` - Ethereum node
* `coins` - Nodes for all external networks (BTC, ETH, XMR)
* `message-queue` - The message queue service.
* `processor` - Serai processor for one external network.
* `coordinator` - Serai coordinator for the entire Serai stack.
* `serai` - Serai node
* `cluster-sm` - "Alice", "Bob", "Charlie", and "Dave" Serai nodes, all as
validators (enough to achieve BFT with one faulty node)
* `cluster-lg` - `cluster-sm` with non-validators "Eve" and "Ferdie"
You can supply one or more profiles to the docker compose command to orchestrate
the desired components.
**Example:** `docker compose --profile coins --profile serai up`
## Orchestration Approach
### Builds
The Serai infrastructure is locally compiled. This may take several minutes.
Images for external networks download binaries, before verifying their checksums
and signatures.
**Stage 1 -- Builder**
* Configure environment.
* Get the binary.
* Verify binary using GPG.
* Decompress binary to prepare image.
**Stage 2 -- Image**
* Copy needed files from builder.
* Move executables to bin folder.
* Copy scripts folder.
* Expose necessary ports.
* Map necessary volumes.
### Entrypoint
The Serai node and external networks' nodes are each started from an entrypoint
script inside the `/scripts `folder.
To update the scripts on the image you must rebuild the updated images using the
`--build` flag after `up` in `docker compose`.
**Example:** `docker compose --profile bitcoin up --build`
to generate all of the dockerfiles needed for development.

22
orchestration/coins/bitcoin/Dockerfile.bitcoin
View file

@ -1,22 +0,0 @@
FROM alpine:latest as bitcoin
ENV BITCOIN_VERSION=26.0
RUN apk --no-cache add git gnupg
# Download Bitcoin
RUN wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz \
&& wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS \
&& wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS.asc
# Verify all sigs and check for a valid signature from laanwj -- 71A3
RUN git clone https://github.com/bitcoin-core/guix.sigs && \
cd guix.sigs/builder-keys && \
find . -iname '*.gpg' -exec gpg --import {} \; && \
gpg --verify --status-fd 1 --verify ../../SHA256SUMS.asc ../../SHA256SUMS | grep "^\[GNUPG:\] VALIDSIG.*71A3B16735405025D447E8F274810B012346C9A6"
RUN grep bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz SHA256SUMS | sha256sum -c
# Prepare Image
RUN tar xzvf bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz
RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind .

10
orchestration/coins/bitcoin/Dockerfile.bitcoin.end
View file

@ -1,10 +0,0 @@
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin bitcoin
USER bitcoin
WORKDIR /home/bitcoin
COPY --from=bitcoin --chown=bitcoin bitcoind /bin
COPY ./scripts /scripts
EXPOSE 8332 8333 18332 18333 18443 18444
# VOLUME ["/home/bitcoin/.bitcoin"]

8
orchestration/coins/bitcoin/scripts/entry-dev.sh
View file

@ -1,8 +0,0 @@
#!/bin/bash
RPC_USER="${RPC_USER:=serai}"
RPC_PASS="${RPC_PASS:=seraidex}"
bitcoind -txindex -regtest \
-rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \
-rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0

37
orchestration/coins/ethereum/Dockerfile
View file

@ -1,37 +0,0 @@
# Prepare Environment
FROM alpine:latest as builder
ENV GETH_VERSION=1.10.23-d901d853
WORKDIR /home/ethereum
RUN apk update \
&& apk --no-cache add ca-certificates gnupg bash su-exec
# Get Binary
RUN wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-${GETH_VERSION}.tar.gz\
&& wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-${GETH_VERSION}.tar.gz.asc
# Verify Binary
# Refer to https://geth.ethereum.org/downloads/#openpgp_signatures for the PGP
# PGP keys of builders and developers
ENV KEYS 9BA28146 E058A81C 05A5DDF0 1CCB7DD2
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys ${KEYS} \
&& gpg --verify geth-linux-amd64-${GETH_VERSION}.tar.gz.asc geth-linux-amd64-${GETH_VERSION}.tar.gz
# Prepare Image
RUN tar xzvf geth-linux-amd64-${GETH_VERSION}.tar.gz
# Prepare Image
FROM ubuntu:latest as image
WORKDIR /home/ethereum
COPY --from=builder /home/ethereum/* .
RUN mv * /bin/
COPY ./scripts /scripts
EXPOSE 8545 8546 30303 30303/udp
# Run
CMD ["geth"]

50
orchestration/coins/monero-wallet-rpc/Dockerfile
View file

@ -1,50 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM alpine:latest as monero
# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2
# Verification will fail if MONERO_VERSION doesn't match the latest
# due to the way monero publishes releases. They overwrite a single hashes.txt
# file with each release, meaning we can only grab the SHA256 of the latest
# release.
# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯
ENV MONERO_VERSION=0.18.3.1
RUN apk --no-cache add gnupg
# Download Monero
RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2
# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949
ADD ./temp/hashes-v${MONERO_VERSION}.txt .
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \
gpg --verify hashes-v${MONERO_VERSION}.txt && \
grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt
# Extract it
RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Switch to a non-root user
# System user (not a human), shell of nologin, no password assigned
RUN useradd --system --create-home --shell /sbin/nologin monero
USER monero
WORKDIR /home/monero
COPY --from=monero --chown=monero monero-wallet-rpc /bin
ADD scripts /scripts
EXPOSE 6061

10
orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end
View file

@ -1,10 +0,0 @@
# Switch to a non-root user
# System user (not a human), shell of nologin, no password assigned
RUN useradd --system --create-home --shell /sbin/nologin monero
USER monero
WORKDIR /home/monero
COPY --from=monero --chown=monero monero-wallet-rpc /bin
ADD scripts /scripts
EXPOSE 6061

3
orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh
View file

@ -1,3 +0,0 @@
#!/bin/sh
monero-wallet-rpc --disable-rpc-login --rpc-bind-port 6061 --rpc-bind-ip=0.0.0.0 --confirm-external-bind --daemon-address monero:18081 --allow-mismatched-daemon-version --wallet-dir /home/monero

53
orchestration/coins/monero/Dockerfile
View file

@ -1,53 +0,0 @@
FROM alpine:latest as mimalloc
RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM alpine:latest as monero
# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2
# Verification will fail if MONERO_VERSION doesn't match the latest
# due to the way monero publishes releases. They overwrite a single hashes.txt
# file with each release, meaning we can only grab the SHA256 of the latest
# release.
# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯
ENV MONERO_VERSION=0.18.3.1
RUN apk --no-cache add gnupg
# Download Monero
RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2
# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949
ADD ./temp/hashes-v${MONERO_VERSION}.txt .
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \
gpg --verify hashes-v${MONERO_VERSION}.txt && \
grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt
# Extract it
RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1
FROM alpine:latest as image
COPY --from=mimalloc libmimalloc.so /usr/lib
ENV LD_PRELOAD=libmimalloc.so
RUN apk update && apk upgrade
RUN apk --no-cache add gcompat
# Switch to a non-root user
# System user (not a human), shell of nologin, no password assigned
RUN adduser -S -s /sbin/nologin -D monero
USER monero
WORKDIR /home/monero
COPY --from=monero --chown=monero monerod /bin
ADD scripts /scripts
EXPOSE 18080 18081
# VOLUME /home/monero/.bitmonero

23
orchestration/coins/monero/Dockerfile.monero
View file

@ -1,23 +0,0 @@
FROM alpine:latest as monero
# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2
# Verification will fail if MONERO_VERSION doesn't match the latest
# due to the way monero publishes releases. They overwrite a single hashes.txt
# file with each release, meaning we can only grab the SHA256 of the latest
# release.
# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯
ENV MONERO_VERSION=0.18.3.1
RUN apk --no-cache add gnupg
# Download Monero
RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2
# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949
ADD ./temp/hashes-v${MONERO_VERSION}.txt .
RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \
gpg --verify hashes-v${MONERO_VERSION}.txt && \
grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt
# Extract it
RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1

13
orchestration/coins/monero/Dockerfile.monero.end
View file

@ -1,13 +0,0 @@
RUN apk --no-cache add gcompat
# Switch to a non-root user
# System user (not a human), shell of nologin, no password assigned
RUN adduser -S -s /sbin/nologin -D monero
USER monero
WORKDIR /home/monero
COPY --from=monero --chown=monero monerod /bin
ADD scripts /scripts
EXPOSE 18080 18081
# VOLUME /home/monero/.bitmonero

10
orchestration/coins/monero/scripts/entry-dev.sh
View file

@ -1,10 +0,0 @@
#!/bin/sh
RPC_USER="${RPC_USER:=serai}"
RPC_PASS="${RPC_PASS:=seraidex}"
# Run Monero
# TODO: Restore Auth
monerod --non-interactive --regtest --offline --fixed-difficulty=1 \
--no-zmq --rpc-bind-ip=0.0.0.0 --confirm-external-bind \
--rpc-access-control-origins * --disable-rpc-ban

73
orchestration/coordinator/Dockerfile
View file

@ -1,73 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM rust:1.75-slim-bookworm as builder
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Add dev dependencies
RUN apt install -y pkg-config clang
# Dependencies for the Serai node
RUN apt install -y make protobuf-compiler
# Add the wasm toolchain
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Mount the caches and build
RUN --mount=type=cache,target=/root/.cargo \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/serai/target \
mkdir /serai/bin && \
cargo build -p serai-coordinator --features "parity-db longer-reattempts" && \
mv /serai/target/debug/serai-coordinator /serai/bin
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Install ca-certificates
RUN apt install -y ca-certificates
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin coordinator
USER coordinator
WORKDIR /home/coordinator
# Copy the Coordinator binary and relevant license
COPY --from=builder --chown=processor /serai/bin/serai-coordinator /bin/
COPY --from=builder --chown=processor /serai/AGPL-3.0 .
# Run coordinator
CMD ["serai-coordinator"]

2
orchestration/coordinator/Dockerfile.coordinator
View file

@ -1,2 +0,0 @@
cargo build -p serai-coordinator --features "parity-db longer-reattempts" && \
mv /serai/target/debug/serai-coordinator /serai/bin

15
orchestration/coordinator/Dockerfile.coordinator.end
View file

@ -1,15 +0,0 @@
# Install ca-certificates
RUN apt install -y ca-certificates
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin coordinator
USER coordinator
WORKDIR /home/coordinator
# Copy the Coordinator binary and relevant license
COPY --from=builder --chown=processor /serai/bin/serai-coordinator /bin/
COPY --from=builder --chown=processor /serai/AGPL-3.0 .
# Run coordinator
CMD ["serai-coordinator"]

9
orchestration/coordinator/scripts/entry-dev.sh
View file

@ -1,9 +0,0 @@
#!/bin/bash
export MESSAGE_QUEUE_KEY="0000000000000000000000000000000000000000000000000000000000000000"
export MESSAGE_QUEUE_RPC="http://127.0.0.1:2287"
export DB_PATH="./coordinator-db"
export SERAI_HOSTNAME="127.0.0.1"
serai-coordinator

9
orchestration/dev/coins/bitcoin/run.sh Executable file
View file

@ -0,0 +1,9 @@
#!/bin/sh
RPC_USER="${RPC_USER:=serai}"
RPC_PASS="${RPC_PASS:=seraidex}"
bitcoind -txindex -regtest --port=8333 \
-rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \
-rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 \
$1

0
orchestration/coins/ethereum/scripts/entry-dev.sh → orchestration/dev/coins/ethereum/run.sh
View file

7
orchestration/dev/coins/monero-wallet-rpc/run.sh Executable file
View file

@ -0,0 +1,7 @@
#!/bin/sh
monero-wallet-rpc \
--allow-mismatched-daemon-version \
--daemon-address serai-dev-monero:18081 --daemon-login serai:seraidex \
--disable-rpc-login --rpc-bind-ip=0.0.0.0 --rpc-bind-port 18082 --confirm-external-bind \
--wallet-dir /home/monero

0
orchestration/coins/monero/temp/hashes-v0.18.3.1.txt → orchestration/dev/coins/monero/hashes-v0.18.3.1.txt
View file

11
orchestration/dev/coins/monero/run.sh Executable file
View file

@ -0,0 +1,11 @@
#!/bin/sh
RPC_USER="${RPC_USER:=serai}"
RPC_PASS="${RPC_PASS:=seraidex}"
# Run Monero
monerod --non-interactive --regtest --offline --fixed-difficulty=1 \
--no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \
--rpc-access-control-origins "*" --disable-rpc-ban \
--rpc-login=$RPC_USER:$RPC_PASS \
$1

0
orchestration/dev/coordinator/.folder Normal file
View file

0
orchestration/dev/message-queue/.folder Normal file
View file

0
orchestration/dev/processor/bitcoin/.folder Normal file
View file

0
orchestration/dev/processor/ethereum/.folder Normal file
View file

0
orchestration/dev/processor/monero/.folder Normal file
View file

3
orchestration/dev/serai/run.sh Executable file
View file

@ -0,0 +1,3 @@
#!/bin/sh
serai-node --unsafe-rpc-external --rpc-cors all --chain local --$SERAI_NAME

221
orchestration/docker-compose.yml
View file

@ -1,221 +0,0 @@
version: "3.9"
name: serai-dev
volumes:
serai:
serai-alice:
serai-bob:
serai-charlie:
serai-dave:
serai-eve:
serai-ferdie:
services:
# Coin services
bitcoin:
profiles:
- bitcoin
- coins
build:
context: ./coins/bitcoin/
restart: unless-stopped
volumes:
- "./coins/bitcoin/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
# TODO: Use expose, not ports
ports:
- "18443:18443"
ethereum:
profiles:
- ethereum
- coins
build:
context: ./coins/ethereum/
restart: unless-stopped
volumes:
- "./coins/ethereum/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
monero:
profiles:
- monero
- coins
build:
context: ./coins/monero/
restart: unless-stopped
volumes:
- "./coins/monero/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
# TODO: Use expose, not ports
ports:
- "18081:18081"
monero-wallet-rpc:
profiles:
- monero
- coins
build:
context: ./coins/monero-wallet-rpc/
restart: unless-stopped
volumes:
- "./coins/monero-wallet-rpc/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
# TODO: Use expose, not ports
ports:
- "6061:6061"
# Infrastructure
message-queue:
profiles:
- message-queue
build:
context: ../
dockerfile: ./orchestration/message-queue/Dockerfile
restart: unless-stopped
volumes:
- "./message-queue/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
expose:
- "2287"
bitcoin-processor:
profiles:
- bitcoin-processor
build:
context: ../
dockerfile: ./orchestration/processor/bitcoin/Dockerfile
restart: unless-stopped
volumes:
- "./processor/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
monero-processor:
profiles:
- monero-processor
build:
context: ../
dockerfile: ./orchestration/processor/monero/Dockerfile
restart: unless-stopped
volumes:
- "./processor/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
coordinator:
profiles:
- coordinator
build:
context: ../
dockerfile: ./orchestration/coordinator/Dockerfile
restart: unless-stopped
volumes:
- "./coordinator/scripts:/scripts"
entrypoint: /scripts/entry-dev.sh
# Serai runtime
runtime:
profiles:
- runtime
build:
context: ../
dockerfile: ./orchestration/runtime/Dockerfile
entrypoint: |
sh -c "cd /serai/substrate/runtime && cargo clean && cargo build --release && \
sha256sum /serai/target/release/wbuild/serai-runtime/serai_runtime.wasm"
# Serai nodes
_serai:
&serai_defaults
restart: unless-stopped
# image: serai:dev
profiles:
- _
build:
context: ../
dockerfile: ./orchestration/serai/Dockerfile
args:
TAG: serai
entrypoint: /scripts/entry-dev.sh
volumes:
- "./serai/scripts:/scripts"
serai:
<<: *serai_defaults
hostname: serai
profiles:
- serai
environment:
CHAIN: local
NAME: node
serai-alice:
<<: *serai_defaults
hostname: serai-alice
profiles:
- alice
- cluster-sm
- cluster-lg
environment:
CHAIN: local
NAME: alice
VALIDATOR: true
serai-bob:
<<: *serai_defaults
hostname: serai-bob
profiles:
- bob
- cluster-sm
- cluster-lg
environment:
CHAIN: local
NAME: bob
VALIDATOR: true
serai-charlie:
<<: *serai_defaults
hostname: serai-charlie
profiles:
- charlie
- cluster-sm
- cluster-lg
environment:
CHAIN: local
NAME: charlie
VALIDATOR: true
serai-dave:
<<: *serai_defaults
hostname: serai-dave
profiles:
- dave
- cluster-sm
- cluster-lg
environment:
CHAIN: local
NAME: dave
VALIDATOR: true
serai-eve:
<<: *serai_defaults
hostname: serai-eve
profiles:
- eve
- cluster-lg
environment:
CHAIN: local
NAME: eve
serai-ferdie:
<<: *serai_defaults
hostname: serai-ferdie
profiles:
- ferdie
- cluster-lg
environment:
CHAIN: local
NAME: ferdie

70
orchestration/dockerfiles.sh
View file

@ -1,70 +0,0 @@
# Bitcoin
rm ./coins/bitcoin/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./coins/bitcoin/Dockerfile.bitcoin \
./Dockerfile.parts/Dockerfile.debian.start \
./coins/bitcoin/Dockerfile.bitcoin.end >> ./coins/bitcoin/Dockerfile
# Monero
rm ./coins/monero/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.alpine \
./coins/monero/Dockerfile.monero \
./Dockerfile.parts/Dockerfile.alpine.start \
./coins/monero/Dockerfile.monero.end >> ./coins/monero/Dockerfile
# Monero wallet rpc
rm -f ./coins/monero-wallet-rpc/Dockerfile
mkdir -p ./coins/monero-wallet-rpc/temp/
cp ./coins/monero/temp/hashes-v* ./coins/monero-wallet-rpc/temp/
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./coins/monero/Dockerfile.monero \
./Dockerfile.parts/Dockerfile.debian.start \
./coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end >> ./coins/monero-wallet-rpc/Dockerfile
# Message Queue
rm ./message-queue/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./Dockerfile.parts/Dockerfile.serai.build \
./message-queue/Dockerfile.message-queue \
./Dockerfile.parts/Dockerfile.debian.start \
./message-queue/Dockerfile.message-queue.end >> ./message-queue/Dockerfile
# Bitcoin Processor
rm ./processor/bitcoin/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./Dockerfile.parts/Dockerfile.serai.build \
./processor/bitcoin/Dockerfile.processor.bitcoin \
./Dockerfile.parts/Dockerfile.debian.start \
./processor/Dockerfile.processor.end >> ./processor/bitcoin/Dockerfile
# Monero Processor
rm ./processor/monero/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./Dockerfile.parts/Dockerfile.serai.build \
./processor/monero/Dockerfile.processor.monero \
./Dockerfile.parts/Dockerfile.debian.start \
./processor/Dockerfile.processor.end >> ./processor/monero/Dockerfile
# Coordinator
rm ./coordinator/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./Dockerfile.parts/Dockerfile.serai.build \
./coordinator/Dockerfile.coordinator \
./Dockerfile.parts/Dockerfile.debian.start \
./coordinator/Dockerfile.coordinator.end >> ./coordinator/Dockerfile
# Node
rm ./serai/Dockerfile
cat \
./Dockerfile.parts/mimalloc/Dockerfile.debian \
./Dockerfile.parts/Dockerfile.serai.build \
./serai/Dockerfile.serai \
./Dockerfile.parts/Dockerfile.debian.start \
./serai/Dockerfile.serai.end >> ./serai/Dockerfile

103
orchestration/kubernetes/Makefile
View file

@ -1,103 +0,0 @@
SHELL := /bin/bash
check-helm:
@helm version || $(MAKE) install-helm
check-kubectl:
@kubectl version || $(MAKE) install-kubectl
install-helm:
@curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
@chmod 700 get_helm.sh
@./get_helm.sh
@rm get_helm.sh
install-kubectl:
@curl -LO 'https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl'
@sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
@rm kubectl
deploy-base:
@docker compose -f ../docker-compose.yml --profile base build --quiet
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-base charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-base,nameOverride=serai-base,\
image.envVariables[1].value=base,configMapFile=%
deploy-bitcoin:
@docker compose -f ../docker-compose.yml --profile bitcoin build --quiet
@(cat ../coins/bitcoin/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install bitcoin-daemon\
charts/bitcoin/ --values charts/bitcoin/values.yaml --set configMapFile=%
deploy-ethereum:
@docker compose -f ../docker-compose.yml --profile ethereum build --quiet
@(cat ../coins/ethereum/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install ethereum-daemon\
charts/ethereum/ --values charts/ethereum/values.yaml --set configMapFile=%
deploy-monero:
@docker compose -f ../docker-compose.yml --profile monero build --quiet
@(cat ../coins/monero/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install monero-daemon\
charts/monero/ --values charts/monero/values.yaml --set configMapFile=%
deploy-cluster-sm:
@docker compose -f ../docker-compose.yml --profile cluster-sm build --quiet
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-alice charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-alice,nameOverride=serai-alice,\
image.envVariables[1].value=Alice,image.envVariables[2].value="'1'",configMapFile=%
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-charlie charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-charlie,nameOverride=serai-charlie,\
image.envVariables[1].value=Charlie,configMapFile=%
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-bob charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-bob,nameOverride=serai-bob,\
image.envVariables[1].value=Bob,configMapFile=%
deploy-cluster-lg: deploy-cluster-sm
@docker compose -f ../docker-compose.yml --profile cluster-lg build --quiet
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-dave charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-dave,nameOverride=serai-dave,\
image.envVariables[1].value=Dave,configMapFile=%
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-eve charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-eve,nameOverride=serai-eve,\
image.envVariables[1].value=Eve,configMapFile=%
@(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-ferdie charts/serai/\
--values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-ferdie,nameOverride=serai-ferdie,\
image.envVariables[1].value=Ferdie,configMapFile=%
deploy-coins: deploy-bitcoin deploy-ethereum deploy-monero
deploy-cluster-coins-sm: deploy-cluster-sm deploy-coins
deploy-cluster-coins-lg: deploy-cluster-lg deploy-coins
deploy-all: deploy-cluster-coins-lg
delete-base:
@helm delete serai-base
delete-bitcoin:
@helm delete bitcoin-daemon
delete-ethereum:
@helm delete ethereum-daemon
delete-monero:
@helm delete monero-daemon
delete-cluster-lg: delete-cluster-sm
@helm delete serai-dave
@helm delete serai-eve
@helm delete serai-ferdie
delete-cluster-sm:
@helm delete serai-alice
@helm delete serai-charlie
@helm delete serai-bob
delete-coins: delete-bitcoin delete-ethereum delete-monero
delete-cluster-coins-sm: delete-cluster-sm delete-coins
delete-cluster-coins-lg: delete-cluster-lg delete-coins
delete-all: delete-cluster-coins-lg
check-dependencies: check-helm check-kubectl

41
orchestration/kubernetes/README.md
View file

@ -1,41 +0,0 @@
# Kubernetes
## Run with Kubernetes
Running the Serai infrastructure is easy with Kubernetes.
We utilize Makefile to easily orchestrate various pieces of the infrastructure on kubernetes.
**Example to deploy:** `make deploy-<Profile_Name>`
```bash
make deploy-cluster-sm
```
**Example to delete:** `make -i delete-<Profile_Name>`
```bash
make delete-cluster-sm
```
All commands are assumed to be ran from the kubernetes folder, not the serai root folder.
### Profiles:
* deploy-base - single node, named base
* deploy-coins - node clients for coins only (BTC, ETH, XMR)
* deploy-cluster-sm - Alice (Validator), Bob, Charlie
* deploy-cluster-coins-sm - cluster-sm with coins
* deploy-cluster-lg - Alice (Validator), Bob, Charlie, Dave, Eve, Ferdie
* deploy-cluster-coins-lg - cluster-lg with coins
* deploy-monero - full node monero only
* deploy-bitcoin - full node bitcoin only
* deploy-ethereum - full node ethereum only
## Requirements for Linux
* Local built images of serai and coins, please follow the Instructions [here](../README.md)
* Running kubernetes cluster (version >= 1.19)
* Curl tool
* Make tool
* Kubectl, check if not installed
```bash
make check-kubectl
```
* Helm, check if not installed
```bash
make check-helm
```

5
orchestration/kubernetes/charts/bitcoin/Chart.yaml
View file

@ -1,5 +0,0 @@
apiVersion: v2
name: bitcoin
description: A Helm chart for bitcoin-daemon
type: application
version: 0.1.0

42
orchestration/kubernetes/charts/bitcoin/templates/_helpers.tpl
View file

@ -1,42 +0,0 @@
{{- define "bitcoin.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "bitcoin.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "bitcoin.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "bitcoin.labels" -}}
helm.sh/chart: {{ include "bitcoin.chart" . }}
{{ include "bitcoin.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{- define "bitcoin.selectorLabels" -}}
app.kubernetes.io/name: {{ include "bitcoin.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{- define "bitcoin.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "bitcoin.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

7
orchestration/kubernetes/charts/bitcoin/templates/configmap.yaml
View file

@ -1,7 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-configmap
data:
entry-dev.sh: |
{{ .Values.configMapFile | b64dec | indent 4}}

88
orchestration/kubernetes/charts/bitcoin/templates/deployment.yaml
View file

@ -1,88 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "bitcoin.fullname" . }}
labels:
{{- include "bitcoin.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "bitcoin.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "bitcoin.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "bitcoin.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if hasKey .Values.image "ports" }}
ports:
{{- range .Values.image.ports }}
- name: {{ .name }}
containerPort: {{ .containerPort }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "command" }}
command:
{{- toYaml .Values.image.command | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "args" }}
args:
{{- toYaml .Values.image.args | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "envVariables" }}
env:
{{- toYaml .Values.image.envVariables | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "volumeMounts" }}
volumeMounts:
{{- range .Values.image.volumeMounts }}
- mountPath: {{ .mountPath }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if hasKey .Values "volumes" }}
volumes:
{{- range .Values.volumes }}
- configMap:
defaultMode: {{ .configMap.defaultMode }}
name: {{ $.Release.Name}}-{{ .configMap.name }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}

50
orchestration/kubernetes/charts/bitcoin/templates/ingress.yaml
View file

@ -1,50 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "bitcoin.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "bitcoin.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}

24
orchestration/kubernetes/charts/bitcoin/templates/service.yaml
View file

@ -1,24 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "bitcoin.fullname" . }}
labels:
{{- include "bitcoin.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
{{- if hasKey .Values.service "ports" }}
{{- range .Values.service.ports }}
- port: {{ .port }}
name: {{ .name }}
targetPort: {{ .targetPort }}
protocol: {{ .protocol }}
{{- end }}
{{- else }}
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- end }}
selector:
{{- include "bitcoin.selectorLabels" . | nindent 4 }}

74
orchestration/kubernetes/charts/bitcoin/values.yaml
View file

@ -1,74 +0,0 @@
replicaCount: 1
net: mainnet
image:
repository: serai-dev-bitcoin
pullPolicy: IfNotPresent
tag: "latest"
ports:
- name: p2p
containerPort: 18444
protocol: TCP
- name: rpc
containerPort: 18443
protocol: TCP
volumeMounts:
- mountPath: /scripts
name: configmap-volume
args:
- bash
- /scripts/entry-dev.sh
volumes:
- configMap:
defaultMode: 420
name: configmap
name: configmap-volume
configMapFile: "entry-dev.sh"
imagePullSecrets: []
serviceAccount:
create: false
name: ""
podAnnotations: {}
podSecurityContext: {}
securityContext: {}
service:
type: ClusterIP
ports:
- name: p2p
port: 18444
targetPort: p2p
protocol: TCP
- name: rpc
port: 18443
targetPort: rpc
protocol: TCP
ingress:
enabled: false
className: ""
annotations: {}
hosts: []
tls: []
resources: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}

5
orchestration/kubernetes/charts/ethereum/Chart.yaml
View file

@ -1,5 +0,0 @@
apiVersion: v2
name: ethereum
description: A Helm chart for ethereum-daemon
type: application
version: 0.1.0

42
orchestration/kubernetes/charts/ethereum/templates/_helpers.tpl
View file

@ -1,42 +0,0 @@
{{- define "ethereum.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "ethereum.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "ethereum.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "ethereum.labels" -}}
helm.sh/chart: {{ include "ethereum.chart" . }}
{{ include "ethereum.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{- define "ethereum.selectorLabels" -}}
app.kubernetes.io/name: {{ include "ethereum.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{- define "ethereum.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "ethereum.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

7
orchestration/kubernetes/charts/ethereum/templates/configmap.yaml
View file

@ -1,7 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-configmap
data:
entry-dev.sh: |
{{ .Values.configMapFile | b64dec | indent 4}}

89
orchestration/kubernetes/charts/ethereum/templates/deployment.yaml
View file

@ -1,89 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "ethereum.fullname" . }}
labels:
{{- include "ethereum.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "ethereum.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "ethereum.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "ethereum.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if hasKey .Values.image "ports" }}
ports:
{{- range .Values.image.ports }}
- name: {{ .name }}
containerPort: {{ .containerPort }}
protocol: {{ .protocol }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "command" }}
command:
{{- toYaml .Values.image.command | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "args" }}
args:
{{- toYaml .Values.image.args | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "envVariables" }}
env:
{{- toYaml .Values.image.envVariables | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "volumeMounts" }}
volumeMounts:
{{- range .Values.image.volumeMounts }}
- mountPath: {{ .mountPath }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if hasKey .Values "volumes" }}
volumes:
{{- range .Values.volumes }}
- configMap:
defaultMode: {{ .configMap.defaultMode }}
name: {{ $.Release.Name}}-{{ .configMap.name }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}

50
orchestration/kubernetes/charts/ethereum/templates/ingress.yaml
View file

@ -1,50 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "ethereum.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "ethereum.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}

24
orchestration/kubernetes/charts/ethereum/templates/service.yaml
View file

@ -1,24 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "ethereum.fullname" . }}
labels:
{{- include "ethereum.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
{{- if hasKey .Values.service "ports" }}
{{- range .Values.service.ports }}
- port: {{ .port }}
name: {{ .name }}
targetPort: {{ .targetPort }}
protocol: {{ .protocol }}
{{- end }}
{{- else }}
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- end }}
selector:
{{- include "ethereum.selectorLabels" . | nindent 4 }}

60
orchestration/kubernetes/charts/ethereum/values.yaml
View file

@ -1,60 +0,0 @@
replicaCount: 1
image:
repository: serai-dev-ethereum
pullPolicy: IfNotPresent
tag: "latest"
ports:
- name: rpc
containerPort: 8545
protocol: TCP
volumeMounts:
- mountPath: /scripts
name: configmap-volume
args:
- bash
- /scripts/entry-dev.sh
volumes:
- configMap:
defaultMode: 420
name: configmap
name: configmap-volume
configMapFile: "entry-dev.sh"
imagePullSecrets: []
serviceAccount:
create: false
name: ""
podAnnotations: {}
podSecurityContext: {}
securityContext: {}
service:
type: ClusterIP
port: 8545
ingress:
enabled: false
className: ""
annotations: {}
hosts: []
tls: []
resources: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}

5
orchestration/kubernetes/charts/monero/Chart.yaml
View file

@ -1,5 +0,0 @@
apiVersion: v2
name: monero
description: A Helm chart for monero-daemon
type: application
version: 0.1.0

42
orchestration/kubernetes/charts/monero/templates/_helpers.tpl
View file

@ -1,42 +0,0 @@
{{- define "monero.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "monero.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "monero.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "monero.labels" -}}
helm.sh/chart: {{ include "monero.chart" . }}
{{ include "monero.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{- define "monero.selectorLabels" -}}
app.kubernetes.io/name: {{ include "monero.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{- define "monero.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "monero.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

7
orchestration/kubernetes/charts/monero/templates/configmap.yaml
View file

@ -1,7 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-configmap
data:
entry-dev.sh: |
{{ .Values.configMapFile | b64dec | indent 4}}

88
orchestration/kubernetes/charts/monero/templates/deployment.yaml
View file

@ -1,88 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "monero.fullname" . }}
labels:
{{- include "monero.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "monero.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "monero.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "monero.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if hasKey .Values.image "ports" }}
ports:
{{- range .Values.image.ports }}
- name: {{ .name }}
containerPort: {{ .containerPort }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "command" }}
command:
{{- toYaml .Values.image.command | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "args" }}
args:
{{- toYaml .Values.image.args | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "envVariables" }}
env:
{{- toYaml .Values.image.envVariables | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "volumeMounts" }}
volumeMounts:
{{- range .Values.image.volumeMounts }}
- mountPath: {{ .mountPath }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if hasKey .Values "volumes" }}
volumes:
{{- range .Values.volumes }}
- configMap:
defaultMode: {{ .configMap.defaultMode }}
name: {{ $.Release.Name}}-{{ .configMap.name }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}

50
orchestration/kubernetes/charts/monero/templates/ingress.yaml
View file

@ -1,50 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "monero.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "monero.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}

24
orchestration/kubernetes/charts/monero/templates/service.yaml
View file

@ -1,24 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "monero.fullname" . }}
labels:
{{- include "monero.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
{{- if hasKey .Values.service "ports" }}
{{- range .Values.service.ports }}
- port: {{ .port }}
name: {{ .name }}
targetPort: {{ .targetPort }}
protocol: {{ .protocol }}
{{- end }}
{{- else }}
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- end }}
selector:
{{- include "monero.selectorLabels" . | nindent 4 }}

72
orchestration/kubernetes/charts/monero/values.yaml
View file

@ -1,72 +0,0 @@
replicaCount: 1
image:
repository: serai-dev-monero
pullPolicy: IfNotPresent
tag: "latest"
ports:
- name: p2p
containerPort: 18080
protocol: TCP
- name: rpc
containerPort: 18081
protocol: TCP
volumeMounts:
- mountPath: /scripts
name: configmap-volume
args:
- bash
- /scripts/entry-dev.sh
volumes:
- configMap:
defaultMode: 420
name: configmap
name: configmap-volume
configMapFile: "entry-dev.sh"
imagePullSecrets: []
serviceAccount:
create: false
name: ""
podAnnotations: {}
podSecurityContext: {}
securityContext: {}
service:
type: ClusterIP
ports:
- name: p2p
port: 18080
targetPort: p2p
protocol: TCP
- name: rpc
port: 18081
targetPort: rpc
protocol: TCP
ingress:
enabled: false
className: ""
annotations: {}
hosts: []
tls: []
resources: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}

5
orchestration/kubernetes/charts/serai/Chart.yaml
View file

@ -1,5 +0,0 @@
apiVersion: v2
name: serai
description: A Helm chart for serai
type: application
version: 0.1.0

42
orchestration/kubernetes/charts/serai/templates/_helpers.tpl
View file

@ -1,42 +0,0 @@
{{- define "serai-base.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "serai-base.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 253 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "serai-base.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }}
{{- end }}
{{- define "serai-base.labels" -}}
helm.sh/chart: {{ include "serai-base.chart" . }}
{{ include "serai-base.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{- define "serai-base.selectorLabels" -}}
app.kubernetes.io/name: {{ include "serai-base.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{- define "serai-base.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "serai-base.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

7
orchestration/kubernetes/charts/serai/templates/configmap.yaml
View file

@ -1,7 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-configmap
data:
entry-dev.sh: |
{{ .Values.configMapFile | b64dec | indent 4}}

88
orchestration/kubernetes/charts/serai/templates/deployment.yaml
View file

@ -1,88 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "serai-base.fullname" . }}
labels:
{{- include "serai-base.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "serai-base.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "serai-base.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "serai-base.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if hasKey .Values.image "ports" }}
ports:
{{- range .Values.image.ports }}
- name: {{ .name }}
containerPort: {{ .containerPort }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "command" }}
command:
{{- toYaml .Values.image.command | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "args" }}
args:
{{- toYaml .Values.image.args | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "envVariables" }}
env:
{{- toYaml .Values.image.envVariables | nindent 12 }}
{{- end }}
{{- if hasKey .Values.image "volumeMounts" }}
volumeMounts:
{{- range .Values.image.volumeMounts }}
- mountPath: {{ .mountPath }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if hasKey .Values "volumes" }}
volumes:
{{- range .Values.volumes }}
- configMap:
defaultMode: {{ .configMap.defaultMode }}
name: {{ $.Release.Name}}-{{ .configMap.name }}
name: {{ $.Release.Name}}-{{ .name }}
{{- end }}
{{- end }}

50
orchestration/kubernetes/charts/serai/templates/ingress.yaml
View file

@ -1,50 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "serai-base.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "serai-base.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}

24
orchestration/kubernetes/charts/serai/templates/service.yaml
View file

@ -1,24 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "serai-base.fullname" . }}
labels:
{{- include "serai-base.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
{{- if hasKey .Values.service "ports" }}
{{- range .Values.service.ports }}
- port: {{ .port }}
name: {{ .name }}
targetPort: {{ .targetPort }}
protocol: {{ .protocol }}
{{- end }}
{{- else }}
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- end }}
selector:
{{- include "serai-base.selectorLabels" . | nindent 4 }}

92
orchestration/kubernetes/charts/serai/values.yaml
View file

@ -1,92 +0,0 @@
replicaCount: 1
image:
repository: serai
pullPolicy: IfNotPresent
tag: "dev"
ports:
- name: p2p
containerPort: 30333
protocol: TCP
- name: prometheus
containerPort: 9615
protocol: TCP
- name: rpc
containerPort: 9933
protocol: TCP
- name: ws
containerPort: 9944
protocol: TCP
volumeMounts:
- mountPath: /scripts
name: configmap-volume
envVariables:
- name: CHAIN
value: dev
- name: NAME
value: base
- name: VALIDATOR
value:
args:
- bash
- /scripts/entry-dev.sh
volumes:
- configMap:
defaultMode: 420
name: configmap
name: configmap-volume
configMapFile: "entry-dev.sh"
imagePullSecrets: []
serviceAccount:
create: false
name: ""
podAnnotations: {}
podSecurityContext: {}
securityContext: {}
service:
type: ClusterIP
ports:
- name: p2p
port: 30333
targetPort: p2p
protocol: TCP
- name: prometheus
port: 9615
targetPort: prometheus
protocol: TCP
- name: rpc
port: 9933
targetPort: rpc
protocol: TCP
- name: ws
port: 9944
targetPort: ws
protocol: TCP
ingress:
enabled: false
className: ""
annotations: {}
hosts: []
tls: []
resources: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}

71
orchestration/message-queue/Dockerfile
View file

@ -1,71 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM rust:1.75-slim-bookworm as builder
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Add dev dependencies
RUN apt install -y pkg-config clang
# Dependencies for the Serai node
RUN apt install -y make protobuf-compiler
# Add the wasm toolchain
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Mount the caches and build
RUN --mount=type=cache,target=/root/.cargo \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/serai/target \
mkdir /serai/bin && \
cargo build --features parity-db -p serai-message-queue && \
mv /serai/target/debug/serai-message-queue /serai/bin
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Switch to a non-root user
RUN useradd --system --home /home/message-queue --create-home --shell /sbin/nologin messagequeue
USER messagequeue
WORKDIR /home/message-queue
# Copy the Message Queue binary and relevant license
COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin
COPY --from=builder --chown=messagequeue /serai/AGPL-3.0 .
# Run message-queue
EXPOSE 2287
CMD ["serai-message-queue"]

2
orchestration/message-queue/Dockerfile.message-queue
View file

@ -1,2 +0,0 @@
cargo build --features parity-db -p serai-message-queue && \
mv /serai/target/debug/serai-message-queue /serai/bin

13
orchestration/message-queue/Dockerfile.message-queue.end
View file

@ -1,13 +0,0 @@
# Switch to a non-root user
RUN useradd --system --home /home/message-queue --create-home --shell /sbin/nologin messagequeue
USER messagequeue
WORKDIR /home/message-queue
# Copy the Message Queue binary and relevant license
COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin
COPY --from=builder --chown=messagequeue /serai/AGPL-3.0 .
# Run message-queue
EXPOSE 2287
CMD ["serai-message-queue"]

10
orchestration/message-queue/scripts/entry-dev.sh
View file

@ -1,10 +0,0 @@
#!/bin/bash
export BITCOIN_KEY="0000000000000000000000000000000000000000000000000000000000000000"
export ETHEREUM_KEY="0000000000000000000000000000000000000000000000000000000000000000"
export MONERO_KEY="0000000000000000000000000000000000000000000000000000000000000000"
export COORDINATOR_KEY="0000000000000000000000000000000000000000000000000000000000000000"
export DB_PATH="./message-queue-db"
serai-message-queue

15
orchestration/processor/Dockerfile.processor.end
View file

@ -1,15 +0,0 @@
# Install ca-certificates
RUN apt install -y ca-certificates
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin processor
USER processor
WORKDIR /home/processor
# Copy the Processor binary and relevant license
COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/
COPY --from=builder --chown=processor /serai/AGPL-3.0 .
# Run processor
CMD ["serai-processor"]

73
orchestration/processor/bitcoin/Dockerfile
View file

@ -1,73 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM rust:1.75-slim-bookworm as builder
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Add dev dependencies
RUN apt install -y pkg-config clang
# Dependencies for the Serai node
RUN apt install -y make protobuf-compiler
# Add the wasm toolchain
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Mount the caches and build
RUN --mount=type=cache,target=/root/.cargo \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/serai/target \
mkdir /serai/bin && \
cargo build --features "binaries parity-db bitcoin" -p serai-processor && \
mv /serai/target/debug/serai-processor /serai/bin
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Install ca-certificates
RUN apt install -y ca-certificates
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin processor
USER processor
WORKDIR /home/processor
# Copy the Processor binary and relevant license
COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/
COPY --from=builder --chown=processor /serai/AGPL-3.0 .
# Run processor
CMD ["serai-processor"]

2
orchestration/processor/bitcoin/Dockerfile.processor.bitcoin
View file

@ -1,2 +0,0 @@
cargo build --features "binaries parity-db bitcoin" -p serai-processor && \
mv /serai/target/debug/serai-processor /serai/bin

73
orchestration/processor/monero/Dockerfile
View file

@ -1,73 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM rust:1.75-slim-bookworm as builder
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Add dev dependencies
RUN apt install -y pkg-config clang
# Dependencies for the Serai node
RUN apt install -y make protobuf-compiler
# Add the wasm toolchain
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Mount the caches and build
RUN --mount=type=cache,target=/root/.cargo \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/serai/target \
mkdir /serai/bin && \
cargo build --features "binaries parity-db monero" -p serai-processor && \
mv /serai/target/debug/serai-processor /serai/bin
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Install ca-certificates
RUN apt install -y ca-certificates
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin processor
USER processor
WORKDIR /home/processor
# Copy the Processor binary and relevant license
COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/
COPY --from=builder --chown=processor /serai/AGPL-3.0 .
# Run processor
CMD ["serai-processor"]

2
orchestration/processor/monero/Dockerfile.processor.monero
View file

@ -1,2 +0,0 @@
cargo build --features "binaries parity-db monero" -p serai-processor && \
mv /serai/target/debug/serai-processor /serai/bin

13
orchestration/processor/scripts/entry-dev.sh
View file

@ -1,13 +0,0 @@
#!/bin/bash
export MESSAGE_QUEUE_KEY="0000000000000000000000000000000000000000000000000000000000000000"
export MESSAGE_QUEUE_RPC="http://127.0.0.1:2287"
export DB_PATH="./processor-bitcoin-db"
export ENTROPY="0001020304050607080910111213141516171819202122232425262728293031"
export NETWORK="bitcoin"
export NETWORK_RPC_LOGIN="serai:seraidex"
export NETWORK_RPC_HOSTNAME="127.0.0.1"
export NETWORK_RPC_PORT="18443"
serai-processor

6
orchestration/runtime/Dockerfile
View file

@ -1,4 +1,4 @@
FROM rust:1.75.0-slim-bookworm as builder
FROM --platform=linux/amd64 rust:1.75.0-slim-bookworm as builder
# Move to a Debian package snapshot
RUN rm -rf /etc/apt/sources.list.d/debian.sources && \
@ -13,6 +13,7 @@ RUN apt install clang -y
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD patches /serai/patches
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
@ -20,9 +21,10 @@ ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD orchestration/Cargo.toml /serai/orchestration/Cargo.toml
ADD orchestration/src /serai/orchestration/src
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai

71
orchestration/serai/Dockerfile
View file

@ -1,71 +0,0 @@
FROM debian:bookworm-slim as mimalloc
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
FROM rust:1.75-slim-bookworm as builder
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Add dev dependencies
RUN apt install -y pkg-config clang
# Dependencies for the Serai node
RUN apt install -y make protobuf-compiler
# Add the wasm toolchain
RUN rustup target add wasm32-unknown-unknown
# Add files for build
ADD common /serai/common
ADD crypto /serai/crypto
ADD coins /serai/coins
ADD message-queue /serai/message-queue
ADD processor /serai/processor
ADD coordinator /serai/coordinator
ADD substrate /serai/substrate
ADD mini /serai/mini
ADD tests /serai/tests
ADD patches /serai/patches
ADD Cargo.toml /serai
ADD Cargo.lock /serai
ADD AGPL-3.0 /serai
WORKDIR /serai
# Mount the caches and build
RUN --mount=type=cache,target=/root/.cargo \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/serai/target \
mkdir /serai/bin && \
cargo build --release -p serai-node && \
mv /serai/target/release/serai-node /serai/bin
FROM debian:bookworm-slim as image
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Switch to a non-root user
RUN useradd --system --home /home/serai --shell /sbin/nologin serai
USER serai
WORKDIR /home/serai
# Copy the Serai binary and relevant license
COPY --from=builder --chown=serai /serai/bin/serai-node /bin/
COPY --from=builder --chown=serai /serai/AGPL-3.0 .
# Run node
EXPOSE 30333 9615 9933 9944
CMD ["serai-node"]

2
orchestration/serai/Dockerfile.serai
View file

@ -1,2 +0,0 @@
cargo build --release -p serai-node && \
mv /serai/target/release/serai-node /serai/bin

13
orchestration/serai/Dockerfile.serai.end
View file

@ -1,13 +0,0 @@
# Switch to a non-root user
RUN useradd --system --home /home/serai --shell /sbin/nologin serai
USER serai
WORKDIR /home/serai
# Copy the Serai binary and relevant license
COPY --from=builder --chown=serai /serai/bin/serai-node /bin/
COPY --from=builder --chown=serai /serai/AGPL-3.0 .
# Run node
EXPOSE 30333 9615 9933 9944
CMD ["serai-node"]

7
orchestration/serai/scripts/entry-dev.sh
View file

@ -1,7 +0,0 @@
#!/bin/bash
if [[ -z $VALIDATOR ]]; then
serai-node --tmp --chain $CHAIN --name $NAME
else
serai-node --tmp --chain $CHAIN --$NAME
fi

51
orchestration/coins/bitcoin/Dockerfile → orchestration/src/coins/bitcoin.rs
View file

@ -1,14 +1,10 @@
FROM debian:bookworm-slim as mimalloc
use std::{path::Path};
RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git
RUN git clone https://github.com/microsoft/mimalloc && \
cd mimalloc && \
git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \
mkdir -p out/secure && \
cd out/secure && \
cmake -DMI_SECURE=ON ../.. && \
make && \
cp ./libmimalloc-secure.so ../../../libmimalloc.so
use crate::{Network, Os, mimalloc, os, write_dockerfile};
pub fn bitcoin(orchestration_path: &Path, network: Network) {
#[rustfmt::skip]
const DOWNLOAD_BITCOIN: &str = r#"
FROM alpine:latest as bitcoin
ENV BITCOIN_VERSION=26.0
@ -31,19 +27,30 @@ RUN grep bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz SHA256SUMS | sh
# Prepare Image
RUN tar xzvf bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz
RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind .
FROM debian:bookworm-slim as image
"#;
COPY --from=mimalloc libmimalloc.so /usr/lib
RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload
RUN apt update && apt upgrade -y && apt autoremove -y && apt clean
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin bitcoin
USER bitcoin
WORKDIR /home/bitcoin
let setup = mimalloc(Os::Debian).to_string() + DOWNLOAD_BITCOIN;
let run_bitcoin = format!(
r#"
COPY --from=bitcoin --chown=bitcoin bitcoind /bin
COPY ./scripts /scripts
EXPOSE 8332 8333 18332 18333 18443 18444
# VOLUME ["/home/bitcoin/.bitcoin"]
EXPOSE 8332 8333
ADD /orchestration/{}/coins/bitcoin/run.sh /
CMD ["/run.sh"]
"#,
network.label()
);
let run =
os(Os::Debian, "RUN mkdir /volume && chown bitcoin:bitcoin /volume", "bitcoin") + &run_bitcoin;
let res = setup + &run;
let mut bitcoin_path = orchestration_path.to_path_buf();
bitcoin_path.push("coins");
bitcoin_path.push("bitcoin");
bitcoin_path.push("Dockerfile");
write_dockerfile(bitcoin_path, &res);
}

5
orchestration/src/coins/ethereum.rs Normal file
View file

@ -0,0 +1,5 @@
use std::path::Path;
pub fn ethereum(_orchestration_path: &Path) {
// TODO
}

Some files were not shown because too many files have changed in this diff Show more