From 7bbc4e41099ade97a1c131dfe856c1d141dd6ac6 Mon Sep 17 00:00:00 2001
From: Nikita Poberezkin <39944650+npoberezkin@users.noreply.github.com>
Date: Fri, 28 May 2021 21:00:24 +0300
Subject: [PATCH] add linode deployment recipe, modify smp-server-linode script
(#151)
---
README.md | 25 ++++++++++++-
scripts/smp-server-linode.sh | 69 ++++++++++++++++++++++++++++--------
2 files changed, 78 insertions(+), 16 deletions(-)
diff --git a/README.md b/README.md
index c8281be63..1af6901ee 100644
--- a/README.md
+++ b/README.md
@@ -50,12 +50,35 @@ See [simplex-chat](https://github.com/simplex-chat/simplex-chat) terminal UI for
## Using SMP server and SMP agent
-You can either run SMP server locally or try local SMP agent with the deployed demo server:
+You can either run your own SMP server locally or deploy using Linode or DigitalOcean recipe, or try local SMP agent with the deployed demo server:
`smp1.simplex.im:5223#pLdiGvm0jD1CMblnov6Edd/391OrYsShw+RgdfR0ChA=`
It's the easiest to try SMP agent via a prototype [simplex-chat](https://github.com/simplex-chat/simplex-chat) terminal UI.
+### Deploy SMP server on Linode
+
+You can get Linode [free credits](https://www.linode.com/lp/affiliate-referral/?irclickid=02-QkdTEpxyLW0W0EOSREQreUkB2DtzGE2lGTE0&irgwc=1&utm_source=impact) to deploy SMP server.
+
+To deploy SMP server on [Linode](https://www.linode.com/):
+- Create a Linode account or login with an already existing one.
+- Go to [SMP server StackScript](https://cloud.linode.com/stackscripts/837009) and choose "Deploy New Linode".
+- You can optionally configure the following parameters:
+ - [SMP Server store log](#SMP-server) flag for queue persistence on server restart (recommended).
+ - [Linode API token](https://www.linode.com/docs/guides/getting-started-with-the-linode-api#get-an-access-token) for attaching server info as tags to Linode (server address, public key hash, version) and adding A record to your 2nd level domain (Note: 2nd level e.g. `example.com` domain should be [created](https://cloud.linode.com/domains/create) in your account prior to deployment). The API token access scope should be read/write access to "linodes" (to update linode tags - you need them), and "domains" (to add A record for the 3rd level domain, e.g. `smp`).
+ - Domain name to use instead of Linode ip address, e.g. `smp.example.com`.
+- Choose the region and plan according to your requirements (for regular use Shared CPU Nanode should be sufficient).
+- Provide ssh key to be able to connect to your Linode via ssh. This step is required if you haven't provided a Linode API token, because you will need to login to your Linode and get a public key hash either from the welcome message or from the file `/root/simplex.conf` on your Linode after SMP server starts.
+- Deploy your Linode. After it starts wait for SMP server to start and for tags to appear (if a Linode API token was provided). It may take up to 5 minutes depending on the connection speed on the Linode. Connecting Linode IP address to provided domain name may take some additional time.
+- Get `hostname` and `hash` either from Linode tags (click on a tag and copy it's value from the browser search panel) or via ssh. Linode has a good [guide](https://www.linode.com/docs/guides/use-public-key-authentication-with-ssh/) about ssh.
+- Great, your own SMP server is ready! Use `address#hash` as SMP server address in the client.
+
+Please submit an [issue](https://github.com/simplex-chat/simplexmq/issues) if any problems occur.
+
+### 🚧 Deploy SMP server on DigitalOcean 🚧
+
+Coming soon.
+
## SMP server design
diff --git a/scripts/smp-server-linode.sh b/scripts/smp-server-linode.sh
index 2c770f5ba..dd899fafe 100644
--- a/scripts/smp-server-linode.sh
+++ b/scripts/smp-server-linode.sh
@@ -1,18 +1,26 @@
#!/bin/bash
#
-#
-#
+#
+#
# log all stdout output to stackscript.log
exec &> >(tee -i /var/log/stackscript.log)
-# enable debugging features
-set -xeo pipefail
+# uncomment next line to enable debugging features
+# set -xeo pipefail
cd $HOME
-sudo apt-get update -y
+sudo apt-get -y update
+sudo apt-get -y upgrade
sudo apt-get install -y jq
+# add firewall
+echo "y" | ufw enable
+# open ports
+ufw allow ssh
+ufw allow http
+ufw allow 5223
+
# retrieve latest release info and download smp-server executable
curl -s https://api.github.com/repos/simplex-chat/simplexmq/releases/latest > release.json
jq '.assets[].browser_download_url | select(test("smp-server-ubuntu-20_04-x86-64"))' release.json \
@@ -39,20 +47,36 @@ mkdir -p /var/opt/simplex
init_opts=()
[[ $ENABLE_STORE_LOG == "on" ]] && init_opts+=(-l)
smp-server init "${init_opts[@]}" > simplex.conf
+tail -n +2 "simplex.conf" > "simplex.tmp" && mv "simplex.tmp" "simplex.conf"
# turn off websockets support
sed -e '/websockets/s/^/# /g' -i /etc/opt/simplex/smp-server.ini
-# prepare tags
-ip_address=$(curl ifconfig.me)
-address=$([[ -z "$DOMAIN_ADDRESS" ]] && echo $ip_address || echo $DOMAIN_ADDRESS)
-hash=$(cat simplex.conf | grep hash: | cut -f2 -d":" | xargs)
-release_version=$(jq '.tag_name' release.json | tr -d \")
+if [ ! -z "$API_TOKEN" ]; then
+ ip_address=$(curl ifconfig.me)
+ address=$ip_address
+ if [ ! -z "$FQDN" ]; then
+ domain_address=$(echo $FQDN | rev | cut -d "." -f 1,2 | rev)
+ # create A record if domain is created in linode account
+ domain_id=$(curl -H "Authorization: Bearer $API_TOKEN" https://api.linode.com/v4/domains \
+ | jq --arg da "$domain_address" '.data[] | select( .domain == $da ) | .id')
+ if [[ ! -z $domain_id ]]; then
+ curl -s -H "Content-Type: application/json" \
+ -H "Authorization: Bearer $API_TOKEN" \
+ -X POST -d "{\"type\":\"A\",\"name\":\"$FQDN\",\"target\":\"$ip_address\"}" \
+ https://api.linode.com/v4/domains/${domain_id}/records
+ address=$FQDN
+ fi
+ fi
-# update linode's tags
-curl -H "Content-Type: application/json" \
- -H "Authorization: Bearer $API_TOKEN" \
- -X PUT -d "{\"tags\":[\"$address\",\"#$hash\",\"$release_version\"]}" \
- https://api.linode.com/v4/linode/instances/$LINODE_ID
+ hash=$(cat simplex.conf | grep hash: | cut -f2 -d":" | xargs)
+ release_version=$(jq '.tag_name' release.json | tr -d \")
+
+ # update linode's tags
+ curl -s -H "Content-Type: application/json" \
+ -H "Authorization: Bearer $API_TOKEN" \
+ -X PUT -d "{\"tags\":[\"$address\",\"#$hash\",\"$release_version\"]}" \
+ https://api.linode.com/v4/linode/instances/$LINODE_ID
+fi
# create, enable and start SMP server systemd service
cat <> /etc/systemd/system/smp-server.service
@@ -71,3 +95,18 @@ EOT
chmod 644 /etc/systemd/system/smp-server.service
sudo systemctl enable smp-server
sudo systemctl start smp-server
+
+# create script that will on login
+cat <> /opt/simplex/on_login.sh
+#!/bin/bash
+
+printf "\n### SMP server address: $address#$hash ###\n"
+printf "### to see SMP server status run: systemctl status smp-server ###\n"
+printf "### (to stop seeing this message delete line - bash /opt/simplex/on_login.sh - from /root/.bashrc) ###\n\n"
+
+EOT
+chmod +x /opt/simplex/on_login.sh
+echo "bash /opt/simplex/on_login.sh" >> /root/.bashrc
+
+# cleanup
+rm release.json