|
|
|
# radicle notes
|
|
|
|
radicle.xyz
|
|
|
|
|
|
|
|
# Install build deps
|
|
|
|
apt install \
|
|
|
|
-t buster-backports \
|
|
|
|
apache2 \
|
|
|
|
build-essential \
|
|
|
|
npm \
|
|
|
|
python3-certbot-apache \
|
|
|
|
yarnpkg
|
|
|
|
|
|
|
|
# Add firewall rules:
|
|
|
|
# UDP
|
|
|
|
-A INPUT -p udp --dport 12345 -j ACCEPT
|
|
|
|
# Web Admin
|
|
|
|
-A INPUT -p tcp --dport 8080 -j ACCEPT
|
|
|
|
# Web proxy
|
|
|
|
-A INPUT -p tcp --dport 80 -j ACCEPT
|
|
|
|
-A INPUT -p tcp --dport 443 -j ACCEPT
|
|
|
|
# Dev server
|
|
|
|
-A INPUT -p tcp --dport 5000 -j ACCEPT
|
|
|
|
|
|
|
|
# Enable apache modules
|
|
|
|
a2enmod ssl rewrite proxy proxy_http
|
|
|
|
a2ensite default-ssl.conf
|
|
|
|
systemctl restart apache2
|
|
|
|
|
|
|
|
# Set up certbot:
|
|
|
|
certbot
|
|
|
|
|
|
|
|
# test it:
|
|
|
|
echo rad.forksand.com > /var/www/html/index.html
|
|
|
|
|
|
|
|
# https://rad.forksand.com
|
|
|
|
|
|
|
|
# Configure apache2 https proxy
|
|
|
|
|
|
|
|
$ cat /etc/apache2/sites-enabled/000-default-le-ssl.conf
|
|
|
|
<IfModule mod_ssl.c>
|
|
|
|
<VirtualHost *:443>
|
|
|
|
ServerAdmin webmaster@localhost
|
|
|
|
DocumentRoot /var/www/html
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
|
|
ServerName rad.forksand.com
|
|
|
|
SSLCertificateFile /etc/letsencrypt/live/rad.forksand.com/fullchain.pem
|
|
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/rad.forksand.com/privkey.pem
|
|
|
|
Include /etc/letsencrypt/options-ssl-apache.conf
|
|
|
|
|
|
|
|
RewriteEngine on
|
|
|
|
RewriteCond %{SERVER_NAME} =rad.spacecruft.net [OR]
|
|
|
|
RewriteCond %{SERVER_NAME} =rad.spacecruft.com
|
|
|
|
RewriteRule ^ https://rad.forksand.com%{REQUEST_URI} [END,NE,R=permanent]
|
|
|
|
|
|
|
|
ProxyPreserveHost On
|
|
|
|
ProxyRequests off
|
|
|
|
AllowEncodedSlashes NoDecode
|
|
|
|
ProxyPass / http://localhost:8080/ nocanon
|
|
|
|
ProxyPassReverse / http://localhost:8080/
|
|
|
|
|
|
|
|
</VirtualHost>
|
|
|
|
</IfModule>
|
|
|
|
|
|
|
|
EOF
|
|
|
|
# Install rustup
|
|
|
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
|
|
|
|
|
|
|
|
source $HOME/.cargo/env
|
|
|
|
|
|
|
|
# Install yarn
|
|
|
|
mkdir -p ~/bin/
|
|
|
|
cd ~/bin/
|
|
|
|
ln -s /usr/bin/yarnpkg yarn
|
|
|
|
|
|
|
|
which yarn
|
|
|
|
|
|
|
|
# Clone radicle
|
|
|
|
cd ~/devel/
|
|
|
|
git clone https://github.com/radicle-dev/radicle-bins.git
|
|
|
|
cd radicle-bins
|
|
|
|
|
|
|
|
# Build with yarn
|
|
|
|
cd seed/ui
|
|
|
|
yarn
|
|
|
|
yarn build
|
|
|
|
|
|
|
|
mkdir -p ~/.radicle-seed
|
|
|
|
chmod og-rwx ~/.radicle-seed
|
|
|
|
|
|
|
|
# add to ~/.bashrc
|
|
|
|
export PATH="$HOME/.radicale/bin:$PATH"
|
|
|
|
|
|
|
|
# Create key
|
|
|
|
cargo run -p radicle-keyutil -- --filename ~/.radicle-seed/secret.key
|
|
|
|
|
|
|
|
|
|
|
|
# Run the thing:
|
|
|
|
cat >>
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
set -x
|
|
|
|
|
|
|
|
cd ~/devel/radicle-bins/
|
|
|
|
|
|
|
|
cargo run \
|
|
|
|
--verbose \
|
|
|
|
-p radicle-seed-node --release -- \
|
|
|
|
--log debug \
|
|
|
|
--root ~/.radicle-seed \
|
|
|
|
--peer-listen 0.0.0.0:12345 \
|
|
|
|
--http-listen 0.0.0.0:8080 \
|
|
|
|
--name "Fork Sand seedling" \
|
|
|
|
--public-addr "rad.forksand.com:12345" \
|
|
|
|
--assets-path seed/ui/public \
|
|
|
|
< ~/.radicle-seed/secret.key
|
|
|
|
EOF
|
|
|
|
|
|
|
|
# Dev mode
|
|
|
|
# To start a local dev server for preview, run: `yarn run dev`, then point your
|
|
|
|
# browser at: http://localhost:5000.
|
|
|
|
yarn run dev
|
|
|
|
# Dev tunnel
|
|
|
|
ssh -N -C -L 5000:localhost:5000 rad.forksand.com
|
|
|
|
|
|
|
|
# Peer to Peer
|
|
|
|
# p2p nodes example:
|
|
|
|
# hyy5s7ysg96fqa91gbe7h38yddh4mkokft7y4htt8szt9e17sxoe3h@seed.my.org:12345
|
|
|
|
# abc123@rad.forksand.com:12345
|
|
|
|
|