-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathRiseInstaller-secure.sh
133 lines (103 loc) · 3.2 KB
/
RiseInstaller-secure.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#!/bin/bash
set -x
echo "initializing rise-core installation"
date
ps axjf
VMNAME=`hostname`
BLOCK="/etc/nginx/sites-enabled/default"
echo "What is your email address? This is for SSL configuration"
read email
echo "vmname: $VMNAME"
platform='ubuntu'
echo "Ubuntu detected - installing Rise-Core"
#Install pre-reqs
curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
sudo apt-get purge -y nodejs
sudo apt-get purge -y postgresql*
# Install Postgres, Node, Git
sudo apt-get update
sudo apt-get install -y nodejs postgresql
mkdir ~/.npm-global
npm config set prefix '~/.npm-global'
touch ~/.profile
echo "export PATH=~/.npm-global/bin:$PATH" >> ~/.profile
source ~/.profile
sudo apt-get install -y postgresql-contrib libpq-dev git build-essential
# Configure Firewall
sudo apt-get install -y ufw
sudo ufw disable
sudo ufw default deny incoming
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw allow 4242/tcp
sudo ufw --force enable
# Configure Postgres
sudo -u postgres psql -c "CREATE DATABASE rise_mainnet;"
sudo -u postgres psql -c "CREATE USER rise WITH PASSWORD '8E&)J}pzHt=4sHya';"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE rise_mainnet TO rise;"
if sudo pgrep -x "ntpd" > /dev/null; then
echo "√ NTP is running"
else
echo "X NTP is not running"
echo -e "\nInstalling NTP, please provide sudo password.\n"
sudo apt-get install ntp -yyq
sudo service ntp stop
sudo ntpdate pool.ntp.org
sudo service ntp start
fi
echo ""
echo ""
# Download Release
git clone https://github.com/RiseVision/rise-core.git
# Configure
echo "Installing Dependencies for Rise-Core"
cd rise-core
npm install -g forever
npm install --production
echo "Installing Dependencies for Web-UI"
cd public
npm install --production
cd ../
echo "Installing Nginx and SSL"
sudo apt-get install -y nginx
sudo service nginx stop
sudo tee $BLOCK > /dev/null <<EOF
server {
listen 80;
server_name $VMNAME;
return 301 https://\$host\$request_uri;
}
server {
listen 443 ssl;
server_name $VMNAME;
ssl_certificate /etc/letsencrypt/live/$VMNAME/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$VMNAME/privkey.pem;
location / {
proxy_pass http://localhost:4242;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host \$host;
proxy_cache_bypass \$http_upgrade;
}
}
EOF
wget https://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto
./certbot-auto certonly -d $VMNAME -m $email --agree-tos -n --no-verify-ssl
sudo mkdir /etc/nginx/ssl
cp -R /etc/letsencrypt/live/$VMNAME /etc/nginx/ssl
sudo chmod -R 600 /etc/nginx/ssl
sudo service nginx start
forever start app.js
echo "You should rise-core running in the above list"
echo ""
echo "Run the following command to start Rise-Core on Testnet if you need to start Rise-Core after a reboot. You will
need to be in the rise-core directory"
echo "npm start"
echo ""
echo "Exiting"
exit 0