Docker and AWS CloudFormation support

Author: Sjors

Matreon.Template

@@ -0,0 +1,193 @@
+{
+  "AWSTemplateFormatVersion" : "2010-09-09",
+  
+  "Description" : "Creates a single EC2 instance with a pruned Bitcoin Core node, C-Lightning, Lightning Charge, Postgres, Ruby on Rails and Matreon.",
+  
+  "Parameters" : {
+    
+    "KeyName": {
+      "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances",
+      "Type": "AWS::EC2::KeyPair::KeyName",
+      "ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
+    },    
+
+    "InstanceType" : {
+      "Description" : "WebServer EC2 instance type",
+      "Type" : "String",
+      "Default" : "t2.small",
+      "AllowedValues" : [ "t2.micro", "t2.small", "t2.medium"],
+      "ConstraintDescription" : "must be a valid EC2 instance type."
+    },
+
+    "SSHLocation" : {
+      "Description" : "The IP address range that can be used to SSH to the EC2 instances",
+      "Type": "String",
+      "MinLength": "9",
+      "MaxLength": "18",
+      "Default": "0.0.0.0/0",
+      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
+      "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
+    } 
+  },
+  
+  "Mappings" : {
+    "AWSInstanceType2Arch" : {
+      "t2.micro"    : { "Arch" : "HVM64"  },
+      "t2.small"    : { "Arch" : "HVM64"  },
+      "t2.medium"   : { "Arch" : "HVM64"  }
+    },
+
+    "AWSInstanceType2NATArch" : {
+      "t2.micro"    : { "Arch" : "NATHVM64"  },
+      "t2.small"    : { "Arch" : "NATHVM64"  },
+      "t2.medium"   : { "Arch" : "NATHVM64"  }
+
+    },
+  
+    "AWSRegionArch2AMI" : {
+      "eu-central-1"     : {"HVM64" : "ami-5652ce39"}
+    }
+
+  },
+
+  "Resources" : {     
+
+    "WebServer": {  
+      "Type": "AWS::EC2::Instance",
+      "Metadata" : {
+        "AWS::CloudFormation::Init" : {
+          "configSets" : {
+            "full_install" : [ "install_cfn", "install_docker", "install_container_bitcoin", "install_matreon" ]
+          },
+
+          "install_cfn" : {
+            "files" : {
+              "/etc/cfn/cfn-hup.conf" : {
+                "content" : { "Fn::Join" : ["", [
+                  "[main]\n",
+                  "stack=", { "Ref" : "AWS::StackId" }, "\n",
+                  "region=", { "Ref" : "AWS::Region" }, "\n"
+                ]]},
+                "mode"    : "000400",
+                "owner"   : "root",
+                "group"   : "root"
+              },
+
+              "/etc/cfn/hooks.d/cfn-auto-reloader.conf" : {
+                "content": { "Fn::Join" : ["", [
+                  "[cfn-auto-reloader-hook]\n",
+                  "triggers=post.update\n",
+                  "path=Resources.WebServer.Metadata.AWS::CloudFormation::Init\n",
+                  "action=/opt/aws/bin/cfn-init -v ",
+                  "         --stack ", { "Ref" : "AWS::StackName" },
+                  "         --resource WebServer ",
+                  "         --configsets full_install ",
+                  "         --region ", { "Ref" : "AWS::Region" }, "\n",
+                  "runas=root\n"
+                ]]},
+                "mode"    : "000400",
+                "owner"   : "root",
+                "group"   : "root"
+              }
+            },
+
+            "services" : {
+              "sysvinit" : {  
+                "cfn-hup" : { "enabled" : "true", "ensureRunning" : "true",
+                              "files" : ["/etc/cfn/cfn-hup.conf", "/etc/cfn/hooks.d/cfn-auto-reloader.conf"]}
+              }
+            }
+          },
+
+          "install_docker": {
+            "commands": {
+              "01_install_docker": {
+                "command": "yum install -y docker git && useradd bitcoin && usermod -a -G docker ec2-user && usermod -a -G docker bitcoin > /var/log/install_docker.log"
+              },
+              "02_install_docker_compose": {
+                "command": {"Fn::Join" : ["", [
+                  "sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose &&",
+                  "sudo chmod +x /usr/local/bin/docker-compose ",
+                  "> /var/log/install_docker.log"
+                ]]}
+              },
+              "03_start_service": {
+                "command": "service docker start > /var/log/install_docker.log"
+              }
+            }
+          },
+          
+          "install_container_bitcoin": {
+            "commands": {
+              "01_configure_datadir": {
+                "command": "su - bitcoin -c 'mkdir /home/bitcoin/bitcoin'"
+              },
+              "02_clone_repo": {
+                "command": "su - bitcoin -c 'git clone https://github.com/NicolasDorier/docker-bitcoin'"
+              },
+              "03_docker_build": {
+                "command": "su - bitcoin -c 'docker build docker-bitcoin/core/0.16.0 -t bitcoind:0.16.0'"
+              }
+            }
+          },
+          
+          "install_matreon": {
+            "commands": {
+              "01_clone_repo": {
+                "command": "su - ec2-user -c 'git clone https://github.com/Sjors/matreon.git && cd matreon && git checkout 2018/05/docker-compose-aws-cloud'"
+              },
+              "02_launch": {
+                "command": "su - ec2-user -c 'cd matreon && BITCOIN_DATADIR=/home/bitcoin/bitcoin docker-compose up -d'"
+              }
+            }
+          }
+        }
+      },
+      "Properties": {
+        "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
+                          { "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
+        "InstanceType"   : { "Ref" : "InstanceType" },
+        "SecurityGroups" : [ {"Ref" : "WebServerSecurityGroup"} ],
+        "KeyName"        : { "Ref" : "KeyName" },
+        "UserData"       : { "Fn::Base64" : { "Fn::Join" : ["", [
+          "#!/bin/bash -xe\n",
+          "yum update -y aws-cfn-bootstrap\n",
+
+          "/opt/aws/bin/cfn-init -v ",
+          "         --stack ", { "Ref" : "AWS::StackId" },
+          "         --resource WebServer ",
+          "         --configsets full_install ",
+          "         --region ", { "Ref" : "AWS::Region" }, "\n",
+
+          "/opt/aws/bin/cfn-signal -e $? ",
+          "         --stack ", { "Ref" : "AWS::StackId" },
+          "         --resource WebServer ",
+          "         --region ", { "Ref" : "AWS::Region" }, "\n"
+        ]]}}        
+      },
+      "CreationPolicy" : {
+        "ResourceSignal" : {
+          "Timeout" : "PT30M"
+        }
+      }
+    },
+    
+    "WebServerSecurityGroup" : {
+      "Type" : "AWS::EC2::SecurityGroup",
+      "Properties" : {
+        "GroupDescription" : "Enable Bitcoin P22 and SSH access",
+        "SecurityGroupIngress" : [
+          {"IpProtocol" : "tcp", "FromPort" : "8883", "ToPort" : "8883", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : { "Ref" : "SSHLocation"}}
+        ]
+      }      
+    }          
+  },
+  
+  "Outputs" : {
+    "WebsiteURL" : {
+      "Value" : { "Fn::Join" : ["", ["http://", { "Fn::GetAtt" : [ "WebServer", "PublicDnsName" ]}, "/" ]] },
+      "Description" : "URL for your Matreon"
+    }
+  }
+}

README.md

@@ -5,12 +5,65 @@ Current status: extremely experimental!
 
 Live instance: [matreon.sprovoost.nl](https://matreon.sprovoost.nl/)
 
-## Prerequisites
+## Deploy to AWS using Docker
 
-You need to run [c-lightning](https://github.com/ElementsProject/lightning) and [Lightning Charge](https://github.com/ElementsProject/lightning-charge) somewhere.
+Coming soon... 
+
+Install the Amazon CloudFormation template by downloading [Matreon.Template](https://raw.githubusercontent.com/Sjors/matreon/master/Matreon.Template) and then uploading it on the [CloudFormation stack creation page](https://eu-central-1.console.aws.amazon.com/cloudformation/home?region=eu-central-1&stackName=Matreon#/stacks/new).
+
+You'll need to enter some details:
+
+[SCREENSHOT]
+
+[HINTS]
+
+See the next section for what's happening under the hood.
+
+## Deploy elsewhere using Docker
+
+Install [Docker](https://docs.docker.com/install/).
+
+Work in progress. For now it just launches `bitcoind` and syncs the node.
+
+Create a directory to store the blockchain, wallet info, etc:
+
+```sh
+mkdir matreon-vol
+mkdir matreon-vol/bitcoin
+```
+
+We use Docker Compose to combine a number of containers. To minimize trust, we build these
+containers locally.
+
+### Container 1 - bitcoind
+
+```sh
+git clone https://github.com/NicolasDorier/docker-bitcoin
+docker build docker-bitcoin/core/0.16.0 -t bitcoind:0.16.0
+```
+
+### Docker Compose
+
+From the Matreon project directory:
+
+```sh
+BITCOIN_DATADIR=~/matreon-vol/bitcoin docker-compose up
+```
+
+To shut it down
+
+```
+docker-compose down
+```
 
 ## Deploy to Heroku
 
+### Prerequisites
+
+You need to run [c-lightning](https://github.com/ElementsProject/lightning) and [Lightning Charge](https://github.com/ElementsProject/lightning-charge) somewhere.
+
+### Heroku
+
 Create a new Heroku app `app-name` and add the Sendgrid Add-On.
 
 Clone this repo and:

docker-compose.yml

@@ -0,0 +1,19 @@
+version: "3"
+
+services:
+  bitcoind:
+    restart: always
+    user: bitcoin
+    image: bitcoind:0.16.0
+    environment:
+      BITCOIN_EXTRA_ARGS: |
+        ${NBITCOIN_NETWORK:-testnet}=1
+        whitelist=0.0.0.0/0
+        prune=2000
+    expose:
+      - "8882"
+      - "8883"
+      - "18882"
+      - "18883"
+    volumes:
+      - ${BITCOIN_DATADIR}:/home/bitcoin/.bitcoin