From 8b2d5de605d11757c86507bef564bd63879b88a5 Mon Sep 17 00:00:00 2001
From: kvnn <kriggen@gmail.com>
Date: Thu, 23 Feb 2023 21:10:32 -1000
Subject: [PATCH] MVP commit

---
 .gitignore   |  9 +++++
 README.md    | 53 ++++++++++++++++++++++++++++
 init.tpl     | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 main.tf      | 90 +++++++++++++++++++++++++++++++++++++++++++++++
 outputs.tf   | 20 +++++++++++
 variables.tf | 26 ++++++++++++++
 6 files changed, 296 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 init.tpl
 create mode 100644 main.tf
 create mode 100644 outputs.tf
 create mode 100644 variables.tf

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b70dd50
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,9 @@
+.DS_Store
+*.pyc
+*.code-workspace
+.env*
+lambdas/python
+*.zip
+env
+node_modules
+.terraform
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7098c8e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,53 @@
+
+# OrdServer
+This is a one-click AWS deployment to run a Bitcoin full-node and [Ord](https://github.com/casey/ord) instance.
+
+
+## Quickstart
+1. Have an AWS account set up with the cli : https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
+2. `git clone git@github.com:kvnn/OrdServer.git`
+3. `cd OrdServer`
+4. `terraform init`
+5. `terraform apply`
+6. visit your server:
+   1. copy / paste the `ssh_connection_string` (printed once #5 is complete) to connect to your instance
+   2. in instance, run `tail -f /var/log/cloud-init-output.log` to see status of the post-deploy script
+   3. wait until you see "ord-server init.tpl finished" in the above before taking any actions
+   4. view bitcoind status: `sudo systemctl status bitcoin-for-ord.service`
+   5. you can run ord commands via `/home/ubuntu/ord/target/release/ord --bitcoin-data-dir=/mnt/bitcoin-ord-data/bitcoin --data-dir=/mnt/bitcoin-ord-data/ord {CMD e.g. "info"}`
+<!-- COMING SOON 6. run the visibility / control client:
+   1. `python3 -m http.server -d client 8888`
+   2. http://localhost:8888 -->
+
+
+
+## Details
+- this is currently set up to run on AWS `us-west-2`
+- it sets up a volume at `/mnt/bitcoin-ord-data` with bitcoin and ord data dirs synced up to February 22 2013
+- you can change regions, availability zones and instance types in `variables.tf`. Note that the data drive mount may fail for instances that use `nvme` type drives, and it may fail for other regions. If you have a use-case you need help with, feel free to create an Issue.
+- the AMI used is a standard AWS AMI
+- see `init.tpl` for the scripting done to your server (e.g. to make sure there are no backdoors here)
+  
+
+## TODO
+- server
+  - [ ] verify that `bitcoin-cli` works
+  - [ ] include controller websocket server (VERY SOON)
+    - [ ] add authentication token via terraform
+  - [ ] implement Inscription functionality
+    - [ ] resilient queueing
+    - [ ] smart queue consumer
+    - [ ] light database for managing queued Inscriptions
+- client
+  - [ ] release MVP (VERY SOON)
+  - [ ] include `bitcoin-cli` controls
+  - [ ] finish Ord controls
+  - [ ] implement Inscription functionality
+    - [ ] custom parameters (e..g fee_rate)
+    - [ ] queue visbility
+      - [ ] Inscription status
+        - [ ] internal info
+        - [ ] on-chain info
+    - [ ] queue controls
+      - [ ] cancel
+      - [ ] prioritize / replace tx
\ No newline at end of file
diff --git a/init.tpl b/init.tpl
new file mode 100644
index 0000000..79fd368
--- /dev/null
+++ b/init.tpl
@@ -0,0 +1,98 @@
+#!/bin/bash
+echo "ord-server init.tpl starting"
+
+# to view logs in instance: `cat /var/log/cloud-init-output.log`
+# to view this script in instance: `sudo cat /var/lib/cloud/instances/{instance_id}/user-data.txt`
+
+# set up a mount for our Bitcoin & Ord data dir
+sudo mkdir /mnt/bitcoin-ord-data
+sudo chown ubuntu.ubuntu /mnt/bitcoin-ord-data
+echo "/dev/xvdh /mnt/bitcoin-ord-data xfs defaults 0 2" | sudo tee -a /etc/fstab
+sudo mount /dev/xvdh /mnt/bitcoin-ord-data/
+
+# set up bitcoin
+cd ~
+wget https://bitcoincore.org/bin/bitcoin-core-24.0.1/bitcoin-24.0.1-x86_64-linux-gnu.tar.gz
+tar xvzf bitcoin-24.0.1-x86_64-linux-gnu.tar.gz
+sudo mv bitcoin-24.0.1 /usr/local/bin/bitcoin
+sudo mkdir /etc/bitcoin
+sudo chmod 755 /etc/bitcoin
+sudo cp /usr/local/bin/bitcoin/bitcoin.conf /etc/bitcoin/bitcoin.conf
+sudo chown -R ubuntu.ubuntu /etc/bitcoin
+
+# set up bitcoin service (TODO: lets separate this into a file transfer)
+sudo tee -a /etc/systemd/system/bitcoin-for-ord.service <<EOF
+[Unit]
+Description=Bitcoin daemon
+Documentation=https://github.com/bitcoin/bitcoin/blob/master/doc/init.md
+# https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+ExecStart=/usr/local/bin/bitcoin/bin/bitcoind -txindex -pid=/mnt/bitcoin-ord-data/bitcoin/bitcoind.pid -conf=/etc/bitcoin/bitcoin.conf -datadir=/mnt/bitcoin-ord-data/bitcoin --daemon
+Type=forking
+Restart=on-failure
+TimeoutStartSec=infinity
+TimeoutStopSec=600
+User=ubuntu
+Group=ubuntu
+PrivateTmp=true
+ProtectSystem=full
+EOF
+
+# start bitcoind service
+sudo /usr/bin/systemctl start bitcoin-for-ord.service
+
+# install low level essentials for Ord
+sudo apt-get update
+sudo DEBIAN_FRONTEND=noninteractive apt-get --assume-yes install libssl-dev
+sudo DEBIAN_FRONTEND=noninteractive apt-get --assume-yes install build-essential
+
+# install rust for Ord
+cd /home/ubuntu
+HOME=/home/ubuntu curl https://sh.rustup.rs -sSf | HOME=/home/ubuntu sh -s -- -y --no-modify-path --default-toolchain stable
+
+# # fix ownership of new /home/ubuntu subdirectories
+sudo chown ubuntu.ubuntu -R /home/ubuntu/.cargo /home/ubuntu/.rustup
+
+# source paths for rust / cargo
+source /home/ubuntu/.bashrc
+source /home/ubuntu/.cargo/env
+
+# build ord
+git clone https://github.com/casey/ord.git
+sudo chown ubuntu.ubuntu /home/ubuntu/ord
+cd ord
+sudo -H -u ubuntu /home/ubuntu/.cargo/bin/cargo build --release
+
+
+# set up ord indexing service
+sudo tee -a /etc/systemd/system/ord.service <<EOF
+[Unit]
+After=network.target
+Description=Ord server
+StartLimitBurst=120
+StartLimitIntervalSec=10m
+
+[Service]
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+Environment=RUST_BACKTRACE=1
+Environment=RUST_LOG=info
+ExecStart=/home/ubuntu/ord/target/release/ord --bitcoin-data-dir=/mnt/bitcoin-ord-data/bitcoin --data-dir=/mnt/bitcoin-ord-data/ord index
+Restart=on-failure
+# bitcoind may need to finish syncing, so lets keep a long restart time
+RestartSec=60s
+TimeoutStopSec=3000m
+Type=simple
+User=ubuntu
+Group=ubuntu
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+# # start ord service
+sudo systemctl start ord.service
+
+echo "ord-server init.tpl finished"
\ No newline at end of file
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..0420b25
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,90 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.16"
+    }
+  }
+
+  required_version = ">= 1.2.0"
+}
+
+provider "aws" {
+  region = var.region
+}
+
+resource "aws_security_group" "ord_server_ssh_sg" {
+  name = "ord_server_ssh_sg"
+
+  ingress { # ssh
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  /* ingress { # websocket
+    from_port   = 8765
+    to_port     = 8765
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  } */
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+
+resource "tls_private_key" "pk" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "aws_key_pair" "kp" {
+  key_name   = "ord_server_key"  # Create "ord_server_key" in AWS
+  public_key = tls_private_key.pk.public_key_openssh
+
+  provisioner "local-exec" { # Create "ord_server.pem" locally
+    command = <<-EOT
+      echo '${tls_private_key.pk.private_key_pem}' > ~/.ssh/ord_server_${tls_private_key.pk.id}.pem
+      chmod 400  ~/.ssh/ord_server_${tls_private_key.pk.id}.pem
+    EOT
+  }
+}
+
+
+resource "aws_instance" "ord_server" {
+  ami           = "ami-095413544ce52437d"
+  instance_type = var.instance_type
+  availability_zone = var.availability_zone
+  user_data = templatefile("init.tpl", {
+    # environment = var.env
+  })
+  key_name      = aws_key_pair.kp.key_name
+  security_groups = [aws_security_group.ord_server_ssh_sg.name]
+
+  tags = {
+    Name = var.instance_name
+  }
+}
+
+resource "aws_ebs_volume" "bitcoin_ord_data" {
+  # ~ $10 / month
+  # This snapshot is from February 23, & contains fully synced bitcoind & ord data dirs
+  snapshot_id = "snap-0f22f774e2f0528f0"
+  availability_zone = var.availability_zone
+  type = "gp3"
+
+  size = 3123
+  iops = 4000
+}
+
+resource "aws_volume_attachment" "bitcoin_ord_data_att" {
+  # note that this device_name is not respected by the instance types that use nvme
+  device_name = "/dev/xvdh"
+  volume_id   = aws_ebs_volume.bitcoin_ord_data.id
+  instance_id = aws_instance.ord_server.id
+}
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..a19431c
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,20 @@
+output "instance_id" {
+  description = "ID of the EC2 instance"
+  value       = aws_instance.ord_server.id
+}
+
+output "instance_public_ip" {
+  description = "Public IP address of the EC2 instance"
+  value       = aws_instance.ord_server.public_dns
+}
+
+output "ssh_connection_string" {
+  description = "Connection string to connect to instance via ssh"
+  # value = format("ssh -i %s ubuntu@%s", var.zone, var.cluster_name)
+  value = "ssh -o 'StrictHostKeyChecking no'  -i ~/.ssh/ord_server_${tls_private_key.pk.id}.pem ubuntu@${aws_instance.ord_server.public_dns}"
+}
+
+output "bitcoin_ord_data_volume_device_name" {
+  description = "Device name for our snapshot'd bitcoin and ord volume"
+  value = aws_volume_attachment.bitcoin_ord_data_att.device_name
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..0f9a55d
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,26 @@
+variable "instance_name" {
+  description = "Value of the Name tag for the EC2 instance"
+  type        = string
+  default     = "OrdServer"
+}
+
+
+variable "region" {
+  type = string
+  default = "us-west-2"
+}
+
+variable "availability_zone" {
+  type = string
+  default = "us-west-2c"
+}
+
+
+variable "instance_type" {
+  type = string
+  # Compute optimized, e.g. c6a.xlarge, would likely be better but I've found the
+  # disk logic in those instance types to be indeterministic and time consuming to program.
+  default = "t2.large" # ~$67 / month
+  # default = "c6a.xlarge" # ~ $110 / month      compute-optimized   4vCPU	8GB
+  # default = "x2gd.large"  # ~ $120 / month   memory-optimized    2vCPU	32GB
+}
\ No newline at end of file