diff options
| author | Spider.007 / Sjon | 2020-08-09 14:32:42 +0200 |
|---|---|---|
| committer | Spider.007 / Sjon | 2020-08-09 15:02:17 +0200 |
| commit | 396c6a5b26a0e2bef87769c248e26f6c6893eaee (patch) | |
| tree | a2c46e8c1627e3df4552858e9b999d199d3ead7d | |
| parent | 14d67fc58a33f0802e99b969ffdb1f3deb522245 (diff) | |
| download | aur-396c6a5b26a0e2bef87769c248e26f6c6893eaee.tar.gz | |
upgrade to alpha19, add slasher
| -rw-r--r-- | PKGBUILD | 13 | ||||
| -rw-r--r-- | prysm-beacon-chain.service | 23 | ||||
| -rw-r--r-- | prysm-slasher.service | 33 | ||||
| -rw-r--r-- | prysm-validator@.service | 5 |
4 files changed, 67 insertions, 7 deletions
@@ -1,11 +1,12 @@ # Maintainer: Spider.007 <aur@spider007.net> pkgname=prysm -pkgver=1.0.0_alpha.10 +pkgver=1.0.0_alpha.19 pkgrel=1 pkgdesc="go implementation of the Ethereum 2.0 blockchain" arch=('x86_64') url="https://prysmaticlabs.com/" license=(GPLv3) +options=('emptydirs') makedepends=( go ) @@ -13,26 +14,30 @@ source=( git+https://github.com/prysmaticlabs/prysm.git#tag=v${pkgver/_/-} prysm-validator@.service prysm-beacon-chain.service + prysm-slasher.service prysm.sysusers ) sha256sums=('SKIP' 'SKIP' 'SKIP' + 'SKIP' 'SKIP') package() { cd "$srcdir/$pkgname" - mkdir -p $pkgdir/usr/bin/ $pkgdir/usr/lib/systemd/system + mkdir -p "$pkgdir/usr/bin/" "$pkgdir/usr/lib/systemd/system" "$pkgdir/var/lib/prysm/validator" - for target in beacon-chain validator + for target in beacon-chain validator slasher do cd $target && HOME=/tmp go build -trimpath . && cd .. install "$srcdir/$pkgname/$target/$target" "$pkgdir/usr/bin/prysm.$target" done - install -Dm644 "$srcdir/prysm-validator@.service" -t "$pkgdir/usr/lib/systemd/system" install -Dm644 "$srcdir/prysm-beacon-chain.service" -t "$pkgdir/usr/lib/systemd/system" + install -Dm644 "$srcdir/prysm-slasher.service" -t "$pkgdir/usr/lib/systemd/system" + install -Dm644 "$srcdir/prysm-validator@.service" -t "$pkgdir/usr/lib/systemd/system" install -Dm 644 "$srcdir/${pkgname}.sysusers" "${pkgdir}/usr/lib/sysusers.d/${pkgname}.conf" + } diff --git a/prysm-beacon-chain.service b/prysm-beacon-chain.service index d2a3b71409eb..6fd8a524e9df 100644 --- a/prysm-beacon-chain.service +++ b/prysm-beacon-chain.service @@ -3,9 +3,30 @@ Description=Prysm beacon-chain client After=network-online.target [Service] -ExecStartPre=/usr/bin/mkdir -p /var/lib/prysm/beacon-chain +DynamicUser=true ExecStart=/usr/bin/prysm.beacon-chain --datadir=/var/lib/prysm/beacon-chain Restart=always +StateDirectory=prysm/beacon-chain + +NoNewPrivileges=yes +CapabilityBoundingSet= +SystemCallArchitectures=native +SystemCallFilter=@system-service + +PrivateDevices=yes +PrivateUsers=yes +PrivateTmp=yes + +ProtectSystem=strict +ProtectClock=yes +ProtectHome=true +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes + +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes [Install] WantedBy=default.target diff --git a/prysm-slasher.service b/prysm-slasher.service new file mode 100644 index 000000000000..15b9107b2759 --- /dev/null +++ b/prysm-slasher.service @@ -0,0 +1,33 @@ +[Unit] +Description=Prysm slasher +After=network-online.target + +[Service] +DynamicUser=true +ExecStart=/usr/bin/prysm.slasher --datadir=/var/lib/prysm/slasher +Restart=always +StateDirectory=prysm/slasher + +NoNewPrivileges=yes +CapabilityBoundingSet= +SystemCallArchitectures=native +SystemCallFilter=@system-service + +PrivateDevices=yes +PrivateUsers=yes +PrivateTmp=yes + +ProtectSystem=strict +ProtectClock=yes +ProtectHome=true +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes + +RestrictAddressFamilies=AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes + +[Install] +WantedBy=default.target diff --git a/prysm-validator@.service b/prysm-validator@.service index 6cef1f3ebdc0..caec111a2df9 100644 --- a/prysm-validator@.service +++ b/prysm-validator@.service @@ -5,9 +5,10 @@ After=network-online.target [Service] User=prysm EnvironmentFile=/etc/conf.d/prysm-validator.%i -ExecStartPre=/usr/bin/mkdir -p /var/lib/prysm/validator.%i/keys /var/lib/prysm/validator.%i/data -ExecStart=/usr/bin/prysm.validator --keymanager=keystore --keymanageropts='{"passphrase":"${password}","path":"/var/lib/prysm/validator.%i/keys"}' --beacon-rpc-provider=${beacon} --datadir=/var/lib/prysm/validator.%i/data +ExecStartPre=/usr/bin/mkdir -p /var/lib/prysm/validator/%i/keys /var/lib/prysm/validator/%i/data +ExecStart=/usr/bin/prysm.validator --keymanager=keystore --keymanageropts='{"passphrase":"${password}","path":"/var/lib/prysm/validator/%i/keys"}' --beacon-rpc-provider=${beacon} --datadir=/var/lib/prysm/validator/%i/data Restart=always +StateDirectory=prysm/validator [Install] WantedBy=default.target |