diff --git a/.github/workflows/deploy-faucet.yml b/.github/workflows/deploy-faucet.yml new file mode 100644 index 0000000000..32b03db847 --- /dev/null +++ b/.github/workflows/deploy-faucet.yml @@ -0,0 +1,94 @@ +name: Deploy Faucet + +on: + workflow_dispatch: + +env: + REGISTRY: ghcr.io + ORGANIZATION: happychaindevs + PM2_PROCESS_NAME: faucet + FAUCET_DB_PATH: /home/faucet/faucet.sqlite + TXM_DB_PATH: /home/faucet/txm.sqlite + + +jobs: + deploy: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout code + uses: actions/checkout@v4.2.0 + + - uses: oven-sh/setup-bun@v2 + with: + bun-version: latest + + - name: Install Foundry + uses: foundry-rs/foundry-toolchain@v1 + + - name: Build code + run: | + make faucet.build + + - name: Copy files to server + uses: appleboy/scp-action@v0.1.7 + with: + host: ${{ secrets.SERVER_HOST }} + username: ${{ secrets.SERVER_USERNAME }} + key: ${{ secrets.SERVER_KEY }} + port: ${{ secrets.SERVER_PORT }} + source: "apps/faucet/build/*,node_modules/better-sqlite3,node_modules/bindings,node_modules/file-uri-to-path" + target: /home/deployer/faucet + strip_components: 1 + rm: true + + - name: Deploy faucet to server + uses: appleboy/ssh-action@v1.1.0 + with: + host: ${{ secrets.SERVER_HOST }} + username: ${{ secrets.SERVER_USERNAME }} + key: ${{ secrets.SERVER_KEY }} + port: ${{ secrets.SERVER_PORT }} + # We copy better-sqlite3, bindings, and file-uri-to-path separately because the bundled file does not include + # better-sqlite3 and its dependencies + script: | + chmod -R o+rX /home/deployer/faucet + mv /home/deployer/faucet /tmp + sudo -u faucet bash -c ' + rm -rf /home/faucet/build + rm -rf /home/faucet/node_modules + cp -r /tmp/faucet/faucet/build /home/faucet/build + + mkdir -p /home/faucet/node_modules + cp -r /tmp/faucet/better-sqlite3 /home/faucet/node_modules/better-sqlite3 + cp -r /tmp/faucet/bindings /home/faucet/node_modules/bindings + cp -r /tmp/faucet/file-uri-to-path /home/faucet/node_modules/file-uri-to-path + + cd /home/faucet + + rm -f .env + + cat > .env <<-EOF + export PRIVATE_KEY=${{ secrets.FAUCET_PRIVATE_KEY }} + export TXM_DB_PATH=${{ env.TXM_DB_PATH }} + export FAUCET_DB_PATH=${{ env.FAUCET_DB_PATH }} + export TURNSTILE_SECRET=${{ secrets.FAUCET_TURNSTILE_SECRET }} + export ${{vars.FAUCET_ENV}} + EOF + + dos2unix .env + + npm rebuild + + pm2 delete ${{ env.PM2_PROCESS_NAME }} + + source .env && node ./build/migrate.es.js + + source .env && pm2 start ./build/index.es.js \ + --name ${{ env.PM2_PROCESS_NAME }} + pm2 save + ' + rm -rf /tmp/faucet \ No newline at end of file diff --git a/Makefile b/Makefile index 7a28799b93..e9dc2d2475 100644 --- a/Makefile +++ b/Makefile @@ -369,6 +369,11 @@ randomness-monitor.build: setup.ts shared.build cd apps/randomness-monitor && make build .PHONY: randomness-monitor.build +faucet.build: setup.ts shared.build + cd packages/txm && make build + cd apps/faucet && make build +.PHONY: faucet.build + txm.build: setup.ts shared.build cd packages/txm && make build .PHONY: txm.build diff --git a/apps/faucet/.env.example b/apps/faucet/.env.example index 4babc9199b..2ea80f7ef1 100644 --- a/apps/faucet/.env.example +++ b/apps/faucet/.env.example @@ -16,5 +16,6 @@ FAUCET_DB_PATH=faucet.sqlite # Rate-limit window size (seconds) FAUCET_RATE_LIMIT_WINDOW_SECONDS=3600 + # Maximum faucet requests per user within the window FAUCET_RATE_LIMIT_MAX_REQUESTS=10 \ No newline at end of file