Merge pull request #2255 from SkynetLabs/renovate/skynetlabs-webportal-health-check-1.x

chore(deps): update skynetlabs/webportal-health-check docker tag to v1

README.md

@@ -8,23 +8,6 @@ supports is located at https://portal-docs.skynetlabs.com/.
 Some scripts and setup documentation contained in this repository
 (`skynet-webportal`) may be outdated and generally should not be used.
 
-## Web application
-
-Change current directory with `cd packages/website`.
-
-Use `yarn start` to start the development server.
-
-Use `yarn build` to compile the application to `/public` directory.
-
-You can use the below build parameters to customize your web application.
-
-- development example `GATSBY_API_URL=https://siasky.dev yarn start`
-- production example `GATSBY_API_URL=https://siasky.net yarn build`
-
-List of available parameters:
-
-- `GATSBY_API_URL`: override api url (defaults to location origin)
-
 ## License
 
 Skynet uses a custom [License](./LICENSE.md). The Skynet License is a source code license that allows you to use, modify
@@ -33,19 +16,3 @@ and distribute the software, but you must preserve the payment mechanism in the
 For the purposes of complying with our code license, you can use the following Siacoin address:
 
 `fb6c9320bc7e01fbb9cd8d8c3caaa371386928793c736837832e634aaaa484650a3177d6714a`
-
-## Running a Portal
-For those interested in running a Webportal, head over to our developer docs [here](https://portal-docs.skynetlabs.com/) to learn more.
-
-## Contributing
-
-### Testing Your Code
-
-Before pushing your code, you should verify that it will pass our online test suite.
-
-**Cypress Tests**
-Verify the Cypress test suite by doing the following:
-
-1. In one terminal screen run `GATSBY_API_URL=https://siasky.net website serve`
-1. In a second terminal screen run `yarn cypress run`
-

dc

@@ -5,56 +5,59 @@
 # would use docker-compose with the only difference being that you don't need to specify compose files. For more
 # information you can run `./dc` or `./dc help`.
 
-if [ -f .env ]; then
-  OLD_IFS=$IFS
-  IFS=$'\n'
-  for x in $(grep -v '^#.*' .env); do export $x; done
-  IFS=$OLD_IFS
+# get current working directory of this script and prefix all files with it to
+# be able to call this script from anywhere and not only root directory of
+# skynet-webportal project
+cwd="$(dirname -- "$0";)";
+
+# get portal modules configuration from .env file (if defined more than once, the last one is used)
+if [[ -f "${cwd}/.env" ]]; then
+  PORTAL_MODULES=$(grep -e "^PORTAL_MODULES=" ${cwd}/.env | tail -1 | sed "s/PORTAL_MODULES=//")
 fi
 
 # include base docker compose file
-COMPOSE_FILES="-f docker-compose.yml"
+COMPOSE_FILES="-f ${cwd}/docker-compose.yml"
 
 for i in $(seq 1 ${#PORTAL_MODULES}); do
   # accounts module - alias "a"
   if [[ ${PORTAL_MODULES:i-1:1} == "a" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.mongodb.yml -f docker-compose.accounts.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.mongodb.yml -f ${cwd}/docker-compose.accounts.yml"
   fi
 
   # blocker module - alias "b"
   if [[ ${PORTAL_MODULES:i-1:1} == "b" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.mongodb.yml -f docker-compose.blocker.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.mongodb.yml -f ${cwd}/docker-compose.blocker.yml"
   fi
 
   # jaeger module - alias "j"
   if [[ ${PORTAL_MODULES:i-1:1} == "j" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.jaeger.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.jaeger.yml"
   fi
 
   # malware-scanner module - alias "s"
   if [[ ${PORTAL_MODULES:i-1:1} == "s" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.blocker.yml -f docker-compose.mongodb.yml -f docker-compose.malware-scanner.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.blocker.yml -f ${cwd}/docker-compose.mongodb.yml -f ${cwd}/docker-compose.malware-scanner.yml"
   fi
 
   # mongodb module - alias "m"
   if [[ ${PORTAL_MODULES:i-1:1} == "m" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.mongodb.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.mongodb.yml"
   fi
 
   # abuse-scanner module - alias "u"
   if [[ ${PORTAL_MODULES:i-1:1} == "u" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.mongodb.yml -f docker-compose.blocker.yml -f docker-compose.abuse-scanner.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.mongodb.yml -f ${cwd}/docker-compose.blocker.yml -f ${cwd}/docker-compose.abuse-scanner.yml"
   fi
 
   # pinner module - alias "p"
   if [[ ${PORTAL_MODULES:i-1:1} == "p" ]]; then
-    COMPOSE_FILES+=" -f docker-compose.mongodb.yml -f docker-compose.pinner.yml"
+    COMPOSE_FILES+=" -f ${cwd}/docker-compose.mongodb.yml -f ${cwd}/docker-compose.pinner.yml"
   fi
 done
 
 # override file if exists
 if [[ -f docker-compose.override.yml ]]; then
-  COMPOSE_FILES+=" -f docker-compose.override.yml"
+  COMPOSE_FILES+=" -f ${cwd}/docker-compose.override.yml"
 fi
 
 docker-compose $COMPOSE_FILES $@

docker-compose.abuse-scanner.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -10,7 +10,7 @@ services:
   abuse-scanner:
     # uncomment "build" and comment out "image" to build from sources
     # build: https://github.com/SkynetLabs/abuse-scanner.git#main
-    image: skynetlabs/abuse-scanner:0.2.0
+    image: skynetlabs/abuse-scanner:0.4.0
     container_name: abuse-scanner
     restart: unless-stopped
     logging: *default-logging
@@ -36,3 +36,6 @@ services:
     depends_on:
       - mongo
       - blocker
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /tmp:/tmp

docker-compose.accounts.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -22,7 +22,7 @@ services:
   accounts:
     # uncomment "build" and comment out "image" to build from sources
     # build: https://github.com/SkynetLabs/skynet-accounts.git#main
-    image: skynetlabs/skynet-accounts:1.2.3
+    image: skynetlabs/skynet-accounts:1.3.0
     container_name: accounts
     restart: unless-stopped
     logging: *default-logging
@@ -59,7 +59,7 @@ services:
     # build:
     #   context: https://github.com/SkynetLabs/webportal-accounts-dashboard.git#main
     #   dockerfile: Dockerfile
-    image: skynetlabs/webportal-accounts-dashboard:2.0.0
+    image: skynetlabs/webportal-accounts-dashboard:2.1.1
     container_name: dashboard
     restart: unless-stopped
     logging: *default-logging

docker-compose.blocker.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file

docker-compose.jaeger.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -21,7 +21,7 @@ services:
       - JAEGER_REPORTER_LOG_SPANS=false
 
   jaeger-agent:
-    image: jaegertracing/jaeger-agent:1.36.0
+    image: jaegertracing/jaeger-agent:1.38.1
     command:
       [
         "--reporter.grpc.host-port=jaeger-collector:14250",
@@ -43,7 +43,7 @@ services:
       - jaeger-collector
 
   jaeger-collector:
-    image: jaegertracing/jaeger-collector:1.36.0
+    image: jaegertracing/jaeger-collector:1.38.1
     entrypoint: /wait_to_start.sh
     container_name: jaeger-collector
     restart: on-failure
@@ -68,7 +68,7 @@ services:
       - elasticsearch
 
   jaeger-query:
-    image: jaegertracing/jaeger-query:1.36.0
+    image: jaegertracing/jaeger-query:1.38.1
     entrypoint: /wait_to_start.sh
     container_name: jaeger-query
     restart: on-failure
@@ -93,7 +93,7 @@ services:
       - elasticsearch
 
   elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.17.5
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.17.6
     container_name: elasticsearch
     restart: on-failure
     logging: *default-logging

docker-compose.malware-scanner.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -17,10 +17,6 @@ services:
       - ./docker/clamav/clamd.conf:/etc/clamav/clamd.conf:ro
     expose:
       - 3310 # NEVER expose this outside of the local network!
-    deploy:
-      resources:
-        limits:
-          cpus: "${CLAMAV_CPU:-0.50}"
     networks:
       shared:
         ipv4_address: 10.10.10.100

docker-compose.mongodb.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -14,7 +14,7 @@ services:
       - MONGODB_PASSWORD=${SKYNET_DB_PASS}
 
   mongo:
-    image: mongo:4.4.15
+    image: mongo:4.4.17
     command: --keyFile=/data/mgkey --replSet=${SKYNET_DB_REPLICASET:-skynet} --setParameter ShardingTaskExecutorPoolMinSize=10
     container_name: mongo
     restart: unless-stopped

docker-compose.pinner.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -10,7 +10,7 @@ services:
   pinner:
     # uncomment "build" and comment out "image" to build from sources
     # build: https://github.com/SkynetLabs/pinner.git#main
-    image: skynetlabs/pinner:0.4.1
+    image: skynetlabs/pinner:0.7.8
     container_name: pinner
     restart: unless-stopped
     logging: *default-logging

docker-compose.yml

@@ -1,4 +1,4 @@
-version: "3.7"
+version: "3.8"
 
 x-logging: &default-logging
   driver: json-file
@@ -15,11 +15,13 @@ networks:
 
 services:
   sia:
-    build:
-      context: https://github.com/SkynetLabs/docker-skyd.git#main
-      dockerfile: scratch/Dockerfile
-      args:
-        branch: portal-latest
+    # uncomment "build" and comment out "image" to build from sources
+    # build:
+    #   context: https://github.com/SkynetLabs/docker-skyd.git#main
+    #   dockerfile: scratch/Dockerfile
+    #   args:
+    #     branch: master
+    image: skynetlabs/skyd:1.6.9
     command: --disable-api-security --api-addr :9980 --modules gctwra
     container_name: sia
     restart: unless-stopped
@@ -58,7 +60,7 @@ services:
     #
     # make sure that the file has 0400 permissions with:
     # chmod 0400 ./docker/data/certbot/cloudflare.ini
-    image: certbot/dns-route53:v1.29.0
+    image: certbot/dns-route53:v1.31.0
     entrypoint: sh /entrypoint.sh
     container_name: certbot
     restart: unless-stopped
@@ -76,7 +78,7 @@ services:
     # build:
     #   context: https://github.com/SkynetLabs/webportal-nginx.git#main
     #   dockerfile: Dockerfile
-    image: skynetlabs/webportal-nginx:0.4.0
+    image: skynetlabs/webportal-nginx:1.0.0
     container_name: nginx
     restart: unless-stopped
     logging: *default-logging
@@ -106,7 +108,7 @@ services:
     # build:
     #   context: https://github.com/SkynetLabs/webportal-website.git#main
     #   dockerfile: Dockerfile
-    image: skynetlabs/webportal-website:0.2.1
+    image: skynetlabs/webportal-website:0.2.3
     container_name: website
     restart: unless-stopped
     logging: *default-logging
@@ -122,18 +124,11 @@ services:
       - 9000
 
   handshake:
-    image: skynetlabs/hsd:3.0.1
-    command: --chain-migrate=2 --wallet-migrate=1
+    image: handshakeorg/hsd:4.0.2
+    command: --chain-migrate=3 --no-wallet --no-auth --compact-tree-on-init --network=main --http-host=0.0.0.0
     container_name: handshake
     restart: unless-stopped
     logging: *default-logging
-    environment:
-      - HSD_LOG_CONSOLE=false
-      - HSD_HTTP_HOST=0.0.0.0
-      - HSD_NETWORK=main
-      - HSD_PORT=12037
-    env_file:
-      - .env
     volumes:
       - ./docker/data/handshake/.hsd:/root/.hsd
     networks:
@@ -147,7 +142,7 @@ services:
     # build:
     #   context: https://github.com/SkynetLabs/webportal-handshake-api.git#main
     #   dockerfile: Dockerfile
-    image: skynetlabs/webportal-handshake-api:0.1.1
+    image: skynetlabs/webportal-handshake-api:0.1.3
     container_name: handshake-api
     restart: unless-stopped
     logging: *default-logging
@@ -171,7 +166,7 @@ services:
     # build:
     #   context: https://github.com/SkynetLabs/webportal-dnslink-api.git#main
     #   dockerfile: Dockerfile
-    image: skynetlabs/webportal-dnslink-api:0.1.1
+    image: skynetlabs/webportal-dnslink-api:0.2.1
     container_name: dnslink-api
     restart: unless-stopped
     logging: *default-logging
@@ -186,7 +181,7 @@ services:
     # build:
     #   context: https://github.com/SkynetLabs/webportal-health-check.git#main
     #   dockerfile: Dockerfile
-    image: skynetlabs/webportal-health-check:0.3.0
+    image: skynetlabs/webportal-health-check:1.0.0
     container_name: health-check
     restart: unless-stopped
     logging: *default-logging

scripts/backup-aws-s3.sh

@@ -50,6 +50,7 @@ aws s3 sync --no-progress /home/user/skynet-webportal/docker/data/nginx/logs s3:
 # generate and sync skylinks dump
 SKYLINKS_PATH=logs/skylinks/$(date +"%Y-%m-%d").log
 mkdir -p /home/user/skynet-webportal/logs/skylinks # ensure path exists
+find /home/user/skynet-webportal/logs/skylinks -type f -mtime +7 -delete # delete skylink dumps older than 7 days
 docker exec sia siac skynet ls --recursive --alert-suppress > /home/user/skynet-webportal/${SKYLINKS_PATH}
 aws s3 cp --no-progress /home/user/skynet-webportal/${SKYLINKS_PATH} s3://${BUCKET_NAME}/${SERVER_PREFIX}/${SKYLINKS_PATH}
 

scripts/blocklist-skylink.sh

@@ -3,8 +3,6 @@
 # This script is for manual skylink blocking. It accepts either a single 
 # skylink or a file containing list of skylinks. The script is intented
 # for manual use and it should be run locally on each skynet webportal server. 
-# The automatic script that is used to continuously sync an Airtable sheet 
-# list with the blocklist on the web portals is /setup-scripts/blocklist-airtable.py 
 
 set -e # exit on first error
 

scripts/es_cleaner.py

@@ -1,164 +0,0 @@
-#!/usr/bin/env python3
-
-import curator
-import elasticsearch
-import os
-import ssl
-import sys
-
-TIMEOUT = 120
-
-
-def main():
-    if len(sys.argv) != 3:
-        print(
-            'USAGE: [INDEX_PREFIX=(default "")] [ARCHIVE=(default false)] ... {} NUM_OF_DAYS http://HOSTNAME[:PORT]'.format(
-                sys.argv[0]
-            )
-        )
-        print(
-            "NUM_OF_DAYS ... delete indices that are older than the given number of days."
-        )
-        print(
-            "HOSTNAME ... specifies which Elasticsearch hosts URL to search and delete indices from."
-        )
-        print(
-            "TIMEOUT ...  number of seconds to wait for master node response, default: {}".format(
-                TIMEOUT
-            )
-        )
-        print("INDEX_PREFIX ... specifies index prefix.")
-        print("INDEX_DATE_SEPARATOR ... specifies index date separator.")
-        print(
-            "ARCHIVE ... specifies whether to remove archive indices (only works for rollover) (default false)."
-        )
-        print(
-            "ROLLOVER ... specifies whether to remove indices created by rollover (default false)."
-        )
-        print("ES_USERNAME ... The username required by Elasticsearch.")
-        print("ES_PASSWORD ... The password required by Elasticsearch.")
-        print("ES_TLS ... enable TLS (default false).")
-        print("ES_TLS_CA ... Path to TLS CA file.")
-        print("ES_TLS_CERT ... Path to TLS certificate file.")
-        print("ES_TLS_KEY ... Path to TLS key file.")
-        print(
-            "ES_TLS_SKIP_HOST_VERIFY ... (insecure) Skip server's certificate chain and host name verification."
-        )
-        sys.exit(1)
-
-    client = create_client(
-        os.getenv("ES_USERNAME"),
-        os.getenv("ES_PASSWORD"),
-        str2bool(os.getenv("ES_TLS", "false")),
-        os.getenv("ES_TLS_CA"),
-        os.getenv("ES_TLS_CERT"),
-        os.getenv("ES_TLS_KEY"),
-        str2bool(os.getenv("ES_TLS_SKIP_HOST_VERIFY", "false")),
-    )
-    ilo = curator.IndexList(client)
-    empty_list(ilo, "Elasticsearch has no indices")
-
-    prefix = os.getenv("INDEX_PREFIX", "")
-    if prefix != "":
-        prefix += "-"
-    separator = os.getenv("INDEX_DATE_SEPARATOR", "-")
-
-    if str2bool(os.getenv("ARCHIVE", "false")):
-        filter_archive_indices_rollover(ilo, prefix)
-    else:
-        if str2bool(os.getenv("ROLLOVER", "false")):
-            filter_main_indices_rollover(ilo, prefix)
-        else:
-            filter_main_indices(ilo, prefix, separator)
-
-    empty_list(ilo, "No indices to delete")
-
-    for index in ilo.working_list():
-        print("Removing", index)
-    timeout = int(os.getenv("TIMEOUT", TIMEOUT))
-    delete_indices = curator.DeleteIndices(ilo, master_timeout=timeout)
-    delete_indices.do_action()
-
-
-def filter_main_indices(ilo, prefix, separator):
-    date_regex = "\d{4}" + separator + "\d{2}" + separator + "\d{2}"
-    time_string = "%Y" + separator + "%m" + separator + "%d"
-
-    ilo.filter_by_regex(
-        kind="regex", value=prefix + "jaeger-(span|service|dependencies)-" + date_regex
-    )
-    empty_list(ilo, "No indices to delete")
-    # This excludes archive index as we use source='name'
-    # source `creation_date` would include archive index
-    ilo.filter_by_age(
-        source="name",
-        direction="older",
-        timestring=time_string,
-        unit="days",
-        unit_count=int(sys.argv[1]),
-    )
-
-
-def filter_main_indices_rollover(ilo, prefix):
-    ilo.filter_by_regex(kind="regex", value=prefix + "jaeger-(span|service)-\d{6}")
-    empty_list(ilo, "No indices to delete")
-    # do not remove active write indices
-    ilo.filter_by_alias(aliases=[prefix + "jaeger-span-write"], exclude=True)
-    empty_list(ilo, "No indices to delete")
-    ilo.filter_by_alias(aliases=[prefix + "jaeger-service-write"], exclude=True)
-    empty_list(ilo, "No indices to delete")
-    ilo.filter_by_age(
-        source="creation_date",
-        direction="older",
-        unit="days",
-        unit_count=int(sys.argv[1]),
-    )
-
-
-def filter_archive_indices_rollover(ilo, prefix):
-    # Remove only rollover archive indices
-    # Do not remove active write archive index
-    ilo.filter_by_regex(kind="regex", value=prefix + "jaeger-span-archive-\d{6}")
-    empty_list(ilo, "No indices to delete")
-    ilo.filter_by_alias(aliases=[prefix + "jaeger-span-archive-write"], exclude=True)
-    empty_list(ilo, "No indices to delete")
-    ilo.filter_by_age(
-        source="creation_date",
-        direction="older",
-        unit="days",
-        unit_count=int(sys.argv[1]),
-    )
-
-
-def empty_list(ilo, error_msg):
-    try:
-        ilo.empty_list_check()
-    except curator.NoIndices:
-        print(error_msg)
-        sys.exit(0)
-
-
-def str2bool(v):
-    return v.lower() in ("true", "1")
-
-
-def create_client(username, password, tls, ca, cert, key, skipHostVerify):
-    context = ssl.create_default_context()
-    if ca is not None:
-        context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=ca)
-    elif skipHostVerify:
-        context.check_hostname = False
-        context.verify_mode = ssl.CERT_NONE
-    if username is not None and password is not None:
-        return elasticsearch.Elasticsearch(
-            sys.argv[2:], http_auth=(username, password), ssl_context=context
-        )
-    elif tls:
-        context.load_cert_chain(certfile=cert, keyfile=key)
-        return elasticsearch.Elasticsearch(sys.argv[2:], ssl_context=context)
-    else:
-        return elasticsearch.Elasticsearch(sys.argv[2:], ssl_context=context)
-
-
-if __name__ == "__main__":
-    main()

scripts/maintenance-upgrade.sh

@@ -1,16 +0,0 @@
-#! /usr/bin/env bash
-
-###############################################################
-# this script is an automation for restarting docker containers 
-# on maintenance nodes strictly built for purpose of siasky.net
-###############################################################
-
-set -e # exit on first error
-
-docker build --no-cache --quiet --build-arg branch=master -t sia-master /home/user/sia-dockerfile
-
-for container in `docker container ls --format '{{.Names}}'`; do 
-    docker stop $container
-    docker rm $container
-    docker run -d -v /home/user/nodes/$container/sia-data:/sia-data --env-file /home/user/nodes/$container/.env --name $container --log-opt max-size=100m --log-opt max-file=3 sia-master
-done

scripts/portal-restart.sh

@@ -1,18 +0,0 @@
-#!/bin/bash
-
-set -e # exit on first error
-
-# get current working directory (pwd doesn't cut it)
-cwd=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
-
-# put the server down for maintenance
-. ${cwd}/portal-down.sh
-
-# stop the docker services
-docker-compose down
-
-# start the docker services
-docker-compose up -d
-
-# enable the server again
-. ${cwd}/portal-up.sh

scripts/portal-upgrade.sh

@@ -1,26 +0,0 @@
-#!/bin/bash
-
-set -e # exit on first error
-
-# get current working directory (pwd doesn't cut it)
-cwd=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
-
-# put the server down for maintenance
-. ${cwd}/portal-down.sh
-
-# build all container without cache
-docker-compose build --no-cache --parallel --pull --quiet
-
-# stop the docker services
-docker-compose down -v
-
-# clear unused docker containers so we don't run into out of disk space
-# it should be done after the container have been stopped and before 
-# building them again
-docker system prune --force
-
-# start the docker services
-docker-compose up -d
-
-# enable the server again
-. ${cwd}/portal-up.sh

setup-scripts/README.md

@@ -1,155 +0,0 @@
-# Skynet Portal Setup Scripts
-
-> :warning: This documentation is outdated and should be used for reference
-only. Portal setup documentation is located at
-https://portal-docs.skynetlabs.com/.
-
-This directory contains a setup guide and scripts that will install and
-configure some basic requirements for running a Skynet Portal. The assumption is
-that we are working with a Debian Buster Minimal system or similar.
-
-## Latest Setup Documentation
-
-Latest Skynet Webportal setup documentation and the setup process Skynet Labs
-supports is located at https://docs.siasky.net/webportal-management/overview.
-
-Some of the scripts and setup documentation contained in this repository
-(`skynet-webportal`) can be outdated and generally should not be used.
-
-## Initial Setup
-
-You may want to fork this repository and replace ssh keys in
-`setup-scripts/support/authorized_keys` and optionally edit the `setup-scripts/support/tmux.conf` and `setup-scripts/support/bashrc` configurations to fit your needs.
-
-### Step 0: stack overview
-
-- dockerized services inside `docker-compose.yml`
-  - [sia](https://sia.tech) ([docker hub](https://hub.docker.com/r/nebulouslabs/sia)): storage provider, heart of the portal setup
-  - [caddy](https://caddyserver.com) ([docker hub](https://hub.docker.com/r/caddy/caddy)): reverse proxy (similar to nginx) that handles ssl out of a box and acts as a transparent entry point
-  - [openresty](https://openresty.org) ([docker hub](https://hub.docker.com/r/openresty/openresty)): nginx custom build, acts as a cached proxy to siad and exposes all api endpoints
-  - [health-check](https://github.com/SkynetLabs/skynet-webportal/tree/master/packages/health-check): simple service that runs periodically and collects health data about the server (status and response times) - [read more](https://github.com/SkynetLabs/skynet-webportal/blob/master/packages/health-check/README.md)
-  - [handshake](https://handshake.org) ([github](https://github.com/handshake-org/hsd)): full handshake node
-  - [handshake-api](https://github.com/SkynetLabs/skynet-webportal/tree/master/packages/handshake-api): simple API talking to the handshake node - [read more](https://github.com/SkynetLabs/skynet-webportal/blob/master/packages/handshake-api/README.md)
-  - [website](https://github.com/SkynetLabs/skynet-webportal/tree/master/packages/website): portal frontend application - [read more](https://github.com/SkynetLabs/skynet-webportal/blob/master/packages/website/README.md)
-- discord integration
-  - [funds-checker](funds-checker.py): script that checks wallet balance and sends status messages to discord periodically
-  - [health-checker](health-checker.py): script that monitors health-check service for server health issues and reports them to discord periodically
-  - [log-checker](log-checker.py): script that scans siad logs for critical errors and reports them to discord periodically
-- [blocklist-skylink](../scripts/blocklist-skylink.sh): script that can be run locally from a machine that has access to all your skynet portal servers that blocklists provided skylink and prunes nginx cache to ensure it's not available any more (that is a bit much but that's the best we can do right now without paid nginx version) - if you want to use it, make sure to adjust the server addresses
-
-### Step 1: setting up server user
-
-1. SSH in a freshly installed Debian machine on a user with sudo access (can be root)
-1. `apt-get update && apt-get install sudo libnss3-tools -y` to make sure `sudo` is available
-1. `adduser user` to create user called `user` (creates `/home/user` directory)
-1. `usermod -aG sudo user` to add this new user to sudo group
-1. `sudo groupadd docker` to create a group for docker (it might already exist)
-1. `sudo usermod -aG docker user` to add your user to that group
-1. Quit the ssh session with `exit` command
-
-You can now ssh into your machine as the user `user`.
-
-### Step 2: setting up environment
-
-1. On your local machine: `ssh-copy-id user@ip-addr` to copy over your ssh key to server
-1. On your local machine: `ssh user@ip-addr` to log in to server as user `user`
-1. You are now logged in as `user`
-
-**Following step will be executed on remote host logged in as a `user`:**
-
-1. `sudo apt-get install git -y` to install git
-1. `git clone https://github.com/SkynetLabs/skynet-webportal`
-1. `cd skynet-webportal`
-1. run setup scripts in the exact order and provide sudo password when asked (if one of them fails, you can retry just this one before proceeding further)
-   1. `/home/user/skynet-webportal/setup-scripts/setup-server.sh`
-   1. `/home/user/skynet-webportal/setup-scripts/setup-docker-services.sh`
-   1. `/home/user/skynet-webportal/setup-scripts/setup-health-check-scripts.sh` (optional)
-
-### Step 3: configuring siad
-
-At this point we have almost everything running, we just need to set up your wallet and allowance:
-
-1. Create a new wallet (remember to save the seed)
-   > `docker exec -it sia siac wallet init`
-1. Unlock the wallet (use the seed as password)
-   > `docker exec -it sia siac wallet unlock`
-1. Generate a new wallet address (save it for later to transfer the funds)
-   > `docker exec -it sia siac wallet address`
-1. Set up allowance
-   > `docker exec -it sia siac renter setallowance`
-   1. 10 KS (keep 25 KS in your wallet)
-   1. default period
-   1. default number of hosts
-   1. 4 week renewal time
-   1. 500 GB expected storage
-   1. 500 GB expected upload
-   1. 5 TB expected download
-   1. default redundancy
-1. Set a maximum storage price
-   > `docker exec -it sia siac renter setallowance --max-storage-price 100SC`
-1. Instruct siad to start making 10 contracts per block with many hosts to potentially view the whole network's files
-   > `docker exec -it sia siac renter setallowance --payment-contract-initial-funding 10SC`
-
-### Step 4: configuring docker services
-
-1. edit `/home/user/skynet-webportal/.env` and configure following environment variables
-
-   - `PORTAL_DOMAIN` (required) is a skynet portal domain (ex. siasky.net)
-   - `SERVER_DOMAIN` (optional) is an optional direct server domain (ex. eu-ger-1.siasky.net) - leave blank unless it is different than PORTAL_DOMAIN
-   - `EMAIL_ADDRESS` is your email address used for communication regarding SSL certification (required if you're using http-01 challenge)
-   - `SIA_WALLET_PASSWORD` is your wallet password (or seed if you did not set a password)
-   - `HSD_API_KEY` this is a random security key for a handshake integration that gets generated automatically
-   - `CLOUDFLARE_AUTH_TOKEN` (optional) if using cloudflare as dns loadbalancer (need to change it in Caddyfile too)
-   - `AWS_ACCESS_KEY_ID` (optional) if using route53 as a dns loadbalancer
-   - `AWS_SECRET_ACCESS_KEY` (optional) if using route53 as a dns loadbalancer
-   - `DISCORD_WEBHOOK_URL` (required if using Discord notifications) discord webhook url (generate from discord app)
-   - `DISCORD_MENTION_USER_ID` (optional) add `/cc @user` mention to important messages from webhook (has to be id not user name)
-   - `DISCORD_MENTION_ROLE_ID` (optional) add `/cc @role` mention to important messages from webhook (has to be id not role name)
-   - `SKYNET_DB_USER` (optional) if using `accounts` this is the MongoDB username
-   - `SKYNET_DB_PASS` (optional) if using `accounts` this is the MongoDB password
-   - `SKYNET_DB_HOST` (optional) if using `accounts` this is the MongoDB address or container name
-   - `SKYNET_DB_PORT` (optional) if using `accounts` this is the MongoDB port
-   - `COOKIE_DOMAIN` (optional) if using `accounts` this is the domain to which your cookies will be issued
-   - `COOKIE_HASH_KEY` (optional) if using `accounts` hashing secret, at least 32 bytes
-   - `COOKIE_ENC_KEY` (optional) if using `accounts` encryption key, at least 32 bytes
-   - `S3_BACKUP_PATH` (optional) is using `accounts` and backing up the databases to S3. This path should be an S3 bucket
-     with path to the location in the bucket where we want to store the daily backups.
-
-1. `docker-compose up -d` to restart the services so they pick up new env variables
-
-## Subdomains
-
-It might prove useful for certain skapps to be accessible through a custom subdomain. So instead of being accessed through `https://portal.com/[skylink]`, it would be accessible through `https://[skylink_base32].portal.com`. We call this "subdomain access" and it is made possible by encoding Skylinks using a base32 encoding. We have to use a base32 encoding scheme because subdomains have to be all lower case and the base64 encoded Skylink is case sensitive and thus might contain uppercase characters.
-
-You can convert Skylinks using this [converter skapp](https://convert-skylink.hns.siasky.net). To see how the encoding and decoding works, please follow the link to the repo in the application itself.
-
-There is also an option to access handshake domain through the subdomain using `https://[domain_name].hns.portal.com`.
-
-To configure this on your portal, you have to make sure to configure the following:
-
-## Useful Commands
-
-- Starting the whole stack
-  > `docker-compose up -d`
-- Stopping the whole stack
-  > `docker-compose down`
-- Accessing siac
-  > `docker exec -it sia siac`
-- Portal maintenance
-  - Pulling portal out for maintenance
-    > `scripts/portal-down.sh`
-  - Putting portal back into place after maintenance
-    > `scripts/portal-up.sh`
-  - Upgrading portal containers (takes care of pulling it and putting it back)
-    > `scripts/portal-upgrade.sh`
-- Restarting caddy gracefully after making changes to Caddyfile (no downtime)
-  > `docker exec caddy caddy reload --config /etc/caddy/Caddyfile`
-- Restarting nginx gracefully after making changes to nginx configs (no downtime)
-  > `docker exec nginx openresty -s reload`
-- Checking siad service logs (since last hour)
-  > `docker logs --since 1h $(docker ps -q --filter "name=^sia$")`
-- Checking caddy logs (for example in case ssl certificate fails)
-  > `docker logs caddy -f`
-- Checking nginx logs (nginx handles all communication to siad instances)
-  > `tail -n 50 docker/data/nginx/logs/access.log` to follow last 50 lines of access log
-  > `tail -n 50 docker/data/nginx/logs/error.log` to follow last 50 lines of error log

setup-scripts/blocklist-airtable.py

@@ -1,161 +0,0 @@
-#!/usr/bin/env python3
-
-from bot_utils import get_api_password, setup, send_msg
-from random import randint
-from time import sleep
-
-import traceback
-import os
-import sys
-import asyncio
-import requests
-import json
-
-from requests.auth import HTTPBasicAuth
-
-setup()
-
-
-AIRTABLE_API_KEY = os.getenv("AIRTABLE_API_KEY")
-AIRTABLE_BASE = os.getenv("AIRTABLE_BASE")
-AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE")
-AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD")
-
-# Check environment variables are defined
-for value in [AIRTABLE_API_KEY, AIRTABLE_BASE, AIRTABLE_TABLE, AIRTABLE_FIELD]:
-    if not value:
-        sys.exit("Configuration error: Missing AirTable environment variable.")
-
-
-async def run_checks():
-    try:
-        await block_skylinks_from_airtable()
-    except:  # catch all exceptions
-        trace = traceback.format_exc()
-        await send_msg("```\n{}\n```".format(trace), force_notify=True)
-
-
-def exec(command):
-    return os.popen(command).read().strip()
-
-
-async def block_skylinks_from_airtable():
-    # Get sia IP before doing anything else. If this step fails we don't
-    # need to continue with the execution of the script.
-    ipaddress = exec(
-        "docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' sia"
-    )
-
-    if ipaddress == "":
-        print("Skyd IP could not be detected. Exiting.")
-        return
-
-    print("Pulling blocked skylinks from Airtable via api integration")
-    headers = {"Authorization": "Bearer " + AIRTABLE_API_KEY}
-    skylinks = []
-    offset = None
-    retry = 0
-    while len(skylinks) == 0 or offset:
-        print(
-            "Requesting a batch of records from Airtable with "
-            + (offset if offset else "empty")
-            + " offset"
-            + (" (retry " + str(retry) + ")" if retry else "")
-        )
-        query = "&".join(
-            ["fields%5B%5D=" + AIRTABLE_FIELD, ("offset=" + offset) if offset else ""]
-        )
-        response = requests.get(
-            "https://api.airtable.com/v0/"
-            + AIRTABLE_BASE
-            + "/"
-            + AIRTABLE_TABLE
-            + "?"
-            + query,
-            headers=headers,
-        )
-
-        # rate limited - sleep for 2-10 secs and retry (up to 100 times, ~10 minutes)
-        # https://support.airtable.com/hc/en-us/articles/203313985-Public-REST-API
-        # > 5 requests per second, per base
-        if response.status_code == 429:
-            if retry < 100:
-                retry = retry + 1
-                sleep(randint(1, 10))
-                continue
-            else:
-                return await send_msg(
-                    "Airtable: too many retries, aborting!", force_notify=True
-                )
-        retry = 0  # reset retry counter
-
-        if response.status_code != 200:
-            status_code = str(response.status_code)
-            response_text = response.text or "empty response"
-            message = (
-                "Airtable blocklist integration responded with code "
-                + status_code
-                + ": "
-                + response_text
-            )
-            return await send_msg(message, force_notify=False)
-
-        data = response.json()
-
-        if len(data["records"]) == 0:
-            return print(
-                "Airtable returned 0 records - make sure your configuration is correct"
-            )
-
-        skylinks = skylinks + [
-            entry["fields"].get(AIRTABLE_FIELD, "") for entry in data["records"]
-        ]
-        skylinks = [
-            skylink.strip() for skylink in skylinks if skylink
-        ]  # filter empty skylinks, most likely empty rows, trim whitespace
-
-        offset = data.get("offset")
-
-    print(
-        "Sending /skynet/blocklist request with "
-        + str(len(skylinks))
-        + " skylinks to siad"
-    )
-    response = requests.post(
-        "http://" + ipaddress + ":9980/skynet/blocklist",
-        data=json.dumps({"add": skylinks}),
-        headers={"User-Agent": "Sia-Agent"},
-        auth=HTTPBasicAuth("", get_api_password()),
-    )
-
-    if response.status_code != 200:
-        status_code = str(response.status_code)
-        response_text = response.text or "empty response"
-        message = (
-            "Airtable blocklist request responded with code "
-            + status_code
-            + ": "
-            + response_text
-        )
-        return await send_msg(message, force_notify=False)
-
-    response_json = json.loads(response.text)
-    invalid_skylinks = response_json["invalids"]
-
-    if invalid_skylinks is None:
-        return await send_msg("Blocklist successfully updated all skylinks")
-    return await send_msg(
-        "Blocklist responded ok but failed to update "
-        + str(len(invalid_skylinks))
-        + " skylinks: "
-        + json.dumps(invalid_skylinks)
-    )
-
-
-loop = asyncio.get_event_loop()
-loop.run_until_complete(run_checks())
-
-# --- BASH EQUIVALENT
-# skylinks=$(curl "https://api.airtable.com/v0/${AIRTABLE_BASE}/${AIRTABLE_TABLE}?fields%5B%5D=${AIRTABLE_FIELD}" -H "Authorization: Bearer ${AIRTABLE_KEY}" | python3 -c "import sys, json; print('[\"' + '\",\"'.join([entry['fields']['Link'] for entry in json.load(sys.stdin)['records']]) + '\"]')")
-# ipaddress=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' sia)
-# curl --data "{\"add\" : ${skylinks}}" "${ipaddress}:8000/skynet/blocklist"

setup-scripts/health-checker.py

@@ -232,8 +232,7 @@ async def check_health():
         message += "{}/{} CRITICAL checks failed over the last {} hours! ".format(
             critical_checks_failed, critical_checks_total, CHECK_HOURS
         )
-        # Disabling as it creates notification fatigue.
-        # force_notify = True
+        force_notify = True
     else:
         message += "All {} critical checks passed. ".format(critical_checks_total)
 
@@ -241,8 +240,7 @@ async def check_health():
         message += "{}/{} extended checks failed over the last {} hours! ".format(
             extended_checks_failed, extended_checks_total, CHECK_HOURS
         )
-        # Disabling as it creates notification fatigue.
-        # force_notify = True
+        force_notify = True
     else:
         message += "All {} extended checks passed. ".format(extended_checks_total)
 

setup-scripts/logrotate.d/skynet-webportal-nginx

@@ -0,0 +1,16 @@
+/home/user/skynet-webportal/docker/data/nginx/logs/*.log {
+    daily
+    rotate 3650
+    minsize 500M
+    create 644 root root
+    notifempty
+    dateext
+    missingok
+    compress
+    compressoptions --best
+    delaycompress
+    sharedscripts
+    postrotate
+        docker exec nginx nginx -s reopen
+    endscript
+}

setup-scripts/logrotate.d/skynet-webportal-pinner

@@ -0,0 +1,11 @@
+/home/user/skynet-webportal/docker/data/pinner/*.log {
+    daily
+    rotate 10
+    minsize 100M
+    copytruncate
+    notifempty
+    dateext
+    missingok
+    compress
+    compressoptions --best
+}

setup-scripts/logrotate.d/skynet-webportal-skyd

@@ -0,0 +1,12 @@
+/home/user/skynet-webportal/docker/data/sia/*.log 
+/home/user/skynet-webportal/docker/data/sia/*/*.log {
+    daily
+    rotate 10
+    minsize 100M
+    copytruncate
+    notifempty
+    dateext
+    missingok
+    compress
+    compressoptions --best
+}

setup-scripts/setup-docker-services.sh

@@ -1,48 +0,0 @@
-#! /usr/bin/env bash
-
-set -e # exit on first error
-
-# Install docker (cleans up old docker installation)
-# sudo apt-get remove -y docker docker-engine docker.io containerd runc # fails if it is the first installation
-sudo apt-get update
-sudo apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
-curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
-sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
-sudo apt-get update
-sudo apt-get install -y docker-ce docker-ce-cli containerd.io
-docker --version # sanity check
-
-# add user to docker group to avoid having to use sudo for every docker command
-sudo usermod -aG docker user
-
-# Install docker-compose
-sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
-sudo chmod +x /usr/local/bin/docker-compose
-docker-compose --version # sanity check
-
-# Create dummy .env file for docker-compose usage with variables
-# * PORTAL_DOMAIN - (required) is a skynet portal domain (ex. siasky.net)
-# * SERVER_DOMAIN - (optional) is an optional direct server domain (ex. eu-ger-1.siasky.net) - leave blank unless it is different than PORTAL_DOMAIN
-# * EMAIL_ADDRESS - this is the administrator contact email you need to supply for communication regarding SSL certification
-# * HSD_API_KEY - this is auto generated secure key for your handshake service integration
-# * CLOUDFLARE_AUTH_TOKEN - (optional) if using cloudflare as dns loadbalancer (need to change it in Caddyfile too)
-# * AWS_ACCESS_KEY_ID - (optional) if using route53 as a dns loadbalancer
-# * AWS_SECRET_ACCESS_KEY - (optional) if using route53 as a dns loadbalancer
-# * API_PORT - (optional) the port on which siad is listening, defaults to 9980
-# * DISCORD_WEBHOOK_URL - (required if using Discord notifications) discord webhook url (generate from discord app)
-# * DISCORD_MENTION_USER_ID - (optional) add `/cc @user` mention to important messages from webhook (has to be id not user name)
-# * DISCORD_MENTION_ROLE_ID - (optional) add `/cc @role` mention to important messages from webhook (has to be id not role name)
-# * SKYNET_DB_USER - (optional) if using `accounts` this is the MongoDB username
-# * SKYNET_DB_PASS - (optional) if using `accounts` this is the MongoDB password
-# * SKYNET_DB_HOST - (optional) if using `accounts` this is the MongoDB address or container name
-# * SKYNET_DB_PORT - (optional) if using `accounts` this is the MongoDB port
-# * COOKIE_DOMAIN - (optional) if using `accounts` this is the domain to which your cookies will be issued
-# * COOKIE_HASH_KEY - (optional) if using `accounts` hashing secret, at least 32 bytes
-# * COOKIE_ENC_KEY - (optional) if using `accounts` encryption key, at least 32 bytes
-if ! [ -f /home/user/skynet-webportal/.env ]; then
-    HSD_API_KEY=$(openssl rand -base64 32) # generate safe random key for handshake
-    printf "PORTAL_DOMAIN=siasky.net\nSERVER_DOMAIN=\nEMAIL_ADDRESS=email@example.com\nSIA_WALLET_PASSWORD=\nHSD_API_KEY=${HSD_API_KEY}\nCLOUDFLARE_AUTH_TOKEN=\nAWS_ACCESS_KEY_ID=\nAWS_SECRET_ACCESS_KEY=\nDISCORD_WEBHOOK_URL=\nDISCORD_MENTION_USER_ID=\nDISCORD_MENTION_ROLE_ID=\n" > /home/user/skynet-webportal/.env
-fi
-
-# Start docker container with nginx and client
-docker-compose -f docker-compose.yml up --build -d

setup-scripts/setup-health-check-scripts.sh

@@ -1,11 +0,0 @@
-#! /usr/bin/env bash
-
-set -e # exit on first error
-
-sudo apt-get update
-sudo apt-get -y install python3-pip
-
-pip3 install discord-webhook python-dotenv requests elasticsearch-curator
-
-# add cron entries to user crontab
-crontab -u user /home/user/skynet-webportal/setup-scripts/support/crontab

setup-scripts/setup-server.sh

@@ -1,48 +0,0 @@
-#! /usr/bin/env bash
-
-set -e # exit on first error
-
-# Copy over basic configuration files
-cp /home/user/skynet-webportal/setup-scripts/support/tmux.conf /home/user/.tmux.conf
-cp /home/user/skynet-webportal/setup-scripts/support/bashrc /home/user/.bashrc
-source /home/user/.bashrc
-
-# Add SSH keys and set SSH configs
-sudo cp /home/user/skynet-webportal/setup-scripts/support/ssh_config /etc/ssh/ssh_config
-mkdir -p /home/user/.ssh
-# cat /home/user/skynet-webportal/setup-scripts/support/authorized_keys >> /home/user/.ssh/authorized_keys
-
-# Install apt packages
-sudo apt-get update
-sudo apt-get -y install ufw tmux ranger htop nload gcc g++ make git vim unzip curl awscli
-
-# Setup GIT credentials (so commands like git stash would work)
-git config --global user.email "devs@nebulous.tech"
-git config --global user.name "Sia Dev"
-
-# Setup firewall
-sudo ufw --force enable # --force to make it non-interactive
-sudo ufw logging low # enable logging for debugging purpose: tail -f /var/log/ufw.log
-sudo ufw allow ssh # allow ssh connection to server
-sudo ufw allow 80,443/tcp # allow http and https ports
-
-# Block outgoing traffic to local networks
-# https://community.hetzner.com/tutorials/block-outgoing-traffic-to-private-networks
-sudo ufw deny out from any to 10.0.0.0/8
-sudo ufw deny out from any to 172.16.0.0/12
-sudo ufw deny out from any to 192.168.0.0/16
-sudo ufw deny out from any to 100.64.0.0/10
-sudo ufw deny out from any to 198.18.0.0/15
-sudo ufw deny out from any to 169.254.0.0/16
-
-# OPTIONAL: terminfo for alacritty terminal via ssh
-# If you don't use the alacritty terminal you can remove this step.
-wget -c https://raw.githubusercontent.com/alacritty/alacritty/master/extra/alacritty.info
-sudo tic -xe alacritty,alacritty-direct alacritty.info
-rm alacritty.info
-
-# Set up file limits - siad uses a lot so we need to adjust so it doesn't choke up
-sudo cp /home/user/skynet-webportal/setup-scripts/support/limits.conf /etc/security/limits.conf
-
-# Set UTC timezone so all of the servers report the same time
-sudo timedatectl set-timezone UTC

setup-scripts/support/authorized_keys

@@ -6,7 +6,5 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG67M3zC4eDJEjma0iKKksGclteKbB86ONQtBaWY93M6
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF+XC8f0dumhzDE93i9IIMsMp7/MJPwGH+Uc9JFKOvyw karol@siasky.net
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPM43lzbKjFLChe5rKETxDpWpNlqXCGTBPiWlDN2vlLD pj@siasky.net
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6Kcx8yetova4/ALUQHigo/PBMJO33ZTKOsg2jxSO2a user@deploy.siasky.dev
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcenWnMQ6q/OEC4ZmQgjLDV2obWlR3fENV0zRGFvJF+ marcins@siasky.net
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB7prtVOTwtcSN9HkXum107RwcW5H8Vggx6Qv7T57ItT daniel@siasky.net
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH+4IrfEM9H16jqvPZncHkWWoHO4/BVq7d4pEyzK4e0W michal.leszczyk@skynetlabs.com
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHptEpqs57lhnHkfa+0SQgXQ4A63/YGV2cNTcGMQW+Jt david@skynetlabs.com

setup-scripts/support/crontab

@@ -1,7 +1,6 @@
 0 0,8,16 * * * /home/user/skynet-webportal/setup-scripts/funds-checker.py /home/user/skynet-webportal/.env
 0 0,8,16 * * * /home/user/skynet-webportal/setup-scripts/log-checker.py /home/user/skynet-webportal/.env sia 8
 0 * * * * /home/user/skynet-webportal/setup-scripts/health-checker.py /home/user/skynet-webportal/.env sia 1
-30 */4 * * * /home/user/skynet-webportal/setup-scripts/blocklist-airtable.py /home/user/skynet-webportal/.env
 44 5 * * * /home/user/skynet-webportal/scripts/backup-aws-s3.sh 1>>/home/user/skynet-webportal/logs/backup-aws-s3.log 2>>/home/user/skynet-webportal/logs/backup-aws-s3.log
 6 13 * * * /home/user/skynet-webportal/scripts/db_backup.sh 1>>/home/user/skynet-webportal/logs/db_backup.log 2>>/home/user/skynet-webportal/logs/db_backup.log
-0 5 * * * /home/user/skynet-webportal/scripts/es_cleaner.py 1 http://localhost:9200
+0 5 * * * /usr/bin/docker run --rm --net=host -e ROLLOVER=true jaegertracing/jaeger-es-index-cleaner:latest 1 http://localhost:9200