├── .gitignore ├── stellar-horizon ├── OWNERS ├── requirements.yaml ├── requirements.lock ├── templates │ ├── serviceaccount.yaml │ ├── secret.yaml │ ├── tls-secrets.yaml │ ├── service.yaml │ ├── ingress.yaml │ ├── job-migrate.yaml │ ├── job-backfill.yaml │ ├── NOTES.txt │ ├── deployment.yaml │ └── _helpers.tpl ├── Chart.yaml ├── values.yaml └── README.md ├── stellar-friendbot ├── OWNERS ├── templates │ ├── serviceaccount.yaml │ ├── secret.yaml │ ├── service.yaml │ ├── ingress.yaml │ ├── NOTES.txt │ ├── _helpers.tpl │ └── deployment.yaml ├── Chart.yaml ├── values.yaml └── README.md ├── stellar-core ├── OWNERS ├── requirements.yaml ├── requirements.lock ├── templates │ ├── serviceaccount.yaml │ ├── service-http.yaml │ ├── secret.yaml │ ├── service-peer.yaml │ ├── NOTES.txt │ ├── service-metrics.yaml │ ├── pvc.yaml │ ├── deployment.yaml │ └── _helpers.tpl ├── Chart.yaml ├── values.yaml └── README.md ├── README.md ├── stellar-horizon.testnet.values.yaml ├── publish.sh ├── stellar-core.testnet.values.yaml └── LICENSE /.gitignore: -------------------------------------------------------------------------------- 1 | *.tgz 2 | /public/ 3 | -------------------------------------------------------------------------------- /stellar-horizon/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - andrenarchy 3 | reviewers: 4 | - andrenarchy 5 | -------------------------------------------------------------------------------- /stellar-friendbot/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - andrenarchy 3 | reviewers: 4 | - andrenarchy 5 | -------------------------------------------------------------------------------- /stellar-core/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - andrenarchy 3 | - rendhalver 4 | reviewers: 5 | - andrenarchy 6 | - rendhalver 7 | -------------------------------------------------------------------------------- /stellar-core/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | version: ^5.0.0 4 | repository: "@stable" 5 | condition: postgresql.enabled 6 | -------------------------------------------------------------------------------- /stellar-core/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | repository: https://charts.helm.sh/stable/ 4 | version: 5.3.13 5 | digest: sha256:cf714d9d5d80ddfef5ed19fc3307216d26e001fb9f2b9dd229d6d2ade7c7da75 6 | generated: "2021-04-09T21:53:37.398827942+02:00" 7 | -------------------------------------------------------------------------------- /stellar-horizon/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | version: ^5.0.0 4 | repository: "@stable" 5 | condition: postgresql.enabled 6 | - name: stellar-core 7 | version: ^1.0.0 8 | repository: "file://../stellar-core/" 9 | condition: stellar-core.enabled 10 | -------------------------------------------------------------------------------- /stellar-horizon/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | repository: https://charts.helm.sh/stable/ 4 | version: 5.3.13 5 | - name: stellar-core 6 | repository: file://../stellar-core/ 7 | version: 1.0.0 8 | digest: sha256:d4b0662233e97d98d5f603d6bd21004ce9de3e57092fc678019e2260d4aebe7b 9 | generated: "2021-04-09T21:53:26.342869123+02:00" 10 | -------------------------------------------------------------------------------- /stellar-core/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "stellar-core.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "stellar-core.name" . }} 8 | chart: {{ template "stellar-core.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /stellar-horizon/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "stellar-horizon.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "stellar-horizon.name" . }} 8 | chart: {{ template "stellar-horizon.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "stellar-friendbot.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" . }} 8 | helm.sh/chart: {{ include "stellar-friendbot.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /stellar-horizon/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.existingDatabase.password }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "stellar-horizon.fullname" . }} 6 | labels: 7 | app: {{ template "stellar-horizon.name" . }} 8 | chart: {{ template "stellar-horizon.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | type: Opaque 12 | data: 13 | databasePassword: {{ .Values.existingDatabase.password | b64enc }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /stellar-horizon/templates/tls-secrets.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled }} 2 | {{- range .Values.ingress.secrets }} 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: {{ .name }} 7 | labels: 8 | app: {{ template "stellar-horizon.name" $ }} 9 | chart: {{ template "stellar-horizon.chart" $ }} 10 | release: {{ $.Release.Name }} 11 | heritage: {{ $.Release.Service }} 12 | type: kubernetes.io/tls 13 | data: 14 | tls.crt: {{ .certificate | b64enc }} 15 | tls.key: {{ .key | b64enc }} 16 | --- 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ template "stellar-friendbot.fullname" . }} 5 | labels: 6 | app: {{ template "stellar-friendbot.name" . }} 7 | chart: {{ template "stellar-friendbot.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | type: Opaque 11 | data: 12 | {{- if not .Values.existingAccountSecretSecret }} 13 | accountSecret: {{ required "accountSecret is required if existingAccountSecretSecret is not provided" .Values.accountSecret | b64enc }} 14 | {{- end }} 15 | 16 | -------------------------------------------------------------------------------- /stellar-horizon/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "0.17.6" 3 | description: Client-facing API server for the Stellar cryptocurrency network. 4 | name: stellar-horizon 5 | version: 1.1.0 6 | icon: https://www.stellar.org/developers/images/favicon/rocket-180x180.png 7 | home: https://www.stellar.org 8 | maintainers: 9 | - name: andrenarchy 10 | email: andre.extern@satoshipay.io 11 | url: https://github.com/andrenarchy 12 | sources: 13 | - https://github.com/satoshipay/docker-stellar-horizon/ 14 | keywords: 15 | - stellar 16 | - stellar-horizon 17 | - cryptocurrency 18 | - blockchain 19 | engine: gotpl 20 | -------------------------------------------------------------------------------- /stellar-core/templates/service-http.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "stellar-core.fullname" . }}-http 5 | labels: 6 | app: {{ template "stellar-core.name" . }} 7 | chart: {{ template "stellar-core.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | type: {{ .Values.httpService.type }} 12 | ports: 13 | - port: {{ .Values.httpService.port }} 14 | targetPort: http 15 | protocol: TCP 16 | name: http 17 | selector: 18 | app: {{ template "stellar-core.name" . }} 19 | release: {{ .Release.Name }} 20 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Stellar Helm Charts 2 | 3 | Helm charts for Stellar applications (Core, Horizon, Friendbot, ...) 4 | 5 | ## Stellar Core 6 | 7 | ``` 8 | helm repo update 9 | helm dependency update stellar-core 10 | helm install \ 11 | --namespace stellar-testnet \ 12 | --name stellar-core \ 13 | --values stellar-core.testnet.values.yaml \ 14 | stellar-core 15 | ``` 16 | 17 | ## Stellar Horizon 18 | 19 | ``` 20 | helm repo update 21 | helm dependency update stellar-horizon 22 | helm install \ 23 | --namespace stellar-testnet \ 24 | --name stellar-horizon \ 25 | --values stellar-horizon.testnet.values.yaml \ 26 | stellar-horizon 27 | ``` 28 | -------------------------------------------------------------------------------- /stellar-friendbot/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "0.13.0" 3 | description: Friendbot that sends money in the Stellar cryptocurrency (testnet) network. 4 | name: stellar-friendbot 5 | version: 1.1.0 6 | icon: https://www.stellar.org/developers/images/favicon/rocket-180x180.png 7 | home: https://www.stellar.org 8 | maintainers: 9 | - name: andrenarchy 10 | email: andre.extern@satoshipay.io 11 | url: https://github.com/andrenarchy 12 | sources: 13 | - https://github.com/satoshipay/docker-stellar-friendbot/ 14 | keywords: 15 | - stellar 16 | - stellar-friendbot 17 | - testnet 18 | - cryptocurrency 19 | - blockchain 20 | engine: gotpl 21 | -------------------------------------------------------------------------------- /stellar-core/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "11.0.0" 3 | description: Backbone node of the Stellar cryptocurrency network. 4 | name: stellar-core 5 | version: 1.0.0 6 | icon: https://www.stellar.org/developers/images/favicon/rocket-180x180.png 7 | home: https://www.stellar.org 8 | maintainers: 9 | - name: andrenarchy 10 | email: andre.extern@satoshipay.io 11 | url: https://github.com/andrenarchy 12 | - name: rendhalver 13 | email: pete.brown@powerhrg.com 14 | sources: 15 | - https://github.com/satoshipay/docker-stellar-core/ 16 | keywords: 17 | - stellar 18 | - stellar-core 19 | - cryptocurrency 20 | - blockchain 21 | engine: gotpl 22 | -------------------------------------------------------------------------------- /stellar-horizon.testnet.values.yaml: -------------------------------------------------------------------------------- 1 | networkPassphrase: Test SDF Network ; September 2015 2 | 3 | stellar-core: 4 | enabled: false 5 | 6 | existingStellarCore: 7 | url: http://stellar-core-http:11626 8 | databaseUrl: postgres://postgres:$(STELLAR_CORE_DATABASE_PASSWORD)@stellar-core-postgresql/stellar-core?sslmode=disable 9 | databasePasswordSecret: 10 | name: stellar-core-postgresql 11 | key: postgresql-password 12 | 13 | ingress: 14 | enabled: true 15 | hosts: 16 | - name: stellar-horizon.d00d3.net 17 | tls: true 18 | tlsSecret: stellar-horizon 19 | annotations: 20 | kubernetes.io/ingress.class: nginx 21 | certmanager.k8s.io/cluster-issuer: letsencrypt-production 22 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "stellar-friendbot.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" . }} 7 | helm.sh/chart: {{ include "stellar-friendbot.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | type: {{ .Values.service.type }} 12 | ports: 13 | - port: {{ .Values.service.port }} 14 | targetPort: http 15 | protocol: TCP 16 | name: http 17 | selector: 18 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" . }} 19 | app.kubernetes.io/instance: {{ .Release.Name }} 20 | -------------------------------------------------------------------------------- /stellar-horizon/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "stellar-horizon.fullname" . }} 5 | labels: 6 | app: {{ template "stellar-horizon.name" . }} 7 | chart: {{ template "stellar-horizon.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | annotations: 11 | {{- range $key, $value := .Values.service.annotations }} 12 | {{ $key }}: {{ $value | quote }} 13 | {{- end }} 14 | spec: 15 | type: {{ .Values.service.type }} 16 | ports: 17 | - port: {{ .Values.service.port }} 18 | targetPort: http 19 | protocol: TCP 20 | name: http 21 | selector: 22 | app: {{ template "stellar-horizon.name" . }} 23 | release: {{ .Release.Name }} 24 | -------------------------------------------------------------------------------- /stellar-core/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ template "stellar-core.fullname" . }} 5 | labels: 6 | app: {{ template "stellar-core.name" . }} 7 | chart: {{ template "stellar-core.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | type: Opaque 11 | data: 12 | {{- if not .Values.existingNodeSeedSecret }} 13 | nodeSeed: {{ required "nodeSeed is required if existingNodeSeedSecret is not provided" .Values.nodeSeed | b64enc }} 14 | {{- end }} 15 | {{- with .Values.gcloudServiceAccountKey }} 16 | gcloudServiceAccountKey: {{ . | b64enc }} 17 | {{- end }} 18 | {{- if .Values.existingDatabase.password }} 19 | databasePassword: {{ .Values.existingDatabase.password | b64enc }} 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /stellar-core/templates/service-peer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "stellar-core.fullname" . }}-peer 5 | labels: 6 | app: {{ template "stellar-core.name" . }} 7 | chart: {{ template "stellar-core.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | type: {{ .Values.peerService.type }} 12 | ports: 13 | - port: {{ .Values.peerService.port }} 14 | targetPort: peer 15 | protocol: TCP 16 | name: peer 17 | {{- with .Values.peerService.loadBalancerIP }} 18 | loadBalancerIP: {{ . }} 19 | {{- end }} 20 | {{- with .Values.peerService.externalTrafficPolicy }} 21 | externalTrafficPolicy: {{ . }} 22 | {{- end }} 23 | selector: 24 | app: {{ template "stellar-core.name" . }} 25 | release: {{ .Release.Name }} 26 | -------------------------------------------------------------------------------- /stellar-core/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. The node will take a while to sync with the network (~1h or more 2 | is not unusual for the default config). 3 | 4 | 2. Allow other nodes to connect to you 5 | 6 | You can publish your external IP address and port as well as your 7 | node's public key so other validators can include your node in 8 | their quorum sets. 9 | 10 | {{- if contains "LoadBalancer" .Values.peerService.type }} 11 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 12 | You can watch the status of by running 'kubectl get svc -w {{ template "stellar-core.fullname" . }}-peer' 13 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "stellar-core.fullname" . }}-peer -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 14 | echo $SERVICE_IP:{{ .Values.peerService.port }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /stellar-core/templates/service-metrics.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.metrics.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "stellar-core.fullname" . }}-metrics 6 | labels: 7 | app: {{ template "stellar-core.name" . }} 8 | chart: {{ template "stellar-core.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | annotations: 12 | {{ toYaml .Values.metrics.service.annotations | indent 4 }} 13 | spec: 14 | type: {{ .Values.metrics.service.type }} 15 | ports: 16 | - port: {{ .Values.metrics.service.port }} 17 | targetPort: metrics 18 | protocol: TCP 19 | name: metrics 20 | {{- with .Values.metrics.service.loadBalancerIP }} 21 | loadBalancerIP: {{ . }} 22 | {{- end }} 23 | selector: 24 | app: {{ template "stellar-core.name" . }} 25 | release: {{ .Release.Name }} 26 | {{- end }} 27 | -------------------------------------------------------------------------------- /publish.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -eu 3 | 4 | if [[ $(git status -s) ]]; then 5 | echo "The working directory is dirty. Please commit any pending changes." 6 | exit 1 7 | fi 8 | 9 | echo "Deleting old publication" 10 | rm -rf public 11 | mkdir public 12 | 13 | git worktree prune 14 | rm -rf .git/worktrees/public/ 15 | 16 | echo "Checking out gh-pages branch into public" 17 | git worktree add -B gh-pages public origin/gh-pages 18 | 19 | echo "Removing existing files" 20 | rm -rf public/* 21 | 22 | echo "Generating helm repository" 23 | for chart in stellar-core stellar-horizon stellar-friendbot; do 24 | helm package --dependency-update --destination public/ "${chart}" 25 | done 26 | 27 | helm repo index public/ --url https://satoshipay.github.io/stellar-helm-charts/ 28 | 29 | echo "Updating gh-pages branch" 30 | cd public && git add --all && git commit -m "Publishing to gh-pages (publish.sh)" && git push origin/gh-pages 31 | -------------------------------------------------------------------------------- /stellar-core/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: {{ template "stellar-core.fullname" . }} 6 | labels: 7 | app: {{ template "stellar-core.name" . }} 8 | chart: {{ template "stellar-core.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- if .Values.persistence.annotations }} 12 | annotations: 13 | {{ toYaml .Values.persistence.annotations | indent 4 }} 14 | {{- end }} 15 | spec: 16 | accessModes: 17 | - {{ .Values.persistence.accessMode | quote }} 18 | resources: 19 | requests: 20 | storage: {{ .Values.persistence.size | quote }} 21 | {{- if .Values.persistence.storageClass }} 22 | {{- if (eq "-" .Values.persistence.storageClass) }} 23 | storageClassName: "" 24 | {{- else }} 25 | storageClassName: "{{ .Values.persistence.storageClass }}" 26 | {{- end }} 27 | {{- end }} 28 | {{- end -}} 29 | -------------------------------------------------------------------------------- /stellar-horizon/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled }} 2 | {{- range .Values.ingress.hosts }} 3 | apiVersion: extensions/v1beta1 4 | kind: Ingress 5 | metadata: 6 | name: "{{- printf "%s-%s" .name $.Release.Name | trunc 63 | trimSuffix "-" -}}" 7 | labels: 8 | app: {{ template "stellar-horizon.name" $ }} 9 | chart: {{ template "stellar-horizon.chart" $ }} 10 | release: {{ $.Release.Name }} 11 | heritage: {{ $.Release.Service }} 12 | annotations: 13 | {{- range $key, $value := .annotations }} 14 | {{ $key }}: {{ $value | quote }} 15 | {{- end }} 16 | spec: 17 | rules: 18 | - host: {{ .name }} 19 | http: 20 | paths: 21 | - path: {{ default "/" .path }} 22 | backend: 23 | serviceName: {{ template "stellar-horizon.fullname" $ }} 24 | servicePort: http 25 | {{- if .tls }} 26 | tls: 27 | - hosts: 28 | - {{ .name }} 29 | {{- with .tlsSecret }} 30 | secretName: {{ .tlsSecret }} 31 | {{- end }} 32 | {{- end }} 33 | --- 34 | {{- end }} 35 | {{- end }} 36 | -------------------------------------------------------------------------------- /stellar-horizon/templates/job-migrate.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.migrate }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ template "stellar-horizon.fullname" . }}-migrate 6 | labels: 7 | app: {{ template "stellar-horizon.name" . }} 8 | chart: {{ template "stellar-horizon.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | spec: 12 | template: 13 | metadata: 14 | name: horizon-migrate 15 | labels: 16 | app: {{ template "stellar-horizon.name" . }} 17 | chart: {{ template "stellar-horizon.chart" . }} 18 | release: {{ .Release.Name }} 19 | heritage: {{ .Release.Service }} 20 | spec: 21 | containers: 22 | - name: horizon-migrate 23 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 24 | imagePullPolicy: {{ .Values.image.pullPolicy }} 25 | args: ["horizon", "db", "migrate", "up"] 26 | env: 27 | {{ include "stellar-horizon.env" . | indent 10 }} 28 | # Do not restart containers after they exit 29 | restartPolicy: Never 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled }} 2 | {{- range .Values.ingress.hosts }} 3 | apiVersion: extensions/v1beta1 4 | kind: Ingress 5 | metadata: 6 | name: "{{- printf "%s-%s" .name $.Release.Name | trunc 63 | trimSuffix "-" -}}" 7 | labels: 8 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" $ }} 9 | helm.sh/chart: {{ include "stellar-friendbot.chart" $ }} 10 | app.kubernetes.io/instance: {{ $.Release.Name }} 11 | app.kubernetes.io/managed-by: {{ $.Release.Service }} 12 | annotations: 13 | {{- range $key, $value := .annotations }} 14 | {{ $key }}: {{ $value | quote }} 15 | {{- end }} 16 | spec: 17 | rules: 18 | - host: {{ .name }} 19 | http: 20 | paths: 21 | - path: {{ default "/" .path }} 22 | backend: 23 | serviceName: {{ template "stellar-friendbot.fullname" $ }} 24 | servicePort: http 25 | {{- if .tls }} 26 | tls: 27 | - hosts: 28 | - {{ .name }} 29 | {{- with .tlsSecret }} 30 | secretName: {{ .tlsSecret }} 31 | {{- end }} 32 | {{- end }} 33 | --- 34 | {{- end }} 35 | {{- end }} 36 | -------------------------------------------------------------------------------- /stellar-horizon/templates/job-backfill.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.backfill (not (eq .Values.backfill "0")) }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ template "stellar-horizon.fullname" . }}-backfill 6 | labels: 7 | app: {{ template "stellar-horizon.name" . }} 8 | chart: {{ template "stellar-horizon.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | spec: 12 | template: 13 | metadata: 14 | name: horizon-backfill 15 | labels: 16 | app: {{ template "stellar-horizon.name" . }} 17 | chart: {{ template "stellar-horizon.chart" . }} 18 | release: {{ .Release.Name }} 19 | heritage: {{ .Release.Service }} 20 | spec: 21 | containers: 22 | - name: horizon-backfill 23 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 24 | imagePullPolicy: {{ .Values.image.pullPolicy }} 25 | args: ["horizon", "db", "backfill", {{ .Values.backfill | quote }}] 26 | env: 27 | {{ include "stellar-horizon.env" . | indent 10 }} 28 | # Do not restart containers after they exit 29 | restartPolicy: Never 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range .Values.ingress.hosts }} 4 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} 5 | {{- end }} 6 | {{- else if contains "NodePort" .Values.service.type }} 7 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "stellar-friendbot.fullname" . }}) 8 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 9 | echo http://$NODE_IP:$NODE_PORT 10 | {{- else if contains "LoadBalancer" .Values.service.type }} 11 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 12 | You can watch the status of by running 'kubectl get svc -w {{ include "stellar-friendbot.fullname" . }}' 13 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "stellar-friendbot.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 14 | echo http://$SERVICE_IP:{{ .Values.service.port }} 15 | {{- else if contains "ClusterIP" .Values.service.type }} 16 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "stellar-friendbot.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 17 | echo "Visit http://127.0.0.1:8080 to use your application" 18 | kubectl port-forward $POD_NAME 8080:80 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "stellar-friendbot.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "stellar-friendbot.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "stellar-friendbot.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Create the name of the service account to use 36 | */}} 37 | {{- define "stellar-friendbot.serviceAccountName" -}} 38 | {{- if .Values.serviceAccount.create -}} 39 | {{ default (include "stellar-friendbot.fullname" .) .Values.serviceAccount.name }} 40 | {{- else -}} 41 | {{ default "default" .Values.serviceAccount.name }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /stellar-horizon/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Wait until Stellar Horizon is ready (i.e., ingested all requested data 2 | from Stellar Core 3 | 4 | 2. Get the Stellar Horizon URL: 5 | 6 | {{- if .Values.ingress.enabled }} 7 | 8 | You should be able to access your new Stellar Horizon installation through 9 | 10 | {{- range .Values.ingress.hosts }} 11 | {{ if .tls }}https{{ else }}http{{ end }}://{{ .name }}/ 12 | {{- end }} 13 | 14 | {{- else if contains "LoadBalancer" .Values.service.type }} 15 | 16 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 17 | Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "stellar-horizon.fullname" . }}' 18 | 19 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "stellar-horizon.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 20 | echo "Stellar Core URL: http://$SERVICE_IP:{{ .Values.service.port }}/" 21 | 22 | {{- else if contains "ClusterIP" .Values.service.type }} 23 | 24 | echo "Stellar Core URL: http://127.0.0.1/" 25 | kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "stellar-horizon.fullname" . }} 8080:{{ .Values.service.port }} 26 | 27 | {{- else if contains "NodePort" .Values.service.type }} 28 | 29 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "stellar-horizon.fullname" . }}) 30 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 31 | echo "Stellar Core URL: http://$NODE_IP:$NODE_PORT/" 32 | 33 | {{- end }} 34 | -------------------------------------------------------------------------------- /stellar-core.testnet.values.yaml: -------------------------------------------------------------------------------- 1 | nodeSeed: SCS7PF3YQJ7EUCYCQLXTALHKEUL7MEZWSSDUDV3BQHGSTOJSHOHV4UN3 2 | nodeIsValidator: true 3 | networkPassphrase: Test SDF Network ; September 2015 4 | knownPeers: 5 | - core-testnet1.stellar.org 6 | - core-testnet2.stellar.org 7 | - core-testnet3.stellar.org 8 | - stellar-testnet-de-fra.satoshipay.io 9 | 10 | nodeNames: 11 | - name: sdf-testnet1 12 | publicKey: GDKXE2OZMJIPOSLNA6N6F2BVCI3O777I2OOC4BV7VOYUEHYX7RTRYA7Y 13 | - name: sdf-testnet2 14 | publicKey: GCUCJTIYXSOXKBSNFGNFWW5MUQ54HKRPGJUTQFJ5RQXZXNOLNXYDHRAP 15 | - name: sdf-testnet3 16 | publicKey: GC2V2EFSXN6SQTWVYA5EPJPBWWIMSD2XQNKUOHGEKB535AQE2I6IXV2Z 17 | - name: satoshipay-testnet-de-fra 18 | publicKey: GBQP2WQZTCNUDUOR5W6XJ2BPLDV2KZSZFJ5AZUHUBLU63ZKS2OP7CMUO 19 | 20 | preferredPeerKeys: 21 | - $sdf-testnet1 22 | - $sdf-testnet2 23 | - $sdf-testnet3 24 | - $satoshipay-testnet-de-fra 25 | 26 | quorumSet: 27 | - threshold_percent: 66 28 | validators: 29 | - $sdf-testnet1 30 | - $sdf-testnet2 31 | - $sdf-testnet3 32 | - $satoshipay-testnet-de-fra 33 | 34 | history: 35 | sdf-testnet1: 36 | get: "curl -sf https://history.stellar.org/prd/core-testnet/core_testnet_001/{0} -o {1}" 37 | sdf-testnet2: 38 | get: "curl -sf https://history.stellar.org/prd/core-testnet/core_testnet_002/{0} -o {1}" 39 | sdf-testnet3: 40 | get: "curl -sf https://history.stellar.org/prd/core-testnet/core_testnet_003/{0} -o {1}" 41 | satoshipay-testnet-de-fra: 42 | get: "curl -sf https://stellar-history-testnet-de-fra.satoshipay.io/{0} -o {1}" 43 | 44 | initializeDatabase: true 45 | 46 | persistence: 47 | size: 8Gi 48 | 49 | postgresql: 50 | enabled: true 51 | persistence: 52 | size: 20Gi 53 | -------------------------------------------------------------------------------- /stellar-horizon/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ template "stellar-horizon.fullname" . }} 5 | labels: 6 | app: {{ template "stellar-horizon.name" . }} 7 | chart: {{ template "stellar-horizon.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: 1 12 | strategy: 13 | type: Recreate 14 | selector: 15 | matchLabels: 16 | app: {{ template "stellar-horizon.name" . }} 17 | release: {{ .Release.Name }} 18 | template: 19 | metadata: 20 | labels: 21 | app: {{ template "stellar-horizon.name" . }} 22 | release: {{ .Release.Name }} 23 | spec: 24 | serviceAccountName: "{{ template "stellar-horizon.serviceAccountName" . }}" 25 | containers: 26 | - name: {{ .Chart.Name }} 27 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 28 | imagePullPolicy: {{ .Values.image.pullPolicy }} 29 | ports: 30 | - name: http 31 | containerPort: 8000 32 | protocol: TCP 33 | env: 34 | {{ include "stellar-horizon.env" . | indent 12 }} 35 | {{- if .Values.ingest }} 36 | - name: INGEST 37 | value: "true" 38 | {{- end }} 39 | {{- if .Values.ingestFailedTransactions }} 40 | - name: INGEST_FAILED_TRANSACTIONS 41 | value: "true" 42 | {{- end }} 43 | {{- if .Values.enableAssetStats }} 44 | - name: ENABLE_ASSET_STATS 45 | value: "true" 46 | {{- end }} 47 | {{- range $key, $val := .Values.environment }} 48 | - name: {{ $key }} 49 | value: {{ $val | quote }} 50 | {{- end }} 51 | livenessProbe: 52 | httpGet: 53 | path: / 54 | port: http 55 | readinessProbe: 56 | timeoutSeconds: 5 57 | exec: 58 | command: [ /ready.sh ] 59 | resources: 60 | {{ toYaml .Values.resources | indent 12 }} 61 | {{- with .Values.nodeSelector }} 62 | nodeSelector: 63 | {{ toYaml . | indent 8 }} 64 | {{- end }} 65 | {{- with .Values.affinity }} 66 | affinity: 67 | {{ toYaml . | indent 8 }} 68 | {{- end }} 69 | {{- with .Values.tolerations }} 70 | tolerations: 71 | {{ toYaml . | indent 8 }} 72 | {{- end }} 73 | -------------------------------------------------------------------------------- /stellar-friendbot/values.yaml: -------------------------------------------------------------------------------- 1 | ## WARNING: make sure to replace this in your configuration or use existingAccountSecretSecret 2 | accountSecret: SBZYPEOQK7TWABPRW2LSSYWDI7O7TWZQZUH4RUUNEAUGNVHKKUH4Y6QF 3 | # existingAccountSecretSecret: 4 | # name: stellar-friendbot 5 | # key: accountSecret 6 | 7 | networkPassphrase: Test SDF Network ; September 2015 8 | 9 | horizonUrl: https://horizon-testnet.stellar.org 10 | 11 | startingBalance: 10000 12 | 13 | numMinions: 1000 14 | 15 | environment: {} 16 | 17 | image: 18 | repository: satoshipay/stellar-friendbot 19 | tag: '0.0.2' 20 | pullPolicy: IfNotPresent 21 | 22 | service: 23 | type: ClusterIP 24 | port: 80 25 | 26 | ingress: 27 | enabled: false 28 | 29 | ## The list of hostnames to be covered with this ingress record. 30 | ## Most likely this will be just one host, but in the event more hosts are needed, this is an array 31 | hosts: 32 | - name: stellar-friendbot.local 33 | 34 | ## Set this to true in order to enable TLS on the ingress record 35 | tls: false 36 | 37 | ## If TLS is set to true, you probably need to declare what secret will store the key/certificate for TLS 38 | tlsSecret: stellar-friendbot.local-tls 39 | 40 | ## Ingress annotations done as key:value pairs 41 | ## If you're using kube-lego, you will want to add: 42 | ## kubernetes.io/tls-acme: true 43 | ## 44 | ## For a full list of possible ingress annotations, please see 45 | ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md 46 | annotations: 47 | # kubernetes.io/ingress.class: nginx 48 | # kubernetes.io/tls-acme: true 49 | 50 | secrets: 51 | ## If you're providing your own certificates, please use this to add the certificates as secrets 52 | ## key and certificate should start with -----BEGIN CERTIFICATE----- or 53 | ## -----BEGIN RSA PRIVATE KEY----- 54 | ## 55 | ## name should line up with a tlsSecret set further up 56 | ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set 57 | ## 58 | ## It is also possible to create and manage the certificates outside of this helm chart 59 | ## Please see README.md for more information 60 | # - name: stellar-friendbot.local-tls 61 | # key: 62 | # certificate: 63 | 64 | resources: 65 | requests: 66 | cpu: 10m 67 | memory: 128Mi 68 | 69 | nodeSelector: {} 70 | 71 | tolerations: [] 72 | 73 | affinity: {} 74 | 75 | serviceAccount: 76 | create: true 77 | name: 78 | -------------------------------------------------------------------------------- /stellar-friendbot/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "stellar-friendbot.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" . }} 7 | helm.sh/chart: {{ include "stellar-friendbot.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | replicas: 1 12 | selector: 13 | matchLabels: 14 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app.kubernetes.io/name: {{ include "stellar-friendbot.name" . }} 20 | app.kubernetes.io/instance: {{ .Release.Name }} 21 | spec: 22 | serviceAccountName: "{{ template "stellar-friendbot.serviceAccountName" . }}" 23 | containers: 24 | - name: {{ .Chart.Name }} 25 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 26 | imagePullPolicy: {{ .Values.image.pullPolicy }} 27 | env: 28 | {{- with .Values.existingAccountSecretSecret }} 29 | - name: FRIENDBOT_SECRET 30 | valueFrom: 31 | secretKeyRef: 32 | name: {{ required "name of existingAccountSecretSecret is required" .name | quote }} 33 | key: {{ required "key of existingAccountSecretSecret is required" .key | quote }} 34 | {{- else }} 35 | - name: FRIENDBOT_SECRET 36 | valueFrom: 37 | secretKeyRef: 38 | name: {{ template "stellar-friendbot.fullname" . }} 39 | key: accountSecret 40 | {{- end }} 41 | - name: NETWORK_PASSPHRASE 42 | value: {{ .Values.networkPassphrase | quote }} 43 | - name: HORIZON_URL 44 | value: {{ .Values.horizonUrl | quote }} 45 | - name: STARTING_BALANCE 46 | value: {{ .Values.startingBalance | quote }} 47 | - name: NUM_MINIONS 48 | value: {{ .Values.numMinions | quote }} 49 | {{- range $key, $val := .Values.environment }} 50 | - name: {{ $key }} 51 | value: {{ $val | quote }} 52 | {{- end }} 53 | ports: 54 | - name: http 55 | containerPort: 8000 56 | protocol: TCP 57 | # Note: we can't use httpGet here because friendbot throws 4xx without a valid dest addr 58 | livenessProbe: 59 | initialDelaySeconds: 60 60 | tcpSocket: 61 | port: http 62 | readinessProbe: 63 | tcpSocket: 64 | port: http 65 | resources: 66 | {{ toYaml .Values.resources | indent 12 }} 67 | {{- with .Values.nodeSelector }} 68 | nodeSelector: 69 | {{ toYaml . | indent 8 }} 70 | {{- end }} 71 | {{- with .Values.affinity }} 72 | affinity: 73 | {{ toYaml . | indent 8 }} 74 | {{- end }} 75 | {{- with .Values.tolerations }} 76 | tolerations: 77 | {{ toYaml . | indent 8 }} 78 | {{- end }} 79 | -------------------------------------------------------------------------------- /stellar-horizon/values.yaml: -------------------------------------------------------------------------------- 1 | postgresql: 2 | enabled: true 3 | # nameOverride: postgresql-horizon 4 | postgresqlDatabase: stellar-horizon 5 | postgresqlUsername: postgres 6 | # options from https://github.com/helm/charts/tree/master/stable/postgresql 7 | # postgresPassword: 8 | 9 | ## NOTE: 10 | ## existingDatabase is only used if postgresql.enabled is false 11 | existingDatabase: 12 | passwordSecret: 13 | name: postgresql-horizon 14 | key: password 15 | ## NOTE: 16 | ## $(DATABASE_PASSWORD) is automatically replaced with the value of the passwordSecret 17 | # url: postgres://postgres:$(DATABASE_PASSWORD)@postgresql-horizon/stellar-horizon?sslmode=disable 18 | 19 | stellar-core: 20 | enabled: true 21 | # nodeSeed: SDUFQA7YL3KTWZNKOXX7XXIYU4R5R6JKELMREKHDQOYY2WPUGXFVJN52 22 | 23 | postgresql: 24 | nameOverride: postgresql-core 25 | 26 | ## NOTE: 27 | ## existingStellarCore is only used if stellar-core.enabled is false 28 | existingStellarCore: 29 | url: http://stellar-core:11626 30 | databaseUrl: postgres://postgres:$(STELLAR_CORE_DATABASE_PASSWORD)@stellar-core-postgresql/stellar-core?sslmode=disable 31 | databasePasswordSecret: 32 | name: stellar-core-postgresql 33 | key: postgresql-password 34 | 35 | ingest: true 36 | ingestFailedTransactions: true 37 | enableAssetStats: false 38 | 39 | backfill: "0" 40 | migrate: false 41 | networkPassphrase: Public Global Stellar Network ; September 2015 42 | connectionTimeout: 60 43 | historyArchiveUrls: [] 44 | #- https://stellar-history-de-fra.satoshipay.io/ 45 | #- https://stellar-history-sg-sin.satoshipay.io/ 46 | #- https://stellar-history-us-iowa.satoshipay.io/ 47 | #- https://history.stellar.org/prd/core-live/core_live_001/ 48 | #- https://history.stellar.org/prd/core-live/core_live_002/ 49 | #- https://history.stellar.org/prd/core-live/core_live_003/ 50 | 51 | environment: {} 52 | 53 | image: 54 | repository: satoshipay/stellar-horizon 55 | tag: '1.12.0' 56 | pullPolicy: IfNotPresent 57 | 58 | service: 59 | type: ClusterIP 60 | port: 80 61 | annotations: 62 | 63 | ingress: 64 | enabled: false 65 | 66 | ## The list of hostnames to be covered with this ingress record. 67 | ## Most likely this will be just one host, but in the event more hosts are needed, this is an array 68 | hosts: 69 | - name: stellar-horizon.local 70 | 71 | ## Set this to true in order to enable TLS on the ingress record 72 | tls: false 73 | 74 | ## If TLS is set to true, you probably need to declare what secret will store the key/certificate for TLS 75 | tlsSecret: stellar-horizon.local-tls 76 | 77 | ## Ingress annotations done as key:value pairs 78 | ## If you're using kube-lego, you will want to add: 79 | ## kubernetes.io/tls-acme: true 80 | ## 81 | ## For a full list of possible ingress annotations, please see 82 | ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md 83 | annotations: 84 | # kubernetes.io/ingress.class: nginx 85 | # kubernetes.io/tls-acme: true 86 | 87 | secrets: 88 | ## If you're providing your own certificates, please use this to add the certificates as secrets 89 | ## key and certificate should start with -----BEGIN CERTIFICATE----- or 90 | ## -----BEGIN RSA PRIVATE KEY----- 91 | ## 92 | ## name should line up with a tlsSecret set further up 93 | ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set 94 | ## 95 | ## It is also possible to create and manage the certificates outside of this helm chart 96 | ## Please see README.md for more information 97 | # - name: stellar-horizon.local-tls 98 | # key: 99 | # certificate: 100 | 101 | resources: 102 | requests: 103 | cpu: 100m 104 | memory: 128Mi 105 | 106 | nodeSelector: {} 107 | 108 | tolerations: [] 109 | 110 | affinity: {} 111 | 112 | serviceAccount: 113 | create: true 114 | name: 115 | -------------------------------------------------------------------------------- /stellar-core/values.yaml: -------------------------------------------------------------------------------- 1 | ## NOTE: 2 | ## You have to provide a node seed 3 | ## * either by specifying nodeSeed directly 4 | ## * or by specifying existingNodeSeedSecret that points to an existing secret 5 | ## You can generate a node seed by running the following command: 6 | ## docker run --rm -it --entrypoint '' satoshipay/stellar-core stellar-core --genseed 7 | 8 | ## WARNING: make sure to replace this in your configuration or use existingNodeSeedSecret 9 | nodeSeed: SDUFQA7YL3KTWZNKOXX7XXIYU4R5R6JKELMREKHDQOYY2WPUGXFVJN52 10 | # existingNodeSeedSecret: 11 | # name: stellar-core 12 | # key: nodeSeed 13 | 14 | nodeIsValidator: true 15 | 16 | networkPassphrase: Public Global Stellar Network ; September 2015 17 | 18 | catchupComplete: false 19 | catchupRecent: 0 20 | 21 | # targetPeerConnections: 8 22 | # maxAdditionalPeerConnections: 50 23 | # maxPendingConnections: 500 24 | maxConcurrentSubprocesses: 2 25 | 26 | knownPeers: [] 27 | 28 | preferredPeers: [] 29 | 30 | nodeNames: [] 31 | 32 | unsafeQuorum: false 33 | 34 | quorumSet: {} 35 | # - threshold_percent: 66 36 | # validators: 37 | # - $$eno 38 | # - $$keybase0 39 | # - $$tempo 40 | # - $$umbrel 41 | # - path: satoshipay 42 | # threshold_percent: 51 43 | # validators: 44 | # - $$satoshipay1 45 | # - $$satoshipay2 46 | # - $$satoshipay3 47 | 48 | history: {} 49 | # sdf1: 50 | # get: "curl -sf http://history.stellar.org/prd/core-live/core_live_001/{0} -o {1}" 51 | # sdf2: 52 | # get: "curl -sf http://history.stellar.org/prd/core-live/core_live_002/{0} -o {1}" 53 | # sdf3: 54 | # get: "curl -sf http://history.stellar.org/prd/core-live/core_live_003/{0} -o {1}" 55 | 56 | initializeDatabase: true 57 | initializeHistoryArchives: false 58 | 59 | initCatchup: 60 | enabled: false 61 | ledger: 21000000 62 | 63 | environment: {} 64 | 65 | postgresql: 66 | enabled: true 67 | postgresqlDatabase: stellar-core 68 | postgresqlUsername: postgres 69 | # options from https://github.com/helm/charts/tree/master/stable/postgresql 70 | # postgresqlPassword: 71 | 72 | postgresqlConnectTimeout: 5 73 | 74 | ## NOTE: 75 | ## existingDatabase is only used if postgresql.enabled is false 76 | existingDatabase: 77 | passwordSecret: 78 | name: postgresql-core 79 | key: password 80 | ## NOTE: 81 | ## $(DATABASE_PASSWORD) is automatically replaced with the value of the passwordSecret 82 | # url: postgresql://dbname=stellar-core host=postgresql-core password=$(DATABASE_PASSWORD) 83 | 84 | image: 85 | repository: satoshipay/stellar-core 86 | tag: '16.0.0' 87 | # flavor: aws 88 | # flavor: gcloud 89 | pullPolicy: IfNotPresent 90 | 91 | peerService: 92 | type: LoadBalancer 93 | port: 11625 94 | # loadBalancerIP: 35.13.37.42 95 | # externalTrafficPolicy: Local 96 | 97 | httpService: 98 | type: ClusterIP 99 | port: 11626 100 | 101 | metrics: 102 | enabled: false 103 | # resources: {} 104 | service: 105 | type: ClusterIP 106 | port: "9473" 107 | annotations: 108 | prometheus.io/scrape: "true" 109 | prometheus.io/port: "9473" 110 | loadBalancerIP: 111 | image: 112 | repository: stellar/stellar-core-prometheus-exporter 113 | # Note: use proper tag when upstream uses proper tags 114 | tag: latest 115 | pullPolicy: Always 116 | 117 | persistence: 118 | enabled: true 119 | 120 | ## A manually managed Persistent Volume and Claim 121 | ## Requires persistence.enabled: true 122 | ## If defined, PVC must be created manually before volume will be bound 123 | # existingClaim: 124 | 125 | ## database data Persistent Volume Storage Class 126 | ## If defined, storageClassName: 127 | ## If set to "-", storageClassName: "", which disables dynamic provisioning 128 | ## If undefined (the default) or set to null, no storageClassName spec is 129 | ## set, choosing the default provisioner. (gp2 on AWS, standard on 130 | ## GKE, AWS & OpenStack) 131 | ## 132 | # storageClass: "-" 133 | accessMode: ReadWriteOnce 134 | size: 8Gi 135 | 136 | subPath: "stellar-core" 137 | mountPath: /data 138 | 139 | ## Annotations for the persistent volume claim 140 | # annotations: 141 | 142 | resources: 143 | requests: 144 | cpu: 100m 145 | memory: 512Mi 146 | 147 | nodeSelector: {} 148 | 149 | tolerations: [] 150 | 151 | affinity: {} 152 | 153 | serviceAccount: 154 | create: true 155 | name: 156 | -------------------------------------------------------------------------------- /stellar-core/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ template "stellar-core.fullname" . }} 5 | labels: 6 | app: {{ template "stellar-core.name" . }} 7 | chart: {{ template "stellar-core.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: 1 12 | strategy: 13 | type: Recreate 14 | selector: 15 | matchLabels: 16 | app: {{ template "stellar-core.name" . }} 17 | release: {{ .Release.Name }} 18 | template: 19 | metadata: 20 | labels: 21 | app: {{ template "stellar-core.name" . }} 22 | release: {{ .Release.Name }} 23 | spec: 24 | serviceAccountName: "{{ template "stellar-core.serviceAccountName" . }}" 25 | 26 | initContainers: 27 | {{- if .Values.forceScp }} 28 | - name: {{ .Chart.Name }}-forcescp 29 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ with .Values.image.flavor }}-{{.}}{{ end }}" 30 | imagePullPolicy: {{ .Values.image.pullPolicy }} 31 | args: ["stellar-core", "force-scp", "--conf", "/stellar-core.cfg"] 32 | env: 33 | {{ include "stellar-core.env" . | indent 12 }} 34 | volumeMounts: 35 | - name: data 36 | mountPath: {{ .Values.persistence.mountPath }} 37 | subPath: {{ .Values.persistence.subPath }} 38 | {{- end }} 39 | {{- if .Values.initCatchup.enabled }} 40 | - name: {{ .Chart.Name }}-catchup 41 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ with .Values.image.flavor }}-{{.}}{{ end }}" 42 | imagePullPolicy: {{ .Values.image.pullPolicy }} 43 | args: ["stellar-core", "catchup", '{{ printf "%.0f" .Values.initCatchup.ledger }}', "--conf", "/stellar-core.cfg"] 44 | env: 45 | {{ include "stellar-core.env" . | indent 12 }} 46 | volumeMounts: 47 | - name: data 48 | mountPath: {{ .Values.persistence.mountPath }} 49 | subPath: {{ .Values.persistence.subPath }} 50 | {{- end }} 51 | containers: 52 | - name: {{ .Chart.Name }} 53 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ with .Values.image.flavor }}-{{.}}{{ end }}" 54 | imagePullPolicy: {{ .Values.image.pullPolicy }} 55 | ports: 56 | - name: peer 57 | containerPort: 11625 58 | protocol: TCP 59 | - name: http 60 | containerPort: 11626 61 | protocol: TCP 62 | env: 63 | {{ include "stellar-core.env" . | indent 12 }} 64 | livenessProbe: 65 | tcpSocket: 66 | port: peer 67 | readinessProbe: 68 | tcpSocket: 69 | port: peer 70 | resources: 71 | {{ toYaml .Values.resources | indent 12 }} 72 | volumeMounts: 73 | - name: data 74 | mountPath: {{ .Values.persistence.mountPath }} 75 | subPath: {{ .Values.persistence.subPath }} 76 | {{- if .Values.metrics.enabled }} 77 | - name: metrics 78 | image: "{{ .Values.metrics.image.repository }}:{{ .Values.metrics.image.tag }}" 79 | imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} 80 | env: 81 | - name: STELLAR_CORE_ADDRESS 82 | value: "http://127.0.0.1:11626" 83 | - name: PORT 84 | value: "9473" 85 | ports: 86 | - name: metrics 87 | containerPort: 9473 88 | protocol: TCP 89 | readinessProbe: 90 | timeoutSeconds: 5 91 | initialDelaySeconds: 20 92 | httpGet: 93 | path: / 94 | port: metrics 95 | livenessProbe: 96 | timeoutSeconds: 5 97 | initialDelaySeconds: 20 98 | httpGet: 99 | path: / 100 | port: metrics 101 | {{- end }} 102 | volumes: 103 | - name: data 104 | {{- if .Values.persistence.enabled }} 105 | persistentVolumeClaim: 106 | claimName: {{ .Values.persistence.existingClaim | default (include "stellar-core.fullname" .) }} 107 | {{- else }} 108 | emptyDir: {} 109 | {{- end }} 110 | {{- with .Values.nodeSelector }} 111 | nodeSelector: 112 | {{ toYaml . | indent 8 }} 113 | {{- end }} 114 | {{- with .Values.affinity }} 115 | affinity: 116 | {{ toYaml . | indent 8 }} 117 | {{- end }} 118 | {{- with .Values.tolerations }} 119 | tolerations: 120 | {{ toYaml . | indent 8 }} 121 | {{- end }} 122 | -------------------------------------------------------------------------------- /stellar-friendbot/README.md: -------------------------------------------------------------------------------- 1 | # Stellar Friendbot 2 | 3 | [Stellar](https://www.stellar.org) is an open-source and distributed payments infrastructure. Stellar Friendbot is a simple server that sends funds from the friendbot's account to another account. Friendbot is usually deployed in a test network. 4 | 5 | ## Introduction 6 | 7 | This chart bootstraps a [Stellar Friendbot](https://github.com/stellar/go/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. The chart is based on the Kubernetes-ready [Stellar Friendbot images provided by SatoshiPay](https://github.com/satoshipay/docker-stellar-friendbot/). 8 | 9 | ## Prerequisites 10 | 11 | - Kubernetes 1.8+ with Beta APIs enabled 12 | 13 | ## Installing the Chart 14 | 15 | To install the chart with the release name `my-release`: 16 | 17 | ```bash 18 | $ helm install --name my-release stable/stellar-friendbot 19 | ``` 20 | 21 | ## Configuration 22 | 23 | The following table lists the configurable parameters of the Stellar Friendbot chart and their default values. 24 | 25 | | Parameter | Description | Default | 26 | | ----------------------- | --------------------------------------------- | --------------------------------------------- | 27 | | `accountSecret` | Friendbot's account secret (if `existingAccountSecretSecret` is not set) | Not set | 28 | | `existingAccountSecretSecret` | Existing secret with the account secret (if `accountSecret` is not set) | Not set | 29 | | `existingAccountSecretSecret.name` | Secret containing the account secret | Not set | 30 | | `existingAccountSecretSecret.key` | Key of the account secret in the secret | Not set | 31 | | `networkPassphrase` | The network the friendbot should use | `Public Global Stellar Network ; September 2015` | 32 | | `horizonUrl` | URL of Stellar Horizon where the transaction should be submitted | `https://horizon.stellar.org` | 33 | | `startingBalance` | Starting balance of newly funded accounts | `10000` | 34 | | `environment` | Additional environment variables for Stellar Friendbot | `{}` | 35 | | `image.repository` | `stellar-friendbot` image repository | `satoshipay/stellar-friendbot` | 36 | | `image.tag` | `stellar-friendbot` image tag | `0.13.0` | 37 | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | 38 | | `service.type` | HTTP endpoint service type | `ClusterIP` | 39 | | `service.port` | HTTP endpoint TCP port | `80` | 40 | | `ingress.enabled` | Enable ingress controller resource | `false` | 41 | | `ingress.hosts[0].name` | Hostname to your Friendbot installation | `stellar-friendbot.local` | 42 | | `ingress.hosts[0].path` | Path within the url structure | `/` | 43 | | `ingress.hosts[0].tlsSecret` | TLS Secret (certificates) | `stellar-friendbot.local-tls-secret` | 44 | | `ingress.hosts[0].annotations` | Annotations for this host's ingress record | `[]` | 45 | | `ingress.secrets[0].name` | TLS Secret Name | `nil` | 46 | | `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | 47 | | `ingress.secrets[0].key` | TLS Secret Key | `nil` | 48 | | `resources` | CPU/Memory resource requests/limits | Requests: `128Mi` memory, `10m` CPU | 49 | | `nodeSelector` | Node labels for pod assignment | {} | 50 | | `tolerations` | Toleration labels for pod assignment | [] | 51 | | `affinity` | Affinity settings for pod assignment | {} | 52 | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | 53 | | `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template | 54 | -------------------------------------------------------------------------------- /stellar-horizon/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "stellar-horizon.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "stellar-horizon.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "stellar-horizon.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Create the name of the service account to use 36 | */}} 37 | {{- define "stellar-horizon.serviceAccountName" -}} 38 | {{- if .Values.serviceAccount.create -}} 39 | {{ default (include "stellar-horizon.fullname" .) .Values.serviceAccount.name }} 40 | {{- else -}} 41 | {{ default "default" .Values.serviceAccount.name }} 42 | {{- end -}} 43 | {{- end -}} 44 | 45 | {{/* 46 | Create a default fully qualified app name. 47 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 48 | */}} 49 | {{- define "stellar-horizon.postgresql.fullname" -}} 50 | {{- if .Values.postgresql.fullnameOverride -}} 51 | {{- .Values.postgresql.fullnameOverride | trunc 63 | trimSuffix "-" -}} 52 | {{- else -}} 53 | {{- $name := default "postgresql" .Values.postgresql.nameOverride -}} 54 | {{- if contains $name .Release.Name -}} 55 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 56 | {{- else -}} 57 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 58 | {{- end -}} 59 | {{- end -}} 60 | {{- end -}} 61 | 62 | {{/* 63 | Create a default fully qualified app name. 64 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 65 | */}} 66 | {{- define "stellar-horizon.stellar-core.fullname" -}} 67 | {{- $stellarCore := index .Values "stellar-core" -}} 68 | {{- if $stellarCore.fullnameOverride -}} 69 | {{- $stellarCore.fullnameOverride | trunc 63 | trimSuffix "-" -}} 70 | {{- else -}} 71 | {{- $name := default "stellar-core" $stellarCore.nameOverride -}} 72 | {{- if contains $name .Release.Name -}} 73 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 74 | {{- else -}} 75 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 76 | {{- end -}} 77 | {{- end -}} 78 | {{- end -}} 79 | 80 | {{/* 81 | Create a default fully qualified app name. 82 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 83 | */}} 84 | {{- define "stellar-horizon.stellar-core.postgresql.fullname" -}} 85 | {{- $postgresql := index .Values "stellar-core" "postgresql" -}} 86 | {{- if $postgresql.fullnameOverride -}} 87 | {{- $postgresql.fullnameOverride | trunc 63 | trimSuffix "-" -}} 88 | {{- else -}} 89 | {{- $name := default "postgresql" $postgresql.nameOverride -}} 90 | {{- if contains $name .Release.Name -}} 91 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 92 | {{- else -}} 93 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 94 | {{- end -}} 95 | {{- end -}} 96 | {{- end -}} 97 | 98 | {{- define "stellar-horizon.env" -}} 99 | {{- if .Values.postgresql.enabled }} 100 | - name: DATABASE_PASSWORD 101 | valueFrom: 102 | secretKeyRef: 103 | name: {{ template "stellar-horizon.postgresql.fullname" . }} 104 | key: postgresql-password 105 | - name: DATABASE_URL 106 | value: postgres://{{ .Values.postgresql.postgresqlUsername }}:$(DATABASE_PASSWORD)@{{ template "stellar-horizon.postgresql.fullname" . }}/{{ .Values.postgresql.postgresqlDatabase }}?sslmode=disable 107 | {{- else }} 108 | {{- if .Values.existingDatabase.password }} 109 | - name: DATABASE_PASSWORD 110 | valueFrom: 111 | secretKeyRef: 112 | name: {{ template "stellar-horizon.fullname" . }} 113 | key: databasePassword 114 | {{- else }} 115 | {{- with .Values.existingDatabase.passwordSecret }} 116 | - name: DATABASE_PASSWORD 117 | valueFrom: 118 | secretKeyRef: 119 | name: {{ .name | quote }} 120 | key: {{ .key | quote }} 121 | {{- end }} 122 | {{- end }} 123 | - name: DATABASE_URL 124 | value: {{ .Values.existingDatabase.url }} 125 | {{- end }} 126 | {{- if index .Values "stellar-core" "enabled" }} 127 | - name: STELLAR_CORE_URL 128 | value: http://{{ template "stellar-horizon.stellar-core.fullname" . }}-http:11626 129 | - name: STELLAR_CORE_DATABASE_PASSWORD 130 | valueFrom: 131 | secretKeyRef: 132 | name: {{ template "stellar-horizon.stellar-core.postgresql.fullname" . }} 133 | key: postgresql-password 134 | - name: STELLAR_CORE_DATABASE_URL 135 | value: postgres://postgres:$(STELLAR_CORE_DATABASE_PASSWORD)@{{ template "stellar-horizon.stellar-core.postgresql.fullname" . }}/stellar-core?sslmode=disable 136 | {{- else }} 137 | - name: STELLAR_CORE_URL 138 | value: {{ .Values.existingStellarCore.url }} 139 | {{- with .Values.existingStellarCore.databasePasswordSecret }} 140 | - name: STELLAR_CORE_DATABASE_PASSWORD 141 | valueFrom: 142 | secretKeyRef: 143 | name: {{ .name | quote }} 144 | key: {{ .key | quote }} 145 | {{- end }} 146 | - name: STELLAR_CORE_DATABASE_URL 147 | value: {{ .Values.existingStellarCore.databaseUrl }} 148 | {{- end }} 149 | {{- with .Values.networkPassphrase }} 150 | - name: NETWORK_PASSPHRASE 151 | value: {{ . | quote }} 152 | {{- end }} 153 | {{- with .Values.connectionTimeout }} 154 | - name: CONNECTION_TIMEOUT 155 | value: {{ . | quote }} 156 | {{- end }} 157 | {{- with .Values.historyArchiveUrls }} 158 | - name: HISTORY_ARCHIVE_URLS 159 | value: {{ join "," . }} 160 | {{- end }} 161 | {{- end -}} 162 | -------------------------------------------------------------------------------- /stellar-core/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "stellar-core.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "stellar-core.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "stellar-core.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Create the name of the service account to use 36 | */}} 37 | {{- define "stellar-core.serviceAccountName" -}} 38 | {{- if .Values.serviceAccount.create -}} 39 | {{ default (include "stellar-core.fullname" .) .Values.serviceAccount.name }} 40 | {{- else -}} 41 | {{ default "default" .Values.serviceAccount.name }} 42 | {{- end -}} 43 | {{- end -}} 44 | 45 | {{/* 46 | Create a default fully qualified app name. 47 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 48 | */}} 49 | {{- define "stellar-core.postgresql.fullname" -}} 50 | {{- if .Values.postgresql.fullnameOverride -}} 51 | {{- .Values.postgresql.fullnameOverride | trunc 63 | trimSuffix "-" -}} 52 | {{- else -}} 53 | {{- $name := default "postgresql" .Values.postgresql.nameOverride -}} 54 | {{- if contains $name .Release.Name -}} 55 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 56 | {{- else -}} 57 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 58 | {{- end -}} 59 | {{- end -}} 60 | {{- end -}} 61 | 62 | {{- define "stellar-core.env" -}} 63 | {{- with .Values.existingNodeSeedSecret }} 64 | - name: NODE_SEED 65 | valueFrom: 66 | secretKeyRef: 67 | name: {{ required "name of existingNodeSeedSecret is required" .name | quote }} 68 | key: {{ required "key of existingNodeSeedSecret is required" .key | quote }} 69 | {{- else }} 70 | - name: NODE_SEED 71 | valueFrom: 72 | secretKeyRef: 73 | name: {{ template "stellar-core.fullname" . }} 74 | key: nodeSeed 75 | {{- end }} 76 | {{- if .Values.postgresql.enabled }} 77 | - name: DATABASE_PASSWORD 78 | valueFrom: 79 | secretKeyRef: 80 | name: {{ template "stellar-core.postgresql.fullname" . }} 81 | key: postgresql-password 82 | - name: DATABASE 83 | value: postgresql://dbname={{ .Values.postgresql.postgresqlDatabase }} user={{ .Values.postgresql.postgresqlUsername }} password=$(DATABASE_PASSWORD) host={{ template "stellar-core.postgresql.fullname" . }} connect_timeout={{ .Values.postgresqlConnectTimeout }} 84 | {{- else }} 85 | {{- if .Values.existingDatabase.password }} 86 | - name: DATABASE_PASSWORD 87 | valueFrom: 88 | secretKeyRef: 89 | name: {{ template "stellar-core.fullname" . }} 90 | key: databasePassword 91 | {{- else }} 92 | {{- with .Values.existingDatabase.passwordSecret }} 93 | - name: DATABASE_PASSWORD 94 | valueFrom: 95 | secretKeyRef: 96 | name: {{ .name | quote }} 97 | key: {{ .key | quote }} 98 | {{- end }} 99 | {{- end }} 100 | - name: DATABASE 101 | value: {{ .Values.existingDatabase.url }} 102 | {{- end }} 103 | - name: INITIALIZE_DB 104 | value: {{ .Values.initializeDatabase | quote }} 105 | {{- with .Values.knownPeers }} 106 | - name: KNOWN_PEERS 107 | value: "{{ join "," .}}" 108 | {{- end }} 109 | {{- with .Values.preferredPeerKeys }} 110 | - name: PREFERRED_PEER_KEYS 111 | value: "{{ join "," .}}" 112 | {{- end }} 113 | {{- with .Values.preferredPeers }} 114 | - name: PREFERRED_PEERS 115 | value: "{{ join "," .}}" 116 | {{- end }} 117 | {{- with .Values.nodeNames }} 118 | - name: NODE_NAMES 119 | value: "{{range $index, $element := . }}{{ if gt $index 0 }},{{ end }}{{ $element.publicKey }} {{ $element.name }}{{ end }}" 120 | {{- end }} 121 | {{- with .Values.knownCursors }} 122 | - name: KNOWN_CURSORS 123 | value: "{{ join "," .}}" 124 | {{- end }} 125 | {{- if .Values.unsafeQuorum }} 126 | - name: UNSAFE_QUORUM 127 | value: "true" 128 | {{- end }} 129 | {{- with .Values.quorumSet }} 130 | - name: QUORUM_SET 131 | value: {{ . | toJson | quote }} 132 | {{- end }} 133 | {{- with .Values.history }} 134 | - name: HISTORY 135 | value: {{ . | toJson | quote }} 136 | {{- end }} 137 | - name: INITIALIZE_HISTORY_ARCHIVES 138 | value: {{ .Values.initializeHistoryArchives | quote }} 139 | {{- if .Values.gcloudServiceAccountKey }} 140 | - name: GCLOUD_SERVICE_ACCOUNT_KEY 141 | valueFrom: 142 | secretKeyRef: 143 | name: {{ template "stellar-core.fullname" . }} 144 | key: gcloudServiceAccountKey 145 | {{- end }} 146 | {{- with .Values.nodeIsValidator }} 147 | - name: NODE_IS_VALIDATOR 148 | value: {{ . | quote }} 149 | {{- end }} 150 | {{- with .Values.networkPassphrase }} 151 | - name: NETWORK_PASSPHRASE 152 | value: {{ . | quote }} 153 | {{- end }} 154 | {{- with .Values.catchupComplete }} 155 | - name: CATCHUP_COMPLETE 156 | value: {{ . | quote }} 157 | {{- end }} 158 | {{- with .Values.catchupRecent }} 159 | - name: CATCHUP_RECENT 160 | value: {{ . | quote }} 161 | {{- end }} 162 | {{- with .Values.targetPeerConnections }} 163 | - name: TARGET_PEER_CONNECTIONS 164 | value: {{ . | quote }} 165 | {{- end }} 166 | {{- with .Values.maxAdditionalPeerConnections }} 167 | - name: MAX_ADDITIONAL_PEER_CONNECTIONS 168 | value: {{ . | quote }} 169 | {{- end }} 170 | {{- with .Values.maxPendingConnections }} 171 | - name: MAX_PENDING_CONNECTIONS 172 | value: {{ . | quote }} 173 | {{- end }} 174 | {{- with .Values.maxConcurrentSubprocesses }} 175 | - name: MAX_CONCURRENT_SUBPROCESSES 176 | value: {{ . | quote }} 177 | {{- end }} 178 | {{- range $key, $val := .Values.environment }} 179 | - name: {{ $key }} 180 | value: {{ $val | quote }} 181 | {{- end }} 182 | {{- end -}} 183 | -------------------------------------------------------------------------------- /stellar-horizon/README.md: -------------------------------------------------------------------------------- 1 | # Stellar Horizon 2 | 3 | [Stellar](https://www.stellar.org) is an open-source and distributed payments infrastructure. Stellar Horizon is a HTTP REST API server that allows applications to interact with the Stellar network. Stellar Horizon needs access to a Stellar Core node. For more information see the [Stellar network overview](https://www.stellar.org/developers/guides/get-started/). 4 | 5 | ## Introduction 6 | 7 | This chart bootstraps a [Stellar Horizon](https://github.com/stellar/go/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. By default the deployment includes a PostgreSQL database and a Stellar Core node (which in turn includes another PostgreSQL database). The chart is based on the Kubernetes-ready [Stellar Horizon images provided by SatoshiPay](https://github.com/satoshipay/docker-stellar-horizon/). 8 | 9 | ## Prerequisites 10 | 11 | - Kubernetes 1.8+ with Beta APIs enabled 12 | - PV provisioner support in the underlying infrastructure (Only when persisting data) 13 | 14 | ## Installing the Chart 15 | 16 | To install the chart with the release name `my-release`: 17 | 18 | ```bash 19 | $ helm install --name my-release stable/stellar-horizon 20 | ``` 21 | 22 | ## Configuration 23 | 24 | The following table lists the configurable parameters of the Stellar Horizon chart and their default values. 25 | 26 | | Parameter | Description | Default | 27 | | ----------------------- | --------------------------------------------- | --------------------------------------------- | 28 | | `postgresql.enabled` | Enable PostgreSQL database | `true` | 29 | | `postgresql.postgresDatabase` | PostgreSQL database name | `stellar-core` | 30 | | `postgresql.postgresUser` | PostgreSQL username | `postgres` | 31 | | `postgresql.postgresPassword` | PostgreSQL password | Random password (see PostgreSQL chart) | 32 | | `postgresql.persistence` | PostgreSQL persistence options | See PostgreSQL chart | 33 | | `postgresql.*` | Any PostgreSQL option | See PostgreSQL chart | 34 | | `existingDatabase` | Provide existing database (used if `postgresql.enabled` is `false`) | | 35 | | `existingDatabase.passwordSecret` | Existing secret with the database password | `{name: 'postgresql-horizon', value: 'password'}`| 36 | | `existingDatabase.url` | Existing database URL (use `$(DATABASE_PASSWORD` as the password) | Not set | 37 | | `stellar-core.enabled` | Enable Stellar Core | `true` | 38 | | `stellar-core.nodeSeed` | Node seed for Stellar Core | Not set | 39 | | `stellar-core.*` | Any Stellar Core option, see `stellar-core` chart | | 40 | | `stellar-core.postgresql.*` | Any PostgreSQL option (for Stellar Core) | | 41 | | `existingStellarCore` | Provide existing Stellar Core (used if `stellar-core.enabled` is false)| | 42 | | `existingStellarCore.url` | URL for HTTP admin endpoint of Stellar Core | Not set | 43 | | `existingStellarCore.databaseUrl` | URL for Stellar Core PostgreSQL | Not set | 44 | | `existingStellarCore.databasePasswordSecret` | Existing secret with the Stellar Core PostgreSQL password | `{name: 'postgresql-core', value: 'password'}` | 45 | | `environment` | Additional environment variables for Stellar Horizon | `{}` | 46 | | `image.repository` | `stellar-horizon` image repository | `satoshipay/stellar-horizon` | 47 | | `image.tag` | `stellar-horizon` image tag | `0.14.2` | 48 | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | 49 | | `service.type` | HTTP endpoint service type | `ClusterIP` | 50 | | `service.port` | HTTP endpoint TCP port | `80` | 51 | | `ingress.enabled` | Enable ingress controller resource | `false` | 52 | | `ingress.hosts[0].name` | Hostname to your Horizon installation | `stellar-horizon.local` | 53 | | `ingress.hosts[0].path` | Path within the url structure | `/` | 54 | | `ingress.hosts[0].tlsSecret` | TLS Secret (certificates) | `stellar-horizon.local-tls-secret` | 55 | | `ingress.hosts[0].annotations` | Annotations for this host's ingress record | `[]` | 56 | | `ingress.secrets[0].name` | TLS Secret Name | `nil` | 57 | | `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | 58 | | `ingress.secrets[0].key` | TLS Secret Key | `nil` | 59 | | `resources` | CPU/Memory resource requests/limits | Requests: `512Mi` memory, `100m` CPU | 60 | | `nodeSelector` | Node labels for pod assignment | {} | 61 | | `tolerations` | Toleration labels for pod assignment | [] | 62 | | `affinity` | Affinity settings for pod assignment | {} | 63 | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | 64 | | `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template | 65 | 66 | ## Persistence 67 | 68 | If PostgreSQL is enabled (`postgresql.enabled` is `true`) or if Stellar Core is enabled (`stellar-core.enabled` is `true`), they need to store data and thus this chart creates [Persistent Volumes](http://kubernetes.io/docs/user-guide/persistent-volumes/) by default. Make sure to size them properly for your needs and use an appropriate storage class, e.g. SSDs. 69 | 70 | You can also use existing claims with the `postgresql.persistence.existingClaim` and `stellar-core.persistence.existingClaim` options. 71 | -------------------------------------------------------------------------------- /stellar-core/README.md: -------------------------------------------------------------------------------- 1 | # Stellar Core 2 | 3 | [Stellar](https://www.stellar.org) is an open-source and distributed payments infrastructure. Stellar Core is the software that powers the backbone of the Stellar network and validates and agrees on transactions. For more information see the [Stellar network overview](https://www.stellar.org/developers/guides/get-started/). 4 | 5 | ## Introduction 6 | 7 | This chart bootstraps a [Stellar Core](https://github.com/stellar/stellar-core/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. By default the deployment includes a PostgreSQL database. The chart is based on the Kubernetes-ready [Stellar Core images provided by SatoshiPay](https://github.com/satoshipay/docker-stellar-core/). 8 | 9 | ## Prerequisites 10 | 11 | - You need a node seed to run Stellar Core. If you don't have one you can generate one with the following command: 12 | ```bash 13 | $ docker run --rm -it --entrypoint '' satoshipay/stellar-core stellar-core --genseed 14 | ``` 15 | The output will look like 16 | ``` 17 | Secret seed: SDUFQA7YL3KTWZNKOXX7XXIYU4R5R6JKELMREKHDQOYY2WPUGXFVJN52 18 | Public: GDJFYQK2VFVMQAOFSBM7RVE4I5HCUT7VNWOKSJKGI5JEODIH6F3EM6YX 19 | ``` 20 | The node seed must be kept secret but the public key can (and should) be shared with other Stellar node operators. 21 | - Kubernetes 1.8+ with Beta APIs enabled 22 | - PV provisioner support in the underlying infrastructure (Only when persisting data) 23 | 24 | ## Installing the Chart 25 | 26 | To install the chart with the release name `my-release`: 27 | 28 | ```bash 29 | $ helm install --name my-release stable/stellar-core 30 | ``` 31 | 32 | 🚨 **Warning:** Make sure to use your own node seed, either via setting `nodeSeed` or `existingNodeSeedSecret`. See [prerequisites](#prerequisites) for how to generate a new node seed. 33 | 34 | ## Configuration 35 | 36 | The following table lists the configurable parameters of the Stellar Core chart and their default values. 37 | 38 | | Parameter | Description | Default | 39 | | ----------------------- | --------------------------------------------- | --------------------------------------------- | 40 | | `nodeSeed` | Stellar Core node seed (if `existingNodeSeedSecret` is not set) | Not set | 41 | | `existingNodeSeedSecret` | Existing secret with the node seed (if `nodeSeed` is not set) | Not set | 42 | | `existingNodeSeedSecret.name` | Secret containing the node seed | Not set | 43 | | `existingNodeSeedSecret.key` | Key of the node seed in the secret | Not set | 44 | | `nodeIsValidator` | Should the node participate in SCP? Otherwise it is only observing | `true` | 45 | | `networkPassphrase` | The network this instance should talk to | `Public Global Stellar Network ; September 2015` | 46 | | `catchupRecent` | Number of ledgers to catch up (`0` means minimal catchup) | `0` | 47 | | `maxPeerConnections` | Maximum number of connections to other peers | `50` | 48 | | `knownPeers` | List of hostnames/IPs and ports of peers to connect to initially | Default peers, see `values.yaml` | 49 | | `preferredPeers` | List of hostnames/IPs and ports of peers to stay connected to | Default peers, see `values.yaml` | 50 | | `nodeNames` | List of node public keys and node names | Default node names, see `values.yaml` | 51 | | `nodeNames[].publicKey` | Public key of a node | See above | 52 | | `nodeNames[].name` | Name of a node | See above | 53 | | `quorumSet` | List of quorum set definitions | Default quorum set, see `values.yaml` | 54 | | `quorumSet.thresholdPercent` | Threshold in percent for the quorum set | See above | 55 | | `quorumSet.validators` | List of node names (prefixed with `$$`) or public keys in this set | See above | 56 | | `quorumSet.path` | Path for sub-quorum-sets | See above | 57 | | `history` | Definition for fetching and storing the history of the network | Default history, see `values.yaml` | 58 | | `history.$name.get` | Command for fetching from the history archive | See above | 59 | | `history.$name.put` | Command for storing the history in an archive | See above | 60 | | `initializeHistoryArchives` | Set to `true` if you want history archives to be initialized | `false` | 61 | | `gcloudServiceAccountKey` | Gcloud service account key for `gcloud` flavor | Not set | 62 | | `environment` | Additional environment variables for Stellar Core | `{}` | 63 | | `postgresql.enabled` | Enable PostgreSQL database | `true` | 64 | | `postgresql.postgresDatabase` | PostgreSQL database name | `stellar-core` | 65 | | `postgresql.postgresUser` | PostgreSQL username | `postgres` | 66 | | `postgresql.postgresPassword` | PostgreSQL password | Random password (see PostgreSQL chart) | 67 | | `postgresql.persistence` | PostgreSQL persistence options | See PostgreSQL chart | 68 | | `postgresql.*` | Any PostgreSQL option | See PostgreSQL chart | 69 | | `existingDatabase` | Provide existing database (used if `postgresql.enabled` is `false`)| | 70 | | `existingDatabase.passwordSecret` | Existing secret with the database password | `{name: 'postgresql-core', value: 'password'}` | 71 | | `existingDatabase.url` | Existing database URL (use `$(DATABASE_PASSWORD` as the password) | Not set | 72 | | `image.repository` | `stellar-core` image repository | `satoshipay/stellar-core` | 73 | | `image.tag` | `stellar-core` image tag | `10.0.0-2` | 74 | | `image.flavor` | `stellar-core` flavor (e.g., `aws` or `gcloud`) | Not set | 75 | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | 76 | | `peerService.type` | p2p service type | `LoadBalancer` | 77 | | `peerService.port` | p2p service TCP port | `11625` | 78 | | `peerService.loadBalancerIP` | p2p service load balancer IP | Not set | 79 | | `peerService.externalTrafficPolicy` | p2p service traffic policy | Not set | 80 | | `httpService.type` | Non-public HTTP admin endpoint service type | `ClusterIP` | 81 | | `httpService.port` | Non-public HTTP admin endpoint TCP port | `11626` | 82 | | `persistence.enabled` | Use a PVC to persist data | `true` | 83 | | `persistence.existingClaim` | Provide an existing PersistentVolumeClaim | Not set | 84 | | `persistence.storageClass` | Storage class of backing PVC | Not set (uses alpha storage class annotation) | 85 | | `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` | 86 | | `persistence.annotations` | Persistent Volume annotations | `{}` | 87 | | `persistence.size` | Size of data volume | `8Gi` | 88 | | `persistence.subPath` | Subdirectory of the volume to mount at | `stellar-core` | 89 | | `persistence.mountPath` | Mount path of data volume | `/data` | 90 | | `resources` | CPU/Memory resource requests/limits | Requests: `512Mi` memory, `100m` CPU | 91 | | `nodeSelector` | Node labels for pod assignment | {} | 92 | | `tolerations` | Toleration labels for pod assignment | [] | 93 | | `affinity` | Affinity settings for pod assignment | {} | 94 | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | 95 | | `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template | 96 | 97 | ## Persistence 98 | 99 | Both Stellar Core and PostgreSQL (if `postgresql.enabled` is `true`) need to store data and thus this chart creates [Persistent Volumes](http://kubernetes.io/docs/user-guide/persistent-volumes/) by default. Make sure to size them properly for your needs and use an appropriate storage class, e.g. SSDs. 100 | 101 | You can also use existing claims with the `persistence.existingClaim` and `postgresql.persistence.existingClaim` options. 102 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------