Merge branch 'develop' into feat/http-rpc-refactor

stacks-network · Oct 6, 2023 · 5a41eaa · 5a41eaa
2 parents 9919e10 + dedb06a
commit 5a41eaa
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 12 deletions.
diff --git a/contrib/init/stacks.init b/contrib/init/stacks.init
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-# # Modelled after https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.init
+## Modelled after https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.init
 #
 #  Stacks Blockchain
 #
@@ -41,7 +41,7 @@ stacks_bin=${STACKS_BLOCKCHAIN_BIN-/usr/local/bin/stacks-node}
 stacks_config=${STACKS_BLOCKCHAIN_CONFIG-/etc/stacks-blockchain/Config.toml}
 
 # stacks-blockchain log file default to /var/log/stacks-blockchain.log, override with STACKS_BLOCKCHAIN_LOG
-stacks_log=${STACKS_BLOCKCHAIN_LOG-/stacks-blockchain/output.log}
+stacks_log=${STACKS_BLOCKCHAIN_LOG-/var/log/stacks-blockchain.log}
 # Note: no logrotate is provided, you're encouraged to set something up like the following logrotate file:
 # cat <<EOF> /etc/logrotate.d/stacks-blockchain 
 # /stacks-blockchain/output.log
@@ -110,4 +110,5 @@ case "$1" in
         ;;
 esac
 
-exit $?
+exit $?
+
diff --git a/contrib/init/stacks.service b/contrib/init/stacks.service
@@ -1,4 +1,4 @@
-# # Modeled after https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.service
+## Modeled after https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.service
 
 [Unit]
 Description=Stacks Blockchain
@@ -11,22 +11,19 @@ ConditionPathExists=/etc/stacks-blockchain/Config.toml
 ConditionPathIsDirectory=/stacks-blockchain
 
 [Service]
-#ExecStart=/bin/sh -c "/usr/local/bin/stacks-node start --config=/etc/stacks-blockchain/Config.toml >> /stacks-blockchain/output.log 2>&1"
-ExecStart=/bin/sh -c "/usr/local/bin/stacks-node start --config=/etc/stacks-blockchain/Config.toml"
-ExecStartPost=/bin/sh -c "umask 022; sleep 2 && pgrep -f \"/usr/local/bin/stacks-node start --config=/etc/stacks-blockchain/Config.toml\" > /run/stacks-blockchain/stacks-blockchain.pid"
-ExecStopPost=/bin/sh -c "if [ -f \"/run/stacks-blockchain/stacks-blockchain.pid\" ]; then rm -f /run/stacks-blockchain/stacks-blockchain.pid; fi"
+ExecStart=/usr/local/bin/stacks-node start --config=/etc/stacks-blockchain/Config.toml
 
 # Make sure the config directory is readable by the service user
 PermissionsStartOnly=true
-#ExecStartPre=/bin/chgrp stacks /etc/stacks-blockchain/
+ExecStartPre=/bin/chgrp stacks /etc/stacks-blockchain/
 
 # Process management
 ####################
-Type=simple
 PIDFile=/run/stacks-blockchain/stacks-blockchain.pid
 Restart=no
 TimeoutStopSec=600
-KillSignal=SIGTERM
+KillSignal=SIGINT
+SendSIGKILL=no
 
 # Directory creation and permissions
 ####################################
@@ -38,6 +35,10 @@ Group=stacks
 RuntimeDirectory=stacks-blockchain
 RuntimeDirectoryMode=0710
 
+# /etc/stacks-blockchain
+ConfigurationDirectory=stacks-blockchain
+ConfigurationDirectoryMode=0710
+
 # Hardening measures
 ####################
 
@@ -58,5 +59,10 @@ NoNewPrivileges=true
 # such as /dev/null, /dev/zero and /dev/random.
 PrivateDevices=true
 
+# Deny the creation of writable and executable memory mappings.
+MemoryDenyWriteExecute=true
+SystemCallArchitectures=native
+
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target
+