feat: Add lighthouse recipe

recipes-core/images/cvm-initramfs.bbappend

@@ -1 +1 @@
-PACKAGE_INSTALL:append = " dropbear searcher-ssh-key ssh-pubkey-server su-restriction disk-encryption"
+PACKAGE_INSTALL:append = " dropbear searcher-ssh-key ssh-pubkey-server su-restriction disk-encryption lighthouse"

recipes-core/lighthouse/init

@@ -0,0 +1,141 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          lighthouse
+# Required-Start:    $network $remote_fs fetch-config
+# Required-Stop:     $network $remote_fs
+# Default-Start:     5
+# Default-Stop:      0 1 6
+# Short-Description: Lighthouse Beacon Node
+# Description:       Start and stop the lighthouse daemon
+### END INIT INFO
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/bin/lighthouse
+NAME=lighthouse
+DESC="Lighthouse Beacon Node"
+PIDFILE=/var/run/lighthouse.pid
+PIDFILE_MONITOR=/var/run/lighthouse_monitor.pid
+LOGFILE=/var/log/lighthouse.log
+LOGFILE_MONITOR=/var/log/lighthouse_monitor.log
+LIGHTHOUSE_USER=lighthouse
+ETH_GROUP=eth
+LIGHTHOUSE_DIR=/persistent/lighthouse
+SUGGESTED_FEE_RECIPIENT=0x000000000000000000000000000000000000dead
+JWT_SECRET_FILE=/var/volatile/jwt.hex
+
+monitor_and_restart() {
+    while true; do
+        if ! pgrep -f "$DAEMON" > /dev/null; then
+            echo "$(date): $DESC crashed. Restarting in 10 seconds..." >> ${LOGFILE_MONITOR}
+            sleep 10
+            start_lighthouse
+        fi
+        sleep 5
+    done
+}
+
+start_lighthouse() {
+		start-stop-daemon -S --make-pidfile -p $PIDFILE -c $LIGHTHOUSE_USER:$ETH_GROUP -N -10 -b -a /bin/sh -- -c "exec ${DAEMON} \
+		bn \
+		--eth1 \
+		--checkpoint-sync-url https://mainnet.checkpoint.sigp.io \
+		--execution-endpoint http://localhost:8551 \
+		--execution-jwt $JWT_SECRET_FILE \
+		--suggested-fee-recipient ${SUGGESTED_FEE_RECIPIENT} \
+		--http-allow-sync-stalled \
+		--disable-deposit-contract-sync \
+		--http \
+		--port 9000 \
+		--http-port 3500 \
+		--metrics \
+		--metrics-address 127.0.0.1 \
+		--metrics-port 5054 \
+		--datadir "$LIGHTHOUSE_DIR" \
+		2>&1 | tee ${LOGFILE}"
+}
+
+start() {
+    echo -n "Starting $DESC: "
+    echo "Starting $DESC" > /var/volatile/system-api.fifo
+
+    # Ensure the lighthouse log exists and has correct permissions
+    touch $LOGFILE
+    chown $LIGHTHOUSE_USER:$ETH_GROUP $LOGFILE
+
+    # Ensure the LIGHTHOUSE_DIR exists and has correct permissions
+    install -d -m 0770 -o $LIGHTHOUSE_USER -g $ETH_GROUP $LIGHTHOUSE_DIR
+
+    # Remount /var/volatile with increased size
+    mount -o remount,size=90% /var/volatile
+
+    # Generate a random JWT secret and save it to the file
+    if [ ! -f $JWT_SECRET_FILE ]; then
+        openssl rand -hex 32 | tr -d "\n" | tee $JWT_SECRET_FILE > /dev/null
+        chown ${LIGHTHOUSE_USER}:${ETH_GROUP} $JWT_SECRET_FILE
+        chmod 640 $JWT_SECRET_FILE
+    fi
+
+    start_lighthouse
+    echo "$NAME."
+
+    # Start the monitor in the background
+    monitor_and_restart &
+    echo $! > $PIDFILE_MONITOR
+}
+
+stop() {
+    echo "Stopping $NAME"
+    echo "Stopping $NAME" > /var/volatile/system-api.fifo
+
+    local services="lighthouse monitor"
+    for service in $services; do
+        local pidfile_var="PIDFILE"
+        [ "$service" = "monitor" ] && pidfile_var="PIDFILE_MONITOR"
+
+        local pidfile=$(eval echo \$$pidfile_var)
+
+        echo "Stopping $service"
+        if [ -f "$pidfile" ]; then
+            local pid=$(cat "$pidfile")
+            local pids="$pid $(pgrep -P $pid)"
+
+            # Send SIGTERM to all processes
+            kill -TERM $pids 2>/dev/null
+
+            # Wait for processes to terminate
+            for i in $(seq 1 5); do
+                if ! kill -0 $pids 2>/dev/null; then
+                    break
+                fi
+                sleep 1
+            done
+
+            # Send SIGKILL to any remaining processes
+            kill -KILL $pids 2>/dev/null
+
+            rm -f "$pidfile"
+            echo "$service stopped"
+        else
+            echo "$pidfile not found, $service may not be running"
+        fi
+    done
+}
+
+case "$1" in
+  start)
+        start
+        ;;
+  stop)
+        stop
+        ;;
+  restart|reload)
+        stop
+        start
+        ;;
+  *)
+	N=/etc/init.d/$NAME
+	echo "Usage: $N {start|stop|restart|reload}" >&2
+	exit 1
+	;;
+esac
+exit 0

recipes-core/lighthouse/lighthouse.inc

@@ -0,0 +1,129 @@
+SUMMARY = "Lighthouse"
+DESCRIPTION = "Lighthouse is an Ethereum consensus client written in Rust"
+HOMEPAGE = "https://lighthouse.sigmaprime.io/"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=139bc4b5f578ecacea78dc7b7ad3ed3c"
+
+# Inherit the cargo_bin class to handle Rust/Cargo builds
+# Inherit the update-rc.d class to install the service as a system service
+# Inherit the useradd class to create a system user for the lighthouse service
+inherit cargo_bin update-rc.d useradd
+
+# Define dependencies
+DEPENDS += "openssl-native zlib-native postgresql eth-group"
+
+# Add the eth-group runtime dependency
+RDEPENDS:${PN} += "disk-encryption render-config eth-group cvm-reverse-proxy-server cvm-reverse-proxy-client"
+
+# Add the useradd task to create a system user for the lighthouse service
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM:${PN} = "-r -s /bin/false -G eth lighthouse"
+
+# Add the init script to the source URI
+SRC_URI += "file://init"
+# Set the name of the init script
+INITSCRIPT_NAME = "lighthouse"
+# Set the init script parameters (run at boot time with default priority at order level 95)
+INITSCRIPT_PARAMS = "defaults 95"
+
+# Set the source directory
+S = "${WORKDIR}/git"
+
+# Specify the toolchain to use
+TOOLCHAIN = "clang"
+
+# Rust flags for build configuration
+# Disable CPU-specific optimizations for better portability
+RUSTFLAGS += "-C target-cpu=generic"
+
+# Disable Link Time Optimization
+RUSTFLAGS += "-C lto=off"
+
+# Add zlib and PostgreSQL to the linker flags
+RUSTFLAGS += "-L ${STAGING_LIBDIR_NATIVE} -l z -l pq"
+
+# Flags for reproducible builds
+# Compress debug sections
+RUSTFLAGS += "-C link-arg=-Wl,--compress-debug-sections=zlib"
+# Remove build ID for better reproducibility
+RUSTFLAGS += "-C link-arg=-Wl,--build-id=none"
+# Use a consistent symbol mangling version
+RUSTFLAGS += "-C symbol-mangling-version=v0"
+# Remap the build path to a generic path
+RUSTFLAGS += "--remap-path-prefix=${WORKDIR}=/usr/src/lighthouse"
+
+# Cargo profile settings for release builds
+# Optimize for size
+CARGO_PROFILE_RELEASE_OPT_LEVEL = "z"
+# Use a single codegen unit for better optimization
+CARGO_PROFILE_RELEASE_CODEGEN_UNITS = "1"
+# Abort on panic for smaller binary size
+CARGO_PROFILE_RELEASE_PANIC = "abort"
+# Disable incremental compilation for reproducibility
+CARGO_PROFILE_RELEASE_INCREMENTAL = "false"
+
+# Set Cargo home directory
+CARGO_HOME = "${WORKDIR}/cargo_home"
+export CARGO_HOME
+
+# Define the target subdirectory for Cargo build artifacts
+CARGO_TARGET_SUBDIR = "x86_64-unknown-linux-gnu/release"
+
+# Python function to set SOURCE_DATE_EPOCH for reproducible builds
+python do_set_source_date_epoch() {
+    import subprocess
+    import time
+
+    # Get the commit date of the latest commit
+    cmd = f"git -C {d.getVar('S')} log -1 --pretty=%ct"
+    commit_date = subprocess.check_output(cmd, shell=True).decode('utf-8').strip()
+
+    # Set SOURCE_DATE_EPOCH to the commit date
+    d.setVar('SOURCE_DATE_EPOCH', commit_date)
+
+    # Log the date for debugging
+    human_date = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime(int(commit_date)))
+    bb.note(f"Set SOURCE_DATE_EPOCH to {commit_date} ({human_date} UTC)")
+}
+
+# Add the source date epoch task to run after unpacking and before compiling
+addtask set_source_date_epoch after do_unpack before do_compile
+
+# Allow network access during compilation (needed for cargo to fetch dependencies)
+do_compile[network] = "1"
+
+# Set environment variables before compilation
+do_compile:prepend() {
+    # Use system git for fetching
+    export CARGO_NET_GIT_FETCH_WITH_CLI=true
+    # Configure OpenSSL
+    export OPENSSL_STATIC=1
+    export OPENSSL_DIR="${STAGING_DIR_NATIVE}/usr"
+    # Configure zlib
+    export ZLIB_DIR="${STAGING_DIR_NATIVE}/usr"
+    # Configure PostgreSQL
+    export PQ_LIB_DIR="${STAGING_LIBDIR_NATIVE}"
+    export PQ_INCLUDE_DIR="${STAGING_INCDIR_NATIVE}"
+}
+
+# Additional Cargo build arguments
+EXTRA_OECARGO_BUILDARGS += "--features modern,postgres --frozen"
+
+# Installation task
+do_install() {
+    # Create the binary directory in the target root filesystem
+    install -d ${D}${bindir}
+    # Install the lighthouse binary
+    install -m 0755 ${B}/${CARGO_TARGET_SUBDIR}/lighthouse ${D}${bindir}/lighthouse
+    # Create the init script directory in the target root filesystem
+    install -d ${D}${sysconfdir}/init.d
+    # Install the init script
+    install -m 0755 ${THISDIR}/init ${D}${sysconfdir}/init.d/lighthouse
+}
+
+# Ensure do_install task is re-run if CARGO_TARGET_SUBDIR changes
+do_install[vardeps] += "CARGO_TARGET_SUBDIR"
+
+# Define the files to be included in the package
+FILES:${PN} += "${bindir}/lighthouse"
+FILES:${PN} += "${sysconfdir}/init.d/lighthouse"

recipes-core/lighthouse/lighthouse_v5.3.0.bb

@@ -0,0 +1,4 @@
+include lighthouse.inc
+
+SRC_URI = "git://github.com/sigp/lighthouse;protocol=https;branch=stable"
+SRCREV = "v5.3.0"