No description, website, or topics provided.
Branch: master
Clone or download

README.md

Politeia

Build Status ISC License

Politeia is the Decred proposal system. Politeia is a system for storing off-chain data that is both versioned and timestamped, essentially “git, a popular revision control system, plus timestamping”. Instead of attempting to store all the data related to Decred’s governance on-chain, we have opted to create an off-chain store of data that is anchored into Decred’s blockchain, minimizing its on-chain footprint.

The politeia stack is as follows:

~~~~~~~~ Internet ~~~~~~~~~
            |
+-------------------------+
|      politeia www       |
+-------------------------+
            |
+-------------------------+
|        politeiad        |
+-------------------------+
|       git backend       |
+-------------------------+
            |
~~~~~~~~ Internet ~~~~~~~~~
            |
+-------------------------+
|        dcrtimed         |
+-------------------------+

Components

Core components

  • politeiad - Reference server daemon.
  • politeiawww - Web backend server; depends on politeiad.

Tools and reference clients

Note: politeiawww does not provide HTML output. It strictly handles the JSON REST RPC commands only. The GUI for politeiawww can be found at: https://github.com/decred/politeiagui

Development

1. Install Go version 1.11 or higher, and Git.

Make sure each of these are in the PATH.

2. Clone this repository.

3. Setup configuration files:

politeiad and politeiawww both have configuration files that you should set up to make execution easier. You should create the configuration files under the following paths:

  • macOS

    /Users/<username>/Library/Application Support/Politeiad/politeiad.conf
    /Users/<username>/Library/Application Support/Politeiawww/politeiawww.conf
    
  • Windows

    C:\Users\<username>\AppData\Local\Politeiad/politeiad.conf
    C:\Users\<username>\AppData\Local\Politeiawww/politeiawww.conf
    
  • Ubuntu

    ~/.politeiad/politeiad.conf
    ~/.politeiawww/politeiawww.conf
    

Copy and change the sample-politeiawww.conf and sample-politeiad.conf files.

You can also use the following default configurations:

politeiad.conf:

rpcuser=user
rpcpass=pass
testnet=true
cachehost=localhost:26257
enablecache=true
cacherootcert="~/.cockroachdb/certs/ca.crt"
cachecertdir="~/.cockroachdb/certs"

politeiawww.conf:

rpchost=127.0.0.1
rpcuser=user
rpcpass=pass
rpccert="~/.politeiad/https.cert"
testnet=true
paywallxpub=tpubVobLtToNtTq6TZNw4raWQok35PRPZou53vegZqNubtBTJMMFmuMpWybFCfweJ52N8uZJPZZdHE5SRnBBuuRPfC5jdNstfKjiAs8JtbYG9jx
paywallamount=10000000
cachehost=localhost:26257
cacherootcert="~/.cockroachdb/certs/ca.crt"
cachecertdir="~/.cockroachdb/certs"

Things to note:

  • The rpccert path is referencing a macOS path. See above for more OS paths.

  • politeiawww uses an email server to send verification codes for things like new user registration, and those settings are also configured within politeiawww.conf. The current code should work with most SSL-based SMTP servers (but not TLS) using username and password as authentication.

4. Setup CockroachDB or Postgres:

politeiad stores proposal data in git repositories that are regularly backed up to github and cryptographically timestamped onto the Decred blockchain. The politeiad git repositories serve as the source of truth for proposal data. In order to increase performance, a CockroachDB database acts as a cache for proposal data.

The cache is not required if you're running just politeiad. politeiad has the cache disable by default. If you're running the full politeia stack, politeiad and politeiawww, running the cache is required.

politeiad has read and write access to the cache. politeiawww has only read access to the cache. The flow of data is as follows:

  1. politeiawww receives a command from a user
  2. politeiawww creates a politeiad request for the command and sends it
  3. politeiad writes the command data to the git repository and updates the cache
  4. politeiad returns a response to politeiawww
  5. politeiawww reads the cache if needed
  6. politeiawww returns a response to the user

We use CockroachDB for the cache in the instructions below. CockroachDB is built to be compatible with Postgres so you can use Postgres for the cache if you so choose. Using Postgres for the cache has not been thoroughly tested and bugs may exist.

Install CockroachDB using the instructions found in the CockroachDB Documentation.

Run the following commands to create the CockroachDB certificates required for running the cache locally. It's ok if the directory ~/.cockroachdb does not exist yet. The script will create it. The directory that you pass into the script must be the same cockroachdb directory that you use in the politeiad and politeiawww config files when specifying cacherootcert and cachecertdir.

cd $GOPATH/src/github.com/decred/politeia
./cockroachsetup.sh ~/.cockroachdb

You can now start CockroachDB using the command below. Politeia requires that CockroachDB be running.

cockroach start \
  --certs-dir=${HOME}/.cockroachdb/certs \
  --listen-addr=localhost \
  --store=${HOME}/.cockroachdb/data

If you want to run database commands manually you can do so by opening a sql shell.

cockroach sql \
  --certs-dir=${HOME}/.cockroachdb/certs \
  --host localhost \

5. Build the programs:

Go 1.11 introduced modules, a new dependency management approach, that obviates the need for third party tooling such as dep.

Usage is simple and nothing is required except Go 1.11. If building in a folder under GOPATH, it is necessary to explicitly build with modules enabled:

cd $GOPATH/src/github.com/decred/politeia
export GO111MODULE=on
go install -v ./...

If building outside of GOPATH, modules are automatically enabled, and go install is sufficient.

go install -v ./...

The go tool will process the source code and automatically download dependencies. If the dependencies are configured correctly, there will be no modifications to the go.mod and go.sum files.

6. Start the politeiad server by running on your terminal:

politeiad

7. Download politeiad's identity to politeiawww:

politeiawww --fetchidentity

Accept politeiad's identity by pressing Enter.

The result should look something like this:

2018-08-01 22:48:48.468 [INF] PWWW: Identity fetched from politeiad
2018-08-01 22:48:48.468 [INF] PWWW: Key        : 331819226de0270d0c997749ce9f2b56bc5aed110f57faef8d381129e7ee6d26
2018-08-01 22:48:48.468 [INF] PWWW: Fingerprint: MxgZIm3gJw0MmXdJzp8rVrxa7REPV/rvjTgRKefubSY=
2018-08-01 22:48:48.468 [INF] PWWW: Save to /Users/<username>/Library/Application Support/Politeiawww/identity.json or ctrl-c to abort

2018-08-01 22:49:53.929 [INF] PWWW: Identity saved to: /Users/<username>/Library/Application Support/Politeiawww/identity.json

8. Start the politeiawww server by running on your terminal:

politeiawww

Awesome! Now you have your Politeia servers up and running!

At this point, you can:

  • Follow the instructions at decred/politeiagui to setup Politeia and access it through the UI.
  • Use the politeiawwwcli tool to interact with politeiawww.
  • Use the politeia tool to interact directly with politeiad.
  • Use any other tools or clients that are listed above.

Further information

Paywall

This politeiawww feature prevents users from submitting new proposals and comments until a payment in DCR has been paid. By default, it needs a transaction with 2 confirmations to accept the payment.

Setting up the paywall requires a master public key for an account to derive payment addresses. You may either use one of the pre-generated test keys (see sample-politeiawww.conf) or you may acquire one by creating accounts and retrieving the public keys for those accounts:

Put the result of the following command as paywallxpub=tpub... in politeiawww.conf:

dcrctl --wallet --testnet createnewaccount politeiapayments
dcrctl --wallet --testnet getmasterpubkey politeiapayments

If running with paywall enabled on testnet, it's possible to change the minimum blocks required for accept the payment by setting minconfirmations flag for politeiawww:

politeiawww --minconfirmations=1
Paywall with politeiawww_refclient

When using politeiawww_refclient, the -use-paywall flag is true by default. When running the refclient without the paywall, set -use-paywall=false, but note that it will not be possible to test new proposals and comments or the admin flag.

  • To test the admin flow:
  • Run the refclient once with paywall enabled and make the payment.
  • Stop politeiawww.
  • Set the user created in the first refclient execution as admin with politeiawww_dbutil.
  • Run refclient again with the email and password flags set to the user created in the first refclient execution.

Rebuilding the Cache

The cache will be built automatically on initial startup of politeiad and when the cache version has changed, but there may also be times during development that you want to force the cache to rebuild. You can do this by using the --buildcache flag when starting politeiad. This will drop all current tables from the cache, re-create the tables, then populate the cache with the data that is in the politeiad git repositories.

Integrated Projects / External APIs / Official URLs

Library and interfaces

  • politeiad/api/v1 - JSON REST API for politeiad clients.
  • politeiawww/api/v1 - JSON REST API for politeiawww clients.
  • util - common used miscellaneous utility functions.

Misc

nginx reverse proxy sample (testnet)

# politeiawww
location /api/ {
	# disable caching
	expires off;

	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_bypass_cache $http_upgrade;

	proxy_http_version 1.1;
	proxy_ssl_trusted_certificated /path/to/politeiawww.crt;
	proxy_ssl_verify on;
	proxy_pass https://test-politeia.domain.com:4443/;
}

# politeiagui
location / {
	# redirect not found
	error_page 404 =200 /;
	proxy_intercept_errors on;

	# disable caching
	expires off;

	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_http_version 1.1;

	# backend
	proxy_pass http://127.0.0.1:8000;
}