feat: initialize Kurdistan SDK - independent fork of Polkadot SDK

2025-12-13 15:44:15 +03:00
commit 286de54384
6841 changed files with 1848356 additions and 0 deletions
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+set -e
+
+action="$1"
+config_file="/etc/default/polkadot"
+
+if [ "$action" = "configure" ]; then
+  # Make user and group
+  getent group polkadot >/dev/null 2>&1 || addgroup --system polkadot
+  getent passwd polkadot >/dev/null 2>&1 ||
+    adduser --system --home /home/polkadot --disabled-password \
+    --ingroup polkadot polkadot
+  if [ ! -e "$config_file" ]; then
+    echo 'POLKADOT_CLI_ARGS=""' > /etc/default/polkadot
+  fi
+fi
@@ -0,0 +1,38 @@
+[Unit]
+Description=Polkadot Node
+After=network.target
+Documentation=https://github.com/pezkuwichain/pezkuwichain-sdk
+
+[Service]
+EnvironmentFile=-/etc/default/polkadot
+ExecStart=/usr/bin/polkadot $POLKADOT_CLI_ARGS
+User=polkadot
+Group=polkadot
+Restart=always
+RestartSec=120
+CapabilityBoundingSet=
+LockPersonality=true
+NoNewPrivileges=true
+PrivateDevices=true
+PrivateMounts=true
+PrivateTmp=true
+PrivateUsers=true
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHostname=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectSystem=strict
+RemoveIPC=true
+RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
+RestrictNamespaces=false
+RestrictSUIDSGID=true
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallFilter=landlock_add_rule landlock_create_ruleset landlock_restrict_self seccomp mount umount2
+SystemCallFilter=~@clock @module @reboot @swap @privileged
+SystemCallFilter=pivot_root
+UMask=0027
+
+[Install]
+WantedBy=multi-user.target
@@ -0,0 +1,33 @@
+#!/bin/sh
+# Post-install script for RPM package
+
+set -e
+
+config_file="/etc/default/pezkuwi"
+
+# Create pezkuwi group if it doesn't exist
+getent group pezkuwi >/dev/null || groupadd -r pezkuwi
+
+# Create pezkuwi user if it doesn't exist
+getent passwd pezkuwi >/dev/null || \
+    useradd -r -g pezkuwi -d /home/pezkuwi -m -s /sbin/nologin \
+    -c "User account for running pezkuwi as a service" pezkuwi
+
+# Create default config file if it doesn't exist
+if [ ! -e "$config_file" ]; then
+    echo 'PEZKUWI_CLI_ARGS=""' > "$config_file"
+fi
+
+# Set correct permissions for binaries and service files
+echo "Setting file permissions..."
+chmod 755 /usr/bin/pezkuwi || true
+chmod 755 /usr/lib/pezkuwi || true
+chmod 755 /usr/lib/pezkuwi/* || true
+chmod 644 /usr/lib/systemd/system/pezkuwi.service || true
+
+# Reload systemd daemon to recognize the new service
+if command -v systemctl >/dev/null 2>&1; then
+    systemctl daemon-reload || true
+fi
+
+exit 0
@@ -0,0 +1,14 @@
+#!/bin/sh
+# Post-uninstall script for RPM package
+
+set -e
+
+# Reload systemd after service file removal (but not on upgrade)
+if [ "$1" = "0" ]; then
+    # $1 = 0 means uninstall (not upgrade)
+    if command -v systemctl >/dev/null 2>&1; then
+        systemctl daemon-reload || true
+    fi
+fi
+
+exit 0
@@ -0,0 +1,15 @@
+#!/bin/sh
+# Pre-uninstall script for RPM package
+
+set -e
+
+# Stop and disable the service before uninstall (but not on upgrade)
+if [ "$1" = "0" ]; then
+    # $1 = 0 means uninstall (not upgrade)
+    if command -v systemctl >/dev/null 2>&1; then
+        systemctl --no-reload disable pezkuwi.service || true
+        systemctl stop pezkuwi.service || true
+    fi
+fi
+
+exit 0