Add deb and RPM repository config and documentation (#1676)

Co-authored-by: Parity Releases <releases@parity.io>
Co-authored-by: Demi Marie Obenour <demiobenour@gmail.com>

polkadot/scripts/packaging/deb-maintainer-scripts/postinst

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+set -e
+
+action="$1"
+config_file="/etc/default/polkadot"
+
+if [ "$action" = "configure" ]; then
+  # Make user and group
+  getent group polkadot >/dev/null 2>&1 || addgroup --system polkadot
+  getent passwd polkadot >/dev/null 2>&1 ||
+    adduser --system --home /home/polkadot --disabled-password \
+    --ingroup polkadot polkadot
+  if [ ! -e "$config_file" ]; then
+    echo 'POLKADOT_CLI_ARGS=""' > /etc/default/polkadot
+  fi
+fi

polkadot/scripts/packaging/polkadot.service

@@ -0,0 +1,38 @@
+[Unit]
+Description=Polkadot Node
+After=network.target
+Documentation=https://github.com/paritytech/polkadot
+
+[Service]
+EnvironmentFile=-/etc/default/polkadot
+ExecStart=/usr/bin/polkadot $POLKADOT_CLI_ARGS
+User=polkadot
+Group=polkadot
+Restart=always
+RestartSec=120
+MemoryHigh=5400M
+MemoryMax=5500M
+CapabilityBoundingSet=
+LockPersonality=true
+NoNewPrivileges=true
+PrivateDevices=true
+PrivateMounts=true
+PrivateTmp=true
+PrivateUsers=true
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHostname=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectSystem=strict
+RemoveIPC=true
+RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
+RestrictNamespaces=true
+RestrictSUIDSGID=true
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallFilter=~@clock @module @mount @reboot @swap @privileged
+UMask=0027
+
+[Install]
+WantedBy=multi-user.target