Merge pull request #107 from ArseniiPetrovich/upd2
User experience improvement PR
This commit is contained in:
commit
d7e4d5188e
|
@ -7,6 +7,7 @@ roles/main_infra/files/remote-backend-selector.tf
|
|||
roles/main_infra/files/terraform.tfvars
|
||||
roles/main_infra/files/hosts.tf
|
||||
roles/main_infra/files/routing.tf
|
||||
roles/main_infra/files/provider.tf
|
||||
*.backup
|
||||
|
||||
# Sensitive information
|
||||
|
|
33
Makefile
33
Makefile
|
@ -1,33 +0,0 @@
|
|||
.PHONY: help
|
||||
|
||||
IMAGE_NAME ?= poa-aws
|
||||
INFRA_PREFIX ?= poa-example
|
||||
KEY_PAIR ?= poa
|
||||
|
||||
help:
|
||||
@echo "$(IMAGE_NAME)"
|
||||
@perl -nle'print $& if m{^[a-zA-Z_-]+:.*?## .*$$}' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
|
||||
|
||||
check: lint ## Run linters and validation
|
||||
@bin/infra precheck
|
||||
@terraform validate -var-file=ignore.tfvars base
|
||||
@if [ -f main.tfvars ]; then \
|
||||
terraform validate \
|
||||
-var='db_password=foo' \
|
||||
-var='new_relic_app_name=foo' \
|
||||
-var='new_relic_license_key=foo' \
|
||||
-var-file=main.tfvars main; \
|
||||
fi
|
||||
@rm ignore.tfvars
|
||||
|
||||
format: ## Apply canonical formatting to Terraform files
|
||||
@terraform fmt
|
||||
|
||||
lint: shellcheck check-format ## Lint scripts and config files
|
||||
|
||||
check-format:
|
||||
@terraform fmt -check=true
|
||||
|
||||
shellcheck:
|
||||
@shellcheck --shell=bash bin/infra
|
||||
@shellcheck --shell=bash modules/stack/libexec/init.sh
|
|
@ -1,19 +0,0 @@
|
|||
version: 0.0
|
||||
os: linux
|
||||
files:
|
||||
- source: .
|
||||
destination: /opt/app
|
||||
hooks:
|
||||
ApplicationStop:
|
||||
- location: bin/stop.sh
|
||||
timeout: 300
|
||||
AfterInstall:
|
||||
- location: bin/build.sh
|
||||
ApplicationStart:
|
||||
- location: bin/migrate.sh
|
||||
timeout: 300
|
||||
- location: bin/start.sh
|
||||
timeout: 3600
|
||||
ValidateService:
|
||||
- location: bin/health_check.sh
|
||||
timeout: 3600
|
|
@ -9,7 +9,3 @@
|
|||
- name: "confirmation"
|
||||
prompt: "Are you sure you want to attach the existing RDS? If backend variable is set to True, this action includes creating the S3 and DynamoDB table for storing Terraform state files."
|
||||
default: False
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
|
|
@ -5,7 +5,3 @@
|
|||
- { role: s3, when: "backend|bool == true" }
|
||||
- { role: dynamodb, when: "backend|bool == true" }
|
||||
- { role: main_infra }
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
|
|
@ -2,10 +2,6 @@
|
|||
hosts: localhost
|
||||
roles:
|
||||
- { role: s3, when: "backend|bool == true" }
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
||||
- name: Deploy BlockScout
|
||||
hosts: localhost
|
||||
|
|
|
@ -6,7 +6,3 @@
|
|||
- name: "confirmation"
|
||||
prompt: "Are you sure you want to destroy all the infra?"
|
||||
default: False
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
|
|
@ -3,9 +3,11 @@ ansible_python_interpreter: "/usr/bin/python3"
|
|||
|
||||
# Common variables
|
||||
|
||||
## Credentials to connect to AWS
|
||||
aws_access_key: ""
|
||||
aws_secret_key: ""
|
||||
## Credentials to connect to AWS. Either keypair or CLI profile name should be specified. If nothing is specified, the default AWS keypair is used. Region must be specified in all the cases.
|
||||
#aws_access_key: ""
|
||||
#aws_secret_key: ""
|
||||
#aws_profile: ""
|
||||
aws_region: "us-east-1"
|
||||
|
||||
## If set to true backend will be uploaded and stored at S3 bucket, so you can easily manage your deployment from any machine. It is highly recommended to do not change this variable
|
||||
backend: true
|
||||
|
@ -19,7 +21,7 @@ bucket: "poa-terraform-state"
|
|||
## All resources will be prefixed with this one
|
||||
prefix: "poa"
|
||||
|
||||
## This variable represents network RPC endpoint:
|
||||
## This dictionary represents a set of environment variables required for each chain. Variables that commented out are optional.
|
||||
chain_custom_environment:
|
||||
core:
|
||||
NETWORK: "(POA)" # Name of the organization/community that hosts the chain
|
||||
|
@ -32,38 +34,34 @@ chain_custom_environment:
|
|||
ETHEREUM_JSONRPC_WS_URL: "ws://localhost:8546" # Network RPC endpoint in websocket mode
|
||||
NETWORK_PATH: "/poa/core" # relative URL path, for example: blockscout.com/$NETWORK_PATH
|
||||
SECRET_KEY_BASE: "TPGMvGK0iIwlXBQuQDA5KRqk77VETbEBlG4gAWeb93TvBsYAjvoAvdODMd6ZeguPwf2YTRY3n7uvxXzQP4WayQ==" # Secret key for production assets protection. Use `mix phx.gen.secret` or `openssl rand -base64 64 | tr -d '\n'` to generate
|
||||
#CHECK_ORIGIN: "false" # Used to check the origin of requests when the origin header is present
|
||||
PORT: 4000 # Port the application runs on
|
||||
COIN: "POA" # Coin name at the Coinmarketcap, used to display current exchange rate
|
||||
#METADATA_CONTRACT: # Address of metadata smart contract. Used by POA Network to obtain Validators information to display in the UI
|
||||
#VALIDATORS_CONTRACT: #Address of the EMission Fund smart contract
|
||||
#SUPPLY_MODULE: "false" # Used by the xDai Chain to calculate the total supply of the chain
|
||||
#SOURCE_MODULE: "false" # Used to calculate the total supply
|
||||
#DATABASE_URL: # Database URL. Usually generated automatically, but this variable can be used to modify the URL of the databases during the updates.
|
||||
POOL_SIZE: 20 # Defines the number of database connections allowed
|
||||
ECTO_USE_SSL: "false" # Specifies whether or not to use SSL on Ecto queries
|
||||
ALB_SSL_POLICY: "ELBSecurityPolicy-2016-08" #SSL policy for Load Balancer. Required if ECTO_USE_SSL is set to true
|
||||
ALB_CERTIFICATE_ARN: "arn:aws:acm:us-east-1:290379793816:certificate/6d1bab74-fb46-4244-aab2-832bf519ab24" #ARN of the certificate to attach to the LB. Required if ECTO_USE_SSL is set to
|
||||
true
|
||||
#DATADOG_HOST: # Host configuration variable for Datadog integration
|
||||
#DATADOG_PORT: # Port configuration variable for Datadog integration
|
||||
#SPANDEX_BATCH_SIZE: # Spandex and Datadog configuration setting.
|
||||
#SPANDEX_SYNC_THRESHOLD: # Spandex and Datadog configuration setting.
|
||||
HEART_BEAT_TIMEOUT: 30 # Heartbeat is an Erlang monitoring service that will restart BlockScout if it becomes unresponsive. This variables configures the timeout before Blockscout will be restarted.
|
||||
HEART_COMMAND: "sudo systemctl restart explorer.service" # This variable represents a command that is used to restart the service
|
||||
BLOCKSCOUT_VERSION: "v1.3.9-beta" # Added to the footer to signify the current BlockScout version
|
||||
BLOCKSCOUT_VERSION: "v1.3.11-beta" # Added to the footer to signify the current BlockScout version
|
||||
RELEASE_LINK: "https://github.com/poanetwork/blockscout/releases/tag/v1.3.9-beta" # The link to Blockscout release notes in the footer.
|
||||
ELIXIR_VERSION: "v1.8.1" # Elixir version to install on the node before Blockscout deploy
|
||||
BLOCK_TRANSFORMER: "base" # Transformer for blocks: base or clique.
|
||||
GRAPHIQL_TRANSACTION: "0xbc426b4792c48d8ca31ec9786e403866e14e7f3e4d39c7f2852e518fae529ab4" # Random tx hash on the network, used as default for graphiql tx.
|
||||
FIRST_BLOCK: 0 # The block number, where indexing begins from.
|
||||
TXS_COUNT_CACHE_PERIOD: 7200 # Interval in seconds to restart the task, which calculates the total txs count.
|
||||
ADDRESS_WITH_BALANCES_UPDATE_INTERVAL: 1800 #Interval in seconds to restart the task, which calculates addresses with balances
|
||||
LINK_TO_OTHER_EXPLORERS: "false" # If true, links to other explorers are added in the footer
|
||||
USE_PLACEMENT_GROUP: "false" # If true, BlockScout instance will be created in the placement group
|
||||
EXQ_BLOCKS_CONCURRENCY="1"
|
||||
EXQ_INTERNAL_TRANSACTIONS_CONCURRENCY="1"
|
||||
EXQ_TRANSACTIONS_CONCURRENCY="1"
|
||||
|
||||
## Region. It is recommended to deploy to us-east-1 as some of the other regions fails due to varied reasons
|
||||
region: "us-east-1"
|
||||
#The following variables are optional
|
||||
#FIRST_BLOCK: 0 # The block number, where indexing begins from.
|
||||
#COINMARKETCAP_PAGES: 10 # Sets the number of pages at Coinmarketcap to search coin at. Defaults to 10
|
||||
#METADATA_CONTRACT: # Address of metadata smart contract. Used by POA Network to obtain Validators information to display in the UI
|
||||
#VALIDATORS_CONTRACT: #Address of the EMission Fund smart contract
|
||||
#SUPPLY_MODULE: "false" # Used by the xDai Chain to calculate the total supply of the chain
|
||||
#SOURCE_MODULE: "false" # Used to calculate the total supply
|
||||
#DATABASE_URL: # Database URL. Usually generated automatically, but this variable can be used to modify the URL of the databases during the updates.
|
||||
#CHECK_ORIGIN: "false" # Used to check the origin of requests when the origin header is present
|
||||
#DATADOG_HOST: # Host configuration variable for Datadog integration
|
||||
#DATADOG_PORT: # Port configuration variable for Datadog integration
|
||||
#SPANDEX_BATCH_SIZE: # Spandex and Datadog configuration setting.
|
||||
#SPANDEX_SYNC_THRESHOLD: # Spandex and Datadog configuration setting.
|
||||
|
|
|
@ -24,9 +24,6 @@ dns_zone_name: "poa.internal"
|
|||
## Size of the EC2 instance EBS root volume
|
||||
root_block_size: 120
|
||||
|
||||
## The following variable represents the elixir version that will be used to run BlockScout instance. Will be used to download the Elixir at the following link: https://github.com/elixir-lang/elixir/releases/download/{{ elixir_version }}/Precompiled.zip
|
||||
elixir_version: "v1.7.4"
|
||||
|
||||
# DB related variables
|
||||
|
||||
## This value represents the name of the DB that will be created/attached. Must be unique. Will be prefixed with `prefix` variable.
|
||||
|
|
|
@ -16,6 +16,8 @@
|
|||
template:
|
||||
src: roles/main_infra/templates/terraform.tfvars.j2
|
||||
dest: roles/main_infra/files/terraform.tfvars
|
||||
vars:
|
||||
db_iops: "{{ chain_db_iops | default({}) }}"
|
||||
|
||||
- name: Generating backend file
|
||||
template:
|
||||
|
@ -23,6 +25,12 @@
|
|||
dest: roles/main_infra/files/backend.tfvars
|
||||
when: backend|bool == true
|
||||
|
||||
- name: Generate Terraform files
|
||||
template:
|
||||
src: "{{ item.key }}"
|
||||
dest: "{{ item.value }}"
|
||||
with_dict: {roles/main_infra/templates/hosts.tf.j2: roles/main_infra/files/hosts.tf,roles/main_infra/templates/routing.tf.j2: roles/main_infra/files/routing.tf,roles/main_infra/templates/provider.tf.j2: roles/main_infra/files/provider.tf}
|
||||
|
||||
#Workaround since terraform module return unexpected error.
|
||||
- name: Initialize Terraform
|
||||
shell: "echo yes | {{ terraform_location }} init{{ ' -backend-config=backend.tfvars' if backend|bool == true else '' }}"
|
||||
|
|
|
@ -16,6 +16,8 @@
|
|||
template:
|
||||
src: roles/main_infra/templates/terraform.tfvars.j2
|
||||
dest: roles/main_infra/files/terraform.tfvars
|
||||
vars:
|
||||
db_iops: "{{ chain_db_iops | default({}) }}"
|
||||
|
||||
- name: Generating backend file
|
||||
template:
|
||||
|
@ -23,6 +25,12 @@
|
|||
dest: roles/main_infra/files/backend.tfvars
|
||||
when: backend|bool == true
|
||||
|
||||
- name: Generate Terraform files
|
||||
template:
|
||||
src: "{{ item.key }}"
|
||||
dest: "{{ item.value }}"
|
||||
with_dict: {roles/main_infra/templates/hosts.tf.j2: roles/main_infra/files/hosts.tf,roles/main_infra/templates/routing.tf.j2: roles/main_infra/files/routing.tf,roles/main_infra/templates/provider.tf.j2: roles/main_infra/files/provider.tf}
|
||||
|
||||
# This is due to the TF0.11 bug which do not allow to completely destroy resources if interpolation syntax is used in outputs.tf at edge cases
|
||||
- name: Check if outputs.tf exists
|
||||
stat: path=roles/main_infra/files/outputs.tf
|
||||
|
@ -40,6 +48,13 @@
|
|||
- "init {{ '-backend-config=backend.tfvars' if backend|bool == true else '' }}"
|
||||
- destroy
|
||||
|
||||
- name: Delete vars from parameter store
|
||||
include: parameter_store.yml
|
||||
loop: "{{ chain_custom_environment.keys() }}"
|
||||
loop_control:
|
||||
loop_var: chain
|
||||
index_var: index
|
||||
|
||||
- name: Check if outputs.tf.backup exists
|
||||
stat: path=roles/main_infra/files/outputs.tf.backup
|
||||
register: outputs_backup_stat
|
||||
|
@ -58,9 +73,27 @@
|
|||
name: "{{ prefix }}-{{ bucket }}"
|
||||
state: absent
|
||||
force: yes
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
when: user_answer.user_input|bool == True
|
||||
|
||||
- dynamodb_table:
|
||||
name: "{{ prefix }}-{{ dynamodb_table }}"
|
||||
state: absent
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
when: user_answer.user_input|bool == True
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
- name: Fetch environment variables (via access key)
|
||||
set_fact:
|
||||
chain_env: "{{ lookup('aws_ssm', path, aws_access_key=aws_access_key, aws_secret_key=aws_secret_key, region=region, shortnames=true, bypath=true, recursive=true ) }}"
|
||||
vars:
|
||||
path: "/{{ prefix }}/{{ chain }}"
|
||||
when: aws_access_key is defined
|
||||
|
||||
- name: Fetch environment variables (via profile)
|
||||
set_fact:
|
||||
chain_env: "{{ lookup('aws_ssm', path, aws_profile=aws_profile, shortnames=true, bypath=true, recursive=true ) }}"
|
||||
vars:
|
||||
path: "/{{ prefix }}/{{ chain }}"
|
||||
when: aws_profile is defined
|
||||
|
||||
- name: Remove chain variables
|
||||
aws_ssm_parameter_store:
|
||||
name: "/{{ prefix }}/{{ chain }}/{{ item.key }}"
|
||||
value: "{{ item.value }}"
|
||||
state: absent
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
with_dict: "{{ chain_env }}"
|
|
@ -8,3 +8,12 @@
|
|||
tags:
|
||||
origin: terraform
|
||||
prefix: "{{ prefix }}"
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
provider "aws" {
|
||||
version = "~> 1.15"
|
||||
|
||||
region = "${var.region}"
|
||||
}
|
|
@ -1,4 +1,3 @@
|
|||
variable "region" {}
|
||||
variable "prefix" {}
|
||||
variable "key_name" {}
|
||||
variable "vpc_cidr" {}
|
||||
|
@ -7,13 +6,15 @@ variable "db_subnet_cidr" {}
|
|||
variable "dns_zone_name" {}
|
||||
variable "instance_type" {}
|
||||
variable "root_block_size" {}
|
||||
|
||||
variable "pool_size" {
|
||||
default = {}
|
||||
}
|
||||
variable "elixir_version" {}
|
||||
|
||||
variable "use_placement_group" {
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "key_content" {
|
||||
default = ""
|
||||
}
|
||||
|
|
|
@ -40,7 +40,7 @@
|
|||
template:
|
||||
src: "{{ item.key }}"
|
||||
dest: "{{ item.value }}"
|
||||
with_dict: {hosts.tf.j2: roles/main_infra/files/hosts.tf,routing.tf.j2: roles/main_infra/files/routing.tf}
|
||||
with_dict: {hosts.tf.j2: roles/main_infra/files/hosts.tf,routing.tf.j2: roles/main_infra/files/routing.tf,provider.tf.j2: roles/main_infra/files/provider.tf}
|
||||
|
||||
#Workaround since terraform module return unexpected error.
|
||||
- name: Terraform plan construct
|
||||
|
|
|
@ -9,8 +9,13 @@
|
|||
aws_ssm_parameter_store:
|
||||
name: "/{{ prefix }}/{{ chain }}/{{ item.key }}"
|
||||
value: "{{ item.value }}"
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
with_dict: "{{ chain_ps_env }}"
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
region = "{{ ansible_env.AWS_REGION }}"
|
||||
bucket = "{{ prefix }}-{{ bucket }}"
|
||||
dynamodb_table = "{{ prefix }}-{{ dynamodb_table }}"
|
||||
key = "terraform.tfstate"
|
||||
|
|
|
@ -40,10 +40,12 @@ resource "aws_launch_configuration" "explorer" {
|
|||
}
|
||||
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{% if value['USE_PLACEMENT_GROUP']|default('true') == "true" %}
|
||||
resource "aws_placement_group" "explorer-{{key}}" {
|
||||
name = "${var.prefix}-{{key}}-explorer-pg"
|
||||
strategy = "cluster"
|
||||
}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
|
@ -52,7 +54,7 @@ resource "aws_autoscaling_group" "explorer-{{key}}" {
|
|||
max_size = "4"
|
||||
min_size = "1"
|
||||
desired_capacity = "1"
|
||||
{% if value['USE_PLACEMENT_GROUP'] == "true" %} placement_group = "${var.prefix}-{{key}}-explorer-pg" {% endif %}
|
||||
{% if value['USE_PLACEMENT_GROUP']|default('true') == "true" %} placement_group = "${var.prefix}-{{key}}-explorer-pg" {% endif %}
|
||||
launch_configuration = "${aws_launch_configuration.explorer.name}"
|
||||
vpc_zone_identifier = ["${aws_subnet.default.id}"]
|
||||
availability_zones = ["${data.aws_availability_zones.available.names}"]
|
||||
|
@ -92,6 +94,12 @@ resource "aws_autoscaling_group" "explorer-{{key}}" {
|
|||
value = "{{ key }}"
|
||||
propagate_at_launch = true
|
||||
}
|
||||
|
||||
tag {
|
||||
key = "Name"
|
||||
value = "{{ key }} Application"
|
||||
propagate_at_launch = true
|
||||
}
|
||||
}
|
||||
|
||||
# TODO: These autoscaling policies are not currently wired up to any triggers
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
provider "aws" {
|
||||
version = "~> 1.15"
|
||||
{% if aws_access_key is undefined %}
|
||||
profile = "{{ aws_profile|default("default") }}"
|
||||
{% endif %}
|
||||
region = "{{ aws_region|default("us-east-1") }}"
|
||||
}
|
|
@ -1,4 +1,11 @@
|
|||
terraform {
|
||||
backend "s3" {
|
||||
{% if aws_access_key is undefined %}
|
||||
profile = "{{ aws_profile|default("default") }}"
|
||||
{% else %}
|
||||
access_key = "{{ aws_access_key }}"
|
||||
secret_key = "{{ aws_secret_key }}"
|
||||
{% endif %}
|
||||
region = "{{ aws_region }}"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -63,7 +63,7 @@ resource "aws_alb_listener" "alb_listener{{loop.index-1}}" {
|
|||
load_balancer_arn = "${aws_lb.explorer.*.arn[{{loop.index-1}}]}"
|
||||
port = "${lookup(var.use_ssl,element(var.chains,{{loop.index-1}})) ? "443" : "80" }"
|
||||
protocol = "${lookup(var.use_ssl,element(var.chains,{{loop.index-1}})) ? "HTTPS" : "HTTP" }"
|
||||
{% if value['ECTO_USE_SSL'] == "true" %}
|
||||
{% if value['ECTO_USE_SSL']|default('false') == "true" %}
|
||||
ssl_policy = "${lookup(var.alb_ssl_policy,element(var.chains,{{loop.index-1}}))}"
|
||||
certificate_arn = "${lookup(var.alb_certificate_arn,element(var.chains,{{loop.index-1}}))}"
|
||||
{% endif %}
|
||||
|
|
|
@ -1,42 +1,41 @@
|
|||
region = "{{ ansible_env.AWS_REGION }}"
|
||||
prefix = "{{ prefix }}"
|
||||
key_name = "{{ ec2_ssh_key_name }}"
|
||||
key_content = "{{ ec2_ssh_key_content }}"
|
||||
vpc_cidr = "{{ vpc_cidr }}"
|
||||
public_subnet_cidr = "{{ public_subnet_cidr }}"
|
||||
db_subnet_cidr = "{{ db_subnet_cidr }}"
|
||||
dns_zone_name = "{{ dns_zone_name }}"
|
||||
instance_type = "{{ instance_type }}"
|
||||
root_block_size = "{{ root_block_size }}"
|
||||
elixir_version = "{{ elixir_version }}"
|
||||
prefix = "{{ prefix }}"
|
||||
key_name = "{{ ec2_ssh_key_name }}"
|
||||
key_content = "{{ ec2_ssh_key_content }}"
|
||||
vpc_cidr = "{{ vpc_cidr }}"
|
||||
public_subnet_cidr = "{{ public_subnet_cidr }}"
|
||||
db_subnet_cidr = "{{ db_subnet_cidr }}"
|
||||
dns_zone_name = "{{ dns_zone_name }}"
|
||||
instance_type = "{{ instance_type }}"
|
||||
root_block_size = "{{ root_block_size }}"
|
||||
|
||||
pool_size = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}="{{ value['POOL_SIZE'] }}"{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['POOL_SIZE']|default('30') }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
secret_key_base = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}="{{ value['SECRET_KEY_BASE'] }}"{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['SECRET_KEY_BASE']|default('TPGMvGK0iIwlXBQuQDA5KRqk77VETbEBlG4gAWeb93TvBsYAjvoAvdODMd6ZeguPwf2YTRY3n7uvxXzQP4WayQ==') }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
use_ssl = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}="{{ value['ECTO_USE_SSL'] }}"{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['ECTO_USE_SSL']|default('false') }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
|
||||
alb_ssl_policy = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}="{{ value['ALB_SSL_POLICY'] }}"{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['ALB_SSL_POLICY']|default('') }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
alb_certificate_arn = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}="{{ value['ALB_CERTIFICATE_ARN'] }}"{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['ALB_CERTIFICATE_ARN']|default('') }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
|
|
|
@ -30,6 +30,13 @@
|
|||
template:
|
||||
src: dev.secret.exs.j2
|
||||
dest: "blockscout-{{ chain }}/apps/explorer/config/dev.secret.exs"
|
||||
when: ps_db is defined
|
||||
|
||||
- name: Copy default explorer config files
|
||||
copy:
|
||||
src: "blockscout-{{ chain }}/apps/explorer/config/dev.secret.exs.example"
|
||||
dest: "blockscout-{{ chain }}/apps/explorer/config/dev.secret.exs"
|
||||
when: ps_db is undefined or ps_db == ""
|
||||
|
||||
- name: Remove static assets from previous deployment, if any
|
||||
file:
|
||||
|
@ -69,24 +76,34 @@
|
|||
args:
|
||||
chdir: "blockscout-{{ chain }}/apps/block_scout_web"
|
||||
|
||||
- name: Fetch environment variables
|
||||
- name: Fetch environment variables (via access key)
|
||||
set_fact:
|
||||
chain_env: "{{ lookup('aws_ssm', path, aws_access_key=aws_access_key, aws_secret_key=aws_secret_key, region=region, shortnames=true, bypath=true, recursive=true ) }}"
|
||||
vars:
|
||||
path: "/{{ prefix }}/{{ chain }}"
|
||||
when: aws_access_key is defined
|
||||
|
||||
- name: Fetch environment variables (via profile)
|
||||
set_fact:
|
||||
chain_env: "{{ lookup('aws_ssm', path, aws_profile=aws_profile, shortnames=true, bypath=true, recursive=true ) }}"
|
||||
vars:
|
||||
path: "/{{ prefix }}/{{ chain }}"
|
||||
when: aws_profile is defined
|
||||
|
||||
- name: Make config variables lowercase
|
||||
set_fact:
|
||||
chain_lower_env: "{{ chain_lower_env | combine ({item.key|lower : item.value}) }}"
|
||||
with_dict: "{{ chain_custom_environment_chain }}"
|
||||
when: chain_custom_environment_chain|length > 0
|
||||
vars:
|
||||
chain_lower_env: {}
|
||||
chain_custom_environment_chain: "{{ chain_cec[chain] | default({}) }}"
|
||||
chain_custom_environment_chain: "{{ chain_cec[chain] | default({}) if chain_cec[chain]>0 else {} }}"
|
||||
chain_cec: "{{ chain_custom_environment | default ({}) }}"
|
||||
|
||||
- name: Override env variables
|
||||
set_fact:
|
||||
chain_env: "{{ chain_env | combine(chain_lower_env) }}"
|
||||
when: chain_lower_env is defined
|
||||
|
||||
- name: Uppercase chain
|
||||
set_fact:
|
||||
|
@ -115,11 +132,13 @@
|
|||
msg: "Execution aborted."
|
||||
always:
|
||||
- name: kill server
|
||||
command: "pkill -e {{ item }}"
|
||||
command: "pkill -f {{ item }}"
|
||||
with_items:
|
||||
- beam.smp
|
||||
- node
|
||||
- erlang
|
||||
failed_when: false
|
||||
when:
|
||||
|
||||
- name: Build static assets
|
||||
command: mix phx.digest
|
||||
|
@ -144,23 +163,18 @@
|
|||
when: user_answer.user_input|lower != "false" and user_answer.user_input|lower != "no"
|
||||
|
||||
- name: Fix bug with favicon
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "blockscout-{{ chain }}/apps/block_scout_web/priv/static/images/"
|
||||
with_fileglob:
|
||||
- "blockscout-{{ chain }}/apps/block_scout_web/priv/static/favicon*"
|
||||
replace:
|
||||
regexp: 'favicon-[a-z0-9]+?\.ico'
|
||||
replace: "favicon.ico"
|
||||
path: "blockscout-{{ chain }}/apps/block_scout_web/priv/static/cache_manifest.json"
|
||||
|
||||
- name: Upload Blockscout to S3
|
||||
command: "aws deploy push --application-name={{ prefix }}-explorer --s3-location s3://{{ prefix }}-explorer-codedeploy-releases/blockscout-{{ chain }}.zip --source=blockscout-{{ chain }}"
|
||||
command: "{{ 'AWS_ACCESS_KEY='~aws_access_key~' AWS_SECRET_ACCESS_KEY='~aws_secret_key~' AWS_DEFAULT_REGION='~aws_region if aws_profile is undefined else '' }} aws deploy push --application-name={{ prefix }}-explorer --s3-location s3://{{ prefix }}-explorer-codedeploy-releases/blockscout-{{ chain }}.zip --source=blockscout-{{ chain }} {{ '--profile='~aws_profile if aws_profile is defined else '' }}"
|
||||
register: push_output
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
||||
- name: Upload output
|
||||
debug:
|
||||
msg: "If deployment will fail, you can try to deploy blockscout manually using the following commands: {{ push_output.stdout_lines }}"
|
||||
msg: "If deployment will fail, you can try to deploy blockscout manually using the following commands: {{ 'AWS_ACCESS_KEY=XXXXXXXXXXXXXX AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXX AWS_DEFAULT_REGION='~aws_region if aws_profile is undefined else '' }} {{ push_output.stdout_lines }} {{ '--profile='~aws_profile if aws_profile is defined else '' }}"
|
||||
|
||||
- name: User prompt
|
||||
pause:
|
||||
|
@ -171,11 +185,17 @@
|
|||
aws_ssm_parameter_store:
|
||||
name: "/{{ prefix }}/{{ chain }}/{{ item.key }}"
|
||||
value: "{{ item.value }}"
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
with_dict: "{{ chain_env }}"
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
||||
when: user_answer.user_input|lower != "false" and user_answer.user_input|lower != "no"
|
||||
|
||||
- name: User prompt
|
||||
|
@ -184,9 +204,5 @@
|
|||
register: user_answer
|
||||
|
||||
- name: Deploy Blockscout
|
||||
command: "{{ push_output.stdout_lines[1] }} --deployment-group-name {{ prefix }}-explorer-dg{{ index }} --deployment-config-name CodeDeployDefault.OneAtATime --description '{{ chain_upper_env['BLOCKSCOUT_VERSION'] }}'"
|
||||
command: "{{ 'AWS_ACCESS_KEY='~aws_access_key~' AWS_SECRET_ACCESS_KEY='~aws_secret_key~' AWS_DEFAULT_REGION='~aws_region if aws_profile is undefined else '' }} {{ push_output.stdout_lines[1] }} --deployment-group-name {{ prefix }}-explorer-dg{{ index }} --deployment-config-name CodeDeployDefault.OneAtATime --description '{{ chain_upper_env['BLOCKSCOUT_VERSION'] }}' {{ '--profile='~aws_profile if aws_profile is defined else '' }}"
|
||||
when: user_answer.user_input|lower != "false" and user_answer.user_input|lower != "no"
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
|
|
@ -3,6 +3,15 @@
|
|||
bucket: "{{ prefix }}-{{ bucket }}"
|
||||
mode: create
|
||||
permission: private
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
|
||||
- name: Apply tags and versioning to create S3 bucket
|
||||
s3_bucket:
|
||||
|
@ -11,6 +20,15 @@
|
|||
tags:
|
||||
origin: terraform
|
||||
prefix: "{{ prefix }}"
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
|
||||
- name: Add lifecycle management policy to created S3 bucket
|
||||
s3_lifecycle:
|
||||
|
@ -19,6 +37,15 @@
|
|||
noncurrent_version_expiration_days: 90
|
||||
status: enabled
|
||||
state: present
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
|
||||
- name: Check if config file exists
|
||||
stat:
|
||||
|
@ -50,6 +77,15 @@
|
|||
object: all.yml
|
||||
src: "{{ playbook_dir }}/group_vars/all.yml.temp"
|
||||
mode: put
|
||||
profile: "{{ profile }}"
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
vars:
|
||||
access_key: "{{ aws_access_key|default(omit) }}"
|
||||
secret_key: "{{ aws_secret_key|default(omit) }}"
|
||||
profile: "{{ aws_profile|default(omit) }}"
|
||||
region: "{{ aws_region|default(omit) }}"
|
||||
when: upload_config_to_s3|bool == True and stat_result.stat.exists == True
|
||||
|
||||
- name: Remove temp file
|
||||
|
|
Loading…
Reference in New Issue