commit
5bf233455b
|
@ -7,6 +7,12 @@ group_vars/validator
|
|||
group_vars/netstat
|
||||
group_vars/moc
|
||||
|
||||
roles/bootnode/vars/main.yml
|
||||
roles/explorer/vars/main.yml
|
||||
roles/validator/vars/main.yml
|
||||
roles/netstat/vars/main.yml
|
||||
roles/moc/vars/main.yml
|
||||
|
||||
hosts
|
||||
|
||||
.vagrant/*
|
||||
|
|
|
@ -19,6 +19,7 @@ Vagrant.configure("2") do |config|
|
|||
node.vm.hostname = machine
|
||||
|
||||
node.vm.provision :ansible do |ansible|
|
||||
ansible.compatibility_mode = "2.0"
|
||||
ansible.playbook = "site.yml"
|
||||
ansible.groups = {
|
||||
"validator" => ["validator"],
|
||||
|
|
|
@ -8,7 +8,6 @@ gathering = implicit
|
|||
timeout = 10
|
||||
host_key_checking = False
|
||||
|
||||
remote_user = root
|
||||
ansible_managed = This file is managed by ansible
|
||||
|
||||
[ssh_connection]
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
# config file for ansible -- http://ansible.com/
|
||||
[defaults]
|
||||
|
||||
remote_tmp = $HOME/.ansible/tmp
|
||||
forks = 20
|
||||
gathering = implicit
|
||||
# SSH timeout
|
||||
timeout = 10
|
||||
host_key_checking = False
|
||||
|
||||
remote_user = root
|
||||
ansible_managed = This file is managed by ansible
|
||||
|
||||
[ssh_connection]
|
||||
pipelining = True
|
||||
scp_if_ssh = True
|
|
@ -0,0 +1,98 @@
|
|||
---
|
||||
- name: Create bootnode security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ bootnode_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: bootnode
|
||||
|
||||
|
||||
- name: Create bootnode
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
id: "{{ bootnode_instance_name }}"
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ bootnode_instance_name }}"
|
||||
group: "{{ bootnode_security_group }}"
|
||||
instance_type: "{{ bootnode_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ bootnode_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
when: ec2.changed
|
||||
tags: bootnode
|
||||
|
||||
- name: Installing python
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Create bootnode elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for bootnode
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: bootnode
|
||||
become: True
|
||||
roles:
|
||||
- bootnode-access
|
|
@ -0,0 +1,79 @@
|
|||
---
|
||||
- name: Create explorer security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ explorer_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: explorer
|
||||
|
||||
|
||||
- name: Create explorer
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
id: "{{ bootnode_instance_name }}"
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ explorer_instance_name }}"
|
||||
group: "{{ explorer_security_group }}"
|
||||
instance_type: "{{ explorer_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ explorer_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
when: ec2.changed
|
||||
tags: explorer
|
||||
|
||||
- name: Installing python
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: explorer
|
||||
become: True
|
||||
roles:
|
||||
- explorer-access
|
|
@ -1,80 +1,62 @@
|
|||
---
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
ssh_root:
|
||||
- "{{ lookup('file', 'files/admins.pub') }}"
|
||||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
|
||||
awskeypair_name: "keypairname"
|
||||
image: "ami-0b383171"
|
||||
region: "us-east-1"
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
NODE_PWD: "node.pwd" # don't change this one
|
||||
NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
||||
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
|
||||
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
|
||||
ORCHESTRATOR_BIN_LOC: ""
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
||||
|
||||
SCRIPTS_MOC_BRANCH: "mainnet"
|
||||
SCRIPTS_VALIDATOR_BRANCH: "mainnet"
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
GENESIS_BRANCH: "master"
|
||||
GENESIS_NETWORK_NAME: "PoA"
|
||||
|
||||
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
||||
BLK_GAS_LIMIT: "6700000"
|
||||
###Bootnode
|
||||
|
||||
#bootnode
|
||||
bootnode_instance_type: "t2.large"
|
||||
bootnode_instance_name: "bootnode"
|
||||
bootnode_count_instances: "1"
|
||||
|
||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
#netstat
|
||||
netstat_instance_type: "t2.large"
|
||||
netstat_instance_name: "netstat"
|
||||
netstat_count_instances: "1"
|
||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
||||
associate_bootnode_elastic_ip: false
|
||||
|
||||
#validator
|
||||
validator_instance_type: "t2.large"
|
||||
validator_instance_name: "validator"
|
||||
validator_count_instances: "1"
|
||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||
validator_archive: "off"
|
||||
|
||||
#moc
|
||||
moc_instance_type: "t2.large"
|
||||
moc_instance_name: "moc"
|
||||
moc_count_instances: "1"
|
||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
||||
moc_archive: "off"
|
||||
|
||||
#explorer
|
||||
explorer_instance_type: "t2.large"
|
||||
explorer_instance_name: "explorer"
|
||||
explorer_count_instances: "1"
|
||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||
|
||||
#restrict network access to instances
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: true
|
||||
associate_bootnode_elastic_ip: false
|
||||
allow_bootnode_rpc: false
|
||||
|
||||
###Explorer
|
||||
|
||||
explorer_instance_type: "t2.large"
|
||||
explorer_instance_name: "explorer"
|
||||
explorer_count_instances: "1"
|
||||
|
||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
###Moc
|
||||
|
||||
allow_validator_ssh: true
|
||||
allow_validator_p2p: true
|
||||
moc_instance_type: "t2.large"
|
||||
moc_instance_name: "moc"
|
||||
moc_count_instances: "1"
|
||||
|
||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
||||
|
||||
###Netstat
|
||||
|
||||
netstat_instance_type: "t2.large"
|
||||
netstat_instance_name: "netstat"
|
||||
netstat_count_instances: "1"
|
||||
|
||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
||||
|
||||
###Validator
|
||||
|
||||
validator_instance_type: "t2.large"
|
||||
validator_instance_name: "validator"
|
||||
validator_count_instances: "1"
|
||||
|
||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||
associate_validator_elastic_ip: false
|
||||
|
||||
################################################################
|
|
@ -0,0 +1,79 @@
|
|||
---
|
||||
- name: Create moc security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ moc_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: moc
|
||||
|
||||
|
||||
- name: Create moc
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
id: "{{ bootnode_instance_name }}"
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ moc_instance_name }}"
|
||||
group: "{{ moc_security_group }}"
|
||||
instance_type: "{{ moc_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ moc_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
when: ec2.changed
|
||||
tags: moc
|
||||
|
||||
- name: Installing python
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: moc
|
||||
become: True
|
||||
roles:
|
||||
- moc-access
|
|
@ -0,0 +1,79 @@
|
|||
---
|
||||
- name: Create netstat security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ netstat_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: netstat
|
||||
|
||||
|
||||
- name: Create netstat
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
id: "{{ bootnode_instance_name }}"
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ netstat_instance_name }}"
|
||||
group: "{{ netstat_security_group }}"
|
||||
instance_type: "{{ netstat_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ netstat_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
when: ec2.changed
|
||||
tags: netstat
|
||||
|
||||
- name: Installing python
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: netstat
|
||||
become: True
|
||||
roles:
|
||||
- netstat-access
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version is search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version is search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version is search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version is search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version is search("amazon")
|
|
@ -0,0 +1,19 @@
|
|||
- name: Bootnode deployment
|
||||
import_playbook: bootnode.yml
|
||||
tags: bootnode
|
||||
|
||||
- name: Explorer deployment
|
||||
import_playbook: explorer.yml
|
||||
tags: explorer
|
||||
|
||||
- name: Moc deployment
|
||||
import_playbook: moc.yml
|
||||
tags: moc
|
||||
|
||||
- name: Netstat deployment
|
||||
import_playbook: netstat.yml
|
||||
tags: netstat
|
||||
|
||||
- name: Validator deployment
|
||||
import_playbook: validator.yml
|
||||
tags: validator
|
|
@ -0,0 +1,98 @@
|
|||
---
|
||||
- name: Create validator security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ validator_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: validator
|
||||
|
||||
|
||||
- name: Create validator
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
id: "{{ bootnode_instance_name }}"
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ validator_instance_name }}"
|
||||
group: "{{ validator_security_group }}"
|
||||
instance_type: "{{ validator_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ validator_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
when: ec2.changed
|
||||
tags: validator
|
||||
|
||||
- name: Installing python
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Create validator elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for validator
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_validator_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_validator_elastic_ip == true
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: validator
|
||||
become: True
|
||||
roles:
|
||||
- validator-access
|
105
bootnode.yml
105
bootnode.yml
|
@ -1,105 +1,4 @@
|
|||
---
|
||||
- name: Create bootnode security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ bootnode_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: bootnode
|
||||
|
||||
|
||||
- name: Create bootnode
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ bootnode_instance_name }}"
|
||||
group: "{{ bootnode_security_group }}"
|
||||
instance_type: "{{ bootnode_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ bootnode_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: bootnode
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: bootnode
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: Create bootnode elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for bootnode
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
- bootnode
|
||||
|
|
86
explorer.yml
86
explorer.yml
|
@ -1,86 +1,4 @@
|
|||
---
|
||||
- name: Create explorer security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ explorer_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: explorer
|
||||
|
||||
|
||||
- name: Create explorer
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ explorer_instance_name }}"
|
||||
group: "{{ explorer_security_group }}"
|
||||
instance_type: "{{ explorer_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ explorer_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: explorer
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: explorer
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
- explorer
|
|
@ -1,102 +0,0 @@
|
|||
### This file is used as a reference only and contains all possible options for all roles.
|
||||
### Values set in this file are used for illustration only.
|
||||
###
|
||||
### To connect to an actual network, please follow instructions provided to you
|
||||
### on how to generate a valid `group_vars/all` file for the network.
|
||||
###
|
||||
|
||||
---
|
||||
ssh_root:
|
||||
- "{{ lookup('file', 'files/admins.pub') }}"
|
||||
|
||||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
|
||||
awskeypair_name: "keypairname"
|
||||
image: "ami-0b383171"
|
||||
region: "us-east-1"
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
NETSTATS_SERVER: "INSERT SERVERNAME"
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
||||
|
||||
MINING_KEYFILE: "INSERT HERE"
|
||||
MINING_ADDRESS: "INSERT HERE"
|
||||
MINING_KEYPASS: "INSERT HERE"
|
||||
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
GENESIS_BRANCH: "master"
|
||||
GENESIS_NETWORK_NAME: "PoANetwork"
|
||||
|
||||
MOC_ADDRESS: "INSERT HERE"
|
||||
MOC_KEYPASS: "INSERT HERE"
|
||||
MOC_KEYFILE: "INSERT HERE"
|
||||
|
||||
SCRIPTS_MOC_BRANCH: "master"
|
||||
SCRIPTS_VALIDATOR_BRANCH: "master"
|
||||
|
||||
BLK_GAS_LIMIT: "6700000"
|
||||
NODE_PWD: "node.pwd"
|
||||
|
||||
NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
||||
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
|
||||
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
|
||||
ORCHESTRATOR_BIN_LOC: ""
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
||||
|
||||
#bootnode
|
||||
bootnode_instance_type: "t2.large"
|
||||
bootnode_instance_name: "bootnode"
|
||||
bootnode_count_instances: "1"
|
||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
#netstat
|
||||
netstat_instance_type: "t2.large"
|
||||
netstat_instance_name: "netstat"
|
||||
netstat_count_instances: "1"
|
||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
||||
|
||||
#validator
|
||||
validator_instance_type: "t2.large"
|
||||
validator_instance_name: "validator"
|
||||
validator_count_instances: "1"
|
||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||
validator_archive: "off"
|
||||
|
||||
#moc
|
||||
moc_instance_type: "t2.large"
|
||||
moc_instance_name: "moc"
|
||||
moc_count_instances: "1"
|
||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
||||
moc_archive: "off"
|
||||
|
||||
#explorer
|
||||
explorer_instance_type: "t2.large"
|
||||
explorer_instance_name: "explorer"
|
||||
explorer_count_instances: "1"
|
||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||
|
||||
#restrict network access to instances
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: true
|
||||
associate_bootnode_elastic_ip: false
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
|
||||
allow_validator_ssh: true
|
||||
allow_validator_p2p: true
|
||||
associate_validator_elastic_ip: false
|
|
@ -0,0 +1,187 @@
|
|||
### This file is used as a reference only and contains all possible options for all roles.
|
||||
### Values set in this file are used for illustration only.
|
||||
###
|
||||
### To connect to an actual network, please follow instructions provided to you
|
||||
### on how to generate a valid `group_vars/` files for the network.
|
||||
###
|
||||
|
||||
---
|
||||
|
||||
###The following variables are network-wide. They should be kept at all.yml file.
|
||||
|
||||
#Block gas limit
|
||||
BLK_GAS_LIMIT: "6700000"
|
||||
|
||||
#github branch that store genesis file (aka genesis.json, spec.json, chain.json, ...)
|
||||
GENESIS_BRANCH: "master"
|
||||
|
||||
#NetworkName as specified in genesis file
|
||||
GENESIS_NETWORK_NAME: "PoANetwork"
|
||||
|
||||
#github account from which all repositories will be downloaded
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
|
||||
#Hex-encoded address, including 0x prefix. For moc role it is used as mining key, for other nodes is used in other scripts.
|
||||
MOC_ADDRESS: "INSERT HERE"
|
||||
|
||||
#name of the file to store password. Should not be changed
|
||||
NODE_PWD: "node.pwd"
|
||||
|
||||
#url of the nodejs deb package to use, most importantly - version number
|
||||
NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
||||
|
||||
#url and sha256 checksum of the parity-orchestrator binary file
|
||||
ORCHESTRATOR_BIN_LOC: ""
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
||||
|
||||
#url and sha256 checksum of the parity binary file
|
||||
PARITY_BIN_LOC: "https://s3.us-east-2.amazonaws.com/poa-builds-parity-published/1.10.6/parity"
|
||||
PARITY_BIN_SHA256: "539f4788fbd605a9cd87b5bf747b27ae05b8a4080b26aa3da645b0446fa9f9cc"
|
||||
|
||||
#branch of poa-scripts-moc and poa-scripts-validator to use
|
||||
SCRIPTS_MOC_BRANCH: "master"
|
||||
SCRIPTS_VALIDATOR_BRANCH: "master"
|
||||
|
||||
#Explicitly specifies method of privilege escalation
|
||||
become_method: sudo
|
||||
|
||||
###The following variables are node-specific. They should be kept in group_vars/<node>.yml set of files. Alternatively they can be specifed at <role>/vars/main.yml file.
|
||||
|
||||
##These variables are used in each role and usually propagated to the dependent roles. By default they are different for each role and it's highly recommended not to use single for multiple roles, escpecially when they are installed on the same machine.
|
||||
|
||||
#Should playbook install ufw firewall to the nodes or not.
|
||||
install_firewall: true
|
||||
|
||||
#Which user will be used to connect to VMs
|
||||
#ansible_user: ubuntu
|
||||
|
||||
#Choose if to install debug tools
|
||||
install_debug_tools: "no"
|
||||
|
||||
#User's name and directory, which will be used to execute role from.
|
||||
#username: "<role>"
|
||||
#users:
|
||||
# - name: "{{ username }}"
|
||||
#home: "/home/{{ username }}"
|
||||
|
||||
#Path to the public SSH key that will be installed to the service user.
|
||||
install_keys_to_service_user: true
|
||||
#Relative or absolute path to the file.
|
||||
key_name: "id_rsa.pub"
|
||||
|
||||
#Node's descriptive name
|
||||
#NODE_FULLNAME: "INSERT NODENAME"
|
||||
|
||||
#Node owner's email
|
||||
#NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
#If this variable is set to "True" all the VMs will be rebooted after setup.
|
||||
reboot_after_completion: false
|
||||
|
||||
#Path to spec.json file. If no file provided, spec.json will be downloaded from GitHub
|
||||
spec_json: ""
|
||||
#Path to bootnodes.txt. Must be provided if spec_json specified
|
||||
bootnodes_txt: ""
|
||||
|
||||
##Bootnode-related variables.
|
||||
|
||||
#Specifies whether or not to keep port 22 opened to allow ssh access
|
||||
allow_bootnode_ssh: true
|
||||
#Specifies whether or not to keep port 30303 opened to allow peer discovery
|
||||
allow_bootnode_p2p: true
|
||||
#Specifies whether or not to keep port 8545 opened to allow rpc on this port
|
||||
allow_bootnode_rpc: false
|
||||
|
||||
#Specifies whether or not this node should be created with additional parameters to work as archive
|
||||
bootnode_archive: "off"
|
||||
#Specifies whether or not parity-orchestrator should be installed on this node and parity configured to use whisper
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
|
||||
##Explorer-related variables
|
||||
|
||||
#Specifies whether or not to keep port 22 opened to allow ssh access
|
||||
allow_explorer_ssh: true
|
||||
#Specifies whether or not to keep port 30303 opened to allow peer discovery
|
||||
allow_explorer_p2p: true
|
||||
#Specifies whether or not to keep port 8545 opened to allow rpc on this port
|
||||
allow_explorer_http: true
|
||||
|
||||
#Explicitly specifies the explorer version to use
|
||||
explorer_version: "acee07c"
|
||||
|
||||
|
||||
##Moc-related variables
|
||||
|
||||
#Specifies whether or not this node should be created with additional parameters to work as archive
|
||||
moc_archive: "off"
|
||||
|
||||
|
||||
##Netstat-related variables
|
||||
|
||||
|
||||
##Validator-related variables
|
||||
|
||||
#Specifies whether or not to keep port 22 opened to allow ssh access
|
||||
allow_validator_ssh: true
|
||||
#Specifies whether or not to keep port 30303 opened to allow peer discovery
|
||||
allow_validator_p2p: true
|
||||
|
||||
#Specifies whether or not this node should be created with additional parameters to work as archive
|
||||
validator_archive: "off"
|
||||
|
||||
|
||||
##Nginx-related variables (subrole)
|
||||
|
||||
#If this variable is set to true script will modify sysctl.conf and configure additional tcp settings.
|
||||
configure_extended_tcp_settings: false
|
||||
#Setup extended nginx headers. Used in bootnode, explorer and netstat roles.
|
||||
nginx_headers: "on"
|
||||
#Setup which proxy port should be used in nginx. Used in bootnode, explorer and netstat roles.
|
||||
PROXY_PORT: "8545"
|
||||
|
||||
|
||||
##poa-netstats-related variables (subrole)
|
||||
|
||||
#Explicitly specified api version to use
|
||||
api_version: "9773b5b"
|
||||
|
||||
|
||||
##poa-parity-related variables (subrole)
|
||||
|
||||
#This variables are intended to be set up if you want to run sub role explicitly.
|
||||
#validator_archive: "off"
|
||||
#bootnode_archive: "off"
|
||||
#moc_archive: "off"
|
||||
#bootnode_orchestrator: "off"
|
||||
|
||||
|
||||
|
||||
###Those variables are intended to be specified by users. They don't have any reasonable defaults. Those variables should be specified at group_vars/<role> folder or at <role>/vars/main.yml.
|
||||
|
||||
#Validator's mining keyfile content (json string)
|
||||
#MINING_KEYFILE: "INSERT HERE"
|
||||
|
||||
#Validator's mining key address
|
||||
#MINING_ADDRESS: "INSERT HERE"
|
||||
|
||||
#Validator's mining key password
|
||||
#MINING_KEYPASS: "INSERT HERE"
|
||||
|
||||
#Master of Ceremony's account password
|
||||
#MOC_KEYPASS: "INSERT HERE"
|
||||
|
||||
#Master of Ceremony's account keyfile
|
||||
#MOC_KEYFILE: "INSERT HERE"
|
||||
|
||||
#Secret code to join netstats. Important: For netstats role this option sets the password of the netstats. Master of Ceremony later provides it to other nodes.
|
||||
#NETSTATS_SECRET: "INSERT HERE"
|
||||
|
||||
#URL of netstats server. Should be provided to users by Master of Ceremony
|
||||
#NETSTATS_SERVER: "INSERT HERE"
|
||||
|
||||
#Node owner's email. Publicly visible in netstats
|
||||
#NODE_ADMIN_EMAIL: "INSERT HERE"
|
||||
|
||||
#Node's descriptive name. Publicly visible in netstats
|
||||
#NODE_FULLNAME: "INSERT HERE"
|
|
@ -0,0 +1,26 @@
|
|||
---
|
||||
|
||||
become_method: sudo
|
||||
|
||||
ansible_user: ubuntu
|
||||
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
image: "ami-0b383171"
|
||||
region: "us-east-1"
|
||||
|
||||
NODE_PWD: "node.pwd" # don't change this one
|
||||
NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
||||
PARITY_BIN_LOC: "https://s3.us-east-2.amazonaws.com/poa-builds-parity-published/1.10.6/parity"
|
||||
PARITY_BIN_SHA256: "539f4788fbd605a9cd87b5bf747b27ae05b8a4080b26aa3da645b0446fa9f9cc"
|
||||
ORCHESTRATOR_BIN_LOC: ""
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
||||
|
||||
SCRIPTS_MOC_BRANCH: "mainnet"
|
||||
SCRIPTS_VALIDATOR_BRANCH: "mainnet"
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
GENESIS_BRANCH: "master"
|
||||
GENESIS_NETWORK_NAME: "PoA"
|
||||
|
||||
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
||||
BLK_GAS_LIMIT: "6700000"
|
|
@ -1,11 +0,0 @@
|
|||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
awskeypair_name: "keypairname"
|
||||
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
NETSTATS_SERVER: "INSERT FULL URL"
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
|
@ -0,0 +1,21 @@
|
|||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
NETSTATS_SERVER: "INSERT FULL URL"
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
||||
|
||||
username: "bootnode"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
nginx_headers: "on"
|
||||
PROXY_PORT: "8545"
|
||||
configure_extended_tcp_settings: false
|
||||
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
|
||||
install_debug_tools: "yes"
|
||||
reboot_after_completion: false
|
|
@ -1,5 +0,0 @@
|
|||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
awskeypair_name: "keypairname"
|
||||
|
||||
vpc_subnet_id: "subnet-ID-number"
|
|
@ -0,0 +1,11 @@
|
|||
username: "explorer"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
configure_extended_tcp_settings: false
|
||||
|
||||
install_debug_tools: "yes"
|
||||
reboot_after_completion: false
|
|
@ -1,9 +1,3 @@
|
|||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
awskeypair_name: "keypairname"
|
||||
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
|
@ -12,3 +6,13 @@ NETSTATS_SECRET: "INSERT SECRET"
|
|||
|
||||
MOC_KEYPASS: "INSERT HERE"
|
||||
MOC_KEYFILE: 'INSERT HERE'
|
||||
|
||||
username: "moc"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
moc_archive: "off"
|
||||
|
||||
install_debug_tools: "yes"
|
||||
reboot_after_completion: false
|
|
@ -1,10 +0,0 @@
|
|||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
awskeypair_name: "keypairname"
|
||||
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
|
@ -0,0 +1,17 @@
|
|||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
||||
|
||||
username: "netstat"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
configure_extended_tcp_settings: false
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
NETSTATS_SERVER: "http://localhost:3000"
|
||||
|
||||
install_debug_tools: "yes"
|
||||
reboot_after_completion: false
|
|
@ -1,9 +1,3 @@
|
|||
access_key: "INSERT KEY HERE"
|
||||
secret_key: "INSERT SECRET HERE"
|
||||
awskeypair_name: "keypairname"
|
||||
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
NODE_FULLNAME: "INSERT NODENAME"
|
||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
|
@ -13,3 +7,13 @@ NETSTATS_SECRET: "INSERT SECRET"
|
|||
MINING_KEYFILE: 'INSERT HERE'
|
||||
MINING_ADDRESS: "INSERT HERE"
|
||||
MINING_KEYPASS: "INSERT HERE"
|
||||
|
||||
username: "validator"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
validator_archive: "off"
|
||||
|
||||
install_debug_tools: "yes"
|
||||
reboot_after_completion: false
|
|
@ -23,4 +23,4 @@ bootnode
|
|||
moc
|
||||
netstat
|
||||
validator
|
||||
explorer
|
||||
explorer
|
86
moc.yml
86
moc.yml
|
@ -1,86 +1,4 @@
|
|||
---
|
||||
- name: Create moc security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ moc_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: moc
|
||||
|
||||
|
||||
- name: Create moc
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ moc_instance_name }}"
|
||||
group: "{{ moc_security_group }}"
|
||||
instance_type: "{{ moc_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ moc_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: moc
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: moc
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
- moc
|
86
netstat.yml
86
netstat.yml
|
@ -1,86 +1,4 @@
|
|||
---
|
||||
- name: Create netstat security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ netstat_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: netstat
|
||||
|
||||
|
||||
- name: Create netstat
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ netstat_instance_name }}"
|
||||
group: "{{ netstat_security_group }}"
|
||||
instance_type: "{{ netstat_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ netstat_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: netstat
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: netstat
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
- netstat
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,14 +1,20 @@
|
|||
---
|
||||
username: "bootnode"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
nginx_headers: "on"
|
||||
PROXY_PORT: "8545"
|
||||
|
||||
user: ubuntu
|
||||
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: false
|
||||
|
||||
username: "bootnode"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
parity_api: "off"
|
||||
|
||||
reboot_after_completion: false
|
||||
install_debug_tools: "no"
|
||||
install_firewall: true
|
|
@ -0,0 +1,11 @@
|
|||
dependencies:
|
||||
- { role: usermanager }
|
||||
- { role: preconf }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: poa-netstats }
|
||||
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
|
||||
- { role: nginx }
|
||||
- { role: debug-tools, when: "install_debug_tools == 'yes'" }
|
|
@ -1,29 +1,14 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
with_items:
|
||||
- node.toml
|
||||
template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: install_firewall
|
||||
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
when: reboot_after_completion == true
|
||||
|
||||
#- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes
|
||||
|
|
|
@ -17,24 +17,18 @@
|
|||
- restart ufw
|
||||
|
||||
- name: Add ufw ssh access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '22', proto: 'tcp' }
|
||||
ufw: rule='allow' port='22' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_bootnode_ssh == true
|
||||
|
||||
- name: Add ufw https access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '443', proto: 'tcp' }
|
||||
ufw: rule='allow' port='443' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
|
||||
- name: Add ufw rpc access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '8545', proto: 'tcp' }
|
||||
ufw: rule='allow' port='8545' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_bootnode_rpc == true
|
|
@ -17,16 +17,13 @@ allow_ips = "public"
|
|||
|
||||
[rpc]
|
||||
#apis = ["web3", "eth", "parity", "parity_set", "net", "traces", "rpc"]
|
||||
apis = ["web3","eth","net" {{ ', "parity", "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else '' }}]
|
||||
apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") == "on" or parity_api|default("off") == "on") else ''}}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else ''}}]
|
||||
processing_threads = 4
|
||||
cors=["all"]
|
||||
|
||||
[ui]
|
||||
disable = true
|
||||
|
||||
[dapps]
|
||||
disable = true
|
||||
|
||||
{% if bootnode_archive|default("off") == "on" %}
|
||||
[snapshots]
|
||||
disable_periodic = false
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
### Install debug packages
|
||||
|
||||
- name: Install packages
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
- bc
|
||||
- cloud-utils
|
||||
- dstat
|
||||
- htop
|
||||
- iotop
|
||||
- lbzip2
|
||||
- mc
|
||||
- mtr
|
||||
- net-tools
|
||||
- nload
|
||||
- pigz
|
||||
- rsync
|
||||
- screen
|
||||
- sysstat
|
||||
- tcpdump
|
||||
- unzip
|
||||
- zip
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,12 +1,24 @@
|
|||
username: "explorer"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
---
|
||||
|
||||
user: ubuntu
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
||||
|
||||
username: "explorer"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
explorerS_SERVER: "localhost"
|
||||
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
||||
|
||||
explorer_version: "acee07c"
|
||||
|
||||
reboot_after_completion: false
|
||||
install_debug_tools: "no"
|
||||
install_firewall: true
|
|
@ -1,3 +1,6 @@
|
|||
---
|
||||
- name: restart poa-chain-explorer
|
||||
service: name=poa-chain-explorer state=restarted
|
||||
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -0,0 +1,9 @@
|
|||
dependencies:
|
||||
- { role: usermanager }
|
||||
- { role: preconf }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: nginx }
|
||||
- { role: debug-tools, when: "install_debug_tools == 'yes'" }
|
|
@ -1,30 +1,7 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
with_items:
|
||||
- node.toml
|
||||
template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644
|
||||
|
||||
- name: Clone poanetworks/chain-explorer repo from GitHub
|
||||
git:
|
||||
|
@ -42,7 +19,7 @@
|
|||
|
||||
- name: install npm chain_explorer
|
||||
npm:
|
||||
path: "/home/{{ username }}/chain-explorer"
|
||||
path: "{{ home }}//chain-explorer"
|
||||
become: true
|
||||
become_user: "{{ username }}"
|
||||
notify:
|
||||
|
@ -60,3 +37,12 @@
|
|||
|
||||
- name: Ensure poa-chain-explorer is running and enabled to start at boot
|
||||
service: name=poa-chain-explorer state=started enabled=yes
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: install_firewall
|
||||
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
when: reboot_after_completion == true
|
||||
|
||||
|
|
|
@ -17,17 +17,13 @@
|
|||
- restart ufw
|
||||
|
||||
- name: Add ufw ssh access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '22', proto: 'tcp' }
|
||||
ufw: rule='allow' port='22' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_explorer_ssh == true
|
||||
|
||||
- name: Add ufw https access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '443', proto: 'tcp' }
|
||||
ufw: rule='allow' port='443' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
|
||||
|
@ -41,9 +37,7 @@
|
|||
when: allow_explorer_p2p == true
|
||||
|
||||
- name: Add ufw http-3000 access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '3000', proto: 'tcp' }
|
||||
ufw: rule='allow' port='3000' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_explorer_http == true
|
|
@ -3,8 +3,8 @@
|
|||
"name" : "explorer",
|
||||
"script" : "./bin/www",
|
||||
"log_date_format" : "YYYY-MM-DD HH:mm:SS Z",
|
||||
"error_file" : "/home/{{ username }}/logs/explorer.err",
|
||||
"out_file" : "/home/{{ username }}/logs/explorer.out",
|
||||
"error_file" : "{{ home }}/logs/explorer.err",
|
||||
"out_file" : "{{ home }}/logs/explorer.out",
|
||||
"merge_logs" : false,
|
||||
"watch" : false,
|
||||
"max_restarts" : 100,
|
||||
|
|
|
@ -2,7 +2,7 @@ var web3 = require('web3');
|
|||
var net = require('net');
|
||||
var config = function () {
|
||||
this.logFormat = "combined";
|
||||
this.ipcPath = "/home/{{ username }}/parity_data/jsonrpc.ipc";
|
||||
this.ipcPath = "{{ home }}/parity_data/jsonrpc.ipc";
|
||||
this.provider = new web3.providers.IpcProvider(this.ipcPath, net);
|
||||
this.bootstrapUrl = "https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/yeti/bootstrap.min.css";
|
||||
this.names = {
|
||||
|
|
|
@ -6,8 +6,7 @@ Type=oneshot
|
|||
RemainAfterExit=true
|
||||
User={{ username }}
|
||||
Group={{ username }}
|
||||
Environment=MYVAR=myval
|
||||
WorkingDirectory=/home/{{ username }}/chain-explorer
|
||||
WorkingDirectory={{ home }}/chain-explorer
|
||||
ExecStart=/usr/bin/pm2 startOrRestart app.json
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
explorer_version: "acee07c"
|
|
@ -0,0 +1 @@
|
|||
explorer_version: "acee07c"
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- name: restart logentries
|
||||
service: name=logentries state=restarted
|
|
@ -1,47 +0,0 @@
|
|||
---
|
||||
- name: Add logentries repository
|
||||
apt_repository:
|
||||
repo: 'deb http://rep.logentries.com/ {{ansible_distribution_release}} main'
|
||||
state: present
|
||||
filename: logentries
|
||||
|
||||
- name: add repository key
|
||||
apt_key:
|
||||
keyserver: pgp.mit.edu
|
||||
id: A5270289C43C79AD
|
||||
state: present
|
||||
|
||||
- name: Install logentries packages
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
- logentries
|
||||
- logentries-daemon
|
||||
- python-setproctitle
|
||||
|
||||
- name: connect logentries account
|
||||
shell: le reinit --user-key={{ logentries_user_key }}
|
||||
notify:
|
||||
- restart logentries
|
||||
|
||||
- name: deactivate pull-server-side-config
|
||||
lineinfile:
|
||||
dest: /etc/le/config
|
||||
regexp: "pull-server-side-config = "
|
||||
line: "pull-server-side-config = False"
|
||||
notify:
|
||||
- restart logentries
|
||||
|
||||
- name: create config folder
|
||||
file:
|
||||
path: /etc/le/conf.d
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: deploy config logentries
|
||||
template: src=logentries.j2 dest=/etc/le/conf.d/{{ GENESIS_BRANCH }}.conf
|
||||
notify:
|
||||
- restart logentries
|
||||
|
||||
- name: Ensure logentries is running and enabled to start at boot
|
||||
service: name=logentries state=started enabled=yes
|
||||
|
|
@ -1,33 +0,0 @@
|
|||
[install_err]
|
||||
path = /var/lib/waagent/custom-script/download/0/stderr
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[install_out]
|
||||
path = /var/lib/waagent/custom-script/download/0/stdout
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[dashboard_err]
|
||||
path = {{ logsprefix }}/dashboard.err
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[dashboard_out]
|
||||
path = {{ logsprefix }}/dashboard.out
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[parity_log]
|
||||
path = {{ logsprefix }}/parity.log
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[parity_err]
|
||||
path = {{ logsprefix }}/parity.err
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[parity_out]
|
||||
path = {{ logsprefix }}/parity.out
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[netstats_daemon_err]
|
||||
path = {{ logsprefix }}/netstats_daemon.err
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[netstats_daemon_out]
|
||||
path = {{ logsprefix }}/netstats_daemon.out
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[explorer_err]
|
||||
path = {{ logsprefix }}/explorer.err
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
||||
[explorer_out]
|
||||
path = {{ logsprefix }}/explorer.out
|
||||
destination = {{ GENESIS_BRANCH }}/{{ ansible_host }}
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,8 +1,34 @@
|
|||
---
|
||||
|
||||
user: ubuntu
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
|
||||
NODE_FULLNAME: "moc"
|
||||
NODE_ADMIN_EMAIL: ""
|
||||
NODE_PWD: "node.pwd" # don't change this one
|
||||
|
||||
NETSTATS_SERVER: ""
|
||||
NETSTATS_SECRET: ""
|
||||
|
||||
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
||||
MOC_KEYPASS: ""
|
||||
MOC_KEYFILE: ""
|
||||
|
||||
SCRIPTS_MOC_BRANCH: "master"
|
||||
GENESIS_NETWORK_NAME: "PoA"
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
|
||||
BLK_GAS_LIMIT: "6700000"
|
||||
|
||||
username: "moc"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
moc_archive: "off"
|
||||
|
||||
reboot_after_completion: false
|
||||
install_debug_tools: "no"
|
||||
install_firewall: true
|
|
@ -0,0 +1,9 @@
|
|||
dependencies:
|
||||
- { role: usermanager }
|
||||
- { role: preconf }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: poa-netstats }
|
||||
- { role: debug-tools, when: "install_debug_tools == 'yes'" }
|
|
@ -1,30 +1,7 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
with_items:
|
||||
- node.toml
|
||||
template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644
|
||||
|
||||
- name: Install {{ NODE_PWD }} file
|
||||
template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600
|
||||
|
@ -39,10 +16,11 @@
|
|||
repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc"
|
||||
dest: "{{ home }}/poa-scripts-moc"
|
||||
version: "{{ SCRIPTS_MOC_BRANCH }}"
|
||||
force: yes
|
||||
|
||||
- name: Change owner and group of poa-scripts-moc file
|
||||
file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes
|
||||
|
||||
|
||||
- name: install npm initial_keys_script
|
||||
npm:
|
||||
path: "{{ home }}/poa-scripts-moc"
|
||||
|
@ -60,3 +38,11 @@
|
|||
path: "{{ home }}/poa-scripts-moc/distributeTokens"
|
||||
become: true
|
||||
become_user: "{{ username }}"
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: install_firewall
|
||||
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
when: reboot_after_completion == true
|
|
@ -17,9 +17,7 @@
|
|||
- restart ufw
|
||||
|
||||
- name: Add ufw ssh access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '22', proto: 'tcp' }
|
||||
ufw: rule='allow' port='22' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_moc_ssh == true
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,12 +1,27 @@
|
|||
---
|
||||
|
||||
user: ubuntu
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
|
||||
netstat_version: "cb431d6"
|
||||
|
||||
NETSTATS_SERVER: "http://localhost:3000"
|
||||
NETSTATS_SECRET: ""
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
|
||||
NODE_FULLNAME: "netstat"
|
||||
NODE_ADMIN_EMAIL: ""
|
||||
|
||||
username: "netstat"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
NETSTATS_SERVER: "http://localhost:3000"
|
||||
|
||||
reboot_after_completion: false
|
||||
install_debug_tools: "no"
|
||||
install_firewall: true
|
|
@ -1,3 +1,6 @@
|
|||
---
|
||||
- name: restart poa-dashboard
|
||||
service: name=poa-dashboard state=restarted
|
||||
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -0,0 +1,7 @@
|
|||
dependencies:
|
||||
- { role: usermanager }
|
||||
- { role: preconf }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: nginx }
|
||||
- { role: debug-tools, when: "install_debug_tools == 'yes'" }
|
|
@ -1,11 +1,4 @@
|
|||
---
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Clone poanetworks/eth-netstats repo from GitHub
|
||||
git:
|
||||
|
@ -18,7 +11,7 @@
|
|||
|
||||
- name: install npm netstats
|
||||
npm:
|
||||
path: "/home/{{ username }}/eth-netstats"
|
||||
path: "{{ home }}/eth-netstats"
|
||||
become: true
|
||||
become_user: "{{ username }}"
|
||||
notify:
|
||||
|
@ -30,23 +23,31 @@
|
|||
global: yes
|
||||
|
||||
- name: run grunt process
|
||||
shell: "cd /home/{{ username }}/eth-netstats; grunt"
|
||||
shell: "cd {{ home }}/eth-netstats; grunt"
|
||||
become: true
|
||||
become_user: "{{ username }}"
|
||||
args:
|
||||
creates: "/home/{{ username }}/dist"
|
||||
creates: "{{ home }}/dist"
|
||||
|
||||
- name: Config ws_secret.json file
|
||||
copy:
|
||||
content: '["{{ NETSTATS_SECRET }}"]'
|
||||
dest: "/home/{{ username }}/eth-netstats/ws_secret.json"
|
||||
dest: "{{ home }}/eth-netstats/ws_secret.json"
|
||||
notify:
|
||||
- restart poa-dashboard
|
||||
|
||||
- name: Install poa-dashboard service
|
||||
template: src=poa-dashboard.j2 dest=/etc/systemd/system/poa-dashboard.service owner=root group=root mode=0755
|
||||
template: src=poa-dashboard.j2 dest=/etc/systemd/system/poa-dashboard.service owner={{ username }} group={{ username }} mode=0755
|
||||
notify:
|
||||
- restart poa-dashboard
|
||||
|
||||
- name: Ensure poa-dashboard is running and enabled to start at boot
|
||||
service: name=poa-dashboard state=started enabled=yes
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: install_firewall
|
||||
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
when: reboot_after_completion == true
|
|
@ -17,24 +17,18 @@
|
|||
- restart ufw
|
||||
|
||||
- name: Add ufw ssh access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '22', proto: 'tcp' }
|
||||
ufw: rule='allow' port='22' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_netstat_ssh == true
|
||||
|
||||
- name: Add ufw https access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '443', proto: 'tcp' }
|
||||
ufw: rule='allow' port='443' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
|
||||
- name: Add ufw http-3000 access
|
||||
ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }}
|
||||
with_items:
|
||||
- { rule: 'allow', port: '3000', proto: 'tcp' }
|
||||
ufw: rule='allow' port='3000' proto='tcp'
|
||||
notify:
|
||||
- restart ufw
|
||||
when: allow_netstat_http == true
|
|
@ -4,8 +4,7 @@ After=network.target
|
|||
[Service]
|
||||
User={{ username }}
|
||||
Group={{ username }}
|
||||
Environment=MYVAR=myval
|
||||
WorkingDirectory=/home/{{ username }}/eth-netstats
|
||||
WorkingDirectory={{ home }}/eth-netstats
|
||||
Restart=always
|
||||
ExecStart=/usr/bin/npm start
|
||||
[Install]
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
netstat_version: "cb431d6"
|
|
@ -0,0 +1 @@
|
|||
netstat_version: "cb431d6"
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
|
||||
PROXY_PORT: 3000
|
||||
configure_extended_tcp_settings: true
|
||||
|
||||
nginx_headers: "off"
|
|
@ -8,7 +8,29 @@
|
|||
name: "python3-pip"
|
||||
state: present
|
||||
|
||||
- name: Ensure python OpenSSL dependencies are installed.
|
||||
- name: Ensure OpenSSL dependencies are installed (Ubuntu)
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- build-essential
|
||||
- libssl-dev
|
||||
- libffi-dev
|
||||
- python-dev
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Ensure OpenSSL dependencies are installed (CentOS)
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- gcc
|
||||
- libffi-devel
|
||||
- openssl-devel
|
||||
- python-devel
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Install OpenSSL module
|
||||
pip:
|
||||
name: pyOpenSSL
|
||||
state: present
|
||||
|
@ -46,16 +68,12 @@
|
|||
when: not cert_file_check.stat.exists
|
||||
|
||||
- name: Install nginx.conf
|
||||
template: src={{ item }}.j2 dest=/etc/nginx/ssl/{{ item }} owner=root group=root mode=0644
|
||||
with_items:
|
||||
- dhparam.pem
|
||||
template: src=dhparam.pem.j2 dest=/etc/nginx/ssl/dhparam.pem owner=root group=root mode=0644
|
||||
notify:
|
||||
- reload nginx
|
||||
|
||||
- name: Install nginx conf.d files
|
||||
template: src={{ item }}.j2 dest=/etc/nginx/conf.d/{{ item }} owner=root group=root mode=0644
|
||||
with_items:
|
||||
- default.conf
|
||||
template: src=default.conf.j2 dest=/etc/nginx/conf.d/default.conf owner=root group=root mode=0644
|
||||
notify:
|
||||
- reload nginx
|
||||
tags: nginx
|
||||
|
@ -63,3 +81,8 @@
|
|||
- name: Ensure nginx is running and enabled to start at boot
|
||||
service: name=nginx state=started enabled=yes
|
||||
tags: nginx
|
||||
|
||||
- name: executing vars.yml
|
||||
import_tasks: vars.yml
|
||||
when: configure_extended_tcp_settings == true
|
||||
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
|
||||
NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
|
@ -10,12 +10,8 @@
|
|||
|
||||
- name: Add nodejs repository
|
||||
apt_repository:
|
||||
repo: 'deb {{ NODE_SOURCE_DEB }} {{ansible_distribution_release}} main'
|
||||
repo: 'deb {{ NODE_SOURCE_DEB }} {{ ansible_distribution_release }} main'
|
||||
state: present
|
||||
|
||||
- name: Install nodejs packages
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
- nodejs
|
||||
|
||||
|
||||
- name: Install nodejs package
|
||||
apt: name=nodejs state=present update_cache=yes
|
|
@ -0,0 +1,4 @@
|
|||
username: "poa"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Install poa-logrotate conf
|
||||
template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner=root group=root mode=0644
|
||||
template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner={{ username }} group={{ username }} mode=0644
|
||||
|
||||
- name: Install poa-logrotate cron
|
||||
template: src=poa-logrotate.j2 dest=/etc/cron.hourly/poa-logrotate owner=root group=root mode=0755
|
||||
cron: special_time=hourly job="/usr/sbin/logrotate {{ home }}/poa-logrotate.conf -s {{ home }}/poa-logrotate.status" user={{ username }} name="poa-logrotate"
|
|
@ -1,4 +1,4 @@
|
|||
/home/{{ username }}/logs/*.log {
|
||||
{{ home }}/logs/*.log {
|
||||
rotate 10
|
||||
size 200M
|
||||
missingok
|
||||
|
@ -9,7 +9,7 @@
|
|||
olddir old
|
||||
}
|
||||
|
||||
/home/{{ username }}/logs/*.err {
|
||||
{{ home }}/logs/*.err {
|
||||
rotate 10
|
||||
size 200M
|
||||
missingok
|
||||
|
@ -20,7 +20,7 @@
|
|||
olddir old
|
||||
}
|
||||
|
||||
/home/{{ username }}/logs/*.out {
|
||||
{{ home }}/logs/*.out {
|
||||
rotate 10
|
||||
size 200M
|
||||
missingok
|
||||
|
@ -31,7 +31,7 @@
|
|||
olddir old
|
||||
}
|
||||
|
||||
/home/{{ username }}/.pm2/pm2.log {
|
||||
{{ home }}/.pm2/pm2.log {
|
||||
su {{ username }} {{ username }}
|
||||
rotate 10
|
||||
size 200M
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
#!/bin/bash
|
||||
/usr/sbin/logrotate /home/{{ username }}/poa-logrotate.conf
|
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
|
||||
MAIN_REPO_FETCH: "poanetwork"
|
||||
GENESIS_NETWORK_NAME: "PoA"
|
||||
|
||||
api_version: "9773b5b"
|
||||
|
||||
NODE_FULLNAME: ""
|
||||
NODE_ADMIN_EMAIL: ""
|
||||
NETSTATS_SERVER: ""
|
||||
NETSTATS_SECRET: ""
|
||||
|
||||
username: "poa"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
|
@ -29,9 +29,9 @@
|
|||
- name: Change owner and group of eth-net-intelligence-api files
|
||||
file: path={{ home }}/eth-net-intelligence-api owner={{ username }} group={{ username }} recurse=yes
|
||||
|
||||
- name: install npm netstats
|
||||
- name: Install npm netstats
|
||||
npm:
|
||||
path: "/home/{{ username }}/eth-net-intelligence-api"
|
||||
path: "{{ home }}/eth-net-intelligence-api"
|
||||
become: true
|
||||
become_user: "{{ username }}"
|
||||
notify:
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
"name" : "netstats_daemon",
|
||||
"script" : "app.js",
|
||||
"log_date_format" : "YYYY-MM-DD HH:mm:SS Z",
|
||||
"error_file" : "/home/{{ username }}/logs/netstats_daemon.err",
|
||||
"out_file" : "/home/{{ username }}/logs/netstats_daemon.out",
|
||||
"error_file" : "{{ home }}/logs/netstats_daemon.err",
|
||||
"out_file" : "{{ home }}/logs/netstats_daemon.out",
|
||||
"merge_logs" : false,
|
||||
"watch" : false,
|
||||
"max_restarts" : 100,
|
||||
|
|
|
@ -6,8 +6,7 @@ Type=oneshot
|
|||
RemainAfterExit=true
|
||||
User={{ username }}
|
||||
Group={{ username }}
|
||||
Environment=MYVAR=myval
|
||||
WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api
|
||||
WorkingDirectory={{ home }}/eth-net-intelligence-api
|
||||
ExecStart=/usr/bin/pm2 startOrRestart app.json
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
|
||||
ORCHESTRATOR_BIN_LOC: ""
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
||||
|
||||
username: "poa"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
|
@ -5,7 +5,7 @@
|
|||
- restart poa-orchestrator
|
||||
|
||||
- name: Create parity-orchestrator.toml
|
||||
template: src=parity-orchestrator.toml.j2 dest={{ home }}/parity-orchestrator.toml owner=root group=root mode=0644
|
||||
template: src=parity-orchestrator.toml.j2 dest={{ home }}/parity-orchestrator.toml owner={{ username }} group={{ username }} mode=0644
|
||||
|
||||
- name: Install poa-orchestrator service
|
||||
template: src=poa-orchestrator.j2 dest=/etc/systemd/system/poa-orchestrator.service owner=root group=root mode=0755
|
||||
|
|
|
@ -4,7 +4,7 @@ After=poa-parity.service
|
|||
[Service]
|
||||
User={{ username }}
|
||||
Group={{ username }}
|
||||
WorkingDirectory=/home/{{ username }}
|
||||
ExecStart=/home/{{ username }}/parity-orchestrator --config=parity-orchestrator.toml
|
||||
WorkingDirectory={{ home }}
|
||||
ExecStart={{ home }}/parity-orchestrator --config=parity-orchestrator.toml
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
|
||||
GENESIS_NETWORK_NAME: "PoA"
|
||||
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
|
||||
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
|
||||
|
||||
validator_archive: "off"
|
||||
bootnode_archive: "off"
|
||||
moc_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
username: "poa"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
|
@ -16,7 +16,7 @@
|
|||
group: "{{ username }}"
|
||||
|
||||
- name: Download parity-bin
|
||||
get_url: url="{{ PARITY_BIN_LOC }}" dest={{ home }}/parity mode=0755 checksum="sha256:{{ PARITY_BIN_SHA256 }}"
|
||||
get_url: url="{{ PARITY_BIN_LOC }}" dest={{ home }}/parity mode=0755 group={{ username }} owner={{ username }} checksum="sha256:{{ PARITY_BIN_SHA256 }}"
|
||||
notify:
|
||||
- restart poa-parity
|
||||
|
||||
|
@ -26,4 +26,4 @@
|
|||
- restart poa-parity
|
||||
|
||||
- name: Ensure poa-parity is running and enabled to start at boot
|
||||
service: name=poa-parity state=started enabled=yes
|
||||
service: name=poa-parity state=started enabled=yes
|
|
@ -1,26 +0,0 @@
|
|||
[
|
||||
{
|
||||
"name" : "netstats_daemon",
|
||||
"script" : "app.js",
|
||||
"log_date_format" : "YYYY-MM-DD HH:mm:SS Z",
|
||||
"error_file" : "/home/{{ username }}/logs/netstats_daemon.err",
|
||||
"out_file" : "/home/{{ username }}/logs/netstats_daemon.out",
|
||||
"merge_logs" : false,
|
||||
"watch" : false,
|
||||
"max_restarts" : 100,
|
||||
"exec_interpreter" : "node",
|
||||
"exec_mode" : "fork_mode",
|
||||
"env":
|
||||
{
|
||||
"NODE_ENV" : "production",
|
||||
"RPC_HOST" : "localhost",
|
||||
"RPC_PORT" : "8545",
|
||||
"LISTENING_PORT" : "30303",
|
||||
"INSTANCE_NAME" : "{{ NODE_FULLNAME }}",
|
||||
"CONTACT_DETAILS" : "{{ NODE_ADMIN_EMAIL }}",
|
||||
"WS_SERVER" : "{{ NETSTATS_SERVER }}",
|
||||
"WS_SECRET" : "{{ NETSTATS_SECRET }}",
|
||||
"VERBOSITY" : 2
|
||||
}
|
||||
}
|
||||
]
|
|
@ -1,19 +0,0 @@
|
|||
[
|
||||
{
|
||||
"name" : "explorer",
|
||||
"script" : "./bin/www",
|
||||
"log_date_format" : "YYYY-MM-DD HH:mm:SS Z",
|
||||
"error_file" : "/home/{{ username }}/logs/explorer.err",
|
||||
"out_file" : "/home/{{ username }}/logs/explorer.out",
|
||||
"merge_logs" : false,
|
||||
"watch" : false,
|
||||
"max_restarts" : 100,
|
||||
"exec_interpreter" : "node",
|
||||
"exec_mode" : "fork_mode",
|
||||
"env":
|
||||
{
|
||||
"NODE_ENV" : "production",
|
||||
"PORT" : 4000,
|
||||
}
|
||||
}
|
||||
]
|
|
@ -1,12 +0,0 @@
|
|||
var web3 = require('web3');
|
||||
var net = require('net');
|
||||
var config = function () {
|
||||
this.logFormat = "combined";
|
||||
this.ipcPath = "/home/{{ username }}/parity_data/jsonrpc.ipc";
|
||||
this.provider = new web3.providers.IpcProvider(this.ipcPath, net);
|
||||
this.bootstrapUrl = "https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/yeti/bootstrap.min.css";
|
||||
this.names = {
|
||||
"{{ MOC_ADDRESS }}": "Owner",
|
||||
};
|
||||
}
|
||||
module.exports = config;
|
|
@ -1,13 +0,0 @@
|
|||
[Unit]
|
||||
Description=poa chain explorer service
|
||||
After=poa-pm2.service
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
User={{ username }}
|
||||
Group={{ username }}
|
||||
Environment=MYVAR=myval
|
||||
WorkingDirectory=/home/{{ username }}/chain-explorer
|
||||
ExecStart=/usr/bin/pm2 startOrRestart app.json
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue