From 774cdef493484a9c303916fc0ca04b95896a606b Mon Sep 17 00:00:00 2001 From: ykisialiou Date: Thu, 19 Apr 2018 17:40:33 +0300 Subject: [PATCH 01/71] Remove unnecesary envvar declaration --- roles/poa-parity/templates/poa-chain-explorer.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/poa-parity/templates/poa-chain-explorer.j2 b/roles/poa-parity/templates/poa-chain-explorer.j2 index f0fda63..845e8d0 100644 --- a/roles/poa-parity/templates/poa-chain-explorer.j2 +++ b/roles/poa-parity/templates/poa-chain-explorer.j2 @@ -6,7 +6,6 @@ Type=oneshot RemainAfterExit=true User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }}/chain-explorer ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] From 0c80ba95a4bb48083634f6f6f4e0d11320aaaa73 Mon Sep 17 00:00:00 2001 From: ykisialiou Date: Thu, 19 Apr 2018 18:03:36 +0300 Subject: [PATCH 02/71] Delete 7 more MYVAR=myval declarations --- roles/explorer/templates/poa-chain-explorer.j2 | 1 - roles/netstat/templates/poa-dashboard.j2 | 1 - roles/poa-netstats/templates/poa-netstats.j2 | 1 - roles/poa-parity/templates/poa-dashboard.j2 | 1 - roles/poa-parity/templates/poa-netstats.j2 | 1 - roles/poa-parity/templates/poa-pm2.j2 | 1 - roles/poa-pm2/templates/poa-pm2.j2 | 1 - 7 files changed, 7 deletions(-) diff --git a/roles/explorer/templates/poa-chain-explorer.j2 b/roles/explorer/templates/poa-chain-explorer.j2 index f0fda63..845e8d0 100644 --- a/roles/explorer/templates/poa-chain-explorer.j2 +++ b/roles/explorer/templates/poa-chain-explorer.j2 @@ -6,7 +6,6 @@ Type=oneshot RemainAfterExit=true User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }}/chain-explorer ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] diff --git a/roles/netstat/templates/poa-dashboard.j2 b/roles/netstat/templates/poa-dashboard.j2 index f6546f2..8d09f26 100644 --- a/roles/netstat/templates/poa-dashboard.j2 +++ b/roles/netstat/templates/poa-dashboard.j2 @@ -4,7 +4,6 @@ After=network.target [Service] User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }}/eth-netstats Restart=always ExecStart=/usr/bin/npm start diff --git a/roles/poa-netstats/templates/poa-netstats.j2 b/roles/poa-netstats/templates/poa-netstats.j2 index c76cbb6..1bf95e1 100644 --- a/roles/poa-netstats/templates/poa-netstats.j2 +++ b/roles/poa-netstats/templates/poa-netstats.j2 @@ -6,7 +6,6 @@ Type=oneshot RemainAfterExit=true User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] diff --git a/roles/poa-parity/templates/poa-dashboard.j2 b/roles/poa-parity/templates/poa-dashboard.j2 index f6546f2..8d09f26 100644 --- a/roles/poa-parity/templates/poa-dashboard.j2 +++ b/roles/poa-parity/templates/poa-dashboard.j2 @@ -4,7 +4,6 @@ After=network.target [Service] User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }}/eth-netstats Restart=always ExecStart=/usr/bin/npm start diff --git a/roles/poa-parity/templates/poa-netstats.j2 b/roles/poa-parity/templates/poa-netstats.j2 index c76cbb6..1bf95e1 100644 --- a/roles/poa-parity/templates/poa-netstats.j2 +++ b/roles/poa-parity/templates/poa-netstats.j2 @@ -6,7 +6,6 @@ Type=oneshot RemainAfterExit=true User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] diff --git a/roles/poa-parity/templates/poa-pm2.j2 b/roles/poa-parity/templates/poa-pm2.j2 index 1ddd76f..c2a7a7a 100644 --- a/roles/poa-parity/templates/poa-pm2.j2 +++ b/roles/poa-parity/templates/poa-pm2.j2 @@ -6,7 +6,6 @@ Type=oneshot RemainAfterExit=true User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }} ExecStart=/usr/bin/pm2 ping [Install] diff --git a/roles/poa-pm2/templates/poa-pm2.j2 b/roles/poa-pm2/templates/poa-pm2.j2 index 1ddd76f..c2a7a7a 100644 --- a/roles/poa-pm2/templates/poa-pm2.j2 +++ b/roles/poa-pm2/templates/poa-pm2.j2 @@ -6,7 +6,6 @@ Type=oneshot RemainAfterExit=true User={{ username }} Group={{ username }} -Environment=MYVAR=myval WorkingDirectory=/home/{{ username }} ExecStart=/usr/bin/pm2 ping [Install] From 7988410a8da9cbf65a50688c8e4f0b62e8a4e19d Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 19 Apr 2018 19:31:20 +0300 Subject: [PATCH 03/71] fixes for #76, #79, #80, #92, #99, partially #102, partially #104 --- Vagrantfile | 1 + aws/ansible.cfg | 16 +++ aws/bootnode.yml | 111 ++++++++++++++++++ aws/explorer.yml | 92 +++++++++++++++ aws/group_vars/bootnode.yml.example | 11 ++ aws/group_vars/explorer.yml.example | 9 ++ aws/group_vars/moc.yml.example | 5 + aws/group_vars/netstat.yml.example | 5 + aws/group_vars/validator.yml.example | 6 + aws/hosts.example | 26 ++++ aws/moc.yml | 92 +++++++++++++++ aws/netstat.yml | 92 +++++++++++++++ .../roles}/bootnode-access/tasks/ec2.yml | 0 aws/roles/bootnode-access/tasks/main.yml | 4 + .../roles}/explorer-access/tasks/ec2.yml | 0 aws/roles/explorer-access/tasks/main.yml | 4 + {roles => aws/roles}/moc-access/tasks/ec2.yml | 0 aws/roles/moc-access/tasks/main.yml | 4 + .../roles}/netstat-access/tasks/ec2.yml | 0 aws/roles/netstat-access/tasks/main.yml | 4 + .../roles}/validator-access/tasks/ec2.yml | 0 aws/roles/validator-access/tasks/main.yml | 4 + aws/site.yml | 19 +++ aws/validator.yml | 111 ++++++++++++++++++ bootnode.yml | 105 +---------------- explorer.yml | 86 +------------- group_vars/all.example | 56 +-------- group_vars/all.network | 55 --------- group_vars/bootnode.example | 10 ++ group_vars/explorer.example | 9 ++ group_vars/moc.example | 7 ++ group_vars/netstat.example | 9 ++ group_vars/validator.example | 7 ++ hosts.example | 2 +- moc.yml | 86 +------------- netstat.yml | 86 +------------- roles/bootnode-access/tasks/main.yml | 8 -- roles/bootnode/defaults/main.yml | 11 +- .../handlers/main.yml | 0 roles/bootnode/meta/main.yml | 11 ++ roles/bootnode/tasks/main.yml | 25 +--- .../tasks/ufw.yml | 0 roles/explorer-access/tasks/main.yml | 8 -- roles/explorer/defaults/main.yml | 11 +- roles/explorer/handlers/main.yml | 3 + roles/explorer/meta/main.yml | 8 ++ roles/explorer/tasks/main.yml | 25 +--- .../tasks/ufw.yml | 0 roles/explorer/vars/main.yml | 1 - roles/moc-access/handlers/main.yml | 3 - roles/moc-access/tasks/main.yml | 8 -- roles/moc/defaults/main.yml | 6 +- .../handlers/main.yml | 0 roles/moc/meta/main.yml | 8 ++ roles/moc/tasks/main.yml | 25 +--- roles/{moc-access => moc}/tasks/ufw.yml | 0 roles/netstat-access/handlers/main.yml | 3 - roles/netstat-access/tasks/main.yml | 8 -- roles/netstat/defaults/main.yml | 8 -- roles/netstat/handlers/main.yml | 3 + roles/netstat/meta/main.yml | 6 + roles/netstat/tasks/main.yml | 11 +- .../{netstat-access => netstat}/tasks/ufw.yml | 0 roles/netstat/vars/main.yml | 1 - roles/preconf/tasks/keys.yml | 7 ++ roles/preconf/tasks/logs.yml | 7 ++ roles/preconf/tasks/main.yml | 5 + roles/preconf/tasks/spec.yml | 5 + roles/validator-access/handlers/main.yml | 3 - roles/validator-access/tasks/main.yml | 8 -- roles/validator/defaults/main.yml | 5 + roles/validator/handlers/main.yml | 3 + roles/validator/meta/main.yml | 8 ++ roles/validator/tasks/main.yml | 21 ---- .../tasks/ufw.yml | 0 site.yml | 103 +++------------- validator.yml | 105 +---------------- 77 files changed, 788 insertions(+), 827 deletions(-) create mode 100644 aws/ansible.cfg create mode 100644 aws/bootnode.yml create mode 100644 aws/explorer.yml create mode 100644 aws/group_vars/bootnode.yml.example create mode 100644 aws/group_vars/explorer.yml.example create mode 100644 aws/group_vars/moc.yml.example create mode 100644 aws/group_vars/netstat.yml.example create mode 100644 aws/group_vars/validator.yml.example create mode 100644 aws/hosts.example create mode 100644 aws/moc.yml create mode 100644 aws/netstat.yml rename {roles => aws/roles}/bootnode-access/tasks/ec2.yml (100%) create mode 100644 aws/roles/bootnode-access/tasks/main.yml rename {roles => aws/roles}/explorer-access/tasks/ec2.yml (100%) create mode 100644 aws/roles/explorer-access/tasks/main.yml rename {roles => aws/roles}/moc-access/tasks/ec2.yml (100%) create mode 100644 aws/roles/moc-access/tasks/main.yml rename {roles => aws/roles}/netstat-access/tasks/ec2.yml (100%) create mode 100644 aws/roles/netstat-access/tasks/main.yml rename {roles => aws/roles}/validator-access/tasks/ec2.yml (100%) create mode 100644 aws/roles/validator-access/tasks/main.yml create mode 100644 aws/site.yml create mode 100644 aws/validator.yml delete mode 100644 roles/bootnode-access/tasks/main.yml rename roles/{bootnode-access => bootnode}/handlers/main.yml (100%) create mode 100644 roles/bootnode/meta/main.yml rename roles/{bootnode-access => bootnode}/tasks/ufw.yml (100%) delete mode 100644 roles/explorer-access/tasks/main.yml create mode 100644 roles/explorer/meta/main.yml rename roles/{explorer-access => explorer}/tasks/ufw.yml (100%) delete mode 100644 roles/explorer/vars/main.yml delete mode 100644 roles/moc-access/handlers/main.yml delete mode 100644 roles/moc-access/tasks/main.yml rename roles/{explorer-access => moc}/handlers/main.yml (100%) create mode 100644 roles/moc/meta/main.yml rename roles/{moc-access => moc}/tasks/ufw.yml (100%) delete mode 100644 roles/netstat-access/handlers/main.yml delete mode 100644 roles/netstat-access/tasks/main.yml create mode 100644 roles/netstat/meta/main.yml rename roles/{netstat-access => netstat}/tasks/ufw.yml (100%) delete mode 100644 roles/netstat/vars/main.yml create mode 100644 roles/preconf/tasks/keys.yml create mode 100644 roles/preconf/tasks/logs.yml create mode 100644 roles/preconf/tasks/spec.yml delete mode 100644 roles/validator-access/handlers/main.yml delete mode 100644 roles/validator-access/tasks/main.yml create mode 100644 roles/validator/defaults/main.yml create mode 100644 roles/validator/handlers/main.yml create mode 100644 roles/validator/meta/main.yml rename roles/{validator-access => validator}/tasks/ufw.yml (100%) diff --git a/Vagrantfile b/Vagrantfile index c6425d1..a995204 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -19,6 +19,7 @@ Vagrant.configure("2") do |config| node.vm.hostname = machine node.vm.provision :ansible do |ansible| + ansible.compatibility_mode = "2.0" ansible.playbook = "site.yml" ansible.groups = { "validator" => ["validator"], diff --git a/aws/ansible.cfg b/aws/ansible.cfg new file mode 100644 index 0000000..1b7798d --- /dev/null +++ b/aws/ansible.cfg @@ -0,0 +1,16 @@ +# config file for ansible -- http://ansible.com/ +[defaults] + +remote_tmp = $HOME/.ansible/tmp +forks = 20 +gathering = implicit +# SSH timeout +timeout = 10 +host_key_checking = False + +remote_user = root +ansible_managed = This file is managed by ansible + +[ssh_connection] +pipelining = True +scp_if_ssh = True diff --git a/aws/bootnode.yml b/aws/bootnode.yml new file mode 100644 index 0000000..30f163e --- /dev/null +++ b/aws/bootnode.yml @@ -0,0 +1,111 @@ +--- +- name: Create bootnode security group + hosts: localhost + gather_facts: False + tasks: + - name: Create Security group + ec2_group: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + name: "{{ bootnode_security_group }}" + description: "Default security group" + region: "{{ region }}" + purge_rules_egress: false + purge_rules: false + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + rules_egress: + - proto: all + from_port: all + to_port: all + cidr_ip: 0.0.0.0/0 + tags: bootnode + + +- name: Create bootnode + hosts: localhost + gather_facts: False + vars: + volumes: + - device_name: /dev/sda1 + volume_size: 128 + delete_on_termination: true + tasks: + - name: Launch instance + ec2: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + key_name: "{{ awskeypair_name }}" + instance_tags: + Name: "{{ bootnode_instance_name }}" + group: "{{ bootnode_security_group }}" + instance_type: "{{ bootnode_instance_type }}" + image: "{{ image }}" + count: "{{ bootnode_count_instances }}" + wait: yes + region: "{{ region }}" + vpc_subnet_id: "{{ vpc_subnet_id }}" + volumes: "{{ volumes }}" + assign_public_ip: yes + register: ec2 + - name: Add new instance to host group + add_host: hostname={{ item.public_ip }} groupname=launched + with_items: "{{ ec2.instances }}" + - name: Wait for SSH to come up + wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started + with_items: "{{ ec2.instances }}" + tags: bootnode + +- name: Installing python + hosts: all + hosts: launched + gather_facts: False + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + tasks: + - name: Install python + raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) + +- name: Configure instance(s) + hosts: launched + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + gather_facts: True + roles: + - preconf + tags: preconf + tasks: + - name: restart machine after setup + shell: shutdown -r 1 + +- name: Create bootnode elastic ip + hosts: localhost + gather_facts: False + tasks: + - name: associate elastic ip for bootnode + ec2_eip: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + region: "{{ region }}" + reuse_existing_ip_allowed: yes + state: present + in_vpc: yes + device_id: "{{ ec2.instance_ids[0] }}" + register: instance_elastic_ip + when: associate_bootnode_elastic_ip == true + + - debug: var=instance_elastic_ip.public_ip + when: associate_bootnode_elastic_ip == true + +- name: EC2 access setup + hosts: bootnode + become: True + roles: + - bootnode-access \ No newline at end of file diff --git a/aws/explorer.yml b/aws/explorer.yml new file mode 100644 index 0000000..59f6399 --- /dev/null +++ b/aws/explorer.yml @@ -0,0 +1,92 @@ +--- +- name: Create explorer security group + hosts: localhost + gather_facts: False + tasks: + - name: Create Security group + ec2_group: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + name: "{{ explorer_security_group }}" + description: "Default security group" + region: "{{ region }}" + purge_rules_egress: false + purge_rules: false + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + rules_egress: + - proto: all + from_port: all + to_port: all + cidr_ip: 0.0.0.0/0 + tags: explorer + + +- name: Create explorer + hosts: localhost + gather_facts: False + vars: + volumes: + - device_name: /dev/sda1 + volume_size: 128 + delete_on_termination: true + tasks: + - name: Launch instance + ec2: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + key_name: "{{ awskeypair_name }}" + instance_tags: + Name: "{{ explorer_instance_name }}" + group: "{{ explorer_security_group }}" + instance_type: "{{ explorer_instance_type }}" + image: "{{ image }}" + count: "{{ explorer_count_instances }}" + wait: yes + region: "{{ region }}" + vpc_subnet_id: "{{ vpc_subnet_id }}" + volumes: "{{ volumes }}" + assign_public_ip: yes + register: ec2 + - name: Add new instance to host group + add_host: hostname={{ item.public_ip }} groupname=launched + with_items: "{{ ec2.instances }}" + - name: Wait for SSH to come up + wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started + with_items: "{{ ec2.instances }}" + tags: explorer + +- name: Installing python + hosts: all + hosts: launched + gather_facts: False + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + tasks: + - name: Install python + raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) + +- name: Configure instance(s) + hosts: launched + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + gather_facts: True + roles: + - preconf + tags: preconf + tasks: + - name: restart machine after setup + shell: shutdown -r 1 + +- name: EC2 access setup + hosts: explorer + become: True + roles: + - explorer-access \ No newline at end of file diff --git a/aws/group_vars/bootnode.yml.example b/aws/group_vars/bootnode.yml.example new file mode 100644 index 0000000..51acc15 --- /dev/null +++ b/aws/group_vars/bootnode.yml.example @@ -0,0 +1,11 @@ +bootnode_instance_type: "t2.large" +bootnode_instance_name: "bootnode" +bootnode_count_instances: "1" + +bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security" + +associate_bootnode_elastic_ip: false + +allow_bootnode_ssh: true +allow_bootnode_p2p: true +allow_bootnode_rpc: false diff --git a/aws/group_vars/explorer.yml.example b/aws/group_vars/explorer.yml.example new file mode 100644 index 0000000..d081fa9 --- /dev/null +++ b/aws/group_vars/explorer.yml.example @@ -0,0 +1,9 @@ +explorer_instance_type: "t2.large" +explorer_instance_name: "explorer" +explorer_count_instances: "1" + +explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security" + +allow_explorer_ssh: true +allow_explorer_p2p: true +allow_explorer_http: true diff --git a/aws/group_vars/moc.yml.example b/aws/group_vars/moc.yml.example new file mode 100644 index 0000000..cae0c05 --- /dev/null +++ b/aws/group_vars/moc.yml.example @@ -0,0 +1,5 @@ +moc_instance_type: "t2.large" +moc_instance_name: "moc" +moc_count_instances: "1" + +moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security" diff --git a/aws/group_vars/netstat.yml.example b/aws/group_vars/netstat.yml.example new file mode 100644 index 0000000..5327c8a --- /dev/null +++ b/aws/group_vars/netstat.yml.example @@ -0,0 +1,5 @@ +netstat_instance_type: "t2.large" +netstat_instance_name: "netstat" +netstat_count_instances: "1" + +netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security" diff --git a/aws/group_vars/validator.yml.example b/aws/group_vars/validator.yml.example new file mode 100644 index 0000000..00efc92 --- /dev/null +++ b/aws/group_vars/validator.yml.example @@ -0,0 +1,6 @@ +validator_instance_type: "t2.large" +validator_instance_name: "validator" +validator_count_instances: "1" + +validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security" +associate_validator_elastic_ip: false diff --git a/aws/hosts.example b/aws/hosts.example new file mode 100644 index 0000000..5c02a56 --- /dev/null +++ b/aws/hosts.example @@ -0,0 +1,26 @@ +# This is the default ansible 'hosts' file. +# +# It should live in /etc/ansible/hosts +# +# - Comments begin with the '#' character +# - Blank lines are ignored +# - Groups of hosts are delimited by [header] elements +# - You can enter hostnames or ip addresses +# - A hostname/ip can be a member of multiple groups + +[bootnode] + +[moc] + +[netstat] + +[validator] + +[explorer] + +[poa:children] +bootnode +moc +netstat +validator +explorer \ No newline at end of file diff --git a/aws/moc.yml b/aws/moc.yml new file mode 100644 index 0000000..3165dac --- /dev/null +++ b/aws/moc.yml @@ -0,0 +1,92 @@ +--- +- name: Create moc security group + hosts: localhost + gather_facts: False + tasks: + - name: Create Security group + ec2_group: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + name: "{{ moc_security_group }}" + description: "Default security group" + region: "{{ region }}" + purge_rules_egress: false + purge_rules: false + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + rules_egress: + - proto: all + from_port: all + to_port: all + cidr_ip: 0.0.0.0/0 + tags: moc + + +- name: Create moc + hosts: localhost + gather_facts: False + vars: + volumes: + - device_name: /dev/sda1 + volume_size: 128 + delete_on_termination: true + tasks: + - name: Launch instance + ec2: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + key_name: "{{ awskeypair_name }}" + instance_tags: + Name: "{{ moc_instance_name }}" + group: "{{ moc_security_group }}" + instance_type: "{{ moc_instance_type }}" + image: "{{ image }}" + count: "{{ moc_count_instances }}" + wait: yes + region: "{{ region }}" + vpc_subnet_id: "{{ vpc_subnet_id }}" + volumes: "{{ volumes }}" + assign_public_ip: yes + register: ec2 + - name: Add new instance to host group + add_host: hostname={{ item.public_ip }} groupname=launched + with_items: "{{ ec2.instances }}" + - name: Wait for SSH to come up + wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started + with_items: "{{ ec2.instances }}" + tags: moc + +- name: Installing python + hosts: all + hosts: launched + gather_facts: False + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + tasks: + - name: Install python + raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) + +- name: Configure instance(s) + hosts: launched + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + gather_facts: True + roles: + - preconf + tags: preconf + tasks: + - name: restart machine after setup + shell: shutdown -r 1 + +- name: EC2 access setup + hosts: moc + become: True + roles: + - moc-access \ No newline at end of file diff --git a/aws/netstat.yml b/aws/netstat.yml new file mode 100644 index 0000000..5686644 --- /dev/null +++ b/aws/netstat.yml @@ -0,0 +1,92 @@ +--- +- name: Create netstat security group + hosts: localhost + gather_facts: False + tasks: + - name: Create Security group + ec2_group: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + name: "{{ netstat_security_group }}" + description: "Default security group" + region: "{{ region }}" + purge_rules_egress: false + purge_rules: false + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + rules_egress: + - proto: all + from_port: all + to_port: all + cidr_ip: 0.0.0.0/0 + tags: netstat + + +- name: Create netstat + hosts: localhost + gather_facts: False + vars: + volumes: + - device_name: /dev/sda1 + volume_size: 128 + delete_on_termination: true + tasks: + - name: Launch instance + ec2: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + key_name: "{{ awskeypair_name }}" + instance_tags: + Name: "{{ netstat_instance_name }}" + group: "{{ netstat_security_group }}" + instance_type: "{{ netstat_instance_type }}" + image: "{{ image }}" + count: "{{ netstat_count_instances }}" + wait: yes + region: "{{ region }}" + vpc_subnet_id: "{{ vpc_subnet_id }}" + volumes: "{{ volumes }}" + assign_public_ip: yes + register: ec2 + - name: Add new instance to host group + add_host: hostname={{ item.public_ip }} groupname=launched + with_items: "{{ ec2.instances }}" + - name: Wait for SSH to come up + wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started + with_items: "{{ ec2.instances }}" + tags: netstat + +- name: Installing python + hosts: all + hosts: launched + gather_facts: False + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + tasks: + - name: Install python + raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) + +- name: Configure instance(s) + hosts: launched + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + gather_facts: True + roles: + - preconf + tags: preconf + tasks: + - name: restart machine after setup + shell: shutdown -r 1 + +- name: EC2 access setup + hosts: netstat + become: True + roles: + - netstat-access \ No newline at end of file diff --git a/roles/bootnode-access/tasks/ec2.yml b/aws/roles/bootnode-access/tasks/ec2.yml similarity index 100% rename from roles/bootnode-access/tasks/ec2.yml rename to aws/roles/bootnode-access/tasks/ec2.yml diff --git a/aws/roles/bootnode-access/tasks/main.yml b/aws/roles/bootnode-access/tasks/main.yml new file mode 100644 index 0000000..a6e0567 --- /dev/null +++ b/aws/roles/bootnode-access/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: Setup EC2 firewall + import_tasks: ec2.yml + when: ansible_bios_version | search("amazon") diff --git a/roles/explorer-access/tasks/ec2.yml b/aws/roles/explorer-access/tasks/ec2.yml similarity index 100% rename from roles/explorer-access/tasks/ec2.yml rename to aws/roles/explorer-access/tasks/ec2.yml diff --git a/aws/roles/explorer-access/tasks/main.yml b/aws/roles/explorer-access/tasks/main.yml new file mode 100644 index 0000000..a6e0567 --- /dev/null +++ b/aws/roles/explorer-access/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: Setup EC2 firewall + import_tasks: ec2.yml + when: ansible_bios_version | search("amazon") diff --git a/roles/moc-access/tasks/ec2.yml b/aws/roles/moc-access/tasks/ec2.yml similarity index 100% rename from roles/moc-access/tasks/ec2.yml rename to aws/roles/moc-access/tasks/ec2.yml diff --git a/aws/roles/moc-access/tasks/main.yml b/aws/roles/moc-access/tasks/main.yml new file mode 100644 index 0000000..a6e0567 --- /dev/null +++ b/aws/roles/moc-access/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: Setup EC2 firewall + import_tasks: ec2.yml + when: ansible_bios_version | search("amazon") diff --git a/roles/netstat-access/tasks/ec2.yml b/aws/roles/netstat-access/tasks/ec2.yml similarity index 100% rename from roles/netstat-access/tasks/ec2.yml rename to aws/roles/netstat-access/tasks/ec2.yml diff --git a/aws/roles/netstat-access/tasks/main.yml b/aws/roles/netstat-access/tasks/main.yml new file mode 100644 index 0000000..a6e0567 --- /dev/null +++ b/aws/roles/netstat-access/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: Setup EC2 firewall + import_tasks: ec2.yml + when: ansible_bios_version | search("amazon") diff --git a/roles/validator-access/tasks/ec2.yml b/aws/roles/validator-access/tasks/ec2.yml similarity index 100% rename from roles/validator-access/tasks/ec2.yml rename to aws/roles/validator-access/tasks/ec2.yml diff --git a/aws/roles/validator-access/tasks/main.yml b/aws/roles/validator-access/tasks/main.yml new file mode 100644 index 0000000..a6e0567 --- /dev/null +++ b/aws/roles/validator-access/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: Setup EC2 firewall + import_tasks: ec2.yml + when: ansible_bios_version | search("amazon") diff --git a/aws/site.yml b/aws/site.yml new file mode 100644 index 0000000..9e34770 --- /dev/null +++ b/aws/site.yml @@ -0,0 +1,19 @@ +- name: Bootnode deployment + import_playbook: bootnode.yml + tags: bootnode + +- name: Explorer deployment + import_playbook: explorer.yml + tags: explorer + +- name: Moc deployment + import_playbook: moc.yml + tags: moc + +- name: Netstat deployment + import_playbook: netstat.yml + tags: netstat + +- name: Validator deployment + import_playbook: validator.yml + tags: validator diff --git a/aws/validator.yml b/aws/validator.yml new file mode 100644 index 0000000..6541b76 --- /dev/null +++ b/aws/validator.yml @@ -0,0 +1,111 @@ +--- +- name: Create validator security group + hosts: localhost + gather_facts: False + tasks: + - name: Create Security group + ec2_group: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + name: "{{ validator_security_group }}" + description: "Default security group" + region: "{{ region }}" + purge_rules_egress: false + purge_rules: false + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + rules_egress: + - proto: all + from_port: all + to_port: all + cidr_ip: 0.0.0.0/0 + tags: validator + + +- name: Create validator + hosts: localhost + gather_facts: False + vars: + volumes: + - device_name: /dev/sda1 + volume_size: 128 + delete_on_termination: true + tasks: + - name: Launch instance + ec2: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + key_name: "{{ awskeypair_name }}" + instance_tags: + Name: "{{ validator_instance_name }}" + group: "{{ validator_security_group }}" + instance_type: "{{ validator_instance_type }}" + image: "{{ image }}" + count: "{{ validator_count_instances }}" + wait: yes + region: "{{ region }}" + vpc_subnet_id: "{{ vpc_subnet_id }}" + volumes: "{{ volumes }}" + assign_public_ip: yes + register: ec2 + - name: Add new instance to host group + add_host: hostname={{ item.public_ip }} groupname=launched + with_items: "{{ ec2.instances }}" + - name: Wait for SSH to come up + wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started + with_items: "{{ ec2.instances }}" + tags: validator + +- name: Installing python + hosts: all + hosts: launched + gather_facts: False + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + tasks: + - name: Install python + raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) + +- name: Configure instance(s) + hosts: launched + user: ubuntu + become: True + vars: + ansible_ssh_port: 22 + gather_facts: True + roles: + - preconf + tags: preconf + tasks: + - name: restart machine after setup + shell: shutdown -r 1 + +- name: Create validator elastic ip + hosts: localhost + gather_facts: False + tasks: + - name: associate elastic ip for validator + ec2_eip: + ec2_access_key: "{{ access_key }}" + ec2_secret_key: "{{ secret_key }}" + region: "{{ region }}" + reuse_existing_ip_allowed: yes + state: present + in_vpc: yes + device_id: "{{ ec2.instance_ids[0] }}" + register: instance_elastic_ip + when: associate_validator_elastic_ip == true + + - debug: var=instance_elastic_ip.public_ip + when: associate_validator_elastic_ip == true + +- name: EC2 access setup + hosts: validator + become: True + roles: + - validator-access \ No newline at end of file diff --git a/bootnode.yml b/bootnode.yml index 874b0f4..bb8f9ba 100644 --- a/bootnode.yml +++ b/bootnode.yml @@ -1,105 +1,4 @@ ---- -- name: Create bootnode security group - hosts: localhost - gather_facts: False - tasks: - - name: Create Security group - ec2_group: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - name: "{{ bootnode_security_group }}" - description: "Default security group" - region: "{{ region }}" - purge_rules_egress: false - purge_rules: false - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - rules_egress: - - proto: all - from_port: all - to_port: all - cidr_ip: 0.0.0.0/0 - tags: bootnode - - -- name: Create bootnode - hosts: localhost - gather_facts: False - vars: - volumes: - - device_name: /dev/sda1 - volume_size: 128 - delete_on_termination: true - tasks: - - name: Launch instance - ec2: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - key_name: "{{ awskeypair_name }}" - instance_tags: - Name: "{{ bootnode_instance_name }}" - group: "{{ bootnode_security_group }}" - instance_type: "{{ bootnode_instance_type }}" - image: "{{ image }}" - count: "{{ bootnode_count_instances }}" - wait: yes - region: "{{ region }}" - vpc_subnet_id: "{{ vpc_subnet_id }}" - volumes: "{{ volumes }}" - assign_public_ip: yes - register: ec2 - - name: Add new instance to host group - add_host: hostname={{ item.public_ip }} groupname=launched - with_items: "{{ ec2.instances }}" - - name: Wait for SSH to come up - wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started - with_items: "{{ ec2.instances }}" - tags: bootnode - -- name: Installing python - hosts: all - hosts: launched - gather_facts: False - user: ubuntu +- hosts: bootnode become: True - vars: - ansible_ssh_port: 22 - tasks: - - name: Install python - raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) - -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - -- name: Create bootnode elastic ip - hosts: localhost - gather_facts: False - tasks: - - name: associate elastic ip for bootnode - ec2_eip: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - region: "{{ region }}" - reuse_existing_ip_allowed: yes - state: present - in_vpc: yes - device_id: "{{ ec2.instance_ids[0] }}" - register: instance_elastic_ip - when: associate_bootnode_elastic_ip == true - - - debug: var=instance_elastic_ip.public_ip - when: associate_bootnode_elastic_ip == true + - bootnode diff --git a/explorer.yml b/explorer.yml index a82b7d6..6c6360b 100644 --- a/explorer.yml +++ b/explorer.yml @@ -1,86 +1,4 @@ ---- -- name: Create explorer security group - hosts: localhost - gather_facts: False - tasks: - - name: Create Security group - ec2_group: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - name: "{{ explorer_security_group }}" - description: "Default security group" - region: "{{ region }}" - purge_rules_egress: false - purge_rules: false - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - rules_egress: - - proto: all - from_port: all - to_port: all - cidr_ip: 0.0.0.0/0 - tags: explorer - - -- name: Create explorer - hosts: localhost - gather_facts: False - vars: - volumes: - - device_name: /dev/sda1 - volume_size: 128 - delete_on_termination: true - tasks: - - name: Launch instance - ec2: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - key_name: "{{ awskeypair_name }}" - instance_tags: - Name: "{{ explorer_instance_name }}" - group: "{{ explorer_security_group }}" - instance_type: "{{ explorer_instance_type }}" - image: "{{ image }}" - count: "{{ explorer_count_instances }}" - wait: yes - region: "{{ region }}" - vpc_subnet_id: "{{ vpc_subnet_id }}" - volumes: "{{ volumes }}" - assign_public_ip: yes - register: ec2 - - name: Add new instance to host group - add_host: hostname={{ item.public_ip }} groupname=launched - with_items: "{{ ec2.instances }}" - - name: Wait for SSH to come up - wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started - with_items: "{{ ec2.instances }}" - tags: explorer - -- name: Installing python - hosts: all - hosts: launched - gather_facts: False - user: ubuntu +- hosts: explorer become: True - vars: - ansible_ssh_port: 22 - tasks: - - name: Install python - raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) - -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 + - explorer \ No newline at end of file diff --git a/group_vars/all.example b/group_vars/all.example index 5a29151..fe40cae 100644 --- a/group_vars/all.example +++ b/group_vars/all.example @@ -45,58 +45,4 @@ NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x" PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" ORCHESTRATOR_BIN_LOC: "" -ORCHESTRATOR_BIN_SHA256: "" - -#bootnode -bootnode_instance_type: "t2.large" -bootnode_instance_name: "bootnode" -bootnode_count_instances: "1" -bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security" -bootnode_archive: "off" -bootnode_orchestrator: "off" - -#netstat -netstat_instance_type: "t2.large" -netstat_instance_name: "netstat" -netstat_count_instances: "1" -netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security" - -#validator -validator_instance_type: "t2.large" -validator_instance_name: "validator" -validator_count_instances: "1" -validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security" -validator_archive: "off" - -#moc -moc_instance_type: "t2.large" -moc_instance_name: "moc" -moc_count_instances: "1" -moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security" -moc_archive: "off" - -#explorer -explorer_instance_type: "t2.large" -explorer_instance_name: "explorer" -explorer_count_instances: "1" -explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security" - -#restrict network access to instances -allow_bootnode_ssh: true -allow_bootnode_p2p: true -allow_bootnode_rpc: true -associate_bootnode_elastic_ip: false - -allow_explorer_ssh: true -allow_explorer_p2p: true -allow_explorer_http: true - -allow_moc_ssh: true -allow_moc_p2p: true - -allow_netstat_ssh: true -allow_netstat_http: true - -allow_validator_ssh: true -allow_validator_p2p: true -associate_validator_elastic_ip: false +ORCHESTRATOR_BIN_SHA256: "" \ No newline at end of file diff --git a/group_vars/all.network b/group_vars/all.network index f9c703d..83cbef8 100644 --- a/group_vars/all.network +++ b/group_vars/all.network @@ -23,58 +23,3 @@ GENESIS_NETWORK_NAME: "PoA" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" BLK_GAS_LIMIT: "6700000" -#bootnode -bootnode_instance_type: "t2.large" -bootnode_instance_name: "bootnode" -bootnode_count_instances: "1" -bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security" -bootnode_archive: "off" -bootnode_orchestrator: "off" - -#netstat -netstat_instance_type: "t2.large" -netstat_instance_name: "netstat" -netstat_count_instances: "1" -netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security" - -#validator -validator_instance_type: "t2.large" -validator_instance_name: "validator" -validator_count_instances: "1" -validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security" -validator_archive: "off" - -#moc -moc_instance_type: "t2.large" -moc_instance_name: "moc" -moc_count_instances: "1" -moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security" -moc_archive: "off" - -#explorer -explorer_instance_type: "t2.large" -explorer_instance_name: "explorer" -explorer_count_instances: "1" -explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security" - -#restrict network access to instances -allow_bootnode_ssh: true -allow_bootnode_p2p: true -allow_bootnode_rpc: true -associate_bootnode_elastic_ip: false - -allow_explorer_ssh: true -allow_explorer_p2p: true -allow_explorer_http: true - -allow_moc_ssh: true -allow_moc_p2p: true - -allow_netstat_ssh: true -allow_netstat_http: true - -allow_validator_ssh: true -allow_validator_p2p: true -associate_validator_elastic_ip: false - -################################################################ diff --git a/group_vars/bootnode.example b/group_vars/bootnode.example index 5af1683..6448313 100644 --- a/group_vars/bootnode.example +++ b/group_vars/bootnode.example @@ -9,3 +9,13 @@ NODE_ADMIN_EMAIL: "INSERT@EMAIL" NETSTATS_SERVER: "INSERT FULL URL" NETSTATS_SECRET: "INSERT SECRET" + +username: "bootnode" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" +nginx_headers: "on" +PROXY_PORT: "8545" + +bootnode_archive: "off" +bootnode_orchestrator: "off" \ No newline at end of file diff --git a/group_vars/explorer.example b/group_vars/explorer.example index d89e1a7..71597ec 100644 --- a/group_vars/explorer.example +++ b/group_vars/explorer.example @@ -3,3 +3,12 @@ secret_key: "INSERT SECRET HERE" awskeypair_name: "keypairname" vpc_subnet_id: "subnet-ID-number" + +username: "explorer" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +nginx_headers: "off" +PROXY_PORT: "3000" +explorerS_SERVER: "localhost" \ No newline at end of file diff --git a/group_vars/moc.example b/group_vars/moc.example index ec506dc..545e2de 100644 --- a/group_vars/moc.example +++ b/group_vars/moc.example @@ -12,3 +12,10 @@ NETSTATS_SECRET: "INSERT SECRET" MOC_KEYPASS: "INSERT HERE" MOC_KEYFILE: 'INSERT HERE' + +username: "moc" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +moc_archive: "off" \ No newline at end of file diff --git a/group_vars/netstat.example b/group_vars/netstat.example index 134a83c..d3cf671 100644 --- a/group_vars/netstat.example +++ b/group_vars/netstat.example @@ -8,3 +8,12 @@ NODE_FULLNAME: "INSERT NODENAME" NODE_ADMIN_EMAIL: "INSERT@EMAIL" NETSTATS_SECRET: "INSERT SECRET" + +username: "netstat" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +nginx_headers: "off" +PROXY_PORT: "3000" +NETSTATS_SERVER: "http://localhost:3000" \ No newline at end of file diff --git a/group_vars/validator.example b/group_vars/validator.example index a03add8..01af60a 100644 --- a/group_vars/validator.example +++ b/group_vars/validator.example @@ -13,3 +13,10 @@ NETSTATS_SECRET: "INSERT SECRET" MINING_KEYFILE: 'INSERT HERE' MINING_ADDRESS: "INSERT HERE" MINING_KEYPASS: "INSERT HERE" + +username: "validator" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +validator_archive: "off" \ No newline at end of file diff --git a/hosts.example b/hosts.example index 448242f..5c02a56 100644 --- a/hosts.example +++ b/hosts.example @@ -23,4 +23,4 @@ bootnode moc netstat validator -explorer +explorer \ No newline at end of file diff --git a/moc.yml b/moc.yml index 6bd3334..7e3da3b 100644 --- a/moc.yml +++ b/moc.yml @@ -1,86 +1,4 @@ ---- -- name: Create moc security group - hosts: localhost - gather_facts: False - tasks: - - name: Create Security group - ec2_group: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - name: "{{ moc_security_group }}" - description: "Default security group" - region: "{{ region }}" - purge_rules_egress: false - purge_rules: false - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - rules_egress: - - proto: all - from_port: all - to_port: all - cidr_ip: 0.0.0.0/0 - tags: moc - - -- name: Create moc - hosts: localhost - gather_facts: False - vars: - volumes: - - device_name: /dev/sda1 - volume_size: 128 - delete_on_termination: true - tasks: - - name: Launch instance - ec2: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - key_name: "{{ awskeypair_name }}" - instance_tags: - Name: "{{ moc_instance_name }}" - group: "{{ moc_security_group }}" - instance_type: "{{ moc_instance_type }}" - image: "{{ image }}" - count: "{{ moc_count_instances }}" - wait: yes - region: "{{ region }}" - vpc_subnet_id: "{{ vpc_subnet_id }}" - volumes: "{{ volumes }}" - assign_public_ip: yes - register: ec2 - - name: Add new instance to host group - add_host: hostname={{ item.public_ip }} groupname=launched - with_items: "{{ ec2.instances }}" - - name: Wait for SSH to come up - wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started - with_items: "{{ ec2.instances }}" - tags: moc - -- name: Installing python - hosts: all - hosts: launched - gather_facts: False - user: ubuntu +- hosts: moc become: True - vars: - ansible_ssh_port: 22 - tasks: - - name: Install python - raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) - -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 + - moc \ No newline at end of file diff --git a/netstat.yml b/netstat.yml index de10a0b..7dfa414 100644 --- a/netstat.yml +++ b/netstat.yml @@ -1,86 +1,4 @@ ---- -- name: Create netstat security group - hosts: localhost - gather_facts: False - tasks: - - name: Create Security group - ec2_group: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - name: "{{ netstat_security_group }}" - description: "Default security group" - region: "{{ region }}" - purge_rules_egress: false - purge_rules: false - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - rules_egress: - - proto: all - from_port: all - to_port: all - cidr_ip: 0.0.0.0/0 - tags: netstat - - -- name: Create netstat - hosts: localhost - gather_facts: False - vars: - volumes: - - device_name: /dev/sda1 - volume_size: 128 - delete_on_termination: true - tasks: - - name: Launch instance - ec2: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - key_name: "{{ awskeypair_name }}" - instance_tags: - Name: "{{ netstat_instance_name }}" - group: "{{ netstat_security_group }}" - instance_type: "{{ netstat_instance_type }}" - image: "{{ image }}" - count: "{{ netstat_count_instances }}" - wait: yes - region: "{{ region }}" - vpc_subnet_id: "{{ vpc_subnet_id }}" - volumes: "{{ volumes }}" - assign_public_ip: yes - register: ec2 - - name: Add new instance to host group - add_host: hostname={{ item.public_ip }} groupname=launched - with_items: "{{ ec2.instances }}" - - name: Wait for SSH to come up - wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started - with_items: "{{ ec2.instances }}" - tags: netstat - -- name: Installing python - hosts: all - hosts: launched - gather_facts: False - user: ubuntu +- hosts: netstat become: True - vars: - ansible_ssh_port: 22 - tasks: - - name: Install python - raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) - -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 + - netstat \ No newline at end of file diff --git a/roles/bootnode-access/tasks/main.yml b/roles/bootnode-access/tasks/main.yml deleted file mode 100644 index 0a565cc..0000000 --- a/roles/bootnode-access/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Setup ufw firewall - import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") - -- name: Setup EC2 firewall - import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index b22ff4e..60c69c8 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -1,14 +1,5 @@ --- -username: "bootnode" -users: - - name: "{{ username }}" -home: "/home/{{ username }}" -nginx_headers: "on" -PROXY_PORT: "8545" allow_bootnode_ssh: true allow_bootnode_p2p: true -allow_bootnode_rpc: false - -bootnode_archive: "off" -bootnode_orchestrator: "off" +allow_bootnode_rpc: false \ No newline at end of file diff --git a/roles/bootnode-access/handlers/main.yml b/roles/bootnode/handlers/main.yml similarity index 100% rename from roles/bootnode-access/handlers/main.yml rename to roles/bootnode/handlers/main.yml diff --git a/roles/bootnode/meta/main.yml b/roles/bootnode/meta/main.yml new file mode 100644 index 0000000..aaa6dc1 --- /dev/null +++ b/roles/bootnode/meta/main.yml @@ -0,0 +1,11 @@ +dependencies: + - { role: preconf } + - { role: usermanager } +# - { role: logentries } + - { role: nodejs } + - { role: poa-logrotate } + - { role: poa-parity } + - { role: poa-pm2 } + - { role: poa-netstats } + - { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" } + - { role: nginx } \ No newline at end of file diff --git a/roles/bootnode/tasks/main.yml b/roles/bootnode/tasks/main.yml index 8fb2616..aeac1bf 100644 --- a/roles/bootnode/tasks/main.yml +++ b/roles/bootnode/tasks/main.yml @@ -1,29 +1,12 @@ --- -- name: Create directory parity_data/keys/NetworkName - file: - path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}" - state: directory - mode: 0700 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Create logs directories - file: - path: "/{{ home }}/logs/old" - state: directory - mode: 0755 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Download spec.json - get_url: url={{ item }} dest={{ home }}/ mode=0644 - with_items: - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" - name: Create node.toml template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 with_items: - node.toml + +- name: Setup ufw firewall + import_tasks: ufw.yml + when: not ansible_bios_version | search("amazon") #- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes diff --git a/roles/bootnode-access/tasks/ufw.yml b/roles/bootnode/tasks/ufw.yml similarity index 100% rename from roles/bootnode-access/tasks/ufw.yml rename to roles/bootnode/tasks/ufw.yml diff --git a/roles/explorer-access/tasks/main.yml b/roles/explorer-access/tasks/main.yml deleted file mode 100644 index 0a565cc..0000000 --- a/roles/explorer-access/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Setup ufw firewall - import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") - -- name: Setup EC2 firewall - import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index 0f05064..287e61d 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -1,12 +1,5 @@ -username: "explorer" -users: - - name: "{{ username }}" -home: "/home/{{ username }}" +----- allow_explorer_ssh: true allow_explorer_p2p: true -allow_explorer_http: true - -nginx_headers: "off" -PROXY_PORT: "3000" -explorerS_SERVER: "localhost" +allow_explorer_http: true \ No newline at end of file diff --git a/roles/explorer/handlers/main.yml b/roles/explorer/handlers/main.yml index bdb6883..13a96e4 100644 --- a/roles/explorer/handlers/main.yml +++ b/roles/explorer/handlers/main.yml @@ -1,3 +1,6 @@ --- - name: restart poa-chain-explorer service: name=poa-chain-explorer state=restarted + + - name: restart ufw + service: name=ufw state=restarted \ No newline at end of file diff --git a/roles/explorer/meta/main.yml b/roles/explorer/meta/main.yml new file mode 100644 index 0000000..e42d9a3 --- /dev/null +++ b/roles/explorer/meta/main.yml @@ -0,0 +1,8 @@ +dependencies: + - { role: preconf } + - { role: usermanager } + - { role: nodejs } + - { role: poa-logrotate } + - { role: poa-parity } + - { role: poa-pm2 } + - { role: nginx } \ No newline at end of file diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index 39b2876..7bc69be 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -1,25 +1,4 @@ --- -- name: Create directory parity_data/keys/NetworkName - file: - path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}" - state: directory - mode: 0700 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Create logs directories - file: - path: "/{{ home }}/logs/old" - state: directory - mode: 0755 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Download spec.json - get_url: url={{ item }} dest={{ home }}/ mode=0644 - with_items: - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" - name: Create node.toml template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 @@ -60,3 +39,7 @@ - name: Ensure poa-chain-explorer is running and enabled to start at boot service: name=poa-chain-explorer state=started enabled=yes + +- name: Setup ufw firewall + import_tasks: ufw.yml + when: not ansible_bios_version | search("amazon") diff --git a/roles/explorer-access/tasks/ufw.yml b/roles/explorer/tasks/ufw.yml similarity index 100% rename from roles/explorer-access/tasks/ufw.yml rename to roles/explorer/tasks/ufw.yml diff --git a/roles/explorer/vars/main.yml b/roles/explorer/vars/main.yml deleted file mode 100644 index af7e34d..0000000 --- a/roles/explorer/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -explorer_version: "acee07c" diff --git a/roles/moc-access/handlers/main.yml b/roles/moc-access/handlers/main.yml deleted file mode 100644 index af9cbcf..0000000 --- a/roles/moc-access/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart ufw - service: name=ufw state=restarted diff --git a/roles/moc-access/tasks/main.yml b/roles/moc-access/tasks/main.yml deleted file mode 100644 index 0a565cc..0000000 --- a/roles/moc-access/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Setup ufw firewall - import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") - -- name: Setup EC2 firewall - import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index 9055a04..ba5ed06 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -1,8 +1,4 @@ --- -username: "moc" -users: - - name: "{{ username }}" -home: "/home/{{ username }}" allow_moc_ssh: true -allow_moc_p2p: true +allow_moc_p2p: true \ No newline at end of file diff --git a/roles/explorer-access/handlers/main.yml b/roles/moc/handlers/main.yml similarity index 100% rename from roles/explorer-access/handlers/main.yml rename to roles/moc/handlers/main.yml diff --git a/roles/moc/meta/main.yml b/roles/moc/meta/main.yml new file mode 100644 index 0000000..6589e8f --- /dev/null +++ b/roles/moc/meta/main.yml @@ -0,0 +1,8 @@ +dependencies: + - { role: preconf } + - { role: usermanager } + - { role: nodejs } + - { role: poa-logrotate } + - { role: poa-parity } + - { role: poa-pm2 } + - { role: poa-netstats } \ No newline at end of file diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index d53ab24..4b29614 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -1,25 +1,4 @@ --- -- name: Create directory parity_data/keys/NetworkName - file: - path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}" - state: directory - mode: 0700 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Create logs directories - file: - path: "/{{ home }}/logs/old" - state: directory - mode: 0755 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Download spec.json - get_url: url={{ item }} dest={{ home }}/ mode=0644 - with_items: - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" - name: Create node.toml template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 @@ -60,3 +39,7 @@ path: "{{ home }}/poa-scripts-moc/distributeTokens" become: true become_user: "{{ username }}" + +- name: Setup ufw firewall + import_tasks: ufw.yml + when: not ansible_bios_version | search("amazon") \ No newline at end of file diff --git a/roles/moc-access/tasks/ufw.yml b/roles/moc/tasks/ufw.yml similarity index 100% rename from roles/moc-access/tasks/ufw.yml rename to roles/moc/tasks/ufw.yml diff --git a/roles/netstat-access/handlers/main.yml b/roles/netstat-access/handlers/main.yml deleted file mode 100644 index af9cbcf..0000000 --- a/roles/netstat-access/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart ufw - service: name=ufw state=restarted diff --git a/roles/netstat-access/tasks/main.yml b/roles/netstat-access/tasks/main.yml deleted file mode 100644 index 0a565cc..0000000 --- a/roles/netstat-access/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Setup ufw firewall - import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") - -- name: Setup EC2 firewall - import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index f1afef9..1871848 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -1,12 +1,4 @@ --- -username: "netstat" -users: - - name: "{{ username }}" -home: "/home/{{ username }}" allow_netstat_ssh: true allow_netstat_http: true - -nginx_headers: "off" -PROXY_PORT: "3000" -NETSTATS_SERVER: "http://localhost:3000" diff --git a/roles/netstat/handlers/main.yml b/roles/netstat/handlers/main.yml index 214cc14..21c72f9 100644 --- a/roles/netstat/handlers/main.yml +++ b/roles/netstat/handlers/main.yml @@ -1,3 +1,6 @@ --- - name: restart poa-dashboard service: name=poa-dashboard state=restarted + +- name: restart ufw + service: name=ufw state=restarted \ No newline at end of file diff --git a/roles/netstat/meta/main.yml b/roles/netstat/meta/main.yml new file mode 100644 index 0000000..c03c541 --- /dev/null +++ b/roles/netstat/meta/main.yml @@ -0,0 +1,6 @@ +dependencies: + - { role: preconf } + - { role: usermanager } + - { role: nodejs } + - { role: poa-logrotate } + - { role: nginx } \ No newline at end of file diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index e985d47..119bc17 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -1,11 +1,4 @@ --- -- name: Create logs directories - file: - path: "/{{ home }}/logs/old" - state: directory - mode: 0755 - owner: "{{ username }}" - group: "{{ username }}" - name: Clone poanetworks/eth-netstats repo from GitHub git: @@ -50,3 +43,7 @@ - name: Ensure poa-dashboard is running and enabled to start at boot service: name=poa-dashboard state=started enabled=yes + +- name: Setup ufw firewall + import_tasks: ufw.yml + when: not ansible_bios_version | search("amazon") \ No newline at end of file diff --git a/roles/netstat-access/tasks/ufw.yml b/roles/netstat/tasks/ufw.yml similarity index 100% rename from roles/netstat-access/tasks/ufw.yml rename to roles/netstat/tasks/ufw.yml diff --git a/roles/netstat/vars/main.yml b/roles/netstat/vars/main.yml deleted file mode 100644 index 2fd30d8..0000000 --- a/roles/netstat/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -netstat_version: "cb431d6" diff --git a/roles/preconf/tasks/keys.yml b/roles/preconf/tasks/keys.yml new file mode 100644 index 0000000..30709b6 --- /dev/null +++ b/roles/preconf/tasks/keys.yml @@ -0,0 +1,7 @@ +- name: Create directory parity_data/keys/NetworkName + file: + path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}" + state: directory + mode: 0700 + owner: "{{ username }}" + group: "{{ username }}" \ No newline at end of file diff --git a/roles/preconf/tasks/logs.yml b/roles/preconf/tasks/logs.yml new file mode 100644 index 0000000..2db375e --- /dev/null +++ b/roles/preconf/tasks/logs.yml @@ -0,0 +1,7 @@ +- name: Create logs directories + file: + path: "/{{ home }}/logs/old" + state: directory + mode: 0755 + owner: "{{ username }}" + group: "{{ username }}" \ No newline at end of file diff --git a/roles/preconf/tasks/main.yml b/roles/preconf/tasks/main.yml index 14d2b9a..c9091e0 100644 --- a/roles/preconf/tasks/main.yml +++ b/roles/preconf/tasks/main.yml @@ -9,3 +9,8 @@ - import_tasks: chrony.yml - import_tasks: logrotate.yml - import_tasks: swap.yml +- import_tasks: logs.yml +- import_tasks: keys.yml + when: ‘netstat’ not in ansible_hostname +- import_tasks: spec.yml + when: ‘netstat’ not in ansible_hostname diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml new file mode 100644 index 0000000..419beeb --- /dev/null +++ b/roles/preconf/tasks/spec.yml @@ -0,0 +1,5 @@ +- name: Download spec.json + get_url: url={{ item }} dest={{ home }}/ mode=0644 + with_items: + - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" + - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" \ No newline at end of file diff --git a/roles/validator-access/handlers/main.yml b/roles/validator-access/handlers/main.yml deleted file mode 100644 index af9cbcf..0000000 --- a/roles/validator-access/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart ufw - service: name=ufw state=restarted diff --git a/roles/validator-access/tasks/main.yml b/roles/validator-access/tasks/main.yml deleted file mode 100644 index 0a565cc..0000000 --- a/roles/validator-access/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Setup ufw firewall - import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") - -- name: Setup EC2 firewall - import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml new file mode 100644 index 0000000..37fd20d --- /dev/null +++ b/roles/validator/defaults/main.yml @@ -0,0 +1,5 @@ +--- + +allow_validator_ssh: true +allow_validator_p2p: true + diff --git a/roles/validator/handlers/main.yml b/roles/validator/handlers/main.yml new file mode 100644 index 0000000..d0b2b2a --- /dev/null +++ b/roles/validator/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart ufw + service: name=ufw state=restarted \ No newline at end of file diff --git a/roles/validator/meta/main.yml b/roles/validator/meta/main.yml new file mode 100644 index 0000000..6589e8f --- /dev/null +++ b/roles/validator/meta/main.yml @@ -0,0 +1,8 @@ +dependencies: + - { role: preconf } + - { role: usermanager } + - { role: nodejs } + - { role: poa-logrotate } + - { role: poa-parity } + - { role: poa-pm2 } + - { role: poa-netstats } \ No newline at end of file diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index 8ca23ba..343ed19 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -1,25 +1,4 @@ --- -- name: Create directory parity_data/keys/NetworkName - file: - path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}" - state: directory - mode: 0700 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Create logs directories - file: - path: "/{{ home }}/logs/old" - state: directory - mode: 0755 - owner: "{{ username }}" - group: "{{ username }}" - -- name: Download spec.json - get_url: url={{ item }} dest={{ home }}/ mode=0644 - with_items: - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" - name: Create node.toml template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 diff --git a/roles/validator-access/tasks/ufw.yml b/roles/validator/tasks/ufw.yml similarity index 100% rename from roles/validator-access/tasks/ufw.yml rename to roles/validator/tasks/ufw.yml diff --git a/site.yml b/site.yml index 66ea55a..9e34770 100644 --- a/site.yml +++ b/site.yml @@ -1,84 +1,19 @@ ---- -- hosts: all - user: ubuntu - become: True -# user: root - roles: - - preconf - tags: preconf - -- hosts: bootnode - become: True - roles: - - usermanager -# - logentries - - nodejs - - bootnode - - poa-logrotate - - poa-parity - - poa-pm2 - - poa-netstats - - { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" } - - nginx - - bootnode-access - tags: - - bootnode - -- hosts: validator - become: True - vars: - username: "validator" - users: - - name: "validator" - home: "/home/validator" - roles: - - usermanager - - nodejs - - poa-logrotate - - poa-parity - - poa-pm2 - - poa-netstats - - validator - - validator-access - tags: - - validator - -- hosts: netstat - become: True - roles: - - usermanager - - nodejs - - poa-logrotate - - netstat - - nginx - - netstat-access - tags: - - netstat - -- hosts: explorer - become: True - roles: - - usermanager - - nodejs - - poa-logrotate - - poa-parity - - poa-pm2 - - explorer - - nginx - - explorer-access - tags: - - explorer - -- hosts: moc - become: True - roles: - - usermanager - - nodejs - - poa-logrotate - - poa-parity - - poa-pm2 - - poa-netstats - - moc - - moc-access - tags: - - moc +- name: Bootnode deployment + import_playbook: bootnode.yml + tags: bootnode + +- name: Explorer deployment + import_playbook: explorer.yml + tags: explorer + +- name: Moc deployment + import_playbook: moc.yml + tags: moc + +- name: Netstat deployment + import_playbook: netstat.yml + tags: netstat + +- name: Validator deployment + import_playbook: validator.yml + tags: validator diff --git a/validator.yml b/validator.yml index 52f2370..21205aa 100644 --- a/validator.yml +++ b/validator.yml @@ -1,105 +1,4 @@ ---- -- name: Create validator security group - hosts: localhost - gather_facts: False - tasks: - - name: Create Security group - ec2_group: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - name: "{{ validator_security_group }}" - description: "Default security group" - region: "{{ region }}" - purge_rules_egress: false - purge_rules: false - rules: - - proto: tcp - from_port: 22 - to_port: 22 - cidr_ip: 0.0.0.0/0 - rules_egress: - - proto: all - from_port: all - to_port: all - cidr_ip: 0.0.0.0/0 - tags: validator - - -- name: Create validator - hosts: localhost - gather_facts: False - vars: - volumes: - - device_name: /dev/sda1 - volume_size: 128 - delete_on_termination: true - tasks: - - name: Launch instance - ec2: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - key_name: "{{ awskeypair_name }}" - instance_tags: - Name: "{{ validator_instance_name }}" - group: "{{ validator_security_group }}" - instance_type: "{{ validator_instance_type }}" - image: "{{ image }}" - count: "{{ validator_count_instances }}" - wait: yes - region: "{{ region }}" - vpc_subnet_id: "{{ vpc_subnet_id }}" - volumes: "{{ volumes }}" - assign_public_ip: yes - register: ec2 - - name: Add new instance to host group - add_host: hostname={{ item.public_ip }} groupname=launched - with_items: "{{ ec2.instances }}" - - name: Wait for SSH to come up - wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started - with_items: "{{ ec2.instances }}" - tags: validator - -- name: Installing python - hosts: all - hosts: launched - gather_facts: False - user: ubuntu +- hosts: validator become: True - vars: - ansible_ssh_port: 22 - tasks: - - name: Install python - raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) - -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - -- name: Create validator elastic ip - hosts: localhost - gather_facts: False - tasks: - - name: associate elastic ip for validator - ec2_eip: - ec2_access_key: "{{ access_key }}" - ec2_secret_key: "{{ secret_key }}" - region: "{{ region }}" - reuse_existing_ip_allowed: yes - state: present - in_vpc: yes - device_id: "{{ ec2.instance_ids[0] }}" - register: instance_elastic_ip - when: associate_validator_elastic_ip == true - - - debug: var=instance_elastic_ip.public_ip - when: associate_validator_elastic_ip == true + - validator \ No newline at end of file From c920af7389b52bf64271fba9675f1887e1c8178d Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 19 Apr 2018 19:40:26 +0300 Subject: [PATCH 04/71] hotfix (partially) for #76 issue --- .gitignore | 6 ++++++ roles/bootnode/vars/main.yml.example | 0 roles/explorer/vars/main.yml.example | 1 + roles/moc/vars/main.yml.example | 0 roles/netstat/vars/main.yml.example | 1 + roles/validator/vars/main.yml.example | 0 6 files changed, 8 insertions(+) create mode 100644 roles/bootnode/vars/main.yml.example create mode 100644 roles/explorer/vars/main.yml.example create mode 100644 roles/moc/vars/main.yml.example create mode 100644 roles/netstat/vars/main.yml.example create mode 100644 roles/validator/vars/main.yml.example diff --git a/.gitignore b/.gitignore index 351a788..cd0ddc7 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,12 @@ group_vars/validator group_vars/netstat group_vars/moc +roles/bootnode/vars/main.yml +roles/explorer/vars/main.yml +roles/validator/vars/main.yml +roles/netstat/vars/main.yml +roles/moc/vars/main.yml + hosts .vagrant/* diff --git a/roles/bootnode/vars/main.yml.example b/roles/bootnode/vars/main.yml.example new file mode 100644 index 0000000..e69de29 diff --git a/roles/explorer/vars/main.yml.example b/roles/explorer/vars/main.yml.example new file mode 100644 index 0000000..9b46a19 --- /dev/null +++ b/roles/explorer/vars/main.yml.example @@ -0,0 +1 @@ +explorer_version: "acee07c" \ No newline at end of file diff --git a/roles/moc/vars/main.yml.example b/roles/moc/vars/main.yml.example new file mode 100644 index 0000000..e69de29 diff --git a/roles/netstat/vars/main.yml.example b/roles/netstat/vars/main.yml.example new file mode 100644 index 0000000..df09b5b --- /dev/null +++ b/roles/netstat/vars/main.yml.example @@ -0,0 +1 @@ +netstat_version: "cb431d6" \ No newline at end of file diff --git a/roles/validator/vars/main.yml.example b/roles/validator/vars/main.yml.example new file mode 100644 index 0000000..e69de29 From 704d834112c7afbc0faae10d4747658bc3f12714 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 19 Apr 2018 19:54:45 +0300 Subject: [PATCH 05/71] separating aws variables, renaming files from .example to .yml.example --- aws/group_vars/all.yml.example | 7 +++++++ group_vars/{all.example => all.yml.example} | 8 -------- group_vars/{all.network => all.yml.network} | 0 .../{bootnode.example => bootnode.yml.example} | 6 ------ group_vars/explorer.example | 14 -------------- group_vars/explorer.yml.example | 8 ++++++++ group_vars/{moc.example => moc.yml.example} | 6 ------ .../{netstat.example => netstat.yml.example} | 6 ------ .../{validator.example => validator.yml.example} | 6 ------ 9 files changed, 15 insertions(+), 46 deletions(-) create mode 100644 aws/group_vars/all.yml.example rename group_vars/{all.example => all.yml.example} (85%) rename group_vars/{all.network => all.yml.network} (100%) rename group_vars/{bootnode.example => bootnode.yml.example} (64%) delete mode 100644 group_vars/explorer.example create mode 100644 group_vars/explorer.yml.example rename group_vars/{moc.example => moc.yml.example} (64%) rename group_vars/{netstat.example => netstat.yml.example} (56%) rename group_vars/{validator.example => validator.yml.example} (67%) diff --git a/aws/group_vars/all.yml.example b/aws/group_vars/all.yml.example new file mode 100644 index 0000000..e61dd1c --- /dev/null +++ b/aws/group_vars/all.yml.example @@ -0,0 +1,7 @@ +access_key: "INSERT KEY HERE" +secret_key: "INSERT SECRET HERE" + +awskeypair_name: "keypairname" +image: "ami-0b383171" +region: "us-east-1" +vpc_subnet_id: "subnet-ID-number" \ No newline at end of file diff --git a/group_vars/all.example b/group_vars/all.yml.example similarity index 85% rename from group_vars/all.example rename to group_vars/all.yml.example index fe40cae..604cdf0 100644 --- a/group_vars/all.example +++ b/group_vars/all.yml.example @@ -9,14 +9,6 @@ ssh_root: - "{{ lookup('file', 'files/admins.pub') }}" -access_key: "INSERT KEY HERE" -secret_key: "INSERT SECRET HERE" - -awskeypair_name: "keypairname" -image: "ami-0b383171" -region: "us-east-1" -vpc_subnet_id: "subnet-ID-number" - NODE_FULLNAME: "INSERT NODENAME" NODE_ADMIN_EMAIL: "INSERT@EMAIL" diff --git a/group_vars/all.network b/group_vars/all.yml.network similarity index 100% rename from group_vars/all.network rename to group_vars/all.yml.network diff --git a/group_vars/bootnode.example b/group_vars/bootnode.yml.example similarity index 64% rename from group_vars/bootnode.example rename to group_vars/bootnode.yml.example index 6448313..bacb0a3 100644 --- a/group_vars/bootnode.example +++ b/group_vars/bootnode.yml.example @@ -1,9 +1,3 @@ -access_key: "INSERT KEY HERE" -secret_key: "INSERT SECRET HERE" -awskeypair_name: "keypairname" - -vpc_subnet_id: "subnet-ID-number" - NODE_FULLNAME: "INSERT NODENAME" NODE_ADMIN_EMAIL: "INSERT@EMAIL" diff --git a/group_vars/explorer.example b/group_vars/explorer.example deleted file mode 100644 index 71597ec..0000000 --- a/group_vars/explorer.example +++ /dev/null @@ -1,14 +0,0 @@ -access_key: "INSERT KEY HERE" -secret_key: "INSERT SECRET HERE" -awskeypair_name: "keypairname" - -vpc_subnet_id: "subnet-ID-number" - -username: "explorer" -users: - - name: "{{ username }}" -home: "/home/{{ username }}" - -nginx_headers: "off" -PROXY_PORT: "3000" -explorerS_SERVER: "localhost" \ No newline at end of file diff --git a/group_vars/explorer.yml.example b/group_vars/explorer.yml.example new file mode 100644 index 0000000..126dbc2 --- /dev/null +++ b/group_vars/explorer.yml.example @@ -0,0 +1,8 @@ +username: "explorer" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +nginx_headers: "off" +PROXY_PORT: "3000" +explorerS_SERVER: "localhost" \ No newline at end of file diff --git a/group_vars/moc.example b/group_vars/moc.yml.example similarity index 64% rename from group_vars/moc.example rename to group_vars/moc.yml.example index 545e2de..f80c66c 100644 --- a/group_vars/moc.example +++ b/group_vars/moc.yml.example @@ -1,9 +1,3 @@ -access_key: "INSERT KEY HERE" -secret_key: "INSERT SECRET HERE" -awskeypair_name: "keypairname" - -vpc_subnet_id: "subnet-ID-number" - NODE_FULLNAME: "INSERT NODENAME" NODE_ADMIN_EMAIL: "INSERT@EMAIL" diff --git a/group_vars/netstat.example b/group_vars/netstat.yml.example similarity index 56% rename from group_vars/netstat.example rename to group_vars/netstat.yml.example index d3cf671..a511ec3 100644 --- a/group_vars/netstat.example +++ b/group_vars/netstat.yml.example @@ -1,9 +1,3 @@ -access_key: "INSERT KEY HERE" -secret_key: "INSERT SECRET HERE" -awskeypair_name: "keypairname" - -vpc_subnet_id: "subnet-ID-number" - NODE_FULLNAME: "INSERT NODENAME" NODE_ADMIN_EMAIL: "INSERT@EMAIL" diff --git a/group_vars/validator.example b/group_vars/validator.yml.example similarity index 67% rename from group_vars/validator.example rename to group_vars/validator.yml.example index 01af60a..07874a3 100644 --- a/group_vars/validator.example +++ b/group_vars/validator.yml.example @@ -1,9 +1,3 @@ -access_key: "INSERT KEY HERE" -secret_key: "INSERT SECRET HERE" -awskeypair_name: "keypairname" - -vpc_subnet_id: "subnet-ID-number" - NODE_FULLNAME: "INSERT NODENAME" NODE_ADMIN_EMAIL: "INSERT@EMAIL" From 35bad690ac4794224c85707a999a147d8beb6756 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 20 Apr 2018 13:42:53 +0300 Subject: [PATCH 06/71] Fix for #114 --- group_vars/all.yml.example | 1 + group_vars/all.yml.network | 1 + roles/nginx/tasks/main.yml | 24 +++++++++++++++++++++++- 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 604cdf0..31a93a2 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -6,6 +6,7 @@ ### --- +user: ubuntu ### can be changed to centos or other if needed ssh_root: - "{{ lookup('file', 'files/admins.pub') }}" diff --git a/group_vars/all.yml.network b/group_vars/all.yml.network index 83cbef8..a90bdda 100644 --- a/group_vars/all.yml.network +++ b/group_vars/all.yml.network @@ -1,4 +1,5 @@ --- +user: ubuntu ansible_python_interpreter: /usr/bin/python3 ssh_root: diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index f8c4e61..e86341c 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -7,8 +7,30 @@ apt: name: "python3-pip" state: present + +- name: Ensure OpenSSL dependencies are installed (Ubuntu) + package: + name: {{ item }} + state: present + with_items: + - build-essential + - libssl-dev + - libffi-dev + - python-dev + when: ansible_os_family == "Debian" + +- name: Ensure OpenSSL dependencies are installed (CentOS) + package: + name: {{ item }} + state: present + with_items: + - gcc + - libffi-devel + - openssl-devel + - python-devel + when: ansible_os_family == "RedHat" -- name: Ensure python OpenSSL dependencies are installed. +- name: Install OpenSSL module pip: name: pyOpenSSL state: present From d111f94dca50ee2810f4fb5b92c437daebdd6bfc Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 20 Apr 2018 14:03:42 +0300 Subject: [PATCH 07/71] fix for #113 --- roles/bootnode/defaults/main.yml | 2 ++ roles/explorer/defaults/main.yml | 2 ++ roles/explorer/templates/app.json.j2 | 4 ++-- roles/explorer/templates/config.js.j2 | 2 +- roles/explorer/templates/poa-chain-explorer.j2 | 2 +- roles/moc/defaults/main.yml | 2 ++ roles/netstat/defaults/main.yml | 2 ++ roles/netstat/tasks/main.yml | 8 ++++---- roles/netstat/templates/poa-dashboard.j2 | 2 +- roles/poa-logrotate/templates/poa-logrotate.conf.j2 | 8 ++++---- roles/poa-logrotate/templates/poa-logrotate.j2 | 2 +- roles/poa-netstats/tasks/main.yml | 2 +- roles/poa-netstats/templates/app.json.j2 | 4 ++-- roles/poa-netstats/templates/poa-netstats.j2 | 2 +- roles/poa-orchestrator/templates/poa-orchestrator.j2 | 4 ++-- roles/poa-parity/templates/app_chain_explorer.json.j2 | 4 ++-- roles/validator/defaults/main.yml | 2 ++ 17 files changed, 32 insertions(+), 22 deletions(-) diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index 60c69c8..8778241 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -1,5 +1,7 @@ --- +user: ubuntu + allow_bootnode_ssh: true allow_bootnode_p2p: true allow_bootnode_rpc: false \ No newline at end of file diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index 287e61d..900abe5 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -1,5 +1,7 @@ ----- +user: ubuntu + allow_explorer_ssh: true allow_explorer_p2p: true allow_explorer_http: true \ No newline at end of file diff --git a/roles/explorer/templates/app.json.j2 b/roles/explorer/templates/app.json.j2 index e0ca3dd..20467dd 100644 --- a/roles/explorer/templates/app.json.j2 +++ b/roles/explorer/templates/app.json.j2 @@ -3,8 +3,8 @@ "name" : "explorer", "script" : "./bin/www", "log_date_format" : "YYYY-MM-DD HH:mm:SS Z", - "error_file" : "/home/{{ username }}/logs/explorer.err", - "out_file" : "/home/{{ username }}/logs/explorer.out", + "error_file" : "{{ home }}/logs/explorer.err", + "out_file" : "{{ home }}/logs/explorer.out", "merge_logs" : false, "watch" : false, "max_restarts" : 100, diff --git a/roles/explorer/templates/config.js.j2 b/roles/explorer/templates/config.js.j2 index e6fe8a8..2e86b0f 100644 --- a/roles/explorer/templates/config.js.j2 +++ b/roles/explorer/templates/config.js.j2 @@ -2,7 +2,7 @@ var web3 = require('web3'); var net = require('net'); var config = function () { this.logFormat = "combined"; - this.ipcPath = "/home/{{ username }}/parity_data/jsonrpc.ipc"; + this.ipcPath = "{{ home }}/parity_data/jsonrpc.ipc"; this.provider = new web3.providers.IpcProvider(this.ipcPath, net); this.bootstrapUrl = "https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/yeti/bootstrap.min.css"; this.names = { diff --git a/roles/explorer/templates/poa-chain-explorer.j2 b/roles/explorer/templates/poa-chain-explorer.j2 index f0fda63..a8465d2 100644 --- a/roles/explorer/templates/poa-chain-explorer.j2 +++ b/roles/explorer/templates/poa-chain-explorer.j2 @@ -7,7 +7,7 @@ RemainAfterExit=true User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }}/chain-explorer +WorkingDirectory={{ home }}/chain-explorer ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] WantedBy=multi-user.target diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index ba5ed06..d2d1493 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -1,4 +1,6 @@ --- +user: ubuntu + allow_moc_ssh: true allow_moc_p2p: true \ No newline at end of file diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index 1871848..8baa5df 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -1,4 +1,6 @@ --- +user: ubuntu + allow_netstat_ssh: true allow_netstat_http: true diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index 119bc17..c6417d8 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -11,7 +11,7 @@ - name: install npm netstats npm: - path: "/home/{{ username }}/eth-netstats" + path: "{{ home }}/eth-netstats" become: true become_user: "{{ username }}" notify: @@ -23,16 +23,16 @@ global: yes - name: run grunt process - shell: "cd /home/{{ username }}/eth-netstats; grunt" + shell: "cd {{ home }}/eth-netstats; grunt" become: true become_user: "{{ username }}" args: - creates: "/home/{{ username }}/dist" + creates: "{{ home }}/dist" - name: Config ws_secret.json file copy: content: '["{{ NETSTATS_SECRET }}"]' - dest: "/home/{{ username }}/eth-netstats/ws_secret.json" + dest: "{{ home }}/eth-netstats/ws_secret.json" notify: - restart poa-dashboard diff --git a/roles/netstat/templates/poa-dashboard.j2 b/roles/netstat/templates/poa-dashboard.j2 index f6546f2..8e35c6a 100644 --- a/roles/netstat/templates/poa-dashboard.j2 +++ b/roles/netstat/templates/poa-dashboard.j2 @@ -5,7 +5,7 @@ After=network.target User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }}/eth-netstats +WorkingDirectory={{ home }}/eth-netstats Restart=always ExecStart=/usr/bin/npm start [Install] diff --git a/roles/poa-logrotate/templates/poa-logrotate.conf.j2 b/roles/poa-logrotate/templates/poa-logrotate.conf.j2 index 865e394..1716c7b 100644 --- a/roles/poa-logrotate/templates/poa-logrotate.conf.j2 +++ b/roles/poa-logrotate/templates/poa-logrotate.conf.j2 @@ -1,4 +1,4 @@ -/home/{{ username }}/logs/*.log { +{{ home }}/logs/*.log { rotate 10 size 200M missingok @@ -9,7 +9,7 @@ olddir old } -/home/{{ username }}/logs/*.err { +{{ home }}/logs/*.err { rotate 10 size 200M missingok @@ -20,7 +20,7 @@ olddir old } -/home/{{ username }}/logs/*.out { +{{ home }}/logs/*.out { rotate 10 size 200M missingok @@ -31,7 +31,7 @@ olddir old } -/home/{{ username }}/.pm2/pm2.log { +{{ home }}/.pm2/pm2.log { su {{ username }} {{ username }} rotate 10 size 200M diff --git a/roles/poa-logrotate/templates/poa-logrotate.j2 b/roles/poa-logrotate/templates/poa-logrotate.j2 index c20dff4..8b67e39 100644 --- a/roles/poa-logrotate/templates/poa-logrotate.j2 +++ b/roles/poa-logrotate/templates/poa-logrotate.j2 @@ -1,2 +1,2 @@ #!/bin/bash -/usr/sbin/logrotate /home/{{ username }}/poa-logrotate.conf +/usr/sbin/logrotate {{ home }}/poa-logrotate.conf diff --git a/roles/poa-netstats/tasks/main.yml b/roles/poa-netstats/tasks/main.yml index da4d1a4..529eb4c 100644 --- a/roles/poa-netstats/tasks/main.yml +++ b/roles/poa-netstats/tasks/main.yml @@ -31,7 +31,7 @@ - name: install npm netstats npm: - path: "/home/{{ username }}/eth-net-intelligence-api" + path: "{{ home }}/eth-net-intelligence-api" become: true become_user: "{{ username }}" notify: diff --git a/roles/poa-netstats/templates/app.json.j2 b/roles/poa-netstats/templates/app.json.j2 index 47a99c3..1182744 100644 --- a/roles/poa-netstats/templates/app.json.j2 +++ b/roles/poa-netstats/templates/app.json.j2 @@ -3,8 +3,8 @@ "name" : "netstats_daemon", "script" : "app.js", "log_date_format" : "YYYY-MM-DD HH:mm:SS Z", - "error_file" : "/home/{{ username }}/logs/netstats_daemon.err", - "out_file" : "/home/{{ username }}/logs/netstats_daemon.out", + "error_file" : "{{ home }}/logs/netstats_daemon.err", + "out_file" : "{{ home }}/logs/netstats_daemon.out", "merge_logs" : false, "watch" : false, "max_restarts" : 100, diff --git a/roles/poa-netstats/templates/poa-netstats.j2 b/roles/poa-netstats/templates/poa-netstats.j2 index c76cbb6..6b160fc 100644 --- a/roles/poa-netstats/templates/poa-netstats.j2 +++ b/roles/poa-netstats/templates/poa-netstats.j2 @@ -7,7 +7,7 @@ RemainAfterExit=true User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api +WorkingDirectory={{ home }}/eth-net-intelligence-api ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] WantedBy=multi-user.target diff --git a/roles/poa-orchestrator/templates/poa-orchestrator.j2 b/roles/poa-orchestrator/templates/poa-orchestrator.j2 index 2f98456..c7236cc 100644 --- a/roles/poa-orchestrator/templates/poa-orchestrator.j2 +++ b/roles/poa-orchestrator/templates/poa-orchestrator.j2 @@ -4,7 +4,7 @@ After=poa-parity.service [Service] User={{ username }} Group={{ username }} -WorkingDirectory=/home/{{ username }} -ExecStart=/home/{{ username }}/parity-orchestrator --config=parity-orchestrator.toml +WorkingDirectory={{ home }} +ExecStart={{ home }}/parity-orchestrator --config=parity-orchestrator.toml [Install] WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/app_chain_explorer.json.j2 b/roles/poa-parity/templates/app_chain_explorer.json.j2 index b07d1b9..5b6c957 100644 --- a/roles/poa-parity/templates/app_chain_explorer.json.j2 +++ b/roles/poa-parity/templates/app_chain_explorer.json.j2 @@ -3,8 +3,8 @@ "name" : "explorer", "script" : "./bin/www", "log_date_format" : "YYYY-MM-DD HH:mm:SS Z", - "error_file" : "/home/{{ username }}/logs/explorer.err", - "out_file" : "/home/{{ username }}/logs/explorer.out", + "error_file" : "{{ home }}/logs/explorer.err", + "out_file" : "{{ home }}/logs/explorer.out", "merge_logs" : false, "watch" : false, "max_restarts" : 100, diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index 37fd20d..5740899 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -1,5 +1,7 @@ --- +user: ubuntu + allow_validator_ssh: true allow_validator_p2p: true From 6644d2094251fdc4f28e0986c79640e4613b5416 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 20 Apr 2018 14:08:59 +0300 Subject: [PATCH 08/71] #113 fix + tab deletion. --- aws/site.yml | 2 +- roles/explorer/tasks/main.yml | 2 +- roles/nginx/tasks/main.yml | 2 +- roles/poa-parity/templates/app.json.j2 | 4 ++-- roles/poa-parity/templates/config.js.j2 | 2 +- roles/poa-parity/templates/poa-chain-explorer.j2 | 2 +- roles/poa-parity/templates/poa-dashboard.j2 | 2 +- roles/poa-parity/templates/poa-logrotate.conf.j2 | 4 ++-- roles/poa-parity/templates/poa-logrotate.j2 | 2 +- roles/poa-parity/templates/poa-netstats.j2 | 2 +- roles/poa-parity/templates/poa-parity.j2 | 4 ++-- roles/poa-parity/templates/poa-pm2.j2 | 2 +- roles/poa-pm2/templates/poa-pm2.j2 | 2 +- roles/validator/templates/transferRewardToPayoutKey.j2 | 10 +++++----- site.yml | 2 +- 15 files changed, 22 insertions(+), 22 deletions(-) diff --git a/aws/site.yml b/aws/site.yml index 9e34770..ef373b7 100644 --- a/aws/site.yml +++ b/aws/site.yml @@ -1,7 +1,7 @@ - name: Bootnode deployment import_playbook: bootnode.yml tags: bootnode - + - name: Explorer deployment import_playbook: explorer.yml tags: explorer diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index 7bc69be..9b5c38c 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -21,7 +21,7 @@ - name: install npm chain_explorer npm: - path: "/home/{{ username }}/chain-explorer" + path: "{{ home }}//chain-explorer" become: true become_user: "{{ username }}" notify: diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index e86341c..2cbe61e 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -7,7 +7,7 @@ apt: name: "python3-pip" state: present - + - name: Ensure OpenSSL dependencies are installed (Ubuntu) package: name: {{ item }} diff --git a/roles/poa-parity/templates/app.json.j2 b/roles/poa-parity/templates/app.json.j2 index 47a99c3..1182744 100644 --- a/roles/poa-parity/templates/app.json.j2 +++ b/roles/poa-parity/templates/app.json.j2 @@ -3,8 +3,8 @@ "name" : "netstats_daemon", "script" : "app.js", "log_date_format" : "YYYY-MM-DD HH:mm:SS Z", - "error_file" : "/home/{{ username }}/logs/netstats_daemon.err", - "out_file" : "/home/{{ username }}/logs/netstats_daemon.out", + "error_file" : "{{ home }}/logs/netstats_daemon.err", + "out_file" : "{{ home }}/logs/netstats_daemon.out", "merge_logs" : false, "watch" : false, "max_restarts" : 100, diff --git a/roles/poa-parity/templates/config.js.j2 b/roles/poa-parity/templates/config.js.j2 index 8b65798..1f620e4 100644 --- a/roles/poa-parity/templates/config.js.j2 +++ b/roles/poa-parity/templates/config.js.j2 @@ -2,7 +2,7 @@ var web3 = require('web3'); var net = require('net'); var config = function () { this.logFormat = "combined"; - this.ipcPath = "/home/{{ username }}/parity_data/jsonrpc.ipc"; + this.ipcPath = "{{ home }}/parity_data/jsonrpc.ipc"; this.provider = new web3.providers.IpcProvider(this.ipcPath, net); this.bootstrapUrl = "https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/yeti/bootstrap.min.css"; this.names = { diff --git a/roles/poa-parity/templates/poa-chain-explorer.j2 b/roles/poa-parity/templates/poa-chain-explorer.j2 index f0fda63..a8465d2 100644 --- a/roles/poa-parity/templates/poa-chain-explorer.j2 +++ b/roles/poa-parity/templates/poa-chain-explorer.j2 @@ -7,7 +7,7 @@ RemainAfterExit=true User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }}/chain-explorer +WorkingDirectory={{ home }}/chain-explorer ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/poa-dashboard.j2 b/roles/poa-parity/templates/poa-dashboard.j2 index f6546f2..8e35c6a 100644 --- a/roles/poa-parity/templates/poa-dashboard.j2 +++ b/roles/poa-parity/templates/poa-dashboard.j2 @@ -5,7 +5,7 @@ After=network.target User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }}/eth-netstats +WorkingDirectory={{ home }}/eth-netstats Restart=always ExecStart=/usr/bin/npm start [Install] diff --git a/roles/poa-parity/templates/poa-logrotate.conf.j2 b/roles/poa-parity/templates/poa-logrotate.conf.j2 index 91f9b15..1ec5e3b 100644 --- a/roles/poa-parity/templates/poa-logrotate.conf.j2 +++ b/roles/poa-parity/templates/poa-logrotate.conf.j2 @@ -1,4 +1,4 @@ -/home/{{ username }}/logs/*.log { +{{ home }}/logs/*.log { rotate 10 size 200M missingok @@ -8,7 +8,7 @@ dateformat %Y-%m-%d-%s olddir old } -/home/{{ username }}/.pm2/pm2.log { +{{ home }}/.pm2/pm2.log { su {{ username }} {{ username }} rotate 10 size 200M diff --git a/roles/poa-parity/templates/poa-logrotate.j2 b/roles/poa-parity/templates/poa-logrotate.j2 index c20dff4..8b67e39 100644 --- a/roles/poa-parity/templates/poa-logrotate.j2 +++ b/roles/poa-parity/templates/poa-logrotate.j2 @@ -1,2 +1,2 @@ #!/bin/bash -/usr/sbin/logrotate /home/{{ username }}/poa-logrotate.conf +/usr/sbin/logrotate {{ home }}/poa-logrotate.conf diff --git a/roles/poa-parity/templates/poa-netstats.j2 b/roles/poa-parity/templates/poa-netstats.j2 index c76cbb6..6b160fc 100644 --- a/roles/poa-parity/templates/poa-netstats.j2 +++ b/roles/poa-parity/templates/poa-netstats.j2 @@ -7,7 +7,7 @@ RemainAfterExit=true User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api +WorkingDirectory={{ home }}/eth-net-intelligence-api ExecStart=/usr/bin/pm2 startOrRestart app.json [Install] WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/poa-parity.j2 b/roles/poa-parity/templates/poa-parity.j2 index 48cc32f..1530ba1 100644 --- a/roles/poa-parity/templates/poa-parity.j2 +++ b/roles/poa-parity/templates/poa-parity.j2 @@ -4,11 +4,11 @@ After=network.target [Service] User={{ username }} Group={{ username }} -WorkingDirectory=/home/{{ username }} +WorkingDirectory={{ home }} {% if validator_archive|default("off") == "on" or bootnode_archive|default("off") == "on" or moc_archive|default("off") == "on" %} Environment=RUST_BACKTRACE=1 {% endif %} -ExecStart=/home/{{ username }}/parity --config=node.toml {{ '--whisper' if bootnode_orchestrator|default("off") == "on" else '' }} +ExecStart={{ home }}/parity --config=node.toml {{ '--whisper' if bootnode_orchestrator|default("off") == "on" else '' }} Restart=always [Install] WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/poa-pm2.j2 b/roles/poa-parity/templates/poa-pm2.j2 index 1ddd76f..ae5a4ba 100644 --- a/roles/poa-parity/templates/poa-pm2.j2 +++ b/roles/poa-parity/templates/poa-pm2.j2 @@ -7,7 +7,7 @@ RemainAfterExit=true User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }} +WorkingDirectory={{ home }} ExecStart=/usr/bin/pm2 ping [Install] WantedBy=multi-user.target diff --git a/roles/poa-pm2/templates/poa-pm2.j2 b/roles/poa-pm2/templates/poa-pm2.j2 index 1ddd76f..ae5a4ba 100644 --- a/roles/poa-pm2/templates/poa-pm2.j2 +++ b/roles/poa-pm2/templates/poa-pm2.j2 @@ -7,7 +7,7 @@ RemainAfterExit=true User={{ username }} Group={{ username }} Environment=MYVAR=myval -WorkingDirectory=/home/{{ username }} +WorkingDirectory={{ home }} ExecStart=/usr/bin/pm2 ping [Install] WantedBy=multi-user.target diff --git a/roles/validator/templates/transferRewardToPayoutKey.j2 b/roles/validator/templates/transferRewardToPayoutKey.j2 index 87b26ac..ac5ca93 100644 --- a/roles/validator/templates/transferRewardToPayoutKey.j2 +++ b/roles/validator/templates/transferRewardToPayoutKey.j2 @@ -1,7 +1,7 @@ #!/bin/bash cd "{{ home }}/poa-scripts-validator/transferRewardToPayoutKey/" -echo "Starting at $(date)" >> "/home/{{ username }}/logs/transferRewardToPayoutKey.out" -echo "Starting at $(date)" >> "/home/{{ username }}/logs/transferRewardToPayoutKey.err" -/usr/bin/node {{ home }}/poa-scripts-validator/transferRewardToPayoutKey/transferRewardToPayoutKey.js >> "/home/{{ username }}/logs/transferRewardToPayoutKey.out" 2>> "/home/{{ username }}/logs/transferRewardToPayoutKey.err" -echo "" >> "/home/{{ username }}/logs/transferRewardToPayoutKey.out" -echo "" >> "/home/{{ username }}/logs/transferRewardToPayoutKey.err" +echo "Starting at $(date)" >> "{{ home }}/logs/transferRewardToPayoutKey.out" +echo "Starting at $(date)" >> "{{ home }}/logs/transferRewardToPayoutKey.err" +/usr/bin/node {{ home }}/poa-scripts-validator/transferRewardToPayoutKey/transferRewardToPayoutKey.js >> "{{ home }}/logs/transferRewardToPayoutKey.out" 2>> "{{ home }}/logs/transferRewardToPayoutKey.err" +echo "" >> "{{ home }}/logs/transferRewardToPayoutKey.out" +echo "" >> "{{ home }}/logs/transferRewardToPayoutKey.err" diff --git a/site.yml b/site.yml index 9e34770..ef373b7 100644 --- a/site.yml +++ b/site.yml @@ -1,7 +1,7 @@ - name: Bootnode deployment import_playbook: bootnode.yml tags: bootnode - + - name: Explorer deployment import_playbook: explorer.yml tags: explorer From 310008678fdab4f0a99853618b0d70e080f186c5 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 20 Apr 2018 14:13:30 +0300 Subject: [PATCH 09/71] small syntax fixes --- roles/explorer/defaults/main.yml | 2 +- roles/explorer/handlers/main.yml | 2 +- roles/nginx/tasks/main.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index 900abe5..bb50248 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -1,4 +1,4 @@ ------ +--- user: ubuntu diff --git a/roles/explorer/handlers/main.yml b/roles/explorer/handlers/main.yml index 13a96e4..070a0c9 100644 --- a/roles/explorer/handlers/main.yml +++ b/roles/explorer/handlers/main.yml @@ -2,5 +2,5 @@ - name: restart poa-chain-explorer service: name=poa-chain-explorer state=restarted - - name: restart ufw +- name: restart ufw service: name=ufw state=restarted \ No newline at end of file diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 2cbe61e..47ddf95 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -10,7 +10,7 @@ - name: Ensure OpenSSL dependencies are installed (Ubuntu) package: - name: {{ item }} + name: "{{ item }}" state: present with_items: - build-essential @@ -21,7 +21,7 @@ - name: Ensure OpenSSL dependencies are installed (CentOS) package: - name: {{ item }} + name: "{{ item }}" state: present with_items: - gcc From 9776af52ba9a83e51c524d2f672fff44e02f09d6 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 20 Apr 2018 19:18:06 +0300 Subject: [PATCH 10/71] #116 cosmetic fix --- roles/logentries/tasks/main.yml | 2 +- roles/nodejs/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/logentries/tasks/main.yml b/roles/logentries/tasks/main.yml index dca4adc..9890945 100644 --- a/roles/logentries/tasks/main.yml +++ b/roles/logentries/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Add logentries repository apt_repository: - repo: 'deb http://rep.logentries.com/ {{ansible_distribution_release}} main' + repo: 'deb http://rep.logentries.com/ {{ ansible_distribution_release }} main' state: present filename: logentries diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index 2d04140..503792c 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -10,7 +10,7 @@ - name: Add nodejs repository apt_repository: - repo: 'deb {{ NODE_SOURCE_DEB }} {{ansible_distribution_release}} main' + repo: 'deb {{ NODE_SOURCE_DEB }} {{ ansible_distribution_release }} main' state: present - name: Install nodejs packages From 890592fe5b9bf39045a5dde3d778d0e434759a99 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 20 Apr 2018 21:13:15 +0300 Subject: [PATCH 11/71] Syntax fix --- roles/preconf/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/preconf/tasks/main.yml b/roles/preconf/tasks/main.yml index c9091e0..1fd26f9 100644 --- a/roles/preconf/tasks/main.yml +++ b/roles/preconf/tasks/main.yml @@ -11,6 +11,6 @@ - import_tasks: swap.yml - import_tasks: logs.yml - import_tasks: keys.yml - when: ‘netstat’ not in ansible_hostname + when: "'netstat' not in ansible_hostname" - import_tasks: spec.yml - when: ‘netstat’ not in ansible_hostname + when: "'netstat' not in ansible_hostname" From efc1a738d7bffeeac0c4cdeaa019cec8c2680ef8 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 23 Apr 2018 12:01:36 +0300 Subject: [PATCH 12/71] #119 fix --- roles/bootnode/meta/main.yml | 1 - roles/logentries/handlers/main.yml | 3 -- roles/logentries/tasks/main.yml | 47 ------------------------ roles/logentries/templates/logentries.j2 | 33 ----------------- 4 files changed, 84 deletions(-) delete mode 100644 roles/logentries/handlers/main.yml delete mode 100644 roles/logentries/tasks/main.yml delete mode 100644 roles/logentries/templates/logentries.j2 diff --git a/roles/bootnode/meta/main.yml b/roles/bootnode/meta/main.yml index aaa6dc1..9369e1f 100644 --- a/roles/bootnode/meta/main.yml +++ b/roles/bootnode/meta/main.yml @@ -1,7 +1,6 @@ dependencies: - { role: preconf } - { role: usermanager } -# - { role: logentries } - { role: nodejs } - { role: poa-logrotate } - { role: poa-parity } diff --git a/roles/logentries/handlers/main.yml b/roles/logentries/handlers/main.yml deleted file mode 100644 index b6a9412..0000000 --- a/roles/logentries/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart logentries - service: name=logentries state=restarted diff --git a/roles/logentries/tasks/main.yml b/roles/logentries/tasks/main.yml deleted file mode 100644 index 9890945..0000000 --- a/roles/logentries/tasks/main.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -- name: Add logentries repository - apt_repository: - repo: 'deb http://rep.logentries.com/ {{ ansible_distribution_release }} main' - state: present - filename: logentries - -- name: add repository key - apt_key: - keyserver: pgp.mit.edu - id: A5270289C43C79AD - state: present - -- name: Install logentries packages - apt: name={{ item }} state=present update_cache=yes - with_items: - - logentries - - logentries-daemon - - python-setproctitle - -- name: connect logentries account - shell: le reinit --user-key={{ logentries_user_key }} - notify: - - restart logentries - -- name: deactivate pull-server-side-config - lineinfile: - dest: /etc/le/config - regexp: "pull-server-side-config = " - line: "pull-server-side-config = False" - notify: - - restart logentries - -- name: create config folder - file: - path: /etc/le/conf.d - state: directory - mode: 0755 - -- name: deploy config logentries - template: src=logentries.j2 dest=/etc/le/conf.d/{{ GENESIS_BRANCH }}.conf - notify: - - restart logentries - -- name: Ensure logentries is running and enabled to start at boot - service: name=logentries state=started enabled=yes - diff --git a/roles/logentries/templates/logentries.j2 b/roles/logentries/templates/logentries.j2 deleted file mode 100644 index 4c74112..0000000 --- a/roles/logentries/templates/logentries.j2 +++ /dev/null @@ -1,33 +0,0 @@ -[install_err] -path = /var/lib/waagent/custom-script/download/0/stderr -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[install_out] -path = /var/lib/waagent/custom-script/download/0/stdout -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[dashboard_err] -path = {{ logsprefix }}/dashboard.err -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[dashboard_out] -path = {{ logsprefix }}/dashboard.out -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[parity_log] -path = {{ logsprefix }}/parity.log -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[parity_err] -path = {{ logsprefix }}/parity.err -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[parity_out] -path = {{ logsprefix }}/parity.out -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[netstats_daemon_err] -path = {{ logsprefix }}/netstats_daemon.err -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[netstats_daemon_out] -path = {{ logsprefix }}/netstats_daemon.out -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[explorer_err] -path = {{ logsprefix }}/explorer.err -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} -[explorer_out] -path = {{ logsprefix }}/explorer.out -destination = {{ GENESIS_BRANCH }}/{{ ansible_host }} From 0c9639bfe918c8d295c2a089bcf10ac52477b9b0 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 23 Apr 2018 18:16:49 +0300 Subject: [PATCH 13/71] Fix for #115 --- roles/bootnode/defaults/main.yml | 18 ++++++++++++- roles/explorer/defaults/main.yml | 16 ++++++++++- roles/moc/defaults/main.yml | 27 ++++++++++++++++++- roles/netstat/defaults/main.yml | 17 ++++++++++++ roles/nginx/defaults/main.yml | 3 +++ roles/nodejs/defaults/main.yml | 3 +++ roles/poa-logrotate/defaults/main.yml | 4 +++ roles/poa-netstats/defaults/main.yml | 16 +++++++++++ .../vars/{main.yml => main.yml.example} | 0 roles/poa-orchestrator/defaults/main.yml | 9 +++++++ roles/poa-parity/defaults/main.yml | 21 +++++++++++++++ roles/poa-pm2/defaults/main.yml | 8 ++++++ roles/preconf/defaults/main.yml | 13 +++++++++ roles/usermanager/defaults/main.yml | 5 ++++ roles/validator/defaults/main.yml | 13 ++++++++- 15 files changed, 169 insertions(+), 4 deletions(-) create mode 100644 roles/nginx/defaults/main.yml create mode 100644 roles/nodejs/defaults/main.yml create mode 100644 roles/poa-logrotate/defaults/main.yml create mode 100644 roles/poa-netstats/defaults/main.yml rename roles/poa-netstats/vars/{main.yml => main.yml.example} (100%) create mode 100644 roles/poa-orchestrator/defaults/main.yml create mode 100644 roles/poa-parity/defaults/main.yml create mode 100644 roles/poa-pm2/defaults/main.yml create mode 100644 roles/preconf/defaults/main.yml create mode 100644 roles/usermanager/defaults/main.yml diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index 8778241..e35a044 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -4,4 +4,20 @@ user: ubuntu allow_bootnode_ssh: true allow_bootnode_p2p: true -allow_bootnode_rpc: false \ No newline at end of file +allow_bootnode_rpc: false + +NODE_FULLNAME: "bootnode" +NODE_ADMIN_EMAIL: "" + +NETSTATS_SERVER: "" +NETSTATS_SECRET: "" + +username: "bootnode" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" +nginx_headers: "on" +PROXY_PORT: "8545" + +bootnode_archive: "off" +bootnode_orchestrator: "off" \ No newline at end of file diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index bb50248..f801bcc 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -4,4 +4,18 @@ user: ubuntu allow_explorer_ssh: true allow_explorer_p2p: true -allow_explorer_http: true \ No newline at end of file +allow_explorer_http: true + +username: "explorer" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +nginx_headers: "off" +PROXY_PORT: "3000" +#explorerS_SERVER: "localhost" + +MAIN_REPO_FETCH: "poanetwork" +MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" + +explorer_version: "acee07c" \ No newline at end of file diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index d2d1493..4015c3c 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -3,4 +3,29 @@ user: ubuntu allow_moc_ssh: true -allow_moc_p2p: true \ No newline at end of file +allow_moc_p2p: true + +NODE_FULLNAME: "moc" +NODE_ADMIN_EMAIL: "" +NODE_PWD: "node.pwd" # don't change this one + +NETSTATS_SERVER: "" +NETSTATS_SECRET: "" + +MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" +MOC_KEYPASS: "" +MOC_KEYFILE: "" + +SCRIPTS_MOC_BRANCH: "mainnet" +GENESIS_NETWORK_NAME: "PoA" +MAIN_REPO_FETCH: "poanetwork" + +BLK_GAS_LIMIT: "6700000" + +username: "moc" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +moc_archive: "off" + diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index 8baa5df..d8f8c6d 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -4,3 +4,20 @@ user: ubuntu allow_netstat_ssh: true allow_netstat_http: true + +netstat_version: "cb431d6" + +NETSTATS_SERVER: "http://localhost:3000" +NETSTATS_SECRET: "" +MAIN_REPO_FETCH: "poanetwork" + +NODE_FULLNAME: "netstat" +NODE_ADMIN_EMAIL: "" + +username: "netstat" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +nginx_headers: "off" +PROXY_PORT: "3000" diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml new file mode 100644 index 0000000..8898e57 --- /dev/null +++ b/roles/nginx/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +PROXY_PORT: 3000 \ No newline at end of file diff --git a/roles/nodejs/defaults/main.yml b/roles/nodejs/defaults/main.yml new file mode 100644 index 0000000..36fa7b4 --- /dev/null +++ b/roles/nodejs/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x" \ No newline at end of file diff --git a/roles/poa-logrotate/defaults/main.yml b/roles/poa-logrotate/defaults/main.yml new file mode 100644 index 0000000..970ee65 --- /dev/null +++ b/roles/poa-logrotate/defaults/main.yml @@ -0,0 +1,4 @@ +username: "bootnode" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" \ No newline at end of file diff --git a/roles/poa-netstats/defaults/main.yml b/roles/poa-netstats/defaults/main.yml new file mode 100644 index 0000000..0a337a2 --- /dev/null +++ b/roles/poa-netstats/defaults/main.yml @@ -0,0 +1,16 @@ +--- + +MAIN_REPO_FETCH: "poanetwork" +GENESIS_NETWORK_NAME: "PoA" + +api_version: "9773b5b" + +NODE_FULLNAME: "" +NODE_ADMIN_EMAIL: "" +NETSTATS_SERVER: "" +NETSTATS_SECRET: "" + +username: "poa" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" \ No newline at end of file diff --git a/roles/poa-netstats/vars/main.yml b/roles/poa-netstats/vars/main.yml.example similarity index 100% rename from roles/poa-netstats/vars/main.yml rename to roles/poa-netstats/vars/main.yml.example diff --git a/roles/poa-orchestrator/defaults/main.yml b/roles/poa-orchestrator/defaults/main.yml new file mode 100644 index 0000000..c90f1da --- /dev/null +++ b/roles/poa-orchestrator/defaults/main.yml @@ -0,0 +1,9 @@ +--- + +ORCHESTRATOR_BIN_LOC: "" +ORCHESTRATOR_BIN_SHA256: "" + +username: "poa" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" \ No newline at end of file diff --git a/roles/poa-parity/defaults/main.yml b/roles/poa-parity/defaults/main.yml new file mode 100644 index 0000000..559d9f8 --- /dev/null +++ b/roles/poa-parity/defaults/main.yml @@ -0,0 +1,21 @@ +--- + +GENESIS_NETWORK_NAME: "PoA" +PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" +PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" + +NODE_FULLNAME: "default" +NODE_ADMIN_EMAIL: "default@example.com" +NETSTATS_SERVER: "" +NETSTATS_SECRET: "" +MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" + +validator_archive: "off" +bootnode_archive: "off" +moc_archive: "off" +bootnode_orchestrator: "off" + +username: "poa" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" \ No newline at end of file diff --git a/roles/poa-pm2/defaults/main.yml b/roles/poa-pm2/defaults/main.yml new file mode 100644 index 0000000..971f51c --- /dev/null +++ b/roles/poa-pm2/defaults/main.yml @@ -0,0 +1,8 @@ +--- + +username: "bootnode" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +GENESIS_NETWORK_NAME: "PoA" \ No newline at end of file diff --git a/roles/preconf/defaults/main.yml b/roles/preconf/defaults/main.yml new file mode 100644 index 0000000..ba5f115 --- /dev/null +++ b/roles/preconf/defaults/main.yml @@ -0,0 +1,13 @@ +--- + +username: "poa" +users: + - name: "{{ username }}" +home: "/home/{{ username }}" + +GENESIS_NETWORK_NAME: "PoA" +MAIN_REPO_FETCH: "poanetwork" +GENESIS_BRANCH: "master" + +ssh_root: + - "{{ lookup('file', 'files/admins.pub') }}" \ No newline at end of file diff --git a/roles/usermanager/defaults/main.yml b/roles/usermanager/defaults/main.yml new file mode 100644 index 0000000..a1840d3 --- /dev/null +++ b/roles/usermanager/defaults/main.yml @@ -0,0 +1,5 @@ +--- + +username: "poa" +users: + - name: "{{ username }}" \ No newline at end of file diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index 5740899..8d2c543 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -1,7 +1,18 @@ --- -user: ubuntu +username: "poa" +users: + - name: "{{ username }}" allow_validator_ssh: true allow_validator_p2p: true +validator_archive: "off" +GENESIS_NETWORK_NAME: "PoA" +NODE_PWD: "node.pwd" # don't change this one +MINING_KEYFILE: "" +MINING_KEYPASS: "" +MINING_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" +SCRIPTS_VALIDATOR_BRANCH: "mainnet" +MAIN_REPO_FETCH: "poanetwork" +BLK_GAS_LIMIT: "6700000" From 730f866c1b049098aa7e3aeac1007e89937aa3cc Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 23 Apr 2018 18:43:50 +0300 Subject: [PATCH 14/71] Fix for #123 --- group_vars/explorer.yml.example | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/group_vars/explorer.yml.example b/group_vars/explorer.yml.example index 126dbc2..d0be902 100644 --- a/group_vars/explorer.yml.example +++ b/group_vars/explorer.yml.example @@ -4,5 +4,4 @@ users: home: "/home/{{ username }}" nginx_headers: "off" -PROXY_PORT: "3000" -explorerS_SERVER: "localhost" \ No newline at end of file +PROXY_PORT: "3000" \ No newline at end of file From d0656dffaee7b6eb32911cc2eaf364154fe4d683 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 23 Apr 2018 19:18:52 +0300 Subject: [PATCH 15/71] Default user fix --- roles/validator/defaults/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index 8d2c543..b635bd3 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -1,5 +1,7 @@ --- +user: ubuntu + username: "poa" users: - name: "{{ username }}" From f62458473e31b12443e2c5fe6771cc290adce51b Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Tue, 24 Apr 2018 14:35:18 +0300 Subject: [PATCH 16/71] Bug fixing && #120 issue --- aws/bootnode.yml | 14 -------------- aws/explorer.yml | 14 -------------- aws/moc.yml | 14 -------------- aws/netstat.yml | 14 -------------- aws/validator.yml | 14 -------------- group_vars/all.yml.network | 2 ++ group_vars/bootnode.yml.example | 2 ++ group_vars/explorer.yml.example | 3 ++- group_vars/netstat.yml.example | 1 + roles/bootnode/defaults/main.yml | 8 -------- roles/bootnode/tasks/main.yml | 4 ++++ roles/explorer/defaults/main.yml | 1 - roles/explorer/tasks/main.yml | 5 +++++ roles/moc/tasks/main.yml | 6 +++++- roles/netstat/tasks/main.yml | 6 +++++- roles/nginx/tasks/main.yml | 5 +++++ roles/validator/tasks/main.yml | 8 ++++++++ 17 files changed, 39 insertions(+), 82 deletions(-) diff --git a/aws/bootnode.yml b/aws/bootnode.yml index 30f163e..3c6c89c 100644 --- a/aws/bootnode.yml +++ b/aws/bootnode.yml @@ -71,20 +71,6 @@ - name: Install python raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True - roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - - name: Create bootnode elastic ip hosts: localhost gather_facts: False diff --git a/aws/explorer.yml b/aws/explorer.yml index 59f6399..8603907 100644 --- a/aws/explorer.yml +++ b/aws/explorer.yml @@ -71,20 +71,6 @@ - name: Install python raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True - roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - - name: EC2 access setup hosts: explorer become: True diff --git a/aws/moc.yml b/aws/moc.yml index 3165dac..d4b09d3 100644 --- a/aws/moc.yml +++ b/aws/moc.yml @@ -71,20 +71,6 @@ - name: Install python raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True - roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - - name: EC2 access setup hosts: moc become: True diff --git a/aws/netstat.yml b/aws/netstat.yml index 5686644..b519570 100644 --- a/aws/netstat.yml +++ b/aws/netstat.yml @@ -71,20 +71,6 @@ - name: Install python raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True - roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - - name: EC2 access setup hosts: netstat become: True diff --git a/aws/validator.yml b/aws/validator.yml index 6541b76..b191305 100644 --- a/aws/validator.yml +++ b/aws/validator.yml @@ -71,20 +71,6 @@ - name: Install python raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal) -- name: Configure instance(s) - hosts: launched - user: ubuntu - become: True - vars: - ansible_ssh_port: 22 - gather_facts: True - roles: - - preconf - tags: preconf - tasks: - - name: restart machine after setup - shell: shutdown -r 1 - - name: Create validator elastic ip hosts: localhost gather_facts: False diff --git a/group_vars/all.yml.network b/group_vars/all.yml.network index a90bdda..a97b696 100644 --- a/group_vars/all.yml.network +++ b/group_vars/all.yml.network @@ -24,3 +24,5 @@ GENESIS_NETWORK_NAME: "PoA" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" BLK_GAS_LIMIT: "6700000" +ansible_ssh_port: 22 +reboot_after_completion: true \ No newline at end of file diff --git a/group_vars/bootnode.yml.example b/group_vars/bootnode.yml.example index bacb0a3..66dab2b 100644 --- a/group_vars/bootnode.yml.example +++ b/group_vars/bootnode.yml.example @@ -8,8 +8,10 @@ username: "bootnode" users: - name: "{{ username }}" home: "/home/{{ username }}" + nginx_headers: "on" PROXY_PORT: "8545" +configure_extended_tcp_settings: false bootnode_archive: "off" bootnode_orchestrator: "off" \ No newline at end of file diff --git a/group_vars/explorer.yml.example b/group_vars/explorer.yml.example index d0be902..e1734f8 100644 --- a/group_vars/explorer.yml.example +++ b/group_vars/explorer.yml.example @@ -4,4 +4,5 @@ users: home: "/home/{{ username }}" nginx_headers: "off" -PROXY_PORT: "3000" \ No newline at end of file +PROXY_PORT: "3000" +configure_extended_tcp_settings: false \ No newline at end of file diff --git a/group_vars/netstat.yml.example b/group_vars/netstat.yml.example index a511ec3..2f7ac3e 100644 --- a/group_vars/netstat.yml.example +++ b/group_vars/netstat.yml.example @@ -8,6 +8,7 @@ users: - name: "{{ username }}" home: "/home/{{ username }}" +configure_extended_tcp_settings: false nginx_headers: "off" PROXY_PORT: "3000" NETSTATS_SERVER: "http://localhost:3000" \ No newline at end of file diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index e35a044..0d5a5a3 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -6,18 +6,10 @@ allow_bootnode_ssh: true allow_bootnode_p2p: true allow_bootnode_rpc: false -NODE_FULLNAME: "bootnode" -NODE_ADMIN_EMAIL: "" - -NETSTATS_SERVER: "" -NETSTATS_SECRET: "" - username: "bootnode" users: - name: "{{ username }}" home: "/home/{{ username }}" -nginx_headers: "on" -PROXY_PORT: "8545" bootnode_archive: "off" bootnode_orchestrator: "off" \ No newline at end of file diff --git a/roles/bootnode/tasks/main.yml b/roles/bootnode/tasks/main.yml index aeac1bf..75abe97 100644 --- a/roles/bootnode/tasks/main.yml +++ b/roles/bootnode/tasks/main.yml @@ -8,5 +8,9 @@ - name: Setup ufw firewall import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") + +- name: restart machine after setup + shell: shutdown -r 1 + when: reboot_after_completion == true #- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index f801bcc..c4d07ab 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -13,7 +13,6 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" -#explorerS_SERVER: "localhost" MAIN_REPO_FETCH: "poanetwork" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index 9b5c38c..5a92e63 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -43,3 +43,8 @@ - name: Setup ufw firewall import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") + +- name: restart machine after setup + shell: shutdown -r 1 + when: reboot_after_completion == true + diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index 4b29614..4b8c605 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -42,4 +42,8 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") \ No newline at end of file + when: not ansible_bios_version | search("amazon") + +- name: restart machine after setup + shell: shutdown -r 1 + when: reboot_after_completion == true \ No newline at end of file diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index c6417d8..ae732fb 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -46,4 +46,8 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") \ No newline at end of file + when: not ansible_bios_version | search("amazon") + +- name: restart machine after setup + shell: shutdown -r 1 + when: reboot_after_completion == true \ No newline at end of file diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 47ddf95..bd52006 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -85,3 +85,8 @@ - name: Ensure nginx is running and enabled to start at boot service: name=nginx state=started enabled=yes tags: nginx + +- name: executing vars.yml + import_playbook: vars.yml + when: configure_extended_tcp_settings == true + diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index 343ed19..4e92d21 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -40,3 +40,11 @@ - name: Install Payout task. template: src=transferRewardToPayoutKey.j2 dest=/etc/cron.hourly/transferRewardToPayoutKey owner=root group=root mode=0755 + +- name: Setup ufw firewall + import_tasks: ufw.yml + when: not ansible_bios_version | search("amazon") + +- name: restart machine after setup + shell: shutdown -r 1 + when: reboot_after_completion == true From 9d0f3b486233ed32cc53e105dd635136b9afbb6f Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Tue, 24 Apr 2018 17:26:53 +0300 Subject: [PATCH 17/71] Syntax fix (tab removing, default user variable renaming) --- group_vars/all.yml.network | 8 +++----- group_vars/bootnode.yml.example | 4 +++- group_vars/explorer.yml.example | 4 +++- group_vars/moc.yml.example | 4 +++- group_vars/netstat.yml.example | 4 +++- group_vars/validator.yml.example | 4 +++- roles/nginx/tasks/main.yml | 2 +- roles/poa-parity/defaults/main.yml | 2 +- 8 files changed, 20 insertions(+), 12 deletions(-) diff --git a/group_vars/all.yml.network b/group_vars/all.yml.network index a97b696..3d58193 100644 --- a/group_vars/all.yml.network +++ b/group_vars/all.yml.network @@ -1,5 +1,6 @@ --- -user: ubuntu +ansible_user: ubuntu + ansible_python_interpreter: /usr/bin/python3 ssh_root: @@ -22,7 +23,4 @@ GENESIS_BRANCH: "master" GENESIS_NETWORK_NAME: "PoA" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" -BLK_GAS_LIMIT: "6700000" - -ansible_ssh_port: 22 -reboot_after_completion: true \ No newline at end of file +BLK_GAS_LIMIT: "6700000" \ No newline at end of file diff --git a/group_vars/bootnode.yml.example b/group_vars/bootnode.yml.example index 66dab2b..34488cc 100644 --- a/group_vars/bootnode.yml.example +++ b/group_vars/bootnode.yml.example @@ -14,4 +14,6 @@ PROXY_PORT: "8545" configure_extended_tcp_settings: false bootnode_archive: "off" -bootnode_orchestrator: "off" \ No newline at end of file +bootnode_orchestrator: "off" + +reboot_after_completion: false \ No newline at end of file diff --git a/group_vars/explorer.yml.example b/group_vars/explorer.yml.example index e1734f8..511f156 100644 --- a/group_vars/explorer.yml.example +++ b/group_vars/explorer.yml.example @@ -5,4 +5,6 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" -configure_extended_tcp_settings: false \ No newline at end of file +configure_extended_tcp_settings: false + +reboot_after_completion: false \ No newline at end of file diff --git a/group_vars/moc.yml.example b/group_vars/moc.yml.example index f80c66c..a00276b 100644 --- a/group_vars/moc.yml.example +++ b/group_vars/moc.yml.example @@ -12,4 +12,6 @@ users: - name: "{{ username }}" home: "/home/{{ username }}" -moc_archive: "off" \ No newline at end of file +moc_archive: "off" + +reboot_after_completion: false \ No newline at end of file diff --git a/group_vars/netstat.yml.example b/group_vars/netstat.yml.example index 2f7ac3e..1e0adb5 100644 --- a/group_vars/netstat.yml.example +++ b/group_vars/netstat.yml.example @@ -11,4 +11,6 @@ home: "/home/{{ username }}" configure_extended_tcp_settings: false nginx_headers: "off" PROXY_PORT: "3000" -NETSTATS_SERVER: "http://localhost:3000" \ No newline at end of file +NETSTATS_SERVER: "http://localhost:3000" + +reboot_after_completion: false \ No newline at end of file diff --git a/group_vars/validator.yml.example b/group_vars/validator.yml.example index 07874a3..ddb4b5a 100644 --- a/group_vars/validator.yml.example +++ b/group_vars/validator.yml.example @@ -13,4 +13,6 @@ users: - name: "{{ username }}" home: "/home/{{ username }}" -validator_archive: "off" \ No newline at end of file +validator_archive: "off" + +reboot_after_completion: false \ No newline at end of file diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index bd52006..39b4f3f 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -87,6 +87,6 @@ tags: nginx - name: executing vars.yml - import_playbook: vars.yml + import_tasks: vars.yml when: configure_extended_tcp_settings == true diff --git a/roles/poa-parity/defaults/main.yml b/roles/poa-parity/defaults/main.yml index 559d9f8..2786b86 100644 --- a/roles/poa-parity/defaults/main.yml +++ b/roles/poa-parity/defaults/main.yml @@ -9,7 +9,7 @@ NODE_ADMIN_EMAIL: "default@example.com" NETSTATS_SERVER: "" NETSTATS_SECRET: "" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" - + validator_archive: "off" bootnode_archive: "off" moc_archive: "off" From 99b536855c7c58c95ff6da011df1f6b120f03d31 Mon Sep 17 00:00:00 2001 From: ykisialiou Date: Tue, 24 Apr 2018 17:53:08 +0300 Subject: [PATCH 18/71] Create debug-tools role --- group_vars/bootnode.yml.example | 4 +++- group_vars/explorer.yml.example | 3 ++- group_vars/moc.yml.example | 4 +++- group_vars/netstat.yml.example | 4 +++- group_vars/validator.yml.example | 4 +++- roles/bootnode/meta/main.yml | 3 ++- roles/debug-tools/main.yml | 23 +++++++++++++++++++++++ roles/explorer/meta/main.yml | 3 ++- roles/moc/meta/main.yml | 3 ++- roles/netstat/meta/main.yml | 3 ++- roles/preconf/tasks/packages.yml | 17 ----------------- roles/validator/meta/main.yml | 3 ++- 12 files changed, 47 insertions(+), 27 deletions(-) create mode 100644 roles/debug-tools/main.yml diff --git a/group_vars/bootnode.yml.example b/group_vars/bootnode.yml.example index bacb0a3..94be82c 100644 --- a/group_vars/bootnode.yml.example +++ b/group_vars/bootnode.yml.example @@ -12,4 +12,6 @@ nginx_headers: "on" PROXY_PORT: "8545" bootnode_archive: "off" -bootnode_orchestrator: "off" \ No newline at end of file +bootnode_orchestrator: "off" + +install_debug_tools: "yes" diff --git a/group_vars/explorer.yml.example b/group_vars/explorer.yml.example index 126dbc2..352f8f0 100644 --- a/group_vars/explorer.yml.example +++ b/group_vars/explorer.yml.example @@ -5,4 +5,5 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" -explorerS_SERVER: "localhost" \ No newline at end of file +explorerS_SERVER: "localhost" +install_debug_tools: "yes" diff --git a/group_vars/moc.yml.example b/group_vars/moc.yml.example index f80c66c..6b23654 100644 --- a/group_vars/moc.yml.example +++ b/group_vars/moc.yml.example @@ -12,4 +12,6 @@ users: - name: "{{ username }}" home: "/home/{{ username }}" -moc_archive: "off" \ No newline at end of file +moc_archive: "off" + +install_debug_tools: "yes" diff --git a/group_vars/netstat.yml.example b/group_vars/netstat.yml.example index a511ec3..201968c 100644 --- a/group_vars/netstat.yml.example +++ b/group_vars/netstat.yml.example @@ -10,4 +10,6 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" -NETSTATS_SERVER: "http://localhost:3000" \ No newline at end of file +NETSTATS_SERVER: "http://localhost:3000" + +install_debug_tools: "yes" diff --git a/group_vars/validator.yml.example b/group_vars/validator.yml.example index 07874a3..835e1f2 100644 --- a/group_vars/validator.yml.example +++ b/group_vars/validator.yml.example @@ -13,4 +13,6 @@ users: - name: "{{ username }}" home: "/home/{{ username }}" -validator_archive: "off" \ No newline at end of file +validator_archive: "off" + +install_debug_tools: "yes" diff --git a/roles/bootnode/meta/main.yml b/roles/bootnode/meta/main.yml index aaa6dc1..42d0d34 100644 --- a/roles/bootnode/meta/main.yml +++ b/roles/bootnode/meta/main.yml @@ -8,4 +8,5 @@ dependencies: - { role: poa-pm2 } - { role: poa-netstats } - { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" } - - { role: nginx } \ No newline at end of file + - { role: nginx } + - { role: debug-tools, when: "install_debug_tools == 'yes'" } diff --git a/roles/debug-tools/main.yml b/roles/debug-tools/main.yml new file mode 100644 index 0000000..45394ae --- /dev/null +++ b/roles/debug-tools/main.yml @@ -0,0 +1,23 @@ +--- +### Install debug packages + +- name: Install packages + apt: name={{ item }} state=present update_cache=yes + with_items: + - bc + - cloud-utils + - dstat + - htop + - iotop + - lbzip2 + - mc + - mtr + - net-tools + - nload + - pigz + - rsync + - screen + - sysstat + - tcpdump + - unzip + - zip diff --git a/roles/explorer/meta/main.yml b/roles/explorer/meta/main.yml index e42d9a3..24e0eae 100644 --- a/roles/explorer/meta/main.yml +++ b/roles/explorer/meta/main.yml @@ -5,4 +5,5 @@ dependencies: - { role: poa-logrotate } - { role: poa-parity } - { role: poa-pm2 } - - { role: nginx } \ No newline at end of file + - { role: nginx } + - { role: debug-tools, when: "install_debug_tools == 'yes'" } diff --git a/roles/moc/meta/main.yml b/roles/moc/meta/main.yml index 6589e8f..f784e47 100644 --- a/roles/moc/meta/main.yml +++ b/roles/moc/meta/main.yml @@ -5,4 +5,5 @@ dependencies: - { role: poa-logrotate } - { role: poa-parity } - { role: poa-pm2 } - - { role: poa-netstats } \ No newline at end of file + - { role: poa-netstats } + - { role: debug-tools, when: "install_debug_tools == 'yes'" } diff --git a/roles/netstat/meta/main.yml b/roles/netstat/meta/main.yml index c03c541..6e69125 100644 --- a/roles/netstat/meta/main.yml +++ b/roles/netstat/meta/main.yml @@ -3,4 +3,5 @@ dependencies: - { role: usermanager } - { role: nodejs } - { role: poa-logrotate } - - { role: nginx } \ No newline at end of file + - { role: nginx } + - { role: debug-tools, when: "install_debug_tools == 'yes'" } diff --git a/roles/preconf/tasks/packages.yml b/roles/preconf/tasks/packages.yml index f1c94eb..46fd384 100644 --- a/roles/preconf/tasks/packages.yml +++ b/roles/preconf/tasks/packages.yml @@ -2,25 +2,8 @@ - name: Install packages apt: name={{ item }} state=present update_cache=yes with_items: - - bc - haveged - - rsync - - iotop - - dstat - - sysstat - - htop - - lbzip2 - - pigz - - unzip - - zip - - mtr - - tcpdump - openssh-client - sudo - - mc - - net-tools - - screen - git - - cloud-utils - build-essential - - nload diff --git a/roles/validator/meta/main.yml b/roles/validator/meta/main.yml index 6589e8f..edf62c2 100644 --- a/roles/validator/meta/main.yml +++ b/roles/validator/meta/main.yml @@ -5,4 +5,5 @@ dependencies: - { role: poa-logrotate } - { role: poa-parity } - { role: poa-pm2 } - - { role: poa-netstats } \ No newline at end of file + - { role: poa-netstats } + - { role: debug-tools, when: "install_debug_tools == 'yes'" } From ae16af474d1aa69c94391b8c00e133f0d86e829f Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 13:53:02 +0300 Subject: [PATCH 19/71] Hotfixes (syntax mostly) for previous commits --- aws/group_vars/all.yml.example | 57 ++++++++++++++++++++++++++- aws/group_vars/bootnode.yml.example | 11 ------ aws/group_vars/explorer.yml.example | 9 ----- aws/group_vars/moc.yml.example | 5 --- aws/group_vars/netstat.yml.example | 5 --- aws/group_vars/validator.yml.example | 6 --- roles/bootnode/meta/main.yml | 2 +- roles/explorer/meta/main.yml | 2 +- roles/moc/meta/main.yml | 2 +- roles/netstat/meta/main.yml | 2 +- roles/poa-logrotate/defaults/main.yml | 2 +- roles/poa-pm2/defaults/main.yml | 2 +- roles/preconf/tasks/keys.yml | 1 + roles/preconf/tasks/logs.yml | 1 + roles/preconf/tasks/spec.yml | 1 + roles/preconf/tasks/swap.yml | 1 + roles/validator/meta/main.yml | 2 +- roles/validator/tasks/main.yml | 2 +- 18 files changed, 68 insertions(+), 45 deletions(-) delete mode 100644 aws/group_vars/bootnode.yml.example delete mode 100644 aws/group_vars/explorer.yml.example delete mode 100644 aws/group_vars/moc.yml.example delete mode 100644 aws/group_vars/netstat.yml.example delete mode 100644 aws/group_vars/validator.yml.example diff --git a/aws/group_vars/all.yml.example b/aws/group_vars/all.yml.example index e61dd1c..680215d 100644 --- a/aws/group_vars/all.yml.example +++ b/aws/group_vars/all.yml.example @@ -4,4 +4,59 @@ secret_key: "INSERT SECRET HERE" awskeypair_name: "keypairname" image: "ami-0b383171" region: "us-east-1" -vpc_subnet_id: "subnet-ID-number" \ No newline at end of file +vpc_subnet_id: "subnet-ID-number" + +MAIN_REPO_FETCH: "poanetwork" +GENESIS_BRANCH: "master" + +###Bootnode + +bootnode_instance_type: "t2.large" +bootnode_instance_name: "bootnode" +bootnode_count_instances: "1" + +bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security" + +associate_bootnode_elastic_ip: false + +allow_bootnode_ssh: true +allow_bootnode_p2p: true +allow_bootnode_rpc: false + +###Explorer + +explorer_instance_type: "t2.large" +explorer_instance_name: "explorer" +explorer_count_instances: "1" + +explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security" + +allow_explorer_ssh: true +allow_explorer_p2p: true +allow_explorer_http: true + + +###Moc + +moc_instance_type: "t2.large" +moc_instance_name: "moc" +moc_count_instances: "1" + +moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security" + +###Netstat + +netstat_instance_type: "t2.large" +netstat_instance_name: "netstat" +netstat_count_instances: "1" + +netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security" + +###Validator + +validator_instance_type: "t2.large" +validator_instance_name: "validator" +validator_count_instances: "1" + +validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security" +associate_validator_elastic_ip: false diff --git a/aws/group_vars/bootnode.yml.example b/aws/group_vars/bootnode.yml.example deleted file mode 100644 index 51acc15..0000000 --- a/aws/group_vars/bootnode.yml.example +++ /dev/null @@ -1,11 +0,0 @@ -bootnode_instance_type: "t2.large" -bootnode_instance_name: "bootnode" -bootnode_count_instances: "1" - -bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security" - -associate_bootnode_elastic_ip: false - -allow_bootnode_ssh: true -allow_bootnode_p2p: true -allow_bootnode_rpc: false diff --git a/aws/group_vars/explorer.yml.example b/aws/group_vars/explorer.yml.example deleted file mode 100644 index d081fa9..0000000 --- a/aws/group_vars/explorer.yml.example +++ /dev/null @@ -1,9 +0,0 @@ -explorer_instance_type: "t2.large" -explorer_instance_name: "explorer" -explorer_count_instances: "1" - -explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security" - -allow_explorer_ssh: true -allow_explorer_p2p: true -allow_explorer_http: true diff --git a/aws/group_vars/moc.yml.example b/aws/group_vars/moc.yml.example deleted file mode 100644 index cae0c05..0000000 --- a/aws/group_vars/moc.yml.example +++ /dev/null @@ -1,5 +0,0 @@ -moc_instance_type: "t2.large" -moc_instance_name: "moc" -moc_count_instances: "1" - -moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security" diff --git a/aws/group_vars/netstat.yml.example b/aws/group_vars/netstat.yml.example deleted file mode 100644 index 5327c8a..0000000 --- a/aws/group_vars/netstat.yml.example +++ /dev/null @@ -1,5 +0,0 @@ -netstat_instance_type: "t2.large" -netstat_instance_name: "netstat" -netstat_count_instances: "1" - -netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security" diff --git a/aws/group_vars/validator.yml.example b/aws/group_vars/validator.yml.example deleted file mode 100644 index 00efc92..0000000 --- a/aws/group_vars/validator.yml.example +++ /dev/null @@ -1,6 +0,0 @@ -validator_instance_type: "t2.large" -validator_instance_name: "validator" -validator_count_instances: "1" - -validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security" -associate_validator_elastic_ip: false diff --git a/roles/bootnode/meta/main.yml b/roles/bootnode/meta/main.yml index 9369e1f..165cfd0 100644 --- a/roles/bootnode/meta/main.yml +++ b/roles/bootnode/meta/main.yml @@ -1,6 +1,6 @@ dependencies: - - { role: preconf } - { role: usermanager } + - { role: preconf } - { role: nodejs } - { role: poa-logrotate } - { role: poa-parity } diff --git a/roles/explorer/meta/main.yml b/roles/explorer/meta/main.yml index e42d9a3..5435d38 100644 --- a/roles/explorer/meta/main.yml +++ b/roles/explorer/meta/main.yml @@ -1,6 +1,6 @@ dependencies: - - { role: preconf } - { role: usermanager } + - { role: preconf } - { role: nodejs } - { role: poa-logrotate } - { role: poa-parity } diff --git a/roles/moc/meta/main.yml b/roles/moc/meta/main.yml index 6589e8f..dfa82fd 100644 --- a/roles/moc/meta/main.yml +++ b/roles/moc/meta/main.yml @@ -1,6 +1,6 @@ dependencies: - - { role: preconf } - { role: usermanager } + - { role: preconf } - { role: nodejs } - { role: poa-logrotate } - { role: poa-parity } diff --git a/roles/netstat/meta/main.yml b/roles/netstat/meta/main.yml index c03c541..ef7e779 100644 --- a/roles/netstat/meta/main.yml +++ b/roles/netstat/meta/main.yml @@ -1,6 +1,6 @@ dependencies: - - { role: preconf } - { role: usermanager } + - { role: preconf } - { role: nodejs } - { role: poa-logrotate } - { role: nginx } \ No newline at end of file diff --git a/roles/poa-logrotate/defaults/main.yml b/roles/poa-logrotate/defaults/main.yml index 970ee65..a31477d 100644 --- a/roles/poa-logrotate/defaults/main.yml +++ b/roles/poa-logrotate/defaults/main.yml @@ -1,4 +1,4 @@ -username: "bootnode" +username: "poa" users: - name: "{{ username }}" home: "/home/{{ username }}" \ No newline at end of file diff --git a/roles/poa-pm2/defaults/main.yml b/roles/poa-pm2/defaults/main.yml index 971f51c..d781fcc 100644 --- a/roles/poa-pm2/defaults/main.yml +++ b/roles/poa-pm2/defaults/main.yml @@ -1,6 +1,6 @@ --- -username: "bootnode" +username: "poa" users: - name: "{{ username }}" home: "/home/{{ username }}" diff --git a/roles/preconf/tasks/keys.yml b/roles/preconf/tasks/keys.yml index 30709b6..b023c11 100644 --- a/roles/preconf/tasks/keys.yml +++ b/roles/preconf/tasks/keys.yml @@ -1,3 +1,4 @@ +--- - name: Create directory parity_data/keys/NetworkName file: path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}" diff --git a/roles/preconf/tasks/logs.yml b/roles/preconf/tasks/logs.yml index 2db375e..5293a59 100644 --- a/roles/preconf/tasks/logs.yml +++ b/roles/preconf/tasks/logs.yml @@ -1,3 +1,4 @@ +--- - name: Create logs directories file: path: "/{{ home }}/logs/old" diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index 419beeb..59c95fd 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,3 +1,4 @@ +--- - name: Download spec.json get_url: url={{ item }} dest={{ home }}/ mode=0644 with_items: diff --git a/roles/preconf/tasks/swap.yml b/roles/preconf/tasks/swap.yml index 2fe7f46..ba32d77 100644 --- a/roles/preconf/tasks/swap.yml +++ b/roles/preconf/tasks/swap.yml @@ -1,3 +1,4 @@ +--- - name: Check if swap file exists stat: path: /swapfile diff --git a/roles/validator/meta/main.yml b/roles/validator/meta/main.yml index 6589e8f..dfa82fd 100644 --- a/roles/validator/meta/main.yml +++ b/roles/validator/meta/main.yml @@ -1,6 +1,6 @@ dependencies: - - { role: preconf } - { role: usermanager } + - { role: preconf } - { role: nodejs } - { role: poa-logrotate } - { role: poa-parity } diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index 4e92d21..c2d9d19 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 + template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 with_items: - node.toml From f4957d040d97f4475ca8876b1cc8694b440645d2 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 13:53:37 +0300 Subject: [PATCH 20/71] #118. Single point of configuration in all.yml.example --- group_vars/all.yml.example | 180 ++++++++++++++++++++++++++++++++----- 1 file changed, 157 insertions(+), 23 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 31a93a2..bc45207 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -2,40 +2,174 @@ ### Values set in this file are used for illustration only. ### ### To connect to an actual network, please follow instructions provided to you -### on how to generate a valid `group_vars/all` file for the network. +### on how to generate a valid `group_vars/` files for the network. ### --- -user: ubuntu ### can be changed to centos or other if needed -ssh_root: - - "{{ lookup('file', 'files/admins.pub') }}" -NODE_FULLNAME: "INSERT NODENAME" -NODE_ADMIN_EMAIL: "INSERT@EMAIL" +###The following variables are network-wide. They should be kept at all.yml file. -NETSTATS_SERVER: "INSERT SERVERNAME" -NETSTATS_SECRET: "INSERT SECRET" +#Block gas limit +BLK_GAS_LIMIT: "6700000" -MINING_KEYFILE: "INSERT HERE" -MINING_ADDRESS: "INSERT HERE" -MINING_KEYPASS: "INSERT HERE" - -MAIN_REPO_FETCH: "poanetwork" +#github branch that store genesis file (aka genesis.json, spec.json, chain.json, ...) GENESIS_BRANCH: "master" + +#NetworkName as specified in genesis file GENESIS_NETWORK_NAME: "PoANetwork" -MOC_ADDRESS: "INSERT HERE" -MOC_KEYPASS: "INSERT HERE" -MOC_KEYFILE: "INSERT HERE" +#github account from which all repositories will be downloaded +MAIN_REPO_FETCH: "poanetwork" +#Hex-encoded address, including 0x prefix. For moc role it is used as mining key, for other nodes is used in other scripts. +MOC_ADDRESS: "INSERT HERE" + +#name of the file to store password. Should not be changed +NODE_PWD: "node.pwd" + +#url of the nodejs deb package to use, most importantly - version number +NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x" + +#url and sha256 checksum of the parity-orchestrator binary file +ORCHESTRATOR_BIN_LOC: "" +ORCHESTRATOR_BIN_SHA256: "" + +#url and sha256 checksum of the parity binary file +PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" +PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" + +#branch of poa-scripts-moc and poa-scripts-validator to use SCRIPTS_MOC_BRANCH: "master" SCRIPTS_VALIDATOR_BRANCH: "master" -BLK_GAS_LIMIT: "6700000" -NODE_PWD: "node.pwd" -NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x" -PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" -PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" -ORCHESTRATOR_BIN_LOC: "" -ORCHESTRATOR_BIN_SHA256: "" \ No newline at end of file + +###The following variables are node-specific. They should be kept in group_vars/.yml set of files. Alternatively they can be specifed at /vars/main.yml file. + +##These variables are used in each role and usually propagated to the dependent roles. By default they are different for each role and it's highly recommended not to use single for multiple roles, escpecially when they are installed on the same machine. + +#Which user will be used to connect to VMs +ansible_user: ubuntu + +#User's name and directory, which will be used to execute role from. +#username: "" +#users: +# - name: "{{ username }}" +#home: "/home/{{ username }}" + +#Node's descriptive name +#NODE_FULLNAME: "INSERT NODENAME" + +#Node owner's email +#NODE_ADMIN_EMAIL: "INSERT@EMAIL" + +#If this variable is set to "True" all the VMs will be rebooted after setup. +reboot_after_completion: false + + +##Bootnode-related variables. + +#Specifies whether or not to keep port 22 opened to allow ssh access +allow_bootnode_ssh: true +#Specifies whether or not to keep port 30303 opened to allow peer discovery +allow_bootnode_p2p: true +#Specifies whether or not to keep port 8545 opened to allow rpc on this port +allow_bootnode_rpc: false + +#Specifies whether or not this node should be created with additional parameters to work as archive +bootnode_archive: "off" +#Specifies whether or not parity-orchestrator should be installed on this node and parity configured to use whisper +bootnode_orchestrator: "off" + + +##Explorer-related variables + +#Specifies whether or not to keep port 22 opened to allow ssh access +allow_explorer_ssh: true +#Specifies whether or not to keep port 30303 opened to allow peer discovery +allow_explorer_p2p: true +#Specifies whether or not to keep port 8545 opened to allow rpc on this port +allow_explorer_http: true + +#Explicitly specifies the explorer version to use +explorer_version: "acee07c" + + +##Moc-related variables + +#Specifies whether or not this node should be created with additional parameters to work as archive +moc_archive: "off" + + +##Netstat-related variables + + +##Validator-related variables + +#Specifies whether or not to keep port 22 opened to allow ssh access +allow_validator_ssh: true +#Specifies whether or not to keep port 30303 opened to allow peer discovery +allow_validator_p2p: true + +#Specifies whether or not this node should be created with additional parameters to work as archive +validator_archive: "off" + + +##Nginx-related variables (subrole) + +#If this variable is set to true script will modify sysctl.conf and configure additional tcp settings. +configure_extended_tcp_settings: false +#Setup extended nginx headers. Used in bootnode, explorer and netstat roles. +nginx_headers: "on" +#Setup which proxy port should be used in nginx. Used in bootnode, explorer and netstat roles. +PROXY_PORT: "8545" + + +##poa-netstats-related variables (subrole) + +#Explicitly specified api version to use +api_version: "9773b5b" + + +##poa-parity-related variables (subrole) + +#This variables are intended to be set up if you want to run sub role explicitly. +#validator_archive: "off" +#bootnode_archive: "off" +#moc_archive: "off" +#bootnode_orchestrator: "off" + + + +###Those variables are intended to be specified by users. They don't have any reasonable defaults. Those variables should be specified at group_vars/ folder or at /vars/main.yml. + +#Specifies the SSH public key file, that will be added to remote 'root' user as an authorized key +#ssh_root: +# - "{{ lookup('file', 'files/admins.pub') }}" + +#Validator's mining keyfile content (json string) +#MINING_KEYFILE: "INSERT HERE" + +#Validator's mining key address +#MINING_ADDRESS: "INSERT HERE" + +#Validator's mining key password +#MINING_KEYPASS: "INSERT HERE" + +#Master of Ceremony's account password +#MOC_KEYPASS: "INSERT HERE" + +#Master of Ceremony's account keyfile +#MOC_KEYFILE: "INSERT HERE" + +#Secret code to join netstats. Important: For netstats role this option sets the password of the netstats. Master of Ceremony later provides it to other nodes. +#NETSTATS_SECRET: "INSERT HERE" + +#URL of netstats server. Should be provided to users by Master of Ceremony +#NETSTATS_SERVER: "INSERT HERE" + +#Node owner's email. Publicly visible in netstats +#NODE_ADMIN_EMAIL: "INSERT HERE" + +#Node's descriptive name. Publicly visible in netstats +#NODE_FULLNAME: "INSERT HERE" \ No newline at end of file From fa0078d1e90fdd527e246eb4512551fc9eec2617 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 13:55:09 +0300 Subject: [PATCH 21/71] #110. Now all the /home/files will be created with correct ownership --- roles/explorer/tasks/main.yml | 2 +- roles/moc/tasks/main.yml | 2 +- roles/netstat/tasks/main.yml | 2 +- roles/poa-logrotate/tasks/main.yml | 2 +- roles/poa-orchestrator/tasks/main.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index 5a92e63..b5077ae 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 + template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 with_items: - node.toml diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index 4b8c605..e4cc34e 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 + template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 with_items: - node.toml diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index ae732fb..71d8da9 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -37,7 +37,7 @@ - restart poa-dashboard - name: Install poa-dashboard service - template: src=poa-dashboard.j2 dest=/etc/systemd/system/poa-dashboard.service owner=root group=root mode=0755 + template: src=poa-dashboard.j2 dest=/etc/systemd/system/poa-dashboard.service owner={{ username }} group={{ username }} mode=0755 notify: - restart poa-dashboard diff --git a/roles/poa-logrotate/tasks/main.yml b/roles/poa-logrotate/tasks/main.yml index b3f1e19..2fae26f 100644 --- a/roles/poa-logrotate/tasks/main.yml +++ b/roles/poa-logrotate/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install poa-logrotate conf - template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner=root group=root mode=0644 + template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner={{ username }} group={{ username }} mode=0644 - name: Install poa-logrotate cron template: src=poa-logrotate.j2 dest=/etc/cron.hourly/poa-logrotate owner=root group=root mode=0755 diff --git a/roles/poa-orchestrator/tasks/main.yml b/roles/poa-orchestrator/tasks/main.yml index 57f5233..55bef29 100644 --- a/roles/poa-orchestrator/tasks/main.yml +++ b/roles/poa-orchestrator/tasks/main.yml @@ -5,7 +5,7 @@ - restart poa-orchestrator - name: Create parity-orchestrator.toml - template: src=parity-orchestrator.toml.j2 dest={{ home }}/parity-orchestrator.toml owner=root group=root mode=0644 + template: src=parity-orchestrator.toml.j2 dest={{ home }}/parity-orchestrator.toml owner={{ username }} group={{ username }} mode=0644 - name: Install poa-orchestrator service template: src=poa-orchestrator.j2 dest=/etc/systemd/system/poa-orchestrator.service owner=root group=root mode=0755 From 8a53ced0c0e5eec48a24e0ca5c5993fa9d313bb6 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 13:55:29 +0300 Subject: [PATCH 22/71] #124 Workaround for #24862 ansible issue created --- roles/usermanager/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/usermanager/tasks/main.yml b/roles/usermanager/tasks/main.yml index e0d0ced..acbb9e3 100644 --- a/roles/usermanager/tasks/main.yml +++ b/roles/usermanager/tasks/main.yml @@ -2,6 +2,10 @@ - name: Create users user: name={{ item.name }} groups={{ item.addgroups | default('') }} shell=/bin/bash append=yes with_items: "{{ users }}" + +#Temporary directive created to workaround #24862 ansible issue +- name: Setup permission + file: path={{ home }} group={{ username }} owner={{ username }} recurse=yes state=directory - include_tasks: nested_authorized_key.yml with_items: "{{ users }}" From ec80c638c1c5eebbcaf25eed674ce8b34cf54cba Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 13:56:20 +0300 Subject: [PATCH 23/71] #120 Since new variable were added it should be specified in nginx defaults too. --- roles/nginx/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml index 8898e57..cd261be 100644 --- a/roles/nginx/defaults/main.yml +++ b/roles/nginx/defaults/main.yml @@ -1,3 +1,4 @@ --- -PROXY_PORT: 3000 \ No newline at end of file +PROXY_PORT: 3000 +configure_extended_tcp_settings: true \ No newline at end of file From 2e5dcc3f93d98d0adb916a50179eabdbb900087a Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 14:00:25 +0300 Subject: [PATCH 24/71] One more file for #110 issue --- roles/bootnode/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/bootnode/tasks/main.yml b/roles/bootnode/tasks/main.yml index 75abe97..68c4602 100644 --- a/roles/bootnode/tasks/main.yml +++ b/roles/bootnode/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644 + template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 with_items: - node.toml From 32562694f80f91f4d00b5b7d336cd6afecfa44d3 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 14:35:09 +0300 Subject: [PATCH 25/71] 3rd fix for ownership permissions --- roles/poa-parity/tasks/main.yml | 2 +- roles/preconf/tasks/spec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/poa-parity/tasks/main.yml b/roles/poa-parity/tasks/main.yml index b20028e..f76f8e7 100644 --- a/roles/poa-parity/tasks/main.yml +++ b/roles/poa-parity/tasks/main.yml @@ -16,7 +16,7 @@ group: "{{ username }}" - name: Download parity-bin - get_url: url="{{ PARITY_BIN_LOC }}" dest={{ home }}/parity mode=0755 checksum="sha256:{{ PARITY_BIN_SHA256 }}" + get_url: url="{{ PARITY_BIN_LOC }}" dest={{ home }}/parity mode=0755 group={{ username }} owner={{ username }} checksum="sha256:{{ PARITY_BIN_SHA256 }}" notify: - restart poa-parity diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index 59c95fd..172df18 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,6 +1,6 @@ --- - name: Download spec.json - get_url: url={{ item }} dest={{ home }}/ mode=0644 + get_url: url={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} with_items: - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" \ No newline at end of file From e1adfd6f232b56f8333d472eee9c10a9c016b073 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 26 Apr 2018 20:10:32 +0300 Subject: [PATCH 26/71] Removing hosts.example and removing hosts key duplication As part of the minor fixes for #117 PR --- aws/bootnode.yml | 1 - aws/explorer.yml | 1 - aws/hosts.example | 26 -------------------------- aws/moc.yml | 1 - aws/netstat.yml | 1 - aws/validator.yml | 1 - 6 files changed, 31 deletions(-) delete mode 100644 aws/hosts.example diff --git a/aws/bootnode.yml b/aws/bootnode.yml index 3c6c89c..69ebe67 100644 --- a/aws/bootnode.yml +++ b/aws/bootnode.yml @@ -60,7 +60,6 @@ tags: bootnode - name: Installing python - hosts: all hosts: launched gather_facts: False user: ubuntu diff --git a/aws/explorer.yml b/aws/explorer.yml index 8603907..0372ef4 100644 --- a/aws/explorer.yml +++ b/aws/explorer.yml @@ -60,7 +60,6 @@ tags: explorer - name: Installing python - hosts: all hosts: launched gather_facts: False user: ubuntu diff --git a/aws/hosts.example b/aws/hosts.example deleted file mode 100644 index 5c02a56..0000000 --- a/aws/hosts.example +++ /dev/null @@ -1,26 +0,0 @@ -# This is the default ansible 'hosts' file. -# -# It should live in /etc/ansible/hosts -# -# - Comments begin with the '#' character -# - Blank lines are ignored -# - Groups of hosts are delimited by [header] elements -# - You can enter hostnames or ip addresses -# - A hostname/ip can be a member of multiple groups - -[bootnode] - -[moc] - -[netstat] - -[validator] - -[explorer] - -[poa:children] -bootnode -moc -netstat -validator -explorer \ No newline at end of file diff --git a/aws/moc.yml b/aws/moc.yml index d4b09d3..4dc70db 100644 --- a/aws/moc.yml +++ b/aws/moc.yml @@ -60,7 +60,6 @@ tags: moc - name: Installing python - hosts: all hosts: launched gather_facts: False user: ubuntu diff --git a/aws/netstat.yml b/aws/netstat.yml index b519570..683a5d0 100644 --- a/aws/netstat.yml +++ b/aws/netstat.yml @@ -60,7 +60,6 @@ tags: netstat - name: Installing python - hosts: all hosts: launched gather_facts: False user: ubuntu diff --git a/aws/validator.yml b/aws/validator.yml index b191305..05add6e 100644 --- a/aws/validator.yml +++ b/aws/validator.yml @@ -60,7 +60,6 @@ tags: validator - name: Installing python - hosts: all hosts: launched gather_facts: False user: ubuntu From f52575b8ac6cb859bf680f270a29d2ce409af359 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 27 Apr 2018 17:28:56 +0300 Subject: [PATCH 27/71] Fix #126 --- aws/bootnode.yml | 1 + aws/explorer.yml | 1 + aws/moc.yml | 1 + aws/netstat.yml | 1 + aws/validator.yml | 1 + 5 files changed, 5 insertions(+) diff --git a/aws/bootnode.yml b/aws/bootnode.yml index 69ebe67..19cef67 100644 --- a/aws/bootnode.yml +++ b/aws/bootnode.yml @@ -36,6 +36,7 @@ tasks: - name: Launch instance ec2: + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/explorer.yml b/aws/explorer.yml index 0372ef4..15dbe06 100644 --- a/aws/explorer.yml +++ b/aws/explorer.yml @@ -36,6 +36,7 @@ tasks: - name: Launch instance ec2: + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/moc.yml b/aws/moc.yml index 4dc70db..40fc0d1 100644 --- a/aws/moc.yml +++ b/aws/moc.yml @@ -36,6 +36,7 @@ tasks: - name: Launch instance ec2: + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/netstat.yml b/aws/netstat.yml index 683a5d0..bc66e58 100644 --- a/aws/netstat.yml +++ b/aws/netstat.yml @@ -36,6 +36,7 @@ tasks: - name: Launch instance ec2: + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/validator.yml b/aws/validator.yml index 05add6e..093829e 100644 --- a/aws/validator.yml +++ b/aws/validator.yml @@ -36,6 +36,7 @@ tasks: - name: Launch instance ec2: + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" From adb6d57687ee69a443421e145aa40e2a66bf869f Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 27 Apr 2018 17:31:16 +0300 Subject: [PATCH 28/71] Deleting tabs --- aws/explorer.yml | 2 +- aws/moc.yml | 2 +- aws/netstat.yml | 2 +- aws/validator.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/explorer.yml b/aws/explorer.yml index 15dbe06..5e1cff6 100644 --- a/aws/explorer.yml +++ b/aws/explorer.yml @@ -36,7 +36,7 @@ tasks: - name: Launch instance ec2: - id: "{{ bootnode_instance_name }}" + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/moc.yml b/aws/moc.yml index 40fc0d1..08792c7 100644 --- a/aws/moc.yml +++ b/aws/moc.yml @@ -36,7 +36,7 @@ tasks: - name: Launch instance ec2: - id: "{{ bootnode_instance_name }}" + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/netstat.yml b/aws/netstat.yml index bc66e58..af849fd 100644 --- a/aws/netstat.yml +++ b/aws/netstat.yml @@ -36,7 +36,7 @@ tasks: - name: Launch instance ec2: - id: "{{ bootnode_instance_name }}" + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" diff --git a/aws/validator.yml b/aws/validator.yml index 093829e..e8bd097 100644 --- a/aws/validator.yml +++ b/aws/validator.yml @@ -36,7 +36,7 @@ tasks: - name: Launch instance ec2: - id: "{{ bootnode_instance_name }}" + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" From 8d35728f4a8eb93714e051c55b92876c2535bf68 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 27 Apr 2018 17:31:56 +0300 Subject: [PATCH 29/71] Deleting more tabs --- aws/bootnode.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/bootnode.yml b/aws/bootnode.yml index 19cef67..9ad8c2b 100644 --- a/aws/bootnode.yml +++ b/aws/bootnode.yml @@ -36,7 +36,7 @@ tasks: - name: Launch instance ec2: - id: "{{ bootnode_instance_name }}" + id: "{{ bootnode_instance_name }}" ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" From 7316cc33bb9d4f460392a2de7894da4adf6a8560 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 27 Apr 2018 17:49:04 +0300 Subject: [PATCH 30/71] #126 update Skipping waiting for ssh for already launched instances. --- aws/bootnode.yml | 1 + aws/explorer.yml | 3 ++- aws/moc.yml | 1 + aws/netstat.yml | 1 + aws/validator.yml | 1 + 5 files changed, 6 insertions(+), 1 deletion(-) diff --git a/aws/bootnode.yml b/aws/bootnode.yml index 9ad8c2b..78ceeee 100644 --- a/aws/bootnode.yml +++ b/aws/bootnode.yml @@ -58,6 +58,7 @@ - name: Wait for SSH to come up wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started with_items: "{{ ec2.instances }}" + when: ec2.changed tags: bootnode - name: Installing python diff --git a/aws/explorer.yml b/aws/explorer.yml index 5e1cff6..b9dab79 100644 --- a/aws/explorer.yml +++ b/aws/explorer.yml @@ -58,7 +58,8 @@ - name: Wait for SSH to come up wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started with_items: "{{ ec2.instances }}" - tags: explorer + when: ec2.changed +tags: explorer - name: Installing python hosts: launched diff --git a/aws/moc.yml b/aws/moc.yml index 08792c7..56c06f7 100644 --- a/aws/moc.yml +++ b/aws/moc.yml @@ -58,6 +58,7 @@ - name: Wait for SSH to come up wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started with_items: "{{ ec2.instances }}" + when: ec2.changed tags: moc - name: Installing python diff --git a/aws/netstat.yml b/aws/netstat.yml index af849fd..117c72c 100644 --- a/aws/netstat.yml +++ b/aws/netstat.yml @@ -58,6 +58,7 @@ - name: Wait for SSH to come up wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started with_items: "{{ ec2.instances }}" + when: ec2.changed tags: netstat - name: Installing python diff --git a/aws/validator.yml b/aws/validator.yml index e8bd097..31cd21e 100644 --- a/aws/validator.yml +++ b/aws/validator.yml @@ -58,6 +58,7 @@ - name: Wait for SSH to come up wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started with_items: "{{ ec2.instances }}" + when: ec2.changed tags: validator - name: Installing python From 5d1f0473afafd32eb3c7661989cad2a3f9cd7b07 Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Tue, 1 May 2018 20:46:27 +0300 Subject: [PATCH 31/71] Removing unnecessary templates #132 fix --- roles/poa-parity/templates/app.json.j2 | 26 ------------------- .../templates/app_chain_explorer.json.j2 | 19 -------------- roles/poa-parity/templates/config.js.j2 | 12 --------- .../templates/poa-chain-explorer.j2 | 12 --------- roles/poa-parity/templates/poa-dashboard.j2 | 11 -------- .../templates/poa-logrotate.conf.j2 | 20 -------------- roles/poa-parity/templates/poa-logrotate.j2 | 2 -- roles/poa-parity/templates/poa-netstats.j2 | 12 --------- roles/poa-parity/templates/poa-pm2.j2 | 12 --------- 9 files changed, 126 deletions(-) delete mode 100644 roles/poa-parity/templates/app.json.j2 delete mode 100644 roles/poa-parity/templates/app_chain_explorer.json.j2 delete mode 100644 roles/poa-parity/templates/config.js.j2 delete mode 100644 roles/poa-parity/templates/poa-chain-explorer.j2 delete mode 100644 roles/poa-parity/templates/poa-dashboard.j2 delete mode 100644 roles/poa-parity/templates/poa-logrotate.conf.j2 delete mode 100644 roles/poa-parity/templates/poa-logrotate.j2 delete mode 100644 roles/poa-parity/templates/poa-netstats.j2 delete mode 100644 roles/poa-parity/templates/poa-pm2.j2 diff --git a/roles/poa-parity/templates/app.json.j2 b/roles/poa-parity/templates/app.json.j2 deleted file mode 100644 index 1182744..0000000 --- a/roles/poa-parity/templates/app.json.j2 +++ /dev/null @@ -1,26 +0,0 @@ -[ - { - "name" : "netstats_daemon", - "script" : "app.js", - "log_date_format" : "YYYY-MM-DD HH:mm:SS Z", - "error_file" : "{{ home }}/logs/netstats_daemon.err", - "out_file" : "{{ home }}/logs/netstats_daemon.out", - "merge_logs" : false, - "watch" : false, - "max_restarts" : 100, - "exec_interpreter" : "node", - "exec_mode" : "fork_mode", - "env": - { - "NODE_ENV" : "production", - "RPC_HOST" : "localhost", - "RPC_PORT" : "8545", - "LISTENING_PORT" : "30303", - "INSTANCE_NAME" : "{{ NODE_FULLNAME }}", - "CONTACT_DETAILS" : "{{ NODE_ADMIN_EMAIL }}", - "WS_SERVER" : "{{ NETSTATS_SERVER }}", - "WS_SECRET" : "{{ NETSTATS_SECRET }}", - "VERBOSITY" : 2 - } - } -] diff --git a/roles/poa-parity/templates/app_chain_explorer.json.j2 b/roles/poa-parity/templates/app_chain_explorer.json.j2 deleted file mode 100644 index 5b6c957..0000000 --- a/roles/poa-parity/templates/app_chain_explorer.json.j2 +++ /dev/null @@ -1,19 +0,0 @@ -[ - { - "name" : "explorer", - "script" : "./bin/www", - "log_date_format" : "YYYY-MM-DD HH:mm:SS Z", - "error_file" : "{{ home }}/logs/explorer.err", - "out_file" : "{{ home }}/logs/explorer.out", - "merge_logs" : false, - "watch" : false, - "max_restarts" : 100, - "exec_interpreter" : "node", - "exec_mode" : "fork_mode", - "env": - { - "NODE_ENV" : "production", - "PORT" : 4000, - } - } -] diff --git a/roles/poa-parity/templates/config.js.j2 b/roles/poa-parity/templates/config.js.j2 deleted file mode 100644 index 1f620e4..0000000 --- a/roles/poa-parity/templates/config.js.j2 +++ /dev/null @@ -1,12 +0,0 @@ -var web3 = require('web3'); -var net = require('net'); -var config = function () { - this.logFormat = "combined"; - this.ipcPath = "{{ home }}/parity_data/jsonrpc.ipc"; - this.provider = new web3.providers.IpcProvider(this.ipcPath, net); - this.bootstrapUrl = "https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/yeti/bootstrap.min.css"; - this.names = { - "{{ MOC_ADDRESS }}": "Owner", - }; -} -module.exports = config; diff --git a/roles/poa-parity/templates/poa-chain-explorer.j2 b/roles/poa-parity/templates/poa-chain-explorer.j2 deleted file mode 100644 index 0377e36..0000000 --- a/roles/poa-parity/templates/poa-chain-explorer.j2 +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=poa chain explorer service -After=poa-pm2.service -[Service] -Type=oneshot -RemainAfterExit=true -User={{ username }} -Group={{ username }} -WorkingDirectory={{ home }}/chain-explorer -ExecStart=/usr/bin/pm2 startOrRestart app.json -[Install] -WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/poa-dashboard.j2 b/roles/poa-parity/templates/poa-dashboard.j2 deleted file mode 100644 index cc64227..0000000 --- a/roles/poa-parity/templates/poa-dashboard.j2 +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=poa dashboard service -After=network.target -[Service] -User={{ username }} -Group={{ username }} -WorkingDirectory={{ home }}/eth-netstats -Restart=always -ExecStart=/usr/bin/npm start -[Install] -WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/poa-logrotate.conf.j2 b/roles/poa-parity/templates/poa-logrotate.conf.j2 deleted file mode 100644 index 1ec5e3b..0000000 --- a/roles/poa-parity/templates/poa-logrotate.conf.j2 +++ /dev/null @@ -1,20 +0,0 @@ -{{ home }}/logs/*.log { - rotate 10 - size 200M - missingok - compress - copytruncate - dateext - dateformat %Y-%m-%d-%s - olddir old -} -{{ home }}/.pm2/pm2.log { - su {{ username }} {{ username }} - rotate 10 - size 200M - missingok - compress - copytruncate - dateext - dateformat %Y-%m-%d-%s -} diff --git a/roles/poa-parity/templates/poa-logrotate.j2 b/roles/poa-parity/templates/poa-logrotate.j2 deleted file mode 100644 index 8b67e39..0000000 --- a/roles/poa-parity/templates/poa-logrotate.j2 +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -/usr/sbin/logrotate {{ home }}/poa-logrotate.conf diff --git a/roles/poa-parity/templates/poa-netstats.j2 b/roles/poa-parity/templates/poa-netstats.j2 deleted file mode 100644 index f724d12..0000000 --- a/roles/poa-parity/templates/poa-netstats.j2 +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=poa netstats service -After=poa-pm2.service -[Service] -Type=oneshot -RemainAfterExit=true -User={{ username }} -Group={{ username }} -WorkingDirectory={{ home }}/eth-net-intelligence-api -ExecStart=/usr/bin/pm2 startOrRestart app.json -[Install] -WantedBy=multi-user.target diff --git a/roles/poa-parity/templates/poa-pm2.j2 b/roles/poa-parity/templates/poa-pm2.j2 deleted file mode 100644 index da5213a..0000000 --- a/roles/poa-parity/templates/poa-pm2.j2 +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=poa pm2 service -After=network.target -[Service] -Type=oneshot -RemainAfterExit=true -User={{ username }} -Group={{ username }} -WorkingDirectory={{ home }} -ExecStart=/usr/bin/pm2 ping -[Install] -WantedBy=multi-user.target From f2342feeded8a395daf96c49d723b687da14526c Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Tue, 1 May 2018 20:52:32 +0300 Subject: [PATCH 32/71] Removing unnecessary variables from defaults They were added because of using in deleted templates --- roles/poa-parity/defaults/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/poa-parity/defaults/main.yml b/roles/poa-parity/defaults/main.yml index 2786b86..6a54770 100644 --- a/roles/poa-parity/defaults/main.yml +++ b/roles/poa-parity/defaults/main.yml @@ -3,12 +3,6 @@ GENESIS_NETWORK_NAME: "PoA" PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" - -NODE_FULLNAME: "default" -NODE_ADMIN_EMAIL: "default@example.com" -NETSTATS_SERVER: "" -NETSTATS_SECRET: "" -MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" validator_archive: "off" bootnode_archive: "off" From 120b6e56398043a4e915908cdd9e3cac37a9e632 Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Wed, 2 May 2018 10:56:06 +0300 Subject: [PATCH 33/71] Fix #129 Lists removed. --- roles/bootnode/tasks/ufw.yml | 12 +++--------- roles/explorer/tasks/main.yml | 4 +--- roles/explorer/tasks/ufw.yml | 12 +++--------- roles/moc/tasks/main.yml | 4 +--- roles/moc/tasks/ufw.yml | 4 +--- roles/netstat/tasks/ufw.yml | 12 +++--------- roles/nginx/tasks/main.yml | 8 ++------ roles/nodejs/tasks/main.yml | 8 ++------ roles/preconf/tasks/chrony.yml | 5 +---- roles/validator/tasks/main.yml | 4 +--- roles/validator/tasks/ufw.yml | 4 +--- 11 files changed, 19 insertions(+), 58 deletions(-) diff --git a/roles/bootnode/tasks/ufw.yml b/roles/bootnode/tasks/ufw.yml index e66b3c7..4a79a29 100644 --- a/roles/bootnode/tasks/ufw.yml +++ b/roles/bootnode/tasks/ufw.yml @@ -17,24 +17,18 @@ - restart ufw - name: Add ufw ssh access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '22', proto: 'tcp' } + ufw: rule='allow' port='22' proto='tcp' notify: - restart ufw when: allow_bootnode_ssh == true - name: Add ufw https access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '443', proto: 'tcp' } + ufw: rule='allow' port='443' proto='tcp' notify: - restart ufw - name: Add ufw rpc access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '8545', proto: 'tcp' } + ufw: rule='allow' port='8545' proto='tcp' notify: - restart ufw when: allow_bootnode_rpc == true diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index b5077ae..f7bcdb0 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -1,9 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - with_items: - - node.toml + template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - name: Clone poanetworks/chain-explorer repo from GitHub git: diff --git a/roles/explorer/tasks/ufw.yml b/roles/explorer/tasks/ufw.yml index e956272..2b2d5fa 100644 --- a/roles/explorer/tasks/ufw.yml +++ b/roles/explorer/tasks/ufw.yml @@ -17,17 +17,13 @@ - restart ufw - name: Add ufw ssh access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '22', proto: 'tcp' } + ufw: rule='allow' port='22' proto='tcp' notify: - restart ufw when: allow_explorer_ssh == true - name: Add ufw https access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '443', proto: 'tcp' } + ufw: rule='allow' port='443' proto='tcp' notify: - restart ufw @@ -41,9 +37,7 @@ when: allow_explorer_p2p == true - name: Add ufw http-3000 access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '3000', proto: 'tcp' } + ufw: rule='allow' port='3000' proto='tcp' notify: - restart ufw when: allow_explorer_http == true diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index e4cc34e..3ea91b2 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -1,9 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - with_items: - - node.toml + template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - name: Install {{ NODE_PWD }} file template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600 diff --git a/roles/moc/tasks/ufw.yml b/roles/moc/tasks/ufw.yml index a421c0b..9fe648f 100644 --- a/roles/moc/tasks/ufw.yml +++ b/roles/moc/tasks/ufw.yml @@ -17,9 +17,7 @@ - restart ufw - name: Add ufw ssh access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '22', proto: 'tcp' } + ufw: rule='allow' port='22' proto='tcp' notify: - restart ufw when: allow_moc_ssh == true diff --git a/roles/netstat/tasks/ufw.yml b/roles/netstat/tasks/ufw.yml index 21dde56..2849b37 100644 --- a/roles/netstat/tasks/ufw.yml +++ b/roles/netstat/tasks/ufw.yml @@ -17,24 +17,18 @@ - restart ufw - name: Add ufw ssh access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '22', proto: 'tcp' } + ufw: rule='allow' port='22' proto='tcp' notify: - restart ufw when: allow_netstat_ssh == true - name: Add ufw https access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '443', proto: 'tcp' } + ufw: rule='allow' port='443' proto='tcp' notify: - restart ufw - name: Add ufw http-3000 access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '3000', proto: 'tcp' } + ufw: rule='allow' port='3000' proto='tcp' notify: - restart ufw when: allow_netstat_http == true diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 39b4f3f..4b5cd43 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -68,16 +68,12 @@ when: not cert_file_check.stat.exists - name: Install nginx.conf - template: src={{ item }}.j2 dest=/etc/nginx/ssl/{{ item }} owner=root group=root mode=0644 - with_items: - - dhparam.pem + template: src=dhparam.pem.j2 dest=/etc/nginx/ssl/dhparam.pem owner=root group=root mode=0644 notify: - reload nginx - name: Install nginx conf.d files - template: src={{ item }}.j2 dest=/etc/nginx/conf.d/{{ item }} owner=root group=root mode=0644 - with_items: - - default.conf + template: src=default.conf.j2 dest=/etc/nginx/conf.d/default.conf owner=root group=root mode=0644 notify: - reload nginx tags: nginx diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index 503792c..8b68483 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -13,9 +13,5 @@ repo: 'deb {{ NODE_SOURCE_DEB }} {{ ansible_distribution_release }} main' state: present -- name: Install nodejs packages - apt: name={{ item }} state=present update_cache=yes - with_items: - - nodejs - - +- name: Install nodejs package + apt: name=nodejs state=present update_cache=yes \ No newline at end of file diff --git a/roles/preconf/tasks/chrony.yml b/roles/preconf/tasks/chrony.yml index 5f81d84..c5810a7 100644 --- a/roles/preconf/tasks/chrony.yml +++ b/roles/preconf/tasks/chrony.yml @@ -1,8 +1,6 @@ --- - name: Install chrony package - apt: name={{ item }} - with_items: - - chrony + apt: name=chrony - name: Select Amazon time server lineinfile: @@ -13,6 +11,5 @@ notify: - restart chrony - - name: Ensure chrony is running and enabled to start at boot service: name=chrony state=started enabled=yes diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index c2d9d19..b99a5f9 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -1,9 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - with_items: - - node.toml + template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - name: Install {{ NODE_PWD }} file template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600 diff --git a/roles/validator/tasks/ufw.yml b/roles/validator/tasks/ufw.yml index eefb74b..8b07434 100644 --- a/roles/validator/tasks/ufw.yml +++ b/roles/validator/tasks/ufw.yml @@ -17,9 +17,7 @@ - restart ufw - name: Add ufw ssh access - ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} - with_items: - - { rule: 'allow', port: '22', proto: 'tcp' } + ufw: rule='allow' port='22' proto='tcp' notify: - restart ufw when: allow_validator_ssh == true From 7a752af9d01dde109d021db35051f85469dbb0f8 Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Wed, 2 May 2018 11:04:03 +0300 Subject: [PATCH 34/71] Syntax fixes One more removed for #129 + small beautifying changes. --- roles/bootnode/tasks/main.yml | 4 +--- roles/poa-parity/tasks/main.yml | 2 +- roles/poa-pm2/tasks/main.yml | 2 +- roles/preconf/tasks/logs.yml | 5 +++-- roles/preconf/tasks/packages.yml | 2 +- roles/usermanager/tasks/main.yml | 2 +- 6 files changed, 8 insertions(+), 9 deletions(-) diff --git a/roles/bootnode/tasks/main.yml b/roles/bootnode/tasks/main.yml index 68c4602..20023ec 100644 --- a/roles/bootnode/tasks/main.yml +++ b/roles/bootnode/tasks/main.yml @@ -1,9 +1,7 @@ --- - name: Create node.toml - template: src={{ item }}.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - with_items: - - node.toml + template: src=node.toml.j2 dest={{ home }}/node.toml owner={{ username }} group={{ username }} mode=0644 - name: Setup ufw firewall import_tasks: ufw.yml diff --git a/roles/poa-parity/tasks/main.yml b/roles/poa-parity/tasks/main.yml index f76f8e7..ab73597 100644 --- a/roles/poa-parity/tasks/main.yml +++ b/roles/poa-parity/tasks/main.yml @@ -26,4 +26,4 @@ - restart poa-parity - name: Ensure poa-parity is running and enabled to start at boot - service: name=poa-parity state=started enabled=yes + service: name=poa-parity state=started enabled=yes \ No newline at end of file diff --git a/roles/poa-pm2/tasks/main.yml b/roles/poa-pm2/tasks/main.yml index 74d7896..0addd61 100644 --- a/roles/poa-pm2/tasks/main.yml +++ b/roles/poa-pm2/tasks/main.yml @@ -9,7 +9,7 @@ - name: Create logs directories file: - path: "/{{ home }}/logs/old" + path: "{{ home }}/logs/old" state: directory mode: 0755 owner: "{{ username }}" diff --git a/roles/preconf/tasks/logs.yml b/roles/preconf/tasks/logs.yml index 5293a59..b5b21d3 100644 --- a/roles/preconf/tasks/logs.yml +++ b/roles/preconf/tasks/logs.yml @@ -1,8 +1,9 @@ --- - name: Create logs directories file: - path: "/{{ home }}/logs/old" + path: "{{ home }}/logs/old" state: directory mode: 0755 owner: "{{ username }}" - group: "{{ username }}" \ No newline at end of file + group: "{{ username }}" + recurse: yes \ No newline at end of file diff --git a/roles/preconf/tasks/packages.yml b/roles/preconf/tasks/packages.yml index 46fd384..f5914ca 100644 --- a/roles/preconf/tasks/packages.yml +++ b/roles/preconf/tasks/packages.yml @@ -6,4 +6,4 @@ - openssh-client - sudo - git - - build-essential + - build-essential \ No newline at end of file diff --git a/roles/usermanager/tasks/main.yml b/roles/usermanager/tasks/main.yml index acbb9e3..a573e30 100644 --- a/roles/usermanager/tasks/main.yml +++ b/roles/usermanager/tasks/main.yml @@ -10,4 +10,4 @@ - include_tasks: nested_authorized_key.yml with_items: "{{ users }}" loop_control: - loop_var: outer_item + loop_var: outer_item \ No newline at end of file From 14162c78c086b195b570465af38455ee4e92523a Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Thu, 3 May 2018 13:01:49 +0300 Subject: [PATCH 35/71] #131 fix Logrotate refactored --- roles/poa-logrotate/tasks/main.yml | 3 ++- roles/poa-logrotate/templates/poa-logrotate.j2 | 2 -- 2 files changed, 2 insertions(+), 3 deletions(-) delete mode 100644 roles/poa-logrotate/templates/poa-logrotate.j2 diff --git a/roles/poa-logrotate/tasks/main.yml b/roles/poa-logrotate/tasks/main.yml index 2fae26f..8ac7c15 100644 --- a/roles/poa-logrotate/tasks/main.yml +++ b/roles/poa-logrotate/tasks/main.yml @@ -3,4 +3,5 @@ template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner={{ username }} group={{ username }} mode=0644 - name: Install poa-logrotate cron - template: src=poa-logrotate.j2 dest=/etc/cron.hourly/poa-logrotate owner=root group=root mode=0755 + cron: special_time=hourly job="/usr/sbin/logrotate {{ home }}/poa-logrotate.conf -s /home/bootnode/logrotate.status" user={{ username }} name="logrotate" + #template: src=poa-logrotate.j2 dest=/etc/cron.hourly/poa-logrotate owner=root group=root mode=0755 \ No newline at end of file diff --git a/roles/poa-logrotate/templates/poa-logrotate.j2 b/roles/poa-logrotate/templates/poa-logrotate.j2 deleted file mode 100644 index 8b67e39..0000000 --- a/roles/poa-logrotate/templates/poa-logrotate.j2 +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -/usr/sbin/logrotate {{ home }}/poa-logrotate.conf From 963efd1987a766e6a9e0195f5aa554465f129a4e Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Thu, 3 May 2018 18:17:58 +0300 Subject: [PATCH 36/71] Review fix for #136 PR - Name changed from `logrotate` to `poa-logrotate` - Fixed incorrect state file location --- roles/poa-logrotate/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/poa-logrotate/tasks/main.yml b/roles/poa-logrotate/tasks/main.yml index 8ac7c15..9e47581 100644 --- a/roles/poa-logrotate/tasks/main.yml +++ b/roles/poa-logrotate/tasks/main.yml @@ -3,5 +3,5 @@ template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner={{ username }} group={{ username }} mode=0644 - name: Install poa-logrotate cron - cron: special_time=hourly job="/usr/sbin/logrotate {{ home }}/poa-logrotate.conf -s /home/bootnode/logrotate.status" user={{ username }} name="logrotate" + cron: special_time=hourly job="/usr/sbin/logrotate {{ home }}/poa-logrotate.conf -s {{ home }}/poa-logrotate.status" user={{ username }} name="poa-logrotate" #template: src=poa-logrotate.j2 dest=/etc/cron.hourly/poa-logrotate owner=root group=root mode=0755 \ No newline at end of file From 20b0244d3b94d39ac2c1199184e43c88339b0afb Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Thu, 3 May 2018 18:20:01 +0300 Subject: [PATCH 37/71] Removed old option (template module) --- roles/poa-logrotate/tasks/main.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/poa-logrotate/tasks/main.yml b/roles/poa-logrotate/tasks/main.yml index 9e47581..a000103 100644 --- a/roles/poa-logrotate/tasks/main.yml +++ b/roles/poa-logrotate/tasks/main.yml @@ -3,5 +3,4 @@ template: src=poa-logrotate.conf.j2 dest={{ home }}/poa-logrotate.conf owner={{ username }} group={{ username }} mode=0644 - name: Install poa-logrotate cron - cron: special_time=hourly job="/usr/sbin/logrotate {{ home }}/poa-logrotate.conf -s {{ home }}/poa-logrotate.status" user={{ username }} name="poa-logrotate" - #template: src=poa-logrotate.j2 dest=/etc/cron.hourly/poa-logrotate owner=root group=root mode=0755 \ No newline at end of file + cron: special_time=hourly job="/usr/sbin/logrotate {{ home }}/poa-logrotate.conf -s {{ home }}/poa-logrotate.status" user={{ username }} name="poa-logrotate" \ No newline at end of file From cd3348eb3efd021ce6ea1c29e47cd1eb71fb20ef Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Thu, 3 May 2018 18:45:07 +0300 Subject: [PATCH 38/71] #125 fix --- ansible.cfg | 1 - group_vars/all.yml.example | 7 ++----- group_vars/all.yml.network | 6 +++--- roles/poa-netstats/tasks/main.yml | 1 - roles/preconf/defaults/main.yml | 5 +---- roles/preconf/tasks/main.yml | 3 --- 6 files changed, 6 insertions(+), 17 deletions(-) diff --git a/ansible.cfg b/ansible.cfg index 1b7798d..d40869d 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -8,7 +8,6 @@ gathering = implicit timeout = 10 host_key_checking = False -remote_user = root ansible_managed = This file is managed by ansible [ssh_connection] diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index bc45207..00499e1 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -42,7 +42,8 @@ PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70b SCRIPTS_MOC_BRANCH: "master" SCRIPTS_VALIDATOR_BRANCH: "master" - +#Explicitly specifies method of privilege escalation +become_method: sudo ###The following variables are node-specific. They should be kept in group_vars/.yml set of files. Alternatively they can be specifed at /vars/main.yml file. @@ -143,10 +144,6 @@ api_version: "9773b5b" ###Those variables are intended to be specified by users. They don't have any reasonable defaults. Those variables should be specified at group_vars/ folder or at /vars/main.yml. -#Specifies the SSH public key file, that will be added to remote 'root' user as an authorized key -#ssh_root: -# - "{{ lookup('file', 'files/admins.pub') }}" - #Validator's mining keyfile content (json string) #MINING_KEYFILE: "INSERT HERE" diff --git a/group_vars/all.yml.network b/group_vars/all.yml.network index 3d58193..e2d9cfa 100644 --- a/group_vars/all.yml.network +++ b/group_vars/all.yml.network @@ -1,11 +1,11 @@ --- + +become_method: sudo + ansible_user: ubuntu ansible_python_interpreter: /usr/bin/python3 -ssh_root: - - "{{ lookup('file', 'files/admins.pub') }}" - image: "ami-0b383171" region: "us-east-1" diff --git a/roles/poa-netstats/tasks/main.yml b/roles/poa-netstats/tasks/main.yml index 529eb4c..a764e8f 100644 --- a/roles/poa-netstats/tasks/main.yml +++ b/roles/poa-netstats/tasks/main.yml @@ -32,7 +32,6 @@ - name: install npm netstats npm: path: "{{ home }}/eth-net-intelligence-api" - become: true become_user: "{{ username }}" notify: - restart poa-netstats diff --git a/roles/preconf/defaults/main.yml b/roles/preconf/defaults/main.yml index ba5f115..5f263fa 100644 --- a/roles/preconf/defaults/main.yml +++ b/roles/preconf/defaults/main.yml @@ -7,7 +7,4 @@ home: "/home/{{ username }}" GENESIS_NETWORK_NAME: "PoA" MAIN_REPO_FETCH: "poanetwork" -GENESIS_BRANCH: "master" - -ssh_root: - - "{{ lookup('file', 'files/admins.pub') }}" \ No newline at end of file +GENESIS_BRANCH: "master" \ No newline at end of file diff --git a/roles/preconf/tasks/main.yml b/roles/preconf/tasks/main.yml index 1fd26f9..7852900 100644 --- a/roles/preconf/tasks/main.yml +++ b/roles/preconf/tasks/main.yml @@ -1,7 +1,4 @@ --- -- name: Add ssh keys for root - authorized_key: user=root key={{ item }} state=present exclusive=yes - with_items: "{{ ssh_root }}" - import_tasks: ssh.yml - import_tasks: packages.yml From 56d7a7fdc7ec5ebd53b4eb5788b0cf1035e4a24a Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 17 May 2018 17:54:51 +0300 Subject: [PATCH 39/71] Typo fix --- roles/poa-netstats/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/poa-netstats/tasks/main.yml b/roles/poa-netstats/tasks/main.yml index a764e8f..b024b4d 100644 --- a/roles/poa-netstats/tasks/main.yml +++ b/roles/poa-netstats/tasks/main.yml @@ -29,9 +29,10 @@ - name: Change owner and group of eth-net-intelligence-api files file: path={{ home }}/eth-net-intelligence-api owner={{ username }} group={{ username }} recurse=yes -- name: install npm netstats +- name: Install npm netstats npm: path: "{{ home }}/eth-net-intelligence-api" + become: true become_user: "{{ username }}" notify: - restart poa-netstats From 86703f8169cee420415ae6709e2d51bb54433d0c Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 24 May 2018 17:43:11 +0300 Subject: [PATCH 40/71] Fixing key pathes --- roles/usermanager/tasks/nested_authorized_key.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/usermanager/tasks/nested_authorized_key.yml b/roles/usermanager/tasks/nested_authorized_key.yml index 144c552..3088175 100644 --- a/roles/usermanager/tasks/nested_authorized_key.yml +++ b/roles/usermanager/tasks/nested_authorized_key.yml @@ -3,9 +3,11 @@ authorized_key: "user={{ outer_item.name }} key='{{ lookup('file', item) }}' state=present exclusive=yes" with_first_found: - files: + - "id_rsa.pub" - "ssh_{{ env }}_{{ outer_item.name }}_{{ inventory_hostname }}.pub" - "ssh_{{ env }}_{{ outer_item.name }}.pub" - "ssh_{{ env }}.pub" - "ssh_{{ outer_item.name }}.pub" - paths: - ../../../files + - ../../../../. From ab4855d9c7d24decedecf07735d1b85a48091149 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 25 May 2018 14:35:52 +0300 Subject: [PATCH 41/71] More fixing --- group_vars/all.yml.example | 4 ++++ roles/usermanager/defaults/main.yml | 3 +++ roles/usermanager/tasks/main.yml | 3 ++- roles/usermanager/tasks/nested_authorized_key.yml | 3 ++- 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 00499e1..c5a784a 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -58,6 +58,10 @@ ansible_user: ubuntu # - name: "{{ username }}" #home: "/home/{{ username }}" +#Path to the public SSH key that will be installed to the service user +install_keys_to_service_user: true +key_name: "id_rsa.pub" + #Node's descriptive name #NODE_FULLNAME: "INSERT NODENAME" diff --git a/roles/usermanager/defaults/main.yml b/roles/usermanager/defaults/main.yml index a1840d3..2bee745 100644 --- a/roles/usermanager/defaults/main.yml +++ b/roles/usermanager/defaults/main.yml @@ -1,5 +1,8 @@ --- +install_keys_to_service_user: false +key_name: "id_rsa.pub" + username: "poa" users: - name: "{{ username }}" \ No newline at end of file diff --git a/roles/usermanager/tasks/main.yml b/roles/usermanager/tasks/main.yml index a573e30..1d8bcd5 100644 --- a/roles/usermanager/tasks/main.yml +++ b/roles/usermanager/tasks/main.yml @@ -10,4 +10,5 @@ - include_tasks: nested_authorized_key.yml with_items: "{{ users }}" loop_control: - loop_var: outer_item \ No newline at end of file + loop_var: outer_item + when: install_keys_to_service_user \ No newline at end of file diff --git a/roles/usermanager/tasks/nested_authorized_key.yml b/roles/usermanager/tasks/nested_authorized_key.yml index 3088175..ad19d03 100644 --- a/roles/usermanager/tasks/nested_authorized_key.yml +++ b/roles/usermanager/tasks/nested_authorized_key.yml @@ -3,11 +3,12 @@ authorized_key: "user={{ outer_item.name }} key='{{ lookup('file', item) }}' state=present exclusive=yes" with_first_found: - files: - - "id_rsa.pub" - "ssh_{{ env }}_{{ outer_item.name }}_{{ inventory_hostname }}.pub" - "ssh_{{ env }}_{{ outer_item.name }}.pub" - "ssh_{{ env }}.pub" - "ssh_{{ outer_item.name }}.pub" + - "{{ key_name.split('/')[:-1] }}" - paths: - ../../../files - ../../../../. + - "{{ dirname(keyname) }}" From 5f20fbc1bf7f1802c8b7660a4644ce55090df4a6 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 25 May 2018 15:23:13 +0300 Subject: [PATCH 42/71] Deprecation and default variables fixing --- aws/roles/bootnode-access/tasks/main.yml | 2 +- aws/roles/explorer-access/tasks/main.yml | 2 +- aws/roles/moc-access/tasks/main.yml | 2 +- aws/roles/netstat-access/tasks/main.yml | 2 +- aws/roles/validator-access/tasks/main.yml | 2 +- roles/bootnode/tasks/main.yml | 2 +- roles/explorer/tasks/main.yml | 2 +- roles/moc/tasks/main.yml | 2 +- roles/netstat/defaults/main.yml | 2 ++ roles/netstat/tasks/main.yml | 2 +- roles/validator/tasks/main.yml | 2 +- 11 files changed, 12 insertions(+), 10 deletions(-) diff --git a/aws/roles/bootnode-access/tasks/main.yml b/aws/roles/bootnode-access/tasks/main.yml index a6e0567..82d0321 100644 --- a/aws/roles/bootnode-access/tasks/main.yml +++ b/aws/roles/bootnode-access/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Setup EC2 firewall import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") + when: ansible_bios_version is search("amazon") diff --git a/aws/roles/explorer-access/tasks/main.yml b/aws/roles/explorer-access/tasks/main.yml index a6e0567..82d0321 100644 --- a/aws/roles/explorer-access/tasks/main.yml +++ b/aws/roles/explorer-access/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Setup EC2 firewall import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") + when: ansible_bios_version is search("amazon") diff --git a/aws/roles/moc-access/tasks/main.yml b/aws/roles/moc-access/tasks/main.yml index a6e0567..82d0321 100644 --- a/aws/roles/moc-access/tasks/main.yml +++ b/aws/roles/moc-access/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Setup EC2 firewall import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") + when: ansible_bios_version is search("amazon") diff --git a/aws/roles/netstat-access/tasks/main.yml b/aws/roles/netstat-access/tasks/main.yml index a6e0567..82d0321 100644 --- a/aws/roles/netstat-access/tasks/main.yml +++ b/aws/roles/netstat-access/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Setup EC2 firewall import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") + when: ansible_bios_version is search("amazon") diff --git a/aws/roles/validator-access/tasks/main.yml b/aws/roles/validator-access/tasks/main.yml index a6e0567..82d0321 100644 --- a/aws/roles/validator-access/tasks/main.yml +++ b/aws/roles/validator-access/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Setup EC2 firewall import_tasks: ec2.yml - when: ansible_bios_version | search("amazon") + when: ansible_bios_version is search("amazon") diff --git a/roles/bootnode/tasks/main.yml b/roles/bootnode/tasks/main.yml index 20023ec..14b057c 100644 --- a/roles/bootnode/tasks/main.yml +++ b/roles/bootnode/tasks/main.yml @@ -5,7 +5,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") + when: not ansible_bios_version is search("amazon") - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index f7bcdb0..c2f823c 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -40,7 +40,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") + when: not ansible_bios_version is search("amazon") - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index 3ea91b2..a7c98e7 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -40,7 +40,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") + when: not ansible_bios_version is search("amazon") - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index d8f8c6d..34f7f9f 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -21,3 +21,5 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" + +reboot_after_completion: true \ No newline at end of file diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index 71d8da9..9a46257 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -46,7 +46,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") + when: not ansible_bios_version is search("amazon") - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index b99a5f9..008d041 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -41,7 +41,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version | search("amazon") + when: not ansible_bios_version is search("amazon") - name: restart machine after setup shell: shutdown -r 1 From 1e7fb6f08fa260702bfc6748a073e5a5a8faa371 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 25 May 2018 18:37:59 +0300 Subject: [PATCH 43/71] Preparing spec.json for terraform integration --- group_vars/all.yml.example | 2 ++ roles/preconf/defaults/main.yml | 4 +++- roles/preconf/tasks/spec.yml | 7 ++++++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index c5a784a..323b1af 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -71,6 +71,8 @@ key_name: "id_rsa.pub" #If this variable is set to "True" all the VMs will be rebooted after setup. reboot_after_completion: false +"Path to spec.json file. If no file provided, spec.json will be downloaded from GitHub +spec_json: "" ##Bootnode-related variables. diff --git a/roles/preconf/defaults/main.yml b/roles/preconf/defaults/main.yml index 5f263fa..c5be53e 100644 --- a/roles/preconf/defaults/main.yml +++ b/roles/preconf/defaults/main.yml @@ -7,4 +7,6 @@ home: "/home/{{ username }}" GENESIS_NETWORK_NAME: "PoA" MAIN_REPO_FETCH: "poanetwork" -GENESIS_BRANCH: "master" \ No newline at end of file +GENESIS_BRANCH: "master" + +spec_json: "" \ No newline at end of file diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index 172df18..bc42462 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,6 +1,11 @@ --- +- name: Copy spec.json to remote machine + copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} + when: spec_json != "" + - name: Download spec.json get_url: url={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} with_items: - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" - - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" \ No newline at end of file + - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt" + when: spec_json == "" \ No newline at end of file From d2f858040b8914d6a933c39c8a559bf3fd5d0d95 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 10:41:53 +0300 Subject: [PATCH 44/71] debug --- roles/preconf/tasks/spec.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index bc42462..79ab6cb 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,4 +1,7 @@ --- +- name: Debug spec_json + var: spec_json + - name: Copy spec.json to remote machine copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} when: spec_json != "" From 86c0be9b1b2da5937cc9d8e15f3503061fcfc94c Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 10:48:40 +0300 Subject: [PATCH 45/71] debug fix --- roles/preconf/tasks/spec.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index 79ab6cb..acf49d6 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,6 +1,7 @@ --- - name: Debug spec_json - var: spec_json + debug: + var: spec_json - name: Copy spec.json to remote machine copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} From 998da0449c7d47e5b93e599b5cace4753f4b072a Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 11:21:36 +0300 Subject: [PATCH 46/71] Removing debug & `explorer` defaults fix --- roles/explorer/defaults/main.yml | 4 +++- roles/preconf/tasks/spec.yml | 4 ---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index c4d07ab..0547e16 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -17,4 +17,6 @@ PROXY_PORT: "3000" MAIN_REPO_FETCH: "poanetwork" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" -explorer_version: "acee07c" \ No newline at end of file +explorer_version: "acee07c" + +reboot_after_completion: true \ No newline at end of file diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index acf49d6..bc42462 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,8 +1,4 @@ --- -- name: Debug spec_json - debug: - var: spec_json - - name: Copy spec.json to remote machine copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} when: spec_json != "" From e9524a143b1f5a916341da8df44a3924dac8d1cb Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 12:10:17 +0300 Subject: [PATCH 47/71] Nginx defaults fix --- roles/nginx/defaults/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml index cd261be..d784e2e 100644 --- a/roles/nginx/defaults/main.yml +++ b/roles/nginx/defaults/main.yml @@ -1,4 +1,6 @@ --- PROXY_PORT: 3000 -configure_extended_tcp_settings: true \ No newline at end of file +configure_extended_tcp_settings: true + +nginx_headers: "off" \ No newline at end of file From 835c888bf16349cef69c8aefa2434f25c388582f Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 12:54:59 +0300 Subject: [PATCH 48/71] defaults in roles fixed `reboot_after_completion` variable added --- roles/bootnode/defaults/main.yml | 4 +++- roles/moc/defaults/main.yml | 2 ++ roles/validator/defaults/main.yml | 2 ++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index 0d5a5a3..9b74f1a 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -12,4 +12,6 @@ users: home: "/home/{{ username }}" bootnode_archive: "off" -bootnode_orchestrator: "off" \ No newline at end of file +bootnode_orchestrator: "off" + +reboot_after_completion: true \ No newline at end of file diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index 4015c3c..4f3e705 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -29,3 +29,5 @@ home: "/home/{{ username }}" moc_archive: "off" +reboot_after_completion: true + diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index b635bd3..b0fa98a 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -18,3 +18,5 @@ MINING_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" SCRIPTS_VALIDATOR_BRANCH: "mainnet" MAIN_REPO_FETCH: "poanetwork" BLK_GAS_LIMIT: "6700000" + +reboot_after_completion: true \ No newline at end of file From 7dd405aadebd5f49541a7c534953d574bd9eeedf Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 15:19:43 +0300 Subject: [PATCH 49/71] Added possibility to copy bootnodes.txt to remote machine --- roles/bootnode/defaults/main.yml | 2 +- roles/explorer/defaults/main.yml | 2 +- roles/moc/defaults/main.yml | 2 +- roles/netstat/defaults/main.yml | 2 +- roles/preconf/defaults/main.yml | 3 ++- roles/preconf/tasks/spec.yml | 7 +++++-- roles/validator/defaults/main.yml | 2 +- 7 files changed, 12 insertions(+), 8 deletions(-) diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index 9b74f1a..ef37259 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -14,4 +14,4 @@ home: "/home/{{ username }}" bootnode_archive: "off" bootnode_orchestrator: "off" -reboot_after_completion: true \ No newline at end of file +reboot_after_completion: false \ No newline at end of file diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index 0547e16..2ba341b 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -19,4 +19,4 @@ MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" explorer_version: "acee07c" -reboot_after_completion: true \ No newline at end of file +reboot_after_completion: false \ No newline at end of file diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index 4f3e705..0106574 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -29,5 +29,5 @@ home: "/home/{{ username }}" moc_archive: "off" -reboot_after_completion: true +reboot_after_completion: false diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index 34f7f9f..03b5628 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -22,4 +22,4 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" -reboot_after_completion: true \ No newline at end of file +reboot_after_completion: false \ No newline at end of file diff --git a/roles/preconf/defaults/main.yml b/roles/preconf/defaults/main.yml index c5be53e..822478c 100644 --- a/roles/preconf/defaults/main.yml +++ b/roles/preconf/defaults/main.yml @@ -9,4 +9,5 @@ GENESIS_NETWORK_NAME: "PoA" MAIN_REPO_FETCH: "poanetwork" GENESIS_BRANCH: "master" -spec_json: "" \ No newline at end of file +spec_json: "" +bootnodes_txt: "" \ No newline at end of file diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index bc42462..4516379 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,9 +1,12 @@ --- -- name: Copy spec.json to remote machine +- name: Copy spec.json and bootnodes.txt to remote machine copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} when: spec_json != "" + with_items: + - {{ spec_json }} + - {{ bootnodes_txt }} -- name: Download spec.json +- name: Download spec.json and bootnodes.txt get_url: url={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} with_items: - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json" diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index b0fa98a..53d42e1 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -19,4 +19,4 @@ SCRIPTS_VALIDATOR_BRANCH: "mainnet" MAIN_REPO_FETCH: "poanetwork" BLK_GAS_LIMIT: "6700000" -reboot_after_completion: true \ No newline at end of file +reboot_after_completion: false \ No newline at end of file From a2f830581371a0a6c199f8ff014e1086fdf8c255 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 16:12:51 +0300 Subject: [PATCH 50/71] Syntax fix Missing quotes --- roles/preconf/tasks/spec.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index 4516379..9189e39 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -3,8 +3,8 @@ copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} when: spec_json != "" with_items: - - {{ spec_json }} - - {{ bootnodes_txt }} + - "{{ spec_json }}" + - "{{ bootnodes_txt }}" - name: Download spec.json and bootnodes.txt get_url: url={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} From 4d2147113a28bb30b6b85ffe9e8073b8fbee46f8 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 16:39:44 +0300 Subject: [PATCH 51/71] Bootnodes.txt copy fix --- roles/preconf/tasks/spec.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/preconf/tasks/spec.yml b/roles/preconf/tasks/spec.yml index 9189e39..7a8e973 100644 --- a/roles/preconf/tasks/spec.yml +++ b/roles/preconf/tasks/spec.yml @@ -1,6 +1,6 @@ --- - name: Copy spec.json and bootnodes.txt to remote machine - copy: src={{ spec_json }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} + copy: src={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} force=yes when: spec_json != "" with_items: - "{{ spec_json }}" From 3da0374d358f525ba9b6e64c469908c017d9aec5 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 17:56:19 +0300 Subject: [PATCH 52/71] Added option to enable parity api --- roles/bootnode/defaults/main.yml | 1 + roles/bootnode/templates/node.toml.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index ef37259..7e4cbd4 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -13,5 +13,6 @@ home: "/home/{{ username }}" bootnode_archive: "off" bootnode_orchestrator: "off" +parity_api: "off" reboot_after_completion: false \ No newline at end of file diff --git a/roles/bootnode/templates/node.toml.j2 b/roles/bootnode/templates/node.toml.j2 index 07370b0..b3105ed 100644 --- a/roles/bootnode/templates/node.toml.j2 +++ b/roles/bootnode/templates/node.toml.j2 @@ -17,7 +17,7 @@ allow_ips = "public" [rpc] #apis = ["web3", "eth", "parity", "parity_set", "net", "traces", "rpc"] -apis = ["web3","eth","net" {{ ', "parity", "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else '' }}] +apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") or parity_api|default("off")) == "on" else '' }}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else '' }}] processing_threads = 4 cors=["all"] From f0c248e25988a18fbf0ac2447dd30aafe1b5061f Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 18:14:52 +0300 Subject: [PATCH 53/71] fix ternary operator --- roles/bootnode/templates/node.toml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/bootnode/templates/node.toml.j2 b/roles/bootnode/templates/node.toml.j2 index b3105ed..5052e4b 100644 --- a/roles/bootnode/templates/node.toml.j2 +++ b/roles/bootnode/templates/node.toml.j2 @@ -17,7 +17,7 @@ allow_ips = "public" [rpc] #apis = ["web3", "eth", "parity", "parity_set", "net", "traces", "rpc"] -apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") or parity_api|default("off")) == "on" else '' }}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else '' }}] +apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") == "on" or parity_api|default("off")) == "on"}}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on"}}] processing_threads = 4 cors=["all"] From 0c6d4df098a9114e52446a06f18455cf8d4762be Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Sun, 27 May 2018 18:27:53 +0300 Subject: [PATCH 54/71] Syntax fix --- roles/bootnode/templates/node.toml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/bootnode/templates/node.toml.j2 b/roles/bootnode/templates/node.toml.j2 index 5052e4b..f688119 100644 --- a/roles/bootnode/templates/node.toml.j2 +++ b/roles/bootnode/templates/node.toml.j2 @@ -17,7 +17,7 @@ allow_ips = "public" [rpc] #apis = ["web3", "eth", "parity", "parity_set", "net", "traces", "rpc"] -apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") == "on" or parity_api|default("off")) == "on"}}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on"}}] +apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") == "on" or parity_api|default("off") == "on") else ''}}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else ''}}] processing_threads = 4 cors=["all"] From a4261dfa5c184fbdd072a01624b0fc2781d4e8e8 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 28 May 2018 17:15:17 +0300 Subject: [PATCH 55/71] Added option to skip ufw and moc autogeneration --- group_vars/all.yml.example | 5 ++++- roles/bootnode/defaults/main.yml | 4 +++- roles/explorer/defaults/main.yml | 4 +++- roles/explorer/tasks/main.yml | 2 +- roles/moc/defaults/main.yml | 3 +++ roles/moc/tasks/main.yml | 9 +++++++-- roles/netstat/defaults/main.yml | 4 +++- roles/netstat/tasks/main.yml | 2 +- roles/validator/defaults/main.yml | 4 +++- roles/validator/tasks/main.yml | 2 +- 10 files changed, 29 insertions(+), 10 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 323b1af..26201b2 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -49,6 +49,9 @@ become_method: sudo ##These variables are used in each role and usually propagated to the dependent roles. By default they are different for each role and it's highly recommended not to use single for multiple roles, escpecially when they are installed on the same machine. +#Should playbook install ufw firewall to the nodes or not. +install_firewall: true + #Which user will be used to connect to VMs ansible_user: ubuntu @@ -58,7 +61,7 @@ ansible_user: ubuntu # - name: "{{ username }}" #home: "/home/{{ username }}" -#Path to the public SSH key that will be installed to the service user +#Path to the public SSH key that will be installed to the service user. install_keys_to_service_user: true key_name: "id_rsa.pub" diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index 7e4cbd4..b224639 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -15,4 +15,6 @@ bootnode_archive: "off" bootnode_orchestrator: "off" parity_api: "off" -reboot_after_completion: false \ No newline at end of file +reboot_after_completion: false + +install_firewall: true \ No newline at end of file diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index 2ba341b..5efbdaa 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -19,4 +19,6 @@ MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" explorer_version: "acee07c" -reboot_after_completion: false \ No newline at end of file +reboot_after_completion: false + +install_firewall: true \ No newline at end of file diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index c2f823c..e5f7289 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -40,7 +40,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version is search("amazon") + when: install_firewall - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index 0106574..c1599c4 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -31,3 +31,6 @@ moc_archive: "off" reboot_after_completion: false +install_firewall: true + +terraform: false \ No newline at end of file diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index a7c98e7..37cb1d8 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -16,31 +16,36 @@ repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc" dest: "{{ home }}/poa-scripts-moc" version: "{{ SCRIPTS_MOC_BRANCH }}" + when: terraform==false - name: Change owner and group of poa-scripts-moc file file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes - + when: terraform==false + - name: install npm initial_keys_script npm: path: "{{ home }}/poa-scripts-moc" become: true become_user: "{{ username }}" + when: terraform==false - name: install npm generateInitialKey npm: path: "{{ home }}/poa-scripts-moc/generateInitialKey" become: true become_user: "{{ username }}" + when: terraform==false - name: install npm distributeTokens npm: path: "{{ home }}/poa-scripts-moc/distributeTokens" become: true become_user: "{{ username }}" + when: terraform==false - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version is search("amazon") + when: install_firewall - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index 03b5628..44f5b3e 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -22,4 +22,6 @@ home: "/home/{{ username }}" nginx_headers: "off" PROXY_PORT: "3000" -reboot_after_completion: false \ No newline at end of file +reboot_after_completion: false + +install_firewall: true \ No newline at end of file diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index 9a46257..7492df6 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -46,7 +46,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version is search("amazon") + when: install_firewall - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index 53d42e1..32fa58f 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -19,4 +19,6 @@ SCRIPTS_VALIDATOR_BRANCH: "mainnet" MAIN_REPO_FETCH: "poanetwork" BLK_GAS_LIMIT: "6700000" -reboot_after_completion: false \ No newline at end of file +reboot_after_completion: false + +install_firewall: true \ No newline at end of file diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index 008d041..073d56f 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -41,7 +41,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version is search("amazon") + when: install_firewall - name: restart machine after setup shell: shutdown -r 1 From 3d2390598a689d832f551784a8a4b35612ade979 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Tue, 29 May 2018 15:35:00 +0300 Subject: [PATCH 56/71] remove unnecessary variable --- roles/moc/defaults/main.yml | 4 +--- roles/moc/tasks/main.yml | 5 ----- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index c1599c4..689671c 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -31,6 +31,4 @@ moc_archive: "off" reboot_after_completion: false -install_firewall: true - -terraform: false \ No newline at end of file +install_firewall: true \ No newline at end of file diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index 37cb1d8..be73c79 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -16,32 +16,27 @@ repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc" dest: "{{ home }}/poa-scripts-moc" version: "{{ SCRIPTS_MOC_BRANCH }}" - when: terraform==false - name: Change owner and group of poa-scripts-moc file file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes - when: terraform==false - name: install npm initial_keys_script npm: path: "{{ home }}/poa-scripts-moc" become: true become_user: "{{ username }}" - when: terraform==false - name: install npm generateInitialKey npm: path: "{{ home }}/poa-scripts-moc/generateInitialKey" become: true become_user: "{{ username }}" - when: terraform==false - name: install npm distributeTokens npm: path: "{{ home }}/poa-scripts-moc/distributeTokens" become: true become_user: "{{ username }}" - when: terraform==false - name: Setup ufw firewall import_tasks: ufw.yml From ac0250120391d755e5dfaf818c4534287028b5fc Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Tue, 29 May 2018 15:55:30 +0300 Subject: [PATCH 57/71] Assuming reasonable defaults --- roles/bootnode/tasks/main.yml | 2 +- roles/moc/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/bootnode/tasks/main.yml b/roles/bootnode/tasks/main.yml index 14b057c..006db8f 100644 --- a/roles/bootnode/tasks/main.yml +++ b/roles/bootnode/tasks/main.yml @@ -5,7 +5,7 @@ - name: Setup ufw firewall import_tasks: ufw.yml - when: not ansible_bios_version is search("amazon") + when: install_firewall - name: restart machine after setup shell: shutdown -r 1 diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index 689671c..03aa1c3 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -16,7 +16,7 @@ MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" MOC_KEYPASS: "" MOC_KEYFILE: "" -SCRIPTS_MOC_BRANCH: "mainnet" +SCRIPTS_MOC_BRANCH: "master" GENESIS_NETWORK_NAME: "PoA" MAIN_REPO_FETCH: "poanetwork" From 115775a11900f82954cce65e7cb0b76c871d0742 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Wed, 30 May 2018 18:19:59 +0300 Subject: [PATCH 58/71] Adjust defaults --- roles/usermanager/defaults/main.yml | 3 ++- roles/validator/defaults/main.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/usermanager/defaults/main.yml b/roles/usermanager/defaults/main.yml index 2bee745..82a9b04 100644 --- a/roles/usermanager/defaults/main.yml +++ b/roles/usermanager/defaults/main.yml @@ -5,4 +5,5 @@ key_name: "id_rsa.pub" username: "poa" users: - - name: "{{ username }}" \ No newline at end of file + - name: "{{ username }}" +home: "/home/{{ username }}" \ No newline at end of file diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index 32fa58f..db8851c 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -15,7 +15,7 @@ NODE_PWD: "node.pwd" # don't change this one MINING_KEYFILE: "" MINING_KEYPASS: "" MINING_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" -SCRIPTS_VALIDATOR_BRANCH: "mainnet" +SCRIPTS_VALIDATOR_BRANCH: "master" MAIN_REPO_FETCH: "poanetwork" BLK_GAS_LIMIT: "6700000" From 098765ca4eb64b664c1ffe45e31a9e58d65bfa34 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Thu, 31 May 2018 10:48:43 +0300 Subject: [PATCH 59/71] Adjusting defaults --- roles/validator/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index db8851c..a7bf68c 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -5,6 +5,7 @@ user: ubuntu username: "poa" users: - name: "{{ username }}" +home: "/home/{{ username }}" allow_validator_ssh: true allow_validator_p2p: true From 65604e85e6df0fac90dd973b912fa7d88c40a85c Mon Sep 17 00:00:00 2001 From: phahulin Date: Wed, 6 Jun 2018 12:57:35 +0300 Subject: [PATCH 60/71] Update parity version --- group_vars/all.yml.network | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/group_vars/all.yml.network b/group_vars/all.yml.network index e2d9cfa..d6a5dad 100644 --- a/group_vars/all.yml.network +++ b/group_vars/all.yml.network @@ -11,8 +11,8 @@ region: "us-east-1" NODE_PWD: "node.pwd" # don't change this one NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x" -PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" -PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" +PARITY_BIN_LOC: "https://s3.us-east-2.amazonaws.com/poa-builds-parity-published/1.10.6/parity" +PARITY_BIN_SHA256: "539f4788fbd605a9cd87b5bf747b27ae05b8a4080b26aa3da645b0446fa9f9cc" ORCHESTRATOR_BIN_LOC: "" ORCHESTRATOR_BIN_SHA256: "" @@ -23,4 +23,4 @@ GENESIS_BRANCH: "master" GENESIS_NETWORK_NAME: "PoA" MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" -BLK_GAS_LIMIT: "6700000" \ No newline at end of file +BLK_GAS_LIMIT: "6700000" From b013c4b83a1e1554daecf9c363d6a928cefc62a3 Mon Sep 17 00:00:00 2001 From: phahulin Date: Wed, 6 Jun 2018 12:58:09 +0300 Subject: [PATCH 61/71] Update parity version --- group_vars/all.yml.example | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 00499e1..09f3abe 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -35,8 +35,8 @@ ORCHESTRATOR_BIN_LOC: "" ORCHESTRATOR_BIN_SHA256: "" #url and sha256 checksum of the parity binary file -PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity" -PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33" +PARITY_BIN_LOC: "https://s3.us-east-2.amazonaws.com/poa-builds-parity-published/1.10.6/parity" +PARITY_BIN_SHA256: "539f4788fbd605a9cd87b5bf747b27ae05b8a4080b26aa3da645b0446fa9f9cc" #branch of poa-scripts-moc and poa-scripts-validator to use SCRIPTS_MOC_BRANCH: "master" @@ -169,4 +169,4 @@ api_version: "9773b5b" #NODE_ADMIN_EMAIL: "INSERT HERE" #Node's descriptive name. Publicly visible in netstats -#NODE_FULLNAME: "INSERT HERE" \ No newline at end of file +#NODE_FULLNAME: "INSERT HERE" From 96358b8735e2083d62b940061d08f3505dfd6cb9 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 8 Jun 2018 16:46:53 +0300 Subject: [PATCH 62/71] Fix --- roles/moc/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index be73c79..210d74c 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -16,6 +16,7 @@ repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc" dest: "{{ home }}/poa-scripts-moc" version: "{{ SCRIPTS_MOC_BRANCH }}" + force: yes - name: Change owner and group of poa-scripts-moc file file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes From e619f273c22fe364c9dcb762fa16e89281972a1a Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Tue, 12 Jun 2018 17:26:47 +0300 Subject: [PATCH 63/71] Fixes for terraform --- roles/validator/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index 073d56f..c9f7db8 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -16,6 +16,7 @@ repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-validator" dest: "{{ home }}/poa-scripts-validator" version: "{{ SCRIPTS_VALIDATOR_BRANCH }}" + force: yes - name: Link node.toml file file: From e4e3a7249f9d213d8680d8f5426fa5f559862b28 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 15 Jun 2018 16:09:04 +0300 Subject: [PATCH 64/71] Variable name changed. --- roles/usermanager/tasks/nested_authorized_key.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usermanager/tasks/nested_authorized_key.yml b/roles/usermanager/tasks/nested_authorized_key.yml index ad19d03..be44e21 100644 --- a/roles/usermanager/tasks/nested_authorized_key.yml +++ b/roles/usermanager/tasks/nested_authorized_key.yml @@ -11,4 +11,4 @@ - paths: - ../../../files - ../../../../. - - "{{ dirname(keyname) }}" + - "{{ dirname(key_name) }}" From a4b57880f643032a450ec98a6c662c7e7bcb76f6 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 15 Jun 2018 16:12:33 +0300 Subject: [PATCH 65/71] Setting default for ssh key folder. --- roles/usermanager/tasks/nested_authorized_key.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usermanager/tasks/nested_authorized_key.yml b/roles/usermanager/tasks/nested_authorized_key.yml index be44e21..6e90492 100644 --- a/roles/usermanager/tasks/nested_authorized_key.yml +++ b/roles/usermanager/tasks/nested_authorized_key.yml @@ -11,4 +11,4 @@ - paths: - ../../../files - ../../../../. - - "{{ dirname(key_name) }}" + - "{{ dirname(key_name) | default("./") }}" From 0188d9b2ed9fed585dfbcd8e455f5125928d5780 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 15 Jun 2018 16:28:52 +0300 Subject: [PATCH 66/71] Name fix --- roles/usermanager/tasks/nested_authorized_key.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usermanager/tasks/nested_authorized_key.yml b/roles/usermanager/tasks/nested_authorized_key.yml index 6e90492..e3fc9e9 100644 --- a/roles/usermanager/tasks/nested_authorized_key.yml +++ b/roles/usermanager/tasks/nested_authorized_key.yml @@ -11,4 +11,4 @@ - paths: - ../../../files - ../../../../. - - "{{ dirname(key_name) | default("./") }}" + - "{{ dirname(key_name) | default('./') }}" From 3dfbcb58dc4982ae66d89588327679153d4d050a Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 18 Jun 2018 15:56:48 +0300 Subject: [PATCH 67/71] Fix at all.yml.example (syntax) --- group_vars/all.yml.example | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 26201b2..ecfef1b 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -63,6 +63,7 @@ ansible_user: ubuntu #Path to the public SSH key that will be installed to the service user. install_keys_to_service_user: true +#Relative or absolute path to the file. key_name: "id_rsa.pub" #Node's descriptive name @@ -74,7 +75,7 @@ key_name: "id_rsa.pub" #If this variable is set to "True" all the VMs will be rebooted after setup. reboot_after_completion: false -"Path to spec.json file. If no file provided, spec.json will be downloaded from GitHub +#Path to spec.json file. If no file provided, spec.json will be downloaded from GitHub spec_json: "" ##Bootnode-related variables. From 5d55ba393128b8864b49703128042b280608c6e0 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 22 Jun 2018 14:21:12 +0300 Subject: [PATCH 68/71] Added required variables. --- group_vars/all.yml.example | 2 ++ 1 file changed, 2 insertions(+) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index ecfef1b..e3cdf98 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -77,6 +77,8 @@ reboot_after_completion: false #Path to spec.json file. If no file provided, spec.json will be downloaded from GitHub spec_json: "" +#Path to bootnodes.txt. Must be provided if spec_json specified +bootnodes_txt: "" ##Bootnode-related variables. From d8b78d4aa97a4129014d5e87cd8325d0758b47ef Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Fri, 22 Jun 2018 16:15:00 +0300 Subject: [PATCH 69/71] Adjusting default settings --- group_vars/all.yml.example | 5 ++++- roles/bootnode/defaults/main.yml | 2 +- roles/explorer/defaults/main.yml | 2 +- roles/moc/defaults/main.yml | 2 +- roles/netstat/defaults/main.yml | 2 +- roles/validator/defaults/main.yml | 2 +- 6 files changed, 9 insertions(+), 6 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index e3cdf98..542a8db 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -53,7 +53,10 @@ become_method: sudo install_firewall: true #Which user will be used to connect to VMs -ansible_user: ubuntu +#ansible_user: ubuntu + +#Choose if to install debug tools +install_debug_tools: "no" #User's name and directory, which will be used to execute role from. #username: "" diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index b224639..1ab8b4d 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -16,5 +16,5 @@ bootnode_orchestrator: "off" parity_api: "off" reboot_after_completion: false - +install_debug_tools: "no" install_firewall: true \ No newline at end of file diff --git a/roles/explorer/defaults/main.yml b/roles/explorer/defaults/main.yml index 5efbdaa..20ddad0 100644 --- a/roles/explorer/defaults/main.yml +++ b/roles/explorer/defaults/main.yml @@ -20,5 +20,5 @@ MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126" explorer_version: "acee07c" reboot_after_completion: false - +install_debug_tools: "no" install_firewall: true \ No newline at end of file diff --git a/roles/moc/defaults/main.yml b/roles/moc/defaults/main.yml index 03aa1c3..0013d50 100644 --- a/roles/moc/defaults/main.yml +++ b/roles/moc/defaults/main.yml @@ -30,5 +30,5 @@ home: "/home/{{ username }}" moc_archive: "off" reboot_after_completion: false - +install_debug_tools: "no" install_firewall: true \ No newline at end of file diff --git a/roles/netstat/defaults/main.yml b/roles/netstat/defaults/main.yml index 44f5b3e..3f29872 100644 --- a/roles/netstat/defaults/main.yml +++ b/roles/netstat/defaults/main.yml @@ -23,5 +23,5 @@ nginx_headers: "off" PROXY_PORT: "3000" reboot_after_completion: false - +install_debug_tools: "no" install_firewall: true \ No newline at end of file diff --git a/roles/validator/defaults/main.yml b/roles/validator/defaults/main.yml index a7bf68c..0db6b1d 100644 --- a/roles/validator/defaults/main.yml +++ b/roles/validator/defaults/main.yml @@ -21,5 +21,5 @@ MAIN_REPO_FETCH: "poanetwork" BLK_GAS_LIMIT: "6700000" reboot_after_completion: false - +install_debug_tools: "no" install_firewall: true \ No newline at end of file From 00216e7e78b4accb95a97f8df2f38b73eaa5bdb2 Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 25 Jun 2018 14:06:00 +0300 Subject: [PATCH 70/71] Bootnode dapps tweak added --- group_vars/all.yml.example | 2 ++ roles/bootnode/defaults/main.yml | 1 + roles/bootnode/templates/node.toml.j2 | 2 ++ 3 files changed, 5 insertions(+) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 542a8db..10f974f 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -96,6 +96,8 @@ allow_bootnode_rpc: false bootnode_archive: "off" #Specifies whether or not parity-orchestrator should be installed on this node and parity configured to use whisper bootnode_orchestrator: "off" +#Specifies whether or not dapps should be enabled on bootnode +bootnode_dapps: "off" ##Explorer-related variables diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index 1ab8b4d..e361264 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -13,6 +13,7 @@ home: "/home/{{ username }}" bootnode_archive: "off" bootnode_orchestrator: "off" +bootnode_dapps: "off" parity_api: "off" reboot_after_completion: false diff --git a/roles/bootnode/templates/node.toml.j2 b/roles/bootnode/templates/node.toml.j2 index f688119..abe1ce5 100644 --- a/roles/bootnode/templates/node.toml.j2 +++ b/roles/bootnode/templates/node.toml.j2 @@ -24,8 +24,10 @@ cors=["all"] [ui] disable = true +{% if bootnode_dapps|default("off") == "on" %} [dapps] disable = true +{% endif %} {% if bootnode_archive|default("off") == "on" %} [snapshots] From 2ac226fafd00b7e29cf9da4a6bbfdb2df46fa3bd Mon Sep 17 00:00:00 2001 From: ArseniiPetrovich Date: Mon, 25 Jun 2018 14:29:16 +0300 Subject: [PATCH 71/71] Enable dapps by default --- group_vars/all.yml.example | 2 -- roles/bootnode/defaults/main.yml | 1 - roles/bootnode/templates/node.toml.j2 | 5 ----- 3 files changed, 8 deletions(-) diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 10f974f..542a8db 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -96,8 +96,6 @@ allow_bootnode_rpc: false bootnode_archive: "off" #Specifies whether or not parity-orchestrator should be installed on this node and parity configured to use whisper bootnode_orchestrator: "off" -#Specifies whether or not dapps should be enabled on bootnode -bootnode_dapps: "off" ##Explorer-related variables diff --git a/roles/bootnode/defaults/main.yml b/roles/bootnode/defaults/main.yml index e361264..1ab8b4d 100644 --- a/roles/bootnode/defaults/main.yml +++ b/roles/bootnode/defaults/main.yml @@ -13,7 +13,6 @@ home: "/home/{{ username }}" bootnode_archive: "off" bootnode_orchestrator: "off" -bootnode_dapps: "off" parity_api: "off" reboot_after_completion: false diff --git a/roles/bootnode/templates/node.toml.j2 b/roles/bootnode/templates/node.toml.j2 index abe1ce5..86a709f 100644 --- a/roles/bootnode/templates/node.toml.j2 +++ b/roles/bootnode/templates/node.toml.j2 @@ -24,11 +24,6 @@ cors=["all"] [ui] disable = true -{% if bootnode_dapps|default("off") == "on" %} -[dapps] -disable = true -{% endif %} - {% if bootnode_archive|default("off") == "on" %} [snapshots] disable_periodic = false