Merge branch 'master' into centos-support-new

aws/roles/bootnode-access/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
 - name: Setup EC2 firewall
   import_tasks: ec2.yml
-  when: ansible_bios_version | search("amazon")
+  when: ansible_bios_version is search("amazon")

aws/roles/explorer-access/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
 - name: Setup EC2 firewall
   import_tasks: ec2.yml
-  when: ansible_bios_version | search("amazon")
+  when: ansible_bios_version is search("amazon")

aws/roles/moc-access/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
 - name: Setup EC2 firewall
   import_tasks: ec2.yml
-  when: ansible_bios_version | search("amazon")
+  when: ansible_bios_version is search("amazon")

aws/roles/netstat-access/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
 - name: Setup EC2 firewall
   import_tasks: ec2.yml
-  when: ansible_bios_version | search("amazon")
+  when: ansible_bios_version is search("amazon")

aws/roles/validator-access/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
 - name: Setup EC2 firewall
   import_tasks: ec2.yml
-  when: ansible_bios_version | search("amazon")
+  when: ansible_bios_version is search("amazon")

group_vars/all.yml.example

@@ -38,12 +38,26 @@ become_method: sudo
 
 ##These variables are used in each role and usually propagated to the dependent roles. By default they are different for each role and it's highly recommended not to use single for multiple roles, escpecially when they are installed on the same machine. 
 
+#Should playbook install ufw firewall to the nodes or not.
+install_firewall: true
+
+#Which user will be used to connect to VMs
+#ansible_user: ubuntu
+
+#Choose if to install debug tools 
+install_debug_tools: "no"
+
 #User's name and directory, which will be used to execute role from. 
 #username: "<role>"
 #users:
 #  - name: "{{ username }}"
 #home: "/home/{{ username }}"
 
+#Path to the public SSH key that will be installed to the service user.
+install_keys_to_service_user: true
+#Relative or absolute path to the file.
+key_name: "id_rsa.pub"
+
 #Node's descriptive name
 #NODE_FULLNAME: "INSERT NODENAME"
 
@@ -53,6 +67,10 @@ become_method: sudo
 #If this variable is set to "True" all the VMs will be rebooted after setup.
 reboot_after_completion: false
 
+#Path to spec.json file. If no file provided, spec.json will be downloaded from GitHub
+spec_json: ""
+#Path to bootnodes.txt. Must be provided if spec_json specified
+bootnodes_txt: ""
 
 ##Bootnode-related variables.
 

roles/bootnode/defaults/main.yml

@@ -12,4 +12,9 @@ users:
 home: "/home/{{ username }}"
 
 bootnode_archive: "off"
-bootnode_orchestrator: "off"
+bootnode_orchestrator: "off"
+parity_api: "off"
+
+reboot_after_completion: false
+install_debug_tools: "no"
+install_firewall: true

roles/bootnode/tasks/main.yml

@@ -5,7 +5,7 @@
    
 - name: Setup ufw firewall
   import_tasks: ufw.yml
-  when: not ansible_bios_version | search("amazon")
+  when: install_firewall
   
 - name: restart machine after setup
   shell: shutdown -r 1

roles/bootnode/templates/node.toml.j2

@@ -17,16 +17,13 @@ allow_ips = "public"
 
 [rpc]
 #apis = ["web3", "eth", "parity", "parity_set", "net", "traces", "rpc"]
-apis = ["web3","eth","net" {{ ', "parity", "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else '' }}]
+apis = ["web3","eth","net"{{', "parity"' if (bootnode_orchestrator|default("off") == "on" or parity_api|default("off") == "on") else ''}}{{', "parity_set", "shh"' if bootnode_orchestrator|default("off") == "on" else ''}}]
 processing_threads = 4
 cors=["all"]
 
 [ui]
 disable = true
 
-[dapps]
-disable = true
-
 {% if bootnode_archive|default("off") == "on" %}
 [snapshots]
 disable_periodic = false

roles/explorer/defaults/main.yml

@@ -17,4 +17,8 @@ PROXY_PORT: "3000"
 MAIN_REPO_FETCH: "poanetwork"
 MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
 
-explorer_version: "acee07c"
+explorer_version: "acee07c"
+
+reboot_after_completion: false
+install_debug_tools: "no"
+install_firewall: true

roles/explorer/tasks/main.yml

@@ -40,7 +40,7 @@
   
 - name: Setup ufw firewall
   import_tasks: ufw.yml
-  when: not ansible_bios_version | search("amazon")
+  when: install_firewall
   
 - name: restart machine after setup
   shell: shutdown -r 1

roles/moc/defaults/main.yml

@@ -16,7 +16,7 @@ MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
 MOC_KEYPASS: ""
 MOC_KEYFILE: ""
 
-SCRIPTS_MOC_BRANCH: "mainnet"
+SCRIPTS_MOC_BRANCH: "master"
 GENESIS_NETWORK_NAME: "PoA"
 MAIN_REPO_FETCH: "poanetwork"
 
@@ -29,3 +29,6 @@ home: "/home/{{ username }}"
 
 moc_archive: "off"
 
+reboot_after_completion: false
+install_debug_tools: "no"
+install_firewall: true

roles/moc/tasks/main.yml

@@ -16,10 +16,11 @@
     repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc"
     dest: "{{ home }}/poa-scripts-moc"
     version: "{{ SCRIPTS_MOC_BRANCH }}"
+    force: yes
 
 - name: Change owner and group of poa-scripts-moc file
   file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes
-
+  
 - name: install npm initial_keys_script
   npm:
     path: "{{ home }}/poa-scripts-moc"
@@ -40,7 +41,7 @@
 
 - name: Setup ufw firewall
   import_tasks: ufw.yml
-  when: not ansible_bios_version | search("amazon")
+  when: install_firewall
   
 - name: restart machine after setup
   shell: shutdown -r 1

roles/netstat/defaults/main.yml

@@ -21,3 +21,7 @@ home: "/home/{{ username }}"
 
 nginx_headers: "off"
 PROXY_PORT: "3000"
+
+reboot_after_completion: false
+install_debug_tools: "no"
+install_firewall: true

roles/netstat/tasks/main.yml

@@ -46,7 +46,7 @@
 
 - name: Setup ufw firewall
   import_tasks: ufw.yml
-  when: not ansible_bios_version | search("amazon")
+  when: install_firewall
   
 - name: restart machine after setup
   shell: shutdown -r 1

roles/nginx/defaults/main.yml

@@ -1,4 +1,6 @@
 ---
 
 PROXY_PORT: 3000
-configure_extended_tcp_settings: true
+configure_extended_tcp_settings: true
+
+nginx_headers: "off"

roles/preconf/defaults/main.yml

@@ -7,4 +7,7 @@ home: "/home/{{ username }}"
 
 GENESIS_NETWORK_NAME: "PoA"
 MAIN_REPO_FETCH: "poanetwork"
-GENESIS_BRANCH: "master"
+GENESIS_BRANCH: "master"
+
+spec_json: ""
+bootnodes_txt: ""

roles/preconf/tasks/spec.yml

@@ -1,6 +1,14 @@
 ---
-- name: Download spec.json
+- name: Copy spec.json and bootnodes.txt to remote machine
+  copy: src={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }} force=yes
+  when: spec_json != ""
+  with_items:
+    - "{{ spec_json }}"
+    - "{{ bootnodes_txt }}"
+
+- name: Download spec.json and bootnodes.txt
   get_url: url={{ item }} dest={{ home }}/ mode=0644 group={{ username }} owner={{ username }}
   with_items:
     - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
-    - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
+    - "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
+  when: spec_json == ""

roles/usermanager/defaults/main.yml

@@ -1,5 +1,9 @@
 ---
 
+install_keys_to_service_user: false
+key_name: "id_rsa.pub"
+
 username: "poa"
 users:
-  - name: "{{ username }}"
+  - name: "{{ username }}"
+home: "/home/{{ username }}"

roles/usermanager/tasks/main.yml

@@ -10,4 +10,5 @@
 - include_tasks: nested_authorized_key.yml
   with_items: "{{ users }}"
   loop_control:
-    loop_var: outer_item
+    loop_var: outer_item
+  when: install_keys_to_service_user

roles/usermanager/tasks/nested_authorized_key.yml

@@ -7,5 +7,8 @@
       - "ssh_{{ env }}_{{ outer_item.name }}.pub"
       - "ssh_{{ env }}.pub"
       - "ssh_{{ outer_item.name }}.pub"
+      - "{{ key_name.split('/')[:-1] }}"
     - paths:
        - ../../../files
+       - ../../../../.
+       - "{{ dirname(key_name) | default('./') }}"

roles/validator/defaults/main.yml

@@ -5,6 +5,7 @@ user: ubuntu
 username: "poa"
 users:
   - name: "{{ username }}"
+home: "/home/{{ username }}"
 
 allow_validator_ssh: true
 allow_validator_p2p: true
@@ -15,6 +16,10 @@ NODE_PWD: "node.pwd" # don't change this one
 MINING_KEYFILE: ""
 MINING_KEYPASS: ""
 MINING_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
-SCRIPTS_VALIDATOR_BRANCH: "mainnet"
+SCRIPTS_VALIDATOR_BRANCH: "master"
 MAIN_REPO_FETCH: "poanetwork"
 BLK_GAS_LIMIT: "6700000"
+
+reboot_after_completion: false
+install_debug_tools: "no"
+install_firewall: true

roles/validator/tasks/main.yml

@@ -16,6 +16,7 @@
     repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-validator"
     dest: "{{ home }}/poa-scripts-validator"
     version: "{{ SCRIPTS_VALIDATOR_BRANCH }}"
+    force: yes
 
 - name: Link node.toml file
   file:
@@ -41,7 +42,7 @@
   
 - name: Setup ufw firewall
   import_tasks: ufw.yml
-  when: not ansible_bios_version | search("amazon")
+  when: install_firewall
   
 - name: restart machine after setup
   shell: shutdown -r 1