diff --git a/bootnode.yml b/bootnode.yml index 10355f0..874b0f4 100644 --- a/bootnode.yml +++ b/bootnode.yml @@ -2,7 +2,7 @@ - name: Create bootnode security group hosts: localhost gather_facts: False - tasks: + tasks: - name: Create Security group ec2_group: ec2_access_key: "{{ access_key }}" @@ -39,7 +39,7 @@ ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" - instance_tags: + instance_tags: Name: "{{ bootnode_instance_name }}" group: "{{ bootnode_security_group }}" instance_type: "{{ bootnode_instance_type }}" diff --git a/explorer.yml b/explorer.yml index 8f7a5ac..a82b7d6 100644 --- a/explorer.yml +++ b/explorer.yml @@ -2,7 +2,7 @@ - name: Create explorer security group hosts: localhost gather_facts: False - tasks: + tasks: - name: Create Security group ec2_group: ec2_access_key: "{{ access_key }}" @@ -39,7 +39,7 @@ ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" - instance_tags: + instance_tags: Name: "{{ explorer_instance_name }}" group: "{{ explorer_security_group }}" instance_type: "{{ explorer_instance_type }}" diff --git a/hooks/pre-commit.sh b/hooks/pre-commit.sh new file mode 100755 index 0000000..56502c7 --- /dev/null +++ b/hooks/pre-commit.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +# This is the pre-commit hook that runs each time with `git commit` +# and checks syntax of the playbooks +# To install run +# ln -s ../../hooks/pre-commit.sh .git/hooks/pre-commit + +echo "Running pre-commit hook" + +STASH_NAME="pre-commit-$(date +%s)" +git stash save -q --keep-index $STASH_NAME + +echo "Checking the playbook syntax" +ansible-playbook -i none site.yml --syntax-check +RESULT=$? + +if [[ $RESULT == 0 ]]; then + echo "Running Ansible linter" + ansible-lint site.yml + RESULT=$? +fi + +STASHES=$(git stash list) + +if [[ $STASHES =~ .*$STASH_NAME ]]; then + git stash pop -q +fi + +[ $RESULT -ne 0 ] && exit 1 +exit 0 diff --git a/netstat.yml b/netstat.yml index 8d4b5e3..de10a0b 100644 --- a/netstat.yml +++ b/netstat.yml @@ -2,7 +2,7 @@ - name: Create netstat security group hosts: localhost gather_facts: False - tasks: + tasks: - name: Create Security group ec2_group: ec2_access_key: "{{ access_key }}" @@ -39,7 +39,7 @@ ec2_access_key: "{{ access_key }}" ec2_secret_key: "{{ secret_key }}" key_name: "{{ awskeypair_name }}" - instance_tags: + instance_tags: Name: "{{ netstat_instance_name }}" group: "{{ netstat_security_group }}" instance_type: "{{ netstat_instance_type }}" diff --git a/roles/bootnode-access/tasks/ec2.yml b/roles/bootnode-access/tasks/ec2.yml index 4170b4b..92aed30 100644 --- a/roles/bootnode-access/tasks/ec2.yml +++ b/roles/bootnode-access/tasks/ec2.yml @@ -40,7 +40,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "22" when: allow_bootnode_ssh == true @@ -75,7 +75,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "8545" when: allow_bootnode_rpc == true @@ -99,6 +99,6 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "30303" when: allow_bootnode_p2p == true diff --git a/roles/bootnode-access/tasks/main.yml b/roles/bootnode-access/tasks/main.yml index 58e78c2..0a565cc 100644 --- a/roles/bootnode-access/tasks/main.yml +++ b/roles/bootnode-access/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Setup ufw firewall - include: ufw.yml + import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") - name: Setup EC2 firewall - include: ec2.yml + import_tasks: ec2.yml when: ansible_bios_version | search("amazon") diff --git a/roles/explorer-access/tasks/ec2.yml b/roles/explorer-access/tasks/ec2.yml index 503df62..5b24ef3 100644 --- a/roles/explorer-access/tasks/ec2.yml +++ b/roles/explorer-access/tasks/ec2.yml @@ -40,7 +40,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "22" when: allow_explorer_ssh == true @@ -79,7 +79,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "30303" when: allow_explorer_p2p == true @@ -98,6 +98,6 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "3000" when: allow_explorer_http == true diff --git a/roles/explorer-access/tasks/main.yml b/roles/explorer-access/tasks/main.yml index 58e78c2..0a565cc 100644 --- a/roles/explorer-access/tasks/main.yml +++ b/roles/explorer-access/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Setup ufw firewall - include: ufw.yml + import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") - name: Setup EC2 firewall - include: ec2.yml + import_tasks: ec2.yml when: ansible_bios_version | search("amazon") diff --git a/roles/explorer/tasks/main.yml b/roles/explorer/tasks/main.yml index f8b8d54..39b2876 100644 --- a/roles/explorer/tasks/main.yml +++ b/roles/explorer/tasks/main.yml @@ -26,17 +26,23 @@ with_items: - node.toml -- git: repo=https://github.com/{{ MAIN_REPO_FETCH }}/chain-explorer dest={{ home }}/chain-explorer +- name: Clone poanetworks/chain-explorer repo from GitHub + git: + repo: "https://github.com/{{ MAIN_REPO_FETCH }}/chain-explorer" + dest: "{{ home }}/chain-explorer" + version: "{{ explorer_version }}" - name: Install chain_explorer app.json template: src=app.json.j2 dest={{ home }}/chain-explorer/app.json owner={{ username }} group={{ username }} mode=0644 notify: - restart poa-chain-explorer -- file: path={{ home }}/chain-explorer owner={{ username }} group={{ username }} recurse=yes +- name: Set group and owner on the chain-explorer directory + file: path={{ home }}/chain-explorer owner={{ username }} group={{ username }} recurse=yes - name: install npm chain_explorer - shell: "cd /home/{{ username }}/chain-explorer; /usr/bin/npm install" + npm: + path: "/home/{{ username }}/chain-explorer" become: true become_user: "{{ username }}" notify: diff --git a/roles/explorer/vars/main.yml b/roles/explorer/vars/main.yml new file mode 100644 index 0000000..af7e34d --- /dev/null +++ b/roles/explorer/vars/main.yml @@ -0,0 +1 @@ +explorer_version: "acee07c" diff --git a/roles/moc-access/tasks/ec2.yml b/roles/moc-access/tasks/ec2.yml index 0e21cb0..916cfbc 100644 --- a/roles/moc-access/tasks/ec2.yml +++ b/roles/moc-access/tasks/ec2.yml @@ -40,7 +40,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "22" when: allow_moc_ssh == true @@ -63,6 +63,6 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "30303" when: allow_moc_p2p == true diff --git a/roles/moc-access/tasks/main.yml b/roles/moc-access/tasks/main.yml index 58e78c2..0a565cc 100644 --- a/roles/moc-access/tasks/main.yml +++ b/roles/moc-access/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Setup ufw firewall - include: ufw.yml + import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") - name: Setup EC2 firewall - include: ec2.yml + import_tasks: ec2.yml when: ansible_bios_version | search("amazon") diff --git a/roles/moc/tasks/main.yml b/roles/moc/tasks/main.yml index 1c342ef..d53ab24 100644 --- a/roles/moc/tasks/main.yml +++ b/roles/moc/tasks/main.yml @@ -30,23 +30,33 @@ template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600 - name: Config MOC_KEYFILE file - shell: "echo '{{ MOC_KEYFILE }}' > {{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}/{{ username }}.key" + copy: + content: "{{ MOC_KEYFILE }}" + dest: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}/{{ username }}.key" -- git: repo=https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc dest={{ home }}/poa-scripts-moc version={{ SCRIPTS_MOC_BRANCH }} +- name: Clone poanetworks/poa-scripts-moc repo from GitHub + git: + repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-moc" + dest: "{{ home }}/poa-scripts-moc" + version: "{{ SCRIPTS_MOC_BRANCH }}" -- file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes +- name: Change owner and group of poa-scripts-moc file + file: path={{ home }}/poa-scripts-moc owner={{ username }} group={{ username }} recurse=yes - name: install npm initial_keys_script - shell: "cd {{ home }}/poa-scripts-moc; /usr/bin/npm install" + npm: + path: "{{ home }}/poa-scripts-moc" become: true become_user: "{{ username }}" - name: install npm generateInitialKey - shell: "cd {{ home }}/poa-scripts-moc/generateInitialKey; /usr/bin/npm install" + npm: + path: "{{ home }}/poa-scripts-moc/generateInitialKey" become: true become_user: "{{ username }}" - name: install npm distributeTokens - shell: "cd {{ home }}/poa-scripts-moc/distributeTokens; /usr/bin/npm install" + npm: + path: "{{ home }}/poa-scripts-moc/distributeTokens" become: true become_user: "{{ username }}" diff --git a/roles/netstat-access/tasks/ec2.yml b/roles/netstat-access/tasks/ec2.yml index d653734..8772216 100644 --- a/roles/netstat-access/tasks/ec2.yml +++ b/roles/netstat-access/tasks/ec2.yml @@ -40,7 +40,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "22" when: allow_netstat_ssh == true @@ -75,6 +75,6 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "3000" when: allow_netstat_http == true diff --git a/roles/netstat-access/tasks/main.yml b/roles/netstat-access/tasks/main.yml index 58e78c2..0a565cc 100644 --- a/roles/netstat-access/tasks/main.yml +++ b/roles/netstat-access/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Setup ufw firewall - include: ufw.yml + import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") - name: Setup EC2 firewall - include: ec2.yml + import_tasks: ec2.yml when: ansible_bios_version | search("amazon") diff --git a/roles/netstat/tasks/main.yml b/roles/netstat/tasks/main.yml index a1a21f6..e985d47 100644 --- a/roles/netstat/tasks/main.yml +++ b/roles/netstat/tasks/main.yml @@ -7,27 +7,39 @@ owner: "{{ username }}" group: "{{ username }}" -- git: repo=https://github.com/{{ MAIN_REPO_FETCH }}/eth-netstats dest={{ home }}/eth-netstats +- name: Clone poanetworks/eth-netstats repo from GitHub + git: + repo: "https://github.com/{{ MAIN_REPO_FETCH }}/eth-netstats" + dest: "{{ home }}/eth-netstats" + version: "{{ netstat_version }}" -- file: path={{ home }}/eth-netstats owner={{ username }} group={{ username }} recurse=yes +- name: Set owner and group on eth-netstats files + file: path={{ home }}/eth-netstats owner={{ username }} group={{ username }} recurse=yes - name: install npm netstats - shell: "cd /home/{{ username }}/eth-netstats; /usr/bin/npm install" + npm: + path: "/home/{{ username }}/eth-netstats" become: true become_user: "{{ username }}" notify: - restart poa-dashboard - name: install npm grunt-cli - shell: "cd /home/{{ username }}/eth-netstats; /usr/bin/npm install -g grunt-cli" + npm: + name: grunt-cli + global: yes - name: run grunt process shell: "cd /home/{{ username }}/eth-netstats; grunt" become: true become_user: "{{ username }}" + args: + creates: "/home/{{ username }}/dist" - name: Config ws_secret.json file - shell: "echo '[\"{{ NETSTATS_SECRET }}\"]' > /home/{{ username }}/eth-netstats/ws_secret.json" + copy: + content: '["{{ NETSTATS_SECRET }}"]' + dest: "/home/{{ username }}/eth-netstats/ws_secret.json" notify: - restart poa-dashboard diff --git a/roles/netstat/vars/main.yml b/roles/netstat/vars/main.yml new file mode 100644 index 0000000..2fd30d8 --- /dev/null +++ b/roles/netstat/vars/main.yml @@ -0,0 +1 @@ +netstat_version: "cb431d6" diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 162c455..f8c4e61 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,9 +1,20 @@ --- - name: Install nginx - apt: name=nginx state=latest + apt: name=nginx state=present tags: nginx -- file: path=/etc/nginx/ssl state=directory mode=0755 +- name: Install Pip + apt: + name: "python3-pip" + state: present + +- name: Ensure python OpenSSL dependencies are installed. + pip: + name: pyOpenSSL + state: present + +- name: Create directory for nginx SSL certificates + file: path=/etc/nginx/ssl state=directory mode=0755 tags: nginx - name: Check certificate file @@ -11,11 +22,27 @@ path: /etc/nginx/ssl/server.crt register: cert_file_check +- name: Generate SSL private key + openssl_privatekey: + path: /etc/nginx/ssl/server.key + size: 4096 + when: not cert_file_check.stat.exists + +- name: Generate SSL certificate request + openssl_csr: + path: /etc/nginx/ssl/server.csr + privatekey_path: /etc/nginx/ssl/server.key + common_name: "{{ ansible_host }}" + when: not cert_file_check.stat.exists + - name: Generate self-signed SSL certificate - shell: openssl req -new -x509 -nodes -subj "/CN={{ ansible_host }}" -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.crt + openssl_certificate: + path: /etc/nginx/ssl/server.crt + provider: selfsigned + privatekey_path: /etc/nginx/ssl/server.key + csr_path: /etc/nginx/ssl/server.csr notify: - reload nginx - tags: nginx when: not cert_file_check.stat.exists - name: Install nginx.conf diff --git a/roles/poa-netstats/tasks/main.yml b/roles/poa-netstats/tasks/main.yml index fe6dee0..da4d1a4 100644 --- a/roles/poa-netstats/tasks/main.yml +++ b/roles/poa-netstats/tasks/main.yml @@ -15,17 +15,23 @@ owner: "{{ username }}" group: "{{ username }}" -- git: repo=https://github.com/{{ MAIN_REPO_FETCH }}/eth-net-intelligence-api dest={{ home }}/eth-net-intelligence-api +- name: Clone poanetworks/eth-net-intelligence-api repo from GitHub + git: + repo: "https://github.com/{{ MAIN_REPO_FETCH }}/eth-net-intelligence-api" + dest: "{{ home }}/eth-net-intelligence-api" + version: "{{ api_version }}" - name: Install netstats config template: src=app.json.j2 dest={{ home }}/eth-net-intelligence-api/app.json owner={{ username }} group={{ username }} mode=0644 notify: - restart poa-netstats -- file: path={{ home }}/eth-net-intelligence-api owner={{ username }} group={{ username }} recurse=yes +- name: Change owner and group of eth-net-intelligence-api files + file: path={{ home }}/eth-net-intelligence-api owner={{ username }} group={{ username }} recurse=yes - name: install npm netstats - shell: "cd /home/{{ username }}/eth-net-intelligence-api; /usr/bin/npm install" + npm: + path: "/home/{{ username }}/eth-net-intelligence-api" become: true become_user: "{{ username }}" notify: diff --git a/roles/poa-netstats/vars/main.yml b/roles/poa-netstats/vars/main.yml new file mode 100644 index 0000000..c1cff13 --- /dev/null +++ b/roles/poa-netstats/vars/main.yml @@ -0,0 +1 @@ +api_version: "9773b5b" diff --git a/roles/preconf/tasks/main.yml b/roles/preconf/tasks/main.yml index a093042..14d2b9a 100644 --- a/roles/preconf/tasks/main.yml +++ b/roles/preconf/tasks/main.yml @@ -3,18 +3,9 @@ authorized_key: user=root key={{ item }} state=present exclusive=yes with_items: "{{ ssh_root }}" -- include: ssh.yml -- include: packages.yml -- include: vars.yml -#- include: ntp.yml -- include: chrony.yml -- include: logrotate.yml -- include: swap.yml - -#- selinux: -# state: disabled - -#- lineinfile: dest=/etc/ssh/sshd_config regexp="^#Port" line="Port 27091" state=present backrefs=yes - -#- name: Set timezone to UTC -# command: timedatectl set-timezone UTC +- import_tasks: ssh.yml +- import_tasks: packages.yml +- import_tasks: vars.yml +- import_tasks: chrony.yml +- import_tasks: logrotate.yml +- import_tasks: swap.yml diff --git a/roles/preconf/tasks/packages.yml b/roles/preconf/tasks/packages.yml index 5ed039c..f1c94eb 100644 --- a/roles/preconf/tasks/packages.yml +++ b/roles/preconf/tasks/packages.yml @@ -1,9 +1,6 @@ --- -- name: Update system - apt: upgrade=dist state=latest update_cache=yes - - name: Install packages - apt: name={{ item }} state=latest + apt: name={{ item }} state=present update_cache=yes with_items: - bc - haveged diff --git a/roles/preconf/tasks/swap.yml b/roles/preconf/tasks/swap.yml index a62bcd7..2fe7f46 100644 --- a/roles/preconf/tasks/swap.yml +++ b/roles/preconf/tasks/swap.yml @@ -6,10 +6,14 @@ - name: create file for swap shell: /usr/bin/fallocate -l 1G /swapfile when: not swap_file_check.stat.exists + tags: + - skip_ansible_lint - name: format swap file shell: /sbin/mkswap /swapfile when: not swap_file_check.stat.exists + tags: + - skip_ansible_lint - name: set permission to swap file file: path=/swapfile owner=root group=root mode=0600 @@ -17,6 +21,8 @@ - name: add swap file to system shell: /sbin/swapon /swapfile when: not swap_file_check.stat.exists + tags: + - skip_ansible_lint - name: write changes to fstab mount: name=none src=/swapfile fstype=swap opts=sw passno=0 dump=0 state=present diff --git a/roles/preconf/tasks/vars.yml b/roles/preconf/tasks/vars.yml index a11160d..10e6fdb 100644 --- a/roles/preconf/tasks/vars.yml +++ b/roles/preconf/tasks/vars.yml @@ -1,7 +1,15 @@ --- -- sysctl: name=vm.swappiness value=10 state=present -- sysctl: name=vm.vfs_cache_pressure value=50 state=present -- sysctl: name=net.core.somaxconn value=1000 state=present +- name: Set vm.swappiness system parameter + sysctl: name=vm.swappiness value=10 state=present -- lineinfile: dest=/etc/security/limits.conf line="* soft nofile 100000" state=present -- lineinfile: dest=/etc/security/limits.conf line="* hard nofile 100000" state=present +- name: Set vm.vfs_cache_pressure system parameter + sysctl: name=vm.vfs_cache_pressure value=50 state=present + +- name: Set net.core.somaxconn system parameter + sysctl: name=net.core.somaxconn value=1000 state=present + +- name: Set nofile soft limit + lineinfile: dest=/etc/security/limits.conf line="* soft nofile 100000" state=present + +- name: Set nofile hard limit + lineinfile: dest=/etc/security/limits.conf line="* hard nofile 100000" state=present diff --git a/roles/usermanager/tasks/main.yml b/roles/usermanager/tasks/main.yml index 1153193..e0d0ced 100644 --- a/roles/usermanager/tasks/main.yml +++ b/roles/usermanager/tasks/main.yml @@ -1,8 +1,9 @@ --- -- user: name={{ item.name }} groups={{ item.addgroups | default('') }} shell=/bin/bash append=yes +- name: Create users + user: name={{ item.name }} groups={{ item.addgroups | default('') }} shell=/bin/bash append=yes with_items: "{{ users }}" -- include: nested_authorized_key.yml +- include_tasks: nested_authorized_key.yml with_items: "{{ users }}" loop_control: loop_var: outer_item diff --git a/roles/validator-access/tasks/ec2.yml b/roles/validator-access/tasks/ec2.yml index 964b567..810f95b 100644 --- a/roles/validator-access/tasks/ec2.yml +++ b/roles/validator-access/tasks/ec2.yml @@ -40,7 +40,7 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "22" when: allow_validator_ssh == true @@ -63,6 +63,6 @@ from_port: "{{ item }}" to_port: "{{ item }}" cidr_ip: 0.0.0.0/0 - with_items: + with_items: - "30303" when: allow_validator_p2p == true diff --git a/roles/validator-access/tasks/main.yml b/roles/validator-access/tasks/main.yml index 58e78c2..0a565cc 100644 --- a/roles/validator-access/tasks/main.yml +++ b/roles/validator-access/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Setup ufw firewall - include: ufw.yml + import_tasks: ufw.yml when: not ansible_bios_version | search("amazon") - name: Setup EC2 firewall - include: ec2.yml + import_tasks: ec2.yml when: ansible_bios_version | search("amazon") diff --git a/roles/validator/tasks/main.yml b/roles/validator/tasks/main.yml index e68d263..8ca23ba 100644 --- a/roles/validator/tasks/main.yml +++ b/roles/validator/tasks/main.yml @@ -30,16 +30,30 @@ template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600 - name: Config MINING_KEYFILE file - shell: "echo '{{ MINING_KEYFILE }}' > {{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}/validator.key.{{ MINING_ADDRESS }}" + copy: + content: "{{ MINING_KEYFILE }}" + dest: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}/validator.key.{{ MINING_ADDRESS }}" -- git: repo=https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-validator dest={{ home }}/poa-scripts-validator version={{ SCRIPTS_VALIDATOR_BRANCH }} +- name: Clone poanetworks/poa-scripts-validator repo from GitHub + git: + repo: "https://github.com/{{ MAIN_REPO_FETCH }}/poa-scripts-validator" + dest: "{{ home }}/poa-scripts-validator" + version: "{{ SCRIPTS_VALIDATOR_BRANCH }}" -- file: src="{{ home }}/node.toml" dest="{{ home }}/poa-scripts-validator/node.toml" owner="{{ username }}" group="{{ username }}" state=link +- name: Link node.toml file + file: + src: "{{ home }}/node.toml" + dest: "{{ home }}/poa-scripts-validator/node.toml" + owner: "{{ username }}" + group: "{{ username }}" + state: link -- file: path={{ home }}/poa-scripts-validator owner={{ username }} group={{ username }} recurse=yes +- name: Set up owner and group on poa-scripts-validator files + file: path={{ home }}/poa-scripts-validator owner={{ username }} group={{ username }} recurse=yes - name: install npm transferRewardToPayoutKey - shell: "cd {{ home }}/poa-scripts-validator/transferRewardToPayoutKey; /usr/bin/npm install" + npm: + path: "{{ home }}/poa-scripts-validator/transferRewardToPayoutKey" become: true become_user: "{{ username }}" notify: diff --git a/site.yml b/site.yml index 9a0a8c6..9ac8bca 100644 --- a/site.yml +++ b/site.yml @@ -8,6 +8,7 @@ tags: preconf - hosts: bootnode + become: True vars: nginx_headers: "on" PROXY_PORT: "8545" @@ -33,6 +34,7 @@ - bootnode - hosts: validator + become: True vars: username: "validator" users: @@ -51,6 +53,7 @@ - validator - hosts: netstat + become: True vars: nginx_headers: "off" PROXY_PORT: "3000" @@ -70,6 +73,7 @@ - netstat - hosts: explorer + become: True vars: nginx_headers: "off" PROXY_PORT: "3000" @@ -91,6 +95,7 @@ - explorer - hosts: moc + become: True vars: username: "moc" users: