This commit is contained in:
parent
51a270a868
commit
7988410a8d
|
@ -19,6 +19,7 @@ Vagrant.configure("2") do |config|
|
|||
node.vm.hostname = machine
|
||||
|
||||
node.vm.provision :ansible do |ansible|
|
||||
ansible.compatibility_mode = "2.0"
|
||||
ansible.playbook = "site.yml"
|
||||
ansible.groups = {
|
||||
"validator" => ["validator"],
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
# config file for ansible -- http://ansible.com/
|
||||
[defaults]
|
||||
|
||||
remote_tmp = $HOME/.ansible/tmp
|
||||
forks = 20
|
||||
gathering = implicit
|
||||
# SSH timeout
|
||||
timeout = 10
|
||||
host_key_checking = False
|
||||
|
||||
remote_user = root
|
||||
ansible_managed = This file is managed by ansible
|
||||
|
||||
[ssh_connection]
|
||||
pipelining = True
|
||||
scp_if_ssh = True
|
|
@ -0,0 +1,111 @@
|
|||
---
|
||||
- name: Create bootnode security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ bootnode_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: bootnode
|
||||
|
||||
|
||||
- name: Create bootnode
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ bootnode_instance_name }}"
|
||||
group: "{{ bootnode_security_group }}"
|
||||
instance_type: "{{ bootnode_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ bootnode_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: bootnode
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: Create bootnode elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for bootnode
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: bootnode
|
||||
become: True
|
||||
roles:
|
||||
- bootnode-access
|
|
@ -0,0 +1,92 @@
|
|||
---
|
||||
- name: Create explorer security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ explorer_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: explorer
|
||||
|
||||
|
||||
- name: Create explorer
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ explorer_instance_name }}"
|
||||
group: "{{ explorer_security_group }}"
|
||||
instance_type: "{{ explorer_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ explorer_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: explorer
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: explorer
|
||||
become: True
|
||||
roles:
|
||||
- explorer-access
|
|
@ -0,0 +1,11 @@
|
|||
bootnode_instance_type: "t2.large"
|
||||
bootnode_instance_name: "bootnode"
|
||||
bootnode_count_instances: "1"
|
||||
|
||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
||||
|
||||
associate_bootnode_elastic_ip: false
|
||||
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: false
|
|
@ -0,0 +1,9 @@
|
|||
explorer_instance_type: "t2.large"
|
||||
explorer_instance_name: "explorer"
|
||||
explorer_count_instances: "1"
|
||||
|
||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
|
@ -0,0 +1,5 @@
|
|||
moc_instance_type: "t2.large"
|
||||
moc_instance_name: "moc"
|
||||
moc_count_instances: "1"
|
||||
|
||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
|
@ -0,0 +1,5 @@
|
|||
netstat_instance_type: "t2.large"
|
||||
netstat_instance_name: "netstat"
|
||||
netstat_count_instances: "1"
|
||||
|
||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
|
@ -0,0 +1,6 @@
|
|||
validator_instance_type: "t2.large"
|
||||
validator_instance_name: "validator"
|
||||
validator_count_instances: "1"
|
||||
|
||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||
associate_validator_elastic_ip: false
|
|
@ -0,0 +1,26 @@
|
|||
# This is the default ansible 'hosts' file.
|
||||
#
|
||||
# It should live in /etc/ansible/hosts
|
||||
#
|
||||
# - Comments begin with the '#' character
|
||||
# - Blank lines are ignored
|
||||
# - Groups of hosts are delimited by [header] elements
|
||||
# - You can enter hostnames or ip addresses
|
||||
# - A hostname/ip can be a member of multiple groups
|
||||
|
||||
[bootnode]
|
||||
|
||||
[moc]
|
||||
|
||||
[netstat]
|
||||
|
||||
[validator]
|
||||
|
||||
[explorer]
|
||||
|
||||
[poa:children]
|
||||
bootnode
|
||||
moc
|
||||
netstat
|
||||
validator
|
||||
explorer
|
|
@ -0,0 +1,92 @@
|
|||
---
|
||||
- name: Create moc security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ moc_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: moc
|
||||
|
||||
|
||||
- name: Create moc
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ moc_instance_name }}"
|
||||
group: "{{ moc_security_group }}"
|
||||
instance_type: "{{ moc_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ moc_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: moc
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: moc
|
||||
become: True
|
||||
roles:
|
||||
- moc-access
|
|
@ -0,0 +1,92 @@
|
|||
---
|
||||
- name: Create netstat security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ netstat_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: netstat
|
||||
|
||||
|
||||
- name: Create netstat
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ netstat_instance_name }}"
|
||||
group: "{{ netstat_security_group }}"
|
||||
instance_type: "{{ netstat_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ netstat_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: netstat
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: netstat
|
||||
become: True
|
||||
roles:
|
||||
- netstat-access
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,19 @@
|
|||
- name: Bootnode deployment
|
||||
import_playbook: bootnode.yml
|
||||
tags: bootnode
|
||||
|
||||
- name: Explorer deployment
|
||||
import_playbook: explorer.yml
|
||||
tags: explorer
|
||||
|
||||
- name: Moc deployment
|
||||
import_playbook: moc.yml
|
||||
tags: moc
|
||||
|
||||
- name: Netstat deployment
|
||||
import_playbook: netstat.yml
|
||||
tags: netstat
|
||||
|
||||
- name: Validator deployment
|
||||
import_playbook: validator.yml
|
||||
tags: validator
|
|
@ -0,0 +1,111 @@
|
|||
---
|
||||
- name: Create validator security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ validator_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: validator
|
||||
|
||||
|
||||
- name: Create validator
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ validator_instance_name }}"
|
||||
group: "{{ validator_security_group }}"
|
||||
instance_type: "{{ validator_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ validator_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: validator
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: Create validator elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for validator
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_validator_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_validator_elastic_ip == true
|
||||
|
||||
- name: EC2 access setup
|
||||
hosts: validator
|
||||
become: True
|
||||
roles:
|
||||
- validator-access
|
105
bootnode.yml
105
bootnode.yml
|
@ -1,105 +1,4 @@
|
|||
---
|
||||
- name: Create bootnode security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ bootnode_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: bootnode
|
||||
|
||||
|
||||
- name: Create bootnode
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ bootnode_instance_name }}"
|
||||
group: "{{ bootnode_security_group }}"
|
||||
instance_type: "{{ bootnode_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ bootnode_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: bootnode
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: bootnode
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: Create bootnode elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for bootnode
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_bootnode_elastic_ip == true
|
||||
- bootnode
|
||||
|
|
86
explorer.yml
86
explorer.yml
|
@ -1,86 +1,4 @@
|
|||
---
|
||||
- name: Create explorer security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ explorer_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: explorer
|
||||
|
||||
|
||||
- name: Create explorer
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ explorer_instance_name }}"
|
||||
group: "{{ explorer_security_group }}"
|
||||
instance_type: "{{ explorer_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ explorer_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: explorer
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: explorer
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
- explorer
|
|
@ -45,58 +45,4 @@ NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
|||
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
|
||||
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
|
||||
ORCHESTRATOR_BIN_LOC: ""
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
||||
|
||||
#bootnode
|
||||
bootnode_instance_type: "t2.large"
|
||||
bootnode_instance_name: "bootnode"
|
||||
bootnode_count_instances: "1"
|
||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
#netstat
|
||||
netstat_instance_type: "t2.large"
|
||||
netstat_instance_name: "netstat"
|
||||
netstat_count_instances: "1"
|
||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
||||
|
||||
#validator
|
||||
validator_instance_type: "t2.large"
|
||||
validator_instance_name: "validator"
|
||||
validator_count_instances: "1"
|
||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||
validator_archive: "off"
|
||||
|
||||
#moc
|
||||
moc_instance_type: "t2.large"
|
||||
moc_instance_name: "moc"
|
||||
moc_count_instances: "1"
|
||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
||||
moc_archive: "off"
|
||||
|
||||
#explorer
|
||||
explorer_instance_type: "t2.large"
|
||||
explorer_instance_name: "explorer"
|
||||
explorer_count_instances: "1"
|
||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||
|
||||
#restrict network access to instances
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: true
|
||||
associate_bootnode_elastic_ip: false
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
|
||||
allow_validator_ssh: true
|
||||
allow_validator_p2p: true
|
||||
associate_validator_elastic_ip: false
|
||||
ORCHESTRATOR_BIN_SHA256: ""
|
|
@ -23,58 +23,3 @@ GENESIS_NETWORK_NAME: "PoA"
|
|||
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
||||
BLK_GAS_LIMIT: "6700000"
|
||||
|
||||
#bootnode
|
||||
bootnode_instance_type: "t2.large"
|
||||
bootnode_instance_name: "bootnode"
|
||||
bootnode_count_instances: "1"
|
||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
|
||||
#netstat
|
||||
netstat_instance_type: "t2.large"
|
||||
netstat_instance_name: "netstat"
|
||||
netstat_count_instances: "1"
|
||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
||||
|
||||
#validator
|
||||
validator_instance_type: "t2.large"
|
||||
validator_instance_name: "validator"
|
||||
validator_count_instances: "1"
|
||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||
validator_archive: "off"
|
||||
|
||||
#moc
|
||||
moc_instance_type: "t2.large"
|
||||
moc_instance_name: "moc"
|
||||
moc_count_instances: "1"
|
||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
||||
moc_archive: "off"
|
||||
|
||||
#explorer
|
||||
explorer_instance_type: "t2.large"
|
||||
explorer_instance_name: "explorer"
|
||||
explorer_count_instances: "1"
|
||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||
|
||||
#restrict network access to instances
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: true
|
||||
associate_bootnode_elastic_ip: false
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
|
||||
allow_validator_ssh: true
|
||||
allow_validator_p2p: true
|
||||
associate_validator_elastic_ip: false
|
||||
|
||||
################################################################
|
||||
|
|
|
@ -9,3 +9,13 @@ NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
|||
|
||||
NETSTATS_SERVER: "INSERT FULL URL"
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
||||
|
||||
username: "bootnode"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
nginx_headers: "on"
|
||||
PROXY_PORT: "8545"
|
||||
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
|
@ -3,3 +3,12 @@ secret_key: "INSERT SECRET HERE"
|
|||
awskeypair_name: "keypairname"
|
||||
|
||||
vpc_subnet_id: "subnet-ID-number"
|
||||
|
||||
username: "explorer"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
explorerS_SERVER: "localhost"
|
|
@ -12,3 +12,10 @@ NETSTATS_SECRET: "INSERT SECRET"
|
|||
|
||||
MOC_KEYPASS: "INSERT HERE"
|
||||
MOC_KEYFILE: 'INSERT HERE'
|
||||
|
||||
username: "moc"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
moc_archive: "off"
|
|
@ -8,3 +8,12 @@ NODE_FULLNAME: "INSERT NODENAME"
|
|||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||
|
||||
NETSTATS_SECRET: "INSERT SECRET"
|
||||
|
||||
username: "netstat"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
NETSTATS_SERVER: "http://localhost:3000"
|
|
@ -13,3 +13,10 @@ NETSTATS_SECRET: "INSERT SECRET"
|
|||
MINING_KEYFILE: 'INSERT HERE'
|
||||
MINING_ADDRESS: "INSERT HERE"
|
||||
MINING_KEYPASS: "INSERT HERE"
|
||||
|
||||
username: "validator"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
validator_archive: "off"
|
|
@ -23,4 +23,4 @@ bootnode
|
|||
moc
|
||||
netstat
|
||||
validator
|
||||
explorer
|
||||
explorer
|
86
moc.yml
86
moc.yml
|
@ -1,86 +1,4 @@
|
|||
---
|
||||
- name: Create moc security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ moc_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: moc
|
||||
|
||||
|
||||
- name: Create moc
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ moc_instance_name }}"
|
||||
group: "{{ moc_security_group }}"
|
||||
instance_type: "{{ moc_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ moc_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: moc
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: moc
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
- moc
|
86
netstat.yml
86
netstat.yml
|
@ -1,86 +1,4 @@
|
|||
---
|
||||
- name: Create netstat security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ netstat_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: netstat
|
||||
|
||||
|
||||
- name: Create netstat
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ netstat_instance_name }}"
|
||||
group: "{{ netstat_security_group }}"
|
||||
instance_type: "{{ netstat_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ netstat_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: netstat
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: netstat
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
- netstat
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,14 +1,5 @@
|
|||
---
|
||||
username: "bootnode"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
nginx_headers: "on"
|
||||
PROXY_PORT: "8545"
|
||||
|
||||
allow_bootnode_ssh: true
|
||||
allow_bootnode_p2p: true
|
||||
allow_bootnode_rpc: false
|
||||
|
||||
bootnode_archive: "off"
|
||||
bootnode_orchestrator: "off"
|
||||
allow_bootnode_rpc: false
|
|
@ -0,0 +1,11 @@
|
|||
dependencies:
|
||||
- { role: preconf }
|
||||
- { role: usermanager }
|
||||
# - { role: logentries }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: poa-netstats }
|
||||
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
|
||||
- { role: nginx }
|
|
@ -1,29 +1,12 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
with_items:
|
||||
- node.toml
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
#- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,12 +1,5 @@
|
|||
username: "explorer"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
-----
|
||||
|
||||
allow_explorer_ssh: true
|
||||
allow_explorer_p2p: true
|
||||
allow_explorer_http: true
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
explorerS_SERVER: "localhost"
|
||||
allow_explorer_http: true
|
|
@ -1,3 +1,6 @@
|
|||
---
|
||||
- name: restart poa-chain-explorer
|
||||
service: name=poa-chain-explorer state=restarted
|
||||
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -0,0 +1,8 @@
|
|||
dependencies:
|
||||
- { role: preconf }
|
||||
- { role: usermanager }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: nginx }
|
|
@ -1,25 +1,4 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
|
@ -60,3 +39,7 @@
|
|||
|
||||
- name: Ensure poa-chain-explorer is running and enabled to start at boot
|
||||
service: name=poa-chain-explorer state=started enabled=yes
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
explorer_version: "acee07c"
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,8 +1,4 @@
|
|||
---
|
||||
username: "moc"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
allow_moc_ssh: true
|
||||
allow_moc_p2p: true
|
||||
allow_moc_p2p: true
|
|
@ -0,0 +1,8 @@
|
|||
dependencies:
|
||||
- { role: preconf }
|
||||
- { role: usermanager }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: poa-netstats }
|
|
@ -1,25 +1,4 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
|
@ -60,3 +39,7 @@
|
|||
path: "{{ home }}/poa-scripts-moc/distributeTokens"
|
||||
become: true
|
||||
become_user: "{{ username }}"
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -1,12 +1,4 @@
|
|||
---
|
||||
username: "netstat"
|
||||
users:
|
||||
- name: "{{ username }}"
|
||||
home: "/home/{{ username }}"
|
||||
|
||||
allow_netstat_ssh: true
|
||||
allow_netstat_http: true
|
||||
|
||||
nginx_headers: "off"
|
||||
PROXY_PORT: "3000"
|
||||
NETSTATS_SERVER: "http://localhost:3000"
|
||||
|
|
|
@ -1,3 +1,6 @@
|
|||
---
|
||||
- name: restart poa-dashboard
|
||||
service: name=poa-dashboard state=restarted
|
||||
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -0,0 +1,6 @@
|
|||
dependencies:
|
||||
- { role: preconf }
|
||||
- { role: usermanager }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: nginx }
|
|
@ -1,11 +1,4 @@
|
|||
---
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Clone poanetworks/eth-netstats repo from GitHub
|
||||
git:
|
||||
|
@ -50,3 +43,7 @@
|
|||
|
||||
- name: Ensure poa-dashboard is running and enabled to start at boot
|
||||
service: name=poa-dashboard state=started enabled=yes
|
||||
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
|
@ -1 +0,0 @@
|
|||
netstat_version: "cb431d6"
|
|
@ -0,0 +1,7 @@
|
|||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
|
@ -0,0 +1,7 @@
|
|||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
|
@ -9,3 +9,8 @@
|
|||
- import_tasks: chrony.yml
|
||||
- import_tasks: logrotate.yml
|
||||
- import_tasks: swap.yml
|
||||
- import_tasks: logs.yml
|
||||
- import_tasks: keys.yml
|
||||
when: ‘netstat’ not in ansible_hostname
|
||||
- import_tasks: spec.yml
|
||||
when: ‘netstat’ not in ansible_hostname
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
- name: Setup ufw firewall
|
||||
import_tasks: ufw.yml
|
||||
when: not ansible_bios_version | search("amazon")
|
||||
|
||||
- name: Setup EC2 firewall
|
||||
import_tasks: ec2.yml
|
||||
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
|
||||
allow_validator_ssh: true
|
||||
allow_validator_p2p: true
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
- name: restart ufw
|
||||
service: name=ufw state=restarted
|
|
@ -0,0 +1,8 @@
|
|||
dependencies:
|
||||
- { role: preconf }
|
||||
- { role: usermanager }
|
||||
- { role: nodejs }
|
||||
- { role: poa-logrotate }
|
||||
- { role: poa-parity }
|
||||
- { role: poa-pm2 }
|
||||
- { role: poa-netstats }
|
|
@ -1,25 +1,4 @@
|
|||
---
|
||||
- name: Create directory parity_data/keys/NetworkName
|
||||
file:
|
||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Create logs directories
|
||||
file:
|
||||
path: "/{{ home }}/logs/old"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ username }}"
|
||||
group: "{{ username }}"
|
||||
|
||||
- name: Download spec.json
|
||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||
with_items:
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
||||
|
||||
- name: Create node.toml
|
||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||
|
|
103
site.yml
103
site.yml
|
@ -1,84 +1,19 @@
|
|||
---
|
||||
- hosts: all
|
||||
user: ubuntu
|
||||
become: True
|
||||
# user: root
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
|
||||
- hosts: bootnode
|
||||
become: True
|
||||
roles:
|
||||
- usermanager
|
||||
# - logentries
|
||||
- nodejs
|
||||
- bootnode
|
||||
- poa-logrotate
|
||||
- poa-parity
|
||||
- poa-pm2
|
||||
- poa-netstats
|
||||
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
|
||||
- nginx
|
||||
- bootnode-access
|
||||
tags:
|
||||
- bootnode
|
||||
|
||||
- hosts: validator
|
||||
become: True
|
||||
vars:
|
||||
username: "validator"
|
||||
users:
|
||||
- name: "validator"
|
||||
home: "/home/validator"
|
||||
roles:
|
||||
- usermanager
|
||||
- nodejs
|
||||
- poa-logrotate
|
||||
- poa-parity
|
||||
- poa-pm2
|
||||
- poa-netstats
|
||||
- validator
|
||||
- validator-access
|
||||
tags:
|
||||
- validator
|
||||
|
||||
- hosts: netstat
|
||||
become: True
|
||||
roles:
|
||||
- usermanager
|
||||
- nodejs
|
||||
- poa-logrotate
|
||||
- netstat
|
||||
- nginx
|
||||
- netstat-access
|
||||
tags:
|
||||
- netstat
|
||||
|
||||
- hosts: explorer
|
||||
become: True
|
||||
roles:
|
||||
- usermanager
|
||||
- nodejs
|
||||
- poa-logrotate
|
||||
- poa-parity
|
||||
- poa-pm2
|
||||
- explorer
|
||||
- nginx
|
||||
- explorer-access
|
||||
tags:
|
||||
- explorer
|
||||
|
||||
- hosts: moc
|
||||
become: True
|
||||
roles:
|
||||
- usermanager
|
||||
- nodejs
|
||||
- poa-logrotate
|
||||
- poa-parity
|
||||
- poa-pm2
|
||||
- poa-netstats
|
||||
- moc
|
||||
- moc-access
|
||||
tags:
|
||||
- moc
|
||||
- name: Bootnode deployment
|
||||
import_playbook: bootnode.yml
|
||||
tags: bootnode
|
||||
|
||||
- name: Explorer deployment
|
||||
import_playbook: explorer.yml
|
||||
tags: explorer
|
||||
|
||||
- name: Moc deployment
|
||||
import_playbook: moc.yml
|
||||
tags: moc
|
||||
|
||||
- name: Netstat deployment
|
||||
import_playbook: netstat.yml
|
||||
tags: netstat
|
||||
|
||||
- name: Validator deployment
|
||||
import_playbook: validator.yml
|
||||
tags: validator
|
||||
|
|
105
validator.yml
105
validator.yml
|
@ -1,105 +1,4 @@
|
|||
---
|
||||
- name: Create validator security group
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Create Security group
|
||||
ec2_group:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
name: "{{ validator_security_group }}"
|
||||
description: "Default security group"
|
||||
region: "{{ region }}"
|
||||
purge_rules_egress: false
|
||||
purge_rules: false
|
||||
rules:
|
||||
- proto: tcp
|
||||
from_port: 22
|
||||
to_port: 22
|
||||
cidr_ip: 0.0.0.0/0
|
||||
rules_egress:
|
||||
- proto: all
|
||||
from_port: all
|
||||
to_port: all
|
||||
cidr_ip: 0.0.0.0/0
|
||||
tags: validator
|
||||
|
||||
|
||||
- name: Create validator
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
vars:
|
||||
volumes:
|
||||
- device_name: /dev/sda1
|
||||
volume_size: 128
|
||||
delete_on_termination: true
|
||||
tasks:
|
||||
- name: Launch instance
|
||||
ec2:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
key_name: "{{ awskeypair_name }}"
|
||||
instance_tags:
|
||||
Name: "{{ validator_instance_name }}"
|
||||
group: "{{ validator_security_group }}"
|
||||
instance_type: "{{ validator_instance_type }}"
|
||||
image: "{{ image }}"
|
||||
count: "{{ validator_count_instances }}"
|
||||
wait: yes
|
||||
region: "{{ region }}"
|
||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||
volumes: "{{ volumes }}"
|
||||
assign_public_ip: yes
|
||||
register: ec2
|
||||
- name: Add new instance to host group
|
||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||
with_items: "{{ ec2.instances }}"
|
||||
- name: Wait for SSH to come up
|
||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||
with_items: "{{ ec2.instances }}"
|
||||
tags: validator
|
||||
|
||||
- name: Installing python
|
||||
hosts: all
|
||||
hosts: launched
|
||||
gather_facts: False
|
||||
user: ubuntu
|
||||
- hosts: validator
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
tasks:
|
||||
- name: Install python
|
||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||
|
||||
- name: Configure instance(s)
|
||||
hosts: launched
|
||||
user: ubuntu
|
||||
become: True
|
||||
vars:
|
||||
ansible_ssh_port: 22
|
||||
gather_facts: True
|
||||
roles:
|
||||
- preconf
|
||||
tags: preconf
|
||||
tasks:
|
||||
- name: restart machine after setup
|
||||
shell: shutdown -r 1
|
||||
|
||||
- name: Create validator elastic ip
|
||||
hosts: localhost
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: associate elastic ip for validator
|
||||
ec2_eip:
|
||||
ec2_access_key: "{{ access_key }}"
|
||||
ec2_secret_key: "{{ secret_key }}"
|
||||
region: "{{ region }}"
|
||||
reuse_existing_ip_allowed: yes
|
||||
state: present
|
||||
in_vpc: yes
|
||||
device_id: "{{ ec2.instance_ids[0] }}"
|
||||
register: instance_elastic_ip
|
||||
when: associate_validator_elastic_ip == true
|
||||
|
||||
- debug: var=instance_elastic_ip.public_ip
|
||||
when: associate_validator_elastic_ip == true
|
||||
- validator
|
Loading…
Reference in New Issue