Add owner role.

group_vars/all.example

@@ -30,11 +30,14 @@ MINING_KEYFILE: "_INSERT_"
 MINING_ADDRESS: "_INSERT_"
 MINING_KEYPASS: "_INSERT_"
 
+
 SCRIPTS_BRANCH: "sokol"
 DAPPS_BRANCH: "master"
 IKEYS_BRANCH: "master"
 
 OWNER_ADDRESS: "_INSERT_"
+OWNER_KEYPASS: "_INSERT_"
+OWNER_KEYFILE: "_INSERT_"
 
 TX_GAS_LIMIT: "6700000"
 

owner.yml

@@ -0,0 +1,98 @@
+---
+- name: Create owner security group
+  hosts: localhost
+  gather_facts: False
+  tasks: 
+  - name: Create Security group
+    ec2_group:
+      ec2_access_key: "{{ access_key }}"
+      ec2_secret_key: "{{ secret_key }}"
+      name: owner-security
+      description: "Default security group"
+      region: "{{ region }}"
+#      purge_rules_egress: true
+#      purge_rules: true
+      rules:
+        - proto: tcp
+          from_port: 22
+          to_port: 22
+          cidr_ip: 0.0.0.0/0
+        - proto: tcp
+          from_port: 8545
+          to_port: 8545
+          cidr_ip: 0.0.0.0/0
+        - proto: tcp
+          from_port: 30303
+          to_port: 30303
+          cidr_ip: 0.0.0.0/0
+        - proto: udp
+          from_port: 30303
+          to_port: 30303
+          cidr_ip: 0.0.0.0/0
+      rules_egress:
+        - proto: all
+          from_port: all
+          to_port: all
+          cidr_ip: 0.0.0.0/0
+  tags: owner
+
+
+- name: Create owner
+  hosts: localhost
+  gather_facts: False
+  vars:
+    volumes:
+      - device_name: /dev/sda1
+        volume_size: 128
+        delete_on_termination: true
+  tasks:
+    - name: Launch instance
+      ec2:
+        ec2_access_key: "{{ access_key }}"
+        ec2_secret_key: "{{ secret_key }}"
+        key_name: "{{ awskeypair_name }}"
+        instance_tags: 
+          Name: "{{ owner_instance_name }}"
+        group: "{{ owner_security_group }}"
+        instance_type: "{{ owner_instance_type }}"
+        image: "{{ image }}"
+        count: "{{ owner_count_instances }}"
+        wait: yes
+        region: "{{ region }}"
+        vpc_subnet_id: "{{ vpc_subnet_id }}"
+        volumes: "{{ volumes }}"
+        assign_public_ip: yes
+      register:   ec2
+    - name: Add new instance to host group
+      add_host: hostname={{ item.public_ip }} groupname=launched
+      with_items: "{{ ec2.instances }}"
+    - name: Wait for SSH to come up
+      wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
+      with_items: "{{ ec2.instances }}"
+  tags: owner
+
+- name: Installing python
+  hosts: all
+  hosts: launched
+  gather_facts: False
+  user: ubuntu
+  become: True
+  vars:
+     ansible_ssh_port: 22
+  tasks:
+    - name: Install python
+      raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
+
+- name: Configure instance(s)
+  hosts: launched
+  user: ubuntu
+  become: True
+  vars:
+     ansible_ssh_port: 22
+  gather_facts: True
+  roles:
+    - preconf
+  tags: preconf
+  tasks:
+    - name: restart machine after setup
+      shell: shutdown -r 1

roles/owner/tasks/main.yml

@@ -0,0 +1,109 @@
+---
+- name: Create directory parity_data/keys/OraclesPoA
+  file:
+    path: "{{ home }}/parity_data/keys/OraclesPoA"
+    state: directory
+    mode: 0700
+    owner: "{{ username }}"
+    group: "{{ username }}"
+
+- name: Create logs directories
+  file:
+    path: "/{{ home }}/logs/old"
+    state: directory
+    mode: 0755
+    owner: "{{ username }}"
+    group: "{{ username }}"
+
+- name: Download spec.json
+  get_url: url={{ item }} dest={{ home }}/ mode=0644
+  with_items:
+    - "https://raw.githubusercontent.com/oraclesorg/oracles-scripts/sokol/spec.json"
+    - "https://raw.githubusercontent.com/oraclesorg/deployment-azure/dev-mainnet/nodes/bootnodes.txt"
+    - "https://raw.githubusercontent.com/oraclesorg/deployment-azure/dev-mainnet/nodes/owner/node.toml"
+
+- name: Change nat in node.toml
+  lineinfile: 
+    path: "{{ home }}/node.toml"
+    insertafter: '^\[network\]'
+    line: nat="extip:{{ ansible_host }}"
+    state: present
+
+- name: Change reserved_peers in node.toml
+  lineinfile: 
+    path: "{{ home }}/node.toml"
+    insertafter: '^\[network\]'
+    line: reserved_peers="{{ home }}/bootnodes.txt"
+    state: present
+
+- name: Add log file in node.toml
+  blockinfile: 
+    path: "{{ home }}/node.toml"
+    block: |
+      [misc]
+      log_file = "{{ home }}/logs/parity.log"
+      [account]
+      password = ["{{ NODE_PWD }}"]
+      unlock = ["{{ OWNER_ADDRESS }}"]
+      [mining]
+      force_sealing = true
+      engine_signer = "{{ OWNER_ADDRESS }}"
+      tx_gas_limit = "{{ TX_GAS_LIMIT }}"
+      reseal_on_txs = "none"
+
+- name: Install {{ NODE_PWD }} file
+  template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600
+
+- name: Config OWNER_KEYFILE file
+  shell: "echo '{{ OWNER_KEYFILE }}' > {{ home }}/parity_data/keys/OraclesPoA/{{ username }}.key"
+
+- name: Download parity-nouncles
+  get_url: url="{{ parity_nouncles }}" dest={{ home }}/parity-nouncles mode=0755
+
+- name: Install oracles-parity service
+  template: src=oracles-parity.j2 dest=/etc/systemd/system/oracles-parity.service owner=root group=root mode=0755
+
+- name: Ensure oracles-parity is running and enabled to start at boot
+  service: name=oracles-parity state=started enabled=yes
+
+- name: Install oracles-pm2 service
+  template: src=oracles-pm2.j2 dest=/etc/systemd/system/oracles-pm2.service owner=root group=root mode=0755
+
+- name: Install npm pm2
+  npm: name="pm2" global="yes"
+
+- name: Ensure oracles-pm2 is running and enabled to start at boot
+  service: name=oracles-pm2 state=started enabled=yes
+
+- git: repo=https://github.com/oraclesorg/eth-net-intelligence-api dest={{ home }}/eth-net-intelligence-api
+
+- name: Install netstats config
+  template: src=app.json.j2 dest={{ home }}/eth-net-intelligence-api/app.json owner={{ username }} group={{ username }} mode=0644
+
+- git: repo=https://github.com/oraclesorg/oracles-initial-keys dest={{ home }}/oracles-initial-keys version={{ IKEYS_BRANCH }}
+
+
+- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes
+
+- name: install npm netstats
+  shell: "cd /home/{{ username }}/eth-net-intelligence-api; /usr/bin/npm install"
+  become: true
+  become_user: "{{ username }}"
+
+- name: Install oracles-netstats service
+  template: src=oracles-netstats.j2 dest=/etc/systemd/system/oracles-netstats.service owner=root group=root mode=0755
+
+- name: Ensure oracles-netstats is running and enabled to start at boot
+  service: name=oracles-netstats state=started enabled=yes
+
+- name: install npm initial_keys_script
+  shell: "cd {{ home }}/oracles-initial-keys; /usr/bin/npm install"
+  become: true
+  become_user: "{{ username }}"
+
+- name: Install oracles-logrotate conf
+  template: src=oracles-logrotate.conf.j2 dest={{ home }}/oracles-logrotate.conf owner=root group=root mode=0644
+
+- name: Install oracles-logrotate cron
+  template: src=oracles-logrotate.j2 dest=/etc/cron.hourly/oracles-logrotate owner=root group=root mode=0755
+

roles/owner/templates/app.json.j2

@@ -0,0 +1,26 @@
+[
+    {
+        "name"                 : "netstats_daemon",
+        "script"               : "app.js",
+        "log_date_format"      : "YYYY-MM-DD HH:mm:SS Z",
+        "error_file"           : "/home/{{ username }}/logs/netstats_daemon.err",
+        "out_file"             : "/home/{{ username }}/logs/netstats_daemon.out",
+        "merge_logs"           : false,
+        "watch"                : false,
+        "max_restarts"         : 100,
+        "exec_interpreter"     : "node",
+        "exec_mode"            : "fork_mode",
+        "env":
+        {
+            "NODE_ENV"         : "production",
+            "RPC_HOST"         : "localhost",
+            "RPC_PORT"         : "8545",
+            "LISTENING_PORT"   : "30300",
+            "INSTANCE_NAME"    : "{{ NODE_FULLNAME }}",
+            "CONTACT_DETAILS"  : "{{ NODE_ADMIN_EMAIL }}",
+            "WS_SERVER"        : "http://{{ NETSTATS_SERVER }}:3000",
+            "WS_SECRET"        : "{{ NETSTATS_SECRET }}",
+            "VERBOSITY"        : 2
+        }
+    }
+]

roles/owner/templates/node_pwd.j2

@@ -0,0 +1 @@
+{{ OWNER_KEYPASS }}

roles/owner/templates/oracles-logrotate.conf.j2

@@ -0,0 +1,20 @@
+/home/{{ username }}/logs/*.log {
+    rotate 10
+    size 200M
+    missingok
+    compress
+    copytruncate
+    dateext
+    dateformat %Y-%m-%d-%s
+    olddir old
+}
+/home/{{ username }}/.pm2/pm2.log {
+    su {{ username }} {{ username }}
+    rotate 10
+    size 200M
+    missingok
+    compress
+    copytruncate
+    dateext
+    dateformat %Y-%m-%d-%s
+}

roles/owner/templates/oracles-logrotate.j2

@@ -0,0 +1,2 @@
+#!/bin/bash
+/usr/sbin/logrotate /home/{{ username }}/oracles-logrotate.conf

roles/owner/templates/oracles-netstats.j2

@@ -0,0 +1,13 @@
+[Unit]
+Description=oracles netstats service
+After=oracles-pm2.service
+[Service]
+Type=oneshot
+RemainAfterExit=true
+User={{ username }}
+Group={{ username }}
+Environment=MYVAR=myval
+WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api
+ExecStart=/usr/bin/pm2 startOrRestart app.json
+[Install]
+WantedBy=multi-user.target

roles/owner/templates/oracles-parity.j2

@@ -0,0 +1,11 @@
+[Unit]
+Description=oracles parity service
+After=network.target
+[Service]
+User={{ username }}
+Group={{ username }}
+WorkingDirectory=/home/{{ username }}
+ExecStart=/home/{{ username }}/parity-nouncles --config=node.toml
+Restart=always
+[Install]
+WantedBy=multi-user.target

roles/owner/templates/oracles-pm2.j2

@@ -0,0 +1,13 @@
+[Unit]
+Description=oracles pm2 service
+After=network.target
+[Service]
+Type=oneshot
+RemainAfterExit=true
+User={{ username }}
+Group={{ username }}
+Environment=MYVAR=myval
+WorkingDirectory=/home/{{ username }}
+ExecStart=/usr/bin/pm2 ping
+[Install]
+WantedBy=multi-user.target

site.yml

@@ -57,3 +57,16 @@
     - netstat
   tags:
     - netstat
+
+- hosts: owner
+  vars:
+    username: "owner"
+    users:
+      - name: "owner"
+    home: "/home/owner"
+  roles:
+    - usermanager
+    - nodejs
+    - owner
+  tags:
+    - owner