Add owner role.

This commit is contained in:
Vitaly Znachenok 2017-11-28 22:38:56 +03:00
parent 1d3569e2dc
commit d0f86089d8
11 changed files with 309 additions and 0 deletions

View File

@ -30,11 +30,14 @@ MINING_KEYFILE: "_INSERT_"
MINING_ADDRESS: "_INSERT_"
MINING_KEYPASS: "_INSERT_"
SCRIPTS_BRANCH: "sokol"
DAPPS_BRANCH: "master"
IKEYS_BRANCH: "master"
OWNER_ADDRESS: "_INSERT_"
OWNER_KEYPASS: "_INSERT_"
OWNER_KEYFILE: "_INSERT_"
TX_GAS_LIMIT: "6700000"

98
owner.yml Normal file
View File

@ -0,0 +1,98 @@
---
- name: Create owner security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: owner-security
description: "Default security group"
region: "{{ region }}"
# purge_rules_egress: true
# purge_rules: true
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 8545
to_port: 8545
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 30303
to_port: 30303
cidr_ip: 0.0.0.0/0
- proto: udp
from_port: 30303
to_port: 30303
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: owner
- name: Create owner
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ owner_instance_name }}"
group: "{{ owner_security_group }}"
instance_type: "{{ owner_instance_type }}"
image: "{{ image }}"
count: "{{ owner_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: owner
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1

109
roles/owner/tasks/main.yml Normal file
View File

@ -0,0 +1,109 @@
---
- name: Create directory parity_data/keys/OraclesPoA
file:
path: "{{ home }}/parity_data/keys/OraclesPoA"
state: directory
mode: 0700
owner: "{{ username }}"
group: "{{ username }}"
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"
- name: Download spec.json
get_url: url={{ item }} dest={{ home }}/ mode=0644
with_items:
- "https://raw.githubusercontent.com/oraclesorg/oracles-scripts/sokol/spec.json"
- "https://raw.githubusercontent.com/oraclesorg/deployment-azure/dev-mainnet/nodes/bootnodes.txt"
- "https://raw.githubusercontent.com/oraclesorg/deployment-azure/dev-mainnet/nodes/owner/node.toml"
- name: Change nat in node.toml
lineinfile:
path: "{{ home }}/node.toml"
insertafter: '^\[network\]'
line: nat="extip:{{ ansible_host }}"
state: present
- name: Change reserved_peers in node.toml
lineinfile:
path: "{{ home }}/node.toml"
insertafter: '^\[network\]'
line: reserved_peers="{{ home }}/bootnodes.txt"
state: present
- name: Add log file in node.toml
blockinfile:
path: "{{ home }}/node.toml"
block: |
[misc]
log_file = "{{ home }}/logs/parity.log"
[account]
password = ["{{ NODE_PWD }}"]
unlock = ["{{ OWNER_ADDRESS }}"]
[mining]
force_sealing = true
engine_signer = "{{ OWNER_ADDRESS }}"
tx_gas_limit = "{{ TX_GAS_LIMIT }}"
reseal_on_txs = "none"
- name: Install {{ NODE_PWD }} file
template: src=node_pwd.j2 dest={{ home }}/{{ NODE_PWD }} owner={{ username }} group={{ username }} mode=0600
- name: Config OWNER_KEYFILE file
shell: "echo '{{ OWNER_KEYFILE }}' > {{ home }}/parity_data/keys/OraclesPoA/{{ username }}.key"
- name: Download parity-nouncles
get_url: url="{{ parity_nouncles }}" dest={{ home }}/parity-nouncles mode=0755
- name: Install oracles-parity service
template: src=oracles-parity.j2 dest=/etc/systemd/system/oracles-parity.service owner=root group=root mode=0755
- name: Ensure oracles-parity is running and enabled to start at boot
service: name=oracles-parity state=started enabled=yes
- name: Install oracles-pm2 service
template: src=oracles-pm2.j2 dest=/etc/systemd/system/oracles-pm2.service owner=root group=root mode=0755
- name: Install npm pm2
npm: name="pm2" global="yes"
- name: Ensure oracles-pm2 is running and enabled to start at boot
service: name=oracles-pm2 state=started enabled=yes
- git: repo=https://github.com/oraclesorg/eth-net-intelligence-api dest={{ home }}/eth-net-intelligence-api
- name: Install netstats config
template: src=app.json.j2 dest={{ home }}/eth-net-intelligence-api/app.json owner={{ username }} group={{ username }} mode=0644
- git: repo=https://github.com/oraclesorg/oracles-initial-keys dest={{ home }}/oracles-initial-keys version={{ IKEYS_BRANCH }}
- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes
- name: install npm netstats
shell: "cd /home/{{ username }}/eth-net-intelligence-api; /usr/bin/npm install"
become: true
become_user: "{{ username }}"
- name: Install oracles-netstats service
template: src=oracles-netstats.j2 dest=/etc/systemd/system/oracles-netstats.service owner=root group=root mode=0755
- name: Ensure oracles-netstats is running and enabled to start at boot
service: name=oracles-netstats state=started enabled=yes
- name: install npm initial_keys_script
shell: "cd {{ home }}/oracles-initial-keys; /usr/bin/npm install"
become: true
become_user: "{{ username }}"
- name: Install oracles-logrotate conf
template: src=oracles-logrotate.conf.j2 dest={{ home }}/oracles-logrotate.conf owner=root group=root mode=0644
- name: Install oracles-logrotate cron
template: src=oracles-logrotate.j2 dest=/etc/cron.hourly/oracles-logrotate owner=root group=root mode=0755

View File

@ -0,0 +1,26 @@
[
{
"name" : "netstats_daemon",
"script" : "app.js",
"log_date_format" : "YYYY-MM-DD HH:mm:SS Z",
"error_file" : "/home/{{ username }}/logs/netstats_daemon.err",
"out_file" : "/home/{{ username }}/logs/netstats_daemon.out",
"merge_logs" : false,
"watch" : false,
"max_restarts" : 100,
"exec_interpreter" : "node",
"exec_mode" : "fork_mode",
"env":
{
"NODE_ENV" : "production",
"RPC_HOST" : "localhost",
"RPC_PORT" : "8545",
"LISTENING_PORT" : "30300",
"INSTANCE_NAME" : "{{ NODE_FULLNAME }}",
"CONTACT_DETAILS" : "{{ NODE_ADMIN_EMAIL }}",
"WS_SERVER" : "http://{{ NETSTATS_SERVER }}:3000",
"WS_SECRET" : "{{ NETSTATS_SECRET }}",
"VERBOSITY" : 2
}
}
]

View File

@ -0,0 +1 @@
{{ OWNER_KEYPASS }}

View File

@ -0,0 +1,20 @@
/home/{{ username }}/logs/*.log {
rotate 10
size 200M
missingok
compress
copytruncate
dateext
dateformat %Y-%m-%d-%s
olddir old
}
/home/{{ username }}/.pm2/pm2.log {
su {{ username }} {{ username }}
rotate 10
size 200M
missingok
compress
copytruncate
dateext
dateformat %Y-%m-%d-%s
}

View File

@ -0,0 +1,2 @@
#!/bin/bash
/usr/sbin/logrotate /home/{{ username }}/oracles-logrotate.conf

View File

@ -0,0 +1,13 @@
[Unit]
Description=oracles netstats service
After=oracles-pm2.service
[Service]
Type=oneshot
RemainAfterExit=true
User={{ username }}
Group={{ username }}
Environment=MYVAR=myval
WorkingDirectory=/home/{{ username }}/eth-net-intelligence-api
ExecStart=/usr/bin/pm2 startOrRestart app.json
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,11 @@
[Unit]
Description=oracles parity service
After=network.target
[Service]
User={{ username }}
Group={{ username }}
WorkingDirectory=/home/{{ username }}
ExecStart=/home/{{ username }}/parity-nouncles --config=node.toml
Restart=always
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,13 @@
[Unit]
Description=oracles pm2 service
After=network.target
[Service]
Type=oneshot
RemainAfterExit=true
User={{ username }}
Group={{ username }}
Environment=MYVAR=myval
WorkingDirectory=/home/{{ username }}
ExecStart=/usr/bin/pm2 ping
[Install]
WantedBy=multi-user.target

View File

@ -57,3 +57,16 @@
- netstat
tags:
- netstat
- hosts: owner
vars:
username: "owner"
users:
- name: "owner"
home: "/home/owner"
roles:
- usermanager
- nodejs
- owner
tags:
- owner