From 756fdee142fd046e2244b668cff683f3fb8d565c Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Sun, 24 May 2020 11:54:45 +0100 Subject: [PATCH] ansible: Default to /usr/local and /var/local Following discussion in https://github.com/ava-labs/gecko/pull/151 it was decided that /usr (and by implication /var) should be reserved for OS package managers (e.g. apt, yum). --- .../roles/ava-install/defaults/main.yml | 26 ++++++++++++++----- .../ansible/roles/ava-install/tasks/main.yml | 22 ++++++++++++---- .../roles/ava-service/templates/ava.service | 4 +-- .../ava-upgrade/tasks/10-staking-migrate.yml | 8 +++--- scripts/ansible/roles/ava-user/tasks/main.yml | 2 +- 5 files changed, 44 insertions(+), 18 deletions(-) diff --git a/scripts/ansible/roles/ava-install/defaults/main.yml b/scripts/ansible/roles/ava-install/defaults/main.yml index 71b190f..64a149d 100644 --- a/scripts/ansible/roles/ava-install/defaults/main.yml +++ b/scripts/ansible/roles/ava-install/defaults/main.yml @@ -1,8 +1,22 @@ -ava_daemon_bin_dir: "/usr/bin" -ava_daemon_data_dir: "/var/lib/{{ ava_daemon_user }}" -ava_daemon_db_dir: "{{ ava_daemon_data_dir }}/db" -ava_daemon_log_dir: "/var/log/ava" -ava_daemon_plugin_dir: "/usr/lib/ava/plugins" -ava_daemon_staking_dir: "{{ ava_daemon_data_dir }}/staking" +# These names, & default values are based on Meson build builtin options; +# which in turn follow established *nix conventions. +# See +# https://mesonbuild.com/Builtin-options.html +# https://www.gnu.org/prep/standards/html_node/Directory-Variables.html +prefix: "/usr/local" +bindir: "{{ prefix }}/bin" +libdir: "{{ prefix }}/lib" +localstatedir: "{{ prefix | replace('/usr', '/var') }}" +sharedstatedir: "{{ localstatedir }}/lib" +# Has no Meson builtin equivalent +logdir: "{{ localstatedir }}/log" + +# These names are specific to AVA. Default values are based loosely on *nix +# conventions. +ava_daemon_home_dir: "{{ sharedstatedir }}/ava" +ava_daemon_db_dir: "{{ ava_daemon_home_dir }}/db" +ava_daemon_log_dir: "{{ logdir }}/ava" +ava_daemon_plugin_dir: "{{ libdir }}/ava/plugins" +ava_daemon_staking_dir: "{{ ava_daemon_home_dir }}/staking" ava_daemon_staking_tls_cert: "{{ ava_daemon_staking_dir }}/staker.crt" ava_daemon_staking_tls_key: "{{ ava_daemon_staking_dir }}/staker.key" diff --git a/scripts/ansible/roles/ava-install/tasks/main.yml b/scripts/ansible/roles/ava-install/tasks/main.yml index cf8634b..df598a1 100644 --- a/scripts/ansible/roles/ava-install/tasks/main.yml +++ b/scripts/ansible/roles/ava-install/tasks/main.yml @@ -1,4 +1,14 @@ -- name: Create directories +- name: Create shared directories + file: + # Don't specify owner, mode etc for directories not specific to AVA. + # OS defaults, or local defaults are better than any guess we could make. + path: "{{ item.path }}" + state: directory + loop: + - path: "{{ sharedstatedir }}" + - path: "{{ logdir }}" + +- name: Create AVA directories become: true file: path: "{{ item.path }}" @@ -8,7 +18,9 @@ recurse: "{{ item.recurse | default(omit) }}" state: directory loop: - - path: "{{ ava_daemon_data_dir }}" + - path: "{{ ava_daemon_home_dir }}" + mode: u=rwX,go=rX + - path: "{{ ava_daemon_db_dir }}" mode: u=rwX,go=rX - path: "{{ ava_daemon_staking_dir }}" mode: u=rX,go= @@ -24,11 +36,11 @@ notify: - Restart AVA service -- name: Install binary +- name: Install AVA binary become: true copy: src: "{{ ava_binary }}" - dest: "{{ ava_daemon_bin_dir }}/ava" + dest: "{{ bindir }}/ava" remote_src: true owner: root group: root @@ -36,7 +48,7 @@ notify: - Restart AVA service -- name: Install plugins +- name: Install AVA plugins become: true copy: src: "{{ item.path }}" diff --git a/scripts/ansible/roles/ava-service/templates/ava.service b/scripts/ansible/roles/ava-service/templates/ava.service index 5195b96..218b14c 100644 --- a/scripts/ansible/roles/ava-service/templates/ava.service +++ b/scripts/ansible/roles/ava-service/templates/ava.service @@ -8,11 +8,11 @@ StartLimitIntervalSec=0 [Service] Type=simple -WorkingDirectory={{ ava_daemon_data_dir }} +WorkingDirectory={{ ava_daemon_home_dir }} Restart=always RestartSec=1 User={{ ava_daemon_user }} -ExecStart={{ ava_daemon_bin_dir }}/ava \ +ExecStart={{ bindir }}/ava \ --public-ip="{{ ansible_facts.default_ipv4.address }}" \ --db-dir="{{ ava_daemon_db_dir }}" \ --plugin-dir="{{ ava_daemon_plugin_dir }}" \ diff --git a/scripts/ansible/roles/ava-upgrade/tasks/10-staking-migrate.yml b/scripts/ansible/roles/ava-upgrade/tasks/10-staking-migrate.yml index 5d11474..8200087 100644 --- a/scripts/ansible/roles/ava-upgrade/tasks/10-staking-migrate.yml +++ b/scripts/ansible/roles/ava-upgrade/tasks/10-staking-migrate.yml @@ -1,7 +1,7 @@ - name: Migrate staking key vars: - old_key: "{{ ava_daemon_data_dir }}/keys/staker.key" - new_key: "{{ ava_daemon_data_dir }}/staking/staker.key" + old_key: "{{ ava_daemon_home_dir }}/keys/staker.key" + new_key: "{{ ava_daemon_home_dir }}/staking/staker.key" block: - name: Check for Gecko 0.2.0 staking key stat: @@ -25,8 +25,8 @@ - name: Migrate staking certificate vars: - old_cert: "{{ ava_daemon_data_dir }}/keys/staker.crt" - new_cert: "{{ ava_daemon_data_dir }}/staking/staker.crt" + old_cert: "{{ ava_daemon_home_dir }}/keys/staker.crt" + new_cert: "{{ ava_daemon_home_dir }}/staking/staker.crt" block: - name: Check for Gecko 0.2.0 staking certificate stat: diff --git a/scripts/ansible/roles/ava-user/tasks/main.yml b/scripts/ansible/roles/ava-user/tasks/main.yml index 80cbfbe..9ae342a 100644 --- a/scripts/ansible/roles/ava-user/tasks/main.yml +++ b/scripts/ansible/roles/ava-user/tasks/main.yml @@ -9,7 +9,7 @@ user: name: "{{ ava_daemon_user }}" group: "{{ ava_daemon_group }}" - home: "{{ ava_daemon_data_dir }}" + home: "{{ ava_daemon_home_dir }}" shell: /bin/false skeleton: false system: true