-
Notifications
You must be signed in to change notification settings - Fork 391
Explorer ansible #1550
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Explorer ansible #1550
Changes from 29 commits
Commits
Show all changes
31 commits
Select commit
Hold shift + click to select a range
65facbf
Adapt elixir playbook to admin_user var usage
klaus993 4f7a523
Use sudo and verbose builtin
klaus993 4d022ee
Remove ubuntu packages
klaus993 0f12ea5
Remove java
klaus993 7f5e43b
Install libssl1.1 (erlang dependency)
klaus993 17c13c7
Install Erlang globally (without asdf)
klaus993 10ddfcf
Install Elixir globally (without asdf)
klaus993 3175192
Add name to setup.yaml playbook
klaus993 a0e5cd7
Add Nodejs playbook
klaus993 c7048b0
Add PostgreSQL playbook
klaus993 7e3b29c
Migrate to another way of importing playbooks
klaus993 8144463
Uncomment explorer in inventory
klaus993 9686e28
Fix gitignore
klaus993 33c7059
Ran mix phx.gen.release
klaus993 d01e9d1
Adapt to new way of sending user
klaus993 efb20e5
Clone aligned repository
klaus993 a9fac2c
Add pnpm and explorer build
klaus993 beca81b
Added Caddyfile creation for explorer, added cloudflare API token.
samoht9277 98a39b7
Added caddy build with Cloudflare DNS module.
samoht9277 90115d6
Added small fixes to check if nodejs is installed.
samoht9277 b65d425
Remoded Caddy.
samoht9277 44c81a1
Improved explorer ansible.
samoht9277 6e64720
Added systemd service to run the explorer.
samoht9277 f170bbf
Removed extra whitespace.
samoht9277 050ea6e
Merge branch 'testnet' into explorer_ansible
samoht9277 40c10dd
Removed file.
samoht9277 3de7549
Merge branch 'explorer_ansible' of github.com:yetanotherco/aligned_la…
samoht9277 d6d7da8
Added missing variables and UFW rule.
samoht9277 cb3b8ff
Merge branch 'testnet' into explorer_ansible
JuArce 82e6a1d
fix: add ecto migrate
JuArce 1ecf17e
Merge branch 'refs/heads/staging' into explorer_ansible
JuArce File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| defmodule Explorer.Release do | ||
| @moduledoc """ | ||
| Used for executing DB release tasks when run in production without Mix | ||
| installed. | ||
| """ | ||
| @app :explorer | ||
|
|
||
| def migrate do | ||
| load_app() | ||
|
|
||
| for repo <- repos() do | ||
| {:ok, _, _} = Ecto.Migrator.with_repo(repo, &Ecto.Migrator.run(&1, :up, all: true)) | ||
| end | ||
| end | ||
|
|
||
| def rollback(repo, version) do | ||
| load_app() | ||
| {:ok, _, _} = Ecto.Migrator.with_repo(repo, &Ecto.Migrator.run(&1, :down, to: version)) | ||
| end | ||
|
|
||
| defp repos do | ||
| Application.fetch_env!(@app, :ecto_repos) | ||
| end | ||
|
|
||
| defp load_app do | ||
| Application.load(@app) | ||
| end | ||
| end |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| #!/bin/sh | ||
| set -eu | ||
|
|
||
| cd -P -- "$(dirname -- "$0")" | ||
| exec ./explorer eval Explorer.Release.migrate |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| call "%~dp0\explorer" eval Explorer.Release.migrate |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| #!/bin/sh | ||
| set -eu | ||
|
|
||
| cd -P -- "$(dirname -- "$0")" | ||
| PHX_SERVER=true exec ./explorer start |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| set PHX_SERVER=true | ||
| call "%~dp0\explorer" start |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,43 +1,131 @@ | ||
| - import_playbook: setup.yaml | ||
| - import_playbook: webserver.yaml | ||
| #- import_playbook: elixir.yaml # Not working | ||
| #- import_playbook: docker.yaml | ||
| - name: Run setup playbook | ||
| ansible.builtin.import_playbook: setup.yaml | ||
| vars: | ||
| host: explorer | ||
|
|
||
| - name: Run elixir playbook | ||
| ansible.builtin.import_playbook: elixir.yaml | ||
| vars: | ||
| host: explorer | ||
|
|
||
| - name: Run nodejs playbook | ||
| ansible.builtin.import_playbook: nodejs.yaml | ||
| vars: | ||
| host: explorer | ||
|
|
||
| - hosts: aligned-holesky-explorer | ||
| become: true | ||
| - name: Run postgres playbook | ||
| ansible.builtin.import_playbook: postgres.yaml | ||
| vars: | ||
| user: "{{ user }}" | ||
| host: explorer | ||
| ini_file: ini/config-explorer.ini | ||
|
|
||
| - name: Setup Explorer | ||
| hosts: explorer | ||
| vars: | ||
| service: "explorer" | ||
|
|
||
| pre_tasks: | ||
| - name: Install pnpm | ||
| become: true | ||
| ansible.builtin.shell: | ||
| cmd: npm install -g pnpm | ||
| vars: | ||
| ansible_ssh_user: "{{ admin_user }}" | ||
|
|
||
| - name: Allow all access to tcp port 443 | ||
| become: true | ||
| ufw: | ||
| rule: allow | ||
| port: 443 | ||
| proto: tcp | ||
| vars: | ||
| ansible_ssh_user: "{{ admin_user }}" | ||
|
|
||
| - name: Clone the aligned_layer repository | ||
| ansible.builtin.git: | ||
| repo: https://github.com/yetanotherco/aligned_layer | ||
| dest: "/home/{{ ansible_user }}/repos/explorer/aligned_layer" | ||
| update: yes | ||
|
|
||
| - name: Create .ssl directory | ||
| file: | ||
| path: /home/{{ ansible_user }}/.ssl/ | ||
| state: directory | ||
|
|
||
| - name: Upload SSL key to server (infra/ansible/playbooks/files/key.pem) | ||
| copy: | ||
| src: key.pem | ||
| dest: /home/{{ ansible_user }}/.ssl/key.pem | ||
|
|
||
| - name: Upload SSL certificate to server (infra/ansible/playbooks/files/cert.pem) | ||
| copy: | ||
| src: cert.pem | ||
| dest: /home/{{ ansible_user }}/.ssl/cert.pem | ||
|
|
||
| tasks: | ||
| # Install required packages | ||
| - name: Update apt and install required system packages | ||
| apt: | ||
| pkg: | ||
| - unzip | ||
| state: latest | ||
| update_cache: true | ||
|
|
||
| # Create directories for each service | ||
| - name: Create directories for each service if do not exist | ||
| ansible.builtin.file: | ||
| path: /home/{{ user }}/repos/{{ item }} | ||
| - name: Add environment file for Explorer | ||
| template: | ||
| src: explorer/explorer_env.j2 | ||
| dest: /home/{{ ansible_user }}/repos/explorer/aligned_layer/explorer/.env | ||
| vars: | ||
| RPC_URL: "{{ lookup('ini', 'RPC_URL file=ini/config-explorer.ini') }}" | ||
| ENVIRONMENT: "{{ lookup('ini', 'ENVIRONMENT file=ini/config-explorer.ini') }}" | ||
| ALIGNED_CONFIG_FILE: "{{ lookup('ini', 'ALIGNED_CONFIG_FILE file=ini/config-explorer.ini') }}" | ||
| PHX_HOST: "{{ lookup('ini', 'PHX_HOST file=ini/config-explorer.ini') }}" | ||
| ELIXIR_HOSTNAME: "{{ lookup('ini', 'ELIXIR_HOSTNAME file=ini/config-explorer.ini') }}" | ||
| DB_NAME: "{{ lookup('ini', 'DB_NAME file=ini/config-explorer.ini') }}" | ||
| DB_USER: "{{ lookup('ini', 'DB_USER file=ini/config-explorer.ini') }}" | ||
| DB_PASS: "{{ lookup('ini', 'DB_PASS file=ini/config-explorer.ini') }}" | ||
| DB_HOST: "{{ lookup('ini', 'DB_HOST file=ini/config-explorer.ini') }}" | ||
| TRACKER_API_URL: "{{ lookup('ini', 'TRACKER_API_URL file=ini/config-explorer.ini') }}" | ||
| SECRET_KEY_BASE: "{{ lookup('ini', 'SECRET_KEY_BASE file=ini/config-explorer.ini') }}" | ||
| KEYFILE_PATH: "{{ lookup('ini', 'KEYFILE_PATH file=ini/config-explorer.ini') }}" | ||
| CERTFILE_PATH: "{{ lookup('ini', 'CERTFILE_PATH file=ini/config-explorer.ini') }}" | ||
| BATCH_TTL_MINUTES: "{{ lookup('ini', 'BATCH_TTL_MINUTES file=ini/config-explorer.ini') }}" | ||
| SCHEDULED_BATCH_INTERVAL_MINUTES: "{{ lookup('ini', 'SCHEDULED_BATCH_INTERVAL_MINUTES file=ini/config-explorer.ini') }}" | ||
|
|
||
| - name: Build the explorer release | ||
| args: | ||
| chdir: "/home/{{ ansible_user }}/repos/explorer/aligned_layer/explorer" | ||
| environment: | ||
| MIX_ENV: prod | ||
| shell: | ||
| executable: /bin/bash | ||
| cmd: | | ||
| set -ex | ||
| source .env | ||
| mix local.hex --force | ||
| mix local.rebar --force | ||
| mix deps.get --only $MIX_ENV | ||
| mix compile | ||
| pnpm --prefix=assets/ install | ||
| mix phx.digest | ||
| mix assets.deploy | ||
| mix release --overwrite | ||
| - name: Set CAP_NET_BIND_SERVICE to beam | ||
| shell: | ||
| cmd: sudo setcap CAP_NET_BIND_SERVICE=+eip /home/app/repos/explorer/aligned_layer/explorer/_build/prod/rel/explorer/erts-14.2.1/bin/beam.smp | ||
| vars: | ||
| ansible_ssh_user: "{{ admin_user }}" | ||
|
|
||
| - name: Create .env for Explorer systemd service | ||
| shell: cat /home/{{ ansible_user }}/repos/explorer/aligned_layer/explorer/.env | sed 's/export //g' > /home/{{ ansible_user }}/config/.env.explorer | ||
|
|
||
| - name: Create systemd services directory | ||
| file: | ||
| path: "/home/{{ ansible_user }}/.config/systemd/user/" | ||
| state: directory | ||
| mode: '0755' | ||
| become_user: "{{ user }}" | ||
| loop: | ||
| - explorer | ||
|
|
||
| # Clone Aligned repository for each service | ||
| - name: Clone Aligned repository | ||
| ansible.builtin.git: | ||
| repo: https://github.com/yetanotherco/aligned_layer.git | ||
| dest: /home/{{ user }}/repos/{{ item }}/aligned_layer | ||
| version: v0.10.2 | ||
| become_user: "{{ user }}" | ||
| loop: | ||
| - explorer | ||
| register: repo_clone | ||
| failed_when: | ||
| - repo_clone.failed | ||
| - not 'Local modifications exist in the destination' in repo_clone.msg | ||
| - name: Add service to systemd | ||
| template: | ||
| src: services/explorer.service.j2 | ||
| dest: "/home/{{ ansible_user }}/.config/systemd/user/explorer.service" | ||
| force: no | ||
|
|
||
| - name: Start explorer service | ||
| systemd_service: | ||
| name: explorer | ||
| state: started | ||
| enabled: true | ||
| scope: user | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| [global] | ||
| RPC_URL= | ||
| ENVIRONMENT= | ||
| ALIGNED_CONFIG_FILE= | ||
| PHX_HOST= | ||
| ELIXIR_HOSTNAME= | ||
| DB_NAME= | ||
| DB_USER= | ||
| DB_PASS= | ||
| DB_HOST= | ||
| TRACKER_API_URL= | ||
| SECRET_KEY_BASE= | ||
| KEYFILE_PATH= | ||
| CERTFILE_PATH= |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.