Jakub Sokołowski
fbb1ee69d9
consul: update token paths in BitWarden
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-09 00:24:07 +01:00
Jakub Sokołowski
d74ff169ef
wireguard: bump role and add Consul ACL token
...
Part of effort to lock down Consul ACLs:
https://github.com/status-im/infra-hq/issues/70
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-08 20:51:45 +01:00
Jakub Sokołowski
cdf63cba43
consul: add mandatory agent ACL token
...
https://github.com/status-im/infra-hq/issues/70
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-08 11:58:55 +01:00
Jakub Sokołowski
a6d673366a
all: lowe logrotate count to 48, bump bootstrap
...
Also remove `delaycompress` from logrotate config.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-31 17:09:28 +01:00
Jakub Sokołowski
667fd3184e
builds: add libp2p metrics flags
...
This is done instead of this PR:
https://github.com/status-im/infra-role-beacon-node-linux/pull/3/files
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-05 19:38:23 +01:00
Jakub Sokołowski
237da365e7
bootstrap: add missing admin pass for macos hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-04 20:55:08 +01:00
Jakub Sokołowski
9c8b0f6185
users: give tanguy sudo permissions
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-04 15:35:30 +01:00
Jakub Sokołowski
7aa5d2d420
add all users to admin group on MacOS hosts
...
This fixes SSH access issue, since only admin group members can have
remote access to the host:
https://www.vinnie.work/blog/2020-12-26-why-so-hard-osx-ssh-access/
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-13 13:34:56 +02:00
Jakub Sokołowski
018e1f3b78
enable beacon_node_rpc_enabled for all hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 17:53:07 +02:00
Jakub Sokołowski
3673ff3577
bootstrap: add zahary to extra users
...
Instead of adding him via default users:
https://github.com/status-im/infra-role-bootstrap-linux/commit/d6a6c129
This fixes addition to Windows host as well.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-20 16:21:09 +02:00
Jakub Sokołowski
28b69ccc69
fix bootstrap root password secret, bump roles
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 20:19:00 +02:00
Jakub Sokołowski
2a781d70e8
firewall: remove obsolete settings for open-ports
...
We now call `open-ports` role inside of `beacon-node` roles.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:51:26 +02:00
Jakub Sokołowski
e0d70f46f3
prater/pyrmont: add config for REST API port
...
https://github.com/status-im/infra-role-beacon-node-linux/pull/1
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:46:05 +02:00
Jakub Sokołowski
5d36d3ad3e
firewall: use new IP sets and iptables chains
...
https://github.com/status-im/infra-hq/issues/69
https://github.com/status-im/infra-role-bootstrap-linux/commit/92d8923b
https://github.com/status-im/infra-role-wireguard/commit/8394639e
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-11 19:54:36 +02:00
Jakub Sokołowski
3e32ec1ba9
migrate bootstrap secrets to BitWarden
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-28 12:02:03 +02:00
Jakub Sokołowski
a9dfaa12a3
give extra users admin rights on the windows hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 18:02:45 +02:00
Jakub Sokołowski
a99a6d0fc6
refactor to distribute validators via beacon-node role
...
This way we can deploy multiple nodes on the same host.
https://github.com/status-im/infra-nimbus/issues/52
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 16:43:27 +02:00
cheatfate
3a3d52a156
Add cheatfate's SSH account.
2021-06-22 13:02:33 +02:00
Jakub Sokołowski
f4a20bc128
fix password format used for root
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-11 11:18:10 +02:00
Tanguy Cizain
cae0195d03
add tanguy's key
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-11 11:15:35 +02:00
Jakub Sokołowski
e50e7f7764
drop legacy beacon_node_web3_url variable
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-05-06 15:40:38 +02:00
Zahary Karadjov
b03dbdb5c6
Increase the --max-peers count on all fleet nodes
...
This setting is recommended due to the high-number of validators
attached to each node which requires maintaining healthy peer
counts on a larger number of gossip topics. For now, we don't
bother specifying a lower value on the servers running a lower
number of validators in order to simplify the implementation.
2021-03-23 17:53:58 +08:00
Jakub Sokołowski
db5ec2f497
bootstrap: provide Consul encryption key from infra-pass
...
Related: https://github.com/status-im/infra-role-bootstrap/commit/0d40f81d
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-03-22 11:12:49 +01:00
Jakub Sokołowski
d8b643fd74
add SSH users to systemd-journal group
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-08 12:36:14 +01:00
Jakub Sokołowski
26a31c5d63
use 8000+ UIDs for extra SSH users to not clash with core
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-01-26 12:11:33 +01:00
Jakub Sokołowski
6e138997e2
re-enable sending logs to logstash
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-01-20 19:27:04 +01:00
Jakub Sokołowski
2132851b16
use bootstrap__active_extra_users variable
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-01-14 14:01:57 +01:00
Jakub Sokołowski
65f0d944d8
bump max logs for logrotate to 72
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-26 21:30:32 +01:00
Jakub Sokołowski
996e2df2e8
make docker log files contain only container messages
...
See: https://github.com/status-im/infra-nimbus/issues/26
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-26 19:06:08 +01:00
Jakub Sokołowski
796c7ce292
bump count of logrotate files to keep to 24
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-26 18:30:05 +01:00
Jakub Sokołowski
21a41cb1ed
drop unused variables, don't re-create containers every time
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-20 16:45:51 +01:00
Jakub Sokołowski
1caaddb924
remove to old medalla fleet
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-20 14:51:31 +01:00
Jakub Sokołowski
20bb18553a
add ssh access for giovanni
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-10 12:26:45 +01:00
Jakub Sokołowski
4cd82e895b
drop bootstrap__extra_volume_path, it clashes with new default
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-02 18:47:12 +01:00
Ștefan Talpalaru
d88720874d
halve the number of containers ( #15 )
...
* halve the number of containers
and cleanup some vars
* dedicate some slaves to testnet2
* use list slices for hosts
2020-06-26 22:37:59 +02:00
Jakub Sokołowski
e0ddfa98fd
all: stop disabling watchtower cleanup
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-10 13:01:28 +02:00
Jakub Sokołowski
01088fd433
drop Adam and Igor from users
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-04-14 10:43:03 +02:00
Jakub Sokołowski
b3e320e064
deploy 2GB swap files on Nimbus hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-26 19:04:59 +01:00
kdeme
1dd328307b
Add my public ssh key
2020-03-09 23:17:16 +01:00
Jakub Sokołowski
03b6fbe91b
update bootstrap extra volume var name
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-26 16:30:45 +01:00
Jakub Sokołowski
fcd17845b8
nimbus-stats: port to use systemd timer, fix consul query
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-19 11:51:09 +01:00
Dmitriy Ryajov
9091772f37
add ssh key for dryajov
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-18 16:07:56 +01:00
Jakub Sokołowski
7ed2ec39dc
beacon-nodes: match new cont_recreate and cont_state settings
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-10 14:12:57 +01:00
Jakub Sokołowski
24a87596b4
log-dash: configure Kibana dashboard
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-05 13:39:43 +01:00
Jakub Sokołowski
e91fb002bf
we now have Consul so we can re enable tinc
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-29 23:17:10 +01:00
Jakub Sokołowski
52321e8ca3
mount extra volume at /docker
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-28 22:19:01 +01:00
Jakub Sokołowski
c825c4595b
add zahary user
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-28 21:13:15 +01:00
Jakub Sokołowski
14b623c4b4
port fleet to AWS EC2
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-27 16:46:53 +01:00
Jakub Sokołowski
aeb4345600
disable watchtower cleanup flag
...
Otherwise watchtower throws image removal errors like:
Error: No such image: sha256:abdc
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-23 13:29:47 +01:00
Jakub Sokołowski
0f426e1b51
make yglukhov user inactive
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-22 21:23:37 +01:00