Jakub Sokołowski
d63bd18938
give SSH access to p1ge0nh8er and s1fr0
...
For debugging issues with Geth Websocket port for Nim-Waku.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-10-14 15:54:55 +02:00
Jakub Sokołowski
4017674931
add systemd-journal groups to all users by default
...
https://github.com/status-im/infra-role-bootstrap-linux/commit/d85963fa
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-10-14 15:01:31 +02:00
Jakub Sokołowski
30ed658621
grant SSH access to etan@status.im
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-11 13:06:36 +02:00
Jakub Sokołowski
6702c50f38
bootstrap: give miran sudo permissions
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-04 09:32:53 +02:00
Jakub Sokołowski
2dd96fdc36
drop giovanni from active users
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-06-14 10:12:01 +02:00
narimiran
bf1cc4a5a0
users: add miran
2022-06-10 15:33:19 +02:00
Jakub Sokołowski
32835c38b4
ci-slave-metal: remove SSH access from Stefan
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-31 20:02:18 +02:00
Jakub Sokołowski
70bf75d1de
drop deprecated JSON-RPC API port from all nodes
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-22 18:58:19 +01:00
Jakub Sokołowski
968c174ba0
bootstrap: add extra IP to SSHGuard whitelist
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-11 11:45:07 +01:00
Jakub Sokołowski
fbb1ee69d9
consul: update token paths in BitWarden
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-09 00:24:07 +01:00
Jakub Sokołowski
d74ff169ef
wireguard: bump role and add Consul ACL token
...
Part of effort to lock down Consul ACLs:
https://github.com/status-im/infra-hq/issues/70
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-08 20:51:45 +01:00
Jakub Sokołowski
cdf63cba43
consul: add mandatory agent ACL token
...
https://github.com/status-im/infra-hq/issues/70
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-08 11:58:55 +01:00
Jakub Sokołowski
a6d673366a
all: lowe logrotate count to 48, bump bootstrap
...
Also remove `delaycompress` from logrotate config.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-31 17:09:28 +01:00
Jakub Sokołowski
667fd3184e
builds: add libp2p metrics flags
...
This is done instead of this PR:
https://github.com/status-im/infra-role-beacon-node-linux/pull/3/files
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-05 19:38:23 +01:00
Jakub Sokołowski
237da365e7
bootstrap: add missing admin pass for macos hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-04 20:55:08 +01:00
Jakub Sokołowski
9c8b0f6185
users: give tanguy sudo permissions
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-04 15:35:30 +01:00
Jakub Sokołowski
7aa5d2d420
add all users to admin group on MacOS hosts
...
This fixes SSH access issue, since only admin group members can have
remote access to the host:
https://www.vinnie.work/blog/2020-12-26-why-so-hard-osx-ssh-access/
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-13 13:34:56 +02:00
Jakub Sokołowski
018e1f3b78
enable beacon_node_rpc_enabled for all hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 17:53:07 +02:00
Jakub Sokołowski
3673ff3577
bootstrap: add zahary to extra users
...
Instead of adding him via default users:
https://github.com/status-im/infra-role-bootstrap-linux/commit/d6a6c129
This fixes addition to Windows host as well.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-20 16:21:09 +02:00
Jakub Sokołowski
28b69ccc69
fix bootstrap root password secret, bump roles
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 20:19:00 +02:00
Jakub Sokołowski
2a781d70e8
firewall: remove obsolete settings for open-ports
...
We now call `open-ports` role inside of `beacon-node` roles.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:51:26 +02:00
Jakub Sokołowski
e0d70f46f3
prater/pyrmont: add config for REST API port
...
https://github.com/status-im/infra-role-beacon-node-linux/pull/1
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:46:05 +02:00
Jakub Sokołowski
5d36d3ad3e
firewall: use new IP sets and iptables chains
...
https://github.com/status-im/infra-hq/issues/69
https://github.com/status-im/infra-role-bootstrap-linux/commit/92d8923b
https://github.com/status-im/infra-role-wireguard/commit/8394639e
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-11 19:54:36 +02:00
Jakub Sokołowski
3e32ec1ba9
migrate bootstrap secrets to BitWarden
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-28 12:02:03 +02:00
Jakub Sokołowski
a9dfaa12a3
give extra users admin rights on the windows hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 18:02:45 +02:00
Jakub Sokołowski
a99a6d0fc6
refactor to distribute validators via beacon-node role
...
This way we can deploy multiple nodes on the same host.
https://github.com/status-im/infra-nimbus/issues/52
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 16:43:27 +02:00
cheatfate
3a3d52a156
Add cheatfate's SSH account.
2021-06-22 13:02:33 +02:00
Jakub Sokołowski
f4a20bc128
fix password format used for root
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-11 11:18:10 +02:00
Tanguy Cizain
cae0195d03
add tanguy's key
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-11 11:15:35 +02:00
Jakub Sokołowski
e50e7f7764
drop legacy beacon_node_web3_url variable
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-05-06 15:40:38 +02:00
Zahary Karadjov
b03dbdb5c6
Increase the --max-peers count on all fleet nodes
...
This setting is recommended due to the high-number of validators
attached to each node which requires maintaining healthy peer
counts on a larger number of gossip topics. For now, we don't
bother specifying a lower value on the servers running a lower
number of validators in order to simplify the implementation.
2021-03-23 17:53:58 +08:00
Jakub Sokołowski
db5ec2f497
bootstrap: provide Consul encryption key from infra-pass
...
Related: https://github.com/status-im/infra-role-bootstrap/commit/0d40f81d
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-03-22 11:12:49 +01:00
Jakub Sokołowski
d8b643fd74
add SSH users to systemd-journal group
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-08 12:36:14 +01:00
Jakub Sokołowski
26a31c5d63
use 8000+ UIDs for extra SSH users to not clash with core
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-01-26 12:11:33 +01:00
Jakub Sokołowski
6e138997e2
re-enable sending logs to logstash
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-01-20 19:27:04 +01:00
Jakub Sokołowski
2132851b16
use bootstrap__active_extra_users variable
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-01-14 14:01:57 +01:00
Jakub Sokołowski
65f0d944d8
bump max logs for logrotate to 72
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-26 21:30:32 +01:00
Jakub Sokołowski
996e2df2e8
make docker log files contain only container messages
...
See: https://github.com/status-im/infra-nimbus/issues/26
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-26 19:06:08 +01:00
Jakub Sokołowski
796c7ce292
bump count of logrotate files to keep to 24
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-26 18:30:05 +01:00
Jakub Sokołowski
21a41cb1ed
drop unused variables, don't re-create containers every time
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-20 16:45:51 +01:00
Jakub Sokołowski
1caaddb924
remove to old medalla fleet
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-20 14:51:31 +01:00
Jakub Sokołowski
20bb18553a
add ssh access for giovanni
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-10 12:26:45 +01:00
Jakub Sokołowski
4cd82e895b
drop bootstrap__extra_volume_path, it clashes with new default
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-02 18:47:12 +01:00
Ștefan Talpalaru
d88720874d
halve the number of containers ( #15 )
...
* halve the number of containers
and cleanup some vars
* dedicate some slaves to testnet2
* use list slices for hosts
2020-06-26 22:37:59 +02:00
Jakub Sokołowski
e0ddfa98fd
all: stop disabling watchtower cleanup
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-10 13:01:28 +02:00
Jakub Sokołowski
01088fd433
drop Adam and Igor from users
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-04-14 10:43:03 +02:00
Jakub Sokołowski
b3e320e064
deploy 2GB swap files on Nimbus hosts
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-26 19:04:59 +01:00
kdeme
1dd328307b
Add my public ssh key
2020-03-09 23:17:16 +01:00
Jakub Sokołowski
03b6fbe91b
update bootstrap extra volume var name
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-26 16:30:45 +01:00
Jakub Sokołowski
fcd17845b8
nimbus-stats: port to use systemd timer, fix consul query
...
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-19 11:51:09 +01:00