Commit Graph

501 Commits

Author SHA1 Message Date
Jakub Sokołowski 7064ed2f2d
drop nimbus.rayonism host, replaced by nimbus.eth1
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 20:21:00 +02:00
Jakub Sokołowski 28b69ccc69
fix bootstrap root password secret, bump roles
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 20:19:00 +02:00
Zahary Karadjov 15f7c9ea9b Deploy RocketPool on the new nimbus.eth1 hetzner host 2021-08-26 19:49:38 +02:00
Zahary Karadjov 3e69657de8
Bump RocketPool to v1.0.0-RC7 2021-08-26 20:38:42 +03:00
Jakub Sokołowski 345ceb8050
add metal-01.he-eu-hel1.nimbus.eth1 host
https://github.com/status-im/infra-nimbus/issues/70

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 15:52:16 +02:00
Jakub Sokołowski abe15b05db
geth: explicitly open RPC and WebSocket ports to VPN
Since geth role now defaults to using `localhost` for both.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-25 15:26:42 +02:00
Jakub Sokołowski 0a143764f0
geth-goerli: adjust VPN firewall comments
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-25 15:08:30 +02:00
Zahary Karadjov 7a2120c8cb Explicitly enable the RPC service on Pyrmont and Prater hosts 2021-08-25 15:05:29 +02:00
Zahary Karadjov 8f01241bc8 Experimental deployment of RocketPool on the Rayonism host 2021-08-25 15:05:29 +02:00
Jakub Sokołowski 9f5bc6be6a
upgrade Geth to 1.10.8 to fix CVE-2021-39137
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-25 13:11:43 +02:00
Jakub Sokołowski 2a781d70e8
firewall: remove obsolete settings for open-ports
We now call `open-ports` role inside of `beacon-node` roles.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:51:26 +02:00
Jakub Sokołowski e0d70f46f3
prater/pyrmont: add config for REST API port
https://github.com/status-im/infra-role-beacon-node-linux/pull/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:46:05 +02:00
Jakub Sokołowski ecdaa70356
geth: open WebSocket port for Nimbus fleets
This worked before due to connections being already established.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-19 15:32:59 +02:00
Jakub Sokołowski 4f05e2f40d
beacon-node-builds: drop targets, move to prater host
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-18 12:43:51 +02:00
Jakub Sokołowski e08baf3861
pyrmont: temporarily switch to running altair branch
Necessary for Eth2 2 hard-fork that is going to happen on Pyrmont.
Will revert back to the other branches once changes reach them.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-18 11:49:17 +02:00
Jakub Sokołowski ba18ab13f8
ansible.cfg: set lookup_plugins to ./ansible/lookup_plugins
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-17 11:44:57 +02:00
Jakub Sokołowski b785e3e862
firewall: open ElasticSearch port to log-aggr.hq
Fixes logs redirection from Logstash hosts to Nimbus ES cluster.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-13 22:31:39 +02:00
Jakub Sokołowski a21ac2fe8c
port rest of fleet secrets to BitWarden
https://github.com/status-im/infra-docs/issues/9

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-13 22:25:19 +02:00
Jakub Sokołowski 5d36d3ad3e
firewall: use new IP sets and iptables chains
https://github.com/status-im/infra-hq/issues/69
https://github.com/status-im/infra-role-bootstrap-linux/commit/92d8923b
https://github.com/status-im/infra-role-wireguard/commit/8394639e

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-11 19:54:36 +02:00
Jakub Sokołowski 1ff378d392
update WireGuard config files layout
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-29 18:57:45 +02:00
Jakub Sokołowski 95261d2d10
ansible/cleanup: drop removing backups, remove nginx logs
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-29 18:57:42 +02:00
Jakub Sokołowski 6375725d87
deploy rpc.sh wrapper for windows beacon nodes
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-29 09:32:12 +02:00
Jakub Sokołowski 4384f62e5f
rename infra-role-bootstrap-linux, upgrde consul
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-28 12:29:01 +02:00
Jakub Sokołowski 3e32ec1ba9
migrate bootstrap secrets to BitWarden
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-28 12:02:03 +02:00
Jakub Sokołowski c3a8883662
upgrade Geth to 1.10.6 for the London hard-fork
https://github.com/ethereum/go-ethereum/releases/tag/v1.10.6

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-22 19:44:24 +02:00
Jakub Sokołowski 8943576ddf
remove 3 Prater hosts that donated validators to windows
https://github.com/status-im/infra-nimbus/issues/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-19 17:11:20 +02:00
Jakub Sokołowski 4a7ab275a5
move validators from 04 Pyrmont hosts to one windows host
https://github.com/status-im/infra-nimbus/issues/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-19 16:48:08 +02:00
Jakub Sokołowski a3ae9a36ee
remove unused Pyrmont fleet host_vars files
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-19 16:44:31 +02:00
Jakub Sokołowski c8c1b4faa8
pyrmont: fix duplicate dist-validators variable
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-19 16:44:04 +02:00
Jakub Sokołowski 7c1199f4c0
decomission old AWS Pyrmont hosts
https://github.com/status-im/infra-nimbus/issues/65

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-19 13:04:05 +02:00
Jakub Sokołowski 32baf5e4b7
migrate Pyrmont fleet to Hetzner metal hosts
https://github.com/status-im/infra-nimbus/issues/65

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-19 12:33:23 +02:00
Jakub Sokołowski 12ee7513f3
nimbus-prater-windows: bump host to c2-standard-8
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-16 18:49:01 +02:00
Jakub Sokołowski b16b9b6ef0
nimbus-prater-windows: bump to c2-standard-4, 200GB root
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-16 15:14:30 +02:00
Jakub Sokołowski 87d23f8fa1
deploy 3 beacon nodes on all Pyrmont metal hosts
https://github.com/status-im/infra-nimbus/issues/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-15 20:15:58 +02:00
Jakub Sokołowski df96f214cd
add 4 metal Hetzner hosts for Pyrmont migration
https://github.com/status-im/infra-nimbus/issues/65

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-15 13:51:41 +02:00
Jakub Sokołowski 4fc3ac2689
beacon-node-builds: fix nightly tag clobbering issue
Using single_branch:true avoids cloning other tags/branches.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-14 16:19:52 +02:00
Jakub Sokołowski eb1fea5716
upgrade deploy-eth2-prod image to v1.4.1
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-14 15:37:45 +02:00
Jakub Sokołowski 8f05a0191c
prater: add service user pass and facts path for windows
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-07-14 14:59:40 +02:00
Jakub Sokołowski 7d76f4b39e
drop all 05 prater nodes in favor of Hetzner host
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-30 22:50:29 +02:00
Jakub Sokołowski b5f75078f3
move validators from prater 05 hosts to Hetzner host
https://github.com/status-im/infra-nimbus/issues/52

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-30 22:48:36 +02:00
Jakub Sokołowski bdab0a2f8b
deploy prater nodes on hetzner node
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 21:30:00 +02:00
Jakub Sokołowski a9dfaa12a3
give extra users admin rights on the windows hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 18:02:45 +02:00
Jakub Sokołowski f0f5f32e8a
drop group_vars files in favor of generating container tags
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 17:32:00 +02:00
Jakub Sokołowski a99a6d0fc6
refactor to distribute validators via beacon-node role
This way we can deploy multiple nodes on the same host.
https://github.com/status-im/infra-nimbus/issues/52

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 16:43:27 +02:00
Jakub Sokołowski 5122d41a99
move distribute-validators role to a separate repo
https://github.com/status-im/infra-role-dist-validators

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 16:40:48 +02:00
Jakub Sokołowski 432623b74d
rename Hetzner host to just metal-01
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 16:39:45 +02:00
Jakub Sokołowski 054c5c2d26
ansible/requirements: update bootstrap and winsw
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-28 09:52:38 +02:00
Jakub Sokołowski db456f7f5c
upgrade Terraform to 1.0, upgrade all providers
https://www.terraform.io/upgrade-guides/0-15.html
https://www.terraform.io/upgrade-guides/1-0.html

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-23 11:48:43 +02:00
cheatfate 3a3d52a156 Add cheatfate's SSH account. 2021-06-22 13:02:33 +02:00
Arthur Koziel 0a75a69a09 Deploy mainnet beacon nodes on hetzner server
This will run multiple mainnet beacon nodes on the hetzner server. It
will use the `infra-role-beacon-node-linux` to build and run `stable`,
`unstable` and `testing` on the machine.

Signed-off-by: Arthur Koziel <arthur@arthurkoziel.com>
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-22 12:29:01 +02:00