Commit Graph

185 Commits

Author SHA1 Message Date
Jakub Sokołowski 237da365e7
bootstrap: add missing admin pass for macos hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-04 20:55:08 +01:00
Jakub Sokołowski 9c8b0f6185
users: give tanguy sudo permissions
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-04 15:35:30 +01:00
Jakub Sokołowski 462f373827
mainnet.geth: use snap sync method
We had issues with mainnet node not fully syncing.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-12-18 18:06:59 +01:00
Jakub Sokołowski 5dae92080a
get-geth-api-urls: use HTTP RPC API for unstable only
Current support for HTTP RPC API is not stable enough.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-12-03 19:40:52 +01:00
Jakub Sokołowski ce70b55014
prater-windows: disable windows defender
Negatively impacts I/O performance, and we don't need it.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-11-25 20:00:52 +01:00
Jakub Sokołowski 5d5857928d
pyrmont: expose REST API at insecura.nimbus.team
Inteded for tests of public insecure API access for Jacek.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-11-22 15:36:56 +01:00
Jakub Sokołowski 6c3384b8ba
ugprade Rocketpool to 1.0.0
https://github.com/status-im/infra-rocketpool/issues/2

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-11-08 13:35:37 +01:00
Jakub Sokołowski f334b8917f
rocketpool: upgrade to v1.0.0-pre4
https://github.com/status-im/infra-role-rocketpool/issues/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-11-03 14:02:57 +01:00
Jakub Sokołowski a4877e9b28
upgrade ELK stack to 7.14.2
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-28 19:29:15 +02:00
Jakub Sokołowski edfcf0b621
nimbus.eth1: update rocketpool setup to new layout
https://github.com/status-im/infra-rocketpool/issues/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-27 20:38:59 +02:00
Jakub Sokołowski 9fddf38791
geth: open mainnet ports for rocket.prod fleet
https://github.com/status-im/infra-rocketpool/issues/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-26 15:37:00 +02:00
Jakub Sokołowski 6be2fc03e9
mainnet: add two libp2p nodes on 05 and 06 hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-25 14:30:22 +02:00
Jakub Sokołowski bcc297b796
prater: move libp2p nodes from AWS to Hetzner
It will lower costs of Prater fleet. I've discussed this with Tanguy and
he's fine with it. I'm also addin two nodes without validators.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-25 12:58:59 +02:00
Jakub Sokołowski b5684f018e
drop prater 02 AWS nodes, rename stable one
The renaming of:
`stable-large-01.aws-eu-central-1a.nimbus.prater`
to
`testing-large-01.aws-eu-central-1a.nimbus.prater`
Was done because the host was a Prater bootstrap node and it could not
be lost. The node key and the ports remained unchanged.

https://github.com/status-im/infra-nimbus/issues/60

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-22 18:23:22 +02:00
Jakub Sokołowski 961756674c
nimbus.prater: move validators to new MacOS host
https://github.com/status-im/infra-nimbus/issues/60
https://github.com/status-im/infra-role-dist-validators/commit/f5e6c306

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-22 17:56:20 +02:00
Jakub Sokołowski 1dfba96dec
nimbus.eth1: sync goerli instad of mainnet
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-14 13:05:29 +02:00
Jakub Sokołowski 7aa5d2d420
add all users to admin group on MacOS hosts
This fixes SSH access issue, since only admin group members can have
remote access to the host:
https://www.vinnie.work/blog/2020-12-26-why-so-hard-osx-ssh-access/

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-13 13:34:56 +02:00
Jakub Sokołowski 67c7eff430
nimbus.prater: deploy Consul agent on MacOS host
https://github.com/status-im/infra-role-bootstrap-macos/pull/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-06 13:57:33 +02:00
Jakub Sokołowski 3585f5615a
mainnet/prater: block libp2p ports for select nodes
As part of experiment in how nodes behave in restrictive networks.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-05 18:28:08 +02:00
Jakub Sokołowski 6ed5081087
nimbus.prater: move validators from 03 nodes to metal-02
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-05 15:46:13 +02:00
Jakub Sokołowski 6df0c868df
nimbus.prater: fix naming of libp2p services
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-05 14:51:49 +02:00
Jakub Sokołowski 89cbff6b52
switch back to original 3 branch layout of nodes
Since with release of `1.5.0` the `stable` branch has all the necessary changes:
https://github.com/status-im/nimbus-eth2/releases/tag/v1.5.0

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-05 12:43:51 +02:00
Jakub Sokołowski 61e573d40a
nimbus.mainnet: add 2GB swap file for all hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-05 12:08:14 +02:00
Jakub Sokołowski 8a91646bfe
nimbus.prater: deploy nodes to metal-02
Without validators for now.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 23:45:19 +02:00
Jakub Sokołowski 9a8fbd88f8
nimbus.pyrmont: refactor node layout configuration
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 22:36:29 +02:00
Jakub Sokołowski 7eb4c4749c
nimbus.prater: refactor node layout configuration
This is necessary to support multiple hosts with multiple nodes.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 21:59:25 +02:00
Jakub Sokołowski 018e1f3b78
enable beacon_node_rpc_enabled for all hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 17:53:07 +02:00
Jakub Sokołowski 6c7e3384e5
nimbus.mainnet: deploy 6 nodes on new Hetzner hosts
https://github.com/status-im/infra-nimbus/issues/66

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-04 12:08:58 +02:00
Jakub Sokołowski e7e457395a
nimbus.eth1: deploy eth1 node with infra-role-nimbus-eth1
https://github.com/status-im/infra-nimbus/issues/72

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-10-01 14:32:09 +02:00
Jakub Sokołowski c56a7cee04
nimbus.prater: switch to using systemd services
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-29 19:38:30 +02:00
Zahary Karadjov 597dbb2b79
Increase the number of peers on Pyrmont and Prater 2021-09-21 21:29:16 +03:00
Jakub Sokołowski 7f5fd21829
nimbus.mainnet: set branch to use to stable
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-21 18:37:59 +02:00
Jakub Sokołowski 3673ff3577
bootstrap: add zahary to extra users
Instead of adding him via default users:
https://github.com/status-im/infra-role-bootstrap-linux/commit/d6a6c129

This fixes addition to Windows host as well.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-20 16:21:09 +02:00
Zahary Karadjov e58d1f7abc
Reduce the number of peers on Prater and Pyrmont nodes
This is a test of the recently developed subnet walking functionality
2021-09-14 19:55:21 +03:00
Jakub Sokołowski e8317de1a4
beacon-node-builds: add nim-libp2p-auto-bump builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-08 18:51:02 +02:00
Jakub Sokołowski d7e0530d97
log-dash: fix ES LB access to log-store nodes
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-02 13:15:08 +02:00
Jakub Sokołowski 437d9e034f
temproarily switch nodes to run unstable for Altair
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-02 08:14:34 +02:00
Zahary Karadjov 4be33a288d
Specify the correct web3_url for the Rocket Pool node on nimbus.eth1 2021-08-26 21:27:41 +03:00
Jakub Sokołowski 7064ed2f2d
drop nimbus.rayonism host, replaced by nimbus.eth1
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 20:21:00 +02:00
Jakub Sokołowski 28b69ccc69
fix bootstrap root password secret, bump roles
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-26 20:19:00 +02:00
Zahary Karadjov 15f7c9ea9b Deploy RocketPool on the new nimbus.eth1 hetzner host 2021-08-26 19:49:38 +02:00
Jakub Sokołowski abe15b05db
geth: explicitly open RPC and WebSocket ports to VPN
Since geth role now defaults to using `localhost` for both.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-25 15:26:42 +02:00
Jakub Sokołowski 0a143764f0
geth-goerli: adjust VPN firewall comments
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-25 15:08:30 +02:00
Zahary Karadjov 8f01241bc8 Experimental deployment of RocketPool on the Rayonism host 2021-08-25 15:05:29 +02:00
Jakub Sokołowski 2a781d70e8
firewall: remove obsolete settings for open-ports
We now call `open-ports` role inside of `beacon-node` roles.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:51:26 +02:00
Jakub Sokołowski e0d70f46f3
prater/pyrmont: add config for REST API port
https://github.com/status-im/infra-role-beacon-node-linux/pull/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-23 16:46:05 +02:00
Jakub Sokołowski ecdaa70356
geth: open WebSocket port for Nimbus fleets
This worked before due to connections being already established.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-19 15:32:59 +02:00
Jakub Sokołowski b785e3e862
firewall: open ElasticSearch port to log-aggr.hq
Fixes logs redirection from Logstash hosts to Nimbus ES cluster.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-13 22:31:39 +02:00
Jakub Sokołowski a21ac2fe8c
port rest of fleet secrets to BitWarden
https://github.com/status-im/infra-docs/issues/9

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-13 22:25:19 +02:00
Jakub Sokołowski 5d36d3ad3e
firewall: use new IP sets and iptables chains
https://github.com/status-im/infra-hq/issues/69
https://github.com/status-im/infra-role-bootstrap-linux/commit/92d8923b
https://github.com/status-im/infra-role-wireguard/commit/8394639e

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-11 19:54:36 +02:00