status-im/infra-nimbus
2
0
Fork 0
mirror of https://github.com/status-im/infra-nimbus.git synced 2025-02-21 09:58:08 +00:00
Code Issues Projects Releases Wiki Activity
infra-nimbus/ansible
History
markoburcul 84b17fec5a
fluffy: deploy fluffy on DO droplet 
Referenced issue: https://github.com/status-im/infra-nimbus/issues/221

Signed-off-by: markoburcul <marko@status.im>
2025-02-20 11:13:26 +01:00
..
callback_plugins
vault-plugin: create caching mechanism
2024-12-04 10:39:22 +01:00
files
filter_plugins
ansible: use admin as default remote user
2025-01-21 19:56:29 +01:00
group_vars
nimbus-fluffy: update web3 url for portal bridge
2025-02-20 09:44:51 +01:00
host_vars
fluffy: deploy fluffy on DO droplet
2025-02-20 11:13:26 +01:00
inventory
fluffy: deploy fluffy on DO droplet
2025-02-20 11:13:26 +01:00
lookup_plugins
ansible: remove bitwarden plugin, upgrade ansible
2025-02-11 19:31:39 +01:00
roles
era: migrate from /data to /docker on holesky
2025-02-06 15:57:21 +01:00
vars
sepolia: switch 2 geth nodes to nimbus-eth1
2025-02-06 14:54:16 +01:00
add_ssh_key.yml
become_pass.sh
ansible: add become_pass.sh, persistent connections
2025-01-22 16:37:38 +01:00
bench.yml
nimbus: service for short and long benchmarking
2024-12-06 16:00:01 +05:30
bootstrap.yml
cleanup.yml
era.yml
public: add eth1-db.nimbus.team hosting for DBs
2024-12-03 16:58:31 +01:00
eth1.yml
eth1: migrate to nftables
2024-10-10 18:00:30 +02:00
fluffy.yml
fluffy: deploy fluffy on DO droplet
2025-02-20 11:13:26 +01:00
geth.yml
geth: fix use of ansible tags in playbook
2025-01-07 14:31:05 +01:00
holesky.yml
holesky: convert 5 neth nodes to nec
2025-02-06 14:52:37 +01:00
logs.yml
logs.nimbus: fix name of logclean-job role
2024-09-25 14:26:45 +02:00
mainnet.yml
vault: migrate secrets from bitwarden
2024-12-04 12:23:29 +05:30
public.yml
public: add eth1-db.nimbus.team hosting for DBs
2024-12-03 16:58:31 +01:00
README.md
ansible: remove bitwarden plugin, upgrade ansible
2025-02-11 19:31:39 +01:00
rebuild.yml
requirements.yml
fluffy: deploy fluffy on DO droplet
2025-02-20 11:13:26 +01:00
resize.yml
restart.yml
roles.py
ansible: apply roles.py fixes
2024-07-05 11:44:09 +02:00
sepolia.yml
sepolia: switch 2 geth nodes to nimbus-eth1
2025-02-06 14:54:16 +01:00
terraform.py
terraform: encrypt backup state
2025-02-07 13:39:33 +05:30
upgrade.yml

README.md

Description

Herein lie all ansible related files except for ansible.cfg at the root of the repo for easier usage without having to cd here.

Usage

Simply run the play related to the specific type of configuration you want to deploy:

 > ls -1 ansible/*.yml
ansible/bootstrap.yml
ansible/upgrade.yml
ansible/main.yml

ansible-playbook ansible/main.yml

Bootstrap

All hosts are bootstraped right after provisioning using these roles:

If you want to re-run any bootstrap step you can do it like so:

ansible-playbook ansible/bootstrap.yml -t role::bootstrap:hostname

In this case only the hostname set of tasks will be executed due to the role::bootstrap:hostname tag.

Inventory

The inventory we use is crated by Terraform via the terraform-provider-ansible which generates the necessary data structures in the Consul Key/Value store that is later used by the terraform.py script to provide hosts and their variables to Ansible.

Some ways to view existing hosts:

ansible localhost -m debug -a 'var=groups'
ansible all -o -m debug -a 'var=ansible_host' | columns -t

A backup of the Terraform state is created at .terraform/terraform.tfstate.backup. It is symetrically encrypted using Fernet algorithm with a key generated from haed CONSUL_HTTP_TOKEN and can be decrypted by using decrypt_tf_backup.py script.

Variables

Ansible variables can be provided to Ansible using the --extra-vars/-e flag. An example of such a flag is:

compose_state: 'present'
compose_recreate: 'smart'
compose_restart: false

These are used in every role that starts docker containers. You can use them to change the behaviour of roles. For example to re-create all metric related containers use:

ansible-playbook ansible/main.yml -e compose_recreate=always

Secrets

Secrets are stored and provided in three ways:

Read secrets management guide for more details.