87 lines
2.6 KiB
YAML
87 lines
2.6 KiB
YAML
---
|
|
- name: Clone repo with secrets/validators
|
|
git:
|
|
repo: '{{ dist_validators_repo_url }}'
|
|
dest: '{{ dist_validators_repo_path }}'
|
|
version: '{{ dist_validators_repo_rev }}'
|
|
update: true
|
|
force: true
|
|
accept_hostkey: true
|
|
become_user: '{{ dist_validators_repo_user }}'
|
|
|
|
- name: Find all validators
|
|
find:
|
|
paths: '{{ dist_validators_path }}'
|
|
file_type: directory
|
|
recurse: true
|
|
depth: 1
|
|
register: found_validators_raw
|
|
|
|
- name: Find all secrets
|
|
find:
|
|
paths: '{{ dist_validators_secrets_path }}'
|
|
file_type: file
|
|
recurse: true
|
|
depth: 1
|
|
register: found_secrets_raw
|
|
|
|
- name: Extract file paths
|
|
set_fact:
|
|
found_validators: '{{ found_validators_raw.files | map(attribute="path") | map("basename") | list | sort }}'
|
|
found_secrets: '{{ found_secrets_raw.files | map(attribute="path") | map("basename") | list | sort }}'
|
|
|
|
- name: Verify number of validators and secrets matches
|
|
assert:
|
|
that: '{{ (found_validators|length) == (found_secrets|length) }}'
|
|
fail_msg: 'Number of total validators and secrets does not match!'
|
|
|
|
- name: Extract slice for host
|
|
set_fact:
|
|
host_validators: '{{ found_validators[dist_validators_range["start"]:dist_validators_range["end"]] }}'
|
|
host_secrets: '{{ found_secrets[dist_validators_range["start"]:dist_validators_range["end"]] }}'
|
|
|
|
- name: Verify that validators and secrets overlap
|
|
assert:
|
|
that: '{{ (host_validators|intersect(host_secrets)|length) == (host_validators|length) }}'
|
|
fail_msg: 'List of validators and their secrets does not overlap!'
|
|
|
|
- name: Create validators/secrets folders
|
|
file:
|
|
path: '{{ item }}'
|
|
state: 'directory'
|
|
owner: dockremap
|
|
group: docker
|
|
mode: 0700
|
|
with_items:
|
|
- '{{ dist_validators_data_path }}/validators'
|
|
- '{{ dist_validators_data_path }}/secrets'
|
|
|
|
- name: Copy over validators
|
|
command: |
|
|
rsync -ru --delete --exclude="slashing_protection.sqlite3*" \
|
|
{{ host_validators | join(" ") }} '{{ dist_validators_data_path }}/validators/'
|
|
args:
|
|
chdir: '{{ dist_validators_path }}'
|
|
|
|
- name: Copy over secrets
|
|
command: |
|
|
rsync -ru \
|
|
{{ host_secrets | join(" ") }} '{{ dist_validators_data_path }}/secrets/'
|
|
args:
|
|
chdir: '{{ dist_validators_secrets_path }}'
|
|
|
|
- name: Adjust validators dir permissions
|
|
shell: chmod 0700 -R '{{ dist_validators_data_path }}/validators/*'
|
|
args:
|
|
warn: false
|
|
|
|
- name: Adjust validators file permissions
|
|
shell: find '{{ dist_validators_data_path }}/validators/' -type f -exec chmod 0600 {} \;
|
|
args:
|
|
warn: false
|
|
|
|
- name: Adjust secrets permissions
|
|
shell: chmod 0600 -R '{{ dist_validators_data_path }}/secrets/*'
|
|
args:
|
|
warn: false
|