add initial setup
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
parent
8ae2fcd036
commit
86604067f7
|
@ -0,0 +1,33 @@
|
|||
# Description
|
||||
|
||||
This role provisions a [Nimbus](https://nimbus.team/) installation that can act as an ETH2 network bootstrap node.
|
||||
|
||||
# Ports
|
||||
|
||||
The service exposes three ports by default:
|
||||
|
||||
* `9000` - LibP2P peering port. Must __ALWAYS__ be public.
|
||||
* `9200` - JSON RPC port. Must __NEVER__ be public.
|
||||
* `9900` - Prometheus metrics port. Should not be public.
|
||||
|
||||
# Configuration
|
||||
|
||||
Minimum configuration would include.
|
||||
```yaml
|
||||
beacon_node_network: 'testnet0'
|
||||
# Infura Web Sockets URLs
|
||||
beacon_node_web3_urls: ['wss://mainnet.infura.io/ws/v3/123qwe123qwe123qwe']
|
||||
```
|
||||
The order of Web Socket URLs matters. First is the default, the rest are fallbacks.
|
||||
|
||||
It might be useful to increase the log verbosity level:
|
||||
```yaml
|
||||
beacon_node_log_level: DEBUG
|
||||
```
|
||||
|
||||
# Management
|
||||
|
||||
The containers are managed using [WinSW](https://github.com/winsw/winsw).
|
||||
```
|
||||
TODO
|
||||
```
|
|
@ -0,0 +1,42 @@
|
|||
---
|
||||
# shared testnet name: medalla, toledo, pyrmont, etc.
|
||||
beacon_node_network: 'medalla'
|
||||
beacon_node_service_name: 'beacon-node-{{ beacon_node_network }}'
|
||||
beacon_node_service_path: 'C:\Users\{{ beacon_node_user }}\{{ beacon_node_service_name }}'
|
||||
|
||||
beacon_node_log_level: 'INFO'
|
||||
beacon_node_data_folder: 'shared_{{ beacon_node_network }}_0'
|
||||
beacon_node_subscribe_all: false
|
||||
beacon_node_doppelganger_detection: true
|
||||
|
||||
# For validation
|
||||
beacon_node_valid_network_names: ["toledo", "pyrmont", "prater", "mainnet", "steklo", "nocturne"]
|
||||
|
||||
# Subfolders for separate read-only mounting
|
||||
beacon_node_secrets_path: '{{ beacon_node_service_path }}/data/{{ beacon_node_data_folder }}/secrets'
|
||||
|
||||
# connectivity settings
|
||||
beacon_node_discovery_port: 9000
|
||||
beacon_node_listening_port: 9000
|
||||
beacon_node_public_address: '{{ ansible_host }}'
|
||||
beacon_node_max_peers: 160
|
||||
|
||||
# metrics
|
||||
beacon_node_metrics_port: 9200
|
||||
|
||||
# rpc / administrative
|
||||
beacon_node_rpc_port: 9900
|
||||
|
||||
# resource limits, mem in MB
|
||||
beacon_node_mem_limit: '{{ (ansible_memtotal_mb * 0.5) | int }}'
|
||||
beacon_node_mem_reserve: '{{ (ansible_memtotal_mb * 0.4) | int }}'
|
||||
|
||||
# Consul service definition settings
|
||||
beacon_node_consul_service_name: 'beacon-node'
|
||||
beacon_node_consul_service_file_name: '{{ beacon_node_consul_service_name | replace("-", "_") }}'
|
||||
beacon_node_consul_metrics_service_name: '{{ beacon_node_consul_service_name }}-metrics'
|
||||
|
||||
# WebSocket RPC URLs, Goerli for testnets
|
||||
beacon_node_web3_urls: ['wss://goerli.infura.io/ws/v3/6224f3c792cc443fafb64e70a98f871e']
|
||||
|
||||
beacon_node_slashing_db_kind: 'v2'
|
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
- name: Verify web3 URLs are provided
|
||||
assert:
|
||||
that: '{{ beacon_node_web3_urls|length > 0 }}'
|
||||
quiet: true
|
||||
fail_msg: |
|
||||
Providing Web3 URLs is required to sync with Eth1 chain!
|
||||
Verify that the 'beacon_node_web3_urls' variable is set.
|
||||
|
||||
- name: Verify network name
|
||||
assert:
|
||||
that: '{{ beacon_node_network in beacon_node_valid_network_names }}'
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: Verify web3 URLs are provided
|
||||
assert:
|
||||
that: '{{ beacon_node_web3_urls|length > 0 }}'
|
||||
quiet: true
|
||||
fail_msg: |
|
||||
Providing Web3 URLs is required to sync with Eth1 chain!
|
||||
Verify that the 'beacon_node_web3_urls' variable is set.
|
||||
|
||||
- name: Verify network name
|
||||
assert:
|
||||
that: '{{ beacon_node_network in beacon_node_valid_network_names }}'
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
- name: 'Enable ports for: {{ beacon_node_service_name }}'
|
||||
win_firewall_rule:
|
||||
name: '{{ beacon_node_service_name }}-{{ rule.protocol }}'
|
||||
description: 'Nimbus Eth2 Beacon Node ports'
|
||||
action: 'allow'
|
||||
direction: 'in'
|
||||
state: 'present'
|
||||
enabled: true
|
||||
protocol: '{{ rule.protocol }}'
|
||||
localport: '{{ rule.port }}'
|
||||
with_items:
|
||||
- { protocol: 'tcp', port: '{{ beacon_node_listening_port }}' }
|
||||
- { protocol: 'udp', port: '{{ beacon_node_discovery_port }}' }
|
||||
loop_control:
|
||||
loop_var: rule
|
||||
notify:
|
||||
- Save iptables rules
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- import_tasks: checks.yml
|
||||
- import_tasks: service.yml
|
||||
- import_tasks: firewall.yml
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
- name: Create windows service
|
||||
include_role: name=infra-role-winsw
|
||||
vars:
|
||||
winsw_service_id: 'beacon-node'
|
||||
winsw_service_name: TODO
|
||||
winsw_service_description: 'Service managed by WinSW'
|
||||
winsw_service_user: TODO
|
||||
winsw_service_exe_url: TODO
|
||||
winsw_service_arguments: >
|
||||
--network={{ beacon_node_network }}
|
||||
--data-dir='/data/{{ beacon_node_data_folder }}'
|
||||
{% for url in beacon_node_web3_urls | mandatory %}
|
||||
--web3-url={{ url | mandatory }}
|
||||
{% endfor %}
|
||||
--nat=extip:{{ beacon_node_public_address }}
|
||||
--log-level={{ beacon_node_log_level }}
|
||||
--tcp-port={{ beacon_node_listening_port }}
|
||||
--udp-port={{ beacon_node_discovery_port }}
|
||||
--max-peers={{ beacon_node_max_peers }}
|
||||
--netkey-file=/{{ beacon_node_netkey_cont_path }}
|
||||
--slashing-db-kind={{ beacon_node_slashing_db_kind }}
|
||||
--insecure-netkey-password=true
|
||||
--subscribe-all-subnets={{ beacon_node_subscribe_all | to_json }}
|
||||
--doppelganger-detection={{ beacon_node_doppelganger_detection | to_json }}
|
||||
--rpc
|
||||
--rpc-address=0.0.0.0
|
||||
--rpc-port={{ beacon_node_rpc_port }}
|
||||
--metrics
|
||||
--metrics-address=0.0.0.0
|
||||
--metrics-port={{ beacon_node_metrics_port }}
|
||||
|
Loading…
Reference in New Issue