add nim_ prefix to codex_ variables

The variable names should mach the repo naming. Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-12 12:47:41 +02:00 · 2022-04-12 12:47:41 +02:00 · d9e29e70dc
parent 7353484dcf
commit d9e29e70dc
15 changed files with 129 additions and 168 deletions
--- a/README.md
+++ b/README.md
@ -32,9 +32,9 @@ Add to your `requirements.yml` file:
 The crucial settings are:
 ```yaml
 # branch which should be built
-codex_repo_branch: 'stable'
+nim_codex_repo_branch: 'stable'
 # optional setting for debug mode
-codex_log_level: 'DEBUG'
+nim_codex_log_level: 'DEBUG'
 ```

 # Management
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1,55 +1,50 @@
 ---
-codex_service_name: 'codex-{{ codex_repo_branch }}'
-codex_service_path: '/data/{{ codex_service_name }}'
-codex_data_folder: '{{ codex_service_path }}/data'
-codex_repo_path: '{{ codex_service_path }}/repo'
-codex_logs_link: '{{ codex_service_path }}/logs'
+nim_codex_service_name: 'codex-{{ nim_codex_repo_branch }}'
+nim_codex_service_path: '/data/{{ nim_codex_service_name }}'
+nim_codex_data_folder: '{{ nim_codex_service_path }}/data'
+nim_codex_repo_path: '{{ nim_codex_service_path }}/repo'
+nim_codex_logs_link: '{{ nim_codex_service_path }}/logs'

-codex_user: 'codex'
-codex_group: 'staff'
+nim_codex_user: 'codex'
+nim_codex_group: 'staff'

-codex_build_service_name: 'build-{{ codex_service_name }}'
-codex_build_timer_enabled: true
-codex_build_timer_timeout: 3600
-codex_build_frequency: 'daily'
-codex_build_days_kept: 3
-codex_build_jobs: '{{ ansible_processor_vcpus / 2 | round(0, "ceil") }}'
-codex_build_log_level: 'TRACE'
-codex_build_restarts_service: true
-codex_build_nim_flags: >-
+# Build
+nim_codex_build_service_name: 'build-{{ nim_codex_service_name }}'
+nim_codex_build_timer_enabled: true
+nim_codex_build_timer_timeout: 3600
+nim_codex_build_frequency: 'daily'
+nim_codex_build_days_kept: 3
+nim_codex_build_jobs: '{{ ansible_processor_vcpus / 2 | round(0, "ceil") }}'
+nim_codex_build_log_level: 'TRACE'
+nim_codex_build_restarts_service: true
+nim_codex_build_nim_flags: >-
  -d:noSignalHandler

-codex_repo_url: 'https://github.com/status-im/nim-dagger'
-codex_repo_branch: 'main'
+nim_codex_repo_url: 'https://github.com/status-im/nim-dagger'
+nim_codex_repo_branch: 'main'

-codex_log_level: 'INFO' # TRACE DEBUG INFO NOTICE WARN ERROR FATAL NONE
-codex_log_format: 'json' # auto colors nocolors json none
+nim_codex_log_level: 'INFO' # TRACE DEBUG INFO NOTICE WARN ERROR FATAL NONE
+nim_codex_log_format: 'json' # auto colors nocolors json none

 # connectivity settings
-codex_public_address: '{{ ansible_host }}'
-codex_max_peers: 160
-codex_discovery_port: 9000
-codex_listening_port: 9000
-
-# Firewall
-codex_firewall_libp2p_open: true
-codex_firewall_metrics_open: true
+nim_codex_public_address: '{{ ansible_host }}'
+nim_codex_max_peers: 160
+nim_codex_listening_port: 9000

 # Scraping of metrics done via VPN. Protected by firewall.
-codex_metrics_enabled: true
-codex_metrics_address: '0.0.0.0'
-codex_metrics_port: 9200
-
-codex_rest_port: 5052
+nim_codex_metrics_enabled: true
+nim_codex_metrics_address: '0.0.0.0'
+nim_codex_metrics_port: 9200
+nim_codex_rest_port: 5052

 # Size in MiB
-codex_cache_size: 100
+nim_codex_cache_size: 100

 # Consul service definition settings
-codex_consul_service_name: 'beacon-node'
-codex_consul_service_file_name: '{{ codex_service_name | replace("-", "_") }}'
-codex_consul_metrics_service_name: '{{ codex_consul_service_name }}-metrics'
+nim_codex_consul_service_name: 'beacon-node'
+nim_codex_consul_service_file_name: '{{ nim_codex_service_name | replace("-", "_") }}'
+nim_codex_consul_metrics_service_name: '{{ nim_codex_consul_service_name }}-metrics'

 # Which version of Nim to use for the build
 # By default, it would use the one specified by the pinned nimbus-build-system
-codex_nim_commit: ''
+nim_codex_nim_commit: ''
--- a/files/ansible_toggle.sh
+++ b/files/ansible_toggle.sh
@ -1,15 +0,0 @@
-#!/usr/bin/env bash
-# Call this script to toggle whether Ansible should make changes.
-# If named 'ansible_disabled.sh' all Ansible tasks are skipped.
-set -e
-SCRIPT_PATH=$(realpath -s "${0}")
-if [[ "${SCRIPT_PATH}" =~ _enabled.sh$ ]]; then
-    mv -f "${SCRIPT_PATH}" "${SCRIPT_PATH/enabled/disabled}"
-    echo "Disabled automatic updates by Ansible!"
-elif [[ "${SCRIPT_PATH}" =~ _disabled.sh$ ]]; then
-    mv -f "${SCRIPT_PATH}" "${SCRIPT_PATH/disabled/enabled}"
-    echo "Enabled automatic updates by Ansible!"
-else
-    echo "Expected script name to include 'disabled' or 'enabled'!" >&2
-    exit 1
-fi
--- a/tasks/build.yml
+++ b/tasks/build.yml
@ -1,30 +1,30 @@
 ---
 - name: Clone repo branch
  git:
-    repo: '{{ codex_repo_url }}'
-    version: '{{ codex_repo_branch }}'
-    dest: '{{ codex_repo_path }}'
+    repo: '{{ nim_codex_repo_url }}'
+    version: '{{ nim_codex_repo_branch }}'
+    dest: '{{ nim_codex_repo_path }}'
    force: true
    update: true
-  become_user: '{{ codex_user }}'
+  become_user: '{{ nim_codex_user }}'

 - name: Check if node binary exists
  stat:
-    path: '{{ codex_repo_path }}/build/codex'
-  register: codex_bin
+    path: '{{ nim_codex_repo_path }}/build/codex'
+  register: nim_codex_bin

 - name: Create timer for build script
  include_role: name=systemd-timer
  vars:
-    systemd_timer_name: '{{ codex_build_service_name }}'
-    systemd_timer_user: '{{ codex_user }}'
-    systemd_timer_group: '{{ codex_group }}'
-    systemd_timer_description: 'Build {{ codex_service_name }}'
-    systemd_timer_start_on_creation: '{{ not codex_bin.stat.exists }}'
+    systemd_timer_name: '{{ nim_codex_build_service_name }}'
+    systemd_timer_user: '{{ nim_codex_user }}'
+    systemd_timer_group: '{{ nim_codex_group }}'
+    systemd_timer_description: 'Build {{ nim_codex_service_name }}'
+    systemd_timer_start_on_creation: '{{ not nim_codex_bin.stat.exists }}'
    systemd_timer_ionice_class: 'idle'
    systemd_timer_consul_warning: true
-    systemd_timer_enabled: '{{ codex_build_timer_enabled }}'
-    systemd_timer_frequency: '{{ codex_build_frequency }}'
-    systemd_timer_timeout_sec: '{{ codex_build_timer_timeout }}'
-    systemd_timer_work_dir: '{{ codex_service_path }}'
-    systemd_timer_script_path: '{{ codex_service_path }}/build.sh'
+    systemd_timer_enabled: '{{ nim_codex_build_timer_enabled }}'
+    systemd_timer_frequency: '{{ nim_codex_build_frequency }}'
+    systemd_timer_timeout_sec: '{{ nim_codex_build_timer_timeout }}'
+    systemd_timer_work_dir: '{{ nim_codex_service_path }}'
+    systemd_timer_script_path: '{{ nim_codex_service_path }}/build.sh'
--- a/tasks/checks.yml
+++ b/tasks/checks.yml
@ -1,17 +0,0 @@
---
-# Used by devs who make manual changes to node setup.
- name: Check Ansible toggle script
-  stat:
-    path: '{{ codex_service_path }}/ansible_disabled.sh'
-  register: codex_ansible_toggle
-
- name: Check if Ansible updates are disabled
-  set_fact:
-    codex_ansible_disabled: '{{ codex_ansible_toggle.stat.exists }}'
-
-# Using 'fail' task to make the warning red and visible.
- name: 'WARNING: {{ codex_service_name }}'
-  fail:
-    msg: 'WARNING: Ansible changes disabled due to toggle script!'
-  when: codex_ansible_disabled
-  ignore_errors: true
--- a/tasks/config.yml
+++ b/tasks/config.yml
@ -1,18 +1,18 @@
 ---
 - name: Create service directory
  file:
-    path: '{{ codex_data_folder }}'
+    path: '{{ nim_codex_data_folder }}'
    state: directory
-    owner: '{{ codex_user }}'
-    group: '{{ codex_group }}'
+    owner: '{{ nim_codex_user }}'
+    group: '{{ nim_codex_group }}'
    mode: 0770

 - name: Create helper scripts
  template:
    src: '{{ item }}'
-    dest: '{{ codex_service_path }}/{{ item|basename|replace(".j2", "") }}'
-    owner: '{{ codex_user }}'
-    group: '{{ codex_group }}'
+    dest: '{{ nim_codex_service_path }}/{{ item|basename|replace(".j2", "") }}'
+    owner: '{{ nim_codex_user }}'
+    group: '{{ nim_codex_group }}'
    mode: 0750
  with_fileglob:
    - 'templates/scripts/*'
--- a/tasks/consul.yml
+++ b/tasks/consul.yml
@ -3,22 +3,22 @@
 #- name: 'Create Consul service definition'
 #  include_role: name=consul-service
 #  vars:
-#    consul_config_name: '{{ codex_consul_service_file_name }}'
+#    consul_config_name: '{{ nim_codex_consul_service_file_name }}'
 #    consul_services:
-#      - id: '{{ codex_service_name }}'
-#        name: '{{ codex_consul_service_name }}'
-#        port: '{{ codex_listening_port }}'
-#        address: '{{ codex_public_address }}'
+#      - id: '{{ nim_codex_service_name }}'
+#        name: '{{ nim_codex_consul_service_name }}'
+#        port: '{{ nim_codex_listening_port }}'
+#        address: '{{ nim_codex_public_address }}'
 #        tags: ['{{ env }}.{{ stage }}', 'beacon', 'nimbus']
 #
-#      - id: '{{ codex_service_name }}-metrics'
-#        name: '{{ codex_consul_metrics_service_name }}'
-#        port: '{{ codex_metrics_port }}'
+#      - id: '{{ nim_codex_service_name }}-metrics'
+#        name: '{{ nim_codex_consul_metrics_service_name }}'
+#        port: '{{ nim_codex_metrics_port }}'
 #        address: '{{ ansible_local.wireguard.vpn_ip }}'
 #        tags: ['{{ env }}.{{ stage }}', 'beacon', 'nimbus', 'metrics']
 #        meta:
-#          container: '{{ codex_service_name }}'
+#          container: '{{ nim_codex_service_name }}'
 #        checks:
-#          - name: '{{ codex_consul_metrics_service_name }}-health'
+#          - name: '{{ nim_codex_consul_metrics_service_name }}-health'
 #            type: 'http'
-#            http: 'http://localhost:{{ codex_metrics_port }}/health'
+#            http: 'http://localhost:{{ nim_codex_metrics_port }}/health'
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@ -2,10 +2,8 @@
 - name: Open Libp2p ports in iptables
  include_role: name=open-ports
  vars:
-    open_ports_default_comment: '{{ codex_service_name }}'
+    open_ports_default_comment: '{{ nim_codex_service_name }}'
    open_ports_default_chain: 'SERVICES'
    open_ports_list:
-      - { port: '{{ codex_listening_port }}', protocol: 'tcp', state: '{{ codex_firewall_libp2p_open | ternary("present", "absent") }}' }
-      - { port: '{{ codex_discovery_port }}', protocol: 'udp', state: '{{ codex_firewall_libp2p_open | ternary("present", "absent") }}' }
-      - { port: '{{ codex_metrics_port }}', chain: 'VPN', ipset: 'metrics.hq', state: '{{ codex_firewall_metrics_open | ternary("present", "absent") }}' }
-      - { port: '{{ codex_rest_port }}',    chain: 'VPN', ipset: '{{ env }}.{{ stage }}' }
+      - { port: '{{ nim_codex_listening_port }}', protocol: 'tcp' }
+      - { port: '{{ nim_codex_rest_port }}',      chain: 'VPN', ipset: '{{ env }}.{{ stage }}' }
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,11 +1,8 @@
 ---
- include_tasks: checks.yml
- when: not codex_ansible_disabled
-  block:
-    - include_tasks: install.yml
-    - include_tasks: user.yml
-    - include_tasks: config.yml
-    - include_tasks: build.yml
-    - include_tasks: service.yml
-    - include_tasks: firewall.yml
-#    - include_tasks: consul.yml
+- include_tasks: install.yml
+- include_tasks: user.yml
+- include_tasks: config.yml
+- include_tasks: build.yml
+- include_tasks: service.yml
+- include_tasks: firewall.yml
+#- include_tasks: consul.yml
--- a/tasks/service.yml
+++ b/tasks/service.yml
@ -1,23 +1,23 @@
 ---
 - name: Symlink service logs folder
  file:
-    src: '/var/log/service/{{ codex_service_name }}'
-    dest: '{{ codex_logs_link }}'
+    src: '/var/log/service/{{ nim_codex_service_name }}'
+    dest: '{{ nim_codex_logs_link }}'
    state: 'link'
    force: true

 - name: Create systemd Unit file
  template:
    src: 'beacon-node.service.j2'
-    dest: '/etc/systemd/system/{{ codex_service_name }}.service'
+    dest: '/etc/systemd/system/{{ nim_codex_service_name }}.service'
    mode: 0644
-  register: codex_service_definition
+  register: nim_codex_service_definition

 - name: Reload and restart the service
  systemd:
-    name: '{{ codex_service_name }}.service'
+    name: '{{ nim_codex_service_name }}.service'
    enabled: true
    daemon_reload: true
    state: |-
-      {{ codex_service_definition.changed
+      {{ nim_codex_service_definition.changed
       | ternary("restarted", "started") }}
--- a/tasks/user.yml
+++ b/tasks/user.yml
@ -1,8 +1,8 @@
 ---
 - name: Create user for codex builds
  user:
-    name: '{{ codex_user }}'
-    group: '{{ codex_group }}'
+    name: '{{ nim_codex_user }}'
+    group: '{{ nim_codex_group }}'
    shell: '/bin/bash'

 - name: Set disable rebase as merge strategy
@ -10,16 +10,16 @@
    scope: 'global'
    name: 'pull.rebase'
    value: 'false'
-  become_user: '{{ codex_user }}'
+  become_user: '{{ nim_codex_user }}'

 - name: Sudoers file to let non-root users start jobs
  template:
    src: 'builds_sudoers.j2'
-    dest: '/etc/sudoers.d/80-{{ codex_service_name }}-builds'
+    dest: '/etc/sudoers.d/80-{{ nim_codex_service_name }}-builds'
    mode: 0440

 - name: Sudoers file for login as codex user
  template:
    src: 'codex_sudoers.j2'
-    dest: '/etc/sudoers.d/81-{{ codex_service_name }}-login'
+    dest: '/etc/sudoers.d/81-{{ nim_codex_service_name }}-login'
    mode: 0440
--- a/templates/beacon-node.service.j2
+++ b/templates/beacon-node.service.j2
@ -1,25 +1,25 @@
 [Unit]
-Description=Codex ({{ codex_repo_branch }})
+Description=Codex ({{ nim_codex_repo_branch }})
 Documentation=https://github.com/status-im/nim-dagger/
 Requires=network-online.target
 After=network-online.target

 [Service]
-User={{ codex_user }}
-Group={{ codex_group }}
-WorkingDirectory={{ codex_service_path }}
-SyslogIdentifier={{ codex_service_name }}
+User={{ nim_codex_user }}
+Group={{ nim_codex_group }}
+WorkingDirectory={{ nim_codex_service_path }}
+SyslogIdentifier={{ nim_codex_service_name }}
 SyslogFacility=local6
 SyslogLevel=debug
 Restart=on-failure
-ExecStart={{ codex_repo_path }}/build/codex \
-    --data-dir='{{ codex_data_folder }}' \
-##    --log-format={{ codex_log_format }} \
-##    --log-level={{ codex_log_level }} \
-    --listen-addrs=/ip4/{{ codex_public_address }}/tcp/{{ codex_listening_port }} \
-    --max-peers={{ codex_max_peers }} \
-    --api-port={{ codex_rest_port }} \
-    --cache-size={{ codex_cache_size }} \
+ExecStart={{ nim_codex_repo_path }}/build/codex \
+    --data-dir='{{ nim_codex_data_folder }}' \
+##    --log-format={{ nim_codex_log_format }} \
+##    --log-level={{ nim_codex_log_level }} \
+    --listen-addrs=/ip4/{{ nim_codex_public_address }}/tcp/{{ nim_codex_listening_port }} \
+    --max-peers={{ nim_codex_max_peers }} \
+    --api-port={{ nim_codex_rest_port }} \
+    --cache-size={{ nim_codex_cache_size }} \

 [Install]
 WantedBy=multi-user.target
--- a/templates/builds_sudoers.j2
+++ b/templates/builds_sudoers.j2
@ -1,12 +1,12 @@
 # Allow non-root users start Codex builds and manage service with sudo.

-# {{ codex_service_name }}
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *status {{ codex_service_name }}*
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *start {{ codex_service_name }}*
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *stop {{ codex_service_name }}*
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *restart {{ codex_service_name }}*
-# build-{{ codex_service_name }}
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *status build-{{ codex_service_name }}*
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *start build-{{ codex_service_name }}*
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *stop build-{{ codex_service_name }}*
-%{{ codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *restart build-{{ codex_service_name }}*
+# {{ nim_codex_service_name }}
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *status {{ nim_codex_service_name }}*
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *start {{ nim_codex_service_name }}*
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *stop {{ nim_codex_service_name }}*
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *restart {{ nim_codex_service_name }}*
+# build-{{ nim_codex_service_name }}
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *status build-{{ nim_codex_service_name }}*
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *start build-{{ nim_codex_service_name }}*
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *stop build-{{ nim_codex_service_name }}*
+%{{ nim_codex_group }} ALL= NOPASSWD: /usr/bin/systemctl *restart build-{{ nim_codex_service_name }}*
--- a/templates/codex_sudoers.j2
+++ b/templates/codex_sudoers.j2
@ -1,4 +1,4 @@
 # Allow non-root users logging in as codex user

-%{{ codex_group }} ALL= NOPASSWD: /bin/su – {{ codex_user }}
-%{{ codex_group }} ALL=({{ codex_user }}) NOPASSWD: ALL
+%{{ nim_codex_group }} ALL= NOPASSWD: /bin/su – {{ nim_codex_user }}
+%{{ nim_codex_group }} ALL=({{ nim_codex_user }}) NOPASSWD: ALL
--- a/templates/scripts/build.sh.j2
+++ b/templates/scripts/build.sh.j2
@ -7,7 +7,7 @@ function headIsDetached() {
 }

 function binaryExists() {
-    ls -l build/nimbus_codex_${COMMIT} 2>&1 1>/dev/null
+    ls -l build/nim_codex_${COMMIT} 2>&1 1>/dev/null
 }

 function fetchChanges() {
@ -18,15 +18,18 @@ function fetchChanges() {

 function buildBinaries() {
    # Control number of jobs used to lower impact on running nodes
-    export MAKEFLAGS="-j{{ codex_build_jobs | int }}"
-{% if codex_nim_commit is defined and codex_nim_commit != "" %}
-    export NIM_COMMIT={{ codex_nim_commit }}
+    export MAKEFLAGS="-j{{ nim_codex_build_jobs | int }}"
+{% if nim_codex_nim_commit is defined and nim_codex_nim_commit != "" %}
+    export NIM_COMMIT={{ nim_codex_nim_commit }}
 {% endif %}

    make update OVERRIDE=1

    make libbacktrace
-    ./env.sh nim "{{ codex_build_nim_flags }}" -d:chronicles_log_level:{{ codex_build_log_level }} c dagger.nim
+    ./env.sh nim \
+        {{ nim_codex_build_nim_flags }} \
+        -d:chronicles_log_level:{{ nim_codex_build_log_level }} \
+        c dagger.nim

    mkdir -p build
    # Rename binaries to match commit they were built from.
@ -36,21 +39,21 @@ function buildBinaries() {
    ln -frs build/codex_${COMMIT} build/codex

    # Delete copies that are older than N days
-    find build -mtime +{{ codex_build_days_kept }} -exec rm '{}' \+
+    find build -mtime +{{ nim_codex_build_days_kept }} -exec rm '{}' \+
 }

 #-------------------------------------------------------------------------------

-BRANCH="{{ codex_repo_branch }}"
-SERVICE="{{ codex_service_name }}.service"
-SERVICE_PATH="{{ codex_service_path }}"
+BRANCH="{{ nim_codex_repo_branch }}"
+SERVICE="{{ nim_codex_service_name }}.service"
+SERVICE_PATH="{{ nim_codex_service_path }}"

 echo " >>> Build Start: $(date -u +"%Y-%m-%dT%H:%M:%SZ")"
 cd "${SERVICE_PATH}"

-if [[ "${USER}" != "{{ codex_user }}" ]]; then
+if [[ "${USER}" != "{{ nim_codex_user }}" ]]; then
    echo "Incorrect user: ${USER}" >&2
-    echo "Expected: {{ codex_user }}" >&2
+    echo "Expected: {{ nim_codex_user }}" >&2
    exit 1
 fi

@ -75,7 +78,7 @@ else
    buildBinaries
 fi

-{% if codex_build_restarts_service %}
+{% if nim_codex_build_restarts_service %}
 # Avoid faiure on first Ansible run due to missing service.
 if [[ $(systemctl is-active "${SERVICE}" || true) == "inactive" ]]; then
    echo " !!! No service to restart!"