status-im
/
infra-status
mirror of https://github.com/status-im/infra-status.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
infra-status/ansible/group_vars/status.yml

69 lines
3.0 KiB
YAML
Raw Normal View History

configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
---
status: lowe SWAP file size to 2 GB Default of 4 GB is too big. Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-11 13:51:15 +00:00
swap_file_size_mb: 2048
# Nim-Waku
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
nim_waku_cont_tag: 'deploy-status-{{ stage }}'
nim_waku_cont_name: 'nim-waku'
status: change log level to debug Previously the log level flag was ignored: https://github.com/status-im/nwaku/pull/1272 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-10-18 10:47:09 +00:00
nim_waku_log_level: 'debug'
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
nim_waku_dns4_domain_name: '{{ dns_entry }}'
# Protocols
feat: enable lightpush on prod fleet
2023-10-13 13:24:48 +00:00
nim_waku_protocols_enabled: ['relay', 'filter', 'lightpush', 'store']
status: specify node keys from BitWarden https://github.com/status-im/infra-status/issues/1 In order to make sure we can re-create the hosts with the same address. Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-11 17:32:35 +00:00
# Node Key
nim_waku_node_key: '{{lookup("bitwarden", "fleets/status/"+stage+"/nodekeys", field=hostname)}}'
status: add protected topic for test fleet https://github.com/status-im/infra-status/issues/25 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-12 09:07:22 +00:00
# Topics
requirements: update nim-waku role, fix --topic flag Change caused by: https://github.com/waku-org/nwaku/pull/1856 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-08-02 08:49:01 +00:00
nim_waku_pubsub_topics: '{{ ["/waku/2/default-waku/proto"] if stage == "prod" else ["/waku/2/default-waku/proto", "/waku/2/status-signed-test-1"] }}'
status: add protected topic for test fleet https://github.com/status-im/infra-status/issues/25 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-12 09:07:22 +00:00
nim_waku_protected_topics: '{{ [] if stage == "prod" else ["/waku/2/status-signed-test-1:04070335f90e017ec1d7cb9a8e53d084dcf2c937cccb4272ed902881641613c6e0d46cf5531eee7ff8076616a2b8ac3436f71568f7a7032478fba3cac04c90e4e6"] }}'
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
# Ports
nim_waku_p2p_tcp_port: 30303
nim_waku_p2p_udp_port: 30303
status: enable native websocket port https://github.com/status-im/infra-status/issues/13 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-22 14:11:52 +00:00
nim_waku_websock_port: 443
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
nim_waku_metrics_port: 8008
nim_waku_rpc_tcp_port: 8545
nim_waku_rpc_tcp_addr: 0.0.0.0
# Limits
chore: increase max conns in status fleets Status plans to launch community feature to ~150 contributors. This ensures enough connection slots even if everyone is connected simultaneously.
2022-11-24 08:09:37 +00:00
nim_waku_p2p_max_connections: 200
fix: simplify store config
2022-11-04 13:40:39 +00:00
# Store
status: lower test retention and enable vacuuming Together with the role change that adds setting of `SQLITE_TMPDIR` this should in theory make vacuuming work and avoid the need to purge the DB periodically. Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-10-25 09:42:13 +00:00
nim_waku_store_message_retention_policy: '{{ (stage == "test") | ternary("size:15GB", "time:2592000") }}' # 14 or 30 days
nim_waku_store_vacuum: true
status: use DNS discovery, connect to given stage https://github.com/status-im/infra-status/issues/17 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-15 12:43:31 +00:00
# DNS Discovery
nim_waku_dns_disc_enabled: true
nim-waku: update status fleets DNS discovery enrtree https://github.com/status-im/infra-misc/issues/171
2023-09-25 14:17:49 +00:00
nim_waku_dns_disc_url_map:
test: 'enrtree://AIO6LUM3IVWCU2KCPBBI6FEH2W42IGK3ASCZHZGG5TIXUR56OGQUO@test.status.nodes.status.im'
prod: 'enrtree://AL65EKLJAUXKKPG43HVTML5EFFWEZ7L4LOKTLZCLJASG4DSESQZEC@prod.status.nodes.status.im'
nim_waku_dns_disc_url: '{{ nim_waku_dns_disc_url_map[stage] }}'
enable Discovery V5 for all status nodes Issue: https://github.com/status-im/infra-status/issues/6 Depends: https://github.com/status-im/infra-role-nim-waku/commit/1e5367c8 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-18 11:15:34 +00:00
# Discovery V5
nim_waku_disc_v5_enabled: true
nim_waku_disc_v5_enr_auto_update: true
nim_waku_disc_v5_port: 9000
status: enable native websocket port https://github.com/status-im/infra-status/issues/13 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-22 14:11:52 +00:00
# Websockets
nim_waku_websocket_enabled: true
nim_waku_websocket_secure_enabled: true
nim_waku_websocket_domain: '{{ dns_entry }}'
nim_waku_websocket_ssl_dir: '/etc/letsencrypt'
nim_waku_websocket_ssl_cert: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/fullchain.pem'
nim_waku_websocket_ssl_key: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/privkey.pem'
status: raise thresholds for alerts and recovery Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-24 19:20:17 +00:00
# Consul Service
nim_waku_consul_success_before_passing: '{{ (stage == "prod") | ternary(2, 4) }}'
status: change log level to debug Previously the log level flag was ignored: https://github.com/status-im/nwaku/pull/1272 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-10-18 10:47:09 +00:00
nim_waku_consul_failures_before_warning: '{{ (stage == "prod") | ternary(2, 4) }}'
nim_waku_consul_failures_before_critical: '{{ (stage == "prod") | ternary(4, 8) }}'
add infra-role-waku-peers to connect peers The logic was extracted to a separate role and Python script: - https://github.com/status-im/infra-role-waku-peers - https://github.com/status-im/infra-repos/commit/f3084d4e - https://github.com/status-im/infra-role-nim-waku/commit/b8b64c0e - https://github.com/status-im/infra-status/issues/4 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-10 16:26:44 +00:00
status: enable native websocket port https://github.com/status-im/infra-status/issues/13 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-22 14:11:52 +00:00
# LetsEncrypt via Certbot
certbot_docker_enabled: true
certbot_admin_email: 'devops@status.im'
status: fix certbot stopping nim-waku container Otherwise it can't use ports 80 and 443. Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-29 15:37:19 +00:00
certbot_containers_to_stop: ['{{ nim_waku_cont_name }}']
status: enable native websocket port https://github.com/status-im/infra-status/issues/13 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-22 14:11:52 +00:00
certbot_certs:
- domains: [ '{{ nim_waku_websocket_domain }}' ]
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
# Open LibP2P Ports
open_ports_default_comment: '{{ nim_waku_cont_name }}'
open_ports_default_protocol: 'tcp'
open_ports_default_chain: 'SERVICES'
open_ports_list:
status: enable native websocket port https://github.com/status-im/infra-status/issues/13 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-22 14:11:52 +00:00
- { port: '80', comment: 'Certbot verification' }
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
- { port: '{{ nim_waku_p2p_tcp_port }}' }
- { port: '{{ nim_waku_p2p_udp_port }}', protocol: 'udp' }
enable Discovery V5 for all status nodes Issue: https://github.com/status-im/infra-status/issues/6 Depends: https://github.com/status-im/infra-role-nim-waku/commit/1e5367c8 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-18 11:15:34 +00:00
- { port: '{{ nim_waku_disc_v5_port }}', protocol: 'udp' }
status: enable native websocket port https://github.com/status-im/infra-status/issues/13 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-22 14:11:52 +00:00
- { port: '{{ nim_waku_websock_port }}' }
configure nodes on status.prod fleet https://github.com/status-im/infra-status/issues/1 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-03-09 12:49:00 +00:00
- { port: '{{ nim_waku_metrics_port }}', chain: 'VPN', ipset: 'metrics.hq' }
- { port: '{{ nim_waku_rpc_tcp_port }}', chain: 'VPN', ipset: '{{ env }}.{{ stage }}' }