{"id":22799944,"url":"https://github.com/tangle-network/tangle-network-ops","last_synced_at":"2026-01-11T01:22:44.490Z","repository":{"id":103709683,"uuid":"465515272","full_name":"tangle-network/tangle-network-ops","owner":"tangle-network","description":null,"archived":false,"fork":false,"pushed_at":"2023-05-12T17:11:38.000Z","size":46,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-05T21:53:39.918Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tangle-network.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-03T00:37:02.000Z","updated_at":"2022-08-09T02:07:06.000Z","dependencies_parsed_at":"2024-08-13T10:19:26.160Z","dependency_job_id":null,"html_url":"https://github.com/tangle-network/tangle-network-ops","commit_stats":null,"previous_names":["tangle-network/tangle-network-ops"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tangle-network%2Ftangle-network-ops","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tangle-network%2Ftangle-network-ops/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tangle-network%2Ftangle-network-ops/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tangle-network%2Ftangle-network-ops/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tangle-network","download_url":"https://codeload.github.com/tangle-network/tangle-network-ops/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246365645,"owners_count":20765549,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-12T07:10:32.043Z","updated_at":"2026-01-11T01:22:44.458Z","avatar_url":"https://github.com/tangle-network.png","language":"HCL","readme":"# Tangle Validator Node \n\n❗ **Current development should be considered a work in progress.**\n\n## Setting up a Tangle Node\n\nThis repo includes code to run a Tangle Validator Node on AWS using [Terraform](https://www.terraform.io/) and [Ansible](https://www.ansible.com/). To get started, ensure you have both Terraform and Ansible installed locally.\n\nIn addition, [create an AWS account](https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/) and an [IAM role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create.html) that has the appropriate permissions for the contained infrastructure setup. Ensure the AWS credentials are exported to the appropriate computer running the setup. When setup, you should have the following files in `~/.aws` :\n- `config`\n- `credentials`\n\nEnsure that you chose the right AWS region.\n\n### Building AWS Infra\n\n\u003e TODO: add scripts for bucket and table creation\n\nFrom the root directory, you should first set-up an AWS account and [create a bucket](https://docs.aws.amazon.com/quickstarts/latest/s3backup/step-1-create-bucket.html) to store your terraform state. You must remember to do the following steps:\n- Click create bucket \n- Name the bucket something you will remember\n- Ensure you choose the correct region\n- Use the default settings\n\nThen [create a dynamodb table](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/getting-started-step-1.html) to manage state locks. This requires that you do:\n- Go to dynamodb and click create table\n- Name the bucket something you will remember\n- Name the primary key `LockID` and keep as string\n- Keep default settings and create\n\n**Then run:**\n\n```sh\nterraform init -upgrade \\\n  -backend-config=\"bucket=YOUR-BUCKET-NAME\" \\\n  -backend-config=\"dynamodb_table=YOUR-TABLE-NAME\" \\\n  -backend-config=\"key=terraform.tfstate\" \\\n  -backend-config=\"region=us-east-1\"\n```\n\nNote: if you have an error, you may need to [review your AWS credentials](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication) for Terraform.\n\n\nAlso, you will need to create a public \u0026 private key pair to access your instance.\nWe assume that's defined in `~/.ssh/tangle-node.pub`. It can be created with:\n\n```\nssh-keygen -P \"\" -m PEM -f SSH-KEY-PAIR-NAME\n```\n\nThen add this key to your ssh agent:\n\n```\nssh-add ~/.ssh/\u003cSSH_PRIV_KEY\u003e\n```\n\nYou will also have to add this ssh key to your approved github ssh keys, since ansible tries to pull the tangle repository through ssh. \n\nNext, plan the terraform changes:\n\n```sh\nterraform plan \\\n  -var admin_public_key=\"$(cat ~/.ssh/tangle-node.pub)\"\n```\n\nThen, if that looks good, apply the terraform changes:\n\n```sh\nterraform apply \\\n  -var admin_public_key=\"$(cat ~/.ssh/tangle-node.pub)\"\n```\n\nThe resulting **outputs** should read out the following:\n\n```\nauthority_node_ip_address = \"\u003cPRIVATE_IP_ADDR\u003e\"\nbastion_ip_address = \"\u003cPUBLIC_IP_ADDR\u003e\"\nvalidator_node_ip_address = [\n  \"\u003cPRIVATE_IP_ADDR\u003e\",\n]\nvalidator_node_secondary_ip_address = [\n  \"\u003cPRIVATE_IP_ADDR\u003e\",\n]\n```\n\nOnce you have everything up, you'll need to construct your Ansible inventory and ssh_config. This can be done by running:\n\n```\nterraform output -json \u003e\u003e output.json\n```\n\nThe above command will create a file `output.json` that outlines the terraform instances.\n\nNext we will use the `output.json` file we created above to generate our Ansible `host` file and `ssh_config` by running the following command:\n\n```\ncat output.json | python3 ./ansible/generate_inv.py\n```\n\n**Note:** you'll need python3 installed. You may need to run this command differently in Powershell.\n\n**Note:** after you change any nodes created by terraform, you will need to re-run this command.\n\nTo make sure the command was successfully executed please `ls` the current directory. You should see a `host` and `ssh_config` file present.\n\nYou will then have to update your hosts file manually so it has the `ansible_ssh_private_key_file` variable added in, like so:\n\n```\n[authority_node]\n\u003cPRIV_IP_ADDR\u003e\n\n[bastion]\n\u003cPUB_IP_ADDR\u003e ansible_ssh_private_key_file=~/.ssh/\u003cSSH_PRIV_KEY\u003e\n\n[validator_node]\n\u003cPRIV_IP_ADDR\u003e ansible_ssh_private_key_file=~/.ssh/\u003cSSH_PRIV_KEY\u003e\n\u003cPRIV_IP_ADDR\u003e ansible_ssh_private_key_file=~/.ssh/\u003cSSH_PRIV_KEY\u003e\n```\n\n\u003e TODO - make this automatic, so we don't have to worry about the above variables added to be overwriten when running the generate_inv.py script\n\n#### Setting up Tangle application\n\nSetting up each node is a matter of simply running the Ansible playbooks. Make sure your inventory is up-to-date by running the generate_inv.py command above!\n\nTo run the playbook and configure the servers, run:\n```\nansible-playbook -i hosts --ssh-extra-args \"-F ./ssh_config\" ansible/playbooks/chain.yml\n```\n\u003e Note - this will take about 30 or more minutes to compile, specifically the compiling of the tangle-validator-node is what takes super long.\n\u003e You can expect around 300 retries. \n\n#### See node logs\n\nTo view validator node logs:\n```\nansible-playbook -i hosts --ssh-extra-args \"-F ./ssh_config\" ansible/playbooks/peek_validator_logs.yml\n```\n\nTo view authority node logs:\n```\nansible-playbook -i hosts --ssh-extra-args \"-F ./ssh_config\" ansible/playbooks/peek_logs_validator.yml\n```\n\n# Restarting the whole infrastructure\n\nYou may run into a scenario where you want to start from a clean slate. See steps below:\n\n## Get a clean slate locally\n- Run `terraform destroy -var admin_public_key=\"$(cat ~/.ssh/\u003cYOUR_SSH_PUB_KEY)\"`\n- Manually delete the `.terraform` folder and the `.terraform.lock.hcl` and `output.json` files\n- Delete the `hosts` and `ssh_config` file\n\n## Clean up AWS\n- Delete the terraform s3 state, which is named `terraform.tfstate` in the s3 console. You select\n  the file with the checkbox, and then click delete.\n- Go into dynamodb --\u003e tables --\u003e click the items tab --\u003e click the check mark --\u003e click actions and delete\n\n\n## Make sure your ssh is configured\n- You might have to run `ssh-add ~/.ssh/\u003cYOUR_PRIV_SSH_KEY\u003e` to add it back to your ssh agent. You\n  can always double check with `ssh-add -L`\n- If you change the ssh key you use, you will have to configure the new one, the same way you did\n  before. And you will have to make sure you rename the commands to match this new ssh key file","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftangle-network%2Ftangle-network-ops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftangle-network%2Ftangle-network-ops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftangle-network%2Ftangle-network-ops/lists"}