Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/eosdetroit/bp-playbook

A set of playbooks to make managing EOS.IO nodes easier.
https://github.com/eosdetroit/bp-playbook

Last synced: 3 months ago
JSON representation

A set of playbooks to make managing EOS.IO nodes easier.

Lists

README 

        
# Block Producer Ansible Playbook



This playbook is designed to make remote management of EOS nodes a breeze.



Currently `deploy_bp.yml` will install system dependencies, create a docker container running nodeos, and put an nginx TLS reverse proxy in front of it.



Tested using Ansible 2.3.2.0 deploying to Ubuntu 16.04.



## Pre-reqs

1) Ansible >=2.3.2 

2) An Ubuntu install you can access over the internet (VM, VPS, etc).



## To Use

1) Define an inventory e.g. "dev.nodes". (NOTE: your inventory group "dev" must match `/group_vars/dev/`)

```

[dev]

hacktildawn ansible_host=19.210.57.102 ansible_connection=ssh ansible_user=ubuntu

```



2) Create `group_vars/dev/vault.yml` and put secrets (e.g. producer keypair) into it. (NOTE: This example vault file has throwaway keys. Always encrypt and never put your vault in version control.)

```

---

vault_public_block_signing_key: EOS5EYm5qF42P9nvGi6Hej7ouDtEz2WRwxvgbSWE1RZM6kCbGryac

vault_private_block_signing_key: 5HyUavRk3QLcD2uyjNpzQpS4DaZgyVHgm7pwiUoBxQDUBowZsXM

```



3) Encrypt your vault file with a high entropy passphrase. 

```

ansible-vault encrypt group_vars/dev/vault.yml

```



4) Save your vault passphrase somewhere safe like a password manager.



5) Run the deploy_bp.yml playbook.



 - --ask-vault-pass [prompts for vault password]

 - -i INVENTORY_FILE [defines inventory of servers]

 - -e EXTRAS [override any playbook vars by passing space delimited key=value]

 - --key-file [required if using ssh key authentication]



```

ansible-playbook --ask-vault-pass -vvv -i dev.nodes -e "target=hacktildawn" --key-file ~/.ssh/hacktildawn.pem deploy_bp.yml

```



## Playbook vars (Can be passed to -e)

 - host_data_dir [defaults to: /data] the volume to be mounted on the host system.

 - eosio_container_data_dir [defaults to: /opt/eosio/bin/data-dir] the data directory to be mounted on the container. Contains config.ini and genesis.json.

 - container_http_port [defaults to: 8888] The port to expose to the host system for http requests.

 - container_p2p_port [defaults to: 9876] The port to expose to the host system for p2p requests.

 - docker_hub_image [defaults to: eosio/eos] The docker image to use for the container.

 - image_tag [defaults to: dawn-v4.0.0] The docker image tag or version to use.

 - eosio_network_name [defaults to: hacktildawn] A nickname for the network. Used to retrieve the appropriate genesis.json file.

 - agent_name [defaults to: EOS Detroit] A nickname for your nodeos.

 - producer_name [defaults to: eosiodetroit] The name of your producer account.

 - p2p_server_address [defaults to: hacktildawn.eosdetroit.com] The domain name for your node p2p connection. Should be kept secret on main nets.

 - domain_name [defaults to: hacktildawn.eosdetroit.com] The domain name for your https connection (API node).

 - letsencrypt_email [defaults to: [email protected]] The email address to use for letsencrypt.

 - p2p_peers [] A list of peers to connect to.



## TODO

 - Allow a node "type" to be specified (producer, api, storage, etc.)