Ansible collection to deploy and install Decentralchain nodes.
Install Python dependencies
pip install ansible cryptography docker flake8 molecule-lxd voluptuous yamllint
Install the collection:
ansible-galaxy collection install runitcr.dcc
Install the required Ansible roles:
ansible-galaxy install -r ~/.ansible/ansible_collections/runitcr/dcc/requirements.yml
List of included playbooks and how to use them.
| Name | Description | Command |
|---|---|---|
| cleanup | Cleanup a Decentralchain node. | ansible-playbook runitcr.dcc.cleanup \-i ~/.ansible/collections/ansible_collections/runitcr/dcc/inventory.yml \-l test.runitcr.com \-e ansible_python_interpreter=/usr/bin/python3 |
| image | Builds a Decentralchain node image and push it to Dockerhub. | ansible-playbook runitcr.dcc.image \--ask-become-pass \-e dockerhub_image_push=true \-e dockerhub_password='mySuperDockerhubPass' \-e ansible_python_interpreter=/usr/bin/python3 |
| new | Deploys a new Decentralchain node. | ansible-playbook runitcr.dcc.new \-i ~/.ansible/collections/ansible_collections/runitcr/dcc/inventory.yml \-l test.runitcr.com \-e ansible_python_interpreter=/usr/bin/python3 |
| security | Applies server hardening. Must be runned twice on first run to correctly install wazuh.agent role. | First Run ---------------- ANSIBLE_REMOTE_PORT=22 ANSIBLE_REMOTE_USER=root ansible-playbook runitcr.dcc.security \-i ~/.ansible/collections/ansible_collections/runitcr/dcc/inventory.yml \-l test.runitcr.com \-e user_key_dir=/home/user/.ssh \-e ansible_python_interpreter=/usr/bin/python3All ---------------- ansible-playbook runitcr.dcc.security \-i ~/.ansible/collections/ansible_collections/runitcr/dcc/inventory.yml \-l test.runitcr.com \-e user_key_dir=/home/user/.ssh \-e ansible_python_interpreter=/usr/bin/python3 |
- ansible.posix.
- community.docker.
- geerlingguy.docker.
- geerlingguy.pip.
- geerlingguy.security.
- wazuh.ansible-wazuh-agent.
- Ansible >= 2.11.
- Debian Bullseye.
- Ubuntu Focal.
- Python 3.
In order to execule Molecule tests is necessary to have the LXC/LXD system running properly, follow next steps to configure it:
Install Snapd:
sudo apt update
sudo apt install -y snapd
Install Sanp core and LXD:
snap install core &>/dev/null && snap install core
snap install lxd &>/dev/null && snap install lxd
Add to ~/.bashrc the path to Snap as part of the PATH:
grep -Fxq 'export PATH=$PATH:/snap/bin/' ~/.bashrc && echo 'export PATH=$PATH:/snap/bin/' >> ~/.bashrc
Add your user to the lxd group:
sudo adduser $(whoami) lxd
Create a lxd-init-preseed file:
printf 'config: {}
networks:
- config:
ipv4.address: auto
ipv6.address: auto
description: ""
name: lxdbr0
type: ""
storage_pools:
- name: default
driver: dir
profiles:
- config: {}
description: ""
devices:
eth0:
name: eth0
network: lxdbr0
type: nic
root:
path: /
pool: default
type: disk
name: default
cluster: null' > lxd-init-preseed
Update the session:
su $(whoami)
Create default storage:
lxc storage create default dir source=/var/snap/lxd/common/lxd/storage-pools/default
Initialize LXD using lxd-init-preseed file:
cat lxd-init-preseed | lxd init --preseed
Verify everything went well:
lxd --version
Install docker and docker-compose.
Install Pip:
sudo apt install -y python3-pip
Install Pipenv:
python3 -m pip install pipenv
It's better to work with an isolated Python enviroment, to create a virtual environment access the collection directory and enable a virtual environment there:
python3 -m pipenv
Install the Python dependencies inside the environment:
pipenv install
You can destroy the environment with:
pipenv --rm
exit
To execute sanity tests run:
ansible-test sanity
To execute integration tests run:
ansible-test integration --docker ubuntu2004
To execute molecule tests access the required role folder:
cd ./roles/new
Execute molecule tests:
molecule test
To manually build DCC docker image for testnet follow next steps.
Clone DCC repository:
git clone git@github.com:runitcr/DCC.git
Enter on the cloned directory:
cd DCC
Compile Docker image for testnet:
./build-with-docker.sh
Build Docker image:
docker build -t runitcr/dcc docker
Run Docker image:
docker run -v ~/docker/waves/waves-data:/var/lib/waves -v ~/docker/waves/waves-config:/etc/waves -p 6870:6870 -p 6868:6868 -e JAVA_OPTS="-Dwaves.network.declared-address=0.0.0.0:6868 -Dwaves.network.node-name=-my-testnet-node -Dwaves.rest-api.api-key-hash=6nSftY1F5kurz23yLrT1r9YJpiEveBLEa9RB1SCChiqv -Dwaves.rest-api.bind-address=0.0.0.0 -Dwaves.rest-api.port=6870" -e WAVES_WALLET_SEED="TBXHUUcVx2n3Rgszpu5MCybRaR86JGmqCWp7XKh7czU57ox5dgjdX4K4" -e WAVES_WALLET_PASSWORD=myWalletSuperPassword -e WAVES_NETWORK=testnet -ti runitcr/dcc
If you wish to push the image to Dockerhub follow next steps.
Login into Dockerhub:
docker login
Push the image to Dockerhub:
docker push runitcr/dcc:latest
To encrypt a single variable value run:
ansible-vault encrypt_string 'my_password_value' -n my_password >> group_vars/new_vars.yml
To decrypt a single variable run:
ansible localhost -m debug -a var=my_password \
-e @/home/user/.ansible/collections/ansible_collections/runit/dcc/group_vars/new_vars.yml \
--ask-vault-pass
MIT.
