Skip to content

Commit

Permalink
Merge #1112
Browse files Browse the repository at this point in the history 
1112: Add a playbook to deploy Subsquid r=andor0 a=andor0

## Issue
https://app.clickup.com/t/2f3bbc7


Co-authored-by: Andrey Orlov <[email protected]>
  • Loading branch information
@bors @andor0
bors[bot] and andor0 authored Jun 17, 2022
2 parents 2a06d85 + 0305c67 commit d25bd6e
Show file tree
Hide file tree
Showing 13 changed files with 813 additions and 4 deletions.
20 changes: 20 additions & 0 deletions .maintain/playbooks/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,3 +28,23 @@ This playbook does next:
| Relay Chain #1 | wss://domain_of_vps:9901 |
| Composable's collator #1 | wss://domain_of_vps:9902 |
| Basilisk's collator #1 | wss://domain_of_vps:9903 |


# dali-subsquid.yml

## Description
This playbook deploys Subsquid for Dali.

## Usage

### Dev environment

```bash
ansible-playbook -i inventory dev-dali-subsquid.yml -e "domain=your-domain.example.com" -e "[email protected]"
```

### Prod environment

```bash
ansible-playbook -i inventory prod-dali-subsquid.yml -e "domain=dali-subsquid.composable.finance"
```
293 changes: 293 additions & 0 deletions .maintain/playbooks/dev-dali-subsquid.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,293 @@
---
- hosts: all

vars:
user: subsquid
group: subsquid

work_dir: /srv/composable
infra_dir: /srv/subsquid_infra
archiver_dir: "{{ infra_dir }}/archiver"
indexer_db_dir: "{{ infra_dir }}/indexer_db"

tasks:
- name: Initialization
block:
- name: Create a group
group:
name: "{{ user }}"
state: present
become: yes

- name: Create a user
user:
name: "{{ user }}"
state: present
shell: /bin/bash
home: "/home/{{ user }}"
group: "{{ group }}"
become: yes

- name: Stop old verions of services
systemd:
name: "{{ item.name }}"
enabled: yes
state: stopped
loop:
- name: subsquid-archiver
- name: subsquid-indexer-db
- name: subsquid-processor
- name: subsquid-graphql-server
ignore_errors: yes
become: yes

- name: Remove old installations
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop:
- path: "{{ work_dir }}"
- path: "{{ archiver_dir }}"
- path: "{{ indexer_db_dir }}"
- path: "{{ infra_dir }}"
become: yes

- name: Create directories
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: "0755"
owner: "{{ user }}"
group: "{{ group }}"
loop:
- path: "{{ work_dir }}"
- path: "{{ infra_dir }}"
- path: "{{ archiver_dir }}"
- path: "{{ indexer_db_dir }}"
become: yes

- name: Create new systemd services and docker-compose files
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
loop:
- src: systemd/dali-subsquid-archiver.service.j2
dest: /etc/systemd/system/subsquid-archiver.service
- src: systemd/dali-subsquid-indexer-db.service.j2
dest: /etc/systemd/system/subsquid-indexer-db.service
- src: systemd/dali-subsquid-graphql-server.service.j2
dest: /etc/systemd/system/subsquid-graphql-server.service
- src: systemd/dali-subsquid-processor.service.j2
dest: /etc/systemd/system/subsquid-processor.service

- src: docker-compose/dali-subsquid-archiver.docker-compose.yml.j2
dest: "{{ archiver_dir }}/docker-compose.yml"
- src: docker-compose/dali-subsquid-indexer-db.docker-compose.yml.j2
dest: "{{ indexer_db_dir }}/docker-compose.yml"

become: yes

- name: TLS temination for HTTP endpoints
block:
- name: Install nginx and certbot
apt:
pkg:
- certbot
- nginx
- python3-certbot-nginx
become: yes

- name: Remove old nginx configs
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop:
- path: /etc/nginx/sites-enabled/subsquid-acme-challenge.conf
- path: /etc/nginx/sites-enabled/subsquid.conf
become: yes

- name: Add nginx config for ACME challenge
template:
src: nginx/dali-subsquid-acme-challenge.conf.j2
dest: /etc/nginx/sites-enabled/subsquid-acme-challenge.conf
mode: "0600"
become: yes

- name: Enable service nginx and ensure it is not masked
ansible.builtin.systemd:
name: nginx
state: started
enabled: yes
masked: no
become: yes

- name: Reload nginx with new config
shell: nginx -s reload
become: yes

- name: Request initial letsencrypt certificate
command: certbot certonly --nginx --agree-tos --non-interactive -d '{{ domain }}' -m '{{ letsencrypt_contact_email }}'
args:
creates: "/etc/letsencrypt/live/{{ domain }}/privkey.pem"
become: yes

- name: Add a nginx config for Subsquid
template:
src: nginx/dev-dali-subsquid.conf.j2
dest: /etc/nginx/sites-enabled/subsquid.conf
mode: "0600"
become: yes

- name: Reload nginx with the new config
shell: nginx -s reload
become: yes

- name: Certbot renewal cronjob
cron: special_time=daily
name=certbot-renew-composable-sandbox
user=root
job="certbot certonly --nginx --non-interactive -d '{{ domain }}' --deploy-hook 'nginx -s reload'"
become: yes

- name: Install dependencies
block:
- name: Install common dependencies
apt:
pkg:
- git
update_cache: yes
install_recommends: no
become: yes

- name: Install nodejs
block:
- name: Download nodejs v16 installer
get_url:
url: https://deb.nodesource.com/setup_16.x
dest: "/tmp/setup_node.sh"
mode: '0440'
become: yes

- name: Add nodejs repository
ansible.builtin.shell: |
cat /tmp/setup_node.sh | bash
become: yes

- name: Update repositories cache and install nodejs
apt:
pkg:
- nodejs
update_cache: yes
install_recommends: no
become: yes

- name: Update npm
ansible.builtin.shell: |
npm install -g [email protected]
become: yes

- name: Install Docker
block:
- name: Remove old versions
apt:
pkg:
- docker
- docker-engine
- docker.io
- containerd
- runc
state: absent
become: yes

- name: Install Docker dependencies
apt:
pkg:
- ca-certificates
- curl
- gnupg
- lsb-release
update_cache: yes
install_recommends: no
become: yes

- name: Create a directory for Docker GPG key
ansible.builtin.file:
path: /etc/apt/keyrings
state: directory
mode: "0755"
become: yes

- name: Download Docker GPG key
get_url:
url: https://download.docker.com/linux/ubuntu/gpg
dest: /tmp/docker.gpg
mode: "644"
become: yes

- name: Add Docker repository
ansible.builtin.shell: |
cat /tmp/docker.gpg | gpg --dearmor --yes -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
become: yes

- name: Install new versions
apt:
pkg:
- docker
- docker.io
- containerd
- runc
update_cache: yes
install_recommends: no
become: yes

- name: Enable and start docker service
systemd:
name: docker
enabled: yes
state: started
become: yes

- name: Enable and restart subsquid-archiver and subsquid-indexer-db services
# Here will be a timeout if use the 'systemd' module
ansible.builtin.shell: |
systemctl restart subsquid-archiver
systemctl enable subsquid-archiver
systemctl restart subsquid-indexer-db
systemctl enable subsquid-indexer-db
become: yes

- name: Clone composable repo
ansible.builtin.shell: |
git clone https://github.com/ComposableFi/composable.git {{ work_dir }}
become: yes

- name: Build subsquid
ansible.builtin.shell: |
npm ci
npm run build
args:
chdir: "{{ work_dir }}/subsquid"
become: yes

- name: Run migrations
ansible.builtin.shell: |
npx sqd db create
npx sqd db migrate
args:
chdir: "{{ work_dir }}/subsquid"
become: yes

- name: Enable and restart subsquid-processor and subsquid-graphql-server services
# Here will be a timeout if use the 'systemd' module
ansible.builtin.shell: |
systemctl restart subsquid-processor
systemctl enable subsquid-processor
systemctl restart subsquid-graphql-server
systemctl enable subsquid-graphql-server
become: yes
Loading

0 comments on commit d25bd6e

Please sign in to comment.