Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add hive #67

Merged
merged 2 commits into from
Dec 12, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ansible/ansible.cfg
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[defaults]
ansible_managed = Ansible managed. Don't change this file manually. Template info: {{{{ (template_fullpath | replace(playbook_dir,'')) }}}}
stdout_callback = yaml
inventory = inventories/devnet-0/inventory.ini, inventories/devnet-0/hetzner_inventory.ini
inventory = inventories/devnet-0/inventory.ini, inventories/devnet-0/hetzner_inventory.ini, inventories/devnet-0/hive_inventory.ini
roles_path = vendor/roles/:roles
collections_path = vendor/collections
forks = 50
Expand Down
59 changes: 59 additions & 0 deletions ansible/inventories/devnet-0/group_vars/hive.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
# role: ethpandaops.general.hive
hive_container_www_image: "docker.ethquokkaops.io/dh/library/nginx:1.27.3-alpine"
hive_container_www_env:
VIRTUAL_PORT: "80"
VIRTUAL_HOST: "hive.{{ network_subdomain }}"
LETSENCRYPT_HOST: "hive.{{ network_subdomain }}"

hive_repo_address: "https://github.com/ethereum/hive.git"
hive_repo_version: "master"

hive_simulations_client_config: []
# - client: go-ethereum
# nametag: prague-devnet-4
# dockerfile: git
# build_args:
# github: lightclient/go-ethereum
# tag: prague-devnet-4
# - client: nethermind
# nametag: prague-devnet-4
# dockerfile: git
# build_args:
# github: NethermindEth/nethermind
# tag: pectra_devnet_4
# - client: reth
# nametag: prague-devnet-4
# dockerfile: git
# build_args:
# github: paradigmxyz/reth
# tag: onbjerg/devnet-4
# - client: besu
# nametag: prague-devnet-4
# dockerfile: git
# build_args:
# github: hyperledger/besu
# tag: pectra-devnet-4
# - client: ethereumjs
# nametag: prague-devnet-4
# build_args:
# github: ethereumjs/ethereumjs-monorepo
# tag: 7702-devnet-4-plus-t8ntool
# - client: erigon
# nametag: prague-devnet-4
# dockerfile: git
# build_args:
# github: erigontech/erigon
# tag: pectra_e2

hive_simulations_tests:
- simulator: ethereum/sync
clients:
- besu
- erigon
- ethereumjs
- go-ethereum
- nethermind
- nimbus-el
- reth
extra_flags:
- --client.checktimelimit=60s
12 changes: 12 additions & 0 deletions ansible/playbook.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,18 @@
- role: ethpandaops.general.vector
tags: [init-server, vector]

- hosts: hive
become: true
roles:
- role: gantsign.golang
golang_gopath: '/data/workspace-go'
golang_version: '1.21.13'
tags: [golang]
- role: ethpandaops.general.hive
tags: [hive]
- role: ethpandaops.general.docker_nginx_proxy
tags: [docker_nginx_proxy]

- hosts: bootnode
become: true
roles:
Expand Down
2 changes: 2 additions & 0 deletions ansible/requirements.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ roles:
version: "3.0.3"
- name: robertdebock.fail2ban
version: "4.2.3"
- name: gantsign.golang
version: "3.4.0"

collections:
- name: ansible.posix
Expand Down
5 changes: 5 additions & 0 deletions terraform/devnet-0/hive/ansible_inventory.tmpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
[all:vars]
ethereum_network_name=${ethereum_network_name}

[hive]
${hostname} ansible_host=${ipv4} cloud=${cloud} cloud_region=${region}
179 changes: 179 additions & 0 deletions terraform/devnet-0/hive/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,179 @@
////////////////////////////////////////////////////////////////////////////////////////
// TERRAFORM PROVIDERS & BACKEND
////////////////////////////////////////////////////////////////////////////////////////
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.28"
}
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 3.0"
}
}
}

terraform {
backend "s3" {
skip_credentials_validation = true
skip_metadata_api_check = true
endpoints = { s3 = "https://fra1.digitaloceanspaces.com" }
skip_requesting_account_id = true
skip_s3_checksum = true
region = "us-east-1"
bucket = "merge-testnets"
key = "infrastructure/devnet-0/hive/terraform.tfstate"
}
}

provider "digitalocean" {
http_retry_max = 20
}

provider "cloudflare" {
api_token = var.cloudflare_api_token
}

////////////////////////////////////////////////////////////////////////////////////////
// VARIABLES
////////////////////////////////////////////////////////////////////////////////////////
variable "cloudflare_api_token" {
type = string
sensitive = true
description = "Cloudflare API Token"
}

variable "ethereum_network" {
type = string
default = "template-devnet-0"
}

variable "digitalocean_project_name" {
type = string
default = "Public Testnets"
}

variable "digitalocean_ssh_key_name" {
type = string
default = "shared-devops-eth2"
}

variable "digitalocean_region" {
type = string
default = "ams3"
}

////////////////////////////////////////////////////////////////////////////////////////
// DIGITALOCEAN RESOURCES
////////////////////////////////////////////////////////////////////////////////////////


data "digitalocean_project" "main" {
name = var.digitalocean_project_name
}

data "digitalocean_ssh_key" "main" {
name = var.digitalocean_ssh_key_name
}

resource "digitalocean_droplet" "main" {
name = "${var.ethereum_network}-hive-001"
region = var.digitalocean_region
ssh_keys = [data.digitalocean_ssh_key.main.fingerprint]
image = "debian-12-x64"
size = "c2-8vcpu-16gb"
resize_disk = true
monitoring = true
backups = false
ipv6 = true
tags = [
"Hive:${var.ethereum_network}"
]
}

resource "digitalocean_project_resources" "droplets" {
project = data.digitalocean_project.main.id
resources = [digitalocean_droplet.main.urn]
}

resource "digitalocean_firewall" "main" {
name = "${var.ethereum_network}-hive"
// Tags are used to select which droplets should
// be assigned to this firewall.
tags = [
"Hive:${var.ethereum_network}"
]

// SSH
inbound_rule {
protocol = "tcp"
port_range = "22"
source_addresses = ["0.0.0.0/0", "::/0"]
}

// Nginx / Web
inbound_rule {
protocol = "tcp"
port_range = "80"
source_addresses = ["0.0.0.0/0", "::/0"]
}

inbound_rule {
protocol = "tcp"
port_range = "443"
source_addresses = ["0.0.0.0/0", "::/0"]
}

// Allow all outbound traffic
outbound_rule {
protocol = "tcp"
port_range = "1-65535"
destination_addresses = ["0.0.0.0/0", "::/0"]
}
outbound_rule {
protocol = "udp"
port_range = "1-65535"
destination_addresses = ["0.0.0.0/0", "::/0"]
}
outbound_rule {
protocol = "icmp"
destination_addresses = ["0.0.0.0/0", "::/0"]
}
depends_on = [digitalocean_project_resources.droplets]
}

////////////////////////////////////////////////////////////////////////////////////////
// DNS NAMES
////////////////////////////////////////////////////////////////////////////////////////

data "cloudflare_zone" "default" {
name = "ethpandaops.io"
}

resource "cloudflare_record" "server_record_v4" {
zone_id = data.cloudflare_zone.default.id
name = "hive.${var.ethereum_network}"
type = "A"
value = digitalocean_droplet.main.ipv4_address
proxied = false
ttl = 120
}

////////////////////////////////////////////////////////////////////////////////////////
// GENERATED FILES AND OUTPUTS
////////////////////////////////////////////////////////////////////////////////////////

resource "local_file" "ansible_inventory" {
depends_on = [digitalocean_droplet.main]
content = templatefile("ansible_inventory.tmpl",
{
ethereum_network_name = "${var.ethereum_network}"
hostname = "${digitalocean_droplet.main.name}"
ipv4 = "${digitalocean_droplet.main.ipv4_address}"
cloud = "digitalocean"
region = "${var.digitalocean_region}"
}
)
filename = "../../../ansible/inventories/devnet-0/hive_inventory.ini"
}
Loading