vps-setup.yml

---
# Setup for VPS
# Steps:
# 1. Get local home
# 2. Get remote home and install_dir
# 3. Configure Firewall
# 4. Update Server
# 5. Reboot if required
# 6. Create swapfile
# 7. Install git, python3.10, rustc, cargo
# 8. Clone pbgui repository
# 9. Clone passivbot repository for pb6
# 10. Clone passivbot repository for pb7
# 11. Create python3.10 venv for pbgui
# 12. Create python3.10 venv for pb6
# 13. Create python3.10 venv for pb7
# 14. Build passivbot-rust with maturin
# 15. Setup pbgui
# 16. Restart PBRun, PBRemote and PBCoinData

- hosts: "{{ hostname }}"
  gather_facts: "{{ debug }}"

  vars:
    # ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
    ansible_ssh_pass: "{{ user_pw }}"
    ansible_become_password: "{{ user_pw }}"
    user: "{{ user }}"
    user_pw: "{{ user_pw }}"
    swap_size: "{{ swap_size }}"
    bucket_name: "{{ bucket }}"
    api_key: "{{ coinmarketcap_api_key }}"
    firewall: "{{ firewall }}"
    firewall_ssh_port: "{{ firewall_ssh_port }}"
    firewall_ssh_ips: "{{ firewall_ssh_ips }}"

  tasks:
    - name: display facts
      debug:
        var: ansible_facts
      tags: debug,never

    - name: get local_home
      set_fact:
        local_home: "{{ lookup('env', 'HOME') }}"
      delegate_to: localhost
    
    - name: print local home
      debug:
        var: local_home
      tags: debug,never

    - name: get remote_home and install_dir
      set_fact:
        remote_home: "{{ lookup('env', 'HOME') }}"
        install_dir: "{{ lookup('env', 'HOME') + '/software' }}"
    
    - name: print install_dir
      debug:
        var: install_dir
      tags: debug,never

    - name: configure Firewall
      block:
        - name: Disable IPv6
          lineinfile:
            dest: /etc/default/ufw
            regexp: '^IPV6='
            line: "IPV6=no"
            state: present

        - name: reset ufw to default
          ufw:
            state: reset

        - name: allow ssh from any ipv4
          ufw:
            rule: allow
            port: "{{ firewall_ssh_port }}"
            proto: tcp
            direction: in
            state: enabled
            log: yes
            from: "0.0.0.0/0"
            to: "0.0.0.0/0"
          when: firewall_ssh_ips == ""
        
        - name: allow ssh from specific IPs
          ufw:
            rule: allow
            port: "{{ firewall_ssh_port }}"
            proto: tcp
            direction: in
            state: enabled
            log: yes
            from_ip: "{{ item }}"
          loop: "{{ firewall_ssh_ips }}"
          when: firewall_ssh_ips != ""
      become: yes
      when: firewall

    - name: disable ufw
      ufw:
        state: disabled
      become: yes
      when: not firewall

    - name: update server
      apt:
        update_cache: yes
        upgrade: dist
        cache_valid_time: 3600
        autoremove: yes
        autoclean: yes
        clean: yes
        force_apt_get: yes
      become: yes
      register: update_result

    - name: print update result
      debug:
        var: update_result.stdout_lines

    - name: Check if reboot required
      stat:
        path: /var/run/reboot-required
      register: reboot_required_file

    - name: Reboot if required
      reboot:
        msg: "Rebooting machine in 5 seconds"
      when: reboot_required_file.stat.exists == true
      become: yes
  
    - name: check if swapfile exists
      stat:
        path: /swapfile
      register: swapfile_status

    - name: print swapfile status
      debug:
        var: swapfile_status.stat.exists
      tags: debug,never

    - name: create swapfile block
      block:
        - name: create swapfile if it does not exist
          command: fallocate -l {{ swap_size }} /swapfile
        
        - name: Set permissions on swapfile
          command: chmod 600 /swapfile

        - name: Make swapfile
          command: mkswap /swapfile
        
        - name: Enable swapfile
          command: swapon /swapfile
        
        - name: Add swapfile to fstab
          mount:
            name: /swapfile
            src: /swapfile
            fstype: swap
            opts: sw
            state: present
        
        - name: swappiness
          sysctl:
            name: vm.swappiness
            value: 10
            state: present
        
        - name: vfs_cache_pressure
          sysctl:
            name: vm.vfs_cache_pressure
            value: 50
            state: present
      become: yes
      when: swapfile_status.stat.exists == false
      
    - name: Disable IPv6
      block:
        - name: Add GRUB command to disable IPv6 GRUB_CMDLINE_LINUX_DEFAULT
          ansible.builtin.lineinfile:
            path: /etc/default/grub
            regexp: '^GRUB_CMDLINE_LINUX_DEFAULT'
            line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet splash ipv6.disable=1"'
            state: present

        - name: Add GRUB command to disable IPv6 GRUB_CMDLINE_LINUX
          ansible.builtin.lineinfile:
            path: /etc/default/grub
            regexp: '^GRUB_CMDLINE_LINUX'
            line: 'GRUB_CMDLINE_LINUX="ipv6.disable=1"'
            state: present

        - name: Update GRUB configuration
          command: update-grub
      become: yes

    - name: Add deadsnakes/ppa for installing python3.10
      apt_repository:
        repo: ppa:deadsnakes/ppa
      become: yes

    - name: Install git, python3.10, rclone, rustc, cargo
      apt:
        pkg:
        - git
        - python3.10-venv
        - rclone
        - rustc
        - cargo
        clean: yes
      become: yes

    - name: clone pbgui repository
      git:
        repo: https://github.com/msei99/pbgui.git
        dest: "{{ install_dir }}/pbgui"
        version: main
        update: yes

    - name: clone passivbot repository for pb6
      git:
        repo: https://github.com/enarjord/passivbot.git
        dest: "{{ install_dir }}/pb6"
        version: v6.1.4b_latest_v6
        update: yes

    - name: clone passivbot repository for pb7
      git:
        repo: https://github.com/enarjord/passivbot.git
        dest: "{{ install_dir }}/pb7"
        version: master
        update: yes

    - name: create python3.10 venv for pbgui
      pip:
        virtualenv_command: python3.10 -m venv
        virtualenv: "{{ install_dir }}/venv_pbgui"
        requirements: "{{ install_dir }}/pbgui/requirements_vps.txt"
        extra_args: --upgrade pip

    - name: create python3.10 venv for pb6
      pip:
        virtualenv_command: python3.10 -m venv
        virtualenv: "{{ install_dir }}/venv_pb6"
        requirements: "{{ install_dir }}/pb6/requirements_liveonly.txt"
        extra_args: --upgrade pip

    - name: create python3.10 venv for pb7
      pip:
        virtualenv_command: python3.10 -m venv
        virtualenv: "{{ install_dir }}/venv_pb7"
        requirements: "{{ install_dir }}/pb7/requirements.txt"
        extra_args: --upgrade pip
    
    - name: Build passivbot-rust with maturin
      shell: |
        source "{{ install_dir }}/venv_pb7/bin/activate"
        maturin develop --release
      args:
        chdir: "{{ install_dir }}/pb7/passivbot-rust"
        executable: /bin/bash
      register: maturin_result

    - name: print maturin result
      debug:
        var: maturin_result
      tags: debug,never

    - name: pbgui copy start.sh.example -> start.sh
      command: cp "{{ install_dir }}/pbgui/start.sh.example" "{{ install_dir }}/pbgui/start.sh"
    
    - name: comment out PBStat.py and PBData.py in start.sh
      replace:
        path: "{{ install_dir }}/pbgui/start.sh"
        regexp: "{{ item.regexp }}"
        replace: "{{ item.replace }}"
      loop:
        - { regexp: '^python PBStat', replace: '# python PBStat' }
        - { regexp: '^python PBData', replace: '# python PBData' }
    
    - name: create crontab for pbgui
      cron:
        name: "pbgui"
        job: "{{ install_dir }}/pbgui/start.sh"
        special_time: reboot
    
    - name: pbgui copy pbgui.ini.example -> pbgui.ini
      command: cp "{{ install_dir }}/pbgui/pbgui.ini.example" "{{ install_dir }}/pbgui/pbgui.ini"
    
    - name: edit pbgui.ini
      replace:
        path: "{{ install_dir }}/pbgui/pbgui.ini"
        regexp: "{{ item.regexp }}"
        replace: "{{ item.replace }}"
      loop:
        - { regexp: '<hostname>', replace: "{{ hostname }}" }
        - { regexp: '<username>', replace: "{{ user }}" }
        - { regexp: '<bucket_name>:', replace: "{{ bucket_name }}" }
        - { regexp: '<api_key>', replace: "{{ api_key }}" }
    
    - name: copy rclone config from local to remote
      copy:
        src: "{{ local_home }}/.config/rclone/"
        dest: "{{ remote_home }}/.config/rclone/"
    
    - name: Start or Restart PBRun, PBRemote and PBCoinData
      shell: |
        source "{{ install_dir }}/venv_pbgui/bin/activate"
        python "{{ install_dir }}/pbgui/starter.py" -r PBRun PBRemote PBCoinData
      args:
        executable: /bin/bash
        chdir: "{{ install_dir }}/pbgui"
      register: starter_result

    - name: print starter result
      debug:
        var: starter_result
      tags: debug,never