diff options
Diffstat (limited to 'ansible/radicle-other-node.yml')
| -rw-r--r-- | ansible/radicle-other-node.yml | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/ansible/radicle-other-node.yml b/ansible/radicle-other-node.yml new file mode 100644 index 0000000..658fbc0 --- /dev/null +++ b/ansible/radicle-other-node.yml @@ -0,0 +1,148 @@ +- hosts: radicle-other-node + remote_user: debian + become: yes + roles: + - role: sane_debian_system + - role: sshd + - role: unix_users + - role: rust-rustup + - role: liw + tasks: + - apt: + name: + - curl + - git + - jq + - man-db + - psmisc + - rsync + - screen + - sqlite3 + - vim + - w3m + + - name: "install radicle using installer" + shell: | + filename="/home/liw/.radicle/bin/rad" + + install=false + if [ ! -e "$filename" ]; then + install=true + else + weekago="$(date -d 'week ago' +%s)" + mtime="$(stat -c %Y "$filename")" + if [ "$mtime" -lt "$weekago" ]; then + install=true + fi + fi + + if $install; then + curl -sSf https://radicle.xyz/install | sudo -u liw bash + fi + + - name: "create liw/.radicle/keys" + file: + state: directory + path: /home/liw/.radicle/keys + owner: liw + group: liw + mode: 0755 + + - name: "install radicle private key" + copy: + content: "{{ radicle_key }}" + dest: /home/liw/.radicle/keys/radicle + owner: liw + group: liw + mode: 0600 + + - name: "install radicle public key" + copy: + content: "{{ radicle_pub }}" + dest: /home/liw/.radicle/keys/radicle.pub + owner: liw + group: liw + mode: 0644 + + - name: "configure rad" + copy: + content: | + { + "publicExplorer": "https://app.radicle.xyz/nodes/$host/$rid$path", + "preferredSeeds": [ + ], + "web": { + "pinned": { + "repositories": [] + } + }, + "cli": { + "hints": true + }, + "node": { + "alias": "liw-other-node", + "listen": [], + "peers": { + "type": "dynamic", + "target": 8 + }, + "connect": [ + "z6MkfXa53s1ZSFy8rktvyXt5ADCojnxvjAoQpzajaXyLqG5n@radicle.liw.fi:8776" + ], + "externalAddresses": [], + "network": "main", + "relay": true, + "limits": { + "routingMaxSize": 1000, + "routingMaxAge": 604800, + "gossipMaxAge": 1209600, + "fetchConcurrency": 1, + "maxOpenFiles": 4096, + "rate": { + "inbound": { + "fillRate": 0.2, + "capacity": 32 + }, + "outbound": { + "fillRate": 1.0, + "capacity": 64 + } + } + }, + "policy": "block", + "scope": "followed" + } + } + dest: /home/liw/.radicle/config.json + owner: liw + group: liw + mode: 0644 + + - name: "create /srv/http" + file: + state: directory + path: /srv/http + owner: liw + group: liw + mode: 0o755 + + vars: + sane_debian_system_version: 2 + sane_debian_system_hostname: "{{ inventory_hostname }}" + sane_debian_system_codename: bookworm + sane_debian_system_timezone: Europe/Helsinki + sane_debian_system_sources_lists: + - repo: | + deb http://security.debian.org/debian-security bookworm-security main + + - repo: deb http://apt.liw.fi/debian unstable main + signing_key: "{{ apt_liw_fi_signing_key }}" + + unix_users_version: 2 + unix_users: + - username: liw + + sshd_version: 1 + + radicle_key: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key') }}" + radicle_pub: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key.pub') }}" |