From 484428711bb3530de420b8769d418e3598cce7dc Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Wed, 7 Feb 2024 18:51:13 +0200 Subject: radicle-other-node: use debian-ansible role radicle_node Signed-off-by: Lars Wirzenius Sponsored-by: author --- ansible/radicle-other-node.yml | 108 +++-------------------------------------- 1 file changed, 7 insertions(+), 101 deletions(-) diff --git a/ansible/radicle-other-node.yml b/ansible/radicle-other-node.yml index afd263f..7509dfc 100644 --- a/ansible/radicle-other-node.yml +++ b/ansible/radicle-other-node.yml @@ -5,103 +5,7 @@ - role: sane_debian_system - role: sshd - role: unix_users - tasks: - - name: "install important additional packages" - apt: - name: - - curl - - git - - - name: "create directory for Radicle keys" - file: - state: directory - path: /home/_rad/.radicle/keys - owner: _rad - group: _rad - mode: 0755 - - - name: "install Radicle private key" - copy: - content: "{{ radicle_key }}" - dest: /home/_rad/.radicle/keys/radicle - owner: _rad - group: _rad - mode: 0600 - - - name: "install Radicle public key" - copy: - content: "{{ radicle_pub }}" - dest: /home/_rad/.radicle/keys/radicle.pub - owner: _rad - group: _rad - mode: 0644 - - - name: "install of upgrade Radicle using installer" - shell: | - # Can't use "set -o pipefail" here, because shell may not be - # bash. So we don't use a pipe from curl to bash, and download - # as one command and run script as a second command. If the - # download fails, the task fails. - - curl -sSf https://radicle.xyz/install > radicle-install - sudo -u _rad bash radicle-install - - - name: "install systemd unit for Radicle node" - copy: - content: | - [Unit] - After=syslog.target network.target - Description=Radicle Node - - [Service] - Type=simple - ExecStart=/home/_rad/.radicle/bin/radicle-node --listen 0.0.0.0:8776 - Environment=RAD_HOME=/home/_rad/.radicle - KillMode=process - Restart=never - RestartSec=1 - User=_rad - Group=_rad - - [Install] - WantedBy=default.target - dest: /lib/systemd/system/radicle-node.service - - - name: "start systemd unit for Radicle node" - systemd: - name: radicle-node - state: restarted - masked: no - enabled: yes - daemon_reload: yes - - # Ansible does not seem to always actually start the unit, so do - # it manually. This seems to only happen on the first run on a - # freshly created host. - - name: "actually start node" - shell: | - systemctl restart radicle-node - systemctl status radicle-node - - - name: "connect to other Radicle nodes" - with_items: "{{ radicle_connections }}" - shell: | - cat <<'EOF' > connect.sh - export PATH="$HOME/.radicle/bin:$PATH" - rad node status - rad node connect "{{ item.nid }}@{{ item.host }}:{{ item.port }}" - EOF - sudo -u _rad bash -ex connect.sh - - - name: "seed Radicle repositories" - with_items: "{{ radicle_repositories }}" - shell: | - cat <<'EOF' > seed.sh - export PATH="$HOME/.radicle/bin:$PATH" - rad node status - rad seed "{{ item.rid }}" - EOF - sudo -u _rad bash -ex seed.sh + - role: radicle_node vars: sane_debian_system_version: 2 sane_debian_system_hostname: "{{ inventory_hostname }}" @@ -118,12 +22,14 @@ sshd_version: 1 - radicle_key: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key') }}" - radicle_pub: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key.pub') }}" - radicle_connections: + radicle_node_version: 1 + radicle_node_backup: "/home/liw/data/_rad@radicle-other-node" + radicle_node_key: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key') }}" + radicle_node_key_pub: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key.pub') }}" + radicle_node_connections: - nid: z6MkfXa53s1ZSFy8rktvyXt5ADCojnxvjAoQpzajaXyLqG5n host: radicle.liw.fi port: 8776 - radicle_repositories: + radicle_node_repositories: - rid: "rad:z3gqcJUoA1n9HaHKufZs5FCSGazv5" - rid: "rad:zZnk3hS8C3WAhnv7mWcCUToCqpBs" -- cgit v1.2.1