add radicle_node role

Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author

1 files changed, 115 insertions, 0 deletions

diff --git a/roles/radicle_node/tasks/main.yml b/roles/radicle_node/tasks/main.yml
new file mode 100644
index 0000000..a1985ca
--- /dev/null
+++ b/roles/radicle_node/tasks/main.yml
@@ -0,0 +1,115 @@
+- name: "check radicle_node_version"
+  shell: |
+    [ "{{ radicle_node_version }}" = "1" ] || \
+      (echo "Unexpected version {{ radicle_node_version }}" 1>&2; exit 1)
+
+- name: "check that radicle_node_key is set"
+  shell: |
+    echo radicle_node_key Ansible variable is not set
+    exit 1
+  when: radicle_node_key is not defined
+
+- name: "check that radicle_node_key_pub is set"
+  shell: |
+    echo radicle_node_key_pub Ansible variable is not set
+    exit 1
+  when: radicle_node_key_pub is not defined
+
+- name: "install important additional packages for Radicle"
+  apt:
+    name:
+      - curl
+      - git
+
+- name: "create directory for Radicle keys"
+  file:
+    state: directory
+    path: /home/_rad/.radicle/keys
+    owner: _rad
+    group: _rad
+    mode: 0755
+
+- name: "install Radicle private key"
+  copy:
+    content: "{{ radicle_node_key }}"
+    dest: /home/_rad/.radicle/keys/radicle
+    owner: _rad
+    group: _rad
+    mode: 0600
+
+- name: "install Radicle public key"
+  copy:
+    content: "{{ radicle_node_key_pub }}"
+    dest: /home/_rad/.radicle/keys/radicle.pub
+    owner: _rad
+    group: _rad
+    mode: 0644
+
+- name: "install of upgrade Radicle using installer"
+  shell: |
+    # Can't use "set -o pipefail" here, because shell may not be
+    # bash. So we don't use a pipe from curl to bash, and download
+    # as one command and run script as a second command. If the
+    # download fails, the task fails.
+
+    curl -sSf https://radicle.xyz/install > radicle-install
+    sudo -u _rad bash radicle-install
+
+- name: "install systemd unit for Radicle node"
+  copy:
+    content: |
+      [Unit]
+      After=syslog.target network.target
+      Description=Radicle Node
+
+      [Service]
+      Type=simple
+      ExecStart=/home/_rad/.radicle/bin/radicle-node --listen 0.0.0.0:8776
+      Environment=RAD_HOME=/home/_rad/.radicle
+      KillMode=process
+      Restart=never
+      RestartSec=1
+      User=_rad
+      Group=_rad
+
+      [Install]
+      WantedBy=default.target
+    dest: /lib/systemd/system/radicle-node.service
+
+- name: "start systemd unit for Radicle node"
+  systemd:
+    name: radicle-node
+    state: restarted
+    masked: no
+    enabled: yes
+    daemon_reload: yes
+
+# Ansible does not seem to always actually start the unit, so do
+# it manually. This seems to only happen on the first run on a
+# freshly created host.
+- name: "actually start node"
+  shell: |
+    systemctl restart radicle-node
+    systemctl status radicle-node
+
+- name: "connect to other Radicle nodes"
+  when: radicle_node_connections is defined
+  with_items: "{{ radicle_node_connections }}"
+  shell: |
+    cat <<'EOF' > connect.sh
+    export PATH="$HOME/.radicle/bin:$PATH"
+    rad node status
+    rad node connect "{{ item.nid }}@{{ item.host }}:{{ item.port }}"
+    EOF
+    sudo -u _rad bash -ex connect.sh
+
+- name: "seed Radicle repositories"
+  when: radicle_node_repositories is defined
+  with_items: "{{ radicle_node_repositories }}"
+  shell: |
+    cat <<'EOF' > seed.sh
+    export PATH="$HOME/.radicle/bin:$PATH"
+    rad node status
+    rad seed "{{ item.rid }}"
+    EOF
+    sudo -u _rad bash -ex seed.sh