From 48b20f6a56372b14a4342167e6375d5a9c224417 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Wed, 7 Feb 2024 14:12:31 +0200 Subject: add radicle_node role Signed-off-by: Lars Wirzenius Sponsored-by: author --- roles/radicle_node/tasks/main.yml | 115 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 roles/radicle_node/tasks/main.yml diff --git a/roles/radicle_node/tasks/main.yml b/roles/radicle_node/tasks/main.yml new file mode 100644 index 0000000..a1985ca --- /dev/null +++ b/roles/radicle_node/tasks/main.yml @@ -0,0 +1,115 @@ +- name: "check radicle_node_version" + shell: | + [ "{{ radicle_node_version }}" = "1" ] || \ + (echo "Unexpected version {{ radicle_node_version }}" 1>&2; exit 1) + +- name: "check that radicle_node_key is set" + shell: | + echo radicle_node_key Ansible variable is not set + exit 1 + when: radicle_node_key is not defined + +- name: "check that radicle_node_key_pub is set" + shell: | + echo radicle_node_key_pub Ansible variable is not set + exit 1 + when: radicle_node_key_pub is not defined + +- name: "install important additional packages for Radicle" + apt: + name: + - curl + - git + +- name: "create directory for Radicle keys" + file: + state: directory + path: /home/_rad/.radicle/keys + owner: _rad + group: _rad + mode: 0755 + +- name: "install Radicle private key" + copy: + content: "{{ radicle_node_key }}" + dest: /home/_rad/.radicle/keys/radicle + owner: _rad + group: _rad + mode: 0600 + +- name: "install Radicle public key" + copy: + content: "{{ radicle_node_key_pub }}" + dest: /home/_rad/.radicle/keys/radicle.pub + owner: _rad + group: _rad + mode: 0644 + +- name: "install of upgrade Radicle using installer" + shell: | + # Can't use "set -o pipefail" here, because shell may not be + # bash. So we don't use a pipe from curl to bash, and download + # as one command and run script as a second command. If the + # download fails, the task fails. + + curl -sSf https://radicle.xyz/install > radicle-install + sudo -u _rad bash radicle-install + +- name: "install systemd unit for Radicle node" + copy: + content: | + [Unit] + After=syslog.target network.target + Description=Radicle Node + + [Service] + Type=simple + ExecStart=/home/_rad/.radicle/bin/radicle-node --listen 0.0.0.0:8776 + Environment=RAD_HOME=/home/_rad/.radicle + KillMode=process + Restart=never + RestartSec=1 + User=_rad + Group=_rad + + [Install] + WantedBy=default.target + dest: /lib/systemd/system/radicle-node.service + +- name: "start systemd unit for Radicle node" + systemd: + name: radicle-node + state: restarted + masked: no + enabled: yes + daemon_reload: yes + +# Ansible does not seem to always actually start the unit, so do +# it manually. This seems to only happen on the first run on a +# freshly created host. +- name: "actually start node" + shell: | + systemctl restart radicle-node + systemctl status radicle-node + +- name: "connect to other Radicle nodes" + when: radicle_node_connections is defined + with_items: "{{ radicle_node_connections }}" + shell: | + cat <<'EOF' > connect.sh + export PATH="$HOME/.radicle/bin:$PATH" + rad node status + rad node connect "{{ item.nid }}@{{ item.host }}:{{ item.port }}" + EOF + sudo -u _rad bash -ex connect.sh + +- name: "seed Radicle repositories" + when: radicle_node_repositories is defined + with_items: "{{ radicle_node_repositories }}" + shell: | + cat <<'EOF' > seed.sh + export PATH="$HOME/.radicle/bin:$PATH" + rad node status + rad seed "{{ item.rid }}" + EOF + sudo -u _rad bash -ex seed.sh -- cgit v1.2.1