-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds changes from the incentivized testnet
- Loading branch information
Testnet Deployer
committed
Nov 11, 2019
1 parent
3738c87
commit fb7a60d
Showing
9 changed files
with
147 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# Deployment Tips | ||
|
||
* File `.envrc` needs to be created for each deployment. See examples dir. | ||
* Run `direnv allow` to enable direnv to load the `.envrc` file | ||
* File `globals.nix` needs to be created for each deployment. See examples dir. | ||
* File `deployments/${NIXOPS_DEPLOYMENT}.nix` needs to be created for the deployment. | ||
* File `clusters/${NIXOPS_DEPLOYMENT}.nix` needs to be created for the deployment. | ||
* Niv update any source repos as needed | ||
* Create the secrets dir populated with any required secrets | ||
* Create the static dir and populate with any required keys using the `genesis-generator` tool | ||
* Update the public IDs in the secrets dir with the `scripts/update-jormungandr-public-ids.rb` tool | ||
* Create the nixops clusters with the required params: | ||
|
||
``` | ||
nixops create -d $NIXOPS_DEPLOYMENT -I nixpkgs=./nix deployments/${NIXOPS_DEPLOYMENT}.nix | ||
nixops --arg globals 'import ../globals.nix' | ||
``` | ||
|
||
* Deploy as needed, utilizing scripts from the `scripts` folder if desired |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
{ targetEnv, tiny, medium, large }: | ||
let | ||
mkNodes = import ../nix/mk-nodes.nix { inherit targetEnv; }; | ||
pkgs = import ../nix { }; | ||
lib = pkgs.lib; | ||
|
||
mkStakes = region: amount: { | ||
inherit amount; | ||
imports = [ medium ../roles/jormungandr-stake.nix ]; | ||
deployment.ec2.region = region; | ||
node.isStake = true; | ||
}; | ||
|
||
mkRelays = region: amount: { | ||
inherit amount; | ||
imports = [ medium ../roles/jormungandr-relay.nix ]; | ||
deployment.ec2.region = region; | ||
node.isRelay = true; | ||
}; | ||
|
||
nodes = mkNodes { | ||
monitoring = { | ||
imports = [ large ../roles/monitor.nix ]; | ||
deployment.ec2.region = "eu-central-1"; | ||
node.isMonitoring = true; | ||
}; | ||
|
||
explorer = { | ||
imports = [ medium ../roles/jormungandr-explorer.nix ]; | ||
deployment.ec2.region = "eu-central-1"; | ||
node.isExplorer = true; | ||
node.isRelay = true; | ||
}; | ||
|
||
#faucet = { | ||
# imports = [ medium ../roles/jormungandr-faucet.nix ]; | ||
# deployment.ec2.region = "eu-central-1"; | ||
# node.isFaucet = true; | ||
# node.isRelay = true; | ||
#}; | ||
|
||
stake-a = mkStakes "us-west-1" 1; | ||
stake-b = mkStakes "ap-northeast-1" 1; | ||
stake-c = mkStakes "eu-central-1" 1; | ||
|
||
relay-a = mkRelays "us-west-1" 2; | ||
relay-b = mkRelays "ap-northeast-1" 2; | ||
relay-c = mkRelays "eu-central-1" 3; | ||
}; | ||
in { | ||
network.description = "Jormungandr Incentivized"; | ||
network.enableRollback = true; | ||
} // nodes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
{ globals ? import ./globals.nix, ... }: | ||
let | ||
inherit (globals.ec2) credentials; | ||
inherit (credentials) accessKeyId; | ||
inherit (import ../nix { }) lib; | ||
inherit (lib) | ||
attrValues filter filterAttrs flatten foldl' hasAttrByPath listToAttrs | ||
mapAttrs' nameValuePair recursiveUpdate unique; | ||
|
||
cluster = import ../clusters/jormungandr-incentivized.nix { | ||
targetEnv = "ec2"; | ||
tiny = ../physical/aws/t3a.small.nix; | ||
medium = ../physical/aws/t3a.medium.nix; | ||
large = ../physical/aws/t3.xlarge.nix; | ||
}; | ||
|
||
nodes = filterAttrs (name: node: | ||
((node.deployment.targetEnv or null) == "ec2") | ||
&& ((node.deployment.ec2.region or null) != null)) cluster; | ||
|
||
regions = | ||
unique (map (node: node.deployment.ec2.region) (attrValues nodes)); | ||
|
||
securityGroupFiles = [ | ||
../physical/aws/security-groups/allow-deployer-ssh.nix | ||
../physical/aws/security-groups/allow-graylog-nodes.nix | ||
../physical/aws/security-groups/allow-jormungandr.nix | ||
../physical/aws/security-groups/allow-monitoring-collection.nix | ||
../physical/aws/security-groups/allow-public-www-https.nix | ||
]; | ||
|
||
importSecurityGroup = region: file: | ||
import file { inherit lib region accessKeyId nodes; }; | ||
|
||
mkEC2SecurityGroup = region: | ||
foldl' recursiveUpdate { } | ||
(map (importSecurityGroup region) securityGroupFiles); | ||
|
||
settings = { | ||
resources = { | ||
ec2SecurityGroups = | ||
foldl' recursiveUpdate { } (map mkEC2SecurityGroup regions); | ||
|
||
elasticIPs = mapAttrs' (name: node: | ||
nameValuePair "${name}-ip" { | ||
inherit accessKeyId; | ||
inherit (node.deployment.ec2) region; | ||
}) nodes; | ||
|
||
ec2KeyPairs = __listToAttrs (map (region: | ||
nameValuePair "jormungandr-${region}" { inherit region accessKeyId; }) | ||
regions); | ||
}; | ||
}; | ||
in cluster // settings |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
# This is an example file for `.envrc` that should live in the root dir | ||
use nix | ||
|
||
watch_file nix/* | ||
|
||
export NIXOPS_DEPLOYMENT=$NIXOPS_DEPLOYMENT | ||
|
||
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY | ||
export PACKET_API_KEY=$PACKET_API_KEY | ||
export PACKET_PROJECT_ID=$PACKET_PROJECT_ID | ||
|
||
export NIX_PATH="nixpkgs=$(nix eval '(import ./nix {}).path')" | ||
export EDITOR=~/$USER/result/bin/vim | ||
export GITHUB_TOKEN=$GITHUB_TOKEN |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters