Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add retries to apt and url_get modules #24

Merged
merged 6 commits into from
Nov 11, 2024
Merged

feat: add retries to apt and url_get modules #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
e2797bf
feat: add retries to apt and url_get modules
ehh-why-its-so-hard Nov 8, 2024
0502a0d
feat: enable geoblocking module for caddy
ehh-why-its-so-hard Nov 10, 2024
841152a
feat: switch vegavisor repository to nebula
ehh-why-its-so-hard Nov 10, 2024
1c7c66f
fix: tendermint config for block explorer
ehh-why-its-so-hard Nov 10, 2024
332f6e3
feat: improve diff for core config during ansible playbook run
ehh-why-its-so-hard Nov 10, 2024
ba4009c
fix: ansible lint
ehh-why-its-so-hard Nov 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions roles/docker/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@
- ca-certificates
- curl
- software-properties-common
retries: 3
delay: 3
register: docker_apt_common_result
until: docker_apt_common_result is succeeded

- name: Add apt key for required repositories
ansible.builtin.apt_key:
Expand All @@ -32,6 +36,10 @@
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
retries: 3
delay: 3
register: docker_apt_result
until: docker_apt_result is succeeded

- name: Restart docker
ansible.builtin.systemd:
Expand Down
8 changes: 8 additions & 0 deletions roles/firewall/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,21 @@
- ufw
- firewalld
state: absent
retries: 3
delay: 3
register: firewall_remove_apt_result
until: firewall_remove_apt_result is succeeded

- name: Install iptables
ansible.builtin.apt:
pkg:
- iptables
- iptables-persistent
state: present
retries: 3
delay: 3
register: firewall_apt_result
until: firewall_apt_result is succeeded

- name: Template restore file
ansible.builtin.template:
Expand Down
8 changes: 8 additions & 0 deletions roles/geth/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,20 @@
pkg:
- tar
- gzip
retries: 3
delay: 3
register: geth_apt_result
until: geth_apt_result is succeeded

- name: Download geth binary
ansible.builtin.get_url:
url: "https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-{{- geth_version -}}.tar.gz"
dest: &geth_dest /tmp/geth.zip
mode: '0600'
retries: 3
delay: 3
register: geth_download_result
until: geth_download_result is succeeded

- name: Unpack geth
ansible.builtin.unarchive:
Expand Down
4 changes: 4 additions & 0 deletions roles/grafana_agent/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: Grafana Agent | Install grafana-agent
ansible.builtin.apt:
deb: "https://github.com/{{- grafana_agent_repository -}}/releases/download/v{{- grafana_agent_version -}}/grafana-agent-{{- grafana_agent_version -}}-1.amd64.deb" # noqa: yaml[line-length]
retries: 3
delay: 5
register: grafana_agent_install_result
until: grafana_agent_install_result is succeeded

- name: Grafana Agent | Update CUSTOM_ARGS environment variables for grafana config
ansible.builtin.lineinfile:
Expand Down
3 changes: 3 additions & 0 deletions roles/grafana_server/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@
allow_downgrade: true
allow_change_held_packages: true
register: grafana_server_install
retries: 3
delay: 3
until: grafana_server_install is succeeded

- name: Ensure grafana plugins dir exists
ansible.builtin.file:
Expand Down
4 changes: 4 additions & 0 deletions roles/java/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,7 @@
ansible.builtin.apt:
name:
- openjdk-17-jdk
retries: 3
delay: 3
register: java_install_result
until: java_install_result is succeeded
1 change: 1 addition & 0 deletions roles/jenkins_master/defaults/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,4 @@ jenkins_master_version: '2.452.4'

jenkins_master_with_zfs: false
jenkins_master_zfs_device: /dev/sdb
jenkins_master_permissive_script_security: false
10 changes: 9 additions & 1 deletion roles/jenkins_master/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@
ansible.builtin.apt:
name:
- openjdk-17-jdk
retries: 3
delay: 3
register: jenkins_java_install_result
until: jenkins_java_install_result is succeeded

- name: Install Jenkins
ansible.builtin.apt:
Expand All @@ -38,6 +42,10 @@
notify:
- "Reload systemd config"
- "Restart jenkins"
retries: 3
delay: 3
register: jenkins_install_result
until: jenkins_install_result is succeeded


- name: Create a directory if it does not exist
Expand All @@ -48,7 +56,7 @@


- name: Copy jenkins.service.d config
ansible.builtin.copy:
ansible.builtin.template:
src: 'etc/systemd/system/jenkins.service.d/override.conf'
dest: '/etc/systemd/system/jenkins.service.d/override.conf'
owner: 'root'
Expand Down
2 changes: 1 addition & 1 deletion ...md/system/jenkins.service.d/override.conf → ...md/system/jenkins.service.d/override.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
[Service]
Environment="JAVA_OPTS=-Djava.awt.headless=true -Xms6144m -Xmx6144m"
Environment="JENKINS_OPTS=--sessionTimeout=10080 --sessionEviction=259200"
Environment="JENKINS_OPTS=--sessionTimeout=10080 --sessionEviction=259200{%- if jenkins_master_permissive_script_security %} -Dpermissive-script-security.enabled=true{%- endif -%}"
Environment="JENKINS_HOME=/home/jenkins"
TimeoutSec=900
13 changes: 11 additions & 2 deletions roles/vega_caddy_server/tasks/install-caddy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@
- debian-archive-keyring
- apt-transport-https
- curl
retries: 3
delay: 3
register: vega_caddy_server_common_install
until: vega_caddy_server_common_install is succeeded

- name: CaddyserverV2 | Check if Go installed
ansible.builtin.command: "go version"
Expand Down Expand Up @@ -41,6 +45,10 @@
deb: "https://github.com/caddyserver/xcaddy/releases/download/v{{ vega_caddy_server_xcaddy_version }}/xcaddy_{{ vega_caddy_server_xcaddy_version }}_linux_amd64.deb" # noqa: yaml[line-length]
update_cache: true
state: present
retries: 3
delay: 3
register: vega_caddy_server_xcaddy_install
until: vega_caddy_server_xcaddy_install is succeeded

- name: Check if caddy is installed
ansible.builtin.command: "caddy version"
Expand All @@ -52,8 +60,9 @@
- name: CaddyserverV2 | Compile caddy from sources
ansible.builtin.command: |
xcaddy build {{ vega_caddy_server_caddy_version }} \
--output /usr/bin/caddy
--with github.com/caddyserver/replace-response
--output /usr/bin/caddy \
--with github.com/caddyserver/replace-response \
--with github.com/shift72/caddy
when: (caddy_version.rc != 0) or (not vega_caddy_server_caddy_version in caddy_version.stdout)
changed_when: (caddy_version.rc != 0) or (not vega_caddy_server_caddy_version in caddy_version.stdout)
notify: "Restart caddy"
Expand Down
5 changes: 5 additions & 0 deletions roles/vega_common/tasks/dasel.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,8 @@
url: "https://github.com/TomWright/dasel/releases/download/v{{- vega_common_dasel_version -}}/dasel_linux_amd64"
dest: /usr/local/bin/dasel
mode: '0755'
timeout: 30
retries: 3
delay: 3
register: dasel_result
until: dasel_result is succeeded
8 changes: 8 additions & 0 deletions roles/vega_common/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,20 @@
- gzip
- tar
- bzip2
retries: 3
delay: 3
register: vega_common_install
until: vega_common_install is succeeded

- name: Install Python and pip
ansible.builtin.apt:
pkg:
- python3
- python3-pip
retries: 3
delay: 3
register: vega_common_python_install
until: vega_common_python_install is succeeded

- name: Ensure group "vega" exists
ansible.builtin.group:
Expand Down
5 changes: 4 additions & 1 deletion roles/vega_core/defaults/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,12 @@ vega_core_with_unsafe_reset_all: false
vega_core_chain_id: ""
vega_core_external_endpoint: ""
# vega version used only once for genesis version in the vegavisor and for the maintenance stuff (/usr/local/bin/vega)
vega_core_download_repository: vegaprotocol
vega_core_download_binary_version: v0.77.6
vega_core_with_data_node: false
vega_core_with_block_explorer: false
vega_core_validator_node: false
vega_core_vega_monitoring: false
vega_core_with_vega_monitoring: false
vega_core_number_of_snapshots_to_keep: 240
vega_core_pprof_enabled: false
vega_core_with_node_init: true
Expand Down Expand Up @@ -61,3 +62,5 @@ vega_core_data_node_settings: {}
vega_core_with_health_check: true
vega_core_health_check_repository: "nebula-dex/vega-health-check"
vega_core_health_check_version: "v0.2.0"

vega_core_vegavisor_config: {}
17 changes: 9 additions & 8 deletions roles/vega_core/tasks/configuration.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,14 +86,6 @@
group: vega
mode: '0755'

- name: Visor config
ansible.builtin.template:
src: "home/vega/vegavisor_home/config.toml.j2"
dest: "/home/vega/vegavisor_home/config.toml"
owner: "vega"
group: "vega"
mode: "0664"

- name: Visor genesis config
ansible.builtin.template:
src: "home/vega/vegavisor_home/genesis/run-config.toml.j2"
Expand All @@ -120,6 +112,15 @@
mode: '0755'


- name: Render visor config
ansible.builtin.template:
src: "home/vega/vegavisor_home/config.toml.j2"
dest: "/home/vega/vegavisor_home/config.toml"
owner: "vega"
group: "vega"
mode: "0664"


- name: Data node config(template only)
ansible.builtin.template:
src: "home/vega/vega_home/config/data-node/config.toml.j2"
Expand Down
4 changes: 2 additions & 2 deletions roles/vega_core/tasks/get-binaries.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
- name: Download vega binary
ansible.builtin.get_url:
force: true
url: "https://github.com/vegaprotocol/vega/releases/download/{{- vega_core_download_binary_version -}}/vega-linux-amd64.zip"
url: "https://github.com/{{- vega_core_download_repository -}}/vega/releases/download/{{- vega_core_download_binary_version -}}/vega-linux-amd64.zip"
dest: &vega_dest /tmp/vega.zip
mode: '0600'

Expand All @@ -26,7 +26,7 @@
- name: Download visor binary
ansible.builtin.get_url:
force: true
url: "https://github.com/vegaprotocol/vega/releases/download/{{- vega_core_download_binary_version -}}/visor-linux-amd64.zip"
url: "https://github.com/{{- vega_core_download_repository -}}/vega/releases/download/{{- vega_core_download_binary_version -}}/visor-linux-amd64.zip"
dest: &visor_dest /tmp/visor.zip
mode: '0600'

Expand Down
2 changes: 1 addition & 1 deletion roles/vega_core/templates/home/vega/tendermint_home/config/config.toml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -435,7 +435,7 @@ peer_query_maj23_sleep_duration = "2s"
# considerable amount of disk space. Set to false to ensure ABCI responses are
# persisted. ABCI responses are required for /block_results RPC queries, and to
# reindex events in the command-line tool.
discard_abci_responses = {{'false' if vega_core_vega_monitoring else 'true'}}
discard_abci_responses = {{'false' if vega_core_with_vega_monitoring or vega_core_with_block_explorer else 'true'}}

#######################################################
### Transaction Indexer Configuration Options ###
Expand Down
14 changes: 2 additions & 12 deletions roles/vega_core/templates/home/vega/vega_home/config/node/config.toml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,8 +97,8 @@ MaxMemoryPercent = {{ 90 if vega_core_validator_node else 33 }}
[[Ethereum.EVMChainConfigs]]
ChainID = "{{- evm_config.chain_id -}}"
RPCEndpoint = "{{- evm_config.endpoint -}}"
{% endfor %}

{% endfor %}
[Processor]
Level = "Info"
LogOrderSubmitDebug = true
Expand All @@ -109,9 +109,6 @@ MaxMemoryPercent = {{ 90 if vega_core_validator_node else 33 }}
DevEnabled = false
CrashAtHeight = 0
DebugCrashFile = "/tmp/snapshot.json"
[Processor.Ratelimit]
Requests = 500
PerNBlocks = 10

[Logging]
Environment = "dev"
Expand Down Expand Up @@ -167,19 +164,14 @@ MaxMemoryPercent = {{ 90 if vega_core_validator_node else 33 }}
Level = "Debug"
RetryRate = "10s"
KeepHashesDurationForTestOnlyDoNotChange = "48h0m0s"
BlockchainQueueAllowlist = [{% if faucet_pubkey|default('') %}
# faucet
"{{ faucet_pubkey }}"
{% endif %}]

BlockchainQueueAllowlist = []
[EvtForward.Ethereum]
Level = "Debug"
MaxEthereumBlocks = 10000
PollEventRetryDuration = "20s"
ChainID = ""
SkipClientVerification = true
HeartbeatIntervalForTestOnlyDoNotChange = "1h0m0s"

{% if vega_core_secondary_evm_endpoint | default("") != "" %}
[[EvtForward.EVMBridges]]
Level = "Info"
Expand All @@ -188,7 +180,6 @@ MaxMemoryPercent = {{ 90 if vega_core_validator_node else 33 }}
ChainID = "{{- vega_core_secondary_evm_chain_id -}}"
SkipClientVerification = true
{% endif %}

[EvtForward.EthCall]
Level = "Debug"
PollEvery = "20s"
Expand All @@ -202,7 +193,6 @@ MaxMemoryPercent = {{ 90 if vega_core_validator_node else 33 }}
ApproxEthereumBlockTime = "15s"
NodeVoteResendInterval = "10s"


[Banking]
Level = "Info"

Expand Down
2 changes: 1 addition & 1 deletion roles/vega_core/templates/home/vega/vegavisor_home/config.toml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ stopSignalTimeoutSeconds = 15

[autoInstall]
enabled = true
repositoryOwner = "vegaprotocol"
repositoryOwner = "{{- vega_core_vegavisor_config['autoInstall.repositoryOwner']|default('vegaprotocol') -}}"
repository = "vega"
[autoInstall.asset]
name = "vega-linux-amd64.zip"
Expand Down
8 changes: 8 additions & 0 deletions roles/vega_postgresql/tasks/postgresql.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
update_cache: true
pkg:
- python3-psycopg2
retries: 3
delay: 3
register: vega_psql_common_install
until: vega_psql_common_install is succeeded

# https://wiki.postgresql.org/wiki/Apt
# https://stackoverflow.com/questions/71585303/how-can-i-manage-keyring-files-in-trusted-gpg-d-with-ansible-playbook-since-apt
Expand All @@ -25,3 +29,7 @@
pkg:
- "postgresql-{{- vega_postgresql_version -}}"
- "postgresql-contrib-{{- vega_postgresql_version -}}"
retries: 3
delay: 3
register: vega_psql_install
until: vega_psql_install is succeeded
4 changes: 4 additions & 0 deletions roles/vega_postgresql/tasks/timescale.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,3 +35,7 @@
- "timescaledb-2-loader-postgresql-{{ vega_postgresql_version }}={{- vega_postgresql_timescaledb_version -}}*"
notify:
- "Restart postgresql"
retries: 3
delay: 3
register: vega_psql_timescaledb_install
until: vega_psql_timescaledb_install is succeeded
4 changes: 4 additions & 0 deletions roles/vega_zfs/tasks/main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
ansible.builtin.apt:
pkg:
- zfsutils-linux
retries: 3
delay: 3
register: vega_zfs_install
until: vega_zfs_install is succeeded

- name: Ensure mountpoint exists
when: vega_zfs_device != ""
Expand Down