diff --git a/.github/actions/build-and-push/action.yml b/.github/actions/build-and-push/action.yml index e84e9f4172..dd84d3b009 100644 --- a/.github/actions/build-and-push/action.yml +++ b/.github/actions/build-and-push/action.yml @@ -29,6 +29,7 @@ runs: - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: + registry: ghcr.io username: ${{ inputs.docker-username }} password: ${{ inputs.docker-password }} diff --git a/.github/actions/multiarch-push/action.yml b/.github/actions/multiarch-push/action.yml index a0b9e68d9d..957d776f64 100644 --- a/.github/actions/multiarch-push/action.yml +++ b/.github/actions/multiarch-push/action.yml @@ -20,6 +20,7 @@ runs: - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: + registry: ghcr.io username: ${{ inputs.docker-username }} password: ${{ inputs.docker-password }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f3417206df..d065e8142b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,9 +25,9 @@ jobs: - name: Build and push uses: ./.github/actions/build-and-push with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_DEV }}-${{ matrix.platform.image-suffix }} + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ghcr.io/ator-development/ator-protocol-dev-${{ matrix.platform.image-suffix }} docker-tag: latest-pr docker-platform: ${{ matrix.platform.name }} version: ${{ github.sha }} diff --git a/.github/workflows/dev-build-and-deploy.yml b/.github/workflows/dev-build-and-deploy.yml new file mode 100644 index 0000000000..dd4598bcb9 --- /dev/null +++ b/.github/workflows/dev-build-and-deploy.yml @@ -0,0 +1,73 @@ +name: Dev Build Image and Deploy + +on: + push: + branches: + - development + workflow_dispatch: + +env: + image-name: ghcr.io/ator-development/ator-protocol-dev + image-tag: ${{ github.sha }} + da-1-hc-url: http://49.13.145.234:9030/tor/status-vote/current/consensus + da-2-hc-url: http://5.161.108.187:9030/tor/status-vote/current/consensus + da-3-hc-url: http://5.78.90.106:9030/tor/status-vote/current/consensus + +jobs: + build-and-push: + runs-on: ${{ matrix.platform.runs-on }} + strategy: + matrix: + platform: + - name: linux/amd64 + image-suffix: amd64 + runs-on: ubuntu-latest + - name: linux/arm64 + image-suffix: arm64 + runs-on: arm64 + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Build and push + uses: ./.github/actions/build-and-push + with: + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ${{ env.image-name }}-${{ matrix.platform.image-suffix }} + docker-tag: ${{ env.image-tag }} + docker-platform: ${{ matrix.platform.name }} + version: ${{ github.sha }} + environment: dev + event-name: ${{ github.event_name }} + + multiarch-push: + runs-on: ubuntu-latest + needs: build-and-push + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Multiarch push + uses: ./.github/actions/multiarch-push + with: + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ${{ env.image-name }} + docker-tag: ${{ env.image-tag }} + event-name: ${{ github.event_name }} + + deploy: + needs: multiarch-push + runs-on: ubuntu-latest + steps: + - name: Deploy new version + uses: ./.github/actions/deploy + with: + image-tag: ${{ env.image-tag }} + nomad-job-file: anon-da-node-dev.hcl + health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}" + nomad-cacert: operations/admin-ui-ca.crt + nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }} + nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} + consul-cacert: operations/admin-ui-ca.crt + consul-http-token: ${{ secrets.CONSUL_HTTP_TOKEN_ATOR_NETWORK_DEPLOY }} + consul-addr: ${{ secrets.CONSUL_DEPLOY_ADDR }} diff --git a/.github/workflows/dev-build-and-push.yml b/.github/workflows/dev-build-and-push.yml deleted file mode 100644 index 0780b2f8e9..0000000000 --- a/.github/workflows/dev-build-and-push.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: Dev Build and Push Docker Images - -on: - push: - branches: - - development - workflow_dispatch: - -env: - image-tag: ${{ github.sha }} - -jobs: - build-and-push: - runs-on: ${{ matrix.platform.runs-on }} - strategy: - matrix: - platform: - - name: linux/amd64 - image-suffix: amd64 - runs-on: ubuntu-latest - - name: linux/arm64 - image-suffix: arm64 - runs-on: arm64 - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Build and push - uses: ./.github/actions/build-and-push - with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_DEV }}-${{ matrix.platform.image-suffix }} - docker-tag: ${{ env.image-tag }} - docker-platform: ${{ matrix.platform.name }} - version: ${{ github.sha }} - environment: dev - event-name: ${{ github.event_name }} - - multiarch-push: - runs-on: arm64 - needs: build-and-push - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Multiarch push - uses: ./.github/actions/multiarch-push - with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_DEV }} - docker-tag: ${{ env.image-tag }} - event-name: ${{ github.event_name }} - deploy: - needs: multiarch-push - runs-on: ubuntu-latest - steps: - - name: Invoke workflow without inputs - uses: benc-uk/workflow-dispatch@v1 - with: - workflow: Dev Deploy - ref: refs/heads/development diff --git a/.github/workflows/dev-deploy.yml b/.github/workflows/dev-deploy.yml deleted file mode 100644 index 7daaf08183..0000000000 --- a/.github/workflows/dev-deploy.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: Dev Deploy - -on: - workflow_dispatch: - workflow_call: - -env: - image-name: ${{ secrets.DOCKER_BASE_REPO_DEV }} - image-tag: ${{ github.event_name == 'workflow_call' && 'latest' || github.sha }} - da-1-hc-url: http://49.13.145.234:9030/tor/status-vote/current/consensus - da-2-hc-url: http://5.161.108.187:9030/tor/status-vote/current/consensus - da-3-hc-url: http://5.78.90.106:9030/tor/status-vote/current/consensus - -jobs: - push: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Deploy new version - uses: ./.github/actions/deploy - with: - image-tag: ${{ env.image-tag }} - nomad-job-file: anon-da-node-dev.hcl - health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}" - nomad-cacert: operations/admin-ui-ca.crt - nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }} - nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} - consul-cacert: operations/admin-ui-ca.crt - consul-http-token: ${{ secrets.CONSUL_HTTP_TOKEN_ATOR_NETWORK_DEPLOY }} - consul-addr: ${{ secrets.CONSUL_DEPLOY_ADDR }} diff --git a/.github/workflows/live-build-and-deploy.yml b/.github/workflows/live-build-and-deploy.yml new file mode 100644 index 0000000000..2ff3bf6402 --- /dev/null +++ b/.github/workflows/live-build-and-deploy.yml @@ -0,0 +1,73 @@ +name: Live Build Image and Deploy + +on: + push: + tags: + - 'v*.*.*.*' + workflow_dispatch: + +env: + image-name: ghcr.io/ator-development/ator-protocol + image-tag: ${{ github.ref_name }} + da-1-hc-url: http://49.13.145.234:9230/tor/status-vote/current/consensus + da-2-hc-url: http://5.161.108.187:9230/tor/status-vote/current/consensus + da-3-hc-url: http://5.78.90.106:9230/tor/status-vote/current/consensus + +jobs: + build-and-push: + runs-on: ${{ matrix.platform.runs-on }} + strategy: + matrix: + platform: + - name: linux/amd64 + image-suffix: amd64 + runs-on: ubuntu-latest + - name: linux/arm64 + image-suffix: arm64 + runs-on: arm64 + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Build and push + uses: ./.github/actions/build-and-push + with: + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ${{ env.image-name }}-${{ matrix.platform.image-suffix }} + docker-tag: ${{ env.image-tag }} + docker-platform: ${{ matrix.platform.name }} + version: ${{ github.sha }} + environment: live + event-name: ${{ github.event_name }} + + multiarch-push: + runs-on: ubuntu-latest + needs: build-and-push + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Multiarch push + uses: ./.github/actions/multiarch-push + with: + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ${{ env.image-name }} + docker-tag: ${{ env.image-tag }} + event-name: ${{ github.event_name }} + + deploy: + needs: multiarch-push + runs-on: ubuntu-latest + steps: + - name: Deploy new version + uses: ./.github/actions/deploy + with: + image-tag: ${{ env.image-tag }} + nomad-job-file: anon-da-node-live.hcl + health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}" + nomad-cacert: operations/admin-ui-ca.crt + nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }} + nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} + consul-cacert: operations/admin-ui-ca.crt + consul-http-token: ${{ secrets.CONSUL_HTTP_TOKEN_ATOR_NETWORK_DEPLOY }} + consul-addr: ${{ secrets.CONSUL_DEPLOY_ADDR }} diff --git a/.github/workflows/live-build-and-push.yml b/.github/workflows/live-build-and-push.yml deleted file mode 100644 index 92abfac8d7..0000000000 --- a/.github/workflows/live-build-and-push.yml +++ /dev/null @@ -1,62 +0,0 @@ -name: Live Build and Push Docker Images - -on: - push: - tags: - - 'v*.*.*.*' - workflow_dispatch: - -env: - image-tag: ${{ github.ref_name }} - -jobs: - build-and-push: - runs-on: ${{ matrix.platform.runs-on }} - strategy: - matrix: - platform: - - name: linux/amd64 - image-suffix: amd64 - runs-on: ubuntu-latest - - name: linux/arm64 - image-suffix: arm64 - runs-on: arm64 - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Build and push - uses: ./.github/actions/build-and-push - with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_LIVE }}-${{ matrix.platform.image-suffix }} - docker-tag: ${{ env.image-tag }} - docker-platform: ${{ matrix.platform.name }} - version: ${{ github.sha }} - environment: live - event-name: ${{ github.event_name }} - - multiarch-push: - runs-on: arm64 - needs: build-and-push - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Multiarch push - uses: ./.github/actions/multiarch-push - with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_LIVE }} - docker-tag: ${{ env.image-tag }} - event-name: ${{ github.event_name }} - - deploy: - needs: multiarch-push - runs-on: ubuntu-latest - steps: - - name: Invoke workflow without inputs - uses: benc-uk/workflow-dispatch@v1 - with: - workflow: Live Deploy - ref: ${{ github.ref_name }} diff --git a/.github/workflows/live-deploy.yml b/.github/workflows/live-deploy.yml deleted file mode 100644 index acc4e8fb28..0000000000 --- a/.github/workflows/live-deploy.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: Live Deploy - -on: - workflow_dispatch: - workflow_call: - -env: - image-name: ${{ secrets.DOCKER_BASE_REPO_LIVE }} - image-tag: ${{ github.event_name == 'workflow_call' && github.ref_name || 'latest' }} - da-1-hc-url: http://49.13.145.234:9230/tor/status-vote/current/consensus - da-2-hc-url: http://5.161.108.187:9230/tor/status-vote/current/consensus - da-3-hc-url: http://5.78.90.106:9230/tor/status-vote/current/consensus - -jobs: - push: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Deploy new version - uses: ./.github/actions/deploy - with: - image-tag: ${{ env.image-tag }} - nomad-job-file: anon-da-node-live.hcl - health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}" - nomad-cacert: operations/admin-ui-ca.crt - nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }} - nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} - consul-cacert: operations/admin-ui-ca.crt - consul-http-token: ${{ secrets.CONSUL_HTTP_TOKEN_ATOR_NETWORK_DEPLOY }} - consul-addr: ${{ secrets.CONSUL_DEPLOY_ADDR }} diff --git a/.github/workflows/stage-build-and-deploy.yml b/.github/workflows/stage-build-and-deploy.yml new file mode 100644 index 0000000000..4c80c5929d --- /dev/null +++ b/.github/workflows/stage-build-and-deploy.yml @@ -0,0 +1,73 @@ +name: Stage Build Image and Deploy + +on: + push: + branches: + - main + workflow_dispatch: + +env: + image-name: ghcr.io/ator-development/ator-protocol-stage + image-tag: ${{ github.sha }} + da-1-hc-url: http://49.13.145.234:9130/tor/status-vote/current/consensus + da-2-hc-url: http://5.161.108.187:9130/tor/status-vote/current/consensus + da-3-hc-url: http://5.78.90.106:9130/tor/status-vote/current/consensus + +jobs: + build-and-push: + runs-on: ${{ matrix.platform.runs-on }} + strategy: + matrix: + platform: + - name: linux/amd64 + image-suffix: amd64 + runs-on: ubuntu-latest + - name: linux/arm64 + image-suffix: arm64 + runs-on: arm64 + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Build and push + uses: ./.github/actions/build-and-push + with: + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ${{ env.image-name }}-${{ matrix.platform.image-suffix }} + docker-tag: ${{ env.image-tag }} + docker-platform: ${{ matrix.platform.name }} + version: ${{ github.sha }} + environment: stage + event-name: ${{ github.event_name }} + + multiarch-push: + runs-on: ubuntu-latest + needs: build-and-push + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Multiarch push + uses: ./.github/actions/multiarch-push + with: + docker-username: ${{ secrets.CR_USERNAME }} + docker-password: ${{ secrets.CR_PAT }} + docker-base-repo: ${{ env.image-name }} + docker-tag: ${{ env.image-tag }} + event-name: ${{ github.event_name }} + + deploy: + needs: multiarch-push + runs-on: ubuntu-latest + steps: + - name: Deploy new version + uses: ./.github/actions/deploy + with: + image-tag: ${{ env.image-tag }} + nomad-job-file: anon-da-node-stage.hcl + health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}" + nomad-cacert: operations/admin-ui-ca.crt + nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }} + nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} + consul-cacert: operations/admin-ui-ca.crt + consul-http-token: ${{ secrets.CONSUL_HTTP_TOKEN_ATOR_NETWORK_DEPLOY }} + consul-addr: ${{ secrets.CONSUL_DEPLOY_ADDR }} diff --git a/.github/workflows/stage-build-and-push.yml b/.github/workflows/stage-build-and-push.yml deleted file mode 100644 index 5f576a0650..0000000000 --- a/.github/workflows/stage-build-and-push.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: Stage Build and Push Docker Images - -on: - push: - branches: - - main - workflow_dispatch: - -env: - image-tag: ${{ github.sha }} - -jobs: - build-and-push: - runs-on: ${{ matrix.platform.runs-on }} - strategy: - matrix: - platform: - - name: linux/amd64 - image-suffix: amd64 - runs-on: ubuntu-latest - - name: linux/arm64 - image-suffix: arm64 - runs-on: arm64 - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Build and push - uses: ./.github/actions/build-and-push - with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_STAGE }}-${{ matrix.platform.image-suffix }} - docker-tag: ${{ env.image-tag }} - docker-platform: ${{ matrix.platform.name }} - version: ${{ github.sha }} - environment: stage - event-name: ${{ github.event_name }} - - multiarch-push: - runs-on: arm64 - needs: build-and-push - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Multiarch push - uses: ./.github/actions/multiarch-push - with: - docker-username: ${{ secrets.DOCKER_USERNAME }} - docker-password: ${{ secrets.DOCKER_PASSWORD }} - docker-base-repo: ${{ secrets.DOCKER_BASE_REPO_STAGE }} - docker-tag: ${{ env.image-tag }} - event-name: ${{ github.event_name }} - deploy: - needs: multiarch-push - runs-on: ubuntu-latest - steps: - - name: Invoke workflow without inputs - uses: benc-uk/workflow-dispatch@v1 - with: - workflow: Stage Deploy - ref: refs/heads/main diff --git a/.github/workflows/stage-deploy.yml b/.github/workflows/stage-deploy.yml index 79ccab4ac0..15460129e5 100644 --- a/.github/workflows/stage-deploy.yml +++ b/.github/workflows/stage-deploy.yml @@ -5,7 +5,7 @@ on: workflow_call: env: - image-name: ${{ secrets.DOCKER_BASE_REPO_STAGE }} + image-name: ghcr.io/ator-development/ator-protocol-stage image-tag: ${{ github.event_name == 'workflow_call' && 'latest' || github.sha }} da-1-hc-url: http://49.13.145.234:9130/tor/status-vote/current/consensus da-2-hc-url: http://5.161.108.187:9130/tor/status-vote/current/consensus diff --git a/operations/anon-da-node-dev.hcl b/operations/anon-da-node-dev.hcl index 948a533769..931c3547db 100644 --- a/operations/anon-da-node-dev.hcl +++ b/operations/anon-da-node-dev.hcl @@ -57,7 +57,7 @@ job "ator-dir-auth-dev" { } config { - image = "svforte/anon-dev:PLACEIMAGETAGHERE" + image = "ghcr.io/ator-development/ator-protocol-dev:PLACEIMAGETAGHERE" ports = ["orport", "dirport"] volumes = [ "local/anonrc:/etc/anon/anonrc", @@ -129,6 +129,8 @@ job "ator-dir-auth-dev" { User anond DataDirectory /var/lib/anon +AgreeToTerms 1 + AuthoritativeDirectory 1 V3AuthoritativeDirectory 1 diff --git a/operations/anon-da-node-live.hcl b/operations/anon-da-node-live.hcl index 635398de57..b663dd9053 100644 --- a/operations/anon-da-node-live.hcl +++ b/operations/anon-da-node-live.hcl @@ -72,7 +72,7 @@ job "ator-dir-auth-live" { } config { - image = "svforte/anon:PLACEIMAGETAGHERE" + image = "ghcr.io/ator-development/ator-protocol:PLACEIMAGETAGHERE" ports = ["orport", "dirport"] volumes = [ "local/anonrc:/etc/anon/anonrc", @@ -146,6 +146,8 @@ job "ator-dir-auth-live" { User anond DataDirectory /var/lib/anon +AgreeToTerms 1 + AuthoritativeDirectory 1 V3AuthoritativeDirectory 1 diff --git a/operations/anon-da-node-stage.hcl b/operations/anon-da-node-stage.hcl index 0190b7b01f..35772c2809 100644 --- a/operations/anon-da-node-stage.hcl +++ b/operations/anon-da-node-stage.hcl @@ -60,7 +60,7 @@ job "ator-dir-auth-stage" { } config { - image = "svforte/anon-stage:PLACEIMAGETAGHERE" + image = "ghcr.io/ator-development/ator-protocol-stage:PLACEIMAGETAGHERE" ports = ["orport", "dirport"] volumes = [ "local/anonrc:/etc/anon/anonrc", @@ -134,6 +134,8 @@ job "ator-dir-auth-stage" { User anond DataDirectory /var/lib/anon +AgreeToTerms 1 + AuthoritativeDirectory 1 V3AuthoritativeDirectory 1 diff --git a/operations/anon-debian-repo.hcl b/operations/anon-debian-repo.hcl index 30b5b68e11..325557e1c4 100644 --- a/operations/anon-debian-repo.hcl +++ b/operations/anon-debian-repo.hcl @@ -120,7 +120,7 @@ server { driver = "docker" config { - image = "svforte/package-exporter:v0.0.3" + image = "ghcr.io/ator-development/package-exporter:v0.0.4" ports = ["exporter-http"] volumes = [ "local/exporter.yml:/app/config.yml:ro", diff --git a/operations/ator-da-node-dev.hcl b/operations/ator-da-node-dev.hcl deleted file mode 100644 index 5f83ba8a65..0000000000 --- a/operations/ator-da-node-dev.hcl +++ /dev/null @@ -1,190 +0,0 @@ -job "ator-dir-auth-dev" { - datacenters = ["ator-fin"] - type = "service" - namespace = "ator-network" - - group "dir-auth-dev-group" { - count = 3 - - spread { - attribute = "${node.unique.id}" - weight = 100 - target "067a42a8-d8fe-8b19-5851-43079e0eabb4" { - percent = 34 - } - target "16be0723-edc1-83c4-6c02-193d96ec308a" { - percent = 33 - } - target "e6e0baed-8402-fd5c-7a15-8dd49e7b60d9" { - percent = 33 - } - } - - network { - port "orport" { - static = 9001 - } - port "dirport" { - static = 9030 - } - - } - - volume "dir-auth-dev" { - type = "host" - read_only = false - source = "dir-auth-dev" - } - - task "dir-auth-dev-task" { - driver = "docker" - - volume_mount { - volume = "dir-auth-dev" - destination = "/var/lib/tor/" - read_only = false - } - - config { - image = "svforte/anon-dev:PLACEIMAGETAGHERE" - ports = ["orport", "dirport"] - volumes = [ - "local/torrc:/etc/tor/torrc", - "secrets/tor/keys:/var/lib/tor/keys" - ] - } - - vault { - policies = ["ator-network-read"] - } - - resources { - cpu = 256 - memory = 256 - } - - template { - change_mode = "noop" - data = "{{ key (env `node.unique.id` | printf `ator-network/dev/dir-auth-%s/authority_certificate`) }}" - destination = "secrets/tor/keys/authority_certificate" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{ .Data.data.authority_identity_key}}{{end}}" - destination = "secrets/tor/keys/authority_identity_key" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{.Data.data.authority_signing_key}}{{end}}" - destination = "secrets/tor/keys/authority_signing_key" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{ base64Decode .Data.data.ed25519_master_id_secret_key_base64}}{{end}}" - destination = "secrets/tor/keys/ed25519_master_id_secret_key" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{ base64Decode .Data.data.ed25519_signing_secret_key_base64}}{{end}}" - destination = "secrets/tor/keys/ed25519_signing_secret_key" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{ base64Decode .Data.data.secret_id_key_base64}}{{end}}" - destination = "secrets/tor/keys/secret_id_key" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{ base64Decode .Data.data.secret_onion_key_base64}}{{end}}" - destination = "secrets/tor/keys/secret_onion_key" - } - - template { - change_mode = "noop" - data = "{{ with secret (env `node.unique.id` | printf `kv/ator-network/dev/dir-auth-%s`) }}{{ base64Decode .Data.data.secret_onion_key_ntor_base64}}{{end}}" - destination = "secrets/tor/keys/secret_onion_key_ntor" - } - - template { - change_mode = "noop" - data = <