Migrate dev away from live

anyone-protocol · Aug 13, 2024 · bf49030 · bf49030
1 parent 8efee50
commit bf49030
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 41 deletions.
diff --git a/.github/workflows/dev-build-and-deploy.yml b/.github/workflows/dev-build-and-deploy.yml
@@ -9,9 +9,9 @@ on:
 env:
   image-name: ghcr.io/ator-development/ator-protocol-dev
   image-tag: ${{ github.sha }}
-  da-1-hc-url: http://49.13.145.234:9030/tor/status-vote/current/consensus
-  da-2-hc-url: http://5.161.108.187:9030/tor/status-vote/current/consensus
-  da-3-hc-url: http://5.78.90.106:9030/tor/status-vote/current/consensus
+  da-1-hc-url: http://88.99.219.105:9030/tor/status-vote/current/consensus
+  da-2-hc-url: http://176.9.29.53:9030/tor/status-vote/current/consensus
+  da-3-hc-url: http://95.216.32.105:9030/tor/status-vote/current/consensus
 
 jobs:
   build-and-push:

diff --git a/.github/workflows/live-build-and-deploy.yml b/.github/workflows/live-build-and-deploy.yml
@@ -12,6 +12,10 @@ env:
   da-1-hc-url: http://49.13.145.234:9230/tor/status-vote/current/consensus
   da-2-hc-url: http://5.161.108.187:9230/tor/status-vote/current/consensus
   da-3-hc-url: http://5.78.90.106:9230/tor/status-vote/current/consensus
+  da-4-hc-url: http://5.161.228.187:9230/tor/status-vote/current/consensus
+  da-5-hc-url: http://5.78.94.15:9230/tor/status-vote/current/consensus
+  da-6-hc-url: http://95.216.32.105:9230/tor/status-vote/current/consensus
+  da-7-hc-url: http://176.9.29.53:9230/tor/status-vote/current/consensus
 
 jobs:
   build-and-push:
@@ -66,7 +70,7 @@ jobs:
         with:
           image-tag: ${{ env.image-tag }}
           nomad-job-file: anon-da-node-live.hcl
-          health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}"
+          health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}|${{ env.da-4-hc-url }}|${{ env.da-5-hc-url }}|${{ env.da-6-hc-url }}|${{ env.da-7-hc-url }}"
           nomad-cacert: operations/admin-ui-ca.crt
           nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }}
           nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }}

diff --git a/.github/workflows/stage-build-and-deploy.yml b/.github/workflows/stage-build-and-deploy.yml
@@ -70,7 +70,7 @@ jobs:
         with:
           image-tag: ${{ env.image-tag }}
           nomad-job-file: anon-da-node-stage.hcl
-          health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}"
+          health-checks: "${{ env.da-1-hc-url }}|${{ env.da-2-hc-url }}|${{ env.da-3-hc-url }}|${{ env.da-4-hc-url }}|${{ env.da-5-hc-url }}|${{ env.da-6-hc-url }}|${{ env.da-7-hc-url }}"
           nomad-cacert: operations/admin-ui-ca.crt
           nomad-token: ${{ secrets.NOMAD_TOKEN_ATOR_NETWORK_DEPLOY }}
           nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }}

diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,7 @@
 # Operations
 /operations/da*
 /operations/stage-da*
+/operations/dev-da*
 # Editor droppings
 \#*\#
 .#*

diff --git a/operations/anon-da-node-dev.hcl b/operations/anon-da-node-dev.hcl
@@ -1,4 +1,4 @@
-job "ator-dir-auth-dev" {
+job "dir-auth-dev" {
   datacenters = ["ator-fin"]
   type = "service"
   namespace = "ator-network"
@@ -9,13 +9,13 @@ job "ator-dir-auth-dev" {
     spread {
       attribute = "${node.unique.id}"
       weight    = 100
-      target "067a42a8-d8fe-8b19-5851-43079e0eabb4" {
+      target "c8e55509-a756-0aa7-563b-9665aa4915ab" {
         percent = 34
       }
-      target "16be0723-edc1-83c4-6c02-193d96ec308a" {
+      target "c2adc610-6316-cd9d-c678-cda4b0080b52" {
         percent = 33
       }
-      target "e6e0baed-8402-fd5c-7a15-8dd49e7b60d9" {
+      target "4aa61f61-893a-baf4-541b-870e99ac4839" {
         percent = 33
       }
     }
@@ -183,7 +183,7 @@ V3BandwidthsFile /var/lib/sbws/v3bw/latest.v3bw
         port = "dirport"
         tags     = ["logging"]
         check {
-          name     = "dir auth alive"
+          name     = "dir-auth-dev-alive"
           type     = "tcp"
           interval = "10s"
           timeout  = "10s"

diff --git a/operations/run-gen-upload-cert.sh b/operations/run-gen-upload-cert.sh
@@ -1,9 +1,10 @@
 # Requirements:
 # access to: consul, vault
 # consul env: CONSUL_HTTP_ADDR, CONSUL_HTTP_TOKEN, CONSUL_CACERT
-
 # STAGE by default in scripts
 
+### -- STEP 1 ---
+
 ## LIVE
 # bash gencert.sh da1 49.13.145.234 ATORDAeucstage
 # bash gencert.sh da2 5.161.108.187 ATORDAusestage
@@ -14,16 +15,24 @@
 # bash gencert.sh da7 176.9.29.53 AnyoneFalLive
 
 ## STAGE
-bash gencert.sh stage-da1-dmz 88.99.219.105 AnyoneDmzStage
-bash gencert.sh stage-da2-fal 176.9.29.53 AnyoneFalStage
-bash gencert.sh stage-da3-hel 95.216.32.105 AnyoneHelStage
+# bash gencert.sh stage-da1-dmz 88.99.219.105 AnyoneDmzStage
+# bash gencert.sh stage-da2-fal 176.9.29.53 AnyoneFalStage
+# bash gencert.sh stage-da3-hel 95.216.32.105 AnyoneHelStage
+
+# bash gencert.sh stage-da2-fal-2 176.9.29.53 AnyoneFal2Stage
+# bash gencert.sh stage-da3-hel-2 95.216.32.105 AnyoneHel2Stage
+# bash gencert.sh stage-da2-fal-3 176.9.29.53 AnyoneFal3Stage
+# bash gencert.sh stage-da3-hel-3 95.216.32.105 AnyoneHel3Stage
 
-bash gencert.sh stage-da2-fal-2 176.9.29.53 AnyoneFal2Stage
-bash gencert.sh stage-da3-hel-2 95.216.32.105 AnyoneHel2Stage
-bash gencert.sh stage-da2-fal-3 176.9.29.53 AnyoneFal3Stage
-bash gencert.sh stage-da3-hel-3 95.216.32.105 AnyoneHel3Stage
+## DEV
+bash gencert.sh dev-da1-dmz 88.99.219.105 AnyoneDmzDev
+bash gencert.sh dev-da2-fal 176.9.29.53 AnyoneFalDev
+bash gencert.sh dev-da3-hel 95.216.32.105 AnyoneHelDev
 
+
+### -- STEP 2 ---
 # Check/update script for phase
+
 ## LIVE
 # bash uploadcert.sh da1 067a42a8-d8fe-8b19-5851-43079e0eabb4 49.13.145.234 ATORDAeucstage
 # bash uploadcert.sh da2 16be0723-edc1-83c4-6c02-193d96ec308a 5.161.108.187 ATORDAusestage
@@ -34,16 +43,23 @@ bash gencert.sh stage-da3-hel-3 95.216.32.105 AnyoneHel3Stage
 # bash uploadcert.sh da7 c2adc610-6316-cd9d-c678-cda4b0080b52 176.9.29.53 AnyoneFalLive
 
 ## STAGE
-bash uploadcert.sh stage-da1-dmz c8e55509-a756-0aa7-563b-9665aa4915ab-9101 88.99.219.105 AnyoneDmzStage
-bash uploadcert.sh stage-da2-fal c2adc610-6316-cd9d-c678-cda4b0080b52-9101 176.9.29.53 AnyoneFalLive
-bash uploadcert.sh stage-da3-hel 4aa61f61-893a-baf4-541b-870e99ac4839-9101 95.216.32.105 AnyoneHelLive
+# bash uploadcert.sh stage-da1-dmz c8e55509-a756-0aa7-563b-9665aa4915ab-9101 88.99.219.105 AnyoneDmzStage
+# bash uploadcert.sh stage-da2-fal c2adc610-6316-cd9d-c678-cda4b0080b52-9101 176.9.29.53 AnyoneFalStage
+# bash uploadcert.sh stage-da3-hel 4aa61f61-893a-baf4-541b-870e99ac4839-9101 95.216.32.105 AnyoneHelStage
 
-bash uploadcert.sh stage-da2-fal-2 c2adc610-6316-cd9d-c678-cda4b0080b52-9102 176.9.29.53 AnyoneFal2Live
-bash uploadcert.sh stage-da3-hel-2 4aa61f61-893a-baf4-541b-870e99ac4839-9102 95.216.32.105 AnyoneHel2Live
-bash uploadcert.sh stage-da2-fal-3 c2adc610-6316-cd9d-c678-cda4b0080b52-9103 176.9.29.53 AnyoneFal3Live
-bash uploadcert.sh stage-da3-hel-3 4aa61f61-893a-baf4-541b-870e99ac4839-9103 95.216.32.105 AnyoneHel3Live
+# bash uploadcert.sh stage-da2-fal-2 c2adc610-6316-cd9d-c678-cda4b0080b52-9102 176.9.29.53 AnyoneFal2Stage
+# bash uploadcert.sh stage-da3-hel-2 4aa61f61-893a-baf4-541b-870e99ac4839-9102 95.216.32.105 AnyoneHel2Stage
+# bash uploadcert.sh stage-da2-fal-3 c2adc610-6316-cd9d-c678-cda4b0080b52-9103 176.9.29.53 AnyoneFal3Stage
+# bash uploadcert.sh stage-da3-hel-3 4aa61f61-893a-baf4-541b-870e99ac4839-9103 95.216.32.105 AnyoneHel3Stage
 
-# mind the phase.... and by default only checks curl output
+## DEV
+bash uploadcert.sh dev-da1-dmz c8e55509-a756-0aa7-563b-9665aa4915ab 88.99.219.105 AnyoneDmzDev
+bash uploadcert.sh dev-da2-fal c2adc610-6316-cd9d-c678-cda4b0080b52 176.9.29.53 AnyoneFalDev
+bash uploadcert.sh dev-da3-hel 4aa61f61-893a-baf4-541b-870e99ac4839 95.216.32.105 AnyoneHelDev
+
+
+### -- STEP 3 ---
+# mind the phase....
 # Move DA folders and script to server, login, run script
 
 ## LIVE
@@ -56,11 +72,16 @@ bash uploadcert.sh stage-da3-hel-3 4aa61f61-893a-baf4-541b-870e99ac4839-9103 95.
 # bash uploadsecrets.sh da7 c2adc610-6316-cd9d-c678-cda4b0080b52
 
 ## STAGE
-bash uploadsecrets.sh stage-da1-dmz c8e55509-a756-0aa7-563b-9665aa4915ab-9101
-bash uploadsecrets.sh stage-da2-fal c2adc610-6316-cd9d-c678-cda4b0080b52-9101
-bash uploadsecrets.sh stage-da3-hel 4aa61f61-893a-baf4-541b-870e99ac4839-9101
-
-bash uploadsecrets.sh stage-da2-fal-2 c2adc610-6316-cd9d-c678-cda4b0080b52-9102
-bash uploadsecrets.sh stage-da3-hel-2 4aa61f61-893a-baf4-541b-870e99ac4839-9102
-bash uploadsecrets.sh stage-da2-fal-3 c2adc610-6316-cd9d-c678-cda4b0080b52-9103
-bash uploadsecrets.sh stage-da3-hel-3 4aa61f61-893a-baf4-541b-870e99ac4839-9103
+# bash uploadsecrets.sh stage-da1-dmz c8e55509-a756-0aa7-563b-9665aa4915ab-9101
+# bash uploadsecrets.sh stage-da2-fal c2adc610-6316-cd9d-c678-cda4b0080b52-9101
+# bash uploadsecrets.sh stage-da3-hel 4aa61f61-893a-baf4-541b-870e99ac4839-9101
+
+# bash uploadsecrets.sh stage-da2-fal-2 c2adc610-6316-cd9d-c678-cda4b0080b52-9102
+# bash uploadsecrets.sh stage-da3-hel-2 4aa61f61-893a-baf4-541b-870e99ac4839-9102
+# bash uploadsecrets.sh stage-da2-fal-3 c2adc610-6316-cd9d-c678-cda4b0080b52-9103
+# bash uploadsecrets.sh stage-da3-hel-3 4aa61f61-893a-baf4-541b-870e99ac4839-9103
+
+## DEV
+bash uploadsecrets.sh dev-da1-dmz c8e55509-a756-0aa7-563b-9665aa4915ab
+bash uploadsecrets.sh dev-da2-fal c2adc610-6316-cd9d-c678-cda4b0080b52
+bash uploadsecrets.sh dev-da3-hel 4aa61f61-893a-baf4-541b-870e99ac4839
diff --git a/operations/uploadcert.sh b/operations/uploadcert.sh
@@ -1,10 +1,10 @@
 #arguments folder node-id ip nickname
 
-consul kv put ator-network/stage/dir-auth-$2/authority_certificate "$(cat $1/tor-data/keys/authority_certificate)"
-consul kv put ator-network/stage/dir-auth-$2/ed25519_master_id_public_key_base64 "$(base64 -w 0 $1/tor-data/keys/ed25519_master_id_public_key)"
-consul kv put ator-network/stage/dir-auth-$2/ed25519_signing_cert_base64 "$(base64 -w 0 $1/tor-data/keys/ed25519_signing_cert)"
-consul kv put ator-network/stage/dir-auth-$2/fingerprint "$(cat $1/tor-data/fingerprint)"
-consul kv put ator-network/stage/dir-auth-$2/fingerprint-ed25519 "$(cat $1/tor-data/fingerprint-ed25519)"
-consul kv put ator-network/stage/dir-auth-$2/nickname "$4"
-consul kv put ator-network/stage/dir-auth-$2/public_ipv4 "$3"
+consul kv put ator-network/dev/dir-auth-$2/authority_certificate "$(cat $1/tor-data/keys/authority_certificate)"
+consul kv put ator-network/dev/dir-auth-$2/ed25519_master_id_public_key_base64 "$(base64 -w 0 $1/tor-data/keys/ed25519_master_id_public_key)"
+consul kv put ator-network/dev/dir-auth-$2/ed25519_signing_cert_base64 "$(base64 -w 0 $1/tor-data/keys/ed25519_signing_cert)"
+consul kv put ator-network/dev/dir-auth-$2/fingerprint "$(cat $1/tor-data/fingerprint)"
+consul kv put ator-network/dev/dir-auth-$2/fingerprint-ed25519 "$(cat $1/tor-data/fingerprint-ed25519)"
+consul kv put ator-network/dev/dir-auth-$2/nickname "$4"
+consul kv put ator-network/dev/dir-auth-$2/public_ipv4 "$3"