feat: add hive

ethpandaops · Dec 12, 2024 · 135447f · 135447f
1 parent 6ff66e6
commit 135447f
Show file tree

Hide file tree

Showing 6 changed files with 258 additions and 1 deletion.
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -1,7 +1,7 @@
 [defaults]
 ansible_managed      = Ansible managed. Don't change this file manually. Template info: {{{{ (template_fullpath | replace(playbook_dir,'')) }}}}
 stdout_callback      = yaml
-inventory            = inventories/devnet-0/inventory.ini, inventories/devnet-0/hetzner_inventory.ini
+inventory            = inventories/devnet-0/inventory.ini, inventories/devnet-0/hetzner_inventory.ini, , inventories/devnet-0/hive_inventory.ini
 roles_path           = vendor/roles/:roles
 collections_path     = vendor/collections
 forks                = 50

diff --git a/ansible/inventories/devnet-0/group_vars/hive.yaml b/ansible/inventories/devnet-0/group_vars/hive.yaml
@@ -0,0 +1,59 @@
+# role: ethpandaops.general.hive
+hive_container_www_image: "docker.ethquokkaops.io/dh/library/nginx:1.27.3-alpine"
+hive_container_www_env:
+  VIRTUAL_PORT: "80"
+  VIRTUAL_HOST: "hive.{{ network_subdomain }}"
+  LETSENCRYPT_HOST: "hive.{{ network_subdomain }}"
+
+hive_repo_address: "https://github.com/ethereum/hive.git"
+hive_repo_version: "master"
+
+hive_simulations_client_config: []
+#  - client: go-ethereum
+#    nametag: prague-devnet-4
+#    dockerfile: git
+#    build_args:
+#      github: lightclient/go-ethereum
+#      tag: prague-devnet-4
+#  - client: nethermind
+#    nametag: prague-devnet-4
+#    dockerfile: git
+#    build_args:
+#      github: NethermindEth/nethermind
+#      tag: pectra_devnet_4
+#  - client: reth
+#    nametag: prague-devnet-4
+#    dockerfile: git
+#    build_args:
+#      github: paradigmxyz/reth
+#      tag: onbjerg/devnet-4
+#  - client: besu
+#    nametag: prague-devnet-4
+#    dockerfile: git
+#    build_args:
+#      github: hyperledger/besu
+#      tag: pectra-devnet-4
+#  - client: ethereumjs
+#    nametag: prague-devnet-4
+#    build_args:
+#      github: ethereumjs/ethereumjs-monorepo
+#      tag: 7702-devnet-4-plus-t8ntool
+#  - client: erigon
+#    nametag: prague-devnet-4
+#    dockerfile: git
+#    build_args:
+#      github: erigontech/erigon
+#      tag: pectra_e2
+
+hive_simulations_tests:
+  - simulator: ethereum/sync
+    clients:
+      - besu
+      - erigon
+      - ethereumjs
+      - go-ethereum
+      - nethermind
+      - nimbus-el
+      - reth
+    extra_flags:
+      - --client.checktimelimit=60s
diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml
@@ -32,6 +32,18 @@
     - role: ethpandaops.general.vector
       tags: [init-server, vector]
 
+- hosts: hive
+  become: true
+  roles:
+    - role: gantsign.golang
+      golang_gopath: '/data/workspace-go'
+      golang_version: '1.21.13'
+      tags: [golang]
+    - role: ethpandaops.general.hive
+      tags: [hive]
+    - role: ethpandaops.general.docker_nginx_proxy
+      tags: [docker_nginx_proxy]
+
 - hosts: bootnode
   become: true
   roles:

diff --git a/ansible/requirements.yaml b/ansible/requirements.yaml
@@ -9,6 +9,8 @@ roles:
     version: "3.0.3"
   - name: robertdebock.fail2ban
     version: "4.2.3"
+  - name: gantsign.golang
+    version: "3.4.0"
 
 collections:
   - name: ansible.posix

diff --git a/terraform/devnet-0/hive/ansible_inventory.tmpl b/terraform/devnet-0/hive/ansible_inventory.tmpl
@@ -0,0 +1,5 @@
+[all:vars]
+ethereum_network_name=${ethereum_network_name}
+
+[hive]
+${hostname} ansible_host=${ipv4} cloud=${cloud} cloud_region=${region}
diff --git a/terraform/devnet-0/hive/main.tf b/terraform/devnet-0/hive/main.tf
@@ -0,0 +1,179 @@
+////////////////////////////////////////////////////////////////////////////////////////
+//                            TERRAFORM PROVIDERS & BACKEND
+////////////////////////////////////////////////////////////////////////////////////////
+terraform {
+  required_providers {
+    digitalocean = {
+      source  = "digitalocean/digitalocean"
+      version = "~> 2.28"
+    }
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 3.0"
+    }
+  }
+}
+
+terraform {
+  backend "s3" {
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    endpoints                   = { s3 = "https://fra1.digitaloceanspaces.com" }
+    skip_requesting_account_id  = true
+    skip_s3_checksum            = true
+    region                      = "us-east-1"
+    bucket                      = "merge-testnets"
+    key                         = "infrastructure/devnet-0/hive/terraform.tfstate"
+  }
+}
+
+provider "digitalocean" {
+  http_retry_max = 20
+}
+
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+//                                        VARIABLES
+////////////////////////////////////////////////////////////////////////////////////////
+variable "cloudflare_api_token" {
+  type        = string
+  sensitive   = true
+  description = "Cloudflare API Token"
+}
+
+variable "ethereum_network" {
+  type    = string
+  default = "template-devnet-0"
+}
+
+variable "digitalocean_project_name" {
+  type    = string
+  default = "Public Testnets"
+}
+
+variable "digitalocean_ssh_key_name" {
+  type    = string
+  default = "shared-devops-eth2"
+}
+
+variable "digitalocean_region" {
+  type    = string
+  default = "ams3"
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+//                                  DIGITALOCEAN RESOURCES
+////////////////////////////////////////////////////////////////////////////////////////
+
+
+data "digitalocean_project" "main" {
+  name = var.digitalocean_project_name
+}
+
+data "digitalocean_ssh_key" "main" {
+  name = var.digitalocean_ssh_key_name
+}
+
+resource "digitalocean_droplet" "main" {
+  name        = "${var.ethereum_network}-hive-001"
+  region      = var.digitalocean_region
+  ssh_keys    = [data.digitalocean_ssh_key.main.fingerprint]
+  image       = "debian-12-x64"
+  size        = "c2-8vcpu-16gb"
+  resize_disk = true
+  monitoring  = true
+  backups     = false
+  ipv6        = true
+  tags = [
+    "Hive:${var.ethereum_network}"
+  ]
+}
+
+resource "digitalocean_project_resources" "droplets" {
+  project   = data.digitalocean_project.main.id
+  resources = [digitalocean_droplet.main.urn]
+}
+
+resource "digitalocean_firewall" "main" {
+  name = "${var.ethereum_network}-hive"
+  // Tags are used to select which droplets should
+  // be assigned to this firewall.
+  tags = [
+    "Hive:${var.ethereum_network}"
+  ]
+
+  // SSH
+  inbound_rule {
+    protocol         = "tcp"
+    port_range       = "22"
+    source_addresses = ["0.0.0.0/0", "::/0"]
+  }
+
+  // Nginx / Web
+  inbound_rule {
+    protocol         = "tcp"
+    port_range       = "80"
+    source_addresses = ["0.0.0.0/0", "::/0"]
+  }
+
+  inbound_rule {
+    protocol         = "tcp"
+    port_range       = "443"
+    source_addresses = ["0.0.0.0/0", "::/0"]
+  }
+
+  // Allow all outbound traffic
+  outbound_rule {
+    protocol              = "tcp"
+    port_range            = "1-65535"
+    destination_addresses = ["0.0.0.0/0", "::/0"]
+  }
+  outbound_rule {
+    protocol              = "udp"
+    port_range            = "1-65535"
+    destination_addresses = ["0.0.0.0/0", "::/0"]
+  }
+  outbound_rule {
+    protocol              = "icmp"
+    destination_addresses = ["0.0.0.0/0", "::/0"]
+  }
+  depends_on = [digitalocean_project_resources.droplets]
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+//                                   DNS NAMES
+////////////////////////////////////////////////////////////////////////////////////////
+
+data "cloudflare_zone" "default" {
+  name = "ethpandaops.io"
+}
+
+resource "cloudflare_record" "server_record_v4" {
+  zone_id = data.cloudflare_zone.default.id
+  name    = "hive.${var.ethereum_network}"
+  type    = "A"
+  value   = digitalocean_droplet.main.ipv4_address
+  proxied = false
+  ttl     = 120
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+//                          GENERATED FILES AND OUTPUTS
+////////////////////////////////////////////////////////////////////////////////////////
+
+resource "local_file" "ansible_inventory" {
+  depends_on = [digitalocean_droplet.main]
+  content = templatefile("ansible_inventory.tmpl",
+    {
+      ethereum_network_name = "${var.ethereum_network}"
+      hostname              = "${digitalocean_droplet.main.name}"
+      ipv4                  = "${digitalocean_droplet.main.ipv4_address}"
+      cloud                 = "digitalocean"
+      region                = "${var.digitalocean_region}"
+    }
+  )
+  filename = "../../../ansible/inventories/devnet-0/hive_inventory.ini"
+}