cerc-io/laconicd-stack
13
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Update scripts and playbooks to sign gentx on a separate machine for subsequent validators

Browse Source
This commit is contained in:
Shreerang Kale 2025-06-09 16:31:27 +05:30
parent 8ba63b438e
commit d6bd1731bb
6 changed files with 198 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
docs/run-first-validator.md
View File

@ -47,9 +47,9 @@
- Get the public key of your node:
```bash
docker run -it \
-v ./$MAINNET_DEPLOYMENT_DIR/data/laconicd-data:/root/.laconicd \
cerc/laconicd:local bash -c "laconicd tendermint show-validator"
docker run -it \
-v $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data:/root/.laconicd \
cerc/laconicd:local bash -c "laconicd tendermint show-validator"
```
NOTE: This public key is required in next step to generate the genesis file
@ -140,14 +140,6 @@
echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
```
- Remove the validator key from node deployment as it is no longer required
```bash
rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
```
NOTE: Store it safely offline in case of an emergency
## Export testnet state
- Run the following steps in machine where the testnet node is running
@ -237,7 +229,7 @@
validator_pub_key: '<public-key-of-your-node>'
```
- Run playbook to use exported state for generating mainnet genesis:
- Run playbook to use exported state for generating mainnet genesis file with gentx:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH" -e "early_supports_acc_address=$EARLY_SUPPORTS_ACC_ADDR"
@ -252,6 +244,16 @@
ls -l output
```
- Remove the validator key from node deployment as it is no longer required:
- Run the following command in the machine where the validator node is setup
```bash
rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
```
NOTE: Store it safely offline in case of an emergency
## Run node
- Copy the genesis file to the mainnet deployment tmp directory:

79
docs/run-validator.md
View File

@ -7,6 +7,8 @@
## Setup Node
- Run the following steps in the machine where the validator node is to be setup
- Get your private key from testnet deployment:
```bash
@ -81,6 +83,7 @@
```
- Update the TMKMS configuration file `$TMKMS_HOME/tmkms.toml`:
```toml
[[chain]]
id = "laconic-mainnet"
@ -111,23 +114,25 @@
- Place the validator key file in TMKMS config directory at `$TMKMS_HOME/secrets/`
- Import the private validator key into tmkms:
```bash
tmkms softsign import $TMKMS_HOME/secrets/priv_validator_key.json $TMKMS_HOME/secrets/priv_validator_key
```
- Remove the JSON key file
```bash
rm $TMKMS_HOME/secrets/priv_validator_key.json
```
- Start TMKMS:
```bash
tmkms start --config $TMKMS_HOME/tmkms.toml
```
- Enable TMKMS in the laconicd node configuration:
```bash
# Set TMKMS_ENABLED to true in the node's config.env
echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
@ -136,26 +141,59 @@
## Start Node
- Start the laconicd node:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
```
- Check logs to ensure that node is running:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
```
- Get the public key of your node:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd tendermint show-validator"
```
NOTE: This public key is required in next step to create validator
## Create Validator
- Run these steps in a secure machine separate from the one where the node is setup
- Fetch the stack:
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
This command clones the entire repository into the `~/cerc` folder, which includes the genesis file published by the first validator.
- Copy the example variables file:
```bash
cp ~/cerc/laconicd-stack/playbooks/validator/validator-vars.example.yml ~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml
```
- Update `~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml` with required values:
```bash
# Same moniker as set above
cerc_moniker: "<your-moniker>"
# Use the public key exported in previous step (make sure to wrap it with single quotes [''])
validator_pub_key: '<public-key-of-your-node>'
# Set the public IP address of the machine where your node is running
node_url: "tcp://NODE_PUBLIC_IP_ADDRESS:26657"
```
- Export required env vars:
```bash
# Use the private key of the existing account that was exported in previous steps
export PVT_KEY=<private-key-in-hex-format>
# desired key name
export KEY_NAME=<key-name>
export DATA_DIRECTORY=<data-directory>
export MAINNET_DEPLOYMENT_DIR=<mainnet-deployment-dir>
```
@ -166,18 +204,23 @@
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml
```
- Check the validator list:
- Input private key of the existing account that was exported in previous steps when prompted
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'
```
- Run the following commands in the machine where the validator node is setup
- If TMKMS has been configured, remove the validator key from node deployment as it is no longer required:
```bash
rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
```
- Check the validator list:
NOTE: Store it safely offline in case of an emergency
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'
```
- If TMKMS has been configured, remove the validator key from node deployment as it is no longer required:
```bash
rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
```
NOTE: Store it safely offline in case of an emergency
## Register Your Node

22
playbooks/first-validator/setup-first-validator.yml
View File

@ -16,13 +16,6 @@
Please export both DATA_DIRECTORY and MAINNET_DEPLOYMENT_DIR before running the playbook.
when: lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == ''
- name: Fail if required key files are not defined
fail:
msg: >-
Required key files are not defined.
Please set genesis_file and staking_amount_file in first-validator-vars.yml.
when: not genesis_file or not staking_amount_file
- name: Fetch laconicd stack
shell: laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
@ -56,3 +49,18 @@
MIN_GAS_PRICE: "{{ min_gas_price }}"
CERC_LOGLEVEL: "{{ cerc_loglevel }}"
mode: '0777'
- name: Initialize laconicd node
shell: |
docker run -i \
-v {{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
-v {{data_directory}}/{{ mainnet_deployment_dir }}/config/mainnet-laconicd:/scripts \
-e "CERC_MONIKER={{ cerc_moniker }}" \
-e "CERC_CHAIN_ID={{ cerc_chain_id }}" \
cerc/laconicd:local bash -c "/scripts/setup-laconicd.sh"
- name: Ensure tmp directory exists inside laconicd-data
file:
path: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp"
state: directory
mode: '0755'

99
playbooks/validator/create-validator.yml
View File

@ -1,11 +1,12 @@
---
- name: Create validator on running chain
hosts: localhost
vars_files:
- validator-vars.yml
vars:
data_directory: "{{ lookup('env', 'DATA_DIRECTORY') }}"
deployment_dir: "{{ lookup('env', 'MAINNET_DEPLOYMENT_DIR') }}"
key_name: "{{ lookup('env', 'KEY_NAME') }}"
pvt_key: "{{ lookup('env', 'PVT_KEY') }}"
mainnet_deployment_dir: "{{ lookup('env', 'MAINNET_DEPLOYMENT_DIR') }}"
spec_file: "{{data_directory}}/laconicd-validator-spec.yml"
tasks:
- name: Fail if DATA_DIRECTORY or MAINNET_DEPLOYMENT_DIR env vars are not set
fail:
@ -14,17 +15,97 @@
Please export both DATA_DIRECTORY and MAINNET_DEPLOYMENT_DIR before running the playbook.
when: lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == ''
- name: Fail if pvt_key is not set
- name: Fail if required key files are not defined
fail:
msg: >-
Neither private key (pvt_key) is set.
Please export PVT_KEY.
when: not pvt_key
Required key files are not defined.
Please set staking_amount_file in validator-vars.yml.
when: not staking_amount_file
- name: Fetch laconicd stack
shell: laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
- name: Setup required repositories
shell: >
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd
setup-repositories --git-ssh --pull
- name: Build container images
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd build-containers
- name: Create deployment spec file
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd deploy init --output {{ spec_file }}
- name: Create deployment from spec file
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd deploy create --spec-file {{ spec_file }} --deployment-dir {{data_directory}}/{{ mainnet_deployment_dir }}
- name: Create config.env
copy:
dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/config.env"
content: |
CERC_MONIKER: "{{ cerc_moniker }}"
CERC_CHAIN_ID: "{{ cerc_chain_id }}"
MIN_GAS_PRICE: "{{ min_gas_price }}"
CERC_LOGLEVEL: "{{ cerc_loglevel }}"
mode: '0777'
- name: Ensure tmp directory exists inside laconicd-data
file:
path: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp"
state: directory
mode: '0755'
- name: Copy staking amount file to laconicd-data tmp directory
copy:
src: "{{ staking_amount_file }}"
dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/staking-amount.json"
mode: '0644'
- name: Prompt for validator private key
vars:
private_key_prompt: "Please enter your validator private key: "
pause:
prompt: "{{ private_key_prompt }}"
echo: no
register: private_key_input
- name: Fail if private key is not provided
fail:
msg: "Private key is required for creating the gentx."
when: private_key_input.user_input | default('') | trim == ''
- name: Import private key in laconicd
shell: |
laconic-so deployment --dir {{ data_directory }}/{{ deployment_dir }} exec laconicd "laconicd keys import-hex {{ key_name }} {{ pvt_key }} --keyring-backend test"
docker run -i \
-v {{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
--network=host \
cerc/laconicd:local \
laconicd keys import-hex {{ key_name }} {{ private_key_input.user_input }} --keyring-backend test \
- name: Get the key information
shell: |
docker run -i \
-v {{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
--network=host \
cerc/laconicd:local \
laconicd keys show {{ key_name }} --keyring-backend test
register: key_info
- name: Run create-validator script
shell: |
laconic-so deployment --dir {{ data_directory }}/{{ deployment_dir }} exec laconicd "KEY_NAME={{ key_name }} /scripts/create-validator.sh"
docker run -i \
-v {{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
-v {{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/staking-amount.json:/scripts/staking-amount.json \
-v ~/cerc/laconicd-stack/stack-orchestrator/config/mainnet-laconicd/create-validator.sh:/scripts/create-validator.sh \
-e "KEY_NAME={{ key_name }}" \
-e "NODE_URL={{ node_url }}" \
-e "CERC_MONIKER={{ cerc_moniker }}" \
-e "CERC_CHAIN_ID={{ cerc_chain_id }}" \
-e "MIN_GAS_PRICE={{ min_gas_price }}" \
-e "VALIDATOR_PUB_KEY={{ validator_pub_key | to_json }}" \
--network=host \
cerc/laconicd:local \
sh -c "/scripts/create-validator.sh"

7
playbooks/validator/validator-vars.example.yml
View File

@ -1,7 +1,10 @@
node_url: ""
validator_pub_key: ''
cerc_moniker: ""
cerc_peers: ""
cerc_chain_id: "laconic-mainnet"
min_gas_price: 0.001
cerc_loglevel: "info"
genesis_file: "~/cerc/laconicd-stack/config/mainnet-genesis.json"
staking_amount_file: "~/cerc/laconicd-stack/config/staking-amount.json"
cerc_moniker: ""
cerc_peers: ""
key_name: "laconic-validator"

15
stack-orchestrator/config/mainnet-laconicd/create-validator.sh
View File

@ -12,7 +12,7 @@ if [ ! -f "$staking_amount_file" ]; then
exit 1
fi
if [-z "$KEY_NAME" ]; then
if [ -z "$KEY_NAME" ]; then
echo "KEY_NAME environment variable not set, exiting..."
exit 1
fi
@ -22,6 +22,16 @@ if [ -z "$CERC_MONIKER" ]; then
exit 1
fi
if [ -z "$NODE_URL" ]; then
echo "NODE_URL environment variable not set, exiting..."
exit 1
fi
if [ -z "$VALIDATOR_PUB_KEY" ]; then
echo "VALIDATOR_PUB_KEY environment variable not set, exiting..."
exit 1
fi
# Set staking amount
stake_amount=$(jq -r '.common_staking_amount' "$staking_amount_file")
@ -29,7 +39,7 @@ stake_amount=$(jq -r '.common_staking_amount' "$staking_amount_file")
validator_json="$NODE_HOME/tmp/validator.json"
cat > "$validator_json" << EOF
{
"pubkey": $(laconicd tendermint show-validator),
"pubkey": $VALIDATOR_PUB_KEY,
"amount": "${stake_amount}${DENOM}",
"moniker": "${CERC_MONIKER}",
"commission-rate": "0.0",
@ -47,4 +57,5 @@ laconicd tx staking create-validator "$validator_json" \
--gas-prices $MIN_GAS_PRICE$DENOM \
--from $KEY_NAME \
--keyring-backend $KEYRING \
--node $NODE_URL \
--yes