cerc-io/laconicd-stack
12
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: cerc-io:main
Branches Tags
cerc-io:main
cerc-io:sk-yubihsm
cerc-io:sk-pk-prompt-new
cerc-io:ng-use-calculated-staking-amount
cerc-io:ng-create-val
..
compare: cerc-io:sk-yubihsm
Branches Tags
cerc-io:main
cerc-io:sk-yubihsm
cerc-io:sk-pk-prompt-new
cerc-io:ng-use-calculated-staking-amount
cerc-io:ng-create-val

2 Commits
main ... sk-yubihsm

Author SHA1 Message Date
Shreerang Kale
0ba5d4cab3 Checkout to relevant branch while setting up tmkms stack 2025-06-12 18:40:57 +05:30
Shreerang Kale
1eaa237070 Add instructions to setup yubihsm 2025-06-12 18:34:04 +05:30
30 changed files with 335 additions and 1349 deletions
Show Stats Expand all files Collapse all files

3
.gitignore vendored
View File

@ -3,6 +3,3 @@
# Playbook vars
*-vars.yml
# Playbooks inventories
hosts.ini

18
README.md
View File

@ -4,24 +4,10 @@
- It allows you to export SAPO testnet state and start mainnet nodes
## Mainnet OPS
- To launch Laconic mainnet, follow these steps:
- **Export Testnet State and Prepare Token Distribution:** Begin by exporting SAPO testnet state and preparing requirements for mainnet chain as detailed in [export-testnet.md](docs/export-testnet.md)
- **Run the First Validator Node:** Set up and run the bootstrap validator node as detailed in [run-first-validator.md](docs/run-first-validator.md)
- **Run the First Validator Node:** Begin by setting up and running the initial validator node as detailed in [run-first-validator.md](docs/run-first-validator.md)
- **Deploy Cosmos Multisig App:** Integrate and run the Cosmos Multisig app using the playbook available at [cosmos-multisig-app playbook](./playbooks/cosmos-multisig-app/README.md)
- To migrate existing deployments from SAPO testnet to mainnet, refer to [update-deployments.md](docs/update-deployments.md)
## Join Mainnet
- **Run A Validator Node:** Follow steps in [run-validator.md](docs/run-validator.md) to run a mainnet validator node
- **Update Service Provider:** Follow steps in [update-service-provider.md](docs/update-service-provider.md) to migrate your service provider from SAPO testnet to mainnet
## Multisig App
- Usage guide is available at [multisig-usage.md](./playbooks/cosmos-multisig-app/multisig-usage.md)
- **Run Subsequent Validator Nodes:** Run subsequent validator nodes by following the instructions in [run-validator.md](docs/run-validator.md)

BIN
config/mainnet-genesis.json.zst
View File

Binary file not shown.

8
config/network.json
View File

@ -19,11 +19,6 @@
"coinDenom": "ALNT",
"coinMinimalDenom": "alnt",
"coinDecimals": 0
},
{
"coinDenom": "ALPS",
"coinMinimalDenom": "alps",
"coinDecimals": 0
}
],
"feeCurrencies": [
@ -44,6 +39,7 @@
"coinDecimals": 0
},
"features": [
"stargate"
"stargate",
"ibc-transfer"
]
}

3
config/staking-amount.json
View File

@ -1,3 +0,0 @@
{
"common_staking_amount": 900000000
}

24
docs/demo.md
View File

@ -9,8 +9,8 @@
```bash
cargo install tmkms --features=softsign --version=0.14.0
```
- Install `zstd` using `sudo apt install zstd` (Linux) or `brew install zstd` (macOS)
- testnet-state.zst ([exported testnet state](./run-first-validator.md#export-testnet-state))
- Install `zstd` using `sudo apt install zstd`
- testnet-state.zst ([exported testnet state](./run-first-validator.md#export-testnet-state))
- LPS distribution Google spreadsheet URL or CSV file path
## Steps
@ -20,7 +20,7 @@
- Fetch stack:
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --pull
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
- Generate LPS lockup distribution JSON file
@ -51,6 +51,9 @@
```bash
export EXPORTED_STATE_PATH=$CWD/testnet-state.json
export LPS_DISTRIBUTION_PATH=~/cerc/laconicd-stack/data/distribution.json
# Test address that does not exist on testnet chain
export EARLY_SUPPORTS_ACC_ADDR=laconic1gwytamfk3m5n0gsawh5vpwxkwd3vapmvzpp6nz
```
- Copy the example variables file:
@ -62,7 +65,7 @@
- Run playbook to use exported state for generating mainnet genesis:
```bash
ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH"
ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH" -e "early_supports_acc_address=$EARLY_SUPPORTS_ACC_ADDR"
```
- Genesis file will be generated in output directory along with a file specifying the staking amount
@ -96,7 +99,7 @@
cerc_moniker: "LaconicMainnet"
# Set desired key name
key_name: "laconic-validator"
cerc_chain_id: "laconic-mainnet"
min_gas_price: 0.001
cerc_loglevel: "info"
@ -150,7 +153,7 @@
```
- Import the private validator key into tmkms:
```bash
tmkms softsign import $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json $CWD/tmkms-first-node/secrets/priv_validator_key
```
@ -176,6 +179,9 @@
export CWD=$(pwd)
export DATA_DIRECTORY=$CWD
export MAINNET_DEPLOYMENT_DIR=mainnet-laconicd-deployment
# Test address that does not exist on testnet chain
export EARLY_SUPPORTS_ACC_ADDR=laconic1gwytamfk3m5n0gsawh5vpwxkwd3vapmvzpp6nz
```
- Enable TMKMS in the laconicd node configuration:
@ -209,7 +215,7 @@
# Check consensus_pubkey in output
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators -o json | jq .validators'
```
- Compare it with the pubkey noted from logs in TMKMS
- Check bonds list to confirm that testnet state was transferred properly:
@ -236,6 +242,8 @@
lockup_account_address=$(laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup -o json | jq -r .account.value.base_account.address')
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $lockup_account_address"
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $EARLY_SUPPORTS_ACC_ADDR"
```
- Copy the genesis file to [config](./config) folder:
@ -331,7 +339,7 @@
```
- Import the private validator key into tmkms:
```bash
tmkms softsign import $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json $CWD/tmkms-second-node/secrets/priv_validator_key
```

21
docs/domain-port-mappings.md
View File

@ -1,21 +0,0 @@
# Domains / Port Mappings
```bash
# Machine running the mainnet node should have following domain port mappings
https://laconicd-mainnet.laconic.com -> 26657
https://laconicd-mainnet.laconic.com/api -> 9473/api
https://laconicd-mainnet.laconic.com/console -> 9473/console
https://laconicd-mainnet.laconic.com/graphql -> 9473/graphql
Open p2p port:
26656
Open port for TMKMS:
26659
# Console app deployment already exists, point new domain to following port
https://console-mainnet.laconic.com -> 4001
# Cosmos Multisig App
https://multisig.laconic.com -> 7000
```

82
docs/export-testnet.md
View File

@ -1,82 +0,0 @@
# Export Testnet
## Prerequisites
- Machine where the SAPO testnet validator node is already running
- Install `zstd` using `sudo apt install zstd` (Linux) or `brew install zstd` (macOS)
- [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install)
- laconicd-stack
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
## Export testnet state
- Run the following steps in machine where the testnet node is already running (machine 1)
- Export the testnet deployment directory as environment variable:
```bash
export TESTNET_DEPLOYMENT_DIR=<absolute/path/to/testnet/deployment>
```
- Get your private key from testnet deployment (should be available if steps for joining SAPO testnet was followed previously):
```bash
laconic-so deployment --dir $TESTNET_DEPLOYMENT_DIR exec laconicd "laconicd keys export <key-name> --unarmored-hex --unsafe --keyring-backend test"
```
NOTE: Store this key securely as it is needed in later steps for signing bootstrap validator node gentx
- Stop the node for SAPO testnet:
```bash
laconic-so deployment --dir $TESTNET_DEPLOYMENT_DIR stop
```
- Run script to export state from testnet chain:
```bash
~/cerc/laconicd-stack/scripts/export-testnet-state.sh $TESTNET_DEPLOYMENT_DIR
```
- The compressed zst file will be generated at `$TESTNET_DEPLOYMENT_DIR/export/testnet-state.zst`
- The generated state file will be used in later steps for creating genesis.json file for mainnet
## Prepare LPS distribution JSON
- The following steps can be performed in any machine
- Fetch laconicd-stack
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
- Set envs:
```bash
# File path where LPS distribution JSON file will be created
export LPS_DISTRIBUTION_PATH=<absolute/path/to/distribution.json>
```
- Generate lockup distribution JSON file with LPS distribution Google spreadsheet URL or downloaded CSV file path
```bash
~/cerc/laconicd-stack/scripts/generate-lps-lock.sh -i "<lps-distribution-spreadsheet-url-or-csv-file-path>" -o $LPS_DISTRIBUTION_PATH
```
- This will generate the JSON file at `$LPS_DISTRIBUTION_PATH` which will be later required when creating genesis file
## Requirements for Mainnet Genesis
- Exported testnet state
- LPS distribution JSON
- Account address for early supports
- This account will be allocated 20% of total LPS tokens
- Private key of account which will sign gentx for the bootstrap validator node

265
docs/run-first-validator.md
View File

@ -2,30 +2,29 @@
## Prerequisites
- Machine 1: Where the TMKMS service is to be setup
- Machine 1: Where the SAPO testnet node is already running
- Install `zstd` using `sudo apt install zstd`
- Machine 2: Where the mainnet first validator node is to be setup
- Check [domain port mappings](./domain-port-mappings.md) to ensure that required domains are pointing to correct ports
- Machine 3: Where the genesis file is to be generated
- Install `zstd` using `sudo apt install zstd` (Linux) or `brew install zstd` (macOS)
- Install `zstd` using `sudo apt install zstd`
- [LSP distribution JSON](./export-testnet.md#prepare-lps-distribution-json)
- LPS distribution Google spreadsheet URL or CSV file path
- [Exported testnet state](./export-testnet.md#export-testnet-state)
- Machine 4: Where the TMKMS service is to be setup
- Following tools are required in all machines:
- [ansible](../playbooks/README.md#ansible-installation)
- [ansible](playbooks/README.md#ansible-installation)
- [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install)
- laconicd-stack
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --pull
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
## Build laconicd to generate genesis file
@ -38,7 +37,7 @@
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/build-laconicd.yml
```
## Setup bootstrap node deployment
## Setup node
- Run the following steps in the machine where the mainnet node is to be setup (machine 2)
@ -80,23 +79,31 @@
- Get the public key of your node:
```bash
docker run -it \
docker run -it \
-v $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data:/root/.laconicd \
cerc/laconicd:local bash -c "laconicd tendermint show-validator"
```
NOTE: This public key is required in [next step to generate the genesis file](#generate-mainnet-genesis-file)
- Copy over the `priv_validator_key.json` located at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json` to the machine where the TMKMS service is to be setup (machine 1)
- Copy over the `priv_validator_key.json` located at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json` to the machine where the TMKMS service is to be setup (machine 4)
## Setup TMKMS
- For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 4)
- Copy the example variables file:
```bash
# Example command to transfer file from machine 2 to machine 1 (run on machine 2)
scp -C $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json <user>@<machine-ip-address>:<absolute-path-to-desired-destination-directory>
cp ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.example.yml ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml
```
## Setup TMKMS deployment
- Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values:
- For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 1)
```yaml
# Set the mode of operation for TMKMS (e.g., "softsign", "yubihsm")
tmkms_mode: <tmkms-mode>
```
- Export the data directory and TMKMS deployment directory as environment variables:
@ -111,42 +118,70 @@
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
## Export testnet state
- Run the following steps in machine where the testnet node is already running (machine 1)
- Get your private key from testnet deployment:
```bash
laconic-so deployment --dir <testnet-deployment-dir> exec laconicd "laconicd keys export <key-name> --unarmored-hex --unsafe"
```
NOTE: Store this key securely as it is needed in later steps
- Stop the node for SAPO testnet:
```bash
laconic-so deployment --dir <testnet-deployment-dir> stop
```
- Run script to export state from testnet chain:
```bash
~/cerc/laconicd-stack/scripts/export-testnet-state.sh <absolute-path-to-testnet-deployment>
```
- The compressed zst file will be generated at `<absolute-path-to-testnet-deployment>/export/testnet-state.zst`
## Generate mainnet genesis file
- Run the following steps in machine where [the genesis file is to be generated (machine 3)](#build-laconicd-to-generate-genesis-file)
- Copy over compressed `testnet-state.zst` file to target machine
- Set envs:
```bash
# File path where exported testnet state JSON file will be created
export EXPORTED_STATE_PATH=<absolute/path/to/testnet-state.json>
# Path where exported testnet state JSON file will be created
export EXPORTED_STATE_PATH=<absolute-path-to-be-exported-testnet-state-json>
# File path where LPS distribution JSON file will be created
export LPS_DISTRIBUTION_PATH=<absolute/path/to/distribution.json>
# Path where LPS distribution JSON file will be created
export LPS_DISTRIBUTION_PATH=<absolute-path-to-be-generated-distribution-json>
# Parent directory where the deployment directory will be setup (required for generating genesis)
export EARLY_SUPPORTS_ACC_ADDR=<account-address-controlled-by-laconic-foundation>
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=
```
NOTE: Steps for creating LPS distribution JSON are in [export-testnet.md](./export-testnet.md#prepare-lps-distribution-json)
- Copy over the compressed `testnet-state.zst` file (from [export-testnet.md](./export-testnet.md#export-testnet-state)):
```bash
# Example command to transfer testnet state file
scp -C <user>@<machine-ip-address>:<absolute-path-to-testnet-deployment>/export/testnet-state.zst <absolute-path-to-compressed-file>
```
- Extract the testnet-state JSON file:
```bash
zstd -dc <absolute-path-to-compressed-file>/testnet-state.zst > $EXPORTED_STATE_PATH
zstd -dc <path-to-compressed-file>/testnet-state.zst > $EXPORTED_STATE_PATH
# Remove zst folder
rm -rf <absolute-path-to-compressed-file>/testnet-state.zst
rm -rf <path-to-compressed-file>/testnet-state.zst
```
- Generate LPS lockup distribution JSON file
```bash
~/cerc/laconicd-stack/scripts/generate-lps-lock.sh -i "<lps-distribution-spreadsheet-url-or-csv-file-path>" -o $LPS_DISTRIBUTION_PATH
```
- This will generate the `distribution.json` file at `$LPS_DISTRIBUTION_PATH`
- Copy the example variables file:
```bash
@ -155,28 +190,20 @@
- Edit `~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.yml` with required values:
NOTE: Use the public key exported in [previous steps](#setup-node)
NOTE: Use the public key exported in [previous step](#setup-node)
```bash
# Make sure to wrap it with single quotes ('')
validator_pub_key: '<public-key-of-your-node>'
```
- Change to the deployments directory
- Run playbook to use exported state for generating mainnet genesis file with gentx:
```bash
cd $DATA_DIRECTORY
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH" -e "early_supports_acc_address=$EARLY_SUPPORTS_ACC_ADDR"
```
- Run playbook for generating mainnet genesis file with gentx:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH"
```
- When prompted for private key, use key of the existing account that was exported in [export-testnet.md](./export-testnet.md#export-testnet-state)
- Private key should be of the account which will create the first validator bootstrap node
- Input private key of the existing account that was exported in previous steps when prompted
- Genesis file will be generated in output directory along with a file specifying the staking amount
@ -185,14 +212,11 @@
ls -l output
```
NOTE: Staking amount will be used by the playbooks to send create validator txs
## Start Mainnet
## Run node
### Start TMKMS
- Run these steps in the machine where [the TMKMS service is setup (machine 1)](#setup-tmkms-deployment)
- Run these steps in the machine where [the TMKMS service is setup (machine 4)](#setup-tmkms)
- Copy the example variables file:
@ -202,19 +226,35 @@
- Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values:
NOTE: Use the `priv_validator_key.json` file copied from the node setup machine (Machine 2) in [previous step](#setup-bootstrap-node-deployment)
NOTE: Use the `priv_validator_key.json` file copied from the node setup machine (Machine 2) in [previous step](#setup-node)
```yaml
# Absolute path to the node's private validator key file
priv_validator_key_file_path: "</path/to/priv_validator_key.json>"
# Set the IP address of the machine where the laconicd node is setup
node_ip: "laconicd-mainnet.laconic.com"
node_ip: "<NODE_PUBLIC_IP_ADDRESS>"
# Set the port of the laconicd node
node_port: "26659"
```
- If using `yubihsm` mode, run following command to setup the yubihsm:
**WARNING: THIS PROCESS PERFORMS A FACTORY RESET OF THE YUBIHSM, DELETING ALL EXISTING KEYS AND REPLACING THEM WITH NEW ONES. MAKE SURE YOU HAVE MADE BACKUPS OF IMPORTANT KEYS BEFORE PROCEEDING!!!**
```bash
# Use a strong password for YubiHSM
docker run -it --rm \
-v $DATA_DIRECTORY/tmkms-deployment/data/tmkms-data:/home/tmkmsuser/tmkms \
-v ~/cerc/tmkms-stack/stack-orchestrator/config/tmkms/setup-yubihsm.sh:/scripts/setup-yubihsm.sh \
-e "PASSWORD=<yubihsm-password>" \
-e "CHAIN_ID=laconic-mainnet" \
-e "NODE_IP=<NODE_PUBLIC_IP_ADDRESS>" \
-e "NODE_PORT=26659" \
cerc/tmkms:local bash -c "/scripts/setup-yubihsm.sh"
```
- Run ansible playbook to run the TMKMS:
```bash
@ -240,9 +280,9 @@
- Note the pubkey logged at start for comparing later with validator pubkey on chain
### Start laconicd node
### Start node
- Run the following steps in the machine where [the mainnet node is setup (machine 2)](#setup-bootstrap-node-deployment)
- Run the following steps in the machine where [the mainnet node is setup (machine 2)](#setup-node)
- Remove the validator key from node deployment as it is no longer required:
@ -252,11 +292,10 @@
rm -rf $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
```
- Copy the genesis file generated in [Generate mainnet genesis file section](#generate-mainnet-genesis-file) from machine 3 to the machine 2 mainnet deployment tmp directory:
- Copy the genesis file to the mainnet deployment tmp directory:
```bash
# Example command to transfer file from machine 3 to machine 2 (run on machine 3)
scp -C $DATA_DIRECTORY/output/genesis.json <user>@<machine-ip-address>:<absolute-path-to-deployments-directory>/mainnet-laconicd-deployment/data/laconicd-data/tmp/
cp <absolute-path-to-genesis-json> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/tmp/genesis.json
```
- Command to run node:
@ -271,8 +310,6 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
```
NOTE: The node takes a long time to start generating blocks `~30 seconds`
- Verify that validator and TMKMS pubkeys match:
- Get validator pubkey on chain
@ -302,72 +339,22 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup'
```
- Query the `lps_lockup` account balance:
- Query the `lps_lockup` and early supports accounts balances:
```bash
lockup_account_address=$(laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup -o json | jq -r .account.value.base_account.address')
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $lockup_account_address"
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $EARLY_SUPPORTS_ACC_ADDR"
```
## Publish required artifacts
- Run the following steps in machine where the genesis file and staking amount files were generated (machine 3)
- Copy the genesis file to [config](./config) folder:
```bash
cp $DATA_DIRECTORY/output/genesis.json ~/cerc/laconicd-stack/config/mainnet-genesis.json
```
- Copy the staking amount file to [config](./config) folder:
```bash
cp $DATA_DIRECTORY/output/staking-amount.json ~/cerc/laconicd-stack/config/staking-amount.json
```
- Check git status of the stack repo
```bash
cd ~/cerc/laconicd-stack
git status
```
The following files should show up with changes:
- config/mainnet-genesis.json
- config/staking-amount.json
- Create a PR (to this repo and to https://github.com/LaconicNetwork/mainnet/) with the genesis file and staking amount file so that it is available to other validators
- Run the following steps in machine where the mainnet node is running (machine 2)
- Get your node's address by running the following command:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@laconicd-mainnet.laconic.com:26656'
```
- Add your node's address to [node-addresses.yml](../node-addresses.yml)
- Update the file `~/cerc/laconicd-stack/node-addresses.yml` in machine where genesis file is generated (machine 3)
- Check git status of the stack repo
```bash
cd ~/cerc/laconicd-stack
git status
```
The `node-addresses.yml` file should show up with changes
- Submit a PR with the node address so that it is available to other validators
## Update config
- Run following steps to update the config for TMKMS and node
### TMKMS
- Run these steps in the machine where the TMKMS service is setup (machine 1)
- Run these steps in the machine where the TMKMS service is setup (machine 4)
- Stop the TMKMS deployment:
@ -401,50 +388,28 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
```
## Rebuild Images
## Publish required artifacts
- Follow these steps to rebuild the images for TMKMS and node in case of any code changes
- Run the following steps in machine where the genesis file and staking amount files are generated (machine 3)
### TMKMS
- Copy the genesis file to [config](./config) folder:
- Run these steps in the machine where the TMKMS service is setup (machine 1)
```bash
cp $DATA_DIRECTORY/output/genesis.json ~/cerc/laconicd-stack/config/mainnet-genesis.json
```
- Stop the TMKMS deployment:
- Copy the staking amount file to [config](./config) folder:
```bash
cp $DATA_DIRECTORY/output/staking-amount.json ~/cerc/laconicd-stack/config/staking-amount.json
```
- Get your node's address by running following command in the machine where the mainnet node is running (machine 2):
```bash
laconic-so deployment --dir $DATA_DIRECTORY/tmkms-deployment stop
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@YOUR_PUBLIC_IP_ADDRESS:26656'
```
- Run ansible playbook to rebuild the TMKMS image:
- Add your node's address to [node-addresses.yml](./node-addresses.yml)
```bash
BUILD_ONLY=true ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
- Start the TMKMS deployment:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml
```
### Node
- Run these steps in the machine where the mainnet node is setup (machine 2)
- Stop the node deployment:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR stop
```
- Run ansible playbook to rebuild the node image:
```bash
BUILD_ONLY=true ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/setup-first-validator.yml
```
- Start the node deployment:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
```
- Submit a PR with this genesis file, staking amount file and node address so that it is available to other validators

218
docs/run-validator.md
View File

@ -2,15 +2,7 @@
## Prerequisites
- [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install) is required in all machines listed below
- To fetch laconicd-stack:
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --pull
```
- Machine 1: Where your SAPO testnet node is already running
- Machine 1: Where the SAPO testnet node is already running
- Machine 2: Where the mainnet validator node is to be setup
@ -18,23 +10,29 @@
- [ansible](playbooks/README.md#ansible-installation)
- Install `zstd` using `sudo apt install zstd` (Linux) or `brew install zstd` (macOS)
- Machine 3: Where the create-validator transaction is to be signed
- laconicd-stack
- [ansible](playbooks/README.md#ansible-installation)
- Machine 4: Where the TMKMS service is to be setup (Optional)
- Machine 4: Where the TMKMS service is to be setup
- laconicd-stack
- [ansible](playbooks/README.md#ansible-installation)
- [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install) is required in all machines
- To fetch laconicd-stack:
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
## Stop SAPO testnet node
- Run the following steps in machine where your SAPO testnet validator node is already running (machine 1)
- Run the following steps in machine where the testnet node is already running (machine 1)
- Get your private key from testnet deployment:
@ -42,7 +40,7 @@
laconic-so deployment --dir <testnet-deployment-dir> exec laconicd "laconicd keys export <key-name> --unarmored-hex --unsafe"
```
NOTE: Store this key securely as it is needed in [later steps](#create-validator). It should be the private key of the account that was used to create validator in SAPO testnet.
NOTE: Store this key securely as it is needed in [later steps](#create-validator)
- Stop the node for SAPO testnet:
@ -60,26 +58,9 @@
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/build-laconicd.yml
```
## Setup TMKMS (Optional)
## Setup Node
- For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 4)
- Export the data directory as environment variable:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=
```
- Run ansible playbook to setup the TMKMS service:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
## Setup laconicd Node
- Run the following steps in the machine where the validator node is to be setup for mainnet (machine 2)
- Run the following steps in the machine where the validator node is to be setup (machine 2)
- Copy the example variables file:
@ -97,9 +78,8 @@
# You can find the list of available peers in https://git.vdb.to/cerc-io/laconicd-stack/src/branch/main/node-addresses.yml
cerc_peers: "<node-id>@<node-host>:26656,<node-id>@<node-host>:26656"
# Enable TMKMS (Set to true or false)
# NOTE: Enabling TMKMS is optional and can be set to `true` if you are following the optional steps to setup TMKMS
tmkms_enabled:
# Enable TMKMS
tmkms_enabled: true
```
- Export the data directory and mainnet deployment directory as environment variables:
@ -118,24 +98,11 @@
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml
```
- To get path to the deployment
- Copy over the `priv_validator_key.json` located at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json` to the machine from where the TMKMS service is to be setup (machine 4)
```bash
echo $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR
```
## Setup TMKMS
## Start Deployments
### Start TMKMS (Optional)
- Run the following steps in the machine where [the TMKMS service is setup (Machine 4)](#setup-tmkms)
- Copy over the `priv_validator_key.json` from the machine where [mainnet laconicd node was setup](#setup-laconicd-node) (machine 2) to a suitable place in the TMKMS machine (path to file needs to be specified in playbook vars in next step)
```bash
# Example command to transfer file from machine 2 (run on machine 2)
scp -C <user>@<machine-2-ip-address>:<path_to_laconicd_deployment_dir>/data/laconicd-data/config/priv_validator_key.json <absolute-path-to-desired-destination-directory>
```
- For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 4)
- Copy the example variables file:
@ -145,10 +112,43 @@
- Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values:
```yaml
# Set the mode of operation for TMKMS (e.g., "softsign", "yubihsm")
tmkms_mode: <tmkms-mode>
```
- Export the data directory as environment variable:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=
```
- Run ansible playbook to setup the TMKMS service:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
## Run Node
### Start TMKMS
- Run the following steps in the machine where [the TMKMS service is setup (Machine 4)](#setup-tmkms)
- Copy the example variables file:
```bash
cp ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.example.yml ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml
```
- Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values:
NOTE: Use the `priv_validator_key.json` file copied from the node setup machine (Machine 2) in [previous step](#setup-node)
```yaml
# Absolute path to the node's private validator key file
# Use the priv_validator_key.json file copied from the node setup machine (Machine 2) in previous step
priv_validator_key_file_path: "<absolute/path/to/priv_validator_key.json>"
priv_validator_key_file_path: "</path/to/priv_validator_key.json>"
# Set the IP address of the machine where the laconicd node is setup
node_ip: "<NODE_PUBLIC_IP_ADDRESS>"
@ -157,6 +157,22 @@
node_port: "26659"
```
- If using `yubihsm` mode, run following command to setup the yubihsm:
**WARNING: THIS PROCESS PERFORMS A FACTORY RESET OF THE YUBIHSM, DELETING ALL EXISTING KEYS AND REPLACING THEM WITH NEW ONES. MAKE SURE YOU HAVE MADE BACKUPS OF IMPORTANT KEYS BEFORE PROCEEDING!!!**
```bash
# Use a strong password for YubiHSM
docker run -it --rm \
-v $DATA_DIRECTORY/tmkms-deployment/data/tmkms-data:/home/tmkmsuser/tmkms \
-v ~/cerc/tmkms-stack/stack-orchestrator/config/tmkms/setup-yubihsm.sh:/scripts/setup-yubihsm.sh \
-e "PASSWORD=<yubihsm-password>" \
-e "CHAIN_ID=laconic-mainnet" \
-e "NODE_IP=<NODE_PUBLIC_IP_ADDRESS>" \
-e "NODE_PORT=26659" \
cerc/tmkms:local bash -c "/scripts/setup-yubihsm.sh"
```
- Run ansible playbook to run the TMKMS:
```bash
@ -182,9 +198,9 @@
- Note the pubkey logged at start for comparing later with validator pubkey on chain
### Start laconicd Node
### Start Node
- Run the following steps in the machine where [the laconicd node is setup (machine 2)](#setup-node)
- Run the following steps in the machine where [the validator node is setup (machine 2)](#setup-node)
- Start the laconicd node:
@ -198,8 +214,6 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
```
NOTE: The node takes a long time to start syncing blocks `~30 seconds`
- Get the public key of your node:
```bash
@ -208,15 +222,6 @@
NOTE: This public key is required in next step to create validator
- Check sync status of node:
```bash
# Check sync status
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd status | jq .sync_info"
# `catching_up: false` indicates that node is completely synced
```
## Create Validator
- Run these steps in a machine from where [the create-validator transaction is to be signed (machine 3)](#build-laconicd-to-create-validator)
@ -229,29 +234,26 @@
- Update `~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml` with required values:
NOTE: Use the public key exported in [previous step](#start-laconicd-node)
NOTE: Use the public key exported in [previous step](#start-node)
```bash
# Set the public IP address of the machine where your node is running
# NOTE: An https URL can also be used
node_url: "tcp://NODE_PUBLIC_IP_ADDRESS:26657"
# Same moniker as set above
cerc_moniker: "<your-moniker>"
# Make sure to wrap it with single quotes ('')
validator_pub_key: '<public-key-of-your-node>'
# Same moniker as set during setup of laconicd node
cerc_moniker: "<your-moniker>"
# Set the public IP address of the machine where your node is running
node_url: "tcp://NODE_PUBLIC_IP_ADDRESS:26657"
```
- Set a directory path required by the playbook to create validator (used temporarily):
- Export required env vars:
```bash
export DATA_DIRECTORY=<data-directory>
```
- Run ansible playbook to create a validator in the running chain:
NOTE: Make sure that your node has completed syncing before running the playbook
- Run ansible playbook to create validator on running chain:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml
@ -267,7 +269,7 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'
```
- (Optional) If TMKMS is configured and running, remove the validator key from node deployment:
- Remove the validator key from node deployment as TMKMS is configured:
NOTE: Store it safely offline in case of an emergency
@ -275,20 +277,6 @@
rm -rf $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
```
## Register Your Node
- Run the following steps in the machine where the mainnet node is setup (machine 2)
- Get your node's address:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@YOUR_PUBLIC_IP_ADDRESS:26656'
```
- Add your node's address to the [node-addresses.yml](../node-addresses.yml) file
- Submit a PR to add your node address to the [laconicd-stack repository](https://git.vdb.to/cerc-io/laconicd-stack)
## Update config
- Run following steps to update the config for TMKMS and node
@ -329,50 +317,16 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
```
## Rebuild Images
## Register Your Node
- Follow these steps to rebuild the images for TMKMS and node in case of any code changes
- Run the following steps in the machine where the mainnet node is setup (machine 2)
### TMKMS
- Run these steps in the machine where the TMKMS service is setup (machine 4)
- Stop the TMKMS deployment:
- Get your node's address:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/tmkms-deployment stop
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@YOUR_PUBLIC_IP_ADDRESS:26656'
```
- Run ansible playbook to rebuild the TMKMS image:
- Add your node's address to the `~/cerc/laconicd-stack/node-addresses.yml` file
```bash
BUILD_ONLY=true ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
- Start the TMKMS deployment:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml
```
### Node
- Run these steps in the machine where the mainnet node is setup (machine 2)
- Stop the node deployment:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR stop
```
- Run ansible playbook to rebuild the node image:
```bash
BUILD_ONLY=true ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml
```
- Start the node deployment:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
```
- Submit a PR to add your node address to the repository

420
docs/update-deployments.md
View File

@ -1,420 +0,0 @@
# Update Deployments
Instructions to reset / update the deployments
## Login
* Log in as `dev` user on the deployments VM
* All the deployments are placed in the `/srv` directory:
```bash
cd /srv
```
## laconic-wallet-web
* Deployment dir: `/srv/wallet/laconic-wallet-web-deployment`
* If code has changed, fetch and build with updated source code:
```bash
# testnet-onboarding-app source
cd ~/cerc/laconic-wallet-web
# Fetch from remote
git fetch
# Checkout to the latest tag (https://git.vdb.to/LaconicNetwork/laconic-wallet-web/tags)
git checkout <tag>
# Rebuild the containers
cd /srv/wallet
laconic-so --stack ~/cerc/laconic-wallet-web/stack/stack-orchestrator/stack/laconic-wallet-web build-containers --force-rebuild
```
* Update the configuration `laconic-wallet-web-deployment/config.env`:
```bash
# URL for the deploy app so that wallet can work with it
CERC_ALLOWED_URLS=https://deploy.laconic.com,https://store.laconic.com
```
* Restart the deployment:
```bash
laconic-so deployment --dir laconic-wallet-web-deployment stop
laconic-so deployment --dir laconic-wallet-web-deployment start
# Follow logs for laconic-wallet-web container, wait for the build to finish
laconic-so deployment --dir laconic-wallet-web-deployment logs laconic-wallet-web -f
```
* The web wallet can now be viewed at <https://wallet.laconic.com>
## laconic-console
* Deployment dir: `/srv/console/laconic-console-testnet2-deployment`
* Set deployment directory in a variable:
```bash
CONSOLE_DEPLOYMENT=/srv/console/laconic-console-testnet2-deployment
```
* Update the configuration:
```bash
nano $CONSOLE_DEPLOYMENT/config.env
```
```bash
# Laconicd (hosted) GQL endpoint
LACONIC_HOSTED_ENDPOINT=https://laconicd-mainnet.laconic.com
# laconicd chain id
CERC_LACONICD_CHAIN_ID=laconic-mainnet
```
* Restart the deployment:
```bash
laconic-so deployment --dir $CONSOLE_DEPLOYMENT stop
laconic-so deployment --dir $CONSOLE_DEPLOYMENT start
# Follow logs for console container
laconic-so deployment --dir $CONSOLE_DEPLOYMENT logs console -f
```
* The laconic console can now be viewed at <https://console-mainnet.laconic.com>
---
## Laconic Shopify
* Deployment dir: `/srv/shopify/laconic-shopify-deployment`
* If code has changed, fetch and build with updated source code:
```bash
laconic-so --stack ~/cerc/testnet-laconicd-stack/stack-orchestrator/stacks/laconic-shopify setup-repositories --git-ssh --pull
# rebuild containers
laconic-so --stack ~/cerc/testnet-laconicd-stack/stack-orchestrator/stacks/laconic-shopify build-containers --force-rebuild
```
* Update the configuration if required in `laconic-shopify-deployment/config.env`:
```bash
# laconicd RPC endpoint
CERC_LACONICD_RPC_ENDPOINT=https://laconicd-mainnet.laconic.com
# laconicd chain id
CERC_LACONICD_CHAIN_ID=laconic-mainnet
```
* Update the code for shopify app in [theme/sections/main-product.liquid](https://git.vdb.to/cerc-io/shopify/pulls/13/files#diff-971bd0e0a616c3feaecf3205ac98a23296a5a0d7) to use the correct chain ID
```bash
...
<script>
// Function to send a message to the iframe to get or create wallet account
function requestWalletAddress(iframe) {
const message = {
type: 'REQUEST_CREATE_OR_GET_ACCOUNTS',
# Replace `laconic-testnet-2` with `laconic-mainnet`
chainId: 'laconic-testnet-2',
};
...
```
* Restart the deployment:
```bash
cd /srv/shopify
laconic-so deployment --dir laconic-shopify-deployment stop
laconic-so deployment --dir laconic-shopify-deployment start
```
## Webapp Deployer
* Deployment dir: `/srv/service-provider/webapp-deployer` and `/srv/service-provider/webapp-ui`
* Set deployment directory in a variable:
```bash
SP_DEPLOYMENT=/srv/service-provider/webapp-deployer
SP_UI_DEPLOYMENT=/srv/service-provider/webapp-ui
```
* If code has changed, fetch and build with updated source code:
```bash
laconic-so --stack webapp-deployer-backend setup-repositories --git-ssh --pull
# rebuild containers
laconic-so --stack webapp-deployer-backend build-containers --force-rebuild
```
* Push updated images to the container registry:
```bash
cd /srv/service-provider
# login to container registry
CONTAINER_REGISTRY_URL=container-registry.apps.vaasl.io
# For credentials: "cat /srv/service-provider/webapp-deployer/config.env | grep IMAGE_REGISTRY"
CONTAINER_REGISTRY_USERNAME=
CONTAINER_REGISTRY_PASSWORD=
docker login $CONTAINER_REGISTRY_URL --username $CONTAINER_REGISTRY_USERNAME --password $CONTAINER_REGISTRY_PASSWORD
# Push backend images
laconic-so deployment --dir $SP_DEPLOYMENT push-images
```
* Stop the deployments:
```bash
laconic-so deployment --dir $SP_DEPLOYMENT stop
laconic-so deployment --dir $SP_UI_DEPLOYMENT stop
```
* Update the laconic registry config with new endpoints:
```bash
nano $SP_DEPLOYMENT/data/config/laconic.yml
```
```bash
services:
registry:
rpcEndpoint: "https://laconicd-mainnet.laconic.com"
gqlEndpoint: "https://laconicd-mainnet.laconic.com/api"
userKey: "<userKey>"
bondId: "<bondId>"
chainId: laconic-mainnet
gasPrice: 0.001alnt
```
Note: Existing `userKey` and `bondId` can be used since they are carried over from SAPO testnet to mainnet
* Update any deployer config (`webapp-deployer/config.env`) if required
* Start the webapp deployer:
```bash
laconic-so deployment --dir $SP_DEPLOYMENT start
```
* Get the webapp-deployer pod id:
```bash
laconic-so deployment --dir webapp-deployer ps
# Expected output
# Running containers:
# id: default/laconic-096fed46af974a47-deployment-644db859c7-snbq6, name: laconic-096fed46af974a47-deployment-644db859c7-snbq6, ports: 10.42.2.11:9555->9555
# Set pod id
export POD_ID=
# Example:
# export POD_ID=laconic-096fed46af974a47-deployment-644db859c7-snbq6
```
* Copy over GPG keys files to the webapp-deployer container:
```bash
kubie ctx default
# Copy the GPG key files to the pod
kubectl cp webapp-deployer/webapp-deployer-api.apps.vaasl.io.pgp.key $POD_ID:/app
kubectl cp webapp-deployer/webapp-deployer-api.apps.vaasl.io.pgp.pub $POD_ID:/app
# Required everytime you stop and start the deployer
```
* Check logs:
```bash
# Deployer
kubectl logs -f $POD_ID
# Deployer auction handler
kubectl logs -f $POD_ID -c cerc-webapp-auction-handler
```
* Update deployer UI config:
```bash
nano $SP_UI_DEPLOYMENT/config.env
```
```bash
# URL of the laconic console
LACONIC_HOSTED_CONFIG_app_console_link=https://console-mainnet.laconic.com
```
* Start the webapp UI:
```bash
laconic-so deployment --dir $SP_UI_DEPLOYMENT start
```
* Check logs
```bash
laconic-so deployment --dir $SP_UI_DEPLOYMENT logs webapp
```
## Deploy Backend
* Deployment dir: `/srv/deploy-backend/laconic-backend-deployment`
* Stop the deployment:
```bash
laconic-so deployment --dir laconic-backend-deployment stop
```
* If code has changed, fetch and build with updated source code:
```bash
laconic-so --stack ~/cerc/snowballtools-base-api-stack/stack-orchestrator/stacks/snowballtools-base-backend setup-repositories --pull
# rebuild containers
laconic-so --stack ~/cerc/snowballtools-base-api-stack/stack-orchestrator/stacks/snowballtools-base-backend build-containers --force-rebuild
```
* Push updated images to the container registry:
```bash
cd /srv/deploy-backend
# login to container registry
CONTAINER_REGISTRY_URL=container-registry.apps.vaasl.io
# For credentials: "cat /srv/service-provider/webapp-deployer/config.env | grep IMAGE_REGISTRY"
CONTAINER_REGISTRY_USERNAME=
CONTAINER_REGISTRY_PASSWORD=
docker login $CONTAINER_REGISTRY_URL --username $CONTAINER_REGISTRY_USERNAME --password $CONTAINER_REGISTRY_PASSWORD
# Push backend images
laconic-so deployment --dir laconic-backend-deployment push-images
```
* Update the configuration if required in `laconic-backend-deployment/configmaps/config/prod.toml`:
```toml
...
[registryConfig]
fetchDeploymentRecordDelay = 5000
checkAuctionStatusDelay = 5000
restEndpoint = "https://laconicd-mainnet.laconic.com"
gqlEndpoint = "https://laconicd-mainnet.laconic.com/api"
chainId = "laconic-mainnet"
privateKey = "<private-key>"
bondId = "<bond-id>"
authority = "laconic-deploy"
[registryConfig.fee]
gasPrice = "0.001alnt"
...
```
* Restart the deployment:
```bash
laconic-so deployment --dir laconic-backend-deployment start
```
* Check logs:
```bash
laconic-so deployment --dir laconic-backend-deployment logs snowballtools-base-backend
```
## Deploy Frontend
* Source repo: <https://git.vdb.to/cerc-io/snowballtools-base>
* Merge the following PRs in order to deploy frontend app with mainnet configuration
* <https://git.vdb.to/cerc-io/snowballtools-base/pulls/59>
* <https://git.vdb.to/cerc-io/snowballtools-base/pulls/58>
NOTE: Follow steps below if CI deployment doesn't work (cancel CI before following steps below)
### Prerequisites
* Node.js
* Yarn
### Setup
* On your local machine, clone the `snowballtools-base` repo:
```bash
git clone git@git.vdb.to:cerc-io/snowballtools-base.git
```
* Install dependencies:
```bash
cd snowballtools-base
yarn install
```
* In the deployer package, create required env:
```bash
cd packages/deployer
cp .env.example .env
```
Set the required variables:
```bash
REGISTRY_BOND_ID=<bond-id>
DEPLOYER_LRN=lrn://vaasl-provider/deployers/webapp-deployer-api.apps.vaasl.io
AUTHORITY=laconic-deploy
```
Note: The bond id should be set to the `laconic-deploy` authority
* Update required laconic config. You can use the same `userKey` and `bondId` used for deploying backend:
```bash
# Replace <user-pk> and <bond-id>
cat <<EOF > config.yml
services:
registry:
rpcEndpoint: https://laconicd-mainnet.laconic.com
gqlEndpoint: https://laconicd-mainnet.laconic.com/api
userKey: <user-pk>
bondId: <bond-id>
chainId: laconic-mainnet
gasPrice: 0.001alnt
EOF
```
Note: The `userKey` account should own the authority `laconic-deploy`
### Run
* Run frontend deployment script:
```bash
./deploy-frontend.sh
```
Follow deployment logs on the [deployer UI](https://webapp-deployer-ui.apps.vaasl.io/)
* On a successful deployment, the frontend can be viewed at <https://deploy.laconic.com>

178
docs/update-service-provider.md
View File

@ -1,178 +0,0 @@
# Update Service Provider
## Prerequisites
A Laconic mainnet node (see [run-validator.md](./run-validator.md))
## Stop services
* Stop laconic-console deployment:
```bash
# In directory where laconic-console deployment was created
laconic-so deployment --dir laconic-console-deployment stop
```
* Stop webapp deployer:
```bash
# In directory where webapp-deployer deployment was created
laconic-so deployment --dir webapp-deployer stop
laconic-so deployment --dir webapp-ui stop
```
## Update laconic console
* Update the console config (`laconic-console-deployment/config.env`) if required:
```bash
# CLI configuration
# laconicd RPC endpoint (can be pointed to your node)
CERC_LACONICD_RPC_ENDPOINT=https://laconicd-mainnet.laconic.com
# laconicd GQL endpoint (can be pointed to your node)
CERC_LACONICD_GQL_ENDPOINT=https://laconicd-mainnet.laconic.com/api
CERC_LACONICD_CHAIN_ID=laconic-mainnet
# Console configuration
# Laconicd (hosted) GQL endpoint (can be pointed to your node)
LACONIC_HOSTED_ENDPOINT=https://laconicd-mainnet.laconic.com
```
* Update any other config values as required
* Start the deployment:
```bash
laconic-so deployment --dir laconic-console-deployment start
```
* Use the cli service for any registry CLI operations:
```bash
# Example
laconic-so deployment --dir laconic-console-deployment exec cli "laconic registry status"
```
## Check authority and deployer record
* The state has been carried over from SAPO testnet to the mainnet, if you had authority and records on the SAPO testnet, they should be present on mainnet as well
* Check authority:
```bash
# In directory where laconic-console deployment was created
AUTHORITY=<your-authority>
laconic-so deployment --dir laconic-console-deployment exec cli "laconic registry authority whois $AUTHORITY"
```
* Check deployer record:
```bash
PAYMENT_ADDRESS=<your-deployers-payment-address>
laconic-so deployment --dir laconic-console-deployment exec cli "laconic registry record list --all --type WebappDeployer --paymentAddress $PAYMENT_ADDRESS"
```
## Update webapp deployer
* Update deployer laconic registry config (`webapp-deployer/data/config/laconic.yml`) with new endpoints:
```bash
services:
registry:
rpcEndpoint: "<your-mainnet-rpc-endpoint>" # Eg. https://laconicd-mainnet.laconic.com
gqlEndpoint: "<your-mainnet-gql-endpoint>" # Eg. https://laconicd-mainnet.laconic.com/api
userKey: "<userKey>"
bondId: "<bondId"
chainId: laconic-mainnet
gasPrice: 0.001alnt
```
Note: Existing `userKey` and `bondId` can be used since they are carried over from SAPO testnet to mainnet
* Update deployer config (`webapp-deployer/config.env`) if required:
```bash
# Update the deployer LRN if it has changed
export LRN=
# Min payment to require for performing deployments
export MIN_REQUIRED_PAYMENT=9500
# Handle deployment auction requests
export HANDLE_AUCTION_REQUESTS=true
# Amount that the deployer will bid on deployment auctions
export AUCTION_BID_AMOUNT=9500
```
* Start the webapp deployer:
```bash
laconic-so deployment --dir webapp-deployer start
```
* Get the webapp-deployer pod id:
```bash
laconic-so deployment --dir webapp-deployer ps
# Expected output
# Running containers:
# id: default/laconic-096fed46af974a47-deployment-644db859c7-snbq6, name: laconic-096fed46af974a47-deployment-644db859c7-snbq6, ports: 10.42.2.11:9555->9555
# Set pod id
export POD_ID=
# Example:
# export POD_ID=laconic-096fed46af974a47-deployment-644db859c7-snbq6
```
* Copy over GPG keys files to the webapp-deployer container:
```bash
kubie ctx default
# Copy the GPG key files to the pod
kubectl cp <path-to-your-gpg-private-key> $POD_ID:/app
kubectl cp <path-to-your-gpg-public-key> $POD_ID:/app
# Required everytime you stop and start the deployer
```
* Check logs:
```bash
# Deployer
kubectl logs -f $POD_ID
# Deployer auction handler
kubectl logs -f $POD_ID -c cerc-webapp-auction-handler
```
* Update deployer UI config (`webapp-ui/config.env`) if required:
```bash
# URL of the webapp deployer backend API
# eg: https://webapp-deployer-api.pwa.laconic.com
LACONIC_HOSTED_CONFIG_app_api_url=
# URL of the laconic console
# eg: https://console-mainnet.laconic.com/console?...
LACONIC_HOSTED_CONFIG_app_console_link=
```
* Start the webapp UI:
```bash
laconic-so deployment --dir webapp-ui start
```
* Check logs
```bash
laconic-so deployment --dir webapp-ui logs webapp
```

3
node-addresses.yml
View File

@ -2,6 +2,3 @@
# Example:
# - node-1-id@node-1-host:26656
# - node-2-id@node-2-host:26656
- f89c3216cd763c8c984810058f11189ca7f3e365@bootstrap-mainnet.laconic.com:26656

100
playbooks/cosmos-multisig-app/README.md
View File

@ -8,134 +8,88 @@ This playbook sets up the Cosmos Multisig application for managing multisig wall
- [ansible](../README.md#ansible-installation)
- If running playbook to setup deployment on remote machine, the following need to be installed in remote:
- [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install)
- Check [domain port mappings](./domain-port-mappings.md) to ensure that required domain is pointing to correct port
- [yq](https://github.com/mikefarah/yq?tab=readme-ov-file#wget)
## Configuration
- Fetch the stack:
* Fetch the stack:
```bash
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --pull
laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
```
- Copy the example variables file:
* Copy the example variables file:
```bash
cp ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-vars.example.yml ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-vars.yml
```
- Update `~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-vars.yml` with your node configuration:
* Update `~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-vars.yml` with your node configuration:
```yaml
# TODO: Update with example domains mapped to ports
next_public_node_addresses: '["https://laconicd-mainnet.laconic.com"]'
node_rest_endpoint: "https://api.laconicd-mainnet.laconic.com"
```
## Setup Steps
- Set common environment variables:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=<absolute/path/to/deployments/directory>
export MULTISIG_DEPLOYMENT_DIR=cosmos-multisig-deployment
```
- Copy the inventory file:
```bash
cp ~/cerc/laconicd-stack/playbooks/hosts.ini.example ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini
```
* Set common environment variables:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=<path/to/deployments/directory>
export MULTISIG_DEPLOYMENT_DIR=cosmos-multisig-deployment
```
### Local Setup
- Setup and start the multisig app:
* Setup and start the multisig app:
```bash
ansible-playbook -v -i ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-app-start.yml --limit local
ansible-playbook -v -i hosts.ini ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-app-start.yml --limit local
```
- Access the app at <https://multisig.laconic.com/laconic-mainnet>
* Access the app at <http://localhost:7000/laconic>
### Remote Setup
- Create and configure hosts.ini:
- Edit `~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini` and update the remote host details:
* Create and configure hosts.ini:
* Copy the example file:
```bash
cp ~/cerc/laconicd-stack/playbooks/hosts.ini.example ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini
```
* Edit `~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini` and update the remote host details:
```ini
[remote]
# Replace with your actual remote host details
remote_host ansible_host=your.remote.host ansible_user=your_remote_user ansible_ssh_common_args='-o ForwardAgent=yes'
```
- Verify SSH connection using Ansible ping:
* Verify SSH connection using Ansible ping:
```bash
ansible all -m ping -i ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini --limit remote_host
```
- Run the playbook targeting the remote host:
* Run the playbook targeting the remote host:
```bash
ansible-playbook -v -i ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-app-start.yml --limit remote_host
```
- Access the app at <https://multisig.laconic.com/laconic-mainnet>
* Access the app at <http://your.remote.host:7000/laconic>
## Check Status
- Check app logs:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MULTISIG_DEPLOYMENT_DIR logs -f cosmos-multisig-ui
```
## Update
- Set environment variables for the deployment:
* Check app logs:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=<absolute/path/to/deployments/directory>
export MULTISIG_DEPLOYMENT_DIR=cosmos-multisig-deployment
laconic-so deployment --dir $DATA_DIRECTORY/$MULTISIG_DEPLOYMENT_DIR logs -f cosmos-multisig-ui
```
- Stop the deployment:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MULTISIG_DEPLOYMENT_DIR stop
```
- Update `~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-vars.yml` with required values
- Run ansible playbook to deploy again:
- For local host
```bash
ansible-playbook -v -i ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-app-start.yml --limit local
```
- For remote host (check that remote is configured properly in `~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini`)
```bash
ansible-playbook -v -i ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/hosts.ini ~/cerc/laconicd-stack/playbooks/cosmos-multisig-app/cosmos-multisig-app-start.yml --limit remote_host
```
## Clean up
- To stop the deployment:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MULTISIG_DEPLOYMENT_DIR stop
```
- To stop and delete all data:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$MULTISIG_DEPLOYMENT_DIR stop --delete-volumes
sudo rm -rf $DATA_DIRECTORY/$MULTISIG_DEPLOYMENT_DIR
```
```

13
playbooks/cosmos-multisig-app/cosmos-multisig-app-start.yml
View File

@ -2,6 +2,10 @@
- name: Setup and deploy the cosmos multisig app
hosts: multihosts
# To use yq binary installed in user bin path
environment:
PATH: "{{ ansible_env.PATH }}:/home/{{ansible_user}}/bin"
vars_files:
- cosmos-multisig-vars.yml
vars:
@ -13,11 +17,7 @@
network_json: "../../config/network.json"
remote_network_json: "{{data_directory}}/network.json"
build_args: "{{ '--force-rebuild' if (lookup('env', 'FORCE_REBUILD') | default(omit, true)) not in [ 'false', 'False', '0' ] else '' }}"
tasks:
- name: Include setup tasks
ansible.builtin.import_tasks: ../setup.yml
- name: Fail if DATA_DIRECTORY env var is not set
fail:
msg: "Environment variable DATA_DIRECTORY is not set. Please export it before running the playbook."
@ -25,7 +25,7 @@
- name: Clone cosmos-multisig-ui repo
shell: |
laconic-so fetch-stack git.vdb.to/cerc-io/cosmos-multisig-ui@v0.1.3 --pull
laconic-so fetch-stack git.vdb.to/cerc-io/cosmos-multisig-ui@v0.1.2 --git-ssh --pull
- name: Build container image
shell: |
@ -43,7 +43,7 @@
- name: Replace network section in spec_output
shell: >
{{ yq_path }} eval '(.network) = load("{{ remote_spec_template }}").network' -i {{ spec_output }}
yq eval '(.network) = load("{{ remote_spec_template }}").network' -i {{ spec_output }}
- name: Check if deployment directory exists
stat:
@ -76,7 +76,6 @@
USE_HOST_NETWORK={{ use_host_network }}
DGRAPH_DOMAIN={{ dgraph_domain }}
CHAIN_CONFIG_PATH="{{data_directory}}/{{ multisig_deployment_dir }}/config/cosmos-multisig-ui/network.json"
NEXT_PUBLIC_REGISTRY_ENABLED_CHAINS={{ next_public_registry_enabled_chains }}
mode: '0644'
- name: Copy network.json to remote server

7
playbooks/cosmos-multisig-app/cosmos-multisig-vars.example.yml
View File

@ -1,8 +1,5 @@
# Set to true if the application supports multiple chains
next_public_multichain: true
# Array of enabled chain names for the registry
next_public_registry_enabled_chains: '["cosmoshub","sei"]'
next_public_multichain: false
# The name of the blockchain registry
next_public_registry_name: "laconic-mainnet"
@ -32,7 +29,7 @@ next_public_display_denom: "ALNT"
next_public_display_denom_exponent: 0
# JSON array of asset definitions, including denom units, base, name, display, and symbol
next_public_assets: '[{"denom_units":[{"denom":"alnt","exponent":0}],"base":"alnt","name":"Laconic Token","display":"ALNT","symbol":"alnt"},{"denom_units":[{"denom":"alps","exponent":0}],"base":"alps","name":"Laconic Prepaid Service","display":"ALPS","symbol":"alps"}]'
next_public_assets: '[{"denom_units":[{"denom":"alnt","exponent":0}],"base":"alnt","name":"Laconic Token","display":"ALNT","symbol":"alnt"}]'
# Default gas price for transactions
next_public_gas_price: "0.001alnt"

61
playbooks/cosmos-multisig-app/multisig-usage.md
View File

@ -1,61 +0,0 @@
# Multisig Usage
## Create a Multisig
- On opening the app, a prompt will be shown to add Laconic Mainnet network to you Keplr wallet. Click on `Approve`
- Go to home and click on `I don't have a multisig`
- Add the addresses of accounts which have performed at least one tx on chain
- Set the threshold as required (if threshold is set to N out of N members then all the validators have to sign the tx)
- Click on `Submit` and `Create multisig`
## Import Accounts in Keplr
- Add the accounts in Keplr wallet for signing the transaction
- Open Keplr wallet and click on the user icon in the top right corner
- Click on `Add wallet`, then select `Import an existing wallet` and go to `Use recovery phrase or private key`
- Select the `Private key` tab and then paste the private key of the account and click on import
- Set a name for the wallet (used when connecting wallet to app for signing transaction) and click on next
- Search for `Laconic Mainnet` and select it, then click on `Save`
- Other accounts can be added in a similar manner
- Send funds to the generated multisig address using Keplr
- Open Keplr wallet and select the account from which you wish to transfer the funds to the multisig address
- Search for `Laconic Mainnet`, choose the token you wish to send and select the network
- Select `Send` and paste the multisig address and set desired amount
- Click on `Next` and approve the transaction
## Send Transaction From Multisig Address
- In the multisig app, Go to `home`, paste your multisig address and click on `Use this multisig`
- You will see the multisig members and holdings for the address
- Click on `Create new transaction` and then click on `Bank Send` under `Add New Msg`
- Enter the recipient address, amount to be transfered and memo (optional)
- You can either select `alnt` or `alps` as denom
- Click on create transaction
- Under Choose wallet to sign, click on `Connect Keplr`
- After connecting the wallet, click on `Sign transaction` and approve the transaction
- Repeat the above steps for other members of the multisig to sign the transaction
- Once the transaction is signed by required number of validators (as set in the threshold), click on `Broadcast Transaction`

33
playbooks/first-validator/generate-genesis.yml
View File

@ -79,29 +79,16 @@
when: private_key_input.user_input | default('') | trim == ''
- name: Run script to create and collect gentx
command:
argv:
- docker
- run
- -i
- -v
- "{{ gentx_genesis_dir }}:/root/generate-gentx-genesis"
- -v
- "~/cerc/laconicd-stack/stack-orchestrator/config/mainnet-laconicd:/scripts"
- -e
- "PVT_KEY={{ private_key_input.user_input }}"
- -e
- "KEY_NAME={{ key_name }}"
- -e
- "CERC_MONIKER={{ cerc_moniker }}"
- -e
- "CERC_CHAIN_ID={{ cerc_chain_id }}"
- -e
- "VALIDATOR_PUB_KEY={{ validator_pub_key }}"
- cerc/laconicd:local
- bash
- -c
- "/scripts/create-and-collect-gentx.sh"
shell: |
docker run -i \
-v {{gentx_genesis_dir}}:/root/generate-gentx-genesis \
-v ~/cerc/laconicd-stack/stack-orchestrator/config/mainnet-laconicd:/scripts \
-e "PVT_KEY={{ private_key_input.user_input }}" \
-e "KEY_NAME={{ key_name }}" \
-e "CERC_MONIKER={{ cerc_moniker }}" \
-e "CERC_CHAIN_ID={{ cerc_chain_id }}" \
-e "VALIDATOR_PUB_KEY={{ validator_pub_key | to_json }}" \
cerc/laconicd:local bash -c "/scripts/create-and-collect-gentx.sh"
- name: Update genesis file in output
copy:

16
playbooks/first-validator/setup-first-validator.yml
View File

@ -9,44 +9,36 @@
spec_file: "{{data_directory}}/laconicd-spec.yml"
spec_template: "./templates/specs/spec-template.yml.j2"
build_args: "{{ '--force-rebuild' if (lookup('env', 'FORCE_REBUILD') | default(omit, true)) not in [ 'false', 'False', '0' ] else '' }}"
BUILD_ONLY: "{{ lookup('env', 'BUILD_ONLY') | default(false) | bool }}"
tasks:
- name: Include setup tasks
ansible.builtin.import_tasks: ../setup.yml
- name: Fail if DATA_DIRECTORY or MAINNET_DEPLOYMENT_DIR env vars are not set
fail:
msg: >-
Required environment variables are not set.
Please export both DATA_DIRECTORY and MAINNET_DEPLOYMENT_DIR before running the playbook.
when: not BUILD_ONLY and (lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == '')
when: lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == ''
- name: Setup required repositories
shell: >
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd
setup-repositories --pull
setup-repositories --git-ssh --pull
- name: Build container images
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd build-containers {{ build_args }}
- name: Create deployment spec file
when: not BUILD_ONLY
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd deploy init --output {{ spec_file }}
- name: Replace network section in spec_file
when: not BUILD_ONLY
shell: >
{{ yq_path }} eval '(.network) = load("{{ spec_template }}").network' -i {{ spec_file }}
yq eval '(.network) = load("{{ spec_template }}").network' -i {{ spec_file }}
- name: Create deployment from spec file
when: not BUILD_ONLY
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd deploy create --spec-file {{ spec_file }} --deployment-dir {{data_directory}}/{{ mainnet_deployment_dir }}
- name: Create config.env
when: not BUILD_ONLY
copy:
dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/config.env"
content: |
@ -58,7 +50,6 @@
mode: '0777'
- name: Initialize laconicd node
when: not BUILD_ONLY
shell: |
docker run -i \
-v {{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
@ -68,7 +59,6 @@
cerc/laconicd:local bash -c "/scripts/setup-laconicd.sh"
- name: Ensure tmp directory exists inside laconicd-data
when: not BUILD_ONLY
file:
path: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp"
state: directory

29
playbooks/setup.yml
View File

@ -1,29 +0,0 @@
---
# Setup tasks for all playbooks
- name: Create tools directory in user's home
file:
path: "{{ ansible_env.HOME }}/.laconic-tools"
state: directory
mode: '0755'
- name: Check if yq exists
stat:
path: "{{ ansible_env.HOME }}/.laconic-tools/yq"
register: yq_file
- name: Detect OS and architecture
set_fact:
yq_os: "{{ 'darwin' if ansible_system == 'Darwin' else 'linux' }}"
yq_arch: "{{ ansible_architecture | regex_replace('x86_64', 'amd64') | regex_replace('aarch64', 'arm64') }}"
- name: Download yq to user's tools directory
shell: |
curl -L https://github.com/mikefarah/yq/releases/latest/download/yq_{{ yq_os }}_{{ yq_arch }} -o {{ ansible_env.HOME }}/.laconic-tools/yq
chmod +x {{ ansible_env.HOME }}/.laconic-tools/yq
when: not yq_file.stat.exists
args:
creates: "{{ ansible_env.HOME }}/.laconic-tools/yq"
- name: Set yq path variable
set_fact:
yq_path: "{{ ansible_env.HOME }}/.laconic-tools/yq"

1
playbooks/tmkms/run-tmkms.yml
View File

@ -40,6 +40,7 @@
NODE_IP: "{{ node_ip }}"
NODE_PORT: "{{ node_port }}"
KEY_PREFIX: "{{ key_prefix }}"
TMKMS_MODE: "{{ tmkms_mode }}"
mode: '0777'
- name: Start tmkms deployment

11
playbooks/tmkms/setup-tmkms.yml
View File

@ -1,34 +1,33 @@
---
- name: Setup TMKMS stack
hosts: localhost
vars_files:
- tmkms-vars.yml
vars:
data_directory: "{{ lookup('env', 'DATA_DIRECTORY') }}"
tmkms_deployment_dir: "{{ lookup('env', 'TMKMS_DEPLOYMENT_DIR') | default('tmkms-deployment', true) }}"
tmkms_spec_file: "{{data_directory}}/tmkms-spec.yml"
build_args: "{{ '--force-rebuild' if (lookup('env', 'FORCE_REBUILD') | default(omit, true)) not in [ 'false', 'False', '0' ] else '' }}"
BUILD_ONLY: "{{ lookup('env', 'BUILD_ONLY') | default(false) | bool }}"
tasks:
- name: Fail if DATA_DIRECTORY env var is not set
fail:
msg: >-
Required environment variable DATA_DIRECTORY is not set.
Please export DATA_DIRECTORY before running the playbook.
when: not BUILD_ONLY and lookup('env', 'DATA_DIRECTORY') == ''
when: lookup('env', 'DATA_DIRECTORY') == ''
- name: Fetch tmkms stack
shell: |
laconic-so fetch-stack git.vdb.to/LaconicNetwork/tmkms-stack --pull
laconic-so fetch-stack git.vdb.to/LaconicNetwork/tmkms-stack@sk-yubihsm --git-ssh --pull
- name: Build tmkms container images
shell: |
laconic-so --stack ~/cerc/tmkms-stack/stack-orchestrator/stacks/tmkms build-containers {{ build_args }}
laconic-so --stack ~/cerc/tmkms-stack/stack-orchestrator/stacks/tmkms build-containers {{ build_args }} --extra-build-args "--build-arg BACKEND={{ tmkms_mode }}"
- name: Create tmkms deployment spec file
when: not BUILD_ONLY
shell: |
laconic-so --stack ~/cerc/tmkms-stack/stack-orchestrator/stacks/tmkms deploy init --output {{ tmkms_spec_file }}
- name: Create tmkms deployment from spec file
when: not BUILD_ONLY
shell: |
laconic-so --stack ~/cerc/tmkms-stack/stack-orchestrator/stacks/tmkms deploy create --spec-file {{ tmkms_spec_file }} --deployment-dir {{data_directory}}/{{ tmkms_deployment_dir }}

3
playbooks/tmkms/tmkms-vars.example.yml
View File

@ -14,3 +14,6 @@ key_prefix: "laconic"
# The chain ID for the blockchain network
chain_id: "laconic-mainnet"
# The mode of operation for TMKMS (e.g., "softsign", "yubihsm")
tmkms_mode: "softsign"

2
playbooks/validator/build-laconicd.yml
View File

@ -8,7 +8,7 @@
- name: Setup required repositories
shell: >
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd
setup-repositories --pull
setup-repositories --git-ssh --pull
- name: Build container images
shell: |

48
playbooks/validator/create-validator.yml
View File

@ -8,12 +8,12 @@
create_validator_dir: "{{data_directory}}/create-validator"
spec_file: "{{data_directory}}/laconicd-validator-spec.yml"
tasks:
- name: Fail if DATA_DIRECTORY env var is not set
- name: Fail if DATA_DIRECTORY or MAINNET_DEPLOYMENT_DIR env vars are not set
fail:
msg: >-
Required environment variables are not set.
Please export DATA_DIRECTORY before running the playbook.
when: lookup('env', 'DATA_DIRECTORY') == ''
Please export both DATA_DIRECTORY and MAINNET_DEPLOYMENT_DIR before running the playbook.
when: lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == ''
- name: Fail if required key files are not defined
fail:
@ -48,31 +48,17 @@
when: private_key_input.user_input | default('') | trim == ''
- name: Run create-validator script
command:
argv:
- docker
- run
- -i
- -v
- "{{create_validator_dir}}:/root/create-validator"
- -v
- "{{ ansible_env.HOME }}/cerc/laconicd-stack/stack-orchestrator/config/mainnet-laconicd/create-validator.sh:/scripts/create-validator.sh"
- -e
- "KEY_NAME={{ key_name }}"
- -e
- "NODE_URL={{ node_url }}"
- -e
- "CERC_MONIKER={{ cerc_moniker }}"
- -e
- "CERC_CHAIN_ID={{ cerc_chain_id }}"
- -e
- "MIN_GAS_PRICE={{ min_gas_price }}"
- -e
- "VALIDATOR_PUB_KEY={{ validator_pub_key }}"
- -e
- "PVT_KEY={{ private_key_input.user_input }}"
- --network=host
- cerc/laconicd:local
- sh
- -c
- "/scripts/create-validator.sh"
shell: |
docker run -i \
-v {{create_validator_dir}}:/root/create-validator \
-v ~/cerc/laconicd-stack/stack-orchestrator/config/mainnet-laconicd/create-validator.sh:/scripts/create-validator.sh \
-e "KEY_NAME={{ key_name }}" \
-e "NODE_URL={{ node_url }}" \
-e "CERC_MONIKER={{ cerc_moniker }}" \
-e "CERC_CHAIN_ID={{ cerc_chain_id }}" \
-e "MIN_GAS_PRICE={{ min_gas_price }}" \
-e "VALIDATOR_PUB_KEY={{ validator_pub_key | to_json }}" \
-e "PVT_KEY={{ private_key_input.user_input }}" \
--network=host \
cerc/laconicd:local \
sh -c "/scripts/create-validator.sh"

66
playbooks/validator/setup-validator.yml
View File

@ -9,51 +9,43 @@
spec_file: "{{data_directory}}/laconicd-validator-spec.yml"
spec_template: "./templates/specs/spec-template.yml.j2"
build_args: "{{ '--force-rebuild' if (lookup('env', 'FORCE_REBUILD') | default(omit, true)) not in [ 'false', 'False', '0' ] else '' }}"
BUILD_ONLY: "{{ lookup('env', 'BUILD_ONLY') | default(false) | bool }}"
tasks:
- name: Include setup tasks
ansible.builtin.import_tasks: ../setup.yml
- name: Fail if DATA_DIRECTORY or MAINNET_DEPLOYMENT_DIR env vars are not set
fail:
msg: >-
Required environment variables are not set.
Please export both DATA_DIRECTORY and MAINNET_DEPLOYMENT_DIR before running the playbook.
when: not BUILD_ONLY and (lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == '')
when: lookup('env', 'DATA_DIRECTORY') == '' or lookup('env', 'MAINNET_DEPLOYMENT_DIR') == ''
- name: Fail if required key files are not defined
fail:
msg: >-
Required key files are not defined.
Please set genesis_file and staking_amount_file in validator-vars.yml.
when: not BUILD_ONLY and (not genesis_file or not staking_amount_file)
when: not genesis_file or not staking_amount_file
- name: Setup required repositories
shell: >
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd
setup-repositories --pull
setup-repositories --git-ssh --pull
- name: Build container images
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd build-containers {{ build_args }}
- name: Create deployment spec file
when: not BUILD_ONLY
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd deploy init --output {{ spec_file }}
- name: Replace network section in spec_file
when: not BUILD_ONLY
shell: >
{{ yq_path }} eval '(.network) = load("{{ spec_template }}").network' -i {{ spec_file }}
yq eval '(.network) = load("{{ spec_template }}").network' -i {{ spec_file }}
- name: Create deployment from spec file
when: not BUILD_ONLY
shell: |
laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd deploy create --spec-file {{ spec_file }} --deployment-dir {{data_directory}}/{{ mainnet_deployment_dir }}
- name: Create config.env
when: not BUILD_ONLY
copy:
dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/config.env"
content: |
@ -66,48 +58,28 @@
mode: '0777'
- name: Ensure tmp directory exists inside laconicd-data
when: not BUILD_ONLY
file:
path: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp"
state: directory
mode: '0755'
- name: Copy compressed genesis file to laconicd-data tmp directory
when: not BUILD_ONLY
- name: Copy staking amount file to laconicd-data tmp directory
copy:
src: "{{ genesis_file }}"
dest: "{{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/genesis.json.zst"
src: "{{ staking_amount_file }}"
dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/staking-amount.json"
mode: '0644'
- name: Decompress genesis file in tmp directory
when: not BUILD_ONLY
ansible.builtin.command:
argv:
- zstd
- -d
- "-f"
- "{{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/genesis.json.zst"
- "-o"
- "{{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/genesis.json"
args:
creates: "{{ data_directory }}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/genesis.json"
- name: Copy genesis file to laconicd-data tmp directory
copy:
src: "{{ genesis_file }}"
dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/genesis.json"
mode: '0644'
- name: Initialize laconicd node
when: not BUILD_ONLY
command:
argv:
- docker
- run
- -i
- -v
- "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd"
- -v
- "{{data_directory}}/{{ mainnet_deployment_dir }}/config/mainnet-laconicd:/scripts"
- -e
- "CERC_MONIKER={{ cerc_moniker }}"
- -e
- "CERC_CHAIN_ID={{ cerc_chain_id }}"
- cerc/laconicd:local
- bash
- -c
- "/scripts/setup-laconicd.sh"
shell: |
docker run -i \
-v {{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
-v {{data_directory}}/{{ mainnet_deployment_dir }}/config/mainnet-laconicd:/scripts \
-e "CERC_MONIKER={{ cerc_moniker }}" \
-e "CERC_CHAIN_ID={{ cerc_chain_id }}" \
cerc/laconicd:local bash -c "/scripts/setup-laconicd.sh"

4
playbooks/validator/validator-vars.example.yml
View File

@ -1,4 +1,4 @@
# The URL of the laconicd node's RPC endpoint (e.g., "tcp://NODE_PUBLIC_IP_ADDRESS:26657" or "https://<your-node-url>")
# The URL of the laconicd node's RPC endpoint (e.g., "tcp://NODE_PUBLIC_IP_ADDRESS:26657")
node_url: ""
# The public key of the validator node. This is required for creating the validator on chain
@ -26,7 +26,7 @@ min_gas_price: 0.001
cerc_loglevel: "info"
# Absolute path to the mainnet genesis.json file
genesis_file: "~/cerc/laconicd-stack/config/mainnet-genesis.json.zst"
genesis_file: "~/cerc/laconicd-stack/config/mainnet-genesis.json"
# Absolute path to the staking-amount.json file
staking_amount_file: "~/cerc/laconicd-stack/config/staking-amount.json"

22
scripts/generate-lps-distribution-json.py
View File

@ -73,35 +73,33 @@ def convert_csv_to_json(csv_path, json_path):
if col not in df.columns:
raise Exception(f'Missing required column: {col}')
result = []
result = {}
for _, row in df.iterrows():
placeholder = str(row[PLACEHOLDER_COLUMN]) if not pd.isna(row[PLACEHOLDER_COLUMN]) else ''
laconic_address = str(row[LACONIC_ADDRESS_COLUMN]) if not pd.isna(row[LACONIC_ADDRESS_COLUMN]) else ''
# Use laconic_address as key if placeholder is missing or empty
# key = placeholder if placeholder and placeholder.lower() != 'nan' else laconic_address
key = laconic_address
key = placeholder if placeholder and placeholder.lower() != 'nan' else laconic_address
# Skip the row if both 'Placeholder' and 'Laconic Address' are missing or invalid
if not key or key.lower() == 'nan':
continue
# If key is the laconic address, validate that it's a valid bech32 address
# if key == laconic_address:
# hrp, data = bech32_decode(laconic_address)
# if hrp is None or data is None or not hrp.startswith("laconic"):
# print(f"Skipping invalid Laconic address: {laconic_address}")
# continue
if key == laconic_address:
hrp, data = bech32_decode(laconic_address)
if hrp is None or data is None or not hrp.startswith("laconic"):
print(f"Skipping invalid Laconic address: {laconic_address}")
continue
entry = {
'laconic_address': row[LACONIC_ADDRESS_COLUMN] if not pd.isna(row[LACONIC_ADDRESS_COLUMN]) else None,
'placeholder': placeholder,
'total_lps_allocation': to_number(row[TOTAL_LPS_ALLOCATION_COLUMN]),
'lock_months': row[LOCK_MONTHS_COLUMN] if not pd.isna(row[LOCK_MONTHS_COLUMN]) else None,
'vest_months': row[VEST_MONTHS_COLUMN] if not pd.isna(row[VEST_MONTHS_COLUMN]) else None
'vest_months': row[VEST_MONTHS_COLUMN] if not pd.isna(row[VEST_MONTHS_COLUMN]) else None,
'laconic_address': row[LACONIC_ADDRESS_COLUMN] if not pd.isna(row[LACONIC_ADDRESS_COLUMN]) else None
}
result.append(entry)
result[key] = entry
with open(json_path, 'w') as f:
json.dump(result, f, indent=2)

23
scripts/genesis.sh
View File

@ -11,22 +11,15 @@ NODE_HOME="/root/.laconicd"
EARLY_SUPPORTS_ACC_ADDRESS=${EARLY_SUPPORTS_ACC_ADDRESS}
# Skipping early supports account allocation
# if [ -z "$EARLY_SUPPORTS_ACC_ADDRESS" ]; then
# echo "EARLY_SUPPORTS_ACC_ADDRESS not provided, exiting..."
# exit 1
# fi
if [ -z "$EARLY_SUPPORTS_ACC_ADDRESS" ]; then
echo "EARLY_SUPPORTS_ACC_ADDRESS not provided, exiting..."
exit 1
fi
# lps allocations
# Total supply: 129600 lps
# Old plan, will allocate 100% to lockup module instead
# EARLY_SUPPORTS_ALLOC="25920" # Early supports: 25920 lps (20% of total supply)
# LOCKUP_ALLOC="103680" # Lockup: 103680 lps (80% of total supply)
LOCKUP_ALLOC="129600" # Lockup: 129600 lps (100% of total supply)
EARLY_SUPPORTS_ALLOC="25920" # Early supports: 25920 lps (20% of total supply)
LOCKUP_ALLOC="103680" # Lockup: 103680 lps (80% of total supply)
LPS_LOCKUP_MODULE_ACCOUNT="lps_lockup"
LPS_DENOM="lps"
@ -51,10 +44,8 @@ update_genesis '.app_state["gov"]["params"]["expedited_threshold"]="1.0000000000
# Set normal threshold to 99% since it needs to be lesser than expedited threshold
update_genesis '.app_state["gov"]["params"]["threshold"]="0.990000000000000000"'
# Skipping early supports account allocation
# laconicd genesis add-genesis-account $EARLY_SUPPORTS_ACC_ADDRESS $EARLY_SUPPORTS_ALLOC$LPS_DENOM --keyring-backend $KEYRING --append
# Perform lps allocations
laconicd genesis add-genesis-account $EARLY_SUPPORTS_ACC_ADDRESS $EARLY_SUPPORTS_ALLOC$LPS_DENOM --keyring-backend $KEYRING --append
laconicd genesis add-genesis-lockup-account lps_lockup $distribution_file $LOCKUP_ALLOC$LPS_DENOM
# Ensure that resulting genesis file is valid

2
stack-orchestrator/stacks/mainnet-laconicd/stack.yml
View File

@ -2,7 +2,7 @@ version: "1.0"
name: mainnet-laconicd
description: "Laconicd full node"
repos:
- git.vdb.to/cerc-io/laconicd@v1.0.1
- git.vdb.to/cerc-io/laconicd@mainnet # TODO: Use a release
containers:
- cerc/laconicd
pods: