# service-provider-setup This setup has been tested on digitalocean droplets running ubuntu 22.04 LTS ## Prerequisites - Setup Ansible: follow the [installation](../README.md#installation) guide to setup ansible on your machine - Set up a DigitalOcean Droplet with passwordless SSH access - Buy a domain and configure [nameservers pointing to DigitalOcean](https://docs.digitalocean.com/products/networking/dns/getting-started/dns-registrars/) - Generate a DigitalOcean access token, used for API authentication and managing cloud resources - Setup a user: Follow steps from [Setup a user](../user-setup/README.md#setup-a-user) to setup a new user with passwordless sudo ## Become a Service Provider ### Setup - Copy the vars files: ```bash cd vars cp dns-vars.example.yml dns-vars.yml cp gpg-vars.example.yml gpg-vars.yml cp k8s-vars.example.yml k8s-vars.yml cp container-vars.example.yml container-vars.yml cp laconicd-vars.example.yml laconicd-vars.yml cp webapp-vars.example.yml webapp-vars.yml cd - ``` - Update the following values in the respective variable files: ```bash # vars/dns-vars.yml full_domain: "" # eg: laconic.com service_provider_ip: "" # eg: 23.111.78.179 do_api_token: "" # DigitalOcean access token that you generated, eg: dop_v1... # vars/gpg-vars.yml gpg_user_name: "" # full name of the user for the GPG key gpg_user_email: "" # email address associated with the GPG key gpg_passphrase: "" # passphrase for securing the GPG key # vars/k8s-vars.yml org_id: "" # eg: lcn location_id: "" # eg: cad support_email: "" # eg: support@laconic.com # vars/container-vars.yml container_registry_username: "" # username to login to the container registry container_registry_password: "" # password to login to the container registry # vars/laconicd-vars.yml chain_id: "" # chain id to use for the Laconic chain # vars/webapp-vars.yml authority_name: "" # eg: laconic-authority cpu_reservation: "1" # minimum number of cpu cores to be used, eg: 2 memory_reservation: "2G" # minimum amount of memory in GB to be used, eg: 4G cpu_limit: "6" # maximum number of cpu cores to be used, eg: 6 memory_limit: "8G" # maximum amount of memory in GB to be used, eg: 8G deployer_gpg_passphrase: "" # passphrase for creating GPG key used by webapp-deployer, eg: SECRET handle_auction_requests: "true" # whether the webapp deployer should handle deployment auction requests, eg: true auction_bid_amount: "500000" # bid amount for deployment auctions in alnt, eg: 500000 ``` - Create a new `hosts.ini` file: ```bash cp ../hosts.example.ini hosts.ini ``` - Edit the [`hosts.ini`](./hosts.ini) file: ```ini [deployment_host] ansible_host= ansible_user= ansible_ssh_common_args='-o ForwardAgent=yes' ``` - Replace `` with the desired `hostname` of the remote machine - Replace `` with the IP address or hostname of the target machine - Under `deployment_host`, Replace `` with the name of the user you have created - Verify that you are able to connect to the host using the following command: ```bash ansible all -m ping -i hosts.ini # Expected output: # | SUCCESS => { # "ansible_facts": { # "discovered_interpreter_python": "/usr/bin/python3.10" # }, # "changed": false, # "ping": "pong" # } ``` - Run the `service-provider-setup.yml` ansible-playbook to: - Create DNS records - Deploy k8s - Setup laconicd and laconic console - Setup container registry - Deploy the webapp-deployer API and webapp-deployer UI ```bash # TODO: Check if `--user` can be removed LANG=en_US.utf8 ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER ``` ### Result After the playbook finishes executing, the following services will be deployed (your setup should look similar to the example below): - laconicd chain RPC endpoint: - laconicd GQL endpoint: - laconic console: - webapp deployer API: - webapp deployer UI: ## Cleanup Run the following steps on the target machine to stop the webapp-deployer, container-registry, fixturenet-laconicd and laconic-console-deployment, undeploy k8s, remove GPG keys and DNS records - Stop deployments ``` $ laconic-so deployment --dir webapp-ui stop $ laconic-so deployment --dir webapp-deployer $ laconic-so deployment --dir container-registry stop $ laconic-so deployment --dir laconic-console-deployment stop --delete-volumes $ laconic-so deployment --dir fixturenet-laconicd-deployment stop --delete-volumes ``` - Remove deployment directories ``` sudo rm -rf webapp-ui sudo rm -rf webapp-deployer sudo rm -rf container-registry sudo rm -rf laconic-console-deployment sudo rm -rf fixturenet-laconicd-deployment ``` - Remove spec files ``` rm webapp-deployer.spec rm container-registry.spec rm laconic-console-spec.yml rm fixturenet-laconicd-spec.yml ``` - Undeploy the k8s ``` $ cd service-provider-template $ export VAULT_KEY= $ bash .vault/vault-rekey.sh $ ansible-playbook -i hosts site.yml --tags=k8s --limit=_ --user --extra-vars 'k8s_action=destroy' ``` - Remove service-provider-template repo ``` $ rm -rf service-provider-template ``` - Remove any existing GPG keys ``` $ rm -rf gpg-keys/ $ gpg --list-secret-keys --keyid-format=long /home/dev/.gnupg/pubring.kbx ---------------------------- sec rsa4096/DA9E3D638930A699 2024-10-15 [SCEA] 69A3200727091E72B773BBEBDA9E3D638930A699 uid [ultimate] deepstack ssb rsa3072/2B5D80CF44753EFD 2024-10-15 [SEA] sec rsa3072/2449A62C838440AB 2024-10-15 [SC] 646A42164F978DC1415C11F12449A62C838440AB uid [ultimate] webapp-deployer-api.deepstack.com ssb rsa3072/67576558A2F2FE91 2024-10-15 [E] $ gpg --delete-secret-key 69A3200727091E72B773BBEBDA9E3D638930A699 $ gpg --delete-key 69A3200727091E72B773BBEBDA9E3D638930A699 $ gpg --delete-secret-key 646A42164F978DC1415C11F12449A62C838440AB $ gpg --delete-key 646A42164F978DC1415C11F12449A62C838440AB ``` - Remove the user if required ```bash $ userdel # If required, kill process that is using the user # userdel: user is currently used by process 1639 # $ kill -9 1639 ``` - Remove DNS records using DigitalOcean's API: -