testnet-ops/service-provider-setup/README.md

# service-provider-setup

## Setup Ansible

To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine

## Prerequisites

- Set up a DigitalOcean Droplet with passwordless SSH access

- Buy a domain and configure [nameservers pointing to DigitalOcean](https://docs.digitalocean.com/products/networking/dns/getting-started/dns-registrars/)

- Generate a DigitalOcean access token, used for API authentication and managing cloud resources

## Setup a new User

- Create a new `hosts.ini` file:

   ```bash
   cp ../hosts.example.ini hosts.ini
   ```

- Edit the [`hosts.ini`](./hosts.ini) file to run the playbook on a remote machine:

  ```ini
  [root_host]
  <host_name> ansible_host=<target_ip> ansible_user=<ssh_user> ansible_ssh_common_args='-o ForwardAgent=yes'
  ```

  - Replace `<host_name>` with the desired `hostname` of the remote machine
  - Replace `<target_ip>` with the IP address or hostname of the target machine
  - Replace `<ssh_user>` with `root`

- Verify that you are able to connect to the host using the following command:

  ```bash
  ansible all -m ping -i hosts.ini

  # Expected output:

  # <host_name> | SUCCESS => {
  #  "ansible_facts": {
  #      "discovered_interpreter_python": "/usr/bin/python3.10"
  #  },
  #  "changed": false,
  #  "ping": "pong"
  # }
  ```

- Setup `user-vars.yml`  using the example file

  ```bash
  cp vars/user-vars.example.yml vars/user-vars.yml
  ```

- Edit the `user-vars.yml` file:

  ```bash
  # name of the user you want to setup on the target host
  username: ""

  # password of the user you want to setup on the target host
  password: ""

  # path to the ssh key on your machine, eg: "/home/user/.ssh/id_rsa.pub"
  path_to_ssh_key: ""
  ```

- Execute the `setup-user.yml` Ansible playbook to create a user with passwordless sudo permissions:

  ```bash
  LANG=en_US.utf8 ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
  ```

## Become a Service Provider

### Setup

- Copy the vars files:

  ```bash
  cd vars
  cp dns-vars.example.yml dns-vars.yml
  cp gpg-vars.example.yml gpg-vars.yml
  cp k8s-vars.example.yml k8s-vars.yml
  cp container-vars.example.yml container-vars.yml
  cp laconicd-vars.example.yml laconicd-vars.yml
  cp webapp-vars.example.yml webapp-vars.yml
  cd -
  ```

- Update the following values in the respective variable files:

  ```bash
  # vars/dns-vars.yml
  full_domain: ""               # eg: laconic.com
  subdomain_prefix: ""          # eg: lcn-cad
  service_provider_ip: ""        # eg: 23.111.78.179
  do_api_token: ""              # DigitalOcean access token that you generated, eg: dop_v1...

  # vars/gpg-vars.yml
  gpg_user_name: ""         # full name of the user for the GPG key
  gpg_user_email: ""        # email address associated with the GPG key
  gpg_passphrase: ""        # passphrase for securing the GPG key

  # vars/k8s-vars.yml
  target_host: "deployment_host"
  org_id: ""                    # eg: lcn
  location_id: ""               # eg: cad
  base_domain: ""               # eg: laconic
  support_email: ""             # eg: support@laconic.com

  # vars/container-vars.yml
  container_registry_username: "" # username to login to the container registry
  container_registry_password: "" # password to login to the container registry

  # vars/laconicd-vars.yml
  chain_id: "" # chain id to use for the Laconic chain

  # vars/webapp-vars.yml
  authority_name: ""          # eg: my-org-name
  cpu_reservation: ""         # minimum number of cpu cores to be used, eg: 2
  memory_reservation: ""      # minimum amount of memory in GB to be used, eg: 4G
  cpu_limit: ""               # maximum number of cpu cores to be used, eg: 6
  memory_limit: ""            # maximum amount of memory in GB to be used, eg: 8G
  deployer_gpg_passphrase: "" # passphrase for creating GPG key used by webapp-deployer, eg: SECRET
  handle_auction_requests: "" # whether the webapp deployer should handle deployment auction requests, eg: true
  auction_bid_amount: ""      # bid amount for deployment auctions in alnt, eg: 500000
  ```

- Update the [`hosts.ini`](./hosts.ini) file:

  ```ini
  [root_host]
  <host_name> ansible_host=<target_ip> ansible_user=root ansible_ssh_common_args='-o ForwardAgent=yes'

  [deployment_host]
  <host_name> ansible_host=<target_ip> ansible_user=<new_username> ansible_ssh_common_args='-o ForwardAgent=yes'
  ```

  - Replace `<host_name>` with the desired `hostname` of the remote machine
  - Replace `<target_ip>` with the IP address or hostname of the target machine
  - Under `deployment_host`, Replace `<ansible_user>` with the name of the user you have created

- Verify that you are able to connect to the host using the following command:

  ```bash
  ansible all -m ping -i hosts.ini

  # Expected output:

  # <host_name> | SUCCESS => {
  #  "ansible_facts": {
  #      "discovered_interpreter_python": "/usr/bin/python3.10"
  #  },
  #  "changed": false,
  #  "ping": "pong"
  # }
  ```

- Run the `service-provider-setup.yml` ansible-playbook to:
  - Create DNS records
  - Deploy k8s
  - Setup laconicd and laconic console
  - Setup container registry
  - Deploy the webapp-deployer API and webapp-deployer UI

  ```bash
  LANG=en_US.utf8 ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
  ```

### Result

After the playbook finishes executing, the following services will be deployed (your setup should look similar to the example below):

- laconicd chain RPC endpoint: <http://lcn-daemon.laconic.com:26657>
- laconicd GQL endpoint: <http://lcn-daemon.laconic.com:9473/api>
- laconic console: <http://lcn-console.laconic.com:8080/registry>
- webapp deployer API: <https://webapp-deployer-api.pwa.laconic.com>
- webapp deployer UI: <https://webapp-deployer-ui.pwa.laconic.com>