checkpoint

.gitignore

@@ -78,3 +78,4 @@ Thumbs.db
 *.env
 node_secrets.yml
 hosts.ini
+.vaultpass

README.md

@@ -1,111 +1,119 @@
 # Azure Validator Node
 
-Create a new Azure Validator Node with the following steps:
-
-## Overview
-
 This repository contains scripts and configurations to set up and manage an Azure Validator Node using Terraform and Ansible.
 
-### Terraform
-
-Terraform scripts are located in the [./terraform](./terraform) directory. These scripts are used to provision the necessary Azure infrastructure for the Validator Node.
-
-### Ansible
+## Overview
 
-Ansible playbooks are located in the [./ansible](./ansible) directory. These playbooks are used to configure the provisioned infrastructure and deploy the Validator Node.
+- **Terraform**: Used to provision the necessary Azure infrastructure for the Validator Node.
+- **Ansible**: Used to configure the provisioned infrastructure and deploy the Validator Node.
 
 ## Requirements
 
-Before you begin, ensure you have the following installed:
+Before you begin, ensure you have the following installed on your local machine:
 
-- [Terraform](https://www.terraform.io/downloads.html)
+- [Terraform](https://www.terraform.io/downloads.html) (version >= 0.12)
+  - [Installation Guide](https://learn.hashicorp.com/tutorials/terraform/install-cli)
 - [Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)
-- [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
-
-## Pre-requisites
-Authenticate with Azure CLI
-```sh
-az login
-```
-
-## Installation
-
-1. **Clone the repository:**
-
+  - [Installation Guide](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)
+  - Install necessary Ansible modules:
     ```sh
-    git clone https://github.com/ten-protocol/ten-validator.git
-    cd ten-validator
+    ansible-galaxy collection install community.docker community.crypto
     ```
+- [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
+- [Docker](https://docs.docker.com/get-docker/)
+- [Docker Compose](https://docs.docker.com/compose/install/)
+- [Git](https://git-scm.com/downloads)
 
-2. **Install Terraform:**
-
-    Follow the instructions on the [Terraform website](https://www.terraform.io/downloads.html) to install Terraform.
-
-3. **Install Ansible:**
-
-    Follow the instructions on the [Ansible website](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) to install Ansible.
+## Pre-requisites
 
-4. **Install Azure CLI:**
+1. **Authenticate with Azure CLI**:
+   ```sh
+   az login
+   ```
 
-    Follow the instructions on the [Azure CLI website](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli) to install the Azure CLI.
+2. **Clone the repository**:
+   ```sh
+   git clone https://github.com/ten-protocol/ten-validator.git
+   cd ten-validator
+   ```
 
-## Usage
+3. **Configure Azure Subscription**:
+   Ensure your Azure subscription is set correctly:
+   ```sh
+   az account set --subscription "your-subscription-name"
+   ```
 
-### Terraform
+## Terraform Setup
 
-1. **Navigate to the Terraform directory:**
+### Initialize and Apply Terraform Configuration
 
-    ```sh
-    cd AzureTerra/terraform
-    ```
+1. **Navigate to the Terraform directory**:
+   ```sh
+   cd terraform
+   ```
 
-2. **Initialize Terraform:**
+2. **Copy the example `terraform.tfvars` file and edit it**:
+   ```sh
+   cp terraform.tfvars.example terraform.tfvars
+   # Edit terraform.tfvars with your preferred settings
+   ```
 
-    ```sh
-    terraform init
-    ```
+3. **Initialize Terraform**:
+   ```sh
+   terraform init
+   ```
 
-3. **Apply the Terraform configuration:**
+4. **Apply the Terraform configuration**:
+   ```sh
+   terraform apply
+   ```
+   Follow the prompts to confirm the infrastructure changes.
 
-    ```sh
-    terraform apply
-    ```
+5. **Retrieve SSH Key and Login Script**:
+   ```sh
+   chmod +x get-key.sh
+   ./get-key.sh
+   ```
 
-    Follow the prompts to confirm the infrastructure changes.
+## Ansible Deployment
 
-### Login to Validator Node
-#### get-key.sh
+### Deploy the Validator Node
 
-The `get-key.sh` script is used to retrieve necessary keys for the Validator Node and generate a simple ssh-login.sh script to login to the Validator Node.
+1. **Navigate to the Ansible directory**:
+   ```sh
+   cd ansible
+   ```
 
-1. **Run the script:**
+2. **Copy the example `hosts.ini` file and edit it**:
+   ```sh
+   cp hosts.ini.example hosts.ini
+   # Edit hosts.ini with the IP address of your VM
+   ```
 
-    ```sh
-    chmod +x get-key.sh
-    ./get-key.sh
-    ```
 
-2. **Run the generated script:**
 
-    ```sh
-    chmod +x ssh-login.sh
-    ./ssh-login.sh
-    ```
+3. **Run the Ansible playbook**:
+   ```sh
+   ansible-playbook -i hosts.ini setup-validator-playbook.yaml
+   ```
+   Ensure that the `hosts.ini` file is correctly configured with the details of your provisioned infrastructure.
 
-    This will log you into the Validator Node.
+## Additional Information
 
-### Ansible
+- **Clear Terraform State**: If you need to destroy the infrastructure and clear the Terraform state, run:
+  ```sh
+  chmod +x clear.sh
+  ./clear.sh
+  ```
 
-1. **Navigate to the Ansible directory:**
+- **Environment Variables**: Ensure that all necessary environment variables are set as per the `ansible/files/node.env.example` file.
 
-    ```sh
-    cd AzureTerra/ansible
-    ```
+- **Network Configuration**: The network settings are defined in `ansible/files/network_vars.yml` and should not be changed unless necessary.
 
-2. **Run the Ansible playbook:**
+## Troubleshooting
 
-    ```sh
-    ansible-playbook -i hosts.ini install_ten_validator.yml
-    ```
+- Ensure all dependencies are installed and accessible in your system's PATH.
+- Verify that your Azure CLI is authenticated and set to the correct subscription.
+- Check that your `terraform.tfvars` and `hosts.ini` files are correctly configured.
 
-    Ensure that the `inventory` file is correctly configured with the details of your provisioned infrastructure.
+For further assistance, refer to the official documentation of each tool or reach out to the project maintainers.

ansible/setup-validator-playbook.yaml

@@ -15,8 +15,8 @@
     # # l1_beacon_url: "{{ lookup('env', 'L1_BEACON_URL', default=env_file_vars.L1_BEACON_URL) }}"
     log_level: "{{ lookup('env', 'LOG_LEVEL') |  default(LOG_LEVEL, true) | default(3, true) }}"
     hostname: "{{ host_id }}-{{ ten_network }}-external"
-    install_deps: false
-    install_postgres: false
+    install_deps: true
+    install_postgres: "{{ postgres_db_host is not defined or postgres_db_host == '' }}"
     install_node: true
 
   tasks:

install-ten.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+
+# Function to prompt for input with validation
+prompt_for_input() {
+  local prompt_message=$1
+  local input_variable_name=$2
+  local validation_regex=$3
+
+  while true; do
+    echo "$prompt_message"
+    read input_value
+    if [[ $input_value =~ $validation_regex ]]; then
+      eval $input_variable_name="'$input_value'"
+      break
+    else
+      echo "Invalid input. Please try again."
+    fi
+  done
+}
+
+# Prompt for HOST_ID
+prompt_for_input "Please enter your HOST_ID (this is the public key of your validator account, e.g., 0x1234...):" HOST_ID '^0x[0-9a-fA-F]+$'
+
+# Prompt for PRIVATE_KEY
+prompt_for_input "Please enter your PRIVATE_KEY associated with the HOST_ID (without the 0x prefix):" PRIVATE_KEY '^[0-9a-fA-F]+$'
+
+# Prompt for HOST_PUBLIC_P2P_ADDR_ROOT
+prompt_for_input "Please enter the DNS or external IP of your validator node (e.g., validator.example.com or 8.2.27.123):" HOST_PUBLIC_P2P_ADDR_ROOT '^[a-zA-Z0-9.-]+$'
+
+HOST_PUBLIC_P2P_ADDR="${HOST_PUBLIC_P2P_ADDR_ROOT}:10000"
+HOST_P2P_PORT="10000"
+LOG_LEVEL="3"
+
+# Prompt for L1_WS_URL
+prompt_for_input "Please enter the L1_WS_URL (a Sepolia client websocket URL, e.g., ws:// or wss://...):" L1_WS_URL '^wss?://.+$'
+
+# Prompt for DEPLOY_POSTGRES
+echo "Would you like to use an existing external Postgres instance? (Default is No - one will be deployed) [N/y]:"
+read DEPLOY_POSTGRES
+
+if [[ "$DEPLOY_POSTGRES" =~ ^([yY][eE][sS]|[yY])$ ]]; then
+  INCLUDE_POSTGRES_DB_HOST="true"
+  # Prompt for POSTGRES_DB_HOST
+  prompt_for_input "Please enter the POSTGRES_DB_HOST (Postgres login URI):" POSTGRES_DB_HOST '^.+$'
+else
+  INCLUDE_POSTGRES_DB_HOST="false"
+fi
+
+# Generate a random password for Ansible Vault
+VAULT_PASSWORD=$(openssl rand -base64 32)
+
+# Write the password to a .vaultpass file
+echo "$VAULT_PASSWORD" > .vaultpass
+
+# Create the YAML file
+cat > ./ansible/files/node_secrets.yml <<EOL
+HOST_ID: "${HOST_ID}"
+PRIVATE_KEY: "${PRIVATE_KEY}"
+HOST_PUBLIC_P2P_ADDR: "${HOST_PUBLIC_P2P_ADDR}"
+HOST_P2P_PORT: "${HOST_P2P_PORT}"
+L1_WS_URL: "${L1_WS_URL}"
+LOG_LEVEL: ${LOG_LEVEL}
+EOL
+
+if [ "$INCLUDE_POSTGRES_DB_HOST" = "true" ]; then
+  echo "POSTGRES_DB_HOST: \"${POSTGRES_DB_HOST}\"" >> ./ansible/files/node_secrets.yml
+elif [ "$INCLUDE_POSTGRES_DB_HOST" = "false" ]; then
+  echo "POSTGRES_DB_HOST: \"\"" >> ./ansible/files/node_secrets.yml
+fi
+
+# Encrypt the file with ansible-vault using the .vaultpass file
+ansible-vault encrypt ./ansible/files/node_secrets.yml --vault-password-file .vaultpass
+
+# Ask user to confirm before proceeding
+echo "The Ansible playbook will now be run. Please confirm by pressing Enter... (Ctrl+C to cancel)"
+read
+
+# Run the Ansible playbook
+ansible-playbook ./ansible/setup-validator-playbook.yaml