ivilata
commented
8 years ago I'd like to take a chance on this one. Shall I take any particular playbook under ceno-box/ceno-provisioner as a reference, or may I do better by starting one anew? Thanks!
Open misaakidis opened 8 years ago
ivilata
commented
8 years ago I'd like to take a chance on this one. Shall I take any particular playbook under ceno-box/ceno-provisioner as a reference, or may I do better by starting one anew? Thanks!
ivilata
commented
8 years ago I've started this under https://github.com/ivilata/ceno/tree/ansible-for-bridge. I will probably use Supervisor to run and monitor the bridge, bundle server and reader daemons.
ivilata
commented
8 years ago The current playbook (playbook_bridge.yaml, with the bridge role) is able to deploy and run the Bundle Server and the Freenet node with the Bridge plugin. Next week I'll have a look at the RSS reader.
ivilata
commented
7 years ago Ok, I think the Ansible config files under ceno-box/ceno-provisioner (playbook_bridge.yaml and role bridge) in https://github.com/ivilata/ceno/tree/ansible-for-bridge are complete, or at least they do as much as the CENOBridge.sh script. The user running the playbook must provide a CENOBridge.jar and reader binary (and optionally a seednodes.fref file) and the playbook creates/uses a particular user in the target host to deploy and run Freenet, the Bundler and the Reader.
The main difference from @misaakidis' proposal is that daemons are run by Supervisor instead of Cron, so they can be properly restarted when they die. The Freenet installation is a very raw one just using the jars, with Supervisor invoking Java straight away (without a wrapper) so as to keep track of subprocesses. Stdout and stderr logs go to the standard /var/log/supervisor directory without any processing.
Some pending issues that I'd like to check:
seednodes.fref file so it makes sense to provide your own (someone who knows Freenet better may know)Also, only ports 3094 (Bundler), 3095 (Bridge plugin) and 3096 (Reader) are open, while bridge install instructions mention that the plugin should also open port 3093, but maybe the docs are obsolete here.
ivilata
commented
7 years ago Sending the output of daemons started by Supervisor to syslog seems to work and adds proper timestamps to lines, so I've enabled this.
Regarding seednodes.fref, by looking at the code it seems that it's either read or downloaded from Freenet, so it never saves current friends, but I guess one may still manually build such a file from friend contacts. However, since node.updater.updateSeednodes=true by default, once the node reaches Freenet it may download opennet seeds and later connect to them, revealing its IP address. Maybe node.updater.updateSeednodes=false should be added to ceno-bridge/freenet.ini. Or maybe I just got the role of opennet seed nodes wrong and we may as well just download the seednodes.fref file during bridge setup.;)
ivilata
commented
7 years ago I decided to just download seednodes.fref along Freenet jars, it looks to me pretty safe.
Since adding the wrapper looks like a pointless complication (Supervisor takes care of the Java process), I think the playbook is now complete. Maybe checking downloaded Freenet files with GPG would be desirable…
We need an ansible playbook to use for deploying CENO Bridges.
The user will have to place a CENOBox.zip file in a specific place ( https://docs.ansible.com/ansible/playbooks_best_practices.html#id9 ). She should be able to choose whether the bridge will be an RSS inserter bridge (isMasterBridge in .CENO/bridge.properties), a signal receiver bridge (isSignalBridge), or both. Users should also be able to specify the insertion key the bridge will be using (insertURI and requestURI in bridge.properties).
The playbook will go through the following steps:
npm installin /home/ceno/CENOBridge/bundle-server//home/ceno/CENOBridge/CENOBridge.shMake sure that cronjob does start bundle-server (it might take a couple of minutes).
A role should be added to deploy a CENO client node, using the existing playbook. The scripts will be placed on either a new directory (e.g. ceno-deploy), or under ceno-box.