blee/ansible-role-samourai-dojo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6 Commits 1 Branch 0 Tags 72 KiB
2b9f99568e
Go to file
Brian Lee 2b9f99568e Arrange for a hostname to be written to a volume that is available the container.
2023-07-18 18:31:10 -07:00
defaults Arrange for a hostname to be written to a volume that is available the container. 2023-07-18 18:31:10 -07:00
docs Arrange for a hostname to be written to a volume that is available the container. 2023-07-18 18:31:10 -07:00
meta Initialize repo for Samourai Dojo container role. 2023-07-16 11:16:07 -07:00
tasks Arrange for a hostname to be written to a volume that is available the container. 2023-07-18 18:31:10 -07:00
tests Initialize repo for Samourai Dojo container role. 2023-07-16 11:16:07 -07:00
.gitignore Initialize repo for Samourai Dojo container role. 2023-07-16 11:16:07 -07:00
LICENSE.md Initialize repo for Samourai Dojo container role. 2023-07-16 11:16:07 -07:00
README.md Arrange for a hostname to be written to a volume that is available the container. 2023-07-18 18:31:10 -07:00

README.md

Ansible Role: samourai-dojo

This Ansible Role builds and installs a single Podman container that runs the Node.js code for Samourai Dojo.

For educational purposes: it is intended to be composed with separate roles for Podman, mysql, and web proxy. Backended by a nixbitcoin node.

For experts only: Usage of this role implies complete personal accountability and you should never reach out to the Samourai team for support regarding it. This project has no relation to Samourai.

Requirements

Dependencies

Secrets

Use your favorite secret-store. As an example, you could use GNU pass:

pass generate -n SAMOURAI_DOJO_API
pass generate -n SAMOURAI_DOJO_ADMIN
pass generate -n SAMOURAI_DOJO_JWT
pass generate -n SAMOURAI_DOJO_MARIADB_PASSWORD
pass generate -n BITCOIND_DOJO_RPC_PASSWORD

Then source them into your local environment.

Role Variables

See the defaults for the role.

samourai_dojo_version: "1.20.0"
samourai_dojo_onion_service: "{{ lookup('ansible.builtin.env', 'SAMOURAI_DOJO_ONION') }}"
samourai_dojo_onion_port: 80
#onion_services_path: /opt/dojo # a globally readable/writable path where the hsv3 hostname will be copied (optional)

Example Playbook

- hosts: dojo
  roles:
    - role: nginxinc.nginx_core.nginx
      become: true
    - role: fauust.mariadb
      become: true
    - role: alvistack.podman
      become: true
    - role: bleetube.dojo
      tags: dojo
  tasks:
    - import_tasks: nginx_conf.yml
      become: true

Have tor, bitcoind, and electrs running separately (e.g. nixbitcoin). And optionally whirlpool-cli.

For a working example, see bleetube/satstack.

Systemd

systemctl --user status container-dojo.service

Upgrades

Configure samourai_dojo_version and rerun the playbook.

ansible-playbook playbooks/samourai.yml --tags dojo

Mind any changes specifically to Node.js environment variables, and the Dojo install scripts (or wait for this role to document any extra upgrade steps).

Monitoring

See dojo-exporter

Troubleshooting

podman logs --follow dojo
podman inspect dojo | jq .[].Config.Env
ngrep -d lo port 80 -W byline

Resources