---
- name: Configure firewall (UDP & TCP)
community.general.ufw:
rule: allow
port: "{{ item }}"
proto: any
loop:
- 4001
- 24007
- 24008
- name: Configure firewall (TCP)
community.general.ufw:
rule: allow
port: "{{ item }}"
proto: tcp
loop:
- 29152:65535
- name: Install glusterfs
ansible.builtin.apt:
name:
- glusterfs-server
state: present
- name: Start & enable glusterd service
ansible.builtin.systemd_service:
name: glusterd.service
state: started
enabled: true
# - name: Create gluster volume
# gluster.gluster.gluster_volume:
# state: present
# name: ipfs-datastore
# bricks: /bricks/brick1/g1
# rebalance: true
# cluster: "{{ groups['ipfs'] }}"
# run_once: true
# - name: Start gluster volume
# gluster.gluster.gluster_volume:
# state: started
# name: ipfs-datastore
# - name: Limit volume usage
# gluster.gluster.gluster_volume:
# state: present
# name: ipfs-datastore
# directory: /
# quota: 6.0TB
## Example: mount -t glusterfs fp-bright-0:/gv0 /mountme
# - name: Mount gluster volume
# ansible.posix.mount:
# src: "{{ ansible_hostname }}:/g1"
# path: /mnt/g1
# fstype: glusterfs
# state: mounted
- name: Create ipfs group
ansible.builtin.group:
name: ipfs
state: present
- name: Create ipfs user
ansible.builtin.user:
name: ipfs
group: ipfs
create_home: true
home: /home/ipfs
system: true
- name: Download and extract IPFS Kubo
ansible.builtin.unarchive:
src: "https://dist.ipfs.tech/kubo/{{ ipfs_kubo_version }}/kubo_{{ ipfs_kubo_version }}_linux-amd64.tar.gz"
dest: /tmp
remote_src: true
notify:
- Restart ipfs
- name: Install IPFS Kubo
ansible.builtin.copy:
src: /tmp/kubo/ipfs
dest: /usr/local/bin/ipfs
mode: "0755"
remote_src: true
notify:
- Restart ipfs
- name: Download and extract ipfs-cluster-follow
ansible.builtin.unarchive:
src: "https://dist.ipfs.tech/ipfs-cluster-follow/{{ ipfs_cluster_follow_version }}/ipfs-cluster-follow_{{ ipfs_cluster_follow_version }}_linux-amd64.tar.gz"
dest: /tmp
remote_src: true
notify:
- Restart ipfs-cluster-follow
- name: Install ipfs-cluster-follow
ansible.builtin.copy:
src: /tmp/ipfs-cluster-follow/ipfs-cluster-follow
dest: /usr/local/bin/ipfs-cluster-follow
mode: "0755"
remote_src: true
notify:
- Restart ipfs-cluster-follow
- name: Generate random peername
ansible.builtin.set_fact:
cluster_peername: "{{ lookup('password', '/dev/null length=8 chars=hexdigits') }}"
- name: Create ipfs-cluster-follow service
ansible.builtin.template:
src: ipfs-cluster-follow.service.j2
dest: /etc/systemd/system/ipfs-cluster-follow.service
mode: "0644"
notify:
- Restart ipfs-cluster-follow
- name: Create ipfs service
ansible.builtin.template:
src: ipfs.service.j2
dest: /etc/systemd/system/ipfs.service
mode: "0644"
notify:
- Restart ipfs
- name: Check current value of Routing.AcceleratedDHTClient
ansible.builtin.command: ipfs config Routing.AcceleratedDHTClient
register: ipfs_dht_config
changed_when: false # this never changes things, it only gathers data
- name: Enable IPFS Routing.AcceleratedDHTClient
ansible.builtin.command: ipfs config --json Routing.AcceleratedDHTClient true
notify:
- Restart ipfs
when: ipfs_dht_config.stdout != "true"
changed_when: true
- name: Create IPFS directory
ansible.builtin.file:
dest: /home/ipfs/.ipfs
owner: ipfs
group: ipfs
state: directory
mode: "0755"
- name: Check if IPFS config exists
ansible.builtin.stat:
path: /home/ipfs/.ipfs/config
register: ipfs_config
- name: Initialize IPFS
ansible.builtin.command: /usr/local/bin/ipfs init
become: true
become_user: ipfs
args:
chdir: /home/ipfs
when: not ipfs_config.stat.exists
changed_when: true # Explicitly mark this as a change when it runs
notify:
- Restart ipfs
## @todo enable once we get gluster working
# - name: Symlink IPFS blocks directory to gluster brick
# ansible.builtin.file:
# src: /home/ipfs/.ipfs/blocks
# dest: /mnt/g1/.ipfs/blocks
# owner: ipfs
# group: ipfs
# state: link
# notify:
# - Restart ipfs