feat!: create ansible EN role (#2)

templates/docker-compose.yaml.j2

@@ -0,0 +1,97 @@
+version: "3.9"
+services:
+  traefik:
+    image: "traefik:{{ traefik_version }}"
+    network_mode: "host"
+    restart: unless-stopped
+    command:
+      - "--log.level=INFO"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.external_node_health.address=:3080"
+{% if enable_tls %}
+      - "--entrypoints.websecure.address=:443"
+      - "--certificatesresolvers.en_resolver.acme.tlschallenge=true"
+      - "--certificatesresolvers.en_resolver.acme.storage=/letsencrypt/acme.json"
+      - "--certificatesresolvers.myresolver.acme.email={{ acme_email }}"
+{% endif %}
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+{% if enable_tls %}
+      - "./letsencrypt:/letsencrypt"
+{% endif %}
+
+  postgres:
+    image: "postgres:{{ postgres_version }}"
+    restart: unless-stopped
+    healthcheck:
+      interval: 1m
+      timeout: 30s
+      retries: 288000
+      start_period: 4h
+      test: psql -U postgres -c "select exists (select * from pg_stat_activity where datname = '{{ database_name }}' and application_name = 'pg_restore')" | grep -e ".f$"
+    volumes:
+      - "{{ storage_directory }}/postgres:/var/lib/postgresql/data"
+      - "{{ storage_directory }}/pg_backups:/pg_backups"
+      - ./restore_dump.sh:/docker-entrypoint-initdb.d/restore_dump.sh
+    env_file:
+      - postgres.env
+    command:
+      - postgres
+      - -c
+{% for argument in postgres_arguments %}
+      - {{ argument }}
+{% endfor %}
+  external_node:
+    image: "matterlabs/external-node:v{{ external_node_version }}"
+    restart: unless-stopped
+    depends_on:
+      postgres:
+        condition: service_healthy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.services.external_node_main.loadbalancer.server.port={{ rpc_http_port }}"
+      - "traefik.http.routers.external_node_main.rule=PathPrefix(`/`)"
+{% if enable_tls %}
+      - "traefik.http.routers.whoami.entrypoints=websecure"
+      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
+      - "traefik.http.routers.whoami.rule=Host(`{{ domain_name }}`)"
+{% else %}
+      - "traefik.http.routers.external_node_main.entrypoints=web"
+{% endif %}
+      - "traefik.http.routers.external_node_main.service=external_node_main"
+
+      - "traefik.http.services.external_node_health.loadbalancer.server.port={{ healthcheck_port }}"
+      - "traefik.http.routers.external_node_health.rule=PathPrefix(`/`)"
+      - "traefik.http.routers.external_node_health.entrypoints=external_node_health"
+      - "traefik.http.routers.external_node_health.service=external_node_health"
+    expose:
+      - {{ rpc_http_port }}
+      - {{ rpc_ws_port }}
+      - {{ healthcheck_port }}
+      - {{ metrics_port }}
+    environment:
+      ZKSYNC_HOME: "/"
+      EN_STATE_CACHE_PATH: /db/state_keeper
+      EN_MERKLE_TREE_PATH: /db/lightweight-new
+      EN_HTTP_PORT: {{ rpc_http_port }}
+      EN_WS_PORT: {{ rpc_ws_port }}
+      EN_HEALTHCHECK_PORT: {{ healthcheck_port }}
+      EN_PROMETHEUS_PORT: {{ metrics_port }}
+      EN_THREADS_PER_SERVER: 64
+      CHAIN_STATE_KEEPER_VALIDATION_COMPUTATIONAL_GAS_LIMIT: 2000000
+      DATABASE_POOL_SIZE: 200
+      EN_MAX_BLOCKS_PER_TREE_BATCH: 200
+      RUST_LOG: zksync_core=debug,zksync_dal=info,zksync_eth_client=info,zksync_merkle_tree=info,zksync_storage=info,zksync_state=debug,zksync_types=info,vm=info,zksync_external_node=info,zksync_utils=debug
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost:{{ healthcheck_port }}/health" ]
+      interval: 1m
+      timeout: 30s
+      retries: 60
+      start_period: 1m
+    volumes:
+      - "{{ storage_directory }}/db:/db"
+    env_file:
+      - "external_node.env"
+      - "postgres.env"

templates/external_node.env.j2

@@ -0,0 +1,5 @@
+EN_ETH_CLIENT_URL="{{ eth_l1_url | mandatory }}"
+EN_MAIN_NODE_URL="{{ main_node_url | mandatory }}"
+EN_L2_CHAIN_ID="{{ l2_chain_id | mandatory }}"
+EN_L1_CHAIN_ID="{{ l1_chain_id | mandatory }}"
+DATABASE_URL="postgres://{{ database_username | mandatory }}:{{ database_password | mandatory }}@postgres/{{ database_name | mandatory }}"

templates/monitoring.yaml.j2

@@ -0,0 +1,50 @@
+version: "3.9"
+services:
+  vmagent:
+    container_name: vmagent
+    image: "victoriametrics/vmagent:v{{ vmagent_version }}"
+    volumes:
+      - vmagentdata:/vmagentdata
+      - ./vmagent-config.yml:/etc/vmagent/config.yml
+    command:
+{% if prometheus_remote_write %}
+      - "--remoteWrite.url={{ prometheus_remote_write_url }}"
+      - "--remoteWrite.label={{ prometheus_remote_write_label }}"
+{% if prometheus_remote_write_auth %}
+      - "--remoteWrite.basicAuth.username={{ prometheus_remote_write_auth_username }}"
+      - "--remoteWrite.basicAuth.password={{ prometheus_remote_write_auth_password }}"
+      - "--remoteWrite.tmpDataPath=/tmp/vmagent"
+{% endif %}
+{% endif %}
+      - "--promscrape.config=/etc/vmagent/config.yml"
+      - "--promscrape.streamParse=true"
+      - "--remoteWrite.vmProtoCompressLevel=2"
+    restart: always
+
+  node-exporter:
+    image: "prom/node-exporter:v{{ node_exporter_version }}"
+    volumes:
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /:/rootfs:ro
+    restart: unless-stopped
+    command:
+      - '--path.procfs=/host/proc'
+      - '--path.sysfs=/host/sys'
+      - '--collector.filesystem.ignored-mount-points=^/(sys|proc|dev|host|etc)($$|/)'
+
+  cadvisor:
+    image: "gcr.io/cadvisor/cadvisor:v{{ cadvisor_version }}"
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:rw
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+
+  postgres-exporter:
+    image: "quay.io/prometheuscommunity/postgres-exporter:v{{ postgres_exporter_version }}"
+    env_file:
+      - postgres.env
+
+volumes:
+  vmagentdata:

templates/postgres.env.j2

@@ -0,0 +1,3 @@
+POSTGRES_USER="{{ database_username | mandatory }}"
+POSTGRES_PASSWORD="{{ database_password | mandatory }}"
+DATA_SOURCE_NAME="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/postgres?sslmode=disable"

templates/restore_dump.sh.j2

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+set -e
+
+{% if force_pg_restore %}
+pg_restore --clean --exit-on-error -j $(nproc --all) -d postgres -U $POSTGRES_USER --no-owner --no-privileges --disable-triggers --create /pg_backups/external_node_latest.pgdump
+{% else %}
+if psql -U $POSTGRES_USER -d postgres -lqt | cut -d \| -f 1 | grep -qw "{{ database_name }}"; then
+    echo "Database already exists"
+else
+    echo "Database does not exist"
+    pg_restore --exit-on-error -j $(nproc --all) -d postgres -U $POSTGRES_USER --no-owner --no-privileges --disable-triggers --create /pg_backups/external_node_latest.pgdump
+fi
+{% endif %}

templates/vmagent-config.yml.j2

@@ -0,0 +1,40 @@
+scrape_configs:
+  - job_name: external-node
+    static_configs:
+      - targets: ['external_node:{{ metrics_port }}']
+    relabel_configs:
+      - source_labels: [instance]
+        target_label: instance
+        replacement: '{{ node_name | mandatory }}'
+  - job_name: vmagent
+    static_configs:
+      - targets:
+          - "127.0.0.1:8429"
+    relabel_configs:
+      - source_labels: [instance]
+        target_label: instance
+        replacement: '{{ node_name | mandatory }}'
+  - job_name: node-exporter
+    static_configs:
+      - targets:
+          - "node-exporter:9100"
+    relabel_configs:
+      - source_labels: [instance]
+        target_label: instance
+        replacement: '{{ node_name | mandatory }}'
+  - job_name: cadvisor
+    static_configs:
+      - targets:
+          - "cadvisor:8080"
+    relabel_configs:
+      - source_labels: [instance]
+        target_label: instance
+        replacement: '{{ node_name | mandatory }}'
+  - job_name: postgres-exporter
+    static_configs:
+      - targets:
+          - "postgres-exporter:9187"
+    relabel_configs:
+      - source_labels: [instance]
+        target_label: instance
+        replacement: '{{ node_name | mandatory }}'