diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..705ab9db --- /dev/null +++ b/.gitignore @@ -0,0 +1,22 @@ +.gradle +build/ +!gradle/wrapper/gradle-wrapper.jar +!**/src/main/** +!**/src/test/** + +.factorypath +.project +.settings + + +### IntelliJ IDEA ### +.idea +**/.idea +*.iws +*.iml +*.ipr +out/ + + +### VS Code ### +.vscode/ diff --git a/Como_atualizar_Besu.md b/Como_atualizar_Besu.md new file mode 100644 index 00000000..6dc2c081 --- /dev/null +++ b/Como_atualizar_Besu.md @@ -0,0 +1,83 @@ + + + +# 1.Pré-requisitos +Para este guia, assumimos que você tem o ansible instalado na sua máquina. +Documentação de instalação ansible: https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html + +# 2.Update + +Nós vamos sugerir duas formas diferentes de fazer o update do besu: a primeira forma, é usando os scripts ansible; e a segunda forma é usando diretamente os binários + +# Update através do ansible + +2.0.1) Para fazer o update, é necessário acessar a sua máquina que está rodando o nó. + +2.0.2) Parar o besu. + +2.0.3.1) Caso você use o HTTP PROXY, verifique se as variáveis HTTP_PROXY e http_proxy estão definidas em /etc/environment (ou no .profile). Caso não esteja, defina tais variáveis. Exemplo: + +http_proxy=http://example.proxy.com:8080 +HTTP_PROXY=http://example.proxy.com:8080 + +2.0.3.2) Caso você use o HTTPS PROXY, verifique se as variáveis HTTPS_PROXY e https_proxy estão definidas em /etc/environment(ou no .profile). Caso não esteja, defina tais variáveis. Exemplo: + +https_proxy=https://example.proxy.com:8080 +HTTPS_PROXY=https://example.proxy.com:8080 + +2.0.4) Agora retorne para a máquina que tem o ansible instalado e os scripts ansible (https://github.com/RBBNet/rbb/tree/master/instalacao-rbb-node). + +2.0.5) Configure o arquivo inventory definindo com o exemplo: + +"your node address" node_ip= besu_release_version= + +no local do tipo do seu nó. + +2.0.6) Para terminar basta executar o comando: + +ansible-playbook -i inventory --private-key=~/.ssh/id_ecdsa -u remote_user site-lacchain-update-.yml + +# Update através dos binários + +2.1.1) Parar o serviço Pantheon. + +2.1.2) Fazer um backup do usr/local/besu e descompactar o binário criando um novo usr/local/besu. + +2.1.3) Reiniciar o Pantheon. + +2.1.4) Seguir os passos que estão na documentação: + +https://besu.hyperledger.org/en/stable/HowTo/Get-Started/Installation-Options/Install-Binaries/ + + +# Obs: alguns comando que podem ajudar a verificar se a atualização, terminou corretamente + +Retorna a versão do besu: + +$ pantheon --version + +Ainda no shell com o curl consegue testar se está funcionando: + +$ curl -X POST --data '{"jsonrpc":"2.0","method":"admin_nodeInfo","params":[],"id":1}' http://localhost:4545 + +Verificar se conectou com os outros nós: + +$ curl -X POST --data '{"jsonrpc":"2.0","method":"admin_peers","params":[],"id":1}' http://localhost:4545 + +Verificar se já está sincronizado (deve retornar false quando sincronizar): + +$ curl -X POST --data '{"jsonrpc":"2.0","method":"eth_syncing","params":[],"id":1}' http://localhost:4545 + + +# Atualizar o protocolo ethereum +Para atualizar o protocolo, basta você adicionar uma linha no arquivo genesis file dizendo para qual protocolo a sua rede vai e +em qual bloco isso vai começar a valer. Exemplo estamos usando o protocolo berlin e ele vai iniciar no bloco 974000: + +"config": { + ... + "constantinopleFixBlock": 0, + "berlinBlock": 17974000 + ... +} + +E, para finalizar, dê um restart no besu. diff --git "a/Como_criar_n\303\263s.md" "b/Como_criar_n\303\263s.md" index 081c30b9..1401fa94 100644 --- "a/Como_criar_n\303\263s.md" +++ "b/Como_criar_n\303\263s.md" @@ -2,9 +2,9 @@ A RBB implementada em Hyperledeger Besu é uma rede público-permissionada. Foi # Passo 1 - Ambiente Físico -O procedimento da Lacchain contém configuração mínima de hardware: https://github.com/lacchain/bndes-network/blob/master/DEPLOY_NODE.md +A configuração mínima de hardware pode ser vista [aqui](instalacao-rbb-node/DEPLOY_NODE.md). -A recomendação do BID é uma VM por nó, sem docker, e que seja um SO **Ubuntu 18.4** ou **CentOS7**. +A recomendação do BID é uma VM por nó, sem docker, e que seja um SO **Ubuntu 18.4** ou **CentOS7**. O BNDES instalou com **RedHat 7**, por similaridade com CentOS7. Embora não fosse uma plataforma oficialmente homologada pela Lacchain, nenhum problema foi encontrado. @@ -14,20 +14,20 @@ Verifique se o relógio do seu servidor está com a hora correta. É recomendáv Há quatro tipos de nós: Boot, Validator, Writer e Observer. Cada instituição participante pode ter zero, um ou mais nós de um mesmo tipo. -As VMs precisam ter IPs públicos para serem acessíveis na Internet. Além disso, precisam ter o mesmo IP outbound e inbound. +As VMs precisam ter IPs públicos para serem acessíveis na Internet. Além disso, precisam ter o mesmo IP outbound e inbound. -Para instalar os nós, seguir o procedimento da Lacchain: https://github.com/lacchain/bndes-network/blob/master/DEPLOY_NODE.md, até a parte "Checking your connection". Orion será instalado, mas não inicializado. Não será possível verificar a conexão ainda. +Para instalar os nós, seguir [este procedimento](instalacao-rbb-node/DEPLOY_NODE.md), até a parte "Checking your connection". Orion será instalado, mas não inicializado. Não será possível verificar a conexão ainda. Ao fim da instalação, veja como conferir o resultado com este [procedimento](detalhamento_comandos_Besu.md). -É possível configurar mais de um nó ao mesmo tempo utilizando o script do Ansible descrito pela Lacchain. O ChainID da RBB já está configurado nos scripts para 648629. +É possível configurar mais de um nó ao mesmo tempo utilizando o script do Ansible descrito pela Lacchain. O ChainID da RBB já está configurado nos scripts para 648629. Todas as VMS do BNDES estão DMZ de blockchain do BNDES, uma vez que todos os nós podem receber conexões externas. # Passo 3 - Filtros de Rede -A figura abaixo reflete a topologia da rede quando só havia BNDES e BID como nós. As conexões peer-to-peer são na porta 60606 TCP/UDP. A topologia da rede será análoga a da Lacchain: https://github.com/lacchain/bndes-network/blob/master/TOPOLOGY_AND_ARCHITECTURE.md +A figura abaixo reflete a topologia da rede quando só havia BNDES e BID como nós. As conexões peer-to-peer são na porta 60606 TCP/UDP. A [topologia da rede será análoga a da Lacchain](instalacao-rbb-node/TOPOLOGY_AND_ARCHITECTURE.md). ![GitHub Logo](./network_diagram_rbb.png) @@ -54,16 +54,22 @@ Para a porta 123 (udp): Para obter os detalhes de IPs de máquinas -> favor entrar em contato com blockchaingov@bndes.gov.br. +Algumas boas práticas para este passo: +- Sugere-se aumentar a resilência dos nós da rede criando conexões interna entre os nós da mesma instituição. +- Sugere-se aumentar a resilência dos nós conectando diferentes nós da rede por diferentes provedores de rede. +- Sugere-se fortemente alocar aos nós internos máquinas com IPs públicos que não será modificado no futuro. Uma mudança de IP implica em reconfigurações de regras de firewall e reconexão dos nós com novos e-nodes. + + # Passo 4 - Gestão de chaves O processo de instalação de cada nó gera a chave privada em ``/root/lacchain/data/key``. Essa chave privada está associada a chave pública do nó, que compõe o seu enode. A chave pode ser regerada posteriormente, se necessário, mas isso impactará o enode do nó. Perceba que a chave privada é salva sem criptografia. -É possível conferir a chave pública do seu nó no log (nível INFO) ou executando o comando ``admin_nodeInfo``. +É possível conferir a chave pública do seu nó no log (nível INFO) ou executando o comando ``admin_nodeInfo``. A conta blockchain associada ao nó está salva em ``/root/lacchain/data/nodeAddress``. Ela será necessária no momento do permissionamento (Passos 5 e 6). Além das chaves dos nós, no futuro podem ser criadas chaves privadas para permissionamento (ver passo 5) ou para o uso de smart contracts específicos. -É necessário ter um mecanismo interno para gerir essas chaves privadas: onde armazenar a chave, quem tem acesso, mecanismo de recuperação etc. +É necessário ter um mecanismo interno para gerir essas chaves privadas: onde armazenar a chave, quem tem acesso, mecanismo de recuperação etc. # Passo 5 - Permissionamento dos novos nós @@ -84,36 +90,41 @@ Adicionar manualmente os novos nós em nós já sincronizados da rede pela API r # Passo 7 - Verificar Conexão na Rede -Siga o procedimento de **"Checking your connection"** da Lacchain: https://github.com/lacchain/bndes-network/blob/master/DEPLOY_NODE.md. +Siga o [procedimento de **"Checking your connection"**](instalacao-rbb-node/DEPLOY_NODE.md#checking-your-connection). + +O comando a seguir permite verificar que o nó está sincronizado com os outros nós da rede: ``curl -X POST --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":51}' http://localhost:4545`` + +Atualmente, um bloco é gerado a cada 2segundos, então o número retornado pelo comando anterior deve mudar a cada execução do comando. Opcionalmente, esse link também pode ajudar: https://github.com/lacchain/besu-network/issues/33 # Passo 8 - Inclusão de nós Validadores no Algoritmo de Consenso (apenas para novo nós do tipo validador) -Se novos validadores forem adicionados é necessário disparar uma votação de forma a incluí-los no algoritmo de consenso. Para isso, deve-se seguir o procedimento https://besu.hyperledger.org/en/stable/HowTo/Configure/Consensus-Protocols/IBFT/#adding-and-removing-validators-by-voting. +Se novos validadores forem adicionados é necessário disparar uma votação de forma a incluí-los no algoritmo de consenso. Para isso, deve-se seguir o procedimento https://besu.hyperledger.org/en/stable/HowTo/Configure/Consensus-Protocols/Add-Validators/ (ver seção de IBFT2.0 com votação). Algumas observações importantes: -* Os comandos devem ser disparados usando os consoles dos validadores que atualmente participam do algoritmo de consenso da rede. -* Será necessário informar as contas blockchain dos novos validadores, que podem ser encontradas em: ``/root/lacchain/data/nodeAddress``. Caso esse arquivo esteja inválido por algum motivo, é possível regerá-lo usando ``pantheon --data-path=/root/lacchain/data public-key export-address --to=/root/lacchain/data/nodeAddress!``. -* A votação precisa ocorrer dentro de um período de uma mesma "época", e o tamanho da época é definida no arquivo genesis. Considerando as configurações atuais da rede, cada época dura cerca de 16h. +* É uma boa prática utilizar ``ibft_getSignerMetrics`` para verificar se existem validadores não-ativos antes de iniciar a votação (https://besu.hyperledger.org/en/stable/Reference/API-Methods/#ibft_getsignermetrics). +* Os comandos devem ser disparados usando os consoles dos validadores que atualmente participam do algoritmo de consenso da rede. +* Será necessário informar as contas blockchain (nodeAddress) dos novos validadores, que podem ser encontradas em: ``/root/lacchain/data/nodeAddress``. Caso esse arquivo esteja inválido por algum motivo, é possível regerá-lo usando ``pantheon --data-path=/root/lacchain/data public-key export-address --to=/root/lacchain/data/nodeAddress!``. +* A votação precisa ocorrer dentro de um período de uma mesma "época", e o tamanho da época é definida no arquivo genesis. Considerando as configurações atuais da rede, cada época dura cerca de 16h. +* A forma como essa atividade é realizada usualmente é enviando um email a todos os participantes da RBB combinando um horário para votação de todas as instituições que possuam nós validadores. +* Se a votação for bem sucedida, será possível ver no block explorer que o(s) novo(s) validador(es) está(ão) gerando e assinando nós na rede. # Passo 9 (opcional) - Instalação de Dapp de permissionamento -O Dapp de permissionamento é um frontend que permite visualizar quem são as contas Administradoras da rede, visualizar as regras de permissionamento para contas e para nós. +O Dapp de permissionamento é um frontend que permite visualizar quem são as contas Administradoras da rede, visualizar as regras de permissionamento para contas e para nós. -A Lacchain fez pequenas mehorias no Dapp de permissionamento da plataforma Besu. Para instalar o Dapp siga o seguinte procedimento: https://github.com/lacchain/permissioning-smart-contracts +A Lacchain fez pequenas melhorias no Dapp de permissionamento da plataforma Besu. Para instalar o Dapp siga o seguinte procedimento: https://github.com/lacchain/permissioning-smart-contracts Atenção: é necessário implantar o branch beta1. Observação: O dapp apresenta as informações truncadas, mas é possível copiar e colar para ver a informação completa. Além disso, atenção porque o dapp exibe a informação de Public_key com um string "0x" no metade do valor. Ex.: a public key -0xd2c9170ace6301fe416b636c0f91816b7a9184c29562b55dfbcbbb48305d6717322c07a1e0d0432b89c1bef468f93963cd94a4ec2d90cd5d53f6e16b3767c390 é exibida como +0xd2c9170ace6301fe416b636c0f91816b7a9184c29562b55dfbcbbb48305d6717322c07a1e0d0432b89c1bef468f93963cd94a4ec2d90cd5d53f6e16b3767c390 é exibida como 0xd2c9170ace6301fe416b636c0f91816b7a9184c29562b55dfbcbbb48305d67170x322c07a1e0d0432b89c1bef468f93963cd94a4ec2d90cd5d53f6e16b3767c390. -O Dapp está instalado internamente no BNDES na url https://rbb-permissioning.dsv.bndes.net/ - -Para criar novas regras de permissionamento, é necessário ter uma conta blockchain autorizada. -É possível utilizar qualquer forma de geração de conta Ethereum, como via Metamask. +Para criar novas regras de permissionamento, é necessário ter uma conta blockchain autorizada. +É possível utilizar qualquer forma de geração de conta Ethereum, como via Metamask. Endereço do contrato de permissionamento de nós: 0x0000000000000000000000000000000000009999 @@ -124,14 +135,15 @@ Embora exista, o contrato de permissionamento de contas ainda não está sendo u # Passo 10 - Verificar Boot Nodes em Uso -Para cada um dos nós, verifique no arquivo `/root/lacchain/config.toml`, o valor atribuído a variável `bootnodes`. +Para cada um dos nós, verifique no arquivo `/root/lacchain/config.toml`, o valor atribuído à variável `bootnodes`. -Por exemplo, +Por exemplo, -`` +``` bootnodes=[ "enode://c1c9170ace6301fe416b636c0f91816b7a9184c29562b55dfbcbbb48305d6717322c07a1e0d0432b89c1bef468f93963cd94a4ec2d90cd5d53f6e16b3767c328@200.225.100.107:60606", "enode://91ca844776cc9bf69cd4eadaeefdf105815b61ec7ba0fef0ab3fc0c954a8af3bfbbdbc9975ca8cd6d1bd366bcd69df2066f2ed17bed4d1c53164d46e94afa03b@35.188.197.198:60606" -]`` +] +``` Essa variável indica quais Bootnodes podem ser utilizados quando o nó iniciar. Idealmente quanto mais bootnodes você listar mais resiliente seus nós estarão. Assim, idealmente você deve incluir o máximo de bootnodes possíveis considerando a lista total de bootnodes da RBB. Para obter a lista de todos os boot nodes da rede você pode perguntar a alguma outra instituição ou instalar o dapp de permissionamento referenciado no passo anterior. @@ -160,9 +172,9 @@ Em caso de dúvidas ou comentários, por favor, enviem e-mail para blockchaingov # Comentário adicionais -BNDES e BID conversaram sobre algumas possibilidades de aumentar a resilência dos nós. Infelizmente, não é possível configurar mais de um IP para o mesmo nó (dado que o IP é usado para o enode) ou fazer um DNS para deixar os nós independentes de IP. Uma possibilidade natural é configurar vários nós de um mesmo tipo e usar um Load Balancer de forma a deixar os vários IPs transparente para o usuário. +BNDES e BID conversaram sobre algumas possibilidades de aumentar a resilência dos nós. Infelizmente, não é possível configurar mais de um IP para o mesmo nó (dado que o IP é usado para o enode) ou fazer um DNS para deixar os nós independentes de IP. Uma possibilidade natural é configurar vários nós de um mesmo tipo e usar um Load Balancer de forma a deixar os vários IPs transparente para o usuário. Caso tenha erros durante a instalação e precise aumentar o nível de log do Besu, basta acrescentar `--logging DEBUG` no `start-pantheon.sh` e restartar o Besu. Depois de resolvido, remova essa mudança de forma a minimizar o tamanho de log gerado. Veja mais em: https://besu.hyperledger.org/en/stable/HowTo/Monitor/Logging/. - +Algumas vezes o Besu pode parar de sincronizar sem razão aparente. Um motivo pode ser falta de espaço de armazenamento no servidor. diff --git "a/Como_criar_n\303\263s_dockerizado.md" "b/Como_criar_n\303\263s_dockerizado.md" new file mode 100644 index 00000000..9f107377 --- /dev/null +++ "b/Como_criar_n\303\263s_dockerizado.md" @@ -0,0 +1,125 @@ +Este roteiro guia na criação de nós para o laboratório da RBB usando docker. Algumas premissas simplificadoras são assumidas: +- São exatamente três nós: 1 nó writer, 1 nó boot e 1 nó validator. +- Todos os nós serão executados em uma única VM, exclusiva para esse serviço. + +# Passo 1 - Ambiente Físico + +## Requisitos mínimos do sistema + +Recursos de hardware recomendados para os nós na rede de teste: + +* **CPU**: 4 cores + +* **Memória RAM**: 8 GB + +* **Disco Rígido**: 180 GB SSD + + +# Passo 2 - Scripts Docker + +Verifique se o relógio do seu servidor está com a hora correta. É recomendável que ele esteja sincronizado com um servidor NTP conhecido (pela porta *123/udp*), por exemplo, o pool.ntp.br. Caso contrário, erros na sincronização podem ocorrer com a mensagem "invalid checkpoint headers". + +Sugere-se fortemente alocar aos nós internos máquinas com IPs públicos que não será modificado no futuro. Uma mudança de IP implica em reconfigurações de regras de firewall e reconexão dos nós com novos e-nodes. + +## Pré-requisitos necessários +* Docker, versão mínima 18.09.9 +* Docker compose, versão mínima 1.22.0 +* jq + +### Instalação do jq ### + +``` +curl -#SLo/usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 +chmod a+x /usr/local/bin/jq +``` + +## Instalação dos nós ## +Criar um diretório: +``` +mkdir +cd +``` + +Baixar o arquivo tgz [clicando aqui](https://github.com/RBBNet/rbb/raw/master/rbb-setup.tgz). + +Descompactar o arquivo tgz no diretório criado: ``tar xzf rbb-setup.tgz`` + +Caso uma das portas entre as utilizadas (10000, 10001, 10010, 10011 e 10012) não estejam disponíveis no host, ajustar o mapeamento no arquivo ``/infra.json``. + +Preencher, no mesmo arquivo, o campo "organization" para indicar o nome/apelido da organização que será apresentado na monitoração atual, que é realizada pelo BID. + +Executar os comandos: + ``` + VALIDATOR_COUNT=1 BOOT_COUNT=1 WRITER_COUNT=1 commands/blockchain-setup + ``` + E, em seguida: + ``` + docker-compose up -d + ``` + + Utilize ``` docker-compose logs -f ``` para visualizar os logs dos nós. + + +# Passo 3 - Filtros de rede + +A figura abaixo reflete a topologia da rede quando só havia BNDES e BID como nós. As conexões peer-to-peer são na porta 60606 TCP/UDP. A [topologia da rede será análoga a da Lacchain](instalacao-rbb-node/TOPOLOGY_AND_ARCHITECTURE.md). + +![GitHub Logo](./network_diagram_rbb.png) + +As seguintes regras de abertura de firewall devem ser consideradas para uma instituição que terá nós da RBB. + +- Todos os validators devem conseguir se conectar. Por isso, para seus validators: + - Permitir conexão (inbound) na porta 10011 a partir dos outros validators que integram a RBB. + - Permitir conexão (outbound) para as IP:PORTAs dos outros validators que integram a RBB. +- Todos os boots devem permitir que os outros nós boots e validators se conectem a ele. Por isso, para seus boots: + - Permitir conexão (inbound) na porta 10010 a partir dos outros nós (boots e validators) que integram a RBB. + - Permitir conexão (outbound) para as IP:PORTAs dos boots que integram a RBB. +- Os writer nodes não precisam aceitar conexões externas. +- Todos os nós devem enviar informações de monitoração para o BID. + - Permitir conexões (outbound) para 35.184.17.253:9091. + + +# Passo 4 - Verificar Conexão na Rede + +Execute da seguinte forma: +```bash +# commands/node-rpc +# Exemplos: + +# consulta informações do node +commands/node-rpc boot1 admin_nodeInfo + +# consulta peers conectados +commands/node-rpc writer2 admin_peers +``` + + +# Passo 5 - Gestão de chaves + +O processo de instalação de cada nó gera a chave privada em ``${CONFIG_ROOT}/nodes/${NODE_NAME}/key``. Essa chave privada está associada a chave pública do nó, que compõe o seu enode. Perceba que a chave privada é salva sem criptografia. É possível conferir a chave pública do seu nó em ``${CONFIG_ROOT}/nodes/${NODE_NAME}/key.pub`` ou executando o comando ``commands/node-rpc ${NODE_NAME} admin_nodeInfo``. + +A conta blockchain associada ao nó está salva em ``${CONFIG_ROOT}/nodes/${NODE_NAME}/node.address``. Ela será necessária no momento do permissionamento (passo seguinte). + +É necessário ter um mecanismo interno para gerir essas chaves privadas: onde armazenar a chave, quem tem acesso, mecanismo de recuperação etc. + +# Passo 6 - Permissionamento dos novos nós + +É necessário permissionar o(s) novo(s) nó(s) para participar na rede. Essa ação é realizada por uma instituição participante da RBB com conta blockchain de permissionamento. Entre em contato informando os e-nodes e as contas blockchain dos nós instalados. + + +# Passo 7 - Inclusão de nós Validadores no Algoritmo de Consenso (apenas para novos nós do tipo validador) + +Se novos validadores forem adicionados é necessário disparar uma votação de forma a incluí-los no algoritmo de consenso. Para isso, deve-se seguir o procedimento https://besu.hyperledger.org/en/stable/HowTo/Configure/Consensus-Protocols/Add-Validators/ (ver seção de IBFT2.0 com votação). +Algumas observações importantes: +* É uma boa prática utilizar ``ibft_getSignerMetrics`` para verificar se existem validadores não-ativos antes de iniciar a votação (https://besu.hyperledger.org/en/stable/Reference/API-Methods/#ibft_getsignermetrics). +* Os comandos devem ser disparados usando os consoles dos validadores que atualmente participam do algoritmo de consenso da rede. +* Será necessário informar as contas blockchain (nodeAddress) dos novos validadores, que podem ser encontradas em: ``${CONFIG_ROOT}/nodes/${NODE_NAME}/node.address``. +* A votação precisa ocorrer dentro de um período de uma mesma "época" e o tamanho da época é definida no arquivo genesis. Considerando as configurações atuais da rede, cada época dura cerca de 16h. +* A forma como essa atividade é realizada usualmente é enviando um email a todos os participantes da RBB combinando um horário para votação de todas as instituições que possuam nós validadores. +* Se a votação for bem sucedida, será possível ver no block explorer que o(s) novo(s) validador(es) está(ão) gerando e assinando nós na rede. + +# Contato + +Em caso de dúvidas ou comentários, por favor, enviem e-mail para blockchaingov@bndes.gov.br. + + diff --git a/Como_implantar_aplicacoes.md b/Como_implantar_aplicacoes.md index d0fe7ea2..3a272c5b 100644 --- a/Como_implantar_aplicacoes.md +++ b/Como_implantar_aplicacoes.md @@ -2,6 +2,7 @@ A implantação de aplicações na RBB segue o mesmo roteiro de https://github.c * O link explica como fazer o deploy na rede da Lacchain usando a plataforma Hyperledger Besu. O deploy na RBB do Hyperledger Besu segue os mesmos passos; * O roteiro já está atualizado para contemplar o network_id da RBB, que é 648629; -* A versão inicial do roteiro foi escrito há algum tempo, então as versões utilizadas para node, npm, solidity etc podem ser maiores. Por exemplo, os códigos mais recentes do Solidity já usam "pragma solidity 0.7.4"; +* A versão inicial do roteiro foi escrito há algum tempo, então as versões utilizadas para node, npm, solidity etc podem ser maiores. Por exemplo, os códigos mais recentes do Solidity já usam "pragma solidity 0.8"; Pode acontecer de o truffle reclamar que a versão do smart contract é diferente da esperada. Se for o caso, modifique a primeira linha do contrato de teste "praga solidity" para a versão padrão do truffle; +* A referenciada é a chave privada da conta ("account") que submeterá a transação para a rede blockchain da RBB. As contas da RBB são totalmente compatíveis com contas Ethereum. Assim, é possível usar o Metamask para gerar uma conta para a RBB; * Contacte BNDES ou outro envolvido na RBB para conhecer como usar o : ou ; -* O link final de "Send Transactions To LACCHAIN" realmente ainda está não funcional. \ No newline at end of file +* O link final de "Send Transactions To LACCHAIN" realmente ainda está não funcional. diff --git a/Como_instancia_boot-observer_observer.md b/Como_instancia_boot-observer_observer.md new file mode 100644 index 00000000..0201abf4 --- /dev/null +++ b/Como_instancia_boot-observer_observer.md @@ -0,0 +1,45 @@ +Este roteiro guia na criação de nós Boot de observer e observer para o laboratório da RBB usando docker. Algumas premissas simplificadoras são assumidas: +- Boot de observer observer devem estar em hosts diferentes; +- Boot de observer conecta-se em um nó núcleo da rede (preferencialmente um boot); +- Boot de observer realiza a comunicação entre os nós da rede e observer; +- Observer é um nó de consulta, externo a rede; +- Observer não pode enviar transações para rede, desta forma o boot deve bloquear tentativas de envio de transações. + +# Passo 1 - Instanciar os nós + +### Pré-requisitos + - Rede com nós de núcleo funcionando (boot, validadores, writers) + +#### Boot de Observer + +1. Siga o tutorial [Roteiro para criação de uma rede](Roteiro_para_a_criacao_de_uma_rede.md) no lugar de criar validator e boot +`Nota: crie boot de observer e observer (utilize o roteiro em hosts diferentes para boot de observer e observer) ` + +2. Acesse o Boot de observer, copie o genesis.json fornecido pelo boot da rede e cole em `start-networks/.env-configs` +`Nota: Há possibiliadade do arquivo genesis.json estar disponível no github da RBB.` + + +3. Desabilite o permissionamento no arquivo docker-compose.yaml alterando as variáveis para false, como no exemplo a seguir: +`BESU_PERMISSIONS_ACCOUNTS_CONTRACT_ENABLED: "false"` +`BESU_PERMISSIONS_ACCOUNTS_CONTRACT_ENABLED: "false"` + +4. Novamente no arquivo docker-compose.yml, verifique se a porta p2p está aberta para conexões tcp e udp, como no exemplo a seguir: + + ports: + - 30303:30303/tcp + - 30303:30303/udp + + +5. Em seguida execute o comando docker-compose up e aguarde o container iniciar o boot de observer, se tudo ocorrer como esperado este nó se conectará com um ou mais boots da rede, dependendo das configurações do arquivo `genesis.json` + +6. Acesse o host do observer, e realize os passos 2, 3 e 4 deste documento, porém no passo 2 deve receber o genesis.json do boot de observer. Este genesis.json deve conter os parâmetros discovery.bootnodes a chave pública (removendo `0x`), endereço ip e porta p2p fornecidos pelo boot de observer, como no exemplo a seguir: + +`"discovery": { + "bootnodes": ["enode://d2156e7a95f32026f41dbb9d34df915ce2b2a235d93281eeda27d52cd88844d369812c78cbd1f797ad2177aba8a66607f97fa5df0ef3aa82932e141beb1ce8c0@100.100.100.100:30303"] + } +` + +É importante que no parâmetro bootnodes a chave pública seja do boot de observer, pois o observer realizará conexão apenas com este nó, de maneira nenhuma observer poderá conectar-se com outro tipo nó da rede (boot, writer, validators), pois Observers são externos à rede. + +1. Execute o comando `docker-compose up`. Se tudo ocorrer como esperado, observer deve conectar-se ao boot de observer. + \ No newline at end of file diff --git a/README.md b/README.md index f38c3fc8..3c7381d2 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,109 @@ -# rbb -Repositório de arquivos para a infraestrutura da Rede Blockchain Brasil. +# Rede Blockchain Brasil -A Rede Blockchain Brasil (RBB) é um projeto corporativo para implantar uma infraestrutura de rede blockchain de abrangência nacional envolvendo os três poderes da república: executivo, legislativo e judiciário, além de participação de Estados da federação. O objetivo é oferecer aos entes públicos e privados uma infraestrutura que seja capaz de executar aplicações de interesse público. +Bem vindo à Rede Blockchain Brasil! -A RBB é por princípio agnóstica em relação ao uso de qual a plataforma DLT utilizar. No momento, temos roteiros para implantação de uma rede Hyperledger Besu. +A Rede Blockchain Brasil (RBB) é uma rede de instituições, de abrangência nacional, composta de estrutura de governança e infraestrutura tecnológica, que tem o objetivo de facilitar a adoção da tecnologia de blockchain para a implementação de aplicações de interesse público. A criação da rede permitirá a otimização de recursos, redução de custos e remoção de barreiras de entrada para uso da tecnologia e a inovação no setor público. +A RBB foi fundada pelo **Banco Nacional de Desenvolvimento Econômico e Social** (BNDES) e o **Tribunal de Contas da União** (TCU), através de um [Acordo de Cooperação](documentos/ACT_TCU_BNDES_RBB.pdf), [assinado em 12/04/2022](https://www.in.gov.br/web/dou/-/extrato-do-acordo-de-cooperacao-n-d-121.2.0014.22-393697725). Instituições que desejarem participar da rede deverão [submeter sua solicitação](roteiro_adesao.md) à **Governança da RBB**. + +## Histórico + +A ideia de criar a Rede Blockchain Brasil nasceu no workshop que precedeu a [segunda edição](https://www.bndes.gov.br/wps/portal/site/home/conhecimento/seminarios/II-forum-blockchaingov) do [Fórum BlockchainGov](https://itsrio.org/pt/projetos/blockchaingov/), realizado nas dependências do BNDES em 2019. Organizado em parceria pelo BNDES e pelo [Instituto de Tecnologia e Sociedade (ITS)](https://itsrio.org/), o workshop gerou uma discussão relevante entre instituições públicas com experiência em uso prático da tecnologia. + +A percepção geral era que havia uma duplicação de esforços no uso da tecnologia pelo governo. Em geral, para cada caso de uso, a organização interessada precisava superar diversas barreiras legais, organizacionais e técnicas. Embora faça sentido em alguns casos, a necessidade de resolver os mesmos problemas a cada aplicação acaba inibindo a inovação. Adicionalmente, a existência de várias redes inibe a possibilidade de integração entre diversas iniciativas, além de reuso de soluções entre diferentes organizações. + +## Modelo + +Experiências internacionais como a [LACChain](https://www.lacchain.net) - rede para a América Latina liderada pelo BID, [Alastria](https://alastria.io/) e [EBSI (European Blockchain Service Infrastructure)](https://ec.europa.eu/digital-building-blocks/wikis/display/EBSI/Home) inspiraram a RBB a buscar o caminho de ser uma rede público-permissionada: "pública" porque poderá ser acessada por qualquer pessoa; "permissionada" porque os nós participantes do consenso precisam de permissão para participar. As redes público-permissionadas são uma solução adequada para aplicações de interesse público. + +Blockchains públicas são potencialmente muito interessantes para implantações focadas em transparência e confiança. Tal percepção é corroborada pelo [Acórdão 1613/2020 do TCU](https://pesquisa.apps.tcu.gov.br/#/redireciona/acordao-completo/%22ACORDAO-COMPLETO-2406748%22) que aponta como um dos seus maiores potenciais da tecnologia a implantação de medidas anticorrupção e pró-transparência. A possibilidade de implementar processos transparentes e que obedeçam ao princípio de _compliance by design_ é uma grande oportunidade para organizações públicas. Porém, o uso de redes que melhor suportam estas características por instituições públicas apresenta barreiras de diversas naturezas, como por exemplo a aquisição de criptomoedas para remuneração do processamento na rede. + +Nas blockchains permissionadas, em geral privadas, os nós que realizam a validação das transações são conhecidos e previamente autorizados, de acordo com os requisitos e propósitos da rede, permitindo a determinação de responsabilidades e tratando a realização do processamento na rede como um compromisso de seus participantes. Porém, tais blockchains não permitem o acesso às informações pelo público em geral. + +Já nas blockchains público-permissionadas, é possível buscar um melhor modelo para aplicações de interesse público: a entrega de soluções de transparência e confiança através de redes públicas; e o menor custo e menor desafio tecnológico e regulatório das redes permissionadas. + +## Formas de Participação + +As instituições participantes da RBB podem ser classificadas como: + +- Partícipes Aderentes **Parceiros** + - Devem promover o uso da RBB em aplicações do serviço público e de interesse público e seguir as decisões sobre a RBB proferidas pela Governança da RBB; + - Têm direito de executar nós que enviem transações para a rede e tenham acesso a toda a cadeia de blocos; + - Têm direito a apresentar propostas e participar das reuniões de governança. + +- Partícipes Aderentes **Associados** + - Têm os mesmos direitos e deveres dos partícipes aderentes parceiros; + - Têm o compromisso de executar nós que possam participar do consenso da rede; + - Têm direito a votar nas propostas apresentadas. + +- Partícipes **Patronos** + - Apenas BNDES e TCU são considerados partícipes patronos; + - Têm os mesmos direitos e deveres dos partícipes aderentes associados; + - Têm direito a voto de desempate e vetar as propostas apresentadas. + +## Projeto + +A implantação da RBB será feita de forma gradativa, conforme determinado em seu Plano de Trabalho, que tem previstas as seguintes atividades: + +- Implantação da rede laboratório +- Elaboração do regulamento da RBB +- Estruturação do piloto +- Operação assistida do piloto +- Estruturação da produção +- Promoção do uso da rede e evoluções + +Observação: O piloto será uma rede de produção, com a utilização de dados reais, porém com níveis de serviço reduzidos. + +O Plano de Trabalho tem previsão de ser executado em 60 meses a partir da assinatura do [Acordo de Cooperação](documentos/ACT_TCU_BNDES_RBB.pdf) entre BNDES e TCU. + +Embora a iniciativa da RBB tenha sido oficialmente criada com a assinatura do Acordo em 12/04/2022, uma rede de laboratório e um grupo de debates já existem desde 2021. Várias [iniciativas e discussões técnicas](iniciativas.md) importantes ocorreram nesse período, antecipando discussões e projetos que deverão ser realizados, agora, dentro da estrutura formal. + +## Governança + +Informações sobre a [governança da RBB](governanca/README.md). + +## Tecnologia + +A implementação de blockchain utilizada na RBB é a do projeto de código aberto [Hyperledger Besu](https://besu.hyperledger.org), que é baseada na rede [Ethereum](https://ethereum.org). + +## Topologia + +A RBB se baseou no *framework* da [LACChain](https://www.lacchain.net), para definir seu modelo de topologia, que é composta de: + +- Nós Núcleo: Desempenham papel essencial para o correto funcionamento da rede. A rede não funciona sem eles. + - **Nós Conectores** (*Boot Nodes*): Responsáveis por conectar nós validadores a nós satélites. + - Compartilham o histórico e o estado dos blocos com novos nós. + - Atualizam nós satélites sobre a geração de novos blocos gerados pelos nós validadores. + - Repassam transações enviadas pelos nós registradores aos nós validadores. + - Conectam-se com os nós validadores e nós registradores designados. + - **Nós Validadores** (*Validator Nodes*): Validam as transações submetidas à rede. + - Participam do protocolo de consenso e são responsáveis pela geração de novos blocos. + - Conectam-se entre si e com os nós conectores. +- Nós Satélites: Não desempenham papel essencial no correto funcionamento da rede. Podem se conectar e desconectar da rede sem que isso prejudique o funcionamento da mesma. + - **Nós Registradores** (*Writer Nodes*): Podem submeter transações para a rede. + - Enviam transações aos nós conectores, que por sua vez as repassam aos nós validadores. + - Conectam-se com nós conectores designados. + - **Nós Observadores** (*Observer Nodes*): Só podem ler as informações registradas na rede. + - Podem conectar-se apenas com nós conectores que estiverem abertos para permitir a leitura de blocos. + - Observação: Atualmente a RBB ainda **não** suporta nós conectores com essa possibilidade. + +![Topologia da RBB](imagens/Topologia_RBB.png "Topologia da RBB") + +## Instalação + +Enquanto a RBB estiver em estágio de piloto ou em laboratório, para instalar nós, será necessário aderir o Acordo de Cooperação. + +O roteiro de instalação técnico encontra-se [nesse link](Roteiro_para_a_criacao_de_uma_rede.md). + + +## Contato + +Em caso de dúvidas e sugestões, entre em contato através do e-mail [blockchaingov@bndes.gov.br](#). + +## Aviso Legal sobre a participação do Tribunal de Contas da União – TCU + +O Tribunal de Contas da União - TCU, órgão de controle externo do governo federal, auxilia o Congresso Nacional na missão de acompanhar a execução orçamentária e financeira do país e contribuir com o aperfeiçoamento da Administração Pública em benefício da sociedade. Para isso, tem como visão ser referência na promoção de uma Administração Pública efetiva, ética, ágil e responsável. + +No âmbito da Rede Blockchain Brasil (RBB), o TCU exerce o papel de partícipe fundador, conforme Acordo de Cooperação número D-121.2.0014.22, celebrado em abril de 2022 junto ao BNDES – Banco Nacional de Desenvolvimento Econômico e Social. O acordo estabelece as prerrogativas de cada tipo de partícipe (partícipes fundadores e partícipes aderentes), suas funções, atribuições e poderes. + +Vale destacar, entretanto, que **o TCU, por meio de seus representantes formalmente indicados**, assim como ocorre em outras iniciativas similares, **exerce na RBB papel meramente administrativo, sem qualquer vínculo com as atividades de Controle Externo** advindas de sua função constitucional. A despeito de ser fundador, o TCU atua na Rede como qualquer outro partícipe, resguardadas as funções e poderes de partícipe fundador, descritas no supracitado acordo de cooperação. Portanto, **o TCU, nessa condição, não chancela, corrobora, atesta a validade ou emite opinião prévia sobre as atividades exercidas por partícipes da RBB que porventura sejam passíveis das ações de Controle Externo**. diff --git a/Roteiro_para_a_criacao_de_uma_rede.md b/Roteiro_para_a_criacao_de_uma_rede.md new file mode 100644 index 00000000..d8e9f54f --- /dev/null +++ b/Roteiro_para_a_criacao_de_uma_rede.md @@ -0,0 +1,439 @@ + +# Roteiro para a criação de uma rede + + + + + +Este roteiro tem como objetivo levantar uma cópia compatível com a RBB do zero. + +**Após a existência de uma versão inicial da rede, a adição de novas instituições deverá seguir outro roteiro**. + +*É fácil confundir, pois este roteiro tem como premissa que as instituições entrarão na rede uma a uma. Porém, não é possível usar este roteiro para adesão de uma instituição após a existência da rede, porque na seção 1 é necessário que os passos sejam executados por todas as instituições em paralelo antes de qualquer nó ser levantado. Logo, uma nova instituição após a rede já existir não terá executado aqueles passos.* + +## 1 - Atividades iniciais a serem executadas em paralelo para todas as instituições + +As atividades desta seção devem ser executadas no início da implantação da rede por todas as instituições que irão aderir à rede. Além disso, as atividades desta seção devem ser executadas em cada máquina virtual (Virtual Machine - VM) em que cada nó será alocado. + +### 1.1 - Pré-requisitos + +- [Docker](https://www.docker.com/products/docker-desktop/) +- cURL + + ```bash + sudo apt install curl + + ``` + +### 1.2 - Baixar o repositório `start-network` + +- Execute os seguintes comandos: + + ```bash + curl -#SL https://github.com/RBBNet/start-network/releases/download/v0.4.0-permv1/start-network.tar.gz | tar xz + cd start-network + + ``` + +Daqui para frente, considere que todos os comandos são executados dentro do diretório start-network. + +### 1.3 - Preparar arquivos + +Todos os participantes deverão gerar, ao mesmo tempo, os endereços e as chaves públicas e privadas dos próprios nós. + +Execute o comando/script abaixo em cada VM para gerar as chaves e o endereço do nó correspondente ao tipo de nó a ser levantado na VM. Exemplo: + +- Gerar chaves e endereço de apenas 1 nó Validator em uma VM: + + ```bash + ./rbb-cli node create validator + + ``` + + - Ainda na VM do nó validator, execute o comando abaixo para definir a porta da VM pela qual serão feitas chamadas RPC para o nó. No exemplo abaixo é mapeado a porta 10001 da VM (host) para a porta 8545 do nó (container), a porta 8545 do nó é a porta padrão para chamadas RPC via HTTP: + + ```bash + ./rbb-cli config set nodes.validator.ports+=[\"10001:8545\"] + + ``` + + - Execute o comando abaixo para definir o IP externo e a porta da VM pela qual serão feitas conexões P2P com o nó validator. No exemplo abaixo é definido o IP externo do nó e a porta 10303 para conexões P2P. A porta 30303 é a porta padrão para conexões P2P, para este caso, no entanto, é definida uma porta diferente da padrão: + + ```bash + ./rbb-cli config set nodes.validator.address=\":10303\" + + ``` + +- Gerar chaves e endereço de apenas 1 nó Boot em uma VM: + + ```bash + ./rbb-cli node create boot + + ``` + + - Ainda na VM do nó boot, execute o comando abaixo para definir a porta da VM pela qual serão feitas chamadas RPC para o nó: + + ```bash + ./rbb-cli config set nodes.boot.ports+=[\"10001:8545\"] + + ``` + + - Execute o comando abaixo para definir o IP externo e a porta da VM pela qual serão feitas conexões P2P com o nó boot: + + ```bash + ./rbb-cli config set nodes.boot.address=\":10304\" + + ``` + +- Gerar chaves e endereço de apenas 1 nó Writer em uma VM: + + ```bash + ./rbb-cli node create writer + + ``` + + - Ainda na VM do nó writer, execute o comando abaixo para definir a porta da VM pela qual serão feitas chamadas RPC para o nó: + + ```bash + ./rbb-cli config set nodes.writer.ports+=[\"10001:8545\"] + + ``` + + - Execute o comando abaixo para definir o IP interno e a porta da VM pela qual serão feitas conexões P2P com o nó writer: + + ```bash + ./rbb-cli config set nodes.boot.address=\":10305\" + + ``` + +Após a execução dos comandos acima os seguintes itens foram gerados: + +- Par de chaves pública/privada: + - Caminho da chave privada: `.env.configs/nodes//key` + - Caminho da chave pública: `.env.configs/nodes//key.pub` +- Endereço do nó (account): + - Localizado em: `.env.configs/nodes//node.id` + +### 1.4 - Compartilhar enodes e endereços dos nós + +O enode é uma string que serve de identificador para o nó e que será utilizado neste roteiro. + +- Sua formação é o que segue: `enode://@:`. +- Observe que o IP utilizado poderá ser diferente para o mesmo nó, pois haverá situações onde serão utilizados o IP externo e, outras, onde serão utilizados os IPs internos. Este roteiro chamará atenção para cada caso. + +As instituições devem compartilhar num arquivo, os `enodes` e os `endereços (account)` de cada nó para que todas as instituições conheçam as informações de todos os nós da rede e possam conectar esses nós conforme a topologia da rede. + +Para isso, deve-se usar um arquivo no seguinte repositório privado apenas para os participantes da rede: . Este repositório deverá conter uma pasta que corresponde à rede que está sendo implantada. Esta pasta conterá alguns arquivos compartilhados pelo grupo, incluindo a lista de enodes. + +Para exemplificar, considere que o nome da rede é atribuída à variável +rede, o que será útil em alguns momentos. Se a rede em implantação é a rede de laboratório, temos $rede=**"lab"**. Se é a rede piloto, $rede=**"piloto"**. + +Assim, a lista de enodes ficará no arquivo em `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/enodes.md`, com o formato sugerido abaixo. Observe que os enodes nessa lista usarão **sempre** os IPs **externos**. Para os writers, o IP e porta é necessário **apenas para os writers dos partícipes parceiros**. **Não é necessário** informar o IP e porta dos writers internos nessa lista. + +| Membro | Tipo de Nó |Enode |Account | +|-----------|---------------|------------------------------------------|-------------------| +|BNDES | Boot |`enode://91c......3b@:` | | +|TCU | Validator |`enode://2b5......59@:` |0x5bcd....a4861984b| + +### 1.5 - Compartilhar endereço de conta de administração + +Cada instituição deve possuir um endereço de conta de administração. Para tanto, adicione um endereço de conta de administração na lista localizada em `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/adminAddresses.md`. Conforme exemplo abaixo: + +| Membro | Endereço do administrador | +|-----------|--------------------------------------------| +|BNDES | 0x38393851d6d26497de390b37b4eb0c1c20a5b0bc | +|DATAPREV | 0xc78622f314453aeb349615bff240b6891cefd465 | +|TCU | 0x8b708294671a61cb3af2626e45ec8ac228a03dea | + +### 1.6 - Ajustar regras de firewall + +Como antecipado, este trecho do roteiro diferencia entre os endereços IP externos e internos das instituições. A premissa é que as conexões entre os nós writer, boot e validator de uma instituição se dará por IPs internos e as conexões entre nós de diferentes instituições se dará por IPs externos. + +O diagrama a seguir pode ser útil na compreensão dos próximos passos. + +![Topologia da rede](https://i.imgur.com/BwHFxsf.png) + +**As seguintes regras de firewall deverão ser configuradas:** + +- Todos os validators devem conseguir se conectar entre si. Por isso, para seus validators: + - Permita conexão (inbound) no `IP_Externo:Porta` do seu validator a partir dos outros validators que integram a RBB. + - Permita conexão (outbound) para os `IPs_Externos:Portas` dos outros validators que integram a RBB. +- Todos os boots devem conseguir se conectar entre si. Por isso, para seus boots: + - Permita conexão (inbound) no `IP_Externo:Porta` do seu boot a partir dos outros boots que integram a RBB. + - Permita conexão (outbound) para os `IPs_Externos:Portas` dos outros boots que integram a RBB. +- Todos os boots devem conseguir se conectar com os writers (**apenas dos partícipes parceiros**). Por isso, para seus boots: + - Permita conexão (inbound) no `IP_Externo:Porta` do seu boot a partir dos writers (**apenas dos partícipes parceiros**) que integram a RBB. + - Permita conexão (outbound) para os `IPs_Externos:Portas` dos writers (**apenas dos partícipes parceiros**) que integram a RBB. + +## 2 - Atividades a serem executadas no início da rede pela instituição inicial + +A instituição inicial desempenhará as primeiras atividades da rede. É ela quem levantará os primeiros nós antes de todos os outros e, em especial, é a responsável por implantar os **smart contracts** de permissionamento. + +Caso você **não** seja a instituição inicial pule para a [seção 3](#3---atividades-a-serem-executadas-durante-a-entrada-de-cada-institui%C3%A7%C3%A3o-na-rede-com-exce%C3%A7%C3%A3o-da-primeira). + +### 2.1 - Compartilhar genesis.json do nó validator + +- **Apenas no nó validator**, execute o seguinte comando para criar um arquivo `genesis.json` com o validator definido no extradata: + + ```bash + ./rbb-cli genesis create --validators validator + + ``` + +- Disponibilize o arquivo `genesis.json` do nó validator, localizado em `.env.configs/genesis.json`, com as outras instituições no seguinte caminho do repositório: + + `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/genesis.json` + +### 2.2 - Executar sub-roteiro "[Ajustar genesis e static-nodes](#41---ajustar-genesis-e-static-nodes)" + +### 2.3 - Executar sub-roteiro "[Levantar os nós](#42---levantar-os-nós)" + +### 2.4 - Implantar os smart contracts de permissionamento + +#### 2.4.1 - Pré-requisito + +- [Node.js](https://nodejs.org/en/download/) + +#### 2.4.2 - Preparar o Deploy + +- Execute os seguintes comandos: + + ```bash + curl -#SL https://github.com/RBBNet/Permissionamento/releases/download/v1.0.0-backend-alpha/permissioningDeploy.tar.gz | tar xz + cd permissioningDeploy + + ``` + +- Execute o seguinte comando para instalar as dependências: + + ```bash + yarn install + + ``` + +- Crie um arquivo `.env` e defina as variáveis de ambiente neste arquivo conforme template abaixo: + + ```.env + NODE_INGRESS_CONTRACT_ADDRESS=0x0000000000000000000000000000000000009999 + ACCOUNT_INGRESS_CONTRACT_ADDRESS=0x0000000000000000000000000000000000008888 + BESU_NODE_PERM_ACCOUNT=627306090abaB3A6e1400e9345bC60c78a8BEf57 + BESU_NODE_PERM_KEY=c87509a1c067bbde78beb793e6fa76530b6382a4c0241e5e4a9ec0a0f44dc0d3 + BESU_NODE_PERM_ENDPOINT=http://127.0.0.1:8545 + CHAIN_ID=648629 + INITIAL_ADMIN_ACCOUNTS=0x38393851d6d26497de390b37b4eb0c1c20a5b0bc,0xc78622f314453aeb349615bff240b6891cefd465,0x8b708294671a61cb3af2626e45ec8ac228a03dea + INITIAL_ALLOWLISTED_ACCOUNTS=0x38393851d6d26497de390b37b4eb0c1c20a5b0bc,0xc78622f314453aeb349615bff240b6891cefd465,0x8b708294671a61cb3af2626e45ec8ac228a03dea + INITIAL_ALLOWLISTED_NODES=enode://7ef6...d416|0|0x000000000000|Boot|BNDES,enode://d350...70d2|1|0x000000000000|Validator|BNDES,enode://971d...5c3c|2|0x000000000000|Writer|BNDES + ``` + + Em `BESU_NODE_PERM_ACCOUNT`, conforme o template, insira o endereço da conta a fazer o deploy e a ser a primeira conta de administração do permissionamento. + + Em `BESU_NODE_PERM_KEY`, insira a chave privada da conta mencionada acima conforme o template. + > ⚠️ **Atenção!** Certifique-se de utilizar uma chave privada devidamente protegida. + + Em `BESU_NODE_PERM_ENDPOINT`, insira o endereço `IP_Interno:Porta` do seu validator conforme o template. Apenas nesse momento será utilizada a porta RPC do validator - e não do writer - para enviar transações. + + Em `CHAIN_ID`, insira a chain ID da rede conforme o template. A chain ID pode ser encontrada no arquivo `genesis.json`. + + Em `INITIAL_ADMIN_ACCOUNTS`, conforme o template, insira os endereços de conta de administração da lista localizada em: `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/adminAddresses.md`. + + Em `INITIAL_ALLOWLISTED_ACCOUNTS`, conforme o template, insira os endereços de conta de administração da lista localizada em: `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/adminAddresses.md`. As listas de administração e de conta (endereços de conta permitidos de enviarem transações na rede) são diferentes e independentes. Desta forma, faz-se necessário adicionar os endereços de conta de adminstração também nesta variável de ambiente para que seja possível enviar transações na rede. + + Em `INITIAL_ALLOWLISTED_NODES`, conforme o template, insira as informações de todos os nós da lista localizada em: `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/enodes.md`. As informações de cada nó devem ser separadas por vírgula e devem ser inseridas da seguinte forma: + + ```.env + enode://|||| + ``` + +#### 2.4.3 - Executar o Deploy + +```bash +yarn truffle migrate --reset --network besu + +``` + +### 2.5 - Executar sub-roteiro "[Levantar DApp de permissionamento](#44---levantar-dapp-de-permissionamento)" + +### 2.6 - Executar sub-roteiro "[Levantar monitoração](#45---levantar-monitora%C3%A7%C3%A3o)" + +### 2.7 - Executar sub-roteiro "[Levantar block explorer](#46---levantar-block-explorer)" + +## 3 - Atividades a serem executadas durante a entrada de cada instituição na rede (com exceção da primeira) + +Após a instituição inicial começar a implantação da rede, as outras instituições entrarão uma após a outra. Os passos dessa seção serão executados a cada instituição que aderir à rede. + +### 3.1 - Executar sub-roteiro "[Ajustar genesis e static-nodes](#41---ajustar-genesis-e-static-nodes)" + +### 3.2 - Executar sub-roteiro "[Levantar os nós](#42---levantar-os-nós)" + +### 3.3 - [SOMENTE VALIDATORS] Solicitar votação no validator + +A votação de validadores é feita apenas por validadores. Caso possua um nó preparado para ser validator, mas ainda sem produzir blocos, avise às outras instituições - que possuem validadores produzindo blocos - para votarem no seu validator. Peça para executar o sub-roteiro "[Votar nos validadores](#43---votar-nos-validadores)". + +### 3.4 - Executar sub-roteiro "[Levantar DApp de permissionamento](#44---levantar-dapp-de-permissionamento)" + +### 3.5 - Executar sub-roteiro "[Levantar monitoração](#45---levantar-monitora%C3%A7%C3%A3o)" + +### 3.6 - Executar sub-roteiro "[Levantar block explorer](#46---levantar-block-explorer)" + +--- + +## 4 - Sub-roteiros + +### 4.1 - Ajustar genesis e static-nodes + +As seguintes atividades serão executadas nesse sub-roteiro: + +- Inclusão do arquivo genesis.json. +- Inclusão da lista de todos os boots (usando IPs externos) no genesis.json do boot. +- Criação de um arquivo static-nodes.json no validator com os validators das outras instituições (usando IPs externos) e com o boot da própria instituição (usando IP interno). +- Criação de um arquivo static-nodes.json no writer apenas com o boot da própria instituição (usando IP interno). + +Os passos acima serão detalhados a seguir. + +Os enodes que serão inseridos nos arquivos genesis.json e static-nodes.json podem ser obtidos no seguinte arquivo anteriormente compartilhado: `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/enodes.md`. + +#### 4.1.1 - Ajustes no genesis.json do boot + +- Inclua em `.env.configs/`, o arquivo `genesis.json` localizado em `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/genesis.json`. + +- Inclua na seção apropriada (conforme modelo) do arquivo `.env.configs/genesis.json`, os enodes de todos os **outros** boots da rede. + + Modelo: + + ```json + "bootnodes" : + [ + "enode://@:", + "enode://@:" + ] + ``` + + O arquivo genesis.json do bootnode deve seguir conforme o exemplo abaixo: + ![Conteúdo exemplo do arquivo genesis.json](https://i.imgur.com/MPgJljO.png) + +#### 4.1.2 - Ajustes nos static-nodes + +Ajuste o arquivo `static-nodes.json` dos writers e validators da seguinte forma: + +#### **Nós validators** + +- Desabilite a descoberta de nós com o seguinte comando: + + ```bash + ./rbb-cli config set nodes.validator.environment.BESU_DISCOVERY_ENABLED=false + + ``` + +- Nos **validators**, inclua no arquivo `volumes/validator/static-nodes.json` todos os enodes dos outros validators (usando **IPs externos**) e o enode do bootnode da própria instituição (usando **IP interno**). + + Modelo: + + ```json + [ + "enode://@:", + "enode://@:", + ... + "enode://@:" + ] + ``` + +#### **Nós writers** + +- Desabilite a descoberta de nós com o seguinte comando: + + ```bash + ./rbb-cli config set nodes.writer.environment.BESU_DISCOVERY_ENABLED=false + + ``` + +- Nos **writers**, inclua no arquivo `volumes/writer/static-nodes.json` o enode do boot interno usando o **IP interno**. + + Modelo: + + ```json + [ + "enode://@:" + ] + ``` + +### 4.2 - Levantar os nós + +```bash +./rbb-cli config render-templates +docker-compose up -d + +``` + +- Outros comandos úteis: + + - Utilize o seguinte comando para visualizar o log do nó: + + ```bash + docker-compose logs -f + + ``` + + - Utilize o seguinte comando para interromper o nó: + + ```bash + docker-compose down + + ``` + +### 4.3 - Votar nos validadores + +- Através de um validator, execute o seguinte comando **para votar em um outro validator**: + +```bash +curl -X POST --data '{"jsonrpc":"2.0","method":"qbft_proposeValidatorVote","params":["",true], "id":1}' : +``` + +O endereço dos validadores pode ser obtido em `https://github.com/RBBNet/participantes/tree/main/`**${rede}**`/enodes.md` na coluna "Account". + +### 4.4 - Levantar dApp de permissionamento + +- Execute os seguintes comandos em um diretório que estará acessível pelo servidor web: + + ```bash + curl -#SL https://github.com/RBBNet/Permissionamento/releases/download/0.1/permissioningDapp.tar.gz | tar xz + cd permissioningDapp + + ``` + +- Adicione um arquivo "config.json" no diretório `permissioningDapp` contendo as seguintes informações: + + ```json + { + "accountIngressAddress": "", + "nodeIngressAddress": "", + "networkId": "" + } + ``` + +### 4.5 - Levantar monitoração + +### 4.6 - Levantar block explorer + +#### Sirato Block Explorer + +- Executar no boot node, no node de monitoramento, ou no node que irá executar o block explorer: + +```bash +git clone https://github.com/web3labs/sirato-free.git + +cd sirato-free/docker-compose + +NODE_ENDPOINT=http://: PORT= docker-compose -f docker-compose.yml -f sirato-extensions/docker-compose-besu.yml up + +``` + +- Acessar no browser remoto: + +```bash +http://boot-node-ip:blockexplorer-port + +``` + +### 4.7 - Levantar EthStats - Executar sub-roteiro "[Roteiro de instalação do EthStats](roteiro_monitoramento_ethstats.md)" + + diff --git a/[TESTE] Roteiro_para_a_criacao_de_uma_rede.md b/[TESTE] Roteiro_para_a_criacao_de_uma_rede.md new file mode 100644 index 00000000..5648eb86 --- /dev/null +++ b/[TESTE] Roteiro_para_a_criacao_de_uma_rede.md @@ -0,0 +1,289 @@ + +# Roteiro para levantar uma rede de testes + +Este roteiro tem como objetivo levantar uma rede para testes compatível com a RBB. Além disso, este roteiro assume que os nós serão iniciados em uma mesma máquina virtual (Virtual Machine - VM). + +## 1 - Preparação + +### 1.1 - Pré-requisitos + +- [Docker](https://www.docker.com/products/docker-desktop/) +- Git + +### 1.2 - Baixar o repositório `start-network` + +- Execute os seguintes comandos: + + ```bash + git clone https://github.com/RBBNet/start-network.git + cd start-network + + ``` + +Daqui para frente, considere que todos os comandos são executados dentro do diretório start-network. + +### 1.3 - Preparar arquivos + +Execute o comando/script abaixo para gerar as chaves públicas e privadas e os endereços dos nós validator, boot e writer. Exemplo: + +```bash +./rbb-cli node create validator, boot, writer + +``` + +- Execute os comandos abaixo para definir a porta da VM pela qual serão feitas chamadas RPC para os nós. Na primeira linha do exemplo abaixo é mapeado a porta 10001 da VM (host) para a porta 8545 do nó validator (container), a porta 8545 do nó é a porta padrão para chamadas RPC via HTTP: + + ```bash + ./rbb-cli config set nodes.validator.ports+=[\"10001:8545\"] + ./rbb-cli config set nodes.boot.ports+=[\"10002:8545\"] + ./rbb-cli config set nodes.writer.ports+=[\"10003:8545\"] + + ``` + +Após a execução dos comandos acima os seguintes itens serão gerados: + +- Par de chaves pública/privada: + - Caminho da chave privada: `.env.configs/nodes//key` + - Caminho da chave pública: `.env.configs/nodes//key.pub` +- Endereço do nó (account): + - Localizado em: `.env.configs/nodes//node.id` + +A chave pública, endereço e outras informações sobre os nós podem ser obtidas através do seguinte comando: + +```bash +./rbb-cli config dump + +``` + +### 1.4 - Informações úteis + +- Enode + + O enode é uma string que serve de identificador para o nó e que será utilizado neste roteiro. + + Sua formação é o que segue: `enode://@:`. + +- Variáveis de ambiente do Besu + + As variáveis de ambiente do Besu para **todos os nós** podem ser alteradas no arquivo `docker-compose.yml.hbs`. + Para alterar a variável de ambiente do Besu **especificamente de um nó**, execute o comando abaixo: + + ```bash + ./rbb-cli config set nodes..environment.= + + ``` + +- Topologia + + A topologia da RBB está de acordo com o diagrama abaixo e pode ser útil na compreensão dos próximos passos. + + ![Topologia da rede](https://i.imgur.com/BwHFxsf.png) + +## 2 - Ajustes do arquivo genesis e static-nodes + +### 2.1 - Criar genesis.json + +- Execute o seguinte comando para criar um arquivo `genesis.json` com o validator definido no extradata: + + ```bash + ./rbb-cli genesis create --validators validator + + ``` + +### 2.2 - Ajustar static-nodes + +As seguintes atividades serão executadas nesse sub-roteiro: + +- Criação de um arquivo static-nodes.json no validator apenas com o boot. +- Criação de um arquivo static-nodes.json no writer apenas com o boot. + +Os passos acima serão detalhados a seguir. + +Ajuste o arquivo `static-nodes.json` do writer e validator da seguinte forma: + +#### **Nó validator** + +- Desabilite a descoberta de nós com o seguinte comando: + + ```bash + ./rbb-cli config set nodes.validator.environment.BESU_DISCOVERY_ENABLED=false + + ``` + +- No **validator**, inclua no arquivo `volumes/validator/static-nodes.json` o enode do boot. + + Modelo: + + ```json + [ + "enode://@boot:30303" + ] + ``` + +#### **Nó writer** + +- Desabilite a descoberta de nós com o seguinte comando: + + ```bash + ./rbb-cli config set nodes.writer.environment.BESU_DISCOVERY_ENABLED=false + + ``` + +- No **writer**, inclua no arquivo `volumes/writer/static-nodes.json` o enode do boot. + + Modelo: + + ```json + [ + "enode://@boot:30303" + ] + ``` + +## 3 - Iniciar os nós + +Caso o permissionamento venha a ser utilizado, inicie apenas o validator neste primeiro momento para realizar o deploy dos smart contracts de permissionamento: + +```bash +./rbb-cli config render-templates +docker-compose up -d validator + +``` + +Caso contrário, execute os seguintes comandos: + +```bash +./rbb-cli config render-templates +docker-compose up -d + +``` + +- Outros comandos úteis: + + - Utilize o seguinte comando para visualizar o log do nó: + + ```bash + docker-compose logs -f + + ``` + + - Utilize o seguinte comando para interromper o nó: + + ```bash + docker-compose down + + ``` + +## 4 - [OPCIONAL] Implantar os smart contracts de permissionamento + +### 4.1 - Pré-requisito + +- [Node.js](https://nodejs.org/en/download/) + +### 4.2 - Preparar o Deploy + +- Execute os seguintes comandos: + + ```bash + git clone https://github.com/RBBNet/Permissionamento.git + cd Permissionamento + + ``` + +- Execute o seguinte comando para instalar as dependências: + + ```bash + yarn install + + ``` + +- Crie um arquivo `.env` e defina as variáveis de ambiente neste arquivo conforme template abaixo: + + ```.env + NODE_INGRESS_CONTRACT_ADDRESS=0x0000000000000000000000000000000000009999 + ACCOUNT_INGRESS_CONTRACT_ADDRESS=0x0000000000000000000000000000000000008888 + BESU_NODE_PERM_ACCOUNT=627306090abaB3A6e1400e9345bC60c78a8BEf57 + BESU_NODE_PERM_KEY=c87509a1c067bbde78beb793e6fa76530b6382a4c0241e5e4a9ec0a0f44dc0d3 + BESU_NODE_PERM_ENDPOINT=http://127.0.0.1:8545 + CHAIN_ID=648629 + INITIAL_ALLOWLISTED_NODES=enode://7ef6...d416|0|0x000000000000|Boot|BNDES,enode://d350...70d2|1|0x000000000000|Validator|BNDES,enode://971d...5c3c|2|0x000000000000|Writer|BNDES + ``` + + Em `BESU_NODE_PERM_ACCOUNT`, conforme o template, insira o endereço da conta a fazer o deploy e a ser a primeira conta admin do permissionamento. Por ser este um roteiro somente para testes, o endereço contido no template poderá ser utilizado. + + Em `BESU_NODE_PERM_KEY`, insira a chave privada da conta mencionada acima conforme o template. Por ser este um roteiro somente para testes, a chave privada contida no template poderá ser utilizada. + > ⚠️ **Atenção!** Não utilize a chave privada do template em ambiente de **produção**. + + Em `BESU_NODE_PERM_ENDPOINT`, insira o endereço `IP:Porta` do seu validator (utilize o IP do container, execute ```docker ps``` para localizar o id do container do validator e, em seguida, ```docker inspect | grep "IPAddress"``` para obter o IP do container do validator ) conforme o template. Apenas nesse momento será utilizada a porta RPC do validator - e não do writer - para enviar transações. + + Em `CHAIN_ID`, insira a chain ID da rede conforme o template. A chain ID pode ser encontrada no arquivo `genesis.json`. + + Em `INITIAL_ALLOWLISTED_NODES`, conforme o template, insira as informações dos nós validator, boot e writer. As informações de cada nó devem ser separadas por vírgula e devem ser inseridas da seguinte forma: + + ```.env + enode://|||| + ``` + +### 4.3 - Executar o Deploy + +```bash +yarn truffle migrate --reset --network besu + +``` + +### 4.4 - Iniciar os outros nós + +```bash +docker-compose up -d boot writer + +``` + +Caso os nós não se conectem, reinicie o validator: + +```bash +docker-compose restart validator + +``` + +## 5 - [EM CONSTRUÇÃO] Levantar dApp de permissionamento + +- Execute os seguintes comandos em um diretório que estará acessível pelo servidor web: + + ```bash + curl -#SL https://github.com/RBBNet/Permissionamento/releases/download/0.1/permissioningDapp.tar.gz | tar xz + cd permissioningDapp + + ``` + +- Adicione um arquivo "config.json" no diretório `permissioningDapp` contendo as seguintes informações: + + ```json + { + "accountIngressAddress": "", + "nodeIngressAddress": "", + "networkId": "" + } + ``` + +## 6 - [EM CONSTRUÇÃO] Levantar monitoração + +## 7 - Levantar block explorer + +#### Sirato Block Explorer: + +- Executar no boot node, no node de monitoramento, ou no node que irá executar o block explorer: + +```bash +git clone https://github.com/web3labs/sirato-free.git + +cd sirato-free/docker-compose + +NODE_ENDPOINT=http://: PORT= docker-compose -f docker-compose.yml -f sirato-extensions/docker-compose-besu.yml up + +``` + +- Acessar no browser remoto: + +```bash +http://boot-node-ip:blockexplorer-port + +``` diff --git a/arquitetura/README.md b/arquitetura/README.md new file mode 100644 index 00000000..7d1c35ba --- /dev/null +++ b/arquitetura/README.md @@ -0,0 +1,57 @@ + + + + +
+ wip +

Atenção: esta página está em construção e ainda será revisada pelo Comitê Técnico da RBB

+
+ +# Arquitetura da Rede Blockchain Brasil - RBB +- RBB é uma rede blockchain do tipo [público-permissionada](https://hal.science/hal-02477405/document) +- A implementação de blockchain utilizada na RBB é [Hyperledger Besu](https://www.hyperledger.org/use/besu). +- Hyperledger Besu é um "cliente" para redes [Ethereum](https://ethereum.org/en/developers/docs/) de código aberto (open source) mantido por [The Linux Foudantion](https://www.linuxfoundation.org/projects). +- [Hyperledger Fundation](https://www.hyperledger.org/about/join) é um dos projetos da The Linux Foundation e o Hyperledger Besu é um dos sub-projetos da Hyperledger Fundation. +- Hyperledger Besu é um dos "clientes" conhecidos para redes Ethereum. + - Na verdade, o dito software "cliente" para Ethereum é o software executado em um nó da rede. + - Portanto, trata-se de uma espécie de falso cognato, já que o software é executado em nós (nodes) que formam uma rede [P2P](https://en.wikipedia.org/wiki/Peer-to-peer) +- Nós em uuma rede Hyperledger Besu executam uma [EVM - Ethereum Virtual Machine](https://ethereum.org/en/developers/docs/evm/) + - Isto permite a execução de [contratos inteligentes (smart contracts)](https://ethereum.org/en/developers/docs/smart-contracts/) +- O protocolo de consenso usado na RBB é do tipo [proof of authority](https://besu.hyperledger.org/stable/private-networks/concepts/poa), sob o mecanismo [QBFT](https://besu.hyperledger.org/stable/private-networks/how-to/configure/consensus/qbft/). +- Os nós da RBB funcionam sob topologia descrita nesta documentação arquitetural em complemento aos documentos dos [repositórios da RBB](https://github.com/RBBNet/) no GitHub. +- O objetivo deste documento é apresentar visões arquiteturais que descrevem os elementos da rede e suas interações. +- A forma com que as visões arquiteturais são definidas neste documento foi influenciada pelo Framework de Governança estabelecido para a RBB. + +
+ + + + + +
+ wip +
+ +## Arquitetura + +As visões arquiteturais apresentam diferentes perspectivas do design do sistema de acompanhamento de compras. + +- [Visão de infraestrutura - infra básica](visoes/infra-basica.md) +- [Visão de permissionamento](visoes/permissionamento.md) +- [Visão de monitoração](visoes/monitoracao.md) +- [Visão de segurança](visoes/seguranca.md) +- [Visão de DApps](visoes/dapps.md) +- [Visão de observação](visoes/observacao.md) + + +## ADRs + +ADRs são documentos curtos que registram decisões de design relevantes. A ideia é contextualizar e prover a justificativa (*rationale*) da decisão. + + +***Note***: *Estamos usando [este template de ADR](https://github.com/pmerson/ADR-template/blob/master/ADR-template_pt-BR.md).* + + +## Backlog + +* Veja o [Kanban do projeto](https://github.com/orgs/RBBNet/projects/2). diff --git a/arquitetura/diagramas/core-satellite.drawio b/arquitetura/diagramas/core-satellite.drawio new file mode 100644 index 00000000..91f7a1ba --- /dev/null +++ b/arquitetura/diagramas/core-satellite.drawio @@ -0,0 +1,187 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/arquitetura/diagramas/infra-rbb-visao-geral.drawio b/arquitetura/diagramas/infra-rbb-visao-geral.drawio new file mode 100644 index 00000000..0bbd812c --- /dev/null +++ b/arquitetura/diagramas/infra-rbb-visao-geral.drawio @@ -0,0 +1,524 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/arquitetura/diagramas/rede-publico-permissionada.drawio b/arquitetura/diagramas/rede-publico-permissionada.drawio new file mode 100644 index 00000000..465b96ea --- /dev/null +++ b/arquitetura/diagramas/rede-publico-permissionada.drawio @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/arquitetura/imagens/core-satellite.png b/arquitetura/imagens/core-satellite.png new file mode 100644 index 00000000..9d21559a Binary files /dev/null and b/arquitetura/imagens/core-satellite.png differ diff --git a/arquitetura/imagens/framework-governanca.png b/arquitetura/imagens/framework-governanca.png new file mode 100644 index 00000000..070bff22 Binary files /dev/null and b/arquitetura/imagens/framework-governanca.png differ diff --git a/arquitetura/imagens/infra-rbb-visao-geral.png b/arquitetura/imagens/infra-rbb-visao-geral.png new file mode 100644 index 00000000..459773e2 Binary files /dev/null and b/arquitetura/imagens/infra-rbb-visao-geral.png differ diff --git a/arquitetura/imagens/legenda-core-satellite.png b/arquitetura/imagens/legenda-core-satellite.png new file mode 100644 index 00000000..887d2e8f Binary files /dev/null and b/arquitetura/imagens/legenda-core-satellite.png differ diff --git a/arquitetura/imagens/legenda-infra-basica.png b/arquitetura/imagens/legenda-infra-basica.png new file mode 100644 index 00000000..dda8478b Binary files /dev/null and b/arquitetura/imagens/legenda-infra-basica.png differ diff --git a/arquitetura/imagens/work-in-progress-icon.png b/arquitetura/imagens/work-in-progress-icon.png new file mode 100644 index 00000000..09e42410 Binary files /dev/null and b/arquitetura/imagens/work-in-progress-icon.png differ diff --git a/arquitetura/visoes/dapps.md b/arquitetura/visoes/dapps.md new file mode 100644 index 00000000..eb11d600 --- /dev/null +++ b/arquitetura/visoes/dapps.md @@ -0,0 +1,4 @@ +Atenção: esta página está em construção e não está disponível no momento +

+ wip +

\ No newline at end of file diff --git a/arquitetura/visoes/infra-basica.md b/arquitetura/visoes/infra-basica.md new file mode 100644 index 00000000..8f747c52 --- /dev/null +++ b/arquitetura/visoes/infra-basica.md @@ -0,0 +1,72 @@ + + + + +
+ wip +

Atenção: esta página está em construção e ainda será revisada pelo Comitê Técnico da RBB

+
+ +# Visão de Infraestrutura +- Visão de runtime que demonstra os elementos básicos da infraestrutura da rede e suas interações. + +![Infra básica da rede](../imagens/infra-rbb-visao-geral.png) +![Legenda infra básica](../imagens/legenda-infra-basica.png) + + +### Tipos de nós: núcleo (core nodes) e nós satélites (satellite nodes) + +![Topologia por tipo de nó](../imagens/core-satellite.png) +![Legenda topologia tipo nó](../imagens/legenda-core-satellite.png) + +## Catálogo de elementos + +#### Nós validadores (validator nodes) +- São considerados core nodes, indispensáveis para o funcionamento da rede. +- Participam do protocolo de consenso. +- São responsáveis por criar novos blocos de transações. +- Assinam blocos válidos usando o protocolo [QBFT](https://besu.hyperledger.org/stable/private-networks/concepts/poa) + +#### Protocolo de consenso QBFT +- Protocolo proof of authority (PoA) +- Neste protocolo, contas aprovadas (approved accounts), conhecidas como "validators", validam transações e blocos. +- Apenas nós admitidos e permissionados como validadores (validators) podem propor ou validar novos blocos. +- Os nós validadores existentes podem propor e votar pela admissão de novos nós validadores e também por exclusão de nós validadores existentes. +- Não há forks ou entradas concorrentes de novos blocos na rede + - Um novo bloco é sempre inserido ao final da cadeia de blocos (finality is instantaneous or semi-instantaneous) +- Para a rede ser considerada tolerante a falhas Bizantinas (Byzantine fault tolerant), é necessário no mínimo quatro nós validadores. +- Se mais de 1/3 dos nós validadores tornarem-se indisponíveis, a rede para de produzir transações e blocos. +- Blocos precisam ser assinados pela maioria (2/3 ou mais) dos nós validadores. +- Quanto maior o número de nós validadores, maior o tempo para aprovação e inclusão de um novo bloco. +- Nós validadores (validators) tem um intervalo de tempo (time slot) para propor um novo bloco + - Se o tempo deste "time slot" expirar, um novo validador será escolhido para propor um novo bloco + +#### Nós conectores (boot nodes) +- São considerados core nodes. +- Servem como ligação ou ponto de acesso entre nós satélites (writers e observers) e o núcleo da rede. +- Recebem transações dos nós registradores (writers) e as repassam aos nós validadores. +- Recebem blocos de transação gerados por validadores e compartilham o histórico e o estado dos blocos com outros nós satélites (ex.: nós observadores). +- São responsáveis por admitir novos nós na rede, repassando uma lista de todos os nós ativos na rede. + +#### Nós registradores (writer nodes) +- São considerados nós satélites + - Não fazem parte do núcleo (core) da rede. + - Não são indispensáveis ao funcionamento da rede. +- Podem enviar transações para rede. +- Usam os nós conectores (boot nodes) que repassam as transações aos nós validadores. + +#### Nós observadores (observer nodes) +- São considerados nós satélites + - Não fazem parte do núcleo (core) da rede. + - Não são indispensáveis ao funcionamento da rede. +- Apenas leem (read only) blocos de transações da rede +- Usam os nós conectores (boot nodes) para acessar os blocos de transações da ledger. +- +## Comportamento +- N/A. + +## ADRs relacionadas +- N/A. +- +## Visões relacionadas +- N/A. \ No newline at end of file diff --git a/arquitetura/visoes/monitoracao.md b/arquitetura/visoes/monitoracao.md new file mode 100644 index 00000000..eb11d600 --- /dev/null +++ b/arquitetura/visoes/monitoracao.md @@ -0,0 +1,4 @@ +Atenção: esta página está em construção e não está disponível no momento +

+ wip +

\ No newline at end of file diff --git a/arquitetura/visoes/observacao.md b/arquitetura/visoes/observacao.md new file mode 100644 index 00000000..eb11d600 --- /dev/null +++ b/arquitetura/visoes/observacao.md @@ -0,0 +1,4 @@ +Atenção: esta página está em construção e não está disponível no momento +

+ wip +

\ No newline at end of file diff --git a/arquitetura/visoes/permissionamento.md b/arquitetura/visoes/permissionamento.md new file mode 100644 index 00000000..eb11d600 --- /dev/null +++ b/arquitetura/visoes/permissionamento.md @@ -0,0 +1,4 @@ +Atenção: esta página está em construção e não está disponível no momento +

+ wip +

\ No newline at end of file diff --git a/arquitetura/visoes/seguranca.md b/arquitetura/visoes/seguranca.md new file mode 100644 index 00000000..eb11d600 --- /dev/null +++ b/arquitetura/visoes/seguranca.md @@ -0,0 +1,4 @@ +Atenção: esta página está em construção e não está disponível no momento +

+ wip +

\ No newline at end of file diff --git a/comunicacao/RBB - 2023-02-03 - Discord v2.pptx b/comunicacao/RBB - 2023-02-03 - Discord v2.pptx new file mode 100644 index 00000000..75a60a84 Binary files /dev/null and b/comunicacao/RBB - 2023-02-03 - Discord v2.pptx differ diff --git a/documentos/ACT_TCU_BNDES_RBB.pdf b/documentos/ACT_TCU_BNDES_RBB.pdf new file mode 100644 index 00000000..c9f32ab0 Binary files /dev/null and b/documentos/ACT_TCU_BNDES_RBB.pdf differ diff --git "a/documentos/Declara\303\247\303\243o_Parte_Relacionada.doc" "b/documentos/Declara\303\247\303\243o_Parte_Relacionada.doc" new file mode 100644 index 00000000..4392d01b Binary files /dev/null and "b/documentos/Declara\303\247\303\243o_Parte_Relacionada.doc" differ diff --git "a/documentos/Declara\303\247\303\243o_Previd\303\252ncia.doc" "b/documentos/Declara\303\247\303\243o_Previd\303\252ncia.doc" new file mode 100644 index 00000000..1808b1fc Binary files /dev/null and "b/documentos/Declara\303\247\303\243o_Previd\303\252ncia.doc" differ diff --git "a/documentos/Modelo-Carta-indica\303\247\303\243o-representante.doc" "b/documentos/Modelo-Carta-indica\303\247\303\243o-representante.doc" new file mode 100644 index 00000000..0f0de714 Binary files /dev/null and "b/documentos/Modelo-Carta-indica\303\247\303\243o-representante.doc" differ diff --git a/documentos/Termo-de-Adesao_RBB.docx b/documentos/Termo-de-Adesao_RBB.docx new file mode 100644 index 00000000..6e094adc Binary files /dev/null and b/documentos/Termo-de-Adesao_RBB.docx differ diff --git a/documentos/Termo_de_Confidencialidade_RBB.docx b/documentos/Termo_de_Confidencialidade_RBB.docx new file mode 100644 index 00000000..04b19f0a Binary files /dev/null and b/documentos/Termo_de_Confidencialidade_RBB.docx differ diff --git "a/governanca/2022-08-22-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinado.pdf" "b/governanca/2022-08-22-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinado.pdf" new file mode 100644 index 00000000..35f85355 Binary files /dev/null and "b/governanca/2022-08-22-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinado.pdf" differ diff --git "a/governanca/2022-11-01-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinada.pdf" "b/governanca/2022-11-01-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinada.pdf" new file mode 100644 index 00000000..ca6dfea6 Binary files /dev/null and "b/governanca/2022-11-01-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinada.pdf" differ diff --git "a/governanca/2022-11-29-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinada.pdf" "b/governanca/2022-11-29-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinada.pdf" new file mode 100644 index 00000000..379eaada Binary files /dev/null and "b/governanca/2022-11-29-Ata-Reuni\303\243o-Governan\303\247a-RBB-Assinada.pdf" differ diff --git "a/governanca/2022-12-22-Indica\303\247\303\243o-Representantes-BNDES-CARTA-SUP-ATI-01-2022.pdf" "b/governanca/2022-12-22-Indica\303\247\303\243o-Representantes-BNDES-CARTA-SUP-ATI-01-2022.pdf" new file mode 100644 index 00000000..cc45c12f Binary files /dev/null and "b/governanca/2022-12-22-Indica\303\247\303\243o-Representantes-BNDES-CARTA-SUP-ATI-01-2022.pdf" differ diff --git "a/governanca/2023-01-03-Indica\303\247\303\243o-Representante-RNP.pdf" "b/governanca/2023-01-03-Indica\303\247\303\243o-Representante-RNP.pdf" new file mode 100644 index 00000000..5d2c7007 Binary files /dev/null and "b/governanca/2023-01-03-Indica\303\247\303\243o-Representante-RNP.pdf" differ diff --git "a/governanca/2023-01-05-Indica\303\247\303\243o-Representantes-TCU.pdf" "b/governanca/2023-01-05-Indica\303\247\303\243o-Representantes-TCU.pdf" new file mode 100644 index 00000000..b7afbeb4 Binary files /dev/null and "b/governanca/2023-01-05-Indica\303\247\303\243o-Representantes-TCU.pdf" differ diff --git "a/governanca/2023-01-06-Indica\303\247\303\243o-Representantes-CPQD.pdf" "b/governanca/2023-01-06-Indica\303\247\303\243o-Representantes-CPQD.pdf" new file mode 100644 index 00000000..32deac03 Binary files /dev/null and "b/governanca/2023-01-06-Indica\303\247\303\243o-Representantes-CPQD.pdf" differ diff --git "a/governanca/2023-01-19-Indica\303\247\303\243o-Representantes-Dataprev.pdf" "b/governanca/2023-01-19-Indica\303\247\303\243o-Representantes-Dataprev.pdf" new file mode 100644 index 00000000..f2384f43 Binary files /dev/null and "b/governanca/2023-01-19-Indica\303\247\303\243o-Representantes-Dataprev.pdf" differ diff --git a/governanca/2023-01-19-RBB-Ata-Reuniao-Comite-Executivo-Assinada.pdf b/governanca/2023-01-19-RBB-Ata-Reuniao-Comite-Executivo-Assinada.pdf new file mode 100644 index 00000000..86a657e2 Binary files /dev/null and b/governanca/2023-01-19-RBB-Ata-Reuniao-Comite-Executivo-Assinada.pdf differ diff --git "a/governanca/2023-01-24-Reuni\303\243o-Comit\303\252-T\303\251cnico.pptx" "b/governanca/2023-01-24-Reuni\303\243o-Comit\303\252-T\303\251cnico.pptx" new file mode 100644 index 00000000..5c062e25 Binary files /dev/null and "b/governanca/2023-01-24-Reuni\303\243o-Comit\303\252-T\303\251cnico.pptx" differ diff --git "a/governanca/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico.pptx" "b/governanca/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico.pptx" new file mode 100644 index 00000000..2e835d6d Binary files /dev/null and "b/governanca/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico.pptx" differ diff --git "a/governanca/2023-02-13-Indica\303\247\303\243o-Representantes-Prodemge.pdf" "b/governanca/2023-02-13-Indica\303\247\303\243o-Representantes-Prodemge.pdf" new file mode 100644 index 00000000..3ce9975f Binary files /dev/null and "b/governanca/2023-02-13-Indica\303\247\303\243o-Representantes-Prodemge.pdf" differ diff --git "a/governanca/2023-02-16-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" "b/governanca/2023-02-16-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" new file mode 100644 index 00000000..b4ef5b5a Binary files /dev/null and "b/governanca/2023-02-16-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" differ diff --git "a/governanca/2023-03-23-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" "b/governanca/2023-03-23-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" new file mode 100644 index 00000000..b5da4a1a Binary files /dev/null and "b/governanca/2023-03-23-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" differ diff --git "a/governanca/2023-04-27-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" "b/governanca/2023-04-27-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" new file mode 100644 index 00000000..c970ed38 Binary files /dev/null and "b/governanca/2023-04-27-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" differ diff --git "a/governanca/2023-06-01-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" "b/governanca/2023-06-01-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" new file mode 100644 index 00000000..151a4c78 Binary files /dev/null and "b/governanca/2023-06-01-RBB-Ata-Reuni\303\243o-Comit\303\252-Executivo-Assinada.pdf" differ diff --git a/governanca/2023-07-13-RBB-Reuniao-Comite-Executivo-PPT.pdf b/governanca/2023-07-13-RBB-Reuniao-Comite-Executivo-PPT.pdf new file mode 100644 index 00000000..58016acc Binary files /dev/null and b/governanca/2023-07-13-RBB-Reuniao-Comite-Executivo-PPT.pdf differ diff --git "a/governanca/Modelo-Carta-Indica\303\247\303\243o-Comit\303\252-T\303\251cnico.docx" "b/governanca/Modelo-Carta-Indica\303\247\303\243o-Comit\303\252-T\303\251cnico.docx" new file mode 100644 index 00000000..66a3b6c0 Binary files /dev/null and "b/governanca/Modelo-Carta-Indica\303\247\303\243o-Comit\303\252-T\303\251cnico.docx" differ diff --git a/governanca/README.md b/governanca/README.md new file mode 100644 index 00000000..6ea2abab --- /dev/null +++ b/governanca/README.md @@ -0,0 +1,31 @@ +# Governança da RBB + +Os Partícipes da RBB têm se reunido informalmente há vários meses. + +A partir da assinatura do Acordo de Cooperação entre o BNDES e o TCU no dia 12/04/2022 (além do cumprimento de alguns requisitos formais), foram iniciadas as +reuniões formais da Governança da RBB. Inicialmente, estas incluíam apenas o BNDES e o TCU, que são os Partícipes Patronos. A partir do exame documental e formalização das adesões dos Partícipes Aderentes, estes passam a participar das reuniões de Governança da RBB. No momento, os Partícipes da RBB (e os modos de participação) são os seguintes: +- TCU - Patrono. +- BNDES - Patrono. +- Prodest - Aderente Associado. +- Dataprev - Aderente Associado. +- CPQD - Aderente Associado. +- RNP - Aderente Associado. +- Prodemge - Aderente Associado. + +Na terceira reunião da Governança da RBB, já com a participações de TCU, BNDES, Dataprev, CPQD e RNP, foi aprovado o Regulamento da RBB ([link para a ata com o Regulamento](2022-11-29-Ata-Reunião-Governança-RBB-Assinada.pdf)). O Regulamento dividiu a governança em dois comitês: o Comitê Executivo e o Comitê Técnico, definidos da seguinte forma: + +- **Comitê Executivo**, que é responsável por: + - Desenvolver e atualizar o Regulamento da RBB; + - Decidir sobre aceitação de novos participantes; + - Definir critérios para aceitação de casos de uso a serem suportados pela RBB; + - Definir critérios para aceitação de usuários na RBB; + - Analisar e definir esforços necessários para a melhor operação e evolução da RBB. + +- **Comitê Técnico**, que é responsável por: + - Acompanhar, revisar e avaliar o funcionamento da RBB; + - Propor ao Comitê de Governança ajustes, alterações ou iniciativas de inovação nos processos ou nos componentes técnicos da RBB; + - Apoiar o Comitê de Governança no acompanhamento de projetos e iniciativas em andamento; + - Apoiar o Comitê de Governança com levantamento e análises de dados demandados para tomada de decisões. + +Você pode acompanhar as atas das reuniões e outros detalhes de ambos os comitês: [Comitê Executivo](comite_executivo.md) e [Comitê Técnico](comite_tecnico.md). + diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-24 Reuni\303\243o/2023-01-24-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-24 Reuni\303\243o/2023-01-24-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..c4bcd3b7 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-24 Reuni\303\243o/2023-01-24-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-31 Reuni\303\243o/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-31 Reuni\303\243o/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..b2f129cd Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-31 Reuni\303\243o/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-31 Reuni\303\243o/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico_ant.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-31 Reuni\303\243o/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico_ant.pdf" new file mode 100644 index 00000000..f2ac8440 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-01-31 Reuni\303\243o/2023-01-31-Reuni\303\243o-Comit\303\252-T\303\251cnico_ant.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-07 Reuni\303\243o/2023-02-01 BNDES e Dataprev.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-07 Reuni\303\243o/2023-02-01 BNDES e Dataprev.pdf" new file mode 100644 index 00000000..4e940c7e Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-07 Reuni\303\243o/2023-02-01 BNDES e Dataprev.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-07 Reuni\303\243o/2023-02-07 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-07 Reuni\303\243o/2023-02-07 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..521a2c35 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-07 Reuni\303\243o/2023-02-07 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-14 Reuni\303\243o/2023-02-14 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-14 Reuni\303\243o/2023-02-14 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..3874b9c7 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-14 Reuni\303\243o/2023-02-14 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-28 Reuni\303\243o/2023-02-28 BNDES e Dataprev_v02.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-28 Reuni\303\243o/2023-02-28 BNDES e Dataprev_v02.pdf" new file mode 100644 index 00000000..732abcf9 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-28 Reuni\303\243o/2023-02-28 BNDES e Dataprev_v02.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-28 Reuni\303\243o/2023-02-28 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-28 Reuni\303\243o/2023-02-28 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..424e7cc1 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-02-28 Reuni\303\243o/2023-02-28 RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-07 Reuni\303\243o/2023-03-07-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-07 Reuni\303\243o/2023-03-07-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..a81bfc75 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-07 Reuni\303\243o/2023-03-07-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-14 Reuni\303\243o/2023-03-14-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-14 Reuni\303\243o/2023-03-14-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..42e85d13 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-14 Reuni\303\243o/2023-03-14-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-21 Reuni\303\243o/2023-03-21-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-21 Reuni\303\243o/2023-03-21-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..c050d036 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-21 Reuni\303\243o/2023-03-21-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-28 Reuni\303\243o/2023-03-28-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-28 Reuni\303\243o/2023-03-28-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..28fbd985 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-03-28 Reuni\303\243o/2023-03-28-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-04 Reuni\303\243o/2023-04-04-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-04 Reuni\303\243o/2023-04-04-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" new file mode 100644 index 00000000..4b5c3f2c Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-04 Reuni\303\243o/2023-04-04-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-18 Reuni\303\243o/2023-04-18-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-18 Reuni\303\243o/2023-04-18-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" new file mode 100644 index 00000000..b161d56d Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-18 Reuni\303\243o/2023-04-18-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-18 Reuni\303\243o/2023-04-18-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v02.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-18 Reuni\303\243o/2023-04-18-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v02.pdf" new file mode 100644 index 00000000..66b1dba3 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-18 Reuni\303\243o/2023-04-18-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v02.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-25 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-25 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" new file mode 100644 index 00000000..de125dc9 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-04-25 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-09 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-09 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" new file mode 100644 index 00000000..cc25b47e Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-09 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-09 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v02.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-09 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v02.pdf" new file mode 100644 index 00000000..eaf1539c Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-09 Reuni\303\243o/2023-04-25-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v02.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-30 Reuni\303\243o/2023-05-30-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-30 Reuni\303\243o/2023-05-30-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" new file mode 100644 index 00000000..915aac7a Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-05-30 Reuni\303\243o/2023-05-30-RBB-Reuni\303\243o-Comit\303\252-T\303\251cnico-v01.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-06-27 Reuni\303\243o/2023-06-27-RBB-Reuniao-Comite-Tecnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-06-27 Reuni\303\243o/2023-06-27-RBB-Reuniao-Comite-Tecnico.pdf" new file mode 100644 index 00000000..0140cbef Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-06-27 Reuni\303\243o/2023-06-27-RBB-Reuniao-Comite-Tecnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/2023-07-04-RBB-Reuniao-Comite-Tecnico v2.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/2023-07-04-RBB-Reuniao-Comite-Tecnico v2.pdf" new file mode 100644 index 00000000..f288b0c0 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/2023-07-04-RBB-Reuniao-Comite-Tecnico v2.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/2023-07-04-RBB-Reuniao-Comite-Tecnico.pdf" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/2023-07-04-RBB-Reuniao-Comite-Tecnico.pdf" new file mode 100644 index 00000000..738977de Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/2023-07-04-RBB-Reuniao-Comite-Tecnico.pdf" differ diff --git "a/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/gantt.png" "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/gantt.png" new file mode 100644 index 00000000..cd2349e1 Binary files /dev/null and "b/governanca/Reuni\303\265es Comit\303\252 T\303\251cnico/2023-07-04 Reuni\303\243o/gantt.png" differ diff --git a/governanca/comite_executivo.md b/governanca/comite_executivo.md new file mode 100644 index 00000000..bb218dc2 --- /dev/null +++ b/governanca/comite_executivo.md @@ -0,0 +1,66 @@ +# Representantes dos Partícipes no Comitê Executivo da RBB + +- BNDES + - Fernando Passeri Lavrado + - Luciana Giuliani de Oliveira Reis + - Sérgio Marques de Viveiros + - Gladstone Moises Arantes Junior - glads@bndes.gov.br +- TCU + - Rainério Rodrigues Leite + - Eldon Teixeira Coutinho +- Prodest + - Leandro Barbieri + - Flávio Eduardo Babilon Milanesi +- Dataprev + - Felipe Braga Carneiro Leão + - Claudemir Custódio Brum +- CPqD + - José Reynaldo Formigoni Filho +- RNP + - Leandro Neumann Ciuffo +- Prodemge + - Mônica Rocha de Azara + - Carlos Leonardo dos Santos Mendes + + +# Reuniões do Comitê Executivo realizadas. +- 01/06/2023 + - [Ata assinada digitalmente](2023-06-01-RBB-Ata-Reunião-Comitê-Executivo-Assinada.pdf) + - Destaques: + - Adesão da Secretaria de Estado de Transparência e Controle do Maranhão. +- 27/04/2023 + - [Ata assinada digitalmente](2023-04-27-RBB-Ata-Reunião-Comitê-Executivo-Assinada.pdf) + - Destaques: + - Relatos sobre as frentes em andamento no Comitê Técnico. + - Relato sobre contato com representante do Comitê Paralímpico Brasileiro. + - Adesão da PUC-RJ ao Acordo da RBB. + - Planejamento para o piloto. +- 23/03/2023 + - [Ata assinada digitalmente](2023-03-23-RBB-Ata-Reunião-Comitê-Executivo-Assinada.pdf) + - Sem destaques. +- 16/02/2023 + - [Ata assinada digitalmente](2023-02-16-RBB-Ata-Reunião-Comitê-Executivo-Assinada.pdf) + - Destaques: + - Relatos sobre as iniciativas em andamento no Comitê Técnico. + - Ajustes no Regulamento para aceitação de assinaturas gov.br. +- 19/01/2023 + - [Ata assinada digitalmente](2023-01-19-RBB-Ata-Reuniao-Comite-Executivo-Assinada.pdf) + - Destaques: + - Aprovada adesão da Prodemge ao Acordo da RBB. + - Aprovado uso de assinaturas gov.br para documentos recebidos ou produzidos pela RBB. +- 29/11/2022 + - [Ata assinada digitalmente](2022-11-29-Ata-Reunião-Governança-RBB-Assinada.pdf) + - Destaques: + - Aprovado o Regulamento da RBB. + - Os Comitês criados pelo Regulamento (Comitê Executivo e Comitê Técnico) iniciam suas operações tendo o BNDES como coordenador. + - Será produzido um modelo de carta para designação dos representantes no Comitê Técnico. + - Outros temas foram debatidos. +- 01/11/2022 + - [Ata assinada digitalmente](2022-11-01-Ata-Reunião-Governança-RBB-Assinada.pdf) + - Destaques: + - Aceitas as adesões de Prodest, Dataprev, CPqD e RNP. + - Criação de Discord do projeto: https://discord.gg/sHSygnAUVk +- 22/08/2022 + - Ouvintes presentes: + - Eldon Teixeira Coutinho - TCU + - [Ata assinada digitalmente](2022-08-22-Ata-Reunião-Governança-RBB-Assinado.pdf) diff --git a/governanca/comite_tecnico.md b/governanca/comite_tecnico.md new file mode 100644 index 00000000..1b382c25 --- /dev/null +++ b/governanca/comite_tecnico.md @@ -0,0 +1,43 @@ +# Representantes dos Partícipes no Comitê Técnico da RBB + +- BNDES + - Gladstone Moises Arantes Junior - Titular e Coordenador (conforme [ata](2022-11-29-Ata-Reunião-Governança-RBB-Assinada.pdf)). + - Sérgio Marques de Viveiros - Suplente. + - [Carta de indicação ao Comitê Técnico](2022-12-22-Indicação-Representantes-BNDES-CARTA-SUP-ATI-01-2022.pdf). +- TCU + - Eldon Teixeira Coutinho - Titular. + - Valter Rogerio Messias - Suplente. + - [Ofício de indicação ao Comitê Técnico](2023-01-05-Indicação-Representantes-TCU.pdf). +- RNP + - Luiz Eduardo Folly de Campos - Titular. + - [Carta de indicação ao Comitê Técnico](2023-01-03-Indicação-Representante-RNP.pdf). +- CPQD + - Elder Bruno Evaristo Correa - Titular. + - Jeffson Celeiro Sousa - Suplente. + - [Carta de indicação ao Comitê Técnico](2023-01-06-Indicação-Representantes-CPQD.pdf). +- Dataprev + - Claudemir Custódio Brum - Titular. + - Julio Cesar Faria Cornacchia - Suplente + - Danilo Gonçalves Lyra - Suplente. + - [Carta de indicação ao Comitê Técnico](2023-01-19-Indicação-Representantes-Dataprev.pdf). +- Prodemge + - Fabrício Resende Gonçalves - Titular. + - Carlos Leonardo dos Santos Mendes - Suplente. + - [Carta de indicação ao Comitê Técnico](2023-02-13-Indicação-Representantes-Prodemge.pdf). + +# Indicação de Representante para o Comitê Técnico da RBB + +Este é o [modelo de carta](Modelo-Carta-Indicação-Comitê-Técnico.docx) para indicação ao Comitê Técnico da RBB. + +# Reuniões do Comitê Técnico realizadas + +- 31/01/2023 + - Segunda reunião realizada. + - Objetivos principais: + - Apresentar propostas para algumas das atividades levantadas na reunião anterior. + - Definir responsáveis pelas frentes. + - [Apresentação realizada na reunião](2023-01-31-Reunião-Comitê-Técnico.pptx) +- 24/01/2023 + - Primeira reunião realizada. + - Objetivo principal: estruturar um plano de ação para o piloto da RBB. + - [Apresentação realizada na reunião](2023-01-24-Reunião-Comitê-Técnico.pptx) diff --git a/governanca/participes.md b/governanca/participes.md new file mode 100644 index 00000000..c0b80b13 --- /dev/null +++ b/governanca/participes.md @@ -0,0 +1,21 @@ +# Partícipes do Acordo de Cooperação + +Abaixo, a lista das instituições formalmente participantes do Acordo de Cooperação da RBB e seus representantes: +- BNDES + - Fernando Passeri Lavrado + - Luciana Giuliani de Oliveira Reis + - Sérgio Marques de Viveiros + - Gladstone Moises Arantes Junior - glads@bndes.gov.br +- TCU + - Rainério Rodrigues Leite + - Eldon Teixeira Coutinho +- Prodest + - Giovanni Zanol de Araújo + - Leandro Barbieri +- Dataprev + - Felipe Braga Carneiro Leão + - Claudemir Custódio Brum +- CPqD + - José Reynaldo Formigoni Filho +- RNP + - Leandro Neumann Ciuffo diff --git "a/imagens/Framework_Governan\303\247a.png" "b/imagens/Framework_Governan\303\247a.png" new file mode 100644 index 00000000..070bff22 Binary files /dev/null and "b/imagens/Framework_Governan\303\247a.png" differ diff --git a/imagens/Topologia_RBB.png b/imagens/Topologia_RBB.png new file mode 100644 index 00000000..b9dccaa1 Binary files /dev/null and b/imagens/Topologia_RBB.png differ diff --git a/imagens/ethstats.JPG b/imagens/ethstats.JPG new file mode 100644 index 00000000..035d4d37 Binary files /dev/null and b/imagens/ethstats.JPG differ diff --git a/iniciativas.md b/iniciativas.md new file mode 100644 index 00000000..4116c023 --- /dev/null +++ b/iniciativas.md @@ -0,0 +1,52 @@ +# Iniciativas e Discussões Técnicas da RBB + +Baseados nos conhecimentos técnicas das equipes e também daqueles adquiridos através de debates com a equipe da LACChain, a equipe do BNDES produziu um framework +para guiar alguns dos principais debates necessários para colocar o piloto da rede de pé. O framework segue abaixo: + +![Framework](imagens/Framework_Governança.png "Framework Governança") + +Dentre os debates e iniciativas mais relevantes, destacam-se, pelo menos, os seguintes: + +- Identificação e identidades autossoberanas + +A possibilidade de reuso de soluções de identificação por diversas aplicações governamentais foi um dos principais motivos discutidos no BlockchainGov que justificariam +a criação de uma rede com as características da RBB. O BNDES chegou a produzir soluções simples para lidar com a identificação de pessoas jurídicas. A possibilidade +de suportar também identificação de pessoas físicas seria um salto ainda maior e, por restrições legais e características da tecnologia, teria que abordar o tema +de identidades descentralizadas e autossoberanas. A retomada das inicitivas, agora em bases mais formais, certamente passará por esse tema, após priorização +pela governança da RBB. + +- Controle de uso + +A grande maioria das redes públicas (raras exceções, como o IOTA) têm seu controle de uso garantido através da cobrança de taxas variáveis para operar na rede. +Quanto maior o uso, maior as taxas e, assim, ocorre o controle do uso. + +Em redes permissionadas, é preciso haver um acordo entre os participantes. No caso de redes público-permissionadas, este acordo é mais complexo, pois pode envolver +o envio de transações por agentes externos à rede em si. Na LACChain, tal controle se dá através do uso de meta-transações, técnica que provavelmente não será utilizada +na RBB, dada sua complexidade técnica. Portanto, trata-se de um desfio técnico importante a capacidade de dividir a quantidade de processamento disponível na rede de +forma uniforme entre os seus participantes. + +- Observação + +Redes público permissionadas usam infraestrutura tecnológica de redes permissionadas. Para se tornarem públicas, é preciso garantir que não corram risco de serem +atacadas, principalmente, por ataques de DoS e assemelhados. Portanto, é preciso criar soluções para permitir esse comportamento. Tais questões têm alguma semelhança +com o ponto anterior, do controle de uso. + +- Responsabilização + +O problema a ser resolvido aqui pode ser resumido da seguinte forma: se houver algum ato inadequado na rede, como detectar e responsabilizar o seu autor? O ideal é que +tal responsabilização seja feita de forma a garantir o não repúdio, ou seja, que o autor possa ser identificado sem a possibilidade de negar sua responsabilidade. Tal +questão torna-se ainda mais relevante no caso de blockchains, dadas serem uma infraestrutura compartilhada. + +- Monitoração e tratamento de incidentes + +Em geral, os processos de monitoração e tratamento de incidentes ocorrem internamente a uma empresa ou, mesmo quando envolvem diversas instituições, têm uma natureza +mais hierárquica. Como realizar a monitoração conjunta de uma rede onde nenhum dos participantes tem incidência ou prioridade sobre os outros? E como tratar os +incidentes, dado que eles podem envolver diversos atores na rede? Estas são as questões a serem tratadas e elas passam não apenas pelos aspectos técnicos, mas também +de processo, de governança e até aspectos de regulação. + +Estes são apenas alguns destaques. São diversos debates e iniciativas para viabilizar uma rede com as características da RBB. + + + + + diff --git a/instalacao-rbb-node/.gitignore b/instalacao-rbb-node/.gitignore new file mode 100755 index 00000000..723ef36f --- /dev/null +++ b/instalacao-rbb-node/.gitignore @@ -0,0 +1 @@ +.idea \ No newline at end of file diff --git a/instalacao-rbb-node/DAPP_ARCHITECTURE.md b/instalacao-rbb-node/DAPP_ARCHITECTURE.md new file mode 100755 index 00000000..cf8b1e7f --- /dev/null +++ b/instalacao-rbb-node/DAPP_ARCHITECTURE.md @@ -0,0 +1,108 @@ +# RECOMMENDATIONS FOR DAPP ARCHITECTURE +This document aims to provide recommendations on the architecture of your decentralized application (Dapp) running on the LACChain network, which is based on [Hyperledger Besu](https://besu.hyperledger.org/en/stable/ "Hyperledger Besu"). + +## Decentralized applications (dapps) + +The concept of applications running via smart contracts deployed on a blockchain network is known as decentralized apps, or dapps. These types of applications make the blockchain more programmable and more functional. + +Decentralized applications are programs that run on a decentralized network combined with frontEnd and BackEnd technologies. Many blockchain apps have semi-centralized architectures in which some tasks are performed by a central component. However, it might be preferable that all the components of these type of architectures are independent of a central party to say the architecture is truly decentralized. + +You can find more information about decentralized applications with examples in [What are decentralized applications?](https://hackernoon.com/what-are-decentralized-applications-dapps-explained-with-examples-7ff8f2c4a460 "What are decentralized applications?"). + +The next diagram shows a general Dapp architecture. + +![Dapp Architecture](/docs/images/general_architecture.png) + +Below, provide a description of each component. + +## Smart contracts + +In a nutshell, smart contracts are the terms of an agreement between two or more parties being directly written into lines of code that run on decentralized network. + +With smart contracts you don't require trust as in a trustless agreement. The smart contract is of public knowledge and is fully transparent so parties know what they are agreeing to. + +Another advantage of smart contracts is that you don't need to pay a middle person or organization to handle your agreements. + +To design smart-contract-based architectures, we encourage to read [Dapp Architecture Designs](https://github.com/ConsenSys/Ethereum-Development-Best-Practices/wiki/Dapp-Architecture-Designs "Dapp Architecture Designs"), which covers different ways to design smart contracts. + +After you have decided the design of your smart contracts, we encourage to use pre-built smart contracts from [OpenZeppelin](https://github.com/OpenZeppelin/openzeppelin-contracts). These contracts have security considerations which is very important when you are developing smart contracts. + +### Security on smart contracts + +In the [Hitchhiker's Guide](https://blog.openzeppelin.com/the-hitchhikers-guide-to-smart-contracts-in-ethereum-848f08001f05/ "Hitchhiker's Guide"), the author explains some problems that you should be aware of (and avoid): + +* [Reentrancy](http://hackingdistributed.com/2016/07/13/reentrancy-woes "Reentrancy"): Do not perform external calls in contracts. If you do, ensure that they are the very last thing you do. + +* [Send can fail](https://vessenes.com/ethereum-griefing-wallets-send-w-throw-considered-harmful/ "Send can fail"): When sending money, your code should always be prepared for the send function to fail. + +* [Loops can trigger gas limit](http://solidity.readthedocs.io/en/latest/security-considerations.html#gas-limit-and-loops): Be careful when looping over state variables, which can grow in size and make gas consumption hit the limits. + +* [Timestamp dependency](https://github.com/ConsenSys/smart-contract-best-practices#timestamp-dependence "Timestamp dependency"): Do not use timestamps in critical parts of the code, because miners can manipulate them. + +## Wallets + +In the context of blockchain, a wallet is a software, a hardware, or a combination of both that you can use to store cryptographic keys to keep them secure, and sign transactions with them. You can use these private keys on centralized and decentralized applications. + +To develop POCs you can use Metamask as wallet. However, an enterprise application can require integration with KeyVaults. Then, if you are considering to develop a wallet, we encourage you to review [this article](https://github.com/PegaSysEng/ethsigner/) where explain +[Eth Signer](https://github.com/PegaSysEng/ethsigner/ "Eth Signer"). + +Some mobile apps categorized as software wallets are already available to store the keys to sign on LACChain, such as KayTrust (by Everis). + +```The private keys never should go online or be shared with any third parties, not even for key recovery.``` + +## Backend + +When decentralized networks are scalable and robust enough, we could use them to store all the public information of our application, including its UI, business logic, and data. Until that becomes a reality, we need to add backend to our decentralized architectures. The responsabilities of the backend are: + +* Develop integrations with services and legacy systems. + +* Store large data and process big enough logic's application. The whole application and its business logic are stored somewhere, excluding the blockchain part wich is share with the other parties of the network. If you think to use IPFS as storage layer, it can't guarantee the accessibility of the files and you should deploy a node in IPFS network to rely on it. + +### Listening to events on a network + +In decentralized networks the communication is asynchronous. Therefore, it is natural that sometimes the transactions sent by dapps to the network are not processed. In order to know if our transaction was processed and resend it if not, we can start by listening to events in the network. + +To that purpose, we can benefit from the concept of smart contract events. Different libraries allow you to track/listen to events. This allows off-chain applications to be aware of what is happening in the blockchain. The events are triggered at any point of the smart contract. With this, it can be easily detected that a transaction/event has not been processed. + +In order to be able to resend those transactions/event that have been lost, it is necessary to build a custom back end to maintain the events sync process. Depending on your needs, the implementation can vary. Here we present one of the options to you build reliable Ethereum events delivery in terms of microservice architecture: + +![Event Consumer](/docs/images/event_consumer.png) + +1. Events sync backend service constantly pulls the network, trying to retrieve new events. Once there are some new events available, it sends these events to the message bus. + +2. The message bus (for example Kafka or RabbitMQ) routes the event to every topic/queue which was set up individually for each backend service. + +3. Event Consumers (other backend services) are subscribed to particular topics/queues that save especific events. When message(event) arrives, these consumers execute the particular logic. + +You can use [Eventeum](https://github.com/ConsenSys/eventeum) as your event's listener which permits adding kafka or rabbitMQ as message bus. + +### Publishing transactions + +To publish transactions there are a steps to be performed: + +1. Preparing the transaction. This step implies setting values for the following parameters: + * value is the quantity in ethers the address would send. + * data can be a new smart contract's code or function and parameters to call contract. + * gasPrice is the maximum price of gas you are willing to pay for this transaction. + * gasLimit is the maximum gas you are willing to pay for this transaction. + * nonce which you see here is not to be confused with the nonce that is used in the mining process. As it turns out, nonce for a transaction is a parameter that is used to maintain the order in which transactions are processed. + + ```So we have to take care that nonce value is correctly sent, without which the transaction fails.``` + +2. Signing the transacion. This step implies the usage of the private key to sign. You will want to embed this key on key vaults or assembly secure solution. + +3. Publish and republish the transaction. Is important to know that you transaction has a chance to get lost or dropped from the decentralized network. + +The next diagram describe architecture's components which possible they should be used. + +![Event Consumer](/docs/images/transaction_manager.png) + + The transaction manager is responsible for sending the transaction to the LACChain node as well as handling the possible errors that could occur if the transaction fails (whether due to gas, incorrect nonce, connection problem, etc). In cases of errors, the transaction manager has the responsibility to resend the transaction depending on the error occurred to ensure that the transaction passes correctly. This is normal, and is due to the asynchronous nature of the decentralized network. + + Additionally, if the node will receive too many transactions, which may not enter into the block, it is necessary that the transaction manager limits the number of transactions sent in a block. To this purpose, the transaction manager can lean on the message bus and obtain the amount of necessary transactions that can enter a block. + +You can use [Eth Signer](https://github.com/PegaSysEng/ethsigner/ "Eth Signer") to sing the transaction and store private keys in key vaults. + +## Design Patterns +#TODO# + diff --git a/instalacao-rbb-node/DEPLOY_APPLICATIONS.md b/instalacao-rbb-node/DEPLOY_APPLICATIONS.md new file mode 100755 index 00000000..5878e3e8 --- /dev/null +++ b/instalacao-rbb-node/DEPLOY_APPLICATIONS.md @@ -0,0 +1,320 @@ +# How to connect your application to the LACChain network + +This guide aims to give you an overview of some mainstream tools that you can use to deploy Smart Contracts, connect external applications and broadcast transactions to the LACChain Besu Network. + +## Truffle + +Ethereum Smart Contracts are pieces of code that can be deployed to the LACChain Besu Network and will live there in perpetuity. Although there are many ways to deploy your smart contracts, we recommend the use of Truffle. + +[Truffle](https://www.trufflesuite.com/docs/truffle/overview "Truffle Overview") is basically a development environment where you could easily develop smart contracts with it’s built-in testing framework, smart contract compilation and deployment, interactive console, and many more features. + +It's recommended for developers who want to build Javascript projects based on smart contracts (like Dapps). With Truffle you can have a better simulation of a real blockchain environment. + +### Install + +First, let's install truffle. + +>`npm install -g truffle` + +>`truffle version` + +Now we can create our project folder, which we will name **MyDapp**. + +>`mkdir MyDapp` + +>`cd MyDapp` + +With Truffle, you can create a bare project template, or use [Truffle Boxes](https://www.trufflesuite.com/docs/truffle/advanced/creating-a-truffle-box "Truffle Box Overview"), which are example applications and project templates. For this tutorial, we will start from scratch, so we execute the following command in our MyApp directory: + +>`truffle init` + +This command creates a bare Truffle project. After doing so, you should have the following files and folders: + +* contracts/: Directory for Solidity contracts +* migrations/: Directory for scriptable deployment +* test/: Directory for test files for testing your application and contracts +* truffle-config.js: Truffle configuration file + +### Contract Compilation + +Before anything else, let's create a very simple smart contract named **MyContract.sol** and store it in the contracts folder. All smart contracts you create should be stored there. + +Our smart contract will contain code that's as simple as this: + +```js + // We will be using Solidity version 0.5.12 + pragma solidity 0.5.12; + + contract MyContract { + string private message = "My First Smart Contract"; + + function getMessage() public view returns(string memory) { + return message; + } + + function setMessage(string memory newMessage) public { + message = newMessage; + } + } +``` +Basically, our smart contract has a variable named `message`, which contains a little message that is initilized as `My First Smart Contract`. Also we have two functions that can set or get that variable `message` + +To compile the smart contract, execute the command: + +>`truffle compile` + +### Contract Deployment + +#### Prerequisites + +First, we need to install the [truffle hdwallet-provider](https://github.com/trufflesuite/truffle/tree/develop/packages/hdwallet-provider) according to [Using Hyperledger Besu with Truffle](https://besu.hyperledger.org/en/stable/HowTo/Develop-Dapps/Truffle "Truffle with Besu") to be able to deploy contracts and send transactiones with truffle: + +>`npm install -g @truffle/hdwallet-provider` + +Now, we need to create a new file in the **migrations** directory. Then, create a new file named **2_deploy_contracts.js**, and write the following code: + +```js + var MyDapp = artifacts.require("MyContract"); + + module.exports = function(deployer){ + deployer.deploy(MyDapp); + }; +``` +Next, we need to edit the Truffle configuration (**truffle-config.js**). + +To briefly describe the parts that make up the configuration: + +* networks: Will hold the configuration of our Ethereum client where we will be deploying our contracts +* compilers: Will hold the configuration of Solc compiler + +Type your private key, network address IP node and RPC port in the networks part: + +```js + const HDWalletProvider = require("@truffle/hdwallet-provider"); + const privateKey = ""; + const privateKeyProvider = new HDWalletProvider(privateKey, "http://:"); + + module.exports = { + networks: { + development: { + host: "127.0.0.1", + port: 7545, + network_id: "*" + }, + lacchain: { + provider: privateKeyProvider, + network_id: "648629", + gasPrice: 0 + } + } + }; +``` +***NOTE: This is just an example. NEVER hard code production private keys in your code or commit them to git. They should always be loaded from environment variables or a secure secret management system.*** + +Truffle migrations are scripts that help us deploy our smart contract to the LACCHAIN network. Let's deploy it: + +>`truffle migrate -network lacchain` + +Finally you get the deployment report where you can see the address contract similar to this: + +```json + Deploying 'MyDapp' + -------------------- + transaction hash:0x31d91fa2524953e49cfc4c433ac939b56df8d9371fdde74c56a75634efcf823d + Blocks: 0 Seconds: 0 + contract address: 0xFA3F403BeC6D3dd2eF9008cf8D21e3CA0FD1B9C4 + block number: 4006082 + block timestamp: 1574190784 + account: 0xbcEda2Ba9aF65c18C7992849C312d1Db77cF008E + balance: 0 + gas used: 340697 + gas price: 0 gwei + value sent: 0 ETH + total cost: 0 ETH +``` + +## Web3 + +### Prerequisite + +* Node.js v8.10.0 +* Node package manager v5.6.0 + +Make sure **Node** and **NPM** are installed on your system. + +>`node -v`
`npm -v` + +Create a directory as MyFirstContract. + +>`mkdir MyFirstContract`
`cd MyFirstContract` + +Create a directory to save smartContracts under MyFirstContract directory. + +>`mkdir SmartContracts`
`cd SmartContracts` + +Create a package json to manage the dependencies. + +>`npm init` + +This command prompts you things such as the name and version of your application. You can simply hit RETURN to accept the defaults for most of them. + +Install web3.js. + +>`npm install --save web3` + +Install the [truffle hdwallet-provider](https://github.com/trufflesuite/truffle/tree/develop/packages/hdwallet-provider) + +>`npm install --save @truffle/hdwallet-provider` + +Install solc to compile the smart contracts. + +>`npm install --save solc@0.4.25` + +### Contract Compilation + +Create two more directories named Contracts and Build, and switch from the current directory to Contracts. + +>`mkdir Contracts`
`mkdir Build`
`cd Contracts` + +Create MyContract.sol file under Contracts directory and paste the code below: + +```js + // We will be using Solidity version 0.5.12 + pragma solidity 0.4.25; + + contract MyContract { + string private message = "My First Smart Contract"; + + function getMessage() public view returns(string memory) { + return message; + } + + function setMessage(string memory newMessage) public { + message = newMessage; + } + } +``` + +Now, create a compile.js file under SmartContracts folder and paste this code. + +```js +console.log("Compiling..."); +const path = require("path"); +const fs = require("fs-extra"); +const solc = require("solc"); +const buildPath = path.resolve(__dirname, "Build"); +fs.removeSync(buildPath); + +const contractPath = path.resolve(__dirname, "Contracts", "MyContract.sol"); + +const myContractSource = fs.readFileSync(contractPath, "utf8"); + +const output = solc.compile(myContractSource, 1).contracts; + +fs.ensureDirSync(buildPath); + +fs.outputJsonSync( + path.resolve(buildPath, "MyContract.json"), + output[":MyContract"] +); + +module.exports = output[":MyContract"]; +``` +The above code reads the contract file MyContract.sol, compiles it using solc compiler, and saves the output of contracts in the json file. + +### Contract Deployment + +Create a deploy.js file under SmartContracts directory and paste the below code inside the file. + +```js +console.log("Deploying..."); +const HDWalletProvider = require("@truffle/hdwallet-provider"); +const Web3 = require("web3"); +const { interface, bytecode } = require("./compile"); + +// list of 12 words key to connect account. You can get this key when you setup a MetaMask +var privateKey = ""; + +// Specify lacchain network node to connect to +var node = "http://:4545"; + +const provider = new HDWalletProvider(mnemonic, node, 1); +const web3 = new Web3(provider); + +const deploy = async () => { + const accounts = await web3.eth.getAccounts(); + const ABI = interface; + + const result = await new web3.eth.Contract(JSON.parse(ABI)) + .deploy({ + data: '0x'+bytecode + }) + .send({ from: accounts[0], gas: "3000000", gasPrice: "0" }); + + console.log("contract deployed to", result.options.address); +}; + +deploy(); +``` + +Run the command below at SmartContract directory to deploy MyFirstContract. + +>`node deploy.js` + +It takes some time for deployment. Once deployed, the address (where contract is deployed) is displayed on the terminal as below. + +`Deploying...`
+`Compiling...`
+`Initializing provider...`
+`['0xCC9a2ae1162D5de44E11363556c829D6c08f7dc9']`
+`contract deployed to 0xA4AdEcfACB87C3d7F6a8571c2f6Fe5AC5bB7a7cC` + +## Remix and Metamask + +You can use Remix as IDE and Metamask to deploy smart contracts to the network of LACChain. + +### Prerequisite + +Metamask is a browser extension that connects the browser to an LACChain node, allowing you to send transactions. + +You can install Metamask from [here](https://metamask.io/ "Metamask"). + +Remix is an IDE online, you can go to [Remix](https://remix.ethereum.org) and start writing smart contracts. + +### Contract Compile + +In Remix, create a new smart contract by clicking the plus button. Then, put "MyContract.sol" as name and paste this code. + +```js +// We will be using Solidity version 0.5.12 + pragma solidity 0.5.12; + + contract MyContract { + string private message = "My First Smart Contract"; + + function getMessage() public view returns(string memory) { + return message; + } + + function setMessage(string memory newMessage) public { + message = newMessage; + } + } +``` +Click on "Solidity Compiler" option in the left section. Change the compiler version to 0.5.12 and click on "Compile MyContract.sol" button. + +If the compilation works, you will see a green check on the "Solidity Compiler" option. + +### Contract Deployment + +Connect Metamask to one of your LACChain addresses. In Metamask, the dropdown menu for Networks lists several options; select custom RPC. In the settings menu, for ‘New RPC URL’, add the RPC server from your LACChain node, usually HTTP://:4545 + +Go back to Remix and click on "Deploy and run transactions" option. On the Environment option choose "Injected Web3". This option will connect to Metamask and your LACChain node too. + +Click on "Deploy" button. A window of Metamask will appear to ask your confirmation and sign the transaction. Click on the "Edit" link and then on the "Advanced" tab. Set the gas price to "0" and click on "Save" button. + +Finally click on "Confirm" button. The transaction will be send to the LACChain Network. If the contract is deployed, you will see a green check in log section of Metamask. In addition, contract deployed will appear in left section into "Deploy and transactions" section. + +## Additional + +If you want to interact with your deployed contract you could follow the follow tutorial [Send Transactions To LACCHAIN]() diff --git a/instalacao-rbb-node/DEPLOY_NODE.md b/instalacao-rbb-node/DEPLOY_NODE.md new file mode 100755 index 00000000..1332f9e9 --- /dev/null +++ b/instalacao-rbb-node/DEPLOY_NODE.md @@ -0,0 +1,266 @@ +# Deploy a LACChain-BNDES node + +* Below you will find instructions for the deployment of nodes using Ansible. This implies that it will be executed from a local machine on a remote server. The local machine and the remote server will communicate via ssh. + +* The installation with ansible provided is compatible with **Ubuntu 18.04** and **Centos7**. Despite of that, BNDES installed on **Red Hat**. If you want to deploy your node in a different operative system, you can go to the [documentation for Generic Onboarding](https://github.com/lacchain/bndes-network/blob/master/GENERIC_ONBOARDING.md). + +* You can view a video explaining how to do the steps below at: https://www.youtube.com/watch?v=uHyh3YQl_1A + + + +## Minimum System Requirements + +Recommended hardware features for the nodes in the test-net: + +* **CPU**: 2 cores + +* **RAM Memory**: 4 GB + +* **Hard Disk**: 60 GB SSD + +* **Operating System**: Ubuntu 16.04, Ubuntu 18.04, Centos7, always 64 bits + + +## Pre-requisites + +### Install Ansible ### + +For this installation we will use Ansible. It is necessary to install Ansible on a **local machine** that will perform the installation of the node on a **remote machine**. + +Following the instructions to [install ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) in your local machine. + +```shell +$ sudo apt-get update +$ sudo apt-get install software-properties-common +$ sudo apt-add-repository ppa:ansible/ansible +$ sudo apt-get update +$ sudo apt-get install ansible +``` + +### Clone Repository #### + +To configure and install Pantheon, you must clone this git repository in your **local machine**. + +Obs: The old name of Hyperldger Besu is Pantheon and this tutorial will use the two names as synonyms. + +```shell +$ git clone https://github.com/RBBNet/rbb.git +$ cd rbb/instalacao-rbb-node +``` + +### Obtain SSH access to your remote machine ### + +Make sure you have SSH access to the node you're setting up. This step will vary depending on your context (physical machine, cloud provider, etc.). This document assumes that you are able to log into your remote machine using the following command: `ssh remote_user@remote_host`. + +### Prepare installation of Oracle Java 11 ### + +* It is a requisite for Pantheon to install Java 11 in its LATEST version. Since Java cannot be downloaded directly, you must follow the next steps to install it: + 1. Download the correspondent java tar.gz(for ubuntu) or java .rpm(for centos) file from https://www.oracle.com/technetwork/java/javase/downloads/jdk11-downloads-5066655.html. Oracle will request that you create an account before downloading the package. + 2. Once the file is downloaded, send the Oracle java11 package to your remote machine by using SCP Linux command: + ```shell + $ scp /your/local/path/to/downloaded/jdk-11.0.x_linux-x64_bin.tar.gz remote_user@remote_host: + ``` + If your VM is Centos7 then use: + ```shell + $ scp /your/local/path/to/downloaded/jdk-11.0.x_linux-x64_bin.rpm remote_user@remote_host: + ``` + 3. Log into your remote machine by using something like this: + ```shell + $ ssh remote_user@remote_host + ``` + 4. On the remote machine, for Ubuntu VMs: Create the JDK folder and move the JDK to it: + ```shell + $ sudo mkdir -p /var/cache/oracle-jdk11-installer-local + $ sudo cp jdk-11.0.x_linux-x64_bin.tar.gz /var/cache/oracle-jdk11-installer-local/ + ``` + If the VM is Centos7 then execute: + ```shell + $ sudo rm -rf /usr/local/src/jdk*linux-x64_bin.rpm + $ sudo cp jdk-11.0.x_linux-x64_bin.rpm /usr/local/src + ``` + 5. Before leaving, it's a good idea to run an APT update: + ```shell + $ sudo apt update + ``` + Or in Centos7 OS: + ```shell + $ sudo yum update + ``` + +## Besu Installation ## + +### Preparing installation of a new node ### + +* There are three types of nodes (Bootnode / Validator / Writer) that can be created in the Pantheon network at this moment. + +* After cloning the repository on the **local machine**, enter it and create a copy of the `inventory.example` file as `inventory`. Edit that file to add a line for the remote server where you are creating the new node. You can do it with a graphical tool or inside the shell: + + ```shell + $ cd lacchain/ + $ cp inventory.example inventory + $ vi inventory + [writer] # or [validators] or [bootnodes] depending on its role + 192.168.10.72 node_ip=your.public.node.ip password=abc node_name=my_node_name node_email=your@email + ``` + +Consider the following points: +- Place the new line in the section corresponding to your node's role: `[writer]`, `[validators]` or `[bootnodes]`. +- The first element on the new line is the IP or hostname where you can reach your remote machine from your local machine. +- The value of `password` is the password that will be used to set up Orion, for private transactions (not used in RBB). +- The value of `node_name` is the name you want for your node in the network monitoring tool. +- The value of `node_email` is the email address you want to register for your node in the network monitoring tool. It's a good idea to provide the e-mail of the technical contact identified or to be identified in the registration form as part of the on-boarding process. +- If you have an internal proxy, please fill the value of `http_proxy` and `https_proxy` vars. + +### Deploying the new node ### + +* To deploy a **boot node** execute the following command in your **local machine**. If needed, don't forget to set the private key with option `--private-key` and the remote user with option `-u`: + + ```shell + $ ansible-playbook -i inventory --private-key=~/.ssh/id_rsa -u remote_user site-lacchain-bootnode.yml + ``` + +* To deploy a **validator node** execute the following command in your **local machine**. If needed, don't forget to set the private key with option `--private-key` and the remote user with option `-u`: + + ```shell + $ ansible-playbook -i inventory --private-key=~/.ssh/id_rsa -u remote_user site-lacchain-validator.yml + ``` + +* To deploy a **writer node** execute the following command in your **local machine**. If needed, don't forget to set the private key with option `--private-key` and the remote user with option `-u`: + + ```shell + $ ansible-playbook -i inventory --private-key=~/.ssh/id_rsa -u remote_user site-lacchain-writer.yml + ``` + +* Obs.: Ansible uses SSH to make the connection. .shh/id_rsa is the private key file to enable your local machine accesses the remote machine. + +* At the end of the installation, if everything worked a PANTHEON service will be created in the case of a **validator node** managed by Systemctl with **stopped** status. + +Don't forget to write down your node's "enode" from the log by locating the line that looks like this: +``` +TASK [lacchain-validator-node : print enode key] *********************************************** +ok: [x.x.x.x] => { + "msg": "enode://cb24877f329e0e3fff6c7d7b88d601b698a9df6efbe1d91ce77130f065342b523418b38cb3c92ea3bcca15344e68c7d85a696eb9f8c0152c51b9b7b74729064e@a.b.c.d:60606" +} +``` + +* If everything worked, an ORION service and a PANTHEON service managed by Systemctl will be created with **stopped** status. +* After installation has finished you will have nginx installed on your machine; it will be up and running and will allow secure and encrypted RPC connections (on the default 443 port). Certificates used to create the secure connections are self signed; it is up to you decide another way to secure RPC connections or continue using the provided default service. + +## Node Configuration + +### Configuring the Besu node file ### + +The default configuration should work for everyone. However, depending on your needs and technical knowledge you can modify your local node's settings in `/root/lacchain/config.toml`, e.g. for RPC access or authentication. Please refer to the [reference documentation](https://docs.pantheon.pegasys.tech/en/1.2.0/Configuring-Pantheon/Using-Configuration-File/). + +### Start up your node ### + +Once your node is ready, you can start it up with this command in **remote machine**: + +```shell +$ service pantheon start +``` + +### Node Operation ### + + * If you need to restart the services, you can execute the following commands: + +```shell +$ service pantheon restart +``` + +### Updates ### + * You can update **Besu**, by preparing your inventory as described below. + + * Note that an update will not remove any data from the blockchain itself. It is only an update on software programs. + + ```shell + [writer] #here put the role you are gong to update + 35.193.123.227 + ``` + + Optionally you can choose the sha_commit of the version you want to update refered to Orion; with Besu is is only neede to specify the version: + ```shell + [writer] #here put the role you are gong to update + 35.193.123.227 besu_release_version='1.4.4' orion_release_version='1.5.2' + ``` + Current Besu versions obtained from: https://pegasys.tech/solutions/hyperledger-besu/ + Tested BESU versions: + 1.4.4 + 1.3.6 + + Current orion commit sha versions obtained from: https://github.com/PegaSysEng/orion/releases + Tested orion versions: + 1.5.2 + 1.3.2 + 1.4.0 + + Replace the ip address with your node ip address. + + Now according to the role your node has, type one of the following commands on your terminal: + ```shell + $ ansible-playbook -i inventory --private-key=~/.ssh/id_ecdsa -u remote_user site-lacchain-update-writer.yml + ``` + + ```shell + $ ansible-playbook -i inventory --private-key=~/.ssh/id_ecdsa -u remote_user site-lacchain-update-bootnode.yml + ``` + + ```shell + $ ansible-playbook -i inventory --private-key=~/.ssh/id_ecdsa -u remote_user site-lacchain-update-validator.yml + ``` + +## Clock + +Ensure that the clock of your institution is synchronizing with trustful online NTP servers. +BNDES is synchronizing with NTP.Br. + +## Checking your connection + +Once you have been permissioned, you can check if your node is connected to the network properly. + +Check that the node has stablished the connections with the peers: + +```shell +$ sudo -i +$ curl -X POST --data '{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":1}' localhost:4545 +``` + +You should get a result like this: + +![Connections](/docs/images/log_connections.PNG) + +Now you can check if the node is syncing blocks by getting the log of the last 100 blocks: + +```shell +$ tail -100 /root/lacchain/logs/pantheon_info.log +``` + +You should get something like this: + +![Log of latest blocks](/docs/images/log_blocks.PNG) + +If any of these two checks doesn't work, try to restart the pantheon service: + +```shell +$ service pantheon restart +``` + +You can also check the connection using [Besu Health Check](https://github.com/lacchain/besu-healthcheck) + +If that doesn't solve the problem, contact us at blockchaingov@bndes.gov.br. + +## Contact + +For any issues, you can either go to [issues](https://github.com/lacchain/bndes-network/issues) or e-mail us at blockchaingov@bndes.gov.br. Any feedback is more than welcome! + +  +  + +**LICENSE** + +
Creative Commons License
+ +This work is licensed under a [license](http://creativecommons.org/licenses/by-nc/4.0/) + +  +  diff --git a/instalacao-rbb-node/GENERIC_ONBOARDING.md b/instalacao-rbb-node/GENERIC_ONBOARDING.md new file mode 100755 index 00000000..b6f75f4f --- /dev/null +++ b/instalacao-rbb-node/GENERIC_ONBOARDING.md @@ -0,0 +1,70 @@ +## Generic Onboarding + +This documentation is to provide instructions for the deployment of a node on the LACChain Besu Network with any operative system. If you are using Ubuntu 18.x or Centos7, we recommend you to follow the [installation with ansible](https://github.com/lacchain/besu-network/blob/master/README.md). + +To follow pre-requisites and install Hyperledger Besu you can see the [documentation provided byt Hyperledgger Besu](https://besu.hyperledger.org/en/stable/HowTo/Get-Started/Install-Binaries/). + +First, make sure you have installed Besu: +```shell +$ besu --version +``` + +Before creating a net network, create a folder to store the chain and configuration files: +```shell +$ mkdir -p lacchain/data +``` +Once you hace installed Besu, you can see [the docuymentation provided by Hyperledger Besu](https://besu.hyperledger.org/en/stable/Tutorials/Private-Network/Create-IBFT-Network/) to set up your Besu node: + +Now you can [download the genesis.json file](https://github.com/lacchain/pantheon-network/blob/master/roles/lacchain-validator-node/files/genesis.json.) and store it at **lacchain/data**. + +As a reference, you can follow this configuration for your config.toml: + +```shell +# RPC +rpc-http-enabled=true +graphql-http-enabled=true +rpc-ws-enabled=true +rpc-http-port=80 +graphql-http-port=4547 +rpc-ws-port=4546 +rpc-http-api=["ETH","NET","IBFT","EEA","PERM","PRIV"] +## Uncomment the following lines to allow RPC from remote locations (risky) +host-whitelist=["*"] +rpc-http-host="0.0.0.0" +rpc-ws-host="0.0.0.0" +graphql-http-host="0.0.0.0" +rpc-http-cors-origins=["*"] + +# Orion +privacy-enabled=true +privacy-url="http://127.0.0.1:4444" +privacy-public-key-file="your_path_to/lacchain/orion/keystore/nodeKey.pub" + +# Networking +p2p-host="put_your_ip_here" +p2p-port=60606 +``` + +To start Hyperledger Besu make sure you have the following configuration in your starting script: + +```shell +$ besu --data-path your_path_to/lacchain/data --genesis-file=your_path_to/lacchain/data/genesis.json --network-id 648629 --permissions-nodes-contract-enabled --permissions-nodes-contract-address=0x0000000000000000000000000000000000009999 --config-file=your_path_to/lacchain/config.toml --bootnodes="enode://9636ad55b62cd519bcc9c738516e6c51906565c43e1aa14d779f027f78171f245750ce524dbdec0d7945d8b49d6e550f0c9bae91b39f13fbfb668ddfb370ea85@23.251.144.110:60606","enode://fead4eeea1f1cce8bf1f3ad955d8504aaecda86a1b8850294386ebc5179e60959c208fbe8fb7294b4f7d87b1dafb4863be83096e9fca2be7c03f89e461bafa71@35.229.76.38:60606","enode://26c79b1c307a40b14f86a020590703aa60ecd20c5faca9ddfc2a2513a25c1976c3fb37dadecc18162134e408d17ae9421b22dd30f09600f288a1ce8cc37a7b29@35.247.241.166:60606","enode://916b8cc76db4a19035a352976622bf0c2185d36af83c11eabcf387372fccfb6aacb47e9ce0ba6e331436ce8fe8faa00547b1a7074d02865a0fbe42f75e3a4b06@35.197.76.152:60606" +``` + +Hyperledger Besu supports private transactions. In order to perform those transactions, it's necessary to install the private transaction manager Orion. You can follow the steps to install Orion [from the documentation by Pegasys](https://docs.orion.pegasys.tech/en/latest/Installation/Install-Binaries/). + +Before starting the network make sure you have installed Orion: +```shell +$ orion --version +``` + +To configure and start an Orion node, follow the documentation by [Hyperledger](https://besu.hyperledger.org/en/stable/Tutorials/Privacy/Configuring-Privacy/). + +Before starting the Orion transaction manager make sure you specify the following orion bootnodes as part of your orion.conf configuration file: + +```shell +#!/bin/bash +#... +#... +othernodes = ["http://23.251.144.110:4040/", "http://35.229.76.38:4040", "http://35.247.241.166:4040", "http://35.197.76.152:4040"] +``` diff --git a/instalacao-rbb-node/LICENSE.md b/instalacao-rbb-node/LICENSE.md new file mode 100755 index 00000000..b9b9d2a6 --- /dev/null +++ b/instalacao-rbb-node/LICENSE.md @@ -0,0 +1,176 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS \ No newline at end of file diff --git a/instalacao-rbb-node/NODE_AGREEMENT.md b/instalacao-rbb-node/NODE_AGREEMENT.md new file mode 100755 index 00000000..1b2a8290 --- /dev/null +++ b/instalacao-rbb-node/NODE_AGREEMENT.md @@ -0,0 +1,15 @@ +# REGISTRATION AGREEMENT FOR NODE DEPLOYMENT + +We understand that this is an agreement form required for the deployment of nodes in the LACChain Blockchain Networks at Test-Net stages. + +The entity accountable for the deployment of the nodes will be ___NAME_OF_THE_ENTITY_____ residing at _____ADDRESS_____. The technical person responsible for the administration of the nodes will be __NAME____ reachable at the e-mail address ____E-MAIL_ADDRESS_____ and at the phone number ____PHONE_NUMER_INCLUDING_COUNTRY_CODE____. The point of contact from your organization for communications of general purpose related to LACChain will be __NAME____ reachable at the e-mail address ____E-MAIL_ADDRESS_____ and at the phone number ___PHONE_NUMER_INCLUDING_COUNTRY_CODE____. + +We hereby declare that we have read and agree with the [Terms and Conditions for LACChain Test Networks for Writer Nodes](https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_WRITER_NODE.md), and the [Terms and Conditions for LACChain Test Networks for Validator Nodes](https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_VAL_NODE.md). + +Signature: + +Name: + +Date: + +Place: diff --git a/instalacao-rbb-node/PERMISSIONING_PROCESS.md b/instalacao-rbb-node/PERMISSIONING_PROCESS.md new file mode 100755 index 00000000..ce44cd71 --- /dev/null +++ b/instalacao-rbb-node/PERMISSIONING_PROCESS.md @@ -0,0 +1,26 @@ +# PERMISSIONING PROCESS + +As public blockchain networks, LACChain Test Networks are open to any entity in Latin America and the Caribbean. As permissioned networks, entities must be authenticated and commit to comply with law, policies, and regulations in order to be permissioned. + +### WRITER NODES + +For an entity to be permissioned to run a writer node, it is required to follow the following steps: + +1. Read, understand and agree with the [Terms and Conditions for Writer Nodes for LACChain Test Networks](https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_WRITER_NODE.md) that includes the Privacy Policy, and the Forbidden Use Cases as annexes. +2. Fill the [Node Agreement](https://github.com/lacchain/besu-network/blob/master/NODE_AGREEMENT.md) and send it signed to info@lacchain.net (as a PDF). +3. Follow the [instructions](https://github.com/lacchain/pantheon-network/blob/master/DEPLOY_NODE.md) to deploy a writer node, and send us the enode you get at the end of the process to info@lacchain.net to permission your node. + + +### VALIDATOR NODES + +For an entity to be permissioned to run a validator node, it is required to follow the following steps: + +1. Become a partner of the LACChain Alliance. +2. Read, understand and agree with the [Terms and Conditions for Writer Nodes for LACChain Test Networks](https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_WRITER_NODE.md) that includes the Privacy Policy, and the Forbidden Use Cases as annexes. +3. Fill the [Node Agreement](https://github.com/lacchain/besu-network/blob/master/NODE_AGREEMENT.md) and send it signed to info@lacchain.net (as a PDF). +4. Follow the [instructions](https://github.com/lacchain/pantheon-network/blob/master/DEPLOY_NODE.md) to deploy a validator node, and send us the enode you get at the end of the process to info@lacchain.net to permission your node. + + + + + diff --git a/instalacao-rbb-node/README.md b/instalacao-rbb-node/README.md new file mode 100755 index 00000000..2ff706c0 --- /dev/null +++ b/instalacao-rbb-node/README.md @@ -0,0 +1,41 @@ +# LACChain - BNDES Network # + +This repository is created as part of the relationship between LACChain Alliance and Banco de desarrollo de Brazil - BNDES to deploy a Public-Permissioned Blockchain Network maintained by both parts in order to develop and execute a different type of projects. + +## Introduction + +* LACChain Test Networks are DLT infrastructure developed, maintained and provided by the [LACChain Alliance](https://www.iadb.org/en/news/global-alliance-promote-use-blockchain-latin-america-and-caribbean). These networks are classified as public-permissioned blockchain infrastructure, according to the standard [ISO/TC 307](https://www.iso.org/committee/6266604.html). + +* As public blockchain networks, LACChain Networks are open to any entity in Latin America and the Caribbean. As permissioned networks, entities must be authenticated and commit to comply with the law in order to be permissioned. The [permissioning process](https://github.com/lacchain/pantheon-network/blob/master/PERMISSIONING_PROCESS.md) involves filling a very short [registration agreement form](https://github.com/lacchain/besu-network/blob/master/NODE_AGREEMENT.md). By using the network, you implicitly accept that you have read and understood the terms of reference, and you agree with them. + +* The nodes of LACChain DLT public-permissioned networks can be classified into two groups, according to their relevance for the functioning of the network. The two groups are core and satellite nodes. In each of these two groups there are also two different types of nodes, according to the specific taks they can perform. Core nodes are grouped in validator and boot nodes, and satellite nodes are classified into writer and observer nodes. For more information you can go to [Topology and Architecture](https://github.com/lacchain/pantheon-network/blob/master/TOPOLOGY_AND_ARCHITECTURE.md). + +* This LACChain Test Network uses [Hyperledger Besu](https://www.hyperledger.org/projects/besu), an open-source, mainnet compatible, Java based, and Apache 2.0 licensed Ethereum client. For more information you can read the [code](https://github.com/hyperledger/besu) and the [documentation](https://github.com/hyperledger/besu-docs). + +* This LACChain Besu network uses [IBFT2.0](https://docs.pantheon.pegasys.tech/en/latest/Consensus-Protocols/IBFT/) consensus protocol for the validation of transactions and generation of new blocks. + +* We are developing different monitoring tools to show the performance and activity of the network. Currently, we have available the [EthStats](http://dashboard.lacchain.net/) and the [Transaction Explorer](http://explorer.lacchain.net/). We will be providing more dashboards and monitoring tools soon. + +* We have created two guides to help you [Deploy your Dapp on LACChain](https://github.com/lacchain/besu-network/blob/master/DEPLOY_APPLICATIONS.md) and [provide your Dapp with a suitable archiecture](https://github.com/lacchain/besu-network/blob/master/DAPP_ARCHITECTURE.md). + +* We are developing different free tools on LACChain that you can use or replicate. At present, you can enjoy our [LACChain Notarizer](https://notarizer.lacchain.net/) that allows you to prove that a document or a file has not been modified over time. It uses our open source [credentail server](https://github.com/lacchain/credential-server) and [hashing service](https://github.com/lacchain/hashing-service). If you have any questions, you can [check the FAQ](https://medium.com/@lacchain.official/lacchain-notarizer-faq-6ae3dbb3441e). + +* We have also develop some services that allow to check that your nodes are working properly. The [Besu Health Check](https://github.com/lacchain/besu-healthcheck) helps users test interactions with a Besu node by accessing it through RPC. [Node Health Check](https://github.com/lacchain/node-health-check) can be used to guarante availability of the orion transaction manager. These two services are automatically deployed when using the Ansible installation provided below in this document. + +## Deploy a Full Node + +* To deploy you node for free and use the LACChain Blockchain Network, go [HERE](https://github.com/lacchain/besu-network/blob/master/DEPLOY_NODE.md). + +## Copyright 2020 LACChain + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/instalacao-rbb-node/TERMS_AND_COND_VAL_NODE.md b/instalacao-rbb-node/TERMS_AND_COND_VAL_NODE.md new file mode 100755 index 00000000..332ebdf7 --- /dev/null +++ b/instalacao-rbb-node/TERMS_AND_COND_VAL_NODE.md @@ -0,0 +1,170 @@ +**TERMS AND CONDITIONS OF USE +LACCHAIN TEST NETWORK +VALIDATOR NODES** + +**PLEASE READ THESE TERMS AND CONDITIONS OF USE (THIS “AGREEMENT”) CAREFULLY. IT IS A LEGAL AND BINDING CONTRACT BETWEEN YOU AND THE INTER-AMERICAN DEVELOPMENT BANK (“IDB”). THIS AGREEMENT APPLIES TO USE THE LACCHAIN TEST NETWORK AND THE CAPABILITIES AND INFORMATION MADE AVAILABLE TO YOU THROUGH ITS USE. BY CONTINUING WITH THE INSTALLATION PROCESS, YOU AGREE THAT YOU UNDERSTAND THIS AGREEMENT AND AGREE TO BE BOUND BY IT IN ITS ENTIRETY. IF YOU ARE REGISTERING TO USE THE LACCHAIN TEST NETWORK ON BEHALF OF AN ORGANIZATION OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND THE LEGAL ENTITY, AND THAT THE LEGAL ENTITY IS DULY ORGANIZED, VALIDLY EXISTING AND IN GOOD STANDING. YOU FURTHER AGREE THAT THE LEGAL ENTITY WILL BE BOUND BY AND RESPONSIBLE FOR ANY BREACH OF THIS AGREEMENT. IF YOU DO NOT AGREE WITH ANY OF THE TERMS OF THIS AGREEMENT, YOU MUST IMMEDIATELY DISCONTINUE YOUR USE OF THE LACCHAIN TEST NETWORKS.** + +LACCHAIN TEST NETWORK ("LACCHAIN TEST NETWORK") is a blockchain test network established by the IDB. The IDB is an international organization established by its member countries pursuant to the Agreement Establishing the Inter-American Development Bank. The purpose of the IDB is to further the economic and social development of Latin America and the Caribbean. The LACCHAIN TEST NETWORK provide services that enable the entity operating a validator node to participate in the consensus protocol of the network. The LACCHAIN TEST NETWORK is for the benefit of users who have registered on the LACCHAIN TEST NETWORK (“Users”). Users will have access to and use of facilities of the LACCHAIN TEST NETWORK. Upon your agreement to this Agreement and the acceptance by IDB of your registration (“Registration”), you will become a User for the purpose of this Agreement. The LACCHAIN TEST NETWORK seek to provide infrastructure services for testing deployment of proof-of-concept use cases or testing applications using blockchain technologies. + +**LACCHAIN TEST NETWORKS REGISTRATION** +In order to access the full functionality of the LACCHAIN TEST NETWORK, you must register as a User through any means offered on the LACCHAIN TEST NETWORK. As part of the registration process to became a user, you are required to (i) be a partner of the IDB for the LACChain program, (ii) identify a contact person in your organization to be responsible for the administration of the node that can be reachable for any technical issue, (iii) identify a contact person for communications of general purpose between the IDB and the User, (iv) indicate if any entity other than the User will have access to the User’s validator node. If your registration is accepted, you will be assigned a user identification code ("User Identification"). You will have access to various Content and system resources associated with your User Identification as determined by IDB in its sole discretion, which may include designated directories, designated contact person, web pages, e-mail or other capabilities, information storage, and/or types of transactional data to be sent to the network, and which may be changed, terminated, increased or decreased by IDB, at its sole discretion, from time to time. The use of pseudonyms, aliases or other devices to conceal your identity is strictly forbidden and grounds for the immediate termination of the authorization of your User Identification. You also acknowledge that you solely assume any and all liability for any Content that is provided using your User Identification. You are solely responsible for the activity that occurs through your User Identification, including the transactions you accept and reject, and you must keep your User Identification passwords secure. You shall notify IDB immediately of any breach of security or unauthorized use of your User Identification. You shall not use any User Identification without the permission of the relevant User. Although IDB will not be liable for your losses caused by any unauthorized use of your User Identification, you may be liable for the losses of IDB or others due to such unauthorized use. IDB will notify users about any personal information data security breach or intrusion made by third parties. +The LACCHAIN TEST NETWORK and the Services are provided for professional use only and in registering as a User, you acknowledge that the Services and any Content may not be used for personal, family, or household purposes. +The LACCHAIN TEST NETWORK and the Services are provided by IDB for free and solely as an accommodation. IDB reserves the right to discontinue the LACCHAIN TEST NETWORK and the Services, in whole or in part, to accept or deny any Registration, and to terminate any Registration and its associated User Identification, at any time in its sole discretion for any reason or no reason. + +**CONSENSUS PROTOCOL AND TRANSACTIONAL DATA** +Validator nodes are required to participate in the consensus protocol of the LACCHAIN TEST NETWORK and must not veto or blacklist any transaction or transactional data sent by any other node except if it is believed that the transaction or transactional data might be violating the Terms and Conditions for LACChain Test Networks for Writer Nodes or the Terms and Conditions for LACChain Test Networks for Validator Nodes. If you decide to reject a transaction, you must immediately communicate it to the IDB via email from one of the contact persons designated within your entity. + +Validator nodes are not allowed to generate any transactional data to be sent to the LACCHAIN TEST NETWORK. + +**DATA PROVIDED TO THE LACCHAIN TEST NETWORK** +You will provide data or information about the administration, operation and performance of your node in connection to the LACCHAIN TEST NETWORK. You will provide information about the entities and point of contacts directly responsible for your node. You will provide information about the activity of your node, including performance and the transactions from third parties accepted or rejected. You hereby grant to IDB a nonexclusive, irrevocable, worldwide, perpetual, assignable, sublicensable, transferable, royalty-free right to copy, prepare derivative works, distribute, transmit, display, publish, retain, translate, analyze, and use (including alone and in collective works), in any way now known or in the future discovered, any data or information you provide directly or indirectly in connection with the administration, operation and performance of your validator node, and to publish your name in connection with these data and information, without any further consent of or notice to you or to any third party. All of the foregoing rights are referred to as the “License”. The License includes the right of IDB to authorize Users and other third parties on a royalty-free basis to copy, distribute, and otherwise exploit these data, including the right of Users and such other third parties to authorize the same. Unless you have a separate written agreement with IDB to provide services to IDB for compensation, no compensation will be paid to you or any third party with respect to the use of the data and information in connection with the administration, operation and performance of your validator node and the License as provided herein. + +You understand and agree that IDB may, but has no obligation to, monitor, review, evaluate, edit, filter or validate any Content. IDB also has no obligation to verify the identity of the persons who register on the LACCHAIN TEST NETWORK or to monitor the use of the Services. IDB will not be a party to or in any way be responsible for monitoring any activity of your validator node. IDB reserves the right to deny, restrict, suspend or terminate your access to all or any part of the LACCHAIN TEST NETWORK or the Services at any time, if IDB suspects that this terms of reference might have been violated, with or without prior notice or explanation, and without liability. For avoidance of doubt, IDB has no obligation to store, maintain or provide you a copy of any Content or Submission that you or other Users provide when using the Services, whether during the term of your Registration or upon or after its termination. You are solely responsible for making backup copies of the transactional data and any electronic communications sent or received by you using the Services. + +**INFORMATION, FEEDBACK AND CONFIDENTIALITY** +LACCHAIN TEST NETWORK, any information relating to the testing progress and results, the Feedback, any product-related information and any other proprietary technology or know-how provided to you in whatever form by IDB in connection with testing and evaluation of LACCHAIN TEST NETWORK is considered confidential ("Confidential Information"). +You will keep, and ensure that any persons, firms, companies or organizations associated with you keep all Confidential Information confidential and not disclose it to any person unless permitted under this clause. This confidentiality obligation does not apply to the disclosure of Confidential Information which: (a) is or comes into public domain, except through breach of the confidentiality obligation under this clause; (b) comes lawfully into your possession from a third party who is not bound by a confidentiality obligation relating to such Confidential Information; (c) is required to be disclosed by any court of competent jurisdiction or any competent judicial, governmental, supervisory or regulatory body, or any law, provided that you will promptly notify IDB in writing; or (d) is disclosed by you with IDB prior written consent. +UNDER NO CIRCUMSTANCES MAY ANY INFORMATION ABOUT THE TESTING PROGRESS AND/OR RESULTS BE PROVIDED TO PERSONS THAT ARE NOT INVOLVED IN THE TESTING PROCESS. ANY PUBLICATION OF TESTING RESULTS, REVIEWS OR EVALUATIONS IS ONLY PERMITTED WITH THE PRIOR WRITTEN CONSENT OF THE IDB. +You will give IDB Feedback about LACCHAIN TEST NETWORK consisting of, without limitation, your suggestions, comments or any other feedback, whether it is required or provided voluntarily. If you provide IDB with any Feedback, as part of the testing and evaluation of LACCHAIN TEST NETWORK, you agree that: (a) IDB may freely use, disclose, reproduce, license, distribute and otherwise commercialize the Feedback in any product, specification or other documentation; and (b) you will not give IDB any Feedback (i) that you have reason to believe is subject to any patent, copyright, or other intellectual property claim or right of any third party; or (ii) that is subject to license terms that seek to require any IDB product incorporating or derived from any Feedback, or other IDB intellectual property, to be licensed to or otherwise shared with any third party; and (iii) no compensation will be paid to you or any third party with respect to the provision of feedback. + +**LIABILITY** +IDB reserves its rights to unilaterally deny or revoke access to the LACCHAIN TEST NETWORK. A list of prohibited activities in included as annex A. You are providing information on a contact person responsible for the use on the validator node in your entity. Should the User intend to make any changes related to the contact persons, the third parties using the validator node or any other matter that affects these Terms and Conditions, it must be communicated to and approved by the IDB. + +AS SERVICE CONTINUITY OF VALIDATOR NODES IS ESSENTIAL FOR THE STABILITY OF THE LACCHAIN TEST NETWORK, IF YOU PLAN TO DISCONNECT YOUR VALIDATOR NODE YOU ARE REQUIRED TO NOTIFY WITH AT LEAST FIVE (5) LABOR DAYS VIA EMAIL FROM ONE OF THE CONTACT PERSONS DESIGNATED BY YOUR ENTITY TO MARCOSAL@IADB.ORG AND ALEJANDROPA@IADB.ORG. +YOU WILL BE ENTIRELY RESPONSIBLE FOR THE OPERATION OF THE VALIDATOR NODE AND THE USE OF LACCHAIN INFRASTRUCTURE. UNDER NO CIRCUMSTANCE YOU WILL TRANSFER OR DELEGATE RESPONSIBILITY TO OTHERS. IF THE USER DESIRES TO ALLOW ANY THIRD PARTY TO USE THEIR VALIDATOR NODE, THE USER (I) MUST NOTIFY THE IDB, (II) MUST BE AUTHORIZED BY THE IDB, AND (III) WILL TAKE FULL RESPONSIBILITY FOR ANY USE OF THEIR VALIDATOR NODE BY THE THIRD PARTY. +You, as an operator of a validator node, are not responsible for any data or transactions sent to the network by any other node even if that information might violate the Terms and Conditions for LACChain Test Networks for Writer Nodes or the Terms and Conditions for LACChain Test Networks for Validator Nodes except if you have contributed, or are involved or related directly or indirectly to those transactions or the node that generated them. + +**TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IDB, FOR ITSELF AND ITS AFFILIATES, HEREBY DISCLAIMS ANY AND ALL WARRANTIES WITH RESPECT TO ANY AND ALL CONTENT, FEATURES AND FUNCTIONS MADE AVAILABLE ON OR THROUGH THE LACCHAIN TEST NETWORK, INCLUDING WITHOUT LIMITATION ANY AND ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, ACCURACY OF DATA AND NONINFRINGEMENT. THE LACCHAIN TEST NETWORK IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. IDB IS NOT RESPONSIBLE FOR AND MAKES NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO, DELIVERY, INTEGRITY OR VISIBILITY TO THIRD PARTIES OF ANY MESSAGES OR OTHER INFORMATION SENT THROUGH THE LACCHAIN TEST NETWORKS TO ANYONE. IDB AND ITS AFFILIATES ARE NOT RESPONSIBLE FOR AND DO NOT WARRANT, GUARANTEE, RECOMMEND, OR ENDORSE, AS APPLICABLE (i) THE ACCURACY, QUALITY OR EFFECTIVENESS OF ANY CONTENT, INCLUDING ANY SUBMISSION BY ANY USER, (ii) ANY TRANSLATION OF ORIGINAL CONTENT, (iii) THE SUCCESS OF ANY PROJECT OR COLLABORATION WITH ANOTHER USER OR OTHER THIRD PARTY THAT MAY RESULT FROM A SUBMISSION OR FROM INTERACTIONS WITH OTHER USERS OR THIRD PARTIES, or (iv) THAT THE LACCHAIN TEST NETWORK OR THE SERVICES WILL FUNCTION WITHOUT INTERRUPTION OR ERRORS IN FUNCTIONING. IN PARTICULAR, THE OPERATION OF THE LACCHAIN TEST NETWORK AND THE SERVICES MAY BE INTERRUPTED DUE TO MAINTENANCE, UPDATES, OR SYSTEM OR NETWORK FAILURES. IDB DISCLAIMS ANY AND ALL LIABILITY FOR DAMAGES CAUSED BY ANY SUCH INTERRUPTION OR ERRORS IN FUNCTIONING. +IDB EXPRESSLY MANIFESTS THAT THE LACCHAIN TEST NETWORK IS NOT A FINAL SERVICE AND, AS SUCH, MAY PRODUCE OR CONTAIN VARIOUS ERRORS, DEFECTS AND THEY MAY BE UNSTABLE. WE DO NOT RECOMMEND INSTALLING OR USING LACCHAIN TEST NETWORK’S SOFTWARE AND PROTOCOLS OTHER THAN FOR TESTING PURPOSES. FURTHERMORE, WE DO NOT RECOMMEND USING THE LACCHAIN TEST NETWORK UNLESS YOU ARE AN EXPERIENCED USER. +IDB DOES NOT GUARANTEE TO PROVIDE ANY UPDATES TO LACCHAIN TEST NETWORK, ANY UPDATED MALWARE SIGNATURES OR ANY OTHER UPDATED CONTENT UTILIZED BY LACCHAIN TEST NETWORK (SUCH AS VIRUS AND SPYWARE DEFINITIONS, ANTI-SPAM RULES, URL LISTS, FIREWALL RULES, VULNERABILITY DATA OR LISTS OF AUTHENTICATED WEB PAGES) ("UPDATES"). HOWEVER, SHOULD IDB IN ITS SOLE DISCRETION PROVIDE YOU WITH ANY UPDATES, SUCH UPDATES WILL BE DEEMED TO FORM PART OF LACCHAIN TEST NETWORKS FOR ALL PURPOSES UNDER THESE USER TERMS AND CONDITIONS UNLESS OTHER TERMS OF USE ARE PROVIDED BY IDB IN CONNECTION WITH SUCH UPDATES.** + +**NO CONTENT OR OTHER MATERIALS OR INFORMATION ON OR ACCESSIBLE THROUGH THE LACCHAIN TEST NETWORK OR THE USE OF THE SERVICES IS INTENDED TO BE NOR SHALL BE DEEMED TO BE A SOLICITATION TO SELL OR AN OFFER TO BUY SECURITIES BY OR ON BEHALF OF IDB OR ANY OTHER PERSON OR ENTITY. TO THE EXTENT THAT THE LACCHAIN TEST NETWORK LINKS TO A WEB SITE THAT FACILITATES SUCH SOLICITATION, SUCH LINK IS PROVIDED FOR THE CONVENIENCE OF THE USER AND DOES NOT REPRESENT THE ENDORSEMENT OF ANY OFFER OR SOLICITATION MADE OR FACILITATED BY OR THROUGH SUCH LINKED WEB SITE.** + +**USE OF SERVICES** +You are responsible for all your activity on the LACCHAIN TEST NETWORK and shall abide by all applicable local, state, national and foreign laws, treaties and regulations in connection with your use of the Services, including those related to data privacy, international communications and the transmission of technical, financial or personal data. You shall: (a) notify IDB immediately of any unauthorized use of your User Identification, your validator node, any password, or any of your Registration information, or any other known or suspected breach of security; and (b) report to IDB immediately and use reasonable efforts to stop immediately any copying or distribution of Content that is known or suspected by you to infringe the intellectual property rights of any other third party or is otherwise illegal, inappropriate and/or in violation of any provision of this Agreement. +You agree to only make Submissions and to otherwise post, send and receive information that is proper and related to the Services. By way of example, and not as a limitation, you agree that when using the Services, you will not: +1. alter or modify any part of the LACCHAIN TEST NETWORK, the Services or any of the related technologies; +2. defame, abuse, harass, stalk, threaten or otherwise violate the legal rights (such as rights of privacy and publicity) of others; +3. publish, post, upload, distribute or disseminate any false, misleading, inappropriate, profane, defamatory, infringing, libelous, obscene, indecent or unlawful topic, name, material or information; +4. duplicate, license, sublicense, publish, broadcast, transmit, distribute, perform, display, sell, rebrand or otherwise transfer information or Content found on the LACCHAIN TEST NETWORK (excluding Submissions from you) except as expressly permitted by this Agreement; +5. upload files that contain software or other material protected by intellectual property laws (or by rights of privacy or publicity) unless you own or control the rights thereto or have received all necessary consents; +6. upload files that contain viruses, corrupted files, or any other similar software or programs that may damage the operation of another's computer; +7. advertise or offer to sell or buy any goods or services for any business purpose, unless the Services specifically allow such messages, in which you case you may do so only in accordance with any additional terms and conditions applicable to such messages; +8. conduct or forward surveys, contests, pyramid schemes, chain letters or the like; +9. download any file posted by another User that you know, or reasonably should know, cannot be legally distributed in such manner; +10. falsify or delete any author attributions, legal or other notices or proprietary designations or labels of the origin or source of software, Content or other material contained in a file that is uploaded; +11. use any alias, pseudonym (other than a trade name that is not misleading), or means of concealing the sender or recipient of any electronic communication made by you using the capabilities of the LACCHAIN TEST NETWORK or made by you to any other person; +12. damage, disable, restrict or inhibit any other User from using and enjoying the Services; +13. violate any code of conduct or other guidelines which may be applicable for any particular Service, including IDB guidelines in respect of prohibited practices; +14. harvest or otherwise collect information about others, including e-mail addresses, without their consent; +15. violate any applicable laws or regulations; +16. reverse engineer, decompile, disassemble, decipher, or otherwise attempt to derive the source code for any underlying intellectual property used to provide the Services or any part thereof; or +17. circumvent, disable or otherwise interfere with security-related features of the LACCHAIN TEST NETWORK or features, such as those that prevent or restrict use or copying of any Content, or that enforce limitations on use of the LACCHAIN TEST NETWORK or the Content therein. +As a condition of your use of the LACCHAIN TEST NETWORK, you represent and warrant to IDB that you will not use the LACCHAIN TEST NETWORK for any purpose that is unlawful or prohibited by this Agreement. You may not obtain or attempt to obtain from IDB or the LACCHAIN TEST NETWORK any materials or information through any means not intentionally made available or provided for through the LACCHAIN TEST NETWORK. + +**INTELLECTUAL PROPERTY RIGHTS** +You acknowledge and agree that the LACCHAIN TEST NETWORK and the Services include features and Content that are protected by copyright, patent, trademark, trade secret or other laws governing proprietary rights. IDB or its licensors own all rights, title and interest in and to the LACCHAIN TEST NETWORK, the Services, and all Content (other than your Submissions), software, code, data and other materials thereon, as well as the look-and-feel, design and organization of any aspect thereof. Your use of the LACCHAIN TEST NETWORK does not grant to you ownership or title of, in or to any Content or other material on the LACCHAIN TEST NETWORK, or the right to use the LACCHAIN TEST NETWORK or any of the Services for any purpose other than as expressly set forth in this Agreement. Without limiting the foregoing, the IDB, IDB Lab, Multilateral Investment Fund, LACChain Alliance and LACCHAIN TEST NETWORK names and logos, and the names associated with them and the Services are trademarks of IDB, and no right or license is granted to use them. + +**INDEMNITY** +As a condition of your use of the LACCHAIN TEST NETWORK and the Services, you agree to indemnify the IDB, its affiliates, and its and their respective partners, officers, directors, employees and agents, from and against any and all actions, claims, losses, damages, liabilities and expenses (including reasonable attorneys' fees) arising from: (i) your use of and access to the LACCHAIN TEST NETWORK and any of the Services, and any activity in which you engage in connection therewith, (ii) your violation of any term of this Agreement, including without limitation your violation of any third party copyright, property (including intellectual or industrial property), confidential information, privacy, contractual or other right, or (iii) any claim that one of your Submissions or any portion thereof caused damage to a third party. This indemnification obligation will survive termination of this Agreement and your use of the LACCHAIN TEST NETWORK. + +**PRIVACY** +You should carefully read our full Privacy Policy before using the LACCHAIN TEST NETWORK or any of the Services. The Privacy Policy, included in Annex B, governs IDB’s treatment of any information you submit to us, including personally identifiable information. +You acknowledge, consent and agree that IDB may access, preserve, and disclose your Registration and any other information you provide if required to do so by law or in a good faith belief that such access, preservation or disclosure is reasonably necessary in our opinion to: (1) comply with legal process, including, but not limited to, civil and criminal subpoenas, court orders or other compulsory disclosures; (2) enforce this Agreement; (3) respond to claims of a violation of any right of a third party, whether or not the third party is a User, individual, government agency or other legal entity; (4) respond to customer service inquiries; or (5) protect the rights, property, or personal safety of IDB, any User or the public. + +**PROCEDURE FOR MAKING CLAIMS OF COPYRIGHT INFRINGEMENT** +IDB respects the intellectual property rights of others. You may notify IDB in accordance with the following procedures if you believe that the content of any of your Submissions has been copied in an infringing manner. ANY INQUIRIES OR NOTICES NOT IN ACCORDANCE WITH THE FOLLOWING PROCEDURE WILL RECEIVE NO RESPONSE. +IDB has implemented procedures for receiving written notification of claimed infringements, and has designated an officer to receive notices of claimed copyright infringement consistent with the requirements of the Digital Millennium Copyright Act (17 U.S.C. § 512). If you believe in good faith that your work has been copied in a way that constitutes copyright infringement, you may provide a written communication which contains the following: +1. an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright interest; +2. a description of the copyrighted work that you claim has been infringed; +3. a description of the location on the LACCHAIN TEST NETWORK of the material that you claim is infringing; +4. your address, telephone number and e-mail address; +5. a statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law; and +6. a statement by you, made under penalty of perjury, that the information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner’s behalf. +Please submit your notice to IDB's copyright officer as follows: +Attn: Copyright Officer +Re: LACCHAIN TEST NETWORKS +Inter-American Development Bank +1300 New York Avenue NW +Washington, D.C. 20577 +Stop [SW0374] + +**REMEDIES AND DISPUTES** +IN NO EVENT SHALL IDB BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH (i) THE USE OF THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES, (ii) THE DELAY OR INABILITY TO USE THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES, (iii) THE PROVISION OF OR FAILURE TO PROVIDE SERVICES, INFORMATION, SOFTWARE, PRODUCTS OR OTHER DATA OBTAINED THROUGH THE LACCHAIN TEST NETWORK, OR OTHERWISE ARISING OUT OF THE USE OF THE LACCHAIN TEST NETWORK OR THE SERVICES, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF IDB OR ANY OF ITS SUPPLIERS OR CONTENT PROVIDERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. +IF YOU ARE DISSATISFIED OR CONSIDER THAT ANY HARM MAY HAVE BEEN CAUSED BY OR ARISEN IN RELATION TO ANY PORTION OF THE LACCHAIN TEST NETWORK OR ITS ADMINISTRATION OR ANY OF THE SERVICES, YOU MAY TERMINATE YOUR USER IDENTIFICATION AND DISCONTINUE USING THE LACCHAIN TEST NETWORKS AND THE SERVICES, AND SUCH DISCONTINUANCE SHALL BE YOUR SOLE AND EXCLUSIVE REMEDY. + +This Agreement will be governed, interpreted and enforced in accordance with the laws of the District of Columbia, United States of America, without giving effect to the conflict of laws provisions of that jurisdiction. No waiver by IDB of any provision of this Agreement shall be binding except as set forth in writing signed by its duly authorized representative. +All disputes between you and IDB arising out of or relating to this Agreement shall be finally resolved by arbitration conducted in the English language in Washington, District of Columbia, United States of America, under the commercial arbitration rules of the American Arbitration Association, provided that IDB reserves the right to apply for temporary, preliminary and final injunctive relief to enforce any of the provisions of this Agreement relating to the use of its trademarks, copyrights, other intellectual property and data security. The parties shall be responsible for their respective filing and attorneys’ fees (except that the prevailing party shall be entitled to an award of reasonable attorneys’ fees incurred in connection with the arbitration in such an amount as may be determined by the arbitrator). All decisions of the arbitrator shall be final and binding on both parties and enforceable in any court of competent jurisdiction. The parties otherwise agree to the exclusive jurisdiction of the courts of Washington, District of Columbia, United States of America for the resolution of any disputes not subject to arbitration and for the enforcement of any award resulting from any arbitration between the parties, provided that IDB reserves the right to obtain judicial equitable relief in any court having personal jurisdiction over you. + +ALL CLAIMS MUST BE BROUGHT IN EACH PARTY’S INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING, AND, UNLESS YOU AND IDB AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON'S CLAIMS. YOU AGREE THAT, BY ENTERING INTO THIS AGREEMENT, YOU AND IDB ARE EACH WAIVING THE RIGHT TO PARTICIPATE IN A CLASS ACTION. NOTHING IN THIS CLAUSE OR THIS AGREEMENT SHALL OPERATE AS A WAIVER OF, OR OTHERWISE BE CONSTRUED TO RESTRICT, LIMIT OR DEFEAT ANY RIGHTS, PRIVILEGES OR IMMUNITIES GRANTED TO THE IDB UNDER THE AGREEMENT ESTABLISHING THE INTER-AMERICAN DEVELOPMENT BANK OR ANY TREATY OR PROVISION OF DOMESTIC OR INTERNATIONAL LAW. + +**ASSIGNMENT** +This Agreement, and any rights and licenses granted hereunder, may not be transferred or assigned by you but may be assigned by IDB without restriction. + +**GENERAL** +This Agreement is the entire agreement between you and IDB relating to your use of the LACCHAIN TEST NETWORK and the Services, and supersedes any prior agreements or understandings between you and IDB with respect to the subject matter of this Agreement. You agree that no joint venture, partnership, employment, or agency relationship exists between you and IDB as a result of this Agreement or your use of the LACCHAIN TEST NETWORKS. IDB's performance of this Agreement is subject to existing laws and legal process, and nothing contained in this Agreement is in derogation of IDB's right to comply with governmental, court and law enforcement requests or requirements relating to your use of the LACCHAIN TEST NETWORK or the Services or information provided to or gathered by IDB with respect to such use. If any part of this Agreement including, but not limited to, the warranty disclaimers and liability limitations set forth above, is determined to be invalid or unenforceable pursuant to applicable law, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision, and the remainder of this Agreement shall continue in effect. If you need to send IDB a notice under this Agreement, or otherwise need to contact IDB with respect to the LACCHAIN TEST NETWORKS or the Services, please send your notice to marcosal@iadb.org and alejandropa@iadb.org. + +**MODIFICATION OF THIS TERMS OF USE** +IDB reserves the right to modify this Agreement and to change the terms, conditions, and notices under which the LACCHAIN TEST NETWORK and the Services are offered. Such modification shall be effective when it is posted on https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_VAL_NODE.md. Your continued use of the LACCHAIN TEST NETWORK or the Services after a revised Agreement is posted signifies your acceptance of the revised Agreement. You should therefore review this Agreement regularly and when we notify you of any changes thereto to ensure you are updated as to such changes. + +---- + +ANNEX A + +USERS MUST UTILIZE THE LACCHAIN INFRASTRUCTURE WITH RESPONSIBILITY. USERS AGREE NOT TO MISUSE LACCHAIN INFRASTRUCTURE OR HELP ANYONE ELSE TO DO SO. USERS MUST NOT EVEN TRY TO DO ANY OF THE FOLLOWING IN CONNECTION WITH THE LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCTS: + +• PROBE, SCAN, OR TEST THE VULNERABILITY OF ANY SYSTEM OR NETWORK UNLESS DONE IN AGREEMENT WITH IDB; +• ENGAGE IN CYPTOCURRENY TRANSACTIONS, CRYPTO INVESTMENTS OR GAMBLING, UNLESS DONE IN AGREEEMNT WITH IDB; +• BREACH OT OTHERWISE CIRCUMVENT ANY SECURITY OR AUTHENTICATION MEASURES; +• ACCESS, TAMPER WITH, OR USE NON-PUBLIC AREAS OR PARTS OF THE SERVICES, OR SHARED AREAS OF THE SERVICES THE USER HAVE NOT BEEN ALLOWED TO; +• ACCESS, SEARCH, OR CREAT ACCOUNTS IN THE LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCS BY ANY MEANS OTHER THAN OUR PUBLICLY SUPPORTED INTERFACES (I.E. SCRAPING OR CREATING ACCOUNTS I BULK) UNLESS DONE IN AGREEMENT WITH IDB; +• SEND NSOLICITED COMMUNICATIONS, PROMOTIONS, ADVERTISEMENT, OR SPAM; +• SEND ALTERED, DECEPTIVE OR FALSE SOURCE-IDENTIFYING INFORMATION, INCLUDING SPOOFING OR PHISHING; +• PROMOTE OR ADVERTISE PRODUCTS OR SERVICES OTHER THAN THE USER OWNS WITHOUT APPROPIATE AUTHORIZATION; +• SELL OR RESELL LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCTS UNLESS SPECIFICALLY AUTHORIZED TO DO SO; +• USE THE LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCS TO PROMOTE, SUPPORT, DEVELOP, OR CONTRIBUTE TO ANY ACTIVITIES THAT ARE UNLAWFULLY PORNOGRAPHIC OR INDECENT, OR RELATED WITH ACTS OF VIOLENCE OR TERRORISM, INCLUDING TERROR PROPAGANDA; +• ADVOCATE BIGOTRY OR HATRED AGAINST ANY PERSON OR GROUP OF PEOPLE BASED ON THEIR RACE, RELIGION, ETHNICITY, SEX, GENDER IDENTITY, SEXUAL ORIENTATION, DISABILITY, OR IMPAIRMENT; +• HARASS OR ABUSE OTHER ENTITIES OPERATING LACCHAIN INFRASTRUCTURE; +• VIOLATE THE LAW IN ANY WAY, INCLUDING ACTIVITIES THAT ARE FRAUDULENT, DIFAMATORY, OR MISLEADING; +• VIOLATE THE PRIVACY OR INFRINGE THE RIGHTS OF OTHERS. + +---- + +ANNEX B +THIS PRIVACY POLICY SETS FORTH THE DATA PROTECTION POLICIES AND PRACTICES OF THE LACCHAIN TEST NETWORK, A BLOCKCHAIN NETWORK ESTABLISHED AND SUPPORTED BY THE INTER-AMERICAN DEVELOPMENT BANK ("IDB" OR "US"). AS EXPLAINED IN THE LACCHAIN TERMS AND CONDITIONS FOR TEST NETWORKS FOR VALIDATOR NODES, INTO WHICH THIS PRIVACY POLICY IS INCORPORATED BY REFERENCE, THE IDB IS AN INTERNATIONAL ORGANIZATION ESTABLISHED BY ITS MEMBER COUNTRIES PURSUANT TO THE AGREEMENT ESTABLISHING THE INTER-AMERICAN DEVELOPMENT BANK. +BY USING THE LACCHAIN TEST NETWORK, YOU ARE AGREEING TO THE TERMS OF THIS PRIVACY POLICY, INCLUDING AS THEY MAY BE AMENDED FROM TIME TO TIME. YOUR USE OF THE SITE THEREFORE CONSTITUTES YOUR CONSENT TO OUR COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION WE COLLECT FROM YOU THROUGH THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES, AS DESCRIBED HEREIN. PLEASE BE SURE TO READ THIS ENTIRE PRIVACY POLICY BEFORE USING THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES. +AS THE LACCHAIN TEST NETWORK IS UPDATED AND EXPANDED, OUR PRIVACY POLICY MAY CHANGE, SO PLEASE REVIEW THE POSTED PRIVACY POLICY FROM TIME TO TIME. WE WILL NOTIFY YOU ABOUT MATERIAL CHANGES IN THIS PRIVACY POLICY VIA EMAIL TO THE POINT OF CONTACT. + +SCOPE AND DEFINITIONS +BELOW WE DESCRIBE OUR POLICIES AND PRACTICES WITH RESPECT TO INFORMATION CONCERNING USERS OF THE LACCHAIN TEST NETWORKS, INCLUDING HOW WE COLLECT, USE, SHARE AND STORE THAT INFORMATION. +AS USED IN THIS POLICY, THE FOLLOWING TERMS HAVE A SPECIFIC MEANING: +PERSONALLY IDENTIFIABLE INFORMATION OR PII IS INFORMATION THAT IS ABOUT OR PERTAINS TO A SPECIFIC INDIVIDUAL AND CAN BE LINKED TO (IDENTIFIED WITH THAT INDIVIDUAL). +ANONYMOUS INFORMATION IS AGGREGATED INFORMATION, DEMOGRAPHIC INFORMATION AND ANY OTHER INFORMATION THAT DOES NOT REVEAL THE SPECIFIC IDENTITY OF AN INDIVIDUAL. +AN IP ADDRESS IS THE INTERNET PROTOCOL ADDRESS OF THE COMPUTER AN INDIVIDUAL USES TO ACCESS THE SITE (AND THE INTERNET MORE GENERALLY). + +COLLECTION OF INFORMATION THROUGH THE LACCHAIN TEST NETWORK +-INFORMATION YOU SUBMIT +IF YOU REGISTER FOR THE LACCHAIN TEST NETWORK, WE WILL COLLECT CERTAIN PII FROM YOU, INCLUDING YOUR FULL NAME, POSTAL ADDRESS, E-MAIL ADDRESS AND PHONE NUMBER, INFORMATION. +WHEN YOU USE THE LACCHAIN TEST NETWORK, YOUR MAKE YOUR ACTIVITY TRACEABLE AND PUBLIC TO ANYONE. +-INFORMATION AUTOMATICALLY COLLECTED +YOUR USE OF THE LACCHAIN TEST NETWORK MIGHT BE MONITORIZED AND ANALYZED USING DIFFERENT TOOLS. +WHEN YOU USE THE LACCHAIN TEST NETWORK, CERTAIN ANONYMOUS INFORMATION AS IPS MIGHT BE AUTOMATICALLY COLLECTED. +ALL OF THESE IS DESIGNED TO IMPROVE THE LACCHAIN TEST NETWORK. BY USING THE LACCHAIN TEST NETWORK, YOU CONSENT TO THE USE OF TRACKING TECHNOLOGIES AS DESCRIBED ABOVE. + +SHARING OF INFORMATION COLLECTED THROUGH THE LACCHAIN TEST NETWORK +FOR PURPOSES OF CREATING ECOSYSTEM, EXPOSING AND EXPLORING USE CASES, RAISING AWARENESS, PROMOTING THE TECHNOLOGY, SHARING LESSONS LEARNED, AND BY MEANS OF TRANSPARENCY, THE INFORMATION YOU SUBMIT AND THE INFORMATION THAT IS AUTOMATICALLY COLLECTED ABOUT YOU MIGHT BE SHARED PUBLICLY BY THE IDB WITH NO PRIOR NOTIFICATION. + +COUNTRYTEXTFULLTEXT +WE MAY DISCLOSE PII IN RESPONSE TO LEGAL PROCESS OR WHEN WE BELIEVE IN GOOD FAITH THAT THE LAW REQUIRES IT, FOR EXAMPLE, IN RESPONSE TO A COURT ORDER, SUBPOENA, OR A LAW ENFORCEMENT AGENCY’S REQUEST. WE ALSO MAY DISCLOSE PII TO PROTECT THE SECURITY AND OPERATION OF THE SITE OR THE RIGHTS OF OTHER SITE USERS, AND TO PROTECT OURSELVES AND OUR PARTNERS, AFFILIATES, CONSULTANTS, SUPPLIERS, AND PROVIDERS AGAINST LIABILITY, OR IF WE HAVE REASON TO BELIEVE THAT SOMEONE IS CAUSING OR THREATENING TO CAUSE INJURY TO OR INTERFERENCE WITH THE IDB’S RIGHTS OR PROPERTY, AS WELL AS TO PROTECT AGAINST FRAUD. + +DELECTION PERSONAL INFORMATION +YOU UNDERSTAND THAT A THE LACCHAIN TEST NETWORK, AS A BLOCKCHAIN NETWORK, IS AN IMMUTABLE AND DECENTRALIZED REGISTER OF INFORMATION. ANY INFORMATION ON THE ACTIVITY OF YOUR VALIDATOR NODE MIGHT STAY IN THE BLOCKCHAIN UNTIL THE LAST NODE IS TURNED OFF. THE IDB WILL NOT BE RESPONSIBLE FOR THE ERASE OF ANY ACTIVITY OF YOUR NODE IN THE LACCHAIN TEST NETWORK. + +DATA SECURITY +WE ENDEAVOR TO PROTECT AND TO MONITOR THE SECURITY AND INTEGRITY OF PII WE COLLECT BY IMPLEMENTING PHYSICAL, ELECTRONIC AND MANAGERIAL PROCEDURES TO SAFEGUARD AND SECURE THE INFORMATION FROM LOSS, MISUSE, UNAUTHORIZED ACCESS OR DISCLOSURE, ALTERATION OR DESTRUCTION. HOWEVER, DUE TO THE INHERENT NATURE OF THE INTERNET AS AN OPEN GLOBAL COMMUNICATIONS VEHICLE, WE CANNOT GUARANTEE THAT ANY INFORMATION, WHETHER DURING TRANSMISSION THROUGH THE INTERNET, WHILE STORED ON OUR DATA SYSTEMS OR OTHERWISE IN MAINTAINED BY US, WILL BE ABSOLUTELY SAFE FROM INTRUSION BY OTHERS, SUCH AS HACKERS. YOU SHOULD BE AWARE THAT YOUR TRANSMISSION MIGHT NOT BE SECURE WHILE IT IS IN TRANSIT, AND THAT A THIRD PARTY COULD POSSIBLY VIEW THE INFORMATION IN TRANSIT. IN THE OCCURRENCE OF A SECURITY BREACH OF OUR DATA SYSTEMS THAT COULD COMPROMISE OUR USERS’ PII, WE WILL DISCLOSE THIS INTRUSION TO OUR AFFECTED USERS. + +DATA RETENTION +WE RETAIN PII AND ANONYMOUS INFORMATION COLLECTED THROUGH THE SITE FOR OPERATIONAL, RECORDKEEPING AND LEGAL PURPOSES. WE WILL RETAIN PII ABOUT YOU FOR THE PERIOD NECESSARY TO FULFILL THE PURPOSES OUTLINED IN THIS POLICY OR OUR DATA RETENTION POLICIES, UNLESS A LONGER RETENTION PERIOD IS REQUIRED BY LAW. + +INTERNATIONAL DATA TRANSFERS +WHEN YOU SUBMIT INFORMATION TO US THROUGH EMAIL, THE LACCHAIN TEST NETWORK OR OTHERWISE, THAT INFORMATION (INCLUDING ANY PII) WILL BE PROCESSED IN THE UNITED STATES. THE DATA PROTECTION AND OTHER PRIVACY LAWS OF THE UNITED STATES MAY NOT AFFORD THE SAME LEVEL OF PROTECTION AS THE LAWS OF CERTAIN OTHER COUNTRIES. BY PROVIDING PERSONAL INFORMATION TO IDB FROM OUTSIDE THE UNITED STATES, WHETHER DIRECTLY OR INDIRECTLY THROUGH THE LACCHAIN TEST NETWORK OR OTHERWISE, YOU EXPRESSLY CONSENT TO THE TRANSFER OF YOUR INFORMATION TO THE UNITED STATES, IN ACCORDANCE WITH THE MEASURES OF PROTECTION DESCRIBED IN THIS PRIVACY POLICY. diff --git a/instalacao-rbb-node/TERMS_AND_COND_WRITER_NODE.md b/instalacao-rbb-node/TERMS_AND_COND_WRITER_NODE.md new file mode 100755 index 00000000..d3d262e0 --- /dev/null +++ b/instalacao-rbb-node/TERMS_AND_COND_WRITER_NODE.md @@ -0,0 +1,168 @@ +**TERMS AND CONDITIONS OF USE +LACCHAIN TEST NETWORK +WRITER NODES** + +**PLEASE READ THESE TERMS AND CONDITIONS OF USE (THIS “AGREEMENT”) CAREFULLY. IT IS A LEGAL AND BINDING CONTRACT BETWEEN YOU AND THE INTER-AMERICAN DEVELOPMENT BANK (“IDB”). THIS AGREEMENT APPLIES TO USE THE LACCHAIN TEST NETWORK AND THE CAPABILITIES AND INFORMATION MADE AVAILABLE TO YOU THROUGH ITS USE. BY CONTINUING WITH THE INSTALLATION PROCESS, YOU AGREE THAT YOU UNDERSTAND THIS AGREEMENT AND AGREE TO BE BOUND BY IT IN ITS ENTIRETY. IF YOU ARE REGISTERING TO USE THE LACCHAIN TEST NETWORK ON BEHALF OF AN ORGANIZATION OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND THE LEGAL ENTITY, AND THAT THE LEGAL ENTITY IS DULY ORGANIZED, VALIDLY EXISTING AND IN GOOD STANDING. YOU FURTHER AGREE THAT THE LEGAL ENTITY WILL BE BOUND BY AND RESPONSIBLE FOR ANY BREACH OF THIS AGREEMENT. IF YOU DO NOT AGREE WITH ANY OF THE TERMS OF THIS AGREEMENT, YOU MUST IMMEDIATELY DISCONTINUE YOUR USE OF THE LACCHAIN TEST NETWORKS.** + + +LACCHAIN TEST NETWORK ("LACCHAIN TEST NETWORK") is a blockchain test network established by the IDB. The IDB is an international organization established by its member countries pursuant to the Agreement Establishing the Inter-American Development Bank. The purpose of the IDB is to further the economic and social development of Latin America and the Caribbean. The LACCHAIN TEST NETWORK provide services that enable the entity operating a writer node to send transactional data to the network for purposes of proof-of-concept use cases or testing applications using blockchain technologies. The LACCHAIN TEST NETWORK is for the benefit of users who have registered on the LACCHAIN TEST NETWORK (“Users”). Users will have access to and use of facilities of the LACCHAIN TEST NETWORK, and may be permitted to generate transactions with certain types of Content. Upon your agreement to this Agreement and the acceptance by IDB of your registration (“Registration”), you will become a User for the purpose of this Agreement. The LACCHAIN TEST NETWORK seek to provide infrastructure services for testing deployment of proof-of-concept use cases or testing applications using blockchain technologies. + +**LACCHAIN TEST NETWORKS REGISTRATION** +In order to access the full functionality of the LACCHAIN TEST NETWORK, you must register as a User through any means offered on the LACCHAIN TEST NETWORK. As part of the registration process to became a user, you are required to (i) identify a contact person in your organization to be responsible for the administration of the node and that can be reachable for any technical issue, (ii) identify a contact person for any communication between the IDB and the User, (iii) indicate precisely the type of information and content that will be registered in the blockchain, and (iv) indicate if any entity other than the User will have access to the User’s writer node. If your registration is accepted, you will be assigned a user identification code ("User Identification"). You will have access to various Content and system resources associated with your User Identification as determined by IDB in its sole discretion, which may include designated directories, designated contact person, web pages, e-mail or other capabilities, information storage, and/or types of transactional data to be sent to the network, and which may be changed, terminated, increased or decreased by IDB, at its sole discretion, from time to time. The use of pseudonyms, aliases or other devices to conceal your identity is strictly forbidden and grounds for the immediate termination of the authorization of your User Identification. You also acknowledge that you solely assume any and all liability for any Content that is posted using your User Identification, including any transactional data (as defined below), whether or not you personally post such Content. You are solely responsible for the activity that occurs through your User Identification, and you must keep your User Identification passwords secure. You shall notify IDB immediately of any breach of security or unauthorized use of your User Identification. You shall not use any User Identification without the permission of the relevant User. Although IDB will not be liable for your losses caused by any unauthorized use of your User Identification, you may be liable for the losses of IDB or others due to such unauthorized use. IDB will notify users about any personal information data security breach or intrusion made by third parties. +The LACCHAIN TEST NETWORK and the Services are provided for professional use only and in registering as a User, you acknowledge that the Services and any Content may not be used for personal, family, or household purposes. +The LACCHAIN TEST NETWORK and the Services are provided by IDB gratis and solely as an accommodation. IDB reserves the right to discontinue the LACCHAIN TEST NETWORK and the Services, in whole or in part, to accept or deny any Registration, and to terminate any Registration and its associated User Identification, at any time in its sole discretion for any reason or no reason. + +**TRANSACTIONS AND OTHER DATA SENT TO THE LACCHAIN TEST NETWORK.** +You may habilitate a writer node or send transactional data to the LACCHAIN TEST NETWORK in connection with your use of the Services. Content provided by you is referred to as a “Submission”. You hereby grant to IDB a nonexclusive, irrevocable, worldwide, perpetual, assignable, sublicensable, transferable, royalty-free right to copy, prepare derivative works, distribute, transmit, display, publish, retain, translate, analyze, and use (including alone and in collective works), in any way now known or in the future discovered, any transactional data you provide directly or indirectly in connection with the offering by IDB of the LACCHAIN TEST NETWORK and/or the Services, and to publish your name in connection with your transactional data, without any further consent of or notice to you or to any third party. All of the foregoing rights are referred to as the “License”. The License includes the right of IDB to authorize Users and other third parties on a royalty-free basis to copy, distribute, and otherwise exploit your Submission and transactional data, including the right of Users and such other third parties to authorize the same. Unless you have a separate written agreement with IDB to provide services to IDB for compensation, no compensation will be paid to you or any third party with respect to the use of your transactional data and the License as provided herein. The portion of personal data of LACCHAIN TEST NETWORKS’ users shall not be considered as transactional data. + +By sending any transaction to the LACCHAIN TEST NETWORK, you represent and warrant that you have all rights necessary to submit such transaction, and that the transaction is lawful, not private, not confidential, and not in violation of any contractual restrictions or other third party rights. You represent and warrant that any copyrighted material included in the application that you otherwise own or have all rights and required authorizations to grant to IDB and other Users the License and any other rights granted by you pursuant to this Agreement. You further represent and warrant that you have the financial, intellectual and human resources required to execute any proposed blockchain services. + +You understand and agree that IDB may, but has no obligation to, monitor, review, evaluate, edit, filter or validate any Content. IDB also has no obligation to verify the identity of the persons who register on the LACCHAIN TEST NETWORK or to monitor the use of the Services. IDB will not be a party to or in any way be responsible for monitoring any transaction between you and any other User or any other third party. IDB reserves the right to reject or refuse to post any transaction sent by you, or to deny, restrict, suspend or terminate your access to all or any part of the LACCHAIN TEST NETWORK or the Services at any time, if IDB suspects that this terms of reference might have been violated, with or without prior notice or explanation, and without liability. For avoidance of doubt, IDB has no obligation to store, maintain or provide you a copy of any Content or Submission that you or other Users provide when using the Services, whether during the term of your Registration or upon or after its termination. You are solely responsible for making backup copies of the transactional data and any electronic communications sent or received by you using the Services. + +**INFORMATION, FEEDBACK AND CONFIDENTIALITY** +LACCHAIN TEST NETWORK, any information relating to the testing progress and results, the Feedback, any product-related information and any other proprietary technology or know-how provided to you in whatever form by IDB in connection with testing and evaluation of LACCHAIN TEST NETWORK is considered confidential ("Confidential Information"). +You will keep, and ensure that any persons, firms, companies or organizations associated with you keep all Confidential Information confidential and not disclose it to any person unless permitted under this clause. This confidentiality obligation does not apply to the disclosure of Confidential Information which: (a) is or comes into public domain, except through breach of the confidentiality obligation under this clause; (b) comes lawfully into your possession from a third party who is not bound by a confidentiality obligation relating to such Confidential Information; (c) is required to be disclosed by any court of competent jurisdiction or any competent judicial, governmental, supervisory or regulatory body, or any law, provided that you will promptly notify IDB in writing; or (d) is disclosed by you with IDB prior written consent. +UNDER NO CIRCUMSTANCES MAY ANY INFORMATION ABOUT THE TESTING PROGRESS AND/OR RESULTS BE PROVIDED TO PERSONS THAT ARE NOT INVOLVED IN THE TESTING PROCESS. ANY PUBLICATION OF TESTING RESULTS, REVIEWS OR EVALUATIONS IS ONLY PERMITTED WITH THE PRIOR WRITTEN CONSENT OF THE IDB. +You will give IDB Feedback about LACCHAIN TEST NETWORK consisting of, without limitation, your suggestions, comments or any other feedback, whether it is required or provided voluntarily. If you provide IDB with any Feedback, as part of the testing and evaluation of LACCHAIN TEST NETWORK, you agree that: (a) IDB may freely use, disclose, reproduce, license, distribute and otherwise commercialize the Feedback in any product, specification or other documentation; and (b) you will not give IDB any Feedback (i) that you have reason to believe is subject to any patent, copyright, or other intellectual property claim or right of any third party; or (ii) that is subject to license terms that seek to require any IDB product incorporating or derived from any Feedback, or other IDB intellectual property, to be licensed to or otherwise shared with any third party; and (iii) no compensation will be paid to you or any third party with respect to the provision of feedback. + +**LIABILITY** +As part of your registration you are providing the IDB with information in the types of information or data that you plan to register in the LACCHAIN TEST NETWORK. IDB reserves its rights to unilaterally deny or revoke access to the LACCHAIN TEST NETWORK. A list of prohibited activities in included as annex A. You are also providing information on a contact person responsible for the use on the writer node in your entity. Should the User intend to make any changes related to the data and transactions to be registered, the contact person, the third parties using the writer nodes or any other matter that affects these Terms and Conditions, it must be communicated to and approved by the IDB. +YOU WILL BE ENTIRELY RESPONSIBLE FOR THE OPERATION OF THE WRITER NODE AND THE USE OF LACCHAIN INFRASTRUCTURE. UNDER NO CIRCUMSTANCE YOU WILL TRANSFER OR DELEGATE RESPONSIBILITY TO OTHERS. IF THE USER DESIRES TO ALLOW ANY THIRD PARTY TO USE THEIR WRITER NODE TO SEND INFORMATION/TRANSACTIONS TO THE LACCHAIN TEST NETWORKS, THE USER (I) MUST NOTIFY THE IDB, (II) MUST BE AUTHORIZED BY THE IDB, AND (III) WILL TAKE FULL RESPONSIBILITY FOR ANY USE OF THEIR WRITER NODE BY THE THIRD PARTY. + +**TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IDB, FOR ITSELF AND ITS AFFILIATES, HEREBY DISCLAIMS ANY AND ALL WARRANTIES WITH RESPECT TO ANY AND ALL CONTENT, FEATURES AND FUNCTIONS MADE AVAILABLE ON OR THROUGH THE LACCHAIN TEST NETWORK, INCLUDING WITHOUT LIMITATION ANY AND ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, ACCURACY OF DATA AND NONINFRINGEMENT. THE LACCHAIN TEST NETWORK IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. IDB IS NOT RESPONSIBLE FOR AND MAKES NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO, DELIVERY, INTEGRITY OR VISIBILITY TO THIRD PARTIES OF ANY MESSAGES OR OTHER INFORMATION SENT THROUGH THE LACCHAIN TEST NETWORKS TO ANYONE. IDB AND ITS AFFILIATES ARE NOT RESPONSIBLE FOR AND DO NOT WARRANT, GUARANTEE, RECOMMEND, OR ENDORSE, AS APPLICABLE (i) THE ACCURACY, QUALITY OR EFFECTIVENESS OF ANY CONTENT, INCLUDING ANY SUBMISSION BY ANY USER, (ii) ANY TRANSLATION OF ORIGINAL CONTENT, (iii) THE SUCCESS OF ANY PROJECT OR COLLABORATION WITH ANOTHER USER OR OTHER THIRD PARTY THAT MAY RESULT FROM A SUBMISSION OR FROM INTERACTIONS WITH OTHER USERS OR THIRD PARTIES, or (iv) THAT THE LACCHAIN TEST NETWORK OR THE SERVICES WILL FUNCTION WITHOUT INTERRUPTION OR ERRORS IN FUNCTIONING. IN PARTICULAR, THE OPERATION OF THE LACCHAIN TEST NETWORK AND THE SERVICES MAY BE INTERRUPTED DUE TO MAINTENANCE, UPDATES, OR SYSTEM OR NETWORK FAILURES. IDB DISCLAIMS ANY AND ALL LIABILITY FOR DAMAGES CAUSED BY ANY SUCH INTERRUPTION OR ERRORS IN FUNCTIONING. +IDB EXPRESSLY MANIFESTS THAT THE LACCHAIN TEST NETWORK IS NOT A FINAL SERVICE AND, AS SUCH, MAY PRODUCE OR CONTAIN VARIOUS ERRORS, DEFECTS AND THEY MAY BE UNSTABLE. WE DO NOT RECOMMEND INSTALLING OR USING LACCHAIN TEST NETWORK’S SOFTWARE AND PROTOCOLS OTHER THAN FOR TESTING PURPOSES. FURTHERMORE, WE DO NOT RECOMMEND USING THE LACCHAIN TEST NETWORK UNLESS YOU ARE AN EXPERIENCED USER. +IDB DOES NOT GUARANTEE TO PROVIDE ANY UPDATES TO LACCHAIN TEST NETWORKS, ANY UPDATED MALWARE SIGNATURES OR ANY OTHER UPDATED CONTENT UTILIZED BY LACCHAIN TEST NETWORKS (SUCH AS VIRUS AND SPYWARE DEFINITIONS, ANTI-SPAM RULES, URL LISTS, FIREWALL RULES, VULNERABILITY DATA OR LISTS OF AUTHENTICATED WEB PAGES) ("UPDATES"). HOWEVER, SHOULD IDB IN ITS SOLE DISCRETION PROVIDE YOU WITH ANY UPDATES, SUCH UPDATES WILL BE DEEMED TO FORM PART OF LACCHAIN TEST NETWORKS FOR ALL PURPOSES UNDER THESE USER TERMS AND CONDITIONS UNLESS OTHER TERMS OF USE ARE PROVIDED BY IDB IN CONNECTION WITH SUCH UPDATES.** + +**NO CONTENT OR OTHER MATERIALS OR INFORMATION ON OR ACCESSIBLE THROUGH THE LACCHAIN TEST NETWORK OR THE USE OF THE SERVICES IS INTENDED TO BE NOR SHALL BE DEEMED TO BE A SOLICITATION TO SELL OR AN OFFER TO BUY SECURITIES BY OR ON BEHALF OF IDB OR ANY OTHER PERSON OR ENTITY. TO THE EXTENT THAT THE LACCHAIN TEST NETWORK LINKS TO A WEB SITE THAT FACILITATES SUCH SOLICITATION, SUCH LINK IS PROVIDED FOR THE CONVENIENCE OF THE USER AND DOES NOT REPRESENT THE ENDORSEMENT OF ANY OFFER OR SOLICITATION MADE OR FACILITATED BY OR THROUGH SUCH LINKED WEB SITE.** + +**USE OF SERVICES** +You are responsible for all your activity on the LACCHAIN TEST NETWORK and shall abide by all applicable local, state, national and foreign laws, treaties and regulations in connection with your use of the Services, including those related to data privacy, international communications and the transmission of technical, financial or personal data. You shall: (a) notify IDB immediately of any unauthorized use of your User Identification, your writer node, any password, or any of your Registration information, or any other known or suspected breach of security; and (b) report to IDB immediately and use reasonable efforts to stop immediately any copying or distribution of Content that is known or suspected by you to infringe the intellectual property rights of any other third party or is otherwise illegal, inappropriate and/or in violation of any provision of this Agreement. +You agree to only make Submissions and to otherwise post, send and receive information that is proper and related to the Services. By way of example, and not as a limitation, you agree that when using the Services, you will not: +1. alter or modify any part of the LACCHAIN TEST NETWORK, the Services or any of the related technologies; +2. defame, abuse, harass, stalk, threaten or otherwise violate the legal rights (such as rights of privacy and publicity) of others; +3. publish, post, upload, distribute or disseminate any false, misleading, inappropriate, profane, defamatory, infringing, libelous, obscene, indecent or unlawful topic, name, material or information; +4. duplicate, license, sublicense, publish, broadcast, transmit, distribute, perform, display, sell, rebrand or otherwise transfer information or Content found on the LACCHAIN TEST NETWORK (excluding Submissions from you) except as expressly permitted by this Agreement; +5. upload files that contain software or other material protected by intellectual property laws (or by rights of privacy or publicity) unless you own or control the rights thereto or have received all necessary consents; +6. upload files that contain viruses, corrupted files, or any other similar software or programs that may damage the operation of another's computer; +7. advertise or offer to sell or buy any goods or services for any business purpose, unless the Services specifically allow such messages, in which you case you may do so only in accordance with any additional terms and conditions applicable to such messages; +8. conduct or forward surveys, contests, pyramid schemes, chain letters or the like; +9. download any file posted by another User that you know, or reasonably should know, cannot be legally distributed in such manner; +10. falsify or delete any author attributions, legal or other notices or proprietary designations or labels of the origin or source of software, Content or other material contained in a file that is uploaded; +11. use any alias, pseudonym (other than a trade name that is not misleading), or means of concealing the sender or recipient of any electronic communication made by you using the capabilities of the LACCHAIN TEST NETWORK or made by you to any other person; +12. damage, disable, restrict or inhibit any other User from using and enjoying the Services; +13. violate any code of conduct or other guidelines which may be applicable for any particular Service, including IDB guidelines in respect of prohibited practices; [1] +14. harvest or otherwise collect information about others, including e-mail addresses, without their consent; +15. violate any applicable laws or regulations; +16. reverse engineer, decompile, disassemble, decipher, or otherwise attempt to derive the source code for any underlying intellectual property used to provide the Services or any part thereof; or +17. circumvent, disable or otherwise interfere with security-related features of the LACCHAIN TEST NETWORK or features, such as those that prevent or restrict use or copying of any Content, or that enforce limitations on use of the LACCHAIN TEST NETWORK or the Content therein. +As a condition of your use of the LACCHAIN TEST NETWORK, you represent and warrant to IDB that you will not use the LACCHAIN TEST NETWORK for any purpose that is unlawful or prohibited by this Agreement. You may not obtain or attempt to obtain from IDB or the LACCHAIN TEST NETWORK any materials or information through any means not intentionally made available or provided for through the LACCHAIN TEST NETWORK. + +**INTELLECTUAL PROPERTY RIGHTS** +You acknowledge and agree that the LACCHAIN TEST NETWORK and the Services include features and Content that are protected by copyright, patent, trademark, trade secret or other laws governing proprietary rights. IDB or its licensors own all rights, title and interest in and to the LACCHAIN TEST NETWORK, the Services, and all Content (other than your Submissions), software, code, data and other materials thereon, as well as the look-and-feel, design and organization of any aspect thereof. Your use of the LACCHAIN TEST NETWORK does not grant to you ownership or title of, in or to any Content or other material on the LACCHAIN TEST NETWORK, or the right to use the LACCHAIN TEST NETWORK or any of the Services for any purpose other than as expressly set forth in this Agreement. Without limiting the foregoing, the IDB, IDB Lab, Multilateral Investment Fund, LACChain Alliance and LACCHAIN TEST NETWORK names and logos, and the names associated with them and the Services are trademarks of IDB, and no right or license is granted to use them. + +**INDEMNITY** +As a condition of your use of the LACCHAIN TEST NETWORK and the Services, you agree to indemnify the IDB, its affiliates, and its and their respective partners, officers, directors, employees and agents, from and against any and all actions, claims, losses, damages, liabilities and expenses (including reasonable attorneys' fees) arising from: (i) your use of and access to the LACCHAIN TEST NETWORK and any of the Services, and any activity in which you engage in connection therewith, (ii) your violation of any term of this Agreement, including without limitation your violation of any third party copyright, property (including intellectual or industrial property), confidential information, privacy, contractual or other right, or (iii) any claim that one of your Submissions or any portion thereof caused damage to a third party. This indemnification obligation will survive termination of this Agreement and your use of the LACCHAIN TEST NETWORK. + +**PRIVACY** +You should carefully read our full Privacy Policy before using the LACCHAIN TEST NETWORKS or any of the Services. The Privacy Policy, included in Annex B, governs IDB’s treatment of any information you submit to us, including personally identifiable information. +You acknowledge, consent and agree that IDB may access, preserve, and disclose your Registration and any other information you provide if required to do so by law or in a good faith belief that such access, preservation or disclosure is reasonably necessary in our opinion to: (1) comply with legal process, including, but not limited to, civil and criminal subpoenas, court orders or other compulsory disclosures; (2) enforce this Agreement; (3) respond to claims of a violation of any right of a third party, whether or not the third party is a User, individual, government agency or other legal entity; (4) respond to customer service inquiries; or (5) protect the rights, property, or personal safety of IDB, any User or the public. + +**PROCEDURE FOR MAKING CLAIMS OF COPYRIGHT INFRINGEMENT** +IDB respects the intellectual property rights of others. You may notify IDB in accordance with the following procedures if you believe that the content of any of your Submissions has been copied in an infringing manner. ANY INQUIRIES OR NOTICES NOT IN ACCORDANCE WITH THE FOLLOWING PROCEDURE WILL RECEIVE NO RESPONSE. +IDB has implemented procedures for receiving written notification of claimed infringements, and has designated an officer to receive notices of claimed copyright infringement consistent with the requirements of the Digital Millennium Copyright Act (17 U.S.C. § 512). If you believe in good faith that your work has been copied in a way that constitutes copyright infringement, you may provide a written communication which contains the following: +1. an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright interest; +2. a description of the copyrighted work that you claim has been infringed; +3. a description of the location on the LACCHAIN TEST NETWORK of the material that you claim is infringing; +4. your address, telephone number and e-mail address; +5. a statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law; and +6. a statement by you, made under penalty of perjury, that the information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner’s behalf. +Please submit your notice to IDB's copyright officer as follows: +Attn: Copyright Officer +Re: LACCHAIN TEST NETWORKS +Inter-American Development Bank +1300 New York Avenue NW +Washington, D.C. 20577 +Stop [SW0374] + +**REMEDIES AND DISPUTES** +IN NO EVENT SHALL IDB BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH (i) THE USE OF THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES, (ii) THE DELAY OR INABILITY TO USE THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES, (iii) THE PROVISION OF OR FAILURE TO PROVIDE SERVICES, INFORMATION, SOFTWARE, PRODUCTS OR OTHER DATA OBTAINED THROUGH THE LACCHAIN TEST NETWORK, OR OTHERWISE ARISING OUT OF THE USE OF THE LACCHAIN TEST NETWORK OR THE SERVICES, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF IDB OR ANY OF ITS SUPPLIERS OR CONTENT PROVIDERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. +IF YOU ARE DISSATISFIED OR CONSIDER THAT ANY HARM MAY HAVE BEEN CAUSED BY OR ARISEN IN RELATION TO ANY PORTION OF THE LACCHAIN TEST NETWORK OR ITS ADMINISTRATION OR ANY OF THE SERVICES, YOU MAY TERMINATE YOUR USER IDENTIFICATION AND DISCONTINUE USING THE LACCHAIN TEST NETWORKS AND THE SERVICES, AND SUCH DISCONTINUANCE SHALL BE YOUR SOLE AND EXCLUSIVE REMEDY. + +This Agreement will be governed, interpreted and enforced in accordance with the laws of the District of Columbia, United States of America, without giving effect to the conflict of laws provisions of that jurisdiction. No waiver by IDB of any provision of this Agreement shall be binding except as set forth in writing signed by its duly authorized representative. +All disputes between you and IDB arising out of or relating to this Agreement shall be finally resolved by arbitration conducted in the English language in Washington, District of Columbia, United States of America, under the commercial arbitration rules of the American Arbitration Association, provided that IDB reserves the right to apply for temporary, preliminary and final injunctive relief to enforce any of the provisions of this Agreement relating to the use of its trademarks, copyrights, other intellectual property and data security. The parties shall be responsible for their respective filing and attorneys’ fees (except that the prevailing party shall be entitled to an award of reasonable attorneys’ fees incurred in connection with the arbitration in such an amount as may be determined by the arbitrator). All decisions of the arbitrator shall be final and binding on both parties and enforceable in any court of competent jurisdiction. The parties otherwise agree to the exclusive jurisdiction of the courts of Washington, District of Columbia, United States of America for the resolution of any disputes not subject to arbitration and for the enforcement of any award resulting from any arbitration between the parties, provided that IDB reserves the right to obtain judicial equitable relief in any court having personal jurisdiction over you. +ALL CLAIMS MUST BE BROUGHT IN EACH PARTY’S INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING, AND, UNLESS YOU AND IDB AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON'S CLAIMS. YOU AGREE THAT, BY ENTERING INTO THIS AGREEMENT, YOU AND IDB ARE EACH WAIVING THE RIGHT TO PARTICIPATE IN A CLASS ACTION. NOTHING IN THIS CLAUSE OR THIS AGREEMENT SHALL OPERATE AS A WAIVER OF, OR OTHERWISE BE CONSTRUED TO RESTRICT, LIMIT OR DEFEAT ANY RIGHTS, PRIVILEGES OR IMMUNITIES GRANTED TO THE IDB UNDER THE AGREEMENT ESTABLISHING THE INTER-AMERICAN DEVELOPMENT BANK OR ANY TREATY OR PROVISION OF DOMESTIC OR INTERNATIONAL LAW. + +**ASSIGNMENT** +This Agreement, and any rights and licenses granted hereunder, may not be transferred or assigned by you but may be assigned by IDB without restriction. + +**GENERAL** +This Agreement is the entire agreement between you and IDB relating to your use of the LACCHAIN TEST NETWORK and the Services, and supersedes any prior agreements or understandings between you and IDB with respect to the subject matter of this Agreement. You agree that no joint venture, partnership, employment, or agency relationship exists between you and IDB as a result of this Agreement or your use of the LACCHAIN TEST NETWORKS. IDB's performance of this Agreement is subject to existing laws and legal process, and nothing contained in this Agreement is in derogation of IDB's right to comply with governmental, court and law enforcement requests or requirements relating to your use of the LACCHAIN TEST NETWORK or the Services or information provided to or gathered by IDB with respect to such use. If any part of this Agreement including, but not limited to, the warranty disclaimers and liability limitations set forth above, is determined to be invalid or unenforceable pursuant to applicable law, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision, and the remainder of this Agreement shall continue in effect. If you need to send IDB a notice under this Agreement, or otherwise need to contact IDB with respect to the LACCHAIN TEST NETWORKS or the Services, please send your notice to marcosal@iadb.org and alejandropa@iadb.org. + +**MODIFICATION OF THESE TERMS OF USE** +IDB reserves the right to modify this Agreement and to change the terms, conditions, and notices under which the LACCHAIN TEST NETWORK and the Services are offered. Such modification shall be effective when it is posted on https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_WRITER_NODE.md. Your continued use of the LACCHAIN TEST NETWORK or the Services after a revised Agreement is posted signifies your acceptance of the revised Agreement. You should therefore review this Agreement regularly and when we notify you of any changes thereto to ensure you are updated as to such changes. + +---- + +ANNEX A + +USERS MUST UTILIZE THE LACCHAIN INFRASTRUCTURE WITH RESPONSIBILITY. USERS AGREE NOT TO MISUSE LACCHAIN INFRASTRUCTURE OR HELP ANYONE ELSE TO DO SO. USERS MUST NOT EVEN TRY TO DO ANY OF THE FOLLOWING IN CONNECTION WITH THE LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCTS: + +• PROBE, SCAN, OR TEST THE VULNERABILITY OF ANY SYSTEM OR NETWORK UNLESS DONE IN AGREEMENT WITH IDB; +• ENGAGE IN CYPTOCURRENY TRANSACTIONS, CRYPTO INVESTMENTS OR GAMBLING, UNLESS DONE IN AGREEEMNT WITH IDB; +• BREACH OT OTHERWISE CIRCUMVENT ANY SECURITY OR AUTHENTICATION MEASURES; +• ACCESS, TAMPER WITH, OR USE NON-PUBLIC AREAS OR PARTS OF THE SERVICES, OR SHARED AREAS OF THE SERVICES THE USER HAVE NOT BEEN ALLOWED TO; +• ACCESS, SEARCH, OR CREAT ACCOUNTS IN THE LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCS BY ANY MEANS OTHER THAN OUR PUBLICLY SUPPORTED INTERFACES (I.E. SCRAPING OR CREATING ACCOUNTS I BULK) UNLESS DONE IN AGREEMENT WITH IDB; +• SEND NSOLICITED COMMUNICATIONS, PROMOTIONS, ADVERTISEMENT, OR SPAM; +• SEND ALTERED, DECEPTIVE OR FALSE SOURCE-IDENTIFYING INFORMATION, INCLUDING SPOOFING OR PHISHING; +• PROMOTE OR ADVERTISE PRODUCTS OR SERVICES OTHER THAN THE USER OWNS WITHOUT APPROPIATE AUTHORIZATION; +• SELL OR RESELL LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCTS UNLESS SPECIFICALLY AUTHORIZED TO DO SO; +• USE THE LACCHAIN INFRASTRUCTURE SERVICES AND PRODUCS TO PROMOTE, SUPPORT, DEVELOP, OR CONTRIBUTE TO ANY ACTIVITIES THAT ARE UNLAWFULLY PORNOGRAPHIC OR INDECENT, OR RELATED WITH ACTS OF VIOLENCE OR TERRORISM, INCLUDING TERROR PROPAGANDA; +• ADVOCATE BIGOTRY OR HATRED AGAINST ANY PERSON OR GROUP OF PEOPLE BASED ON THEIR RACE, RELIGION, ETHNICITY, SEX, GENDER IDENTITY, SEXUAL ORIENTATION, DISABILITY, OR IMPAIRMENT; +• HARASS OR ABUSE OTHER ENTITIES OPERATING LACCHAIN INFRASTRUCTURE; +• VIOLATE THE LAW IN ANY WAY, INCLUDING ACTIVITIES THAT ARE FRAUDULENT, DIFAMATORY, OR MISLEADING; +• VIOLATE THE PRIVACY OR INFRINGE THE RIGHTS OF OTHERS. + +---- + +ANNEX B + +THIS PRIVACY POLICY SETS FORTH THE DATA PROTECTION POLICIES AND PRACTICES OF THE LACCHAIN TEST NETWORK, A BLOCKCHAIN NETWORK ESTABLISHED AND SUPPORTED BY THE INTER-AMERICAN DEVELOPMENT BANK ("IDB" OR "US"). AS EXPLAINED IN THE LACCHAIN TERMS AND CONDITIONS FOR TEST NETWORKS FOR WRITER NODES, INTO WHICH THIS PRIVACY POLICY IS INCORPORATED BY REFERENCE, THE IDB IS AN INTERNATIONAL ORGANIZATION ESTABLISHED BY ITS MEMBER COUNTRIES PURSUANT TO THE AGREEMENT ESTABLISHING THE INTER-AMERICAN DEVELOPMENT BANK. +BY USING THE LACCHAIN TEST NETWORK, YOU ARE AGREEING TO THE TERMS OF THIS PRIVACY POLICY, INCLUDING AS THEY MAY BE AMENDED FROM TIME TO TIME. YOUR USE OF THE SITE THEREFORE CONSTITUTES YOUR CONSENT TO OUR COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION WE COLLECT FROM YOU THROUGH THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES, AS DESCRIBED HEREIN. PLEASE BE SURE TO READ THIS ENTIRE PRIVACY POLICY BEFORE USING THE LACCHAIN TEST NETWORK OR ANY OF THE SERVICES. +AS THE LACCHAIN TEST NETWORK IS UPDATED AND EXPANDED, OUR PRIVACY POLICY MAY CHANGE, SO PLEASE REVIEW THE POSTED PRIVACY POLICY FROM TIME TO TIME. WE WILL NOTIFY YOU ABOUT MATERIAL CHANGES IN THIS PRIVACY POLICY VIA EMAIL TO THE POINT OF CONTACT. + +SCOPE AND DEFINITIONS +BELOW WE DESCRIBE OUR POLICIES AND PRACTICES WITH RESPECT TO INFORMATION CONCERNING USERS OF THE LACCHAIN TEST NETWORKS, INCLUDING HOW WE COLLECT, USE, SHARE AND STORE THAT INFORMATION. +AS USED IN THIS POLICY, THE FOLLOWING TERMS HAVE A SPECIFIC MEANING: +PERSONALLY IDENTIFIABLE INFORMATION OR PII IS INFORMATION THAT IS ABOUT OR PERTAINS TO A SPECIFIC INDIVIDUAL AND CAN BE LINKED TO (IDENTIFIED WITH THAT INDIVIDUAL). +ANONYMOUS INFORMATION IS AGGREGATED INFORMATION, DEMOGRAPHIC INFORMATION AND ANY OTHER INFORMATION THAT DOES NOT REVEAL THE SPECIFIC IDENTITY OF AN INDIVIDUAL. +AN IP ADDRESS IS THE INTERNET PROTOCOL ADDRESS OF THE COMPUTER AN INDIVIDUAL USES TO ACCESS THE SITE (AND THE INTERNET MORE GENERALLY). + +COLLECTION OF INFORMATION THROUGH THE LACCHAIN TEST NETWORK +-INFORMATION YOU SUBMIT +IF YOU REGISTER FOR THE LACCHAIN TEST NETWORK, WE WILL COLLECT CERTAIN PII FROM YOU, INCLUDING YOUR FULL NAME, POSTAL ADDRESS, E-MAIL ADDRESS AND PHONE NUMBER, INFORMATION. +WHEN YOU USE THE LACCHAIN TEST NETWORK, YOUR MAKE YOUR ACTIVITY TRACEABLE AND PUBLIC TO ANYONE. +-INFORMATION AUTOMATICALLY COLLECTED +YOUR USE OF THE LACCHAIN TEST NETWORK MIGHT BE MONITORIZED AND ANALYZED USING DIFFERENT TOOLS. +WHEN YOU USE THE LACCHAIN TEST NETWORK, CERTAIN ANONYMOUS INFORMATION AS IPS MIGHT BE AUTOMATICALLY COLLECTED. +IF YOU RUN APPLICATIONS WITH END-USERS, CERTAIN ANONYMOUS INFORMATION ABOUT THE END-USERS MIGHT BE AUTOMATICALLY COLLECTED WITH THE PURPOSE OF MEASURING THE SOCIAL IMPACT ACHIEVED BY THE LACCHAIN TEST NETWORK. +ALL OF THESE IS DESIGNED TO IMPROVE THE LACCHAIN TEST NETWORK. BY USING THE LACCHAIN TEST NETWORK, YOU CONSENT TO THE USE OF TRACKING TECHNOLOGIES AS DESCRIBED ABOVE. + +SHARING OF INFORMATION COLLECTED THROUGH THE LACCHAIN TEST NETWORK +FOR PURPOSES OF CREATING ECOSYSTEM, EXPOSING AND EXPLORING USE CASES, RAISING AWARENESS, PROMOTING THE TECHNOLOGY, SHARING LESSONS LEARNED, AND BY MEANS OF TRANSPARENCY, THE INFORMATION YOU SUBMIT AND THE INFORMATION THAT IS AUTOMATICALLY COLLECTED ABOUT YOU MIGHT BE SHARED PUBLICLY BY THE IDB WITH NO PRIOR NOTIFICATION. +IF YOU ESTABLISH A PRIVATE CHANNEL WITH ONE OR MORE USERS OF THE LACCHAIN TEST NETWORK, THE IDB WILL NOT BE RESPONSIBLE FOR ANY DISCLOSURE OF PRIVATE INFORMATION BY THE OTHER USER OR USERS OF THAT PRIVATE NETWORK, OR BY THE DISCLOSURE OR LEAK OF INFORMATION CORRESPONDING TO THE PRIVATE CHANNEL BY ANY OTHER REASON. + +COUNTRYTEXTFULLTEXT +WE MAY DISCLOSE PII IN RESPONSE TO LEGAL PROCESS OR WHEN WE BELIEVE IN GOOD FAITH THAT THE LAW REQUIRES IT, FOR EXAMPLE, IN RESPONSE TO A COURT ORDER, SUBPOENA, OR A LAW ENFORCEMENT AGENCY’S REQUEST. WE ALSO MAY DISCLOSE PII TO PROTECT THE SECURITY AND OPERATION OF THE SITE OR THE RIGHTS OF OTHER SITE USERS, AND TO PROTECT OURSELVES AND OUR PARTNERS, AFFILIATES, CONSULTANTS, SUPPLIERS, AND PROVIDERS AGAINST LIABILITY, OR IF WE HAVE REASON TO BELIEVE THAT SOMEONE IS CAUSING OR THREATENING TO CAUSE INJURY TO OR INTERFERENCE WITH THE IDB’S RIGHTS OR PROPERTY, AS WELL AS TO PROTECT AGAINST FRAUD. + +DELECTION PERSONAL INFORMATION +YOU UNDERSTAND THAT A THE LACCHAIN TEST NETWORK, AS A BLOCKCHAIN NETWORK, IS AN IMMUTABLE AND DECENTRALIZED REGISTER OF INFORMATION. ANY INFORMATION YOU REGISTER FROM YOUR WRITER NODE MIGHT STAY IN THE BLOCKCHAIN UNTIL THE LAST NODE IS TURNED OFF. YOU ARE RESPONSIBLE FOR NOT REGISTERING IN THE BLOCKCHAIN ANY INFORMATION THAT YOU DO NOT WANT TO BE PUBLIC FOR EVER. THE IDB WILL NOT BE RESPONSIBLE FOR THE ERASE OF ANY INFORMATION YOU HAVE REGISTERED IN THE LACCHAIN TEST NETWORK. + +DATA SECURITY +WE ENDEAVOR TO PROTECT AND TO MONITOR THE SECURITY AND INTEGRITY OF PII WE COLLECT BY IMPLEMENTING PHYSICAL, ELECTRONIC AND MANAGERIAL PROCEDURES TO SAFEGUARD AND SECURE THE INFORMATION FROM LOSS, MISUSE, UNAUTHORIZED ACCESS OR DISCLOSURE, ALTERATION OR DESTRUCTION. HOWEVER, DUE TO THE INHERENT NATURE OF THE INTERNET AS AN OPEN GLOBAL COMMUNICATIONS VEHICLE, WE CANNOT GUARANTEE THAT ANY INFORMATION, WHETHER DURING TRANSMISSION THROUGH THE INTERNET, WHILE STORED ON OUR DATA SYSTEMS OR OTHERWISE IN MAINTAINED BY US, WILL BE ABSOLUTELY SAFE FROM INTRUSION BY OTHERS, SUCH AS HACKERS. YOU SHOULD BE AWARE THAT YOUR TRANSMISSION MIGHT NOT BE SECURE WHILE IT IS IN TRANSIT, AND THAT A THIRD PARTY COULD POSSIBLY VIEW THE INFORMATION IN TRANSIT. IN THE OCCURRENCE OF A SECURITY BREACH OF OUR DATA SYSTEMS THAT COULD COMPROMISE OUR USERS’ PII, WE WILL DISCLOSE THIS INTRUSION TO OUR AFFECTED USERS. + +DATA RETENTION +WE RETAIN PII AND ANONYMOUS INFORMATION COLLECTED THROUGH THE SITE FOR OPERATIONAL, RECORDKEEPING AND LEGAL PURPOSES. WE WILL RETAIN PII ABOUT YOU FOR THE PERIOD NECESSARY TO FULFILL THE PURPOSES OUTLINED IN THIS POLICY OR OUR DATA RETENTION POLICIES, UNLESS A LONGER RETENTION PERIOD IS REQUIRED BY LAW. + +INTERNATIONAL DATA TRANSFERS +WHEN YOU SUBMIT INFORMATION TO US THROUGH EMAIL, THE LACCHAIN TEST NETWORK OR OTHERWISE, THAT INFORMATION (INCLUDING ANY PII) WILL BE PROCESSED IN THE UNITED STATES. THE DATA PROTECTION AND OTHER PRIVACY LAWS OF THE UNITED STATES MAY NOT AFFORD THE SAME LEVEL OF PROTECTION AS THE LAWS OF CERTAIN OTHER COUNTRIES. BY PROVIDING PERSONAL INFORMATION TO IDB FROM OUTSIDE THE UNITED STATES, WHETHER DIRECTLY OR INDIRECTLY THROUGH THE LACCHAIN TEST NETWORK OR OTHERWISE, YOU EXPRESSLY CONSENT TO THE TRANSFER OF YOUR INFORMATION TO THE UNITED STATES, IN ACCORDANCE WITH THE MEASURES OF PROTECTION DESCRIBED IN THIS PRIVACY POLICY. + diff --git a/instalacao-rbb-node/TOPOLOGY_AND_ARCHITECTURE.md b/instalacao-rbb-node/TOPOLOGY_AND_ARCHITECTURE.md new file mode 100755 index 00000000..f6818885 --- /dev/null +++ b/instalacao-rbb-node/TOPOLOGY_AND_ARCHITECTURE.md @@ -0,0 +1,138 @@ +# LACCHAIN TOPOLOGY AND ARCHITECTURE + +The purpose of this documentation is to provide an overview of the LACCHAIN Besu Network's topology, architecture, communication protocols and security. + +## Topology + +The nodes of LACChain public-permissioned networks can be classified into two groups, according to their participation in the maintenance of the network. In each of these two groups there are also two different types of nodes, according to the specific role of the node in the network. + +In the following image we can see the topology and connections between the different types of nodes. + +![LACCHAIN Topology](/docs/images/topology1.png) + +### Core nodes + +Core nodes play an essential role in the correct functioning of the network. The network can't work without them. Core nodes are classified into validator and boot nodes. + +* **Validator nodes** + + Validator nodes are those that participate of the consensus protocol. They are responsible for the generation of on new blocks. Validator nodes are only connected to each other and to boot nodes for security and efficiency purposes. + +* **Boot nodes** + + Boot nodes are those that act as a liaison between validator and satellite nodes, which implies that (i) they listen to the writer nodes and pass along to the validator nodes the information about the transactions generated by writers, and (ii) they update the satellite nodes about the new blocks generated by the validator nodes. They are also responsible for setting up new nodes by provide them with a list of active nodes in the network, the latest version of the blockchain, and other relevant information such as whitelists and blacklists. Boot nodes are connected to all the types of nodes in the network. + +### Satellite nodes + +Satellite nodes do not play an essential role in the correct functioning of the network. The network works without them. Satellite nodes are classified into writer and observer nodes. + +* **Writer nodes** + + Writer nodes are those that can broadcast transations to the network. They communicate the transactions to the boot nodes, that pass them along to the validator nodes. They can also create private channels between themselves for private communication using the [Orion](https://github.com/PegaSysEng/orion) private transaction manager. Writer nodes are connected to boot nodes and to other writer nodes. + + * **Observer nodes** + + Observer nodes are those that can only read the blockchain. Observer nodes are only connected to boot nodes. + + **Note: Observer nodes haven’t been enabled in the LACChain Besu Network yet.** + +## Architecture + +LACChain Networks are distributed ledgers aimed to serve as trusted and immutable public-permissioned blockchains to be used by any entity in Latin America and the Caribbean to deploy applications with social impact. Therefore, LACChain Networks are peer-to-peer networks. + +For the purpose of the LACChain Global Alliance, peer-to-peer(P2P) architectures present many advantages against client-server architectures: + +
+ +|Client Server |Peer-to-Peer| +|-----------|-----------| +|1. Server is the central entity and only
provider of service and content
2. Network managed by the server
3. Server as the higher performance
system
4. Clients as the lower performance system

**Example: WWW** |1. Resources are shared between the peers
2. Resources can be accessed directly from
other peers
3. Peer is provider and requestor
4. Any peer can be removed without loss of
overall functionality
5. No central entities

**Example: Ethereum, LACChain**| + +In peer-to-peer systems each peer behaves both as a server and as a client. Each peer or client can send and receive data directly from any other peer or client. In blockchain jargon peers are generally called nodes. Each node can request data from it’s own databases, and it can also read from another node’s database. + +LACChain Besu Network is deployed using [Hyperledger Besu](https://www.hyperledger.org/projects/besu "Hyperledger Besu"), which is a Ethereum enterprise client. In LACChain Besu Network all nodes can request information from other node about the network’s current state (smart contracts, account balance, latest blocks, etc.). Additionally, each node maintains both a synchronized copy of the full ledger and a repository of the smart contracts that have been deployed in the network. + +Nodes rely on validator nodes to validate transactions and generate now blocks through the application +of the consensus protocol. LACChain Besu Network operates with [IBFT2.0 consensus protocol](https://www.researchgate.net/publication/335990137_IBFT_20_A_Safe_and_Live_Variation_of_the_IBFT_Blockchain_Consensus_Protocol_for_Eventually_Synchronous_Networks). + +As LACChain Besu Network is based on Ethereum infrastructure, the architecture of the network has two stacks. A Discovery Stack to discover existing nodes in the network and Connection Stack to send messages or communicate with other nodes in the network. + +![LACCHAIN Stacks](/docs/images/stacks.png) + +### Node Discovery + +For a P2P network work properly, there must be a good implementation of node discovery that allows a node to discover other nodes that are part of the network. In LACChain Networks, as detailed previously in Section Topology, nodes can have the category of validator, boot, writer or observer. + +The discover protocol implemented in LACChain Besu Network to build the peer to peer network is based on [Kademlia](https://pdos.csail.mit.edu/~petar/papers/maymounkov-kademlia-lncs.pdf "Kademlia paper"). + +Kademlia is a well-defined distributed hash table recognized as a robust standard and protocol. LACChain Besu Network inherits from Ethereum [the use of the discovery part of the Kademlia protocol](https://github.com/ethereum/wiki/wiki/Kademlia-Peer-Selection "Kademlia in Ethereum"). + +To begin the discovery process, a node needs an identity. Currently, the identity of the node is achieved through an enodeID, which is then hashed with [SHA3](https://en.bitcoinwiki.org/wiki/SHA-3 "SHA3") into a 256-bit value. For more details, you can go to [node identity](https://github.com/ethereum/devp2p/blob/master/rlpx.md#node-identity "node-identity"). In the future, LACChain nodes will be using Decentralized Identifiers (DIDs) and Verifiable Credentials (VC) for identification and authentication. In order for a node to get an identity in LACChain Besu Network, you can follow the instructions in the [README](https://github.com/lacchain/besu-network). + +Once you have deployed your node, got your identity and followed the administrative steps to be permissioned in [LACChain Besu Network](https://github.com/lacchain/besu-network/blob/master/PERMISSIONING_PROCESS.md), you node will start the discovery process. + +LACChain uses [**UDP** protocol](https://www.geeksforgeeks.org/user-datagram-protocol-udp/) to exchange information across the P2P network. The steps to achieve the discovery of nodes in the network are the following: + +* LIST: When a new node aims to join a network, it needs to be provided with a list of nodes that are already part of that network so it can try to communicate with them. In LACChain Besu Network, the addresses of the boot nodes are hard-coded and the list is located at **/root/lacchain/orion.conf**. + +![configuration of boots nodes](/docs/images/boot_config.png) + +* PING: The new node sends PING messages to all the boot nodes in the list and expects a PONG message in return. This pair of messages is used to determine whether a neighboring node is responsive. + +* FIND_NEIGHBOURS: As soon as the new node gets PONG messages from responsive boot nodes, it sends a findnode message asking them for a list of 16 nodes of those they are connected to. + +* CONNECT: At present, there is no limit for the number of nodes a new node can be connected to. Eventually, the number will be set to 25. In order to isolate validator nodes from writer and observer nodes for security and efficiency purposes, we are doing research on smart contracts for permissioning managed at a local level for each validator node, so they only whitelist boot nodes and other validator nodes for their communications. + +![P2P Network](/docs/images/discovery.png) + +To summarize, the discovery process to join a node to the lacchain network is as follows: +* Get a enode ID. +* Get the list of boot nodes. +* Bond to boot nodes: + * Send Ping + * On Pong do a findNeighbours +* Connect to active nodes +* Table of new node is persisted to minimize bootstrap requirements + +### Node Communication + +Once discovery is successful, nodes can have peer-to-peer communications over the LACChain Besu Network. Communication consist of sending and receiving messages between nodes. + +For data transfer, LACChain Besu Network uses the [RLPx Protocol](https://github.com/ethereum/devp2p/blob/master/rlpx.md "RLPx"). RLPx enables nodes to transfer encrypted and serialized data through encrypted multiplexed messaging. + +This protocol leverages Elliptic Curve Integrated Encryption Scheme (ECIES) to establish secure communications between nodes using public key infrastructure and [elliptic curve cryptography](https://hackernoon.com/what-is-the-math-behind-elliptic-curve-cryptography-f61b25253da3 "elliptic curve"). + +After the handshake, both nodes send to each other which protocols and which versions of these protocols they support: The Ethereum protocol is “eth”, the Ethereum’s Whisper protocol is “shh”, and the Light Ethereum Node Subprotocol is “les”. The subsequent messages are dependent on the protocol chosen. + +Through this protocol: + +* Writer nodes broadcast transactions to boot nodes. +* Boot nodes update writer and observer nodes on the new blocks generated by the validator nodes. +* Validator nodes agree on the generation of new blocks among themselves and broadcast to boot nodes the new blocks generated. + +### Transactions + +Transactions are the way the off-chain world interacts with the LACChain network. Transactions are used to amend or update the state stored in the LACChain network. + +The transaction cycle is: + +* An account address sends a signed transaction to a writer node. + +* The writer node verifies the transaction is signed by an authorized account address (every writer node is responsible for whitelisting and blacklisting account addresses, as they are fully responsible for the transactions they broadcast to the network). + +* The writer node broadcasts the transaction to the boot nodes it is connected to. Once the transaction is broadcast, the writer node also outputs the transaction id which can be used to track the status of the transaction. + +* The boot noodes broadcast the transaction to the validator nodes. + +* Validator nodes receive the transaction and add it to the transaction pool. + +![Tx Pool](/docs/images/tx_pool.png) + +* Validator nodes apply the [IBFT2.0 consensus protocol](https://www.researchgate.net/publication/335990137_IBFT_20_A_Safe_and_Live_Variation_of_the_IBFT_Blockchain_Consensus_Protocol_for_Eventually_Synchronous_Networks) to validate the transaction and incorporate it into a new block. The number of transactions that can fit into a block depends on LACChain Besu Network block size. + +* Validator nodes update their ledger by appending the new block and send the information to the boot nodes. + +* Boot nodes pass the information along to writer and observer nodes. Upon receiving the new block, writer and observer nodes execute all the transacciones in the block. + +### Permissioning +#TO DO# diff --git a/instalacao-rbb-node/docs/images/boot_config.png b/instalacao-rbb-node/docs/images/boot_config.png new file mode 100755 index 00000000..44b3d0ef Binary files /dev/null and b/instalacao-rbb-node/docs/images/boot_config.png differ diff --git a/instalacao-rbb-node/docs/images/discovery.png b/instalacao-rbb-node/docs/images/discovery.png new file mode 100755 index 00000000..72f6335d Binary files /dev/null and b/instalacao-rbb-node/docs/images/discovery.png differ diff --git a/instalacao-rbb-node/docs/images/event_consumer.png b/instalacao-rbb-node/docs/images/event_consumer.png new file mode 100755 index 00000000..956e6f49 Binary files /dev/null and b/instalacao-rbb-node/docs/images/event_consumer.png differ diff --git a/instalacao-rbb-node/docs/images/general_architecture.png b/instalacao-rbb-node/docs/images/general_architecture.png new file mode 100755 index 00000000..cb20f196 Binary files /dev/null and b/instalacao-rbb-node/docs/images/general_architecture.png differ diff --git a/instalacao-rbb-node/docs/images/log_blocks.PNG b/instalacao-rbb-node/docs/images/log_blocks.PNG new file mode 100755 index 00000000..a1e3e60e Binary files /dev/null and b/instalacao-rbb-node/docs/images/log_blocks.PNG differ diff --git a/instalacao-rbb-node/docs/images/log_connections.PNG b/instalacao-rbb-node/docs/images/log_connections.PNG new file mode 100755 index 00000000..88c33998 Binary files /dev/null and b/instalacao-rbb-node/docs/images/log_connections.PNG differ diff --git a/instalacao-rbb-node/docs/images/stacks.png b/instalacao-rbb-node/docs/images/stacks.png new file mode 100755 index 00000000..c2091f4b Binary files /dev/null and b/instalacao-rbb-node/docs/images/stacks.png differ diff --git a/instalacao-rbb-node/docs/images/topology.png b/instalacao-rbb-node/docs/images/topology.png new file mode 100755 index 00000000..dd95f1a7 Binary files /dev/null and b/instalacao-rbb-node/docs/images/topology.png differ diff --git a/instalacao-rbb-node/docs/images/topology1.png b/instalacao-rbb-node/docs/images/topology1.png new file mode 100755 index 00000000..667a9bc1 Binary files /dev/null and b/instalacao-rbb-node/docs/images/topology1.png differ diff --git a/instalacao-rbb-node/docs/images/transaction_manager.png b/instalacao-rbb-node/docs/images/transaction_manager.png new file mode 100755 index 00000000..91bf81b5 Binary files /dev/null and b/instalacao-rbb-node/docs/images/transaction_manager.png differ diff --git a/instalacao-rbb-node/docs/images/tx_pool.png b/instalacao-rbb-node/docs/images/tx_pool.png new file mode 100755 index 00000000..9169fd6a Binary files /dev/null and b/instalacao-rbb-node/docs/images/tx_pool.png differ diff --git a/instalacao-rbb-node/inventory.example b/instalacao-rbb-node/inventory.example new file mode 100755 index 00000000..331f03a7 --- /dev/null +++ b/instalacao-rbb-node/inventory.example @@ -0,0 +1,40 @@ +# INSTALL +[bootnodes] +# node_name= + +[validators] +# node_name= + +[writer] +# node_ip= password= node_name= node_email= dns_name= http_proxy=http://example.proxy.com:8080 https_proxy=https://example.proxy.com:8443 + +# UPDATE +[writer] +# node_ip= besu_release_version='1.4.4' orion_release_version='1.5.2' + +[writer] +# node_ip= besu_release_version='1.4.4' orion_release_version='1.5.2' + +[writer] +# node_ip= besu_release_version='1.4.4' orion_release_version='1.5.2' + +###### +## You don't need to touch anything below this point +###### + +[all:vars] +password=default_password +node_email=default@email +bootnode=false +validator=false +first_node=false +install=false +besu_release_version='1.5.2' +orion_release_version='1.5.2' +dns_name=lacchain.com + +[bootnodes:vars] +bootnode=true + +[validators:vars] +validator=true diff --git a/instalacao-rbb-node/inventory.update b/instalacao-rbb-node/inventory.update new file mode 100755 index 00000000..a3a699cf --- /dev/null +++ b/instalacao-rbb-node/inventory.update @@ -0,0 +1,26 @@ +[bootnodes] +#177.124.208.107 node_ip=177.124.208.107 besu_release_version='1.5.2' + +[validators] +#200.208.28.117 node_ip=200.208.28.117 besu_release_version='1.5.2' +#177.223.197.118 node_ip=177.223.197.118 besu_release_version='1.5.2' + +[writer] +#177.124.208.113 node_ip=35.239.231.134 besu_release_version='1.5.2' + +[all:vars] +password=default_password +node_email=default@email +bootnode=false +validator=false +first_node=false +install=false +besu_release_version='1.5.2' +orion_release_version='1.5.2' +dns_name=lacchain.com + +[bootnodes:vars] +bootnode=true + +[validators:vars] +validator=true diff --git a/instalacao-rbb-node/roles/.gitkeep b/instalacao-rbb-node/roles/.gitkeep new file mode 100755 index 00000000..e69de29b diff --git a/instalacao-rbb-node/roles/hosts b/instalacao-rbb-node/roles/hosts new file mode 100755 index 00000000..e69de29b diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/README.md b/instalacao-rbb-node/roles/lacchain-bootnode/README.md new file mode 100755 index 00000000..225dd44b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/defaults/java-debian-ubuntu.yml b/instalacao-rbb-node/roles/lacchain-bootnode/defaults/java-debian-ubuntu.yml new file mode 100755 index 00000000..807b9bd0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/defaults/java-debian-ubuntu.yml @@ -0,0 +1,12 @@ +--- +# file: laccchain-validator-node/defaults/java-debian-ubuntu.yml +# +# Default java variables for Ubuntu Linux distributions. +# +oracle_java_apt_repository: "ppa:linuxuprising/java" +oracle_java_cache_valid_time: 3600 +oracle_java_deb_package: "oracle-java11-installer-local" +oracle_java_debconf_package_default: "oracle-java11-set-default" +oracle_java_home: "/usr/lib/jvm/java-11-oracle" +oracle_java_license_version: "shared/accepted-oracle-license-v1-2" +oracle_java_state: latest diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/defaults/java-redhat.yml b/instalacao-rbb-node/roles/lacchain-bootnode/defaults/java-redhat.yml new file mode 100755 index 00000000..99509ec6 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/defaults/java-redhat.yml @@ -0,0 +1,14 @@ +--- +# file: lacchain-validator-node/defaults/java-redhat.yml +# +# Default variables for Redhat-based Linux distributions. +# + +oracle_java_dir_source: "/usr/local/src" +oracle_java_download_timeout: 60 +oracle_java_rpm_filename: "jdk-11.0.2_linux-x64_bin.rpm" +oracle_java_home: "/usr/java/default" +oracle_java_rpm_url: "http://download.oracle.com/otn-pub/java/jdk/11.0.2+9/f51449fcd52f4d52b93a989c5c56ed3c/jdk-11.0.2_linux-x64_bin.rpm" +oracle_java_rpm_validate_certs: yes +oracle_java_version: 11 +oracle_java_version_string: 11.0.2 diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/defaults/main.yml b/instalacao-rbb-node/roles/lacchain-bootnode/defaults/main.yml new file mode 100755 index 00000000..b11dd2e3 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/defaults/main.yml @@ -0,0 +1,32 @@ +--- +# defaults file for docker-ce-ansible-role + +docker_state: present + +docker_cleanup_packages_EL: + - "docker" + - "docker-common" + - "docker-client" + - "docker-engine" + +docker_cleanup_packages_Ubuntu: + - "docker.io" + - "docker-engine" + - "containerd" + +docker_prerequisite_packages_Ubuntu: + - "apt-transport-https" + - "ca-certificates" + - "curl" + - "software-properties-common" + +docker_prerequisite_packages_EL: + - "device-mapper-persistent-data" + - "lvm2" + +docker_prerequisite_packages_EL_RHEL: + - "container-selinux" + +docker_prerequisite_packages_Ubuntu_1404: + - "linux-image-extra-{{ ansible_kernel }}" + - "linux-image-extra-virtual" diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/files/genesis.json b/instalacao-rbb-node/roles/lacchain-bootnode/files/genesis.json new file mode 100755 index 00000000..fa05a352 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/files/genesis.json @@ -0,0 +1,47 @@ +{ + "config": { + "chainId": 648629, + "constantinopleFixBlock": 0, + "contractSizeLimit": 2147483647, + "ibft2": { + "blockperiodseconds": 2, + "epochlength": 30000, + "requesttimeoutseconds": 4 + } + }, + "nonce": "0x0", + "timestamp": "0x58ee40ba", + "extraData": "0xf83ea00000000000000000000000000000000000000000000000000000000000000000d5945bcdbcc9fb38a57c4f04e4a40ee906ca4861984b808400000000c0", + "gasLimit": "0x2FEFD800", + "difficulty": "0x1", + "mixHash": "0x63746963616c2062797a616e74696e65206661756c7420746f6c6572616e6365", + "coinbase": "0x0000000000000000000000000000000000000000", + "alloc": { + "0xF53Ccfc9747E1a781F4e43638b50470e69D140Cb": { + "balance": "1000000000000000000000000000" + }, + "0x749e5F3842Ce88a655BCf00DBb026C1A6734214c": { + "balance": "1000000000000000000000000000" + }, + "0x0000000000000000000000000000000000008888": { + "comment": "Account Ingress smart contract", + "balance": "0", + "code": "608060405234801561001057600080fd5b50600436106100bb576000357c0100000000000000000000000000000000000000000000000000000000900480638aa10435116100835780638aa10435146101f9578063936421d514610217578063a43e04d814610348578063e001f8411461038e578063fe9fbb80146103f4576100bb565b80630d2020dd146100c057806310d9042e1461012e578063116013061461018d5780631e7c27cb146101ab5780634dc3fefc146101c9575b600080fd5b6100ec600480360360208110156100d657600080fd5b8101908080359060200190929190505050610450565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b610136610508565b6040518080602001828103825283818151815260200191508051906020019060200280838360005b8381101561017957808201518184015260208101905061015e565b505050509050019250505060405180910390f35b610195610560565b6040518082815260200191505060405180910390f35b6101b3610566565b6040518082815260200191505060405180910390f35b6101f7600480360360208110156101df57600080fd5b8101908080351515906020019092919050505061056c565b005b610201610665565b6040518082815260200191505060405180910390f35b61032e600480360360c081101561022d57600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803590602001909291908035906020019092919080359060200190929190803590602001906401000000008111156102a857600080fd5b8201836020820111156102ba57600080fd5b803590602001918460018302840111640100000000831117156102dc57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600081840152601f19601f82011690508083019250505050505050919291929050505061066f565b604051808215151515815260200191505060405180910390f35b6103746004803603602081101561035e57600080fd5b8101908080359060200190929190505050610889565b604051808215151515815260200191505060405180910390f35b6103da600480360360408110156103a457600080fd5b8101908080359060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610b6e565b604051808215151515815260200191505060405180910390f35b6104366004803603602081101561040a57600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610f1b565b604051808215151515815260200191505060405180910390f35b60008060010282116104ca576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b6003600083815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff169050919050565b6060600280548060200260200160405190810160405280929190818152602001828054801561055657602002820191906000526020600020905b815481526020019060010190808311610542575b5050505050905090565b60005481565b60015481565b3373ffffffffffffffffffffffffffffffffffffffff16600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1614610627576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260338152602001806111106033913960400191505060405180910390fd5b7f9a90898411a81dd648299737f986c95672bedd792b2c45a5c158d8365d54575f81604051808215151515815260200191505060405180910390a150565b6000600454905090565b60008073ffffffffffffffffffffffffffffffffffffffff16610693600054610450565b73ffffffffffffffffffffffffffffffffffffffff1614156106b8576001905061087f565b600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663936421d58888888888886040518763ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808773ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200185815260200184815260200183815260200180602001828103825283818151815260200191508051906020019080838360005b838110156107f25780820151818401526020810190506107d7565b50505050905090810190601f16801561081f5780820380516001836020036101000a031916815260200191505b5097505050505050505060206040518083038186803b15801561084157600080fd5b505afa158015610855573d6000803e3d6000fd5b505050506040513d602081101561086b57600080fd5b810190808051906020019092919050505090505b9695505050505050565b6000806001028211610903576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b600060028054905011610961576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252604781526020018061116e6047913960600191505060405180910390fd5b61096a33610f1b565b6109bf576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b815260200180611143602b913960400191505060405180910390fd5b60008090505b600280549050811015610b635782600282815481106109e057fe5b90600052602060002001541415610b56576003600060028381548110610a0257fe5b90600052602060002001548152602001908152602001600020600080820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690556001820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690555050600260016002805490500381548110610a8157fe5b906000526020600020015460028281548110610a9957fe5b9060005260206000200181905550600260016002805490500381548110610abc57fe5b90600052602060002001600090556002805480919060019003610adf9190611078565b507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af600084604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a16001915050610b69565b80806001019150506109c5565b50600090505b919050565b6000806001028311610be8576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b610bf133610f1b565b610c46576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b815260200180611143602b913960400191505060405180910390fd5b610c4e6110a4565b600360008581526020019081526020016000206040518060400160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020016001820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815250509050600073ffffffffffffffffffffffffffffffffffffffff16816020015173ffffffffffffffffffffffffffffffffffffffff161415610dc75760405180604001604052803373ffffffffffffffffffffffffffffffffffffffff1681526020018473ffffffffffffffffffffffffffffffffffffffff1681525090506002849080600181540180825580915050906001820390600052602060002001600090919290919091505550610e00565b82816020019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff16815250505b806003600086815260200190815260200160002060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff1602179055509050507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af8385604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1600191505092915050565b60008073ffffffffffffffffffffffffffffffffffffffff16610f3f600154610450565b73ffffffffffffffffffffffffffffffffffffffff161415610f645760019050611073565b60036000600154815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663fe9fbb80836040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060206040518083038186803b15801561103557600080fd5b505afa158015611049573d6000803e3d6000fd5b505050506040513d602081101561105f57600080fd5b810190808051906020019092919050505090505b919050565b81548183558181111561109f5781836000526020600020918201910161109e91906110ea565b5b505050565b6040518060400160405280600073ffffffffffffffffffffffffffffffffffffffff168152602001600073ffffffffffffffffffffffffffffffffffffffff1681525090565b61110c91905b808211156111085760008160009055506001016110f0565b5090565b9056fe4f6e6c792052756c657320636f6e74726163742063616e20747269676765722052756c6573206368616e6765206576656e74734e6f7420617574686f72697a656420746f2075706461746520636f6e74726163742072656769737472792e4d7573742068617665206174206c65617374206f6e65207265676973746572656420636f6e747261637420746f20657865637574652064656c657465206f7065726174696f6e2ea165627a7a72305820084ef97932e13971f11fe752caa186aa7e7bb7cefe2b2382b528200d1213fcbf0029", + "storage": { + "0x0000000000000000000000000000000000000000000000000000000000000000": "0x72756c6573000000000000000000000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000001": "0x61646d696e697374726174696f6e000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000004": "0x0f4240" + } + }, + "0x0000000000000000000000000000000000009999": { + "comment": "Node Ingress smart contract", + "balance": "0", + "code": "60806040526004361061009e576000357c0100000000000000000000000000000000000000000000000000000000900480630d2020dd146100a357806310d9042e1461011e578063116013061461018a5780631e7c27cb146101b55780633620b1df146101e05780634dc3fefc146102a45780638aa10435146102e1578063a43e04d81461030c578063e001f8411461035f578063fe9fbb80146103d2575b600080fd5b3480156100af57600080fd5b506100dc600480360360208110156100c657600080fd5b810190808035906020019092919050505061043b565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b34801561012a57600080fd5b506101336104f5565b6040518080602001828103825283818151815260200191508051906020019060200280838360005b8381101561017657808201518184015260208101905061015b565b505050509050019250505060405180910390f35b34801561019657600080fd5b5061019f61054d565b6040518082815260200191505060405180910390f35b3480156101c157600080fd5b506101ca610553565b6040518082815260200191505060405180910390f35b3480156101ec57600080fd5b5061028e600480360361010081101561020457600080fd5b81019080803590602001909291908035906020019092919080356fffffffffffffffffffffffffffffffff19169060200190929190803561ffff169060200190929190803590602001909291908035906020019092919080356fffffffffffffffffffffffffffffffff19169060200190929190803561ffff169060200190929190505050610559565b6040518082815260200191505060405180910390f35b3480156102b057600080fd5b506102df600480360360208110156102c757600080fd5b81019080803515159060200190929190505050610746565b005b3480156102ed57600080fd5b506102f6610884565b6040518082815260200191505060405180910390f35b34801561031857600080fd5b506103456004803603602081101561032f57600080fd5b810190808035906020019092919050505061088e565b604051808215151515815260200191505060405180910390f35b34801561036b57600080fd5b506103b86004803603604081101561038257600080fd5b8101908080359060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610c2f565b604051808215151515815260200191505060405180910390f35b3480156103de57600080fd5b50610421600480360360208110156103f557600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050611023565b604051808215151515815260200191505060405180910390f35b600080600102821115156104b7576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b6003600083815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff169050919050565b6060600280548060200260200160405190810160405280929190818152602001828054801561054357602002820191906000526020600020905b81548152602001906001019080831161052f575b5050505050905090565b60005481565b60015481565b60008073ffffffffffffffffffffffffffffffffffffffff1661057d60005461043b565b73ffffffffffffffffffffffffffffffffffffffff1614156105c4577f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff600102905061073a565b600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16633620b1df8a8a8a8a8a8a8a8a6040518963ffffffff167c010000000000000000000000000000000000000000000000000000000002815260040180898152602001888152602001876fffffffffffffffffffffffffffffffff19166fffffffffffffffffffffffffffffffff191681526020018661ffff1661ffff168152602001858152602001848152602001836fffffffffffffffffffffffffffffffff19166fffffffffffffffffffffffffffffffff191681526020018261ffff1661ffff1681526020019850505050505050505060206040518083038186803b1580156106fc57600080fd5b505afa158015610710573d6000803e3d6000fd5b505050506040513d602081101561072657600080fd5b810190808051906020019092919050505090505b98975050505050505050565b3373ffffffffffffffffffffffffffffffffffffffff16600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16141515610846576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260338152602001807f4f6e6c792052756c657320636f6e74726163742063616e20747269676765722081526020017f52756c6573206368616e6765206576656e74730000000000000000000000000081525060400191505060405180910390fd5b7f66120f934b66d52127e448f8e94c2460ea62821335e0dd18e89ed38a4a09b41381604051808215151515815260200191505060405180910390a150565b6000600454905090565b6000806001028211151561090a576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b60006002805490501115156109d3576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260478152602001807f4d7573742068617665206174206c65617374206f6e652072656769737465726581526020017f6420636f6e747261637420746f20657865637574652064656c657465206f706581526020017f726174696f6e2e0000000000000000000000000000000000000000000000000081525060600191505060405180910390fd5b6109dc33611023565b1515610a76576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b8152602001807f4e6f7420617574686f72697a656420746f2075706461746520636f6e7472616381526020017f742072656769737472792e00000000000000000000000000000000000000000081525060400191505060405180910390fd5b60008090505b600280549050811015610c245782600282815481101515610a9957fe5b90600052602060002001541415610c175760036000600283815481101515610abd57fe5b90600052602060002001548152602001908152602001600020600080820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690556001820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff021916905550506002600160028054905003815481101515610b3e57fe5b9060005260206000200154600282815481101515610b5857fe5b90600052602060002001819055506002600160028054905003815481101515610b7d57fe5b90600052602060002001600090556002805480919060019003610ba09190611180565b507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af600084604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a16001915050610c2a565b8080600101915050610a7c565b50600090505b919050565b60008060010283111515610cab576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b610cb433611023565b1515610d4e576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b8152602001807f4e6f7420617574686f72697a656420746f2075706461746520636f6e7472616381526020017f742072656769737472792e00000000000000000000000000000000000000000081525060400191505060405180910390fd5b610d566111ac565b600360008581526020019081526020016000206040805190810160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020016001820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815250509050600073ffffffffffffffffffffffffffffffffffffffff16816020015173ffffffffffffffffffffffffffffffffffffffff161415610ecf5760408051908101604052803373ffffffffffffffffffffffffffffffffffffffff1681526020018473ffffffffffffffffffffffffffffffffffffffff1681525090506002849080600181540180825580915050906001820390600052602060002001600090919290919091505550610f08565b82816020019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff16815250505b806003600086815260200190815260200160002060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff1602179055509050507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af8385604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1600191505092915050565b60008073ffffffffffffffffffffffffffffffffffffffff1661104760015461043b565b73ffffffffffffffffffffffffffffffffffffffff16141561106c576001905061117b565b60036000600154815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663fe9fbb80836040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060206040518083038186803b15801561113d57600080fd5b505afa158015611151573d6000803e3d6000fd5b505050506040513d602081101561116757600080fd5b810190808051906020019092919050505090505b919050565b8154818355818111156111a7578183600052602060002091820191016111a691906111f2565b5b505050565b6040805190810160405280600073ffffffffffffffffffffffffffffffffffffffff168152602001600073ffffffffffffffffffffffffffffffffffffffff1681525090565b61121491905b808211156112105760008160009055506001016111f8565b5090565b9056fea165627a7a72305820983bfe3942b9e8017923c6c8ab25cd06562512a2ca87192d3dca6d6bfb17de9d0029", + "storage": { + "0x0000000000000000000000000000000000000000000000000000000000000000": "0x72756c6573000000000000000000000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000001": "0x61646d696e697374726174696f6e000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000004": "0x0f4240" + } + } + } +} diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/files/java-bin.sh b/instalacao-rbb-node/roles/lacchain-bootnode/files/java-bin.sh new file mode 100755 index 00000000..a0ef897f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/files/java-bin.sh @@ -0,0 +1 @@ +export PATH=$PATH:/usr/local/java/bin \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/files/java-path.sh b/instalacao-rbb-node/roles/lacchain-bootnode/files/java-path.sh new file mode 100755 index 00000000..54e43fce --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/files/java-path.sh @@ -0,0 +1,2 @@ +export JAVAPATH=$HOME/java +export PATH=$JAVAPATH/bin:$PATH \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/files/log.xml b/instalacao-rbb-node/roles/lacchain-bootnode/files/log.xml new file mode 100755 index 00000000..a61283d0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/files/log.xml @@ -0,0 +1,76 @@ + + + + INFO + %d{yyyy-MM-dd'T'HH:mm:ss.SSSZ} %p %m%n + + + + + %d %p %c{1.} [%t] %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/files/orion.service b/instalacao-rbb-node/roles/lacchain-bootnode/files/orion.service new file mode 100755 index 00000000..90a3b0a2 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/files/orion.service @@ -0,0 +1,10 @@ +[Unit] +Description=Orion client + +[Service] +Type=simple +Restart=always +ExecStart=/root/lacchain/start-orion.sh + +[Install] +WantedBy=default.target diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/files/pantheon.service b/instalacao-rbb-node/roles/lacchain-bootnode/files/pantheon.service new file mode 100755 index 00000000..4692bbe1 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/files/pantheon.service @@ -0,0 +1,10 @@ +[Unit] +Description=Ethereum Pantheon client + +[Service] +Type=simple +Restart=always +ExecStart=/root/lacchain/start-pantheon.sh + +[Install] +WantedBy=default.target diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/handlers/main.yml b/instalacao-rbb-node/roles/lacchain-bootnode/handlers/main.yml new file mode 100755 index 00000000..a4bc966a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/handlers/main.yml @@ -0,0 +1,4 @@ +--- +# handlers file for lacchain-writer-node +- name: run ldconfig + shell: ldconfig diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/meta/main.yml b/instalacao-rbb-node/roles/lacchain-bootnode/meta/main.yml new file mode 100755 index 00000000..adc97a8f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/meta/main.yml @@ -0,0 +1,59 @@ +galaxy_info: + author: Adrian Pareja + description: install pantheon node + company: everis + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Some suggested licenses: + # - BSD (default) + # - MIT + # - GPLv2 + # - GPLv3 + # - Apache + # - CC-BY + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 1.2 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + #github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: + [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: + [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/clean-files.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/clean-files.yaml new file mode 100755 index 00000000..38cae364 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/clean-files.yaml @@ -0,0 +1,10 @@ +--- +- name: Remove old constellation file + file: + path: ~/lacchain/tmp/permissioned-nodes_general.json + state: absent + +- name: Remove old permissioned nodes file + file: + path: ~/lacchain/tmp/permissioned-nodes_validator.json + state: absent diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/init-besu.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/init-besu.yaml new file mode 100755 index 00000000..f1fbbf8a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/init-besu.yaml @@ -0,0 +1,99 @@ +--- +- name: Init pantheon + debug: + msg: "Init Pantheon" + +- name: create lacchain directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/data", mode: "0440" } + - { dest: "~/lacchain/logs", mode: "0440" } + - { dest: "~/lacchain/tmp", mode: "0440" } + +- name: initializing pantheon from genesis.json + debug: + msg: Initializing Pantheon + +- name: Copy genesis ibft2.0 file + copy: + src: "{{ role_path }}/files/genesis.json" + dest: ~/lacchain/data/genesis.json + mode: 0755 + +- name: Copy node key to first bootnode node + copy: + src: "{{ role_path }}/files/key" + dest: ~/lacchain/data/key + mode: 0700 + when: first_node + +- name: Copy bootnode key to first bootnode node + copy: + src: "{{ role_path }}/files/bootnode" + dest: ~/lacchain/data/bootnode + mode: 0700 + when: first_node + +- name: Generate node key + shell: pantheon --genesis-file=/root/lacchain/data/genesis.json --data-path=/root/lacchain/data public-key export --to=/root/lacchain/data/bootnode | grep -oE "0x[A-Fa-f0-9]*" | sed 's/0x//' + register: enode_key + when: bootnode + +- name: print enode key + debug: + msg: enode://{{enode_key.stdout}}@{{node_ip}}:60606 + when: bootnode + +- name: Copy bootnodes variable from validators + copy: + src: "{{ playbook_dir }}/roles/lacchain-validator-node/vars/main.yml" + dest: ~/lacchain/tmp/main.yml + mode: 0700 + when: bootnode + +- name: update bootnodes connection + replace: + dest: ~/lacchain/tmp/main.yml + regexp: '60606"$' + replace: "60606," + when: bootnode + +- name: add new bootnode to running validator or writer + replace: + dest: ~/lacchain/tmp/main.yml + regexp: "60606,$" + replace: ',"enode://{{enode_key.stdout}}@{{node_ip}}:60606"]' + when: bootnode + +- name: Generate shell script to execute geth service + template: + src: "startpantheon.j2" + dest: "~/lacchain/start-pantheon.sh" + mode: 0775 + force: yes + +- name: Generate Pantheon configuration file + template: + src: "pantheon-config.j2" + dest: "~/lacchain/config.toml" + mode: 0775 + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/pantheon.service" + dest: /lib/systemd/system/pantheon.service + mode: 0775 + +- name: Copy Log configuration file to lacchain + copy: + src: "{{ role_path }}/files/log.xml" + dest: "~/lacchain/log.xml" + mode: 0775 + +- name: Enable service pantheon + service: + name: pantheon + enabled: yes diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/init-orion.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/init-orion.yaml new file mode 100755 index 00000000..55ce9d84 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/init-orion.yaml @@ -0,0 +1,48 @@ +--- +- name: initializing constellation + debug: + msg: initializing constellation + +- name: create orion directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/orion", mode: "0440" } + - { dest: "~/lacchain/orion/keystore", mode: "0440" } + +- name: copy password to file + copy: + dest: ~/lacchain/tmp/.account_pass + content: | + {{password}} + +- name: generate configuration orion file + template: + src: "orion.j2" + dest: "~/lacchain/orion/orion.conf" + force: yes + +- name: generate pair keys + shell: cat ~/lacchain/tmp/.account_pass | orion --generatekeys nodeKey + args: + chdir: ~/lacchain/orion/keystore + +- name: Generate shell script to execute orion service + template: + src: "startorion.j2" + dest: "~/lacchain/start-orion.sh" + mode: 0775 + force: yes + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/orion.service" + dest: /lib/systemd/system/orion.service + mode: 0775 + +- name: Enable service orion + service: + name: orion + enabled: yes diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-besu.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-besu.yaml new file mode 100755 index 00000000..75a3e03c --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-besu.yaml @@ -0,0 +1,75 @@ +--- +- name: Install besu + debug: + msg: "Installing Besu" + +- name: previous clearing + shell: rm -rf /tmp/besu && mkdir /tmp/besu + args: + warn: false + +- name: pull besu binaries + get_url: + url: "https://hyperledger.jfrog.io/ui/api/v1/download?repoKey=besu-binaries&path=besu%2F{{ besu_release_version }}%2Fbesu-{{ besu_release_version }}.tar.gz" + dest: "/tmp/besu/besu.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Besu tarball + unarchive: + src: "/tmp/besu/besu.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * besu + args: + chdir: /tmp/transit + +- name: Deleting old folders + shell: rm -rf /usr/local/besu + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/besu /usr/local + + #removing old link +- name: Deleting old installed versions of besu or pantheon + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Symbolic link for besu (pantheon and besu are linked to BESU) + file: + src: "/usr/local/besu/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "besu", dest: "pantheon" } + - { src: "besu.bat", dest: "pantheon.bat" } + - { src: "besu", dest: "besu" } + - { src: "besu.bat", dest: "besu.bat" } + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit /tmp/besu + args: + warn: false diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-docker-redhat.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-docker-redhat.yaml new file mode 100755 index 00000000..b8c5b3df --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-docker-redhat.yaml @@ -0,0 +1,52 @@ +--- +# tasks file for docker-ce-ansible-role + +- name: Remove previous docker installation + yum: + name: "{{ docker_cleanup_packages_EL }}" + state: absent + +- name: Install prerequisite packages + yum: + name: "{{ docker_prerequisite_packages_EL }}" + state: present + +- name: Enable additional repository (for RHEL only) + rhsm_repository: + name: "rhel-7-server-extras-rpms" + state: present + when: ansible_distribution == "RedHat" + +- name: Install additional prerequisite packages (for RHEL only) + yum: + name: "{{ docker_prerequisite_packages_EL_RHEL }}" + state: present + when: ansible_distribution == "RedHat" + +- name: Import Docker CE repository gpg key + rpm_key: + key: https://download.docker.com/linux/centos/gpg + state: present + +- name: Add Docker CE repository + get_url: + url: https://download.docker.com/linux/centos/docker-ce.repo + dest: /etc/yum.repos.d/docker-ce.repo + force: yes + owner: root + group: root + mode: 0644 + +- name: Install Docker CE + yum: + name: docker-ce + state: present + update_cache: yes + +- name: Enable docker + shell: systemctl enable docker.service + become: yes + +- name: Start docker + shell: systemctl start docker.service + become: yes diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-docker-ubuntu.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-docker-ubuntu.yaml new file mode 100755 index 00000000..9bdd6575 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-docker-ubuntu.yaml @@ -0,0 +1,35 @@ +--- +# tasks file for docker-ce-ansible-role + +- name: Remove previous docker installation + apt: + name: "{{ docker_cleanup_packages_Ubuntu }}" + state: absent + +- name: Install prerequisite packages + apt: + name: "{{ docker_prerequisite_packages_Ubuntu }}" + state: present + +- name: Install prerequisite packages (for Ubuntu 14.04 only) + apt: + name: "{{ docker_prerequisite_packages_Ubuntu_1404 }}" + state: present + when: ansible_distribution_version == "14.04" + +- name: Import Docker CE repository gpg key + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + +- name: Add Docker CE repository + apt_repository: + repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable" + state: present + +- name: Install Docker CE + apt: + name: docker-ce + state: present + update_cache: yes diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-java-centos.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-java-centos.yaml new file mode 100755 index 00000000..59655d11 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-java-centos.yaml @@ -0,0 +1,16 @@ +- name: Get java version + shell: ls | grep "jdk-11" | grep "_linux-x64_bin.rpm" + args: + chdir: "{{oracle_java_dir_source}}" + register: oracle_java_rpm_filename + +- name: Print found Java version + debug: + msg: "Found java version: {{ oracle_java_rpm_filename.stdout}}" + + +- name: install java + package: + name="{{ oracle_java_dir_source }}/{{ oracle_java_rpm_filename.stdout }}" + state=present + become: yes \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-java-ubuntu.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-java-ubuntu.yaml new file mode 100755 index 00000000..623bb600 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-java-ubuntu.yaml @@ -0,0 +1,41 @@ +--- +# file: oracle-java/tasks/installation/debian/main.yml +# +# Task file to install Oracle Java Development Kit in a system with a Debian based Linux distribution. +# + +- name: debian | ensure the apt repository key is present + apt_key: id="{{ oracle_java_apt_repository_key }}" + keyserver=keyserver.ubuntu.com + state=present + when: oracle_java_apt_repository_key is defined + +#become: yes +- name: debian | ensure the apt repository is present + apt_repository: repo="{{ oracle_java_apt_repository }}" + update_cache=yes + state=present + +#become: yes +- name: debian | set license as accepted + debconf: name="{{ oracle_java_deb_package }}" + question="{{ oracle_java_license_version }}" + value='true' + vtype='select' + +#become: yes +- name: debian | ensure Java is installed + apt: name="{{ oracle_java_deb_package }}" + state={{ oracle_java_state }} + cache_valid_time={{ oracle_java_cache_valid_time }} + update_cache=yes + register: oracle_java_task_apt_install +#become: yes + +#- name: debian | set Java version as default +# apt: name="{{ oracle_java_debconf_package_default }}" +# state=latest +# register: oracle_java_task_set_default +# when: oracle_java_set_as_default +# become: yes + diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-orion.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-orion.yaml new file mode 100755 index 00000000..48f6e9be --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install-orion.yaml @@ -0,0 +1,32 @@ +--- +- name: Install orion + debug: + msg: "Installing Orion" + +- name: Include installation libsodium for {{ ansible_distribution }} + import_tasks: "ubuntu-install-libsodium.yaml" + when: ansible_distribution |lower == 'ubuntu' + +- name: Include installation leveldb for {{ ansible_distribution }} + import_tasks: "ubuntu-install-leveldb.yaml" + when: ansible_distribution |lower == 'ubuntu' + +- name: Download Orion Binaries + get_url: + url: "https://bintray.com/consensys/binaries/download_file?file_path=orion-1.3.2.tar.gz" + dest: "/tmp" + +- name: Extract the Orion tarball + unarchive: + src: "/tmp/orion-1.3.2.tar.gz" + dest: /usr/local + copy: no + +- name: Symbolic link for orion + file: + src: "/usr/local/orion-1.3.2/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "orion", dest: "orion" } + - { src: "orion.bat", dest: "orion.bat" } diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install.yaml new file mode 100755 index 00000000..47057231 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/install.yaml @@ -0,0 +1,40 @@ +--- +- name: install dependencies for {{ ansible_distribution }} + import_tasks: "ubuntu-dependencies.yml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: install dependencies for {{ ansible_distribution }} +# import_tasks: "rhel-dependencies.yml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install java for {{ ansible_distribution }} + import_tasks: "install-java-ubuntu.yaml" + when: ansible_distribution |lower == 'ubuntu' + +- name: install java for {{ ansible_distribution }} + import_tasks: "install-java-centos.yaml" + when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install docker for {{ ansible_distribution }} + import_tasks: "install-docker-ubuntu.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: install docker for {{ ansible_distribution }} +# import_tasks: "install-docker-redhat.yaml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install besu + import_tasks: "install-besu.yaml" + +- name: init besu + import_tasks: "init-besu.yaml" + +- name: start node + import_tasks: "start-node.yaml" + when: first_node + +- name: start ethstats client + import_tasks: "start-ethstats-client.yaml" + +- name: clean files + import_tasks: "clean-files.yaml" diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/main.yml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/main.yml new file mode 100755 index 00000000..73b6ffc5 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Install Bootnode + import_tasks: "install.yaml" + when: install == true + +- name: Update Bootnode + import_tasks: "update.yaml" diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/rhel-dependencies.yml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/rhel-dependencies.yml new file mode 100755 index 00000000..81744d9b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/rhel-dependencies.yml @@ -0,0 +1,28 @@ +--- +- name: download epel repository + get_url: + url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm" + dest: "/tmp/epel-release-latest-7.noarch.rpm" + +- name: install epel repository + yum: + name: "/tmp/epel-release-latest-7.noarch.rpm" + +- name: install dependencies for {{ ansible_distribution }} + yum: + name: "{{ item }}" + with_items: + - "*" + - "gmp-devel" + - "gcc" + - "gcc-c++" + - "make" + - "openssl-devel" + - "libdb-devel" + - "ncurses-devel" + - "wget" + - "nmap-ncat" + - "libsodium-devel" + - "libdb-devel" + - "leveldb-devel" + - "git" diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-ethstats-client.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-ethstats-client.yaml new file mode 100755 index 00000000..3de3cee9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-ethstats-client.yaml @@ -0,0 +1,3 @@ +--- +- name: start docker ethstats client + shell: mkdir -p /opt/ethstats-cli && docker run -d --log-driver json-file --log-opt max-size=1m --log-opt max-file=1 --restart always --net host -v /opt/ethstats-cli/:/root/.config/configstore/ alethio/ethstats-cli --register --account-email {{node_email}} --node-name "{{node_name}}" --server-url http://35.236.236.77:3000 --client-url ws://127.0.0.1:4546 diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-node.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-node.yaml new file mode 100755 index 00000000..3ee0fd68 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-node.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Pantheon Node + debug: + msg: Starting Pantheon Node + +- name: Execute Pantheon service + service: + name: pantheon + state: started diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-orion.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-orion.yaml new file mode 100755 index 00000000..9b3de46b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/start-orion.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Orion Enclave + debug: + msg: Starting Orion Node + +- name: Execute Orion service + service: + name: orion + state: started \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/stop-node.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/stop-node.yaml new file mode 100755 index 00000000..20960d98 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/stop-node.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Besu Node + debug: + msg: Stopping Besu Node + +- name: Stop Pantheon service + service: + name: pantheon + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/stop-orion.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/stop-orion.yaml new file mode 100755 index 00000000..389e553a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/stop-orion.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Orion Enclave + debug: + msg: Stopping Orion Node + +- name: Stop Orion service + service: + name: orion + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-dependencies.yml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-dependencies.yml new file mode 100755 index 00000000..60d165a8 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-dependencies.yml @@ -0,0 +1,19 @@ +--- +- name: install dependencies for {{ ansible_distribution }} + apt: + name: "{{ item }}" + with_items: + - software-properties-common + - unzip + - wget + - git + - make + - gcc + # - libsodium-dev + - build-essential + - libdb-dev + - zlib1g-dev + - libtinfo-dev + - sysvbanner + - psmisc + - libdb5.3-dev diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-fix-libsodium.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-fix-libsodium.yaml new file mode 100755 index 00000000..65e30962 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-fix-libsodium.yaml @@ -0,0 +1,44 @@ +--- +- name: get packages and verify if libsodium is already installed + shell: dpkg --get-selections | grep -w install |grep libsodium | awk '{print $1}' + register: list_packages + when: ansible_distribution |lower == 'ubuntu' + +- name: Copy deb packages of libsodium on Ubuntu equal to 16.04 + copy: + src: "{{ role_path }}/files/{{ item }}" + dest: "/tmp/{{ item }}" + with_items: + - "libsodium18_1.0.8-5_amd64.deb" + - "libsodium-dev_1.0.8-5_amd64.deb" + when: ( ansible_distribution |lower == 'ubuntu' and ansible_distribution_version | truncate(2, True, '') > 16 ) + +- name: Install libsodium on Ubuntu > 16.04 + shell: "dpkg -i /tmp/{{ item }}" + with_items: + - "libsodium18_1.0.8-5_amd64.deb" + - "libsodium-dev_1.0.8-5_amd64.deb" + when: ( ansible_distribution |lower == 'ubuntu' and ansible_distribution_version | truncate(2, True, '') > 16 ) or + ( list_packages.stdout.split() == '') + +- debug: + msg: + - "Package {{ item }} is already installed" + with_items: + - "{{ list_packages.stdout.split() }}" + when: ansible_distribution |lower == 'ubuntu' + +- name: Install libsodium on Ubuntu equal to 16.04 + apt: + name: "{{ item }}" + with_items: + - libleveldb-dev + - libsodium-dev + when: ( ansible_distribution |lower == 'ubuntu' and ansible_distribution_version | truncate(2, True, '') == 16 ) + +- name: set symbolic links to libsodium + file: + src: "/usr/lib/x86_64-linux-gnu/libsodium.so" + dest: "/lib64/libsodium.so.18" + state: link + when: ( ansible_distribution |lower == 'ubuntu' ) \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-leveldb.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-leveldb.yaml new file mode 100755 index 00000000..1a863c0e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-leveldb.yaml @@ -0,0 +1,59 @@ +--- +- name: download leveldb + get_url: + url: "{{leveldburi}}/{{leveldb_version}}/sha512/{{ leveldbtempnumber }}/{{leveldb_version}}" + dest: "/tmp/{{leveldb_version}}" + +- name: Extract leveldb + unarchive: + src: "/tmp/{{leveldb_version}}" + dest: "/tmp" + copy: no + +- name: Set command Shell + lineinfile: + path: /tmp/{{leveldb_release}}/Makefile + regexp: '^(.*)./build_detect_platform(.*)$' + line: ' sh ./build_detect_platform build_config.mk ./)' + backrefs: yes + +- name: make leveldb + shell: make + args: + chdir: "/tmp/{{leveldb_release}}" + +- name: move ibleveldb.* + copy: + src: "/tmp/{{leveldb_release}}/out-static/{{ item }}" + dest: "/usr/local/lib" + remote_src: yes + with_items: + - libleveldb.a + - libmemenv.a + +- name: move ibleveldb.* + copy: + src: "/tmp/{{leveldb_release}}/out-shared/{{ item }}" + dest: "/usr/local/lib" + remote_src: yes + with_items: + - libleveldb.so.1.20 + - libleveldb.so + - libleveldb.so.1 + +#- name: symbolic link for liblevel +# file: +# src: "/usr/local/lib/libleveldb.so.1.9" +# dest: "/usr/local/lib/{{ item }}" +# state: link +# with_items: +# - "libleveldb.so" +# - "libleveldb.so.1" + +- name: move leveldb folder + command: "cp -R leveldb /usr/local/lib" + args: + chdir: "/tmp/{{leveldb_release}}/include" + notify: run ldconfig + +- meta: flush_handlers diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-libsodium.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-libsodium.yaml new file mode 100755 index 00000000..198f7b5a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/ubuntu-install-libsodium.yaml @@ -0,0 +1,18 @@ +--- +# Installing libsodium +- name: Download libsodium tar + get_url: + url: "{{libsodium_base_url}}/{{libsodium_version}}" + dest: "/tmp/{{libsodium_version}}" + mode: 0440 + +- name: Extract the libsodium tarball + unarchive: + src: "/tmp/{{libsodium_version}}" + dest: /usr/local + copy: no + +- name: "Installing libsodium" + shell: sh ./configure && make && make check && make install + args: + chdir: "/usr/local/libsodium-stable" diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update-besu.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update-besu.yaml new file mode 100755 index 00000000..4e32bda5 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update-besu.yaml @@ -0,0 +1,81 @@ +--- +- name: Update besu + debug: + msg: "Updating Besu" + +- name: previous clearing + shell: rm -rf /tmp/besu && mkdir /tmp/besu + args: + warn: false + +- name: pull besu binaries + get_url: + url: "https://hyperledger.jfrog.io/ui/api/v1/download?repoKey=besu-binaries&path=besu%2F{{ besu_release_version }}%2Fbesu-{{ besu_release_version }}.tar.gz" + dest: "/tmp/besu/besu.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Besu tarball + unarchive: + src: "/tmp/besu/besu.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * besu + args: + chdir: /tmp/transit + +- name: stop besu #stopping node before starting the update process + import_tasks: "stop-node.yaml" + +- name: Deleting old folders + shell: rm -rf /usr/local/besu + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/besu /usr/local + + #removing old link +- name: Deleting old installed versions of besu or pantheon + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Symbolic link for besu (pantheon and besu are linked to BESU) + file: + src: "/usr/local/besu/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "besu", dest: "pantheon" } + - { src: "besu.bat", dest: "pantheon.bat" } + - { src: "besu", dest: "besu" } + - { src: "besu.bat", dest: "besu.bat" } + +- name: start node + import_tasks: "start-node.yaml" + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit /tmp/besu + args: + warn: false diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update-orion.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update-orion.yaml new file mode 100755 index 00000000..0295f1a8 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update-orion.yaml @@ -0,0 +1,80 @@ +--- +- name: Update orion + debug: + msg: "Updating Orion" + +- name: previous clearing + shell: rm -rf /tmp/orion && mkdir /tmp/orion + args: + warn: false + +- name: pull orion binaries + get_url: + url: "https://bintray.com/consensys/binaries/download_file?file_path=orion-{{ orion_release_version}}.tar.gz" + dest: "/tmp/orion/orion.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Orion tarball + unarchive: + src: "/tmp/orion/orion.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * orion + args: + chdir: /tmp/transit + +- name: stop enclave #stopping node before starting the update process + import_tasks: "stop-orion.yaml" + +- name: stop pantheon #stopping node before starting the update process + import_tasks: "stop-node.yaml" + +- name: Deleting old folders + shell: rm -rf /usr/local/orion + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/orion /usr/local + +- name: Deleting old installed versions of orion + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "orion" } + - { dest: "orion.bat" } + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "orion" } + - { dest: "orion.bat" } + +- name: Symbolic link for orion + file: + src: "/usr/local/orion/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "orion", dest: "orion" } + - { src: "orion.bat", dest: "orion.bat" } + +- name: start orion + import_tasks: "start-orion.yaml" + +- name: start besu + import_tasks: "start-node.yaml" + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit && rm -rf /tmp/orion + args: + warn: false \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update.yaml b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update.yaml new file mode 100755 index 00000000..6710538e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tasks/update.yaml @@ -0,0 +1,3 @@ +--- +- name: Update Besu Node + import_tasks: "update-besu.yaml" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/templates/java.j2 b/instalacao-rbb-node/roles/lacchain-bootnode/templates/java.j2 new file mode 100755 index 00000000..27818aab --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/templates/java.j2 @@ -0,0 +1,6 @@ +#!/bin/bash + +export GOHOME="{{ javahome }}" +export GOPATH="$HOME/workspace" + +export PATH=$PATH:{{ javahome }}/bin \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/templates/orion.j2 b/instalacao-rbb-node/roles/lacchain-bootnode/templates/orion.j2 new file mode 100755 index 00000000..a26b0d54 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/templates/orion.j2 @@ -0,0 +1,11 @@ +#!/bin/bash + +nodeurl = "http://127.0.0.1:4040/" +nodeport = 4040 +nodenetworkinterface = "0.0.0.0" +clienturl = "http://127.0.0.1:4444/" +clientport = 4444 +publickeys = ["/root/lacchain/orion/keystore/nodeKey.pub"] +privatekeys = ["/root/lacchain/orion/keystore/nodeKey.key"] +passwords = "/root/lacchain/tmp/.account_pass" +tls = "off" diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/templates/pantheon-config.j2 b/instalacao-rbb-node/roles/lacchain-bootnode/templates/pantheon-config.j2 new file mode 100755 index 00000000..5ae3953d --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/templates/pantheon-config.j2 @@ -0,0 +1,24 @@ +# RPC +rpc-http-enabled=true +graphql-http-enabled=true +rpc-ws-enabled=true +rpc-http-port=4545 +graphql-http-port=4547 +rpc-ws-port=4546 +rpc-http-api=["ETH","NET","IBFT"] +## Uncomment the following lines to allow RPC from remote locations (risky) +# host-whitelist=["*"] +# rpc-http-host="0.0.0.0" +# graphql-http-host="0.0.0.0" + +# Orion +#privacy-enabled=false +#privacy-url="http://127.0.0.1:4444" +#privacy-public-key-file="/root/lacchain/orion/keystore/nodeKey.pub" + +# Networking +p2p-host="{{node_ip}}" +p2p-port=60606 + +# Gas +min-gas-price=0 diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/templates/startorion.j2 b/instalacao-rbb-node/roles/lacchain-bootnode/templates/startorion.j2 new file mode 100755 index 00000000..d21d79fa --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/templates/startorion.j2 @@ -0,0 +1,3 @@ +#!/bin/bash + +orion /root/lacchain/orion/orion.conf \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/templates/startpantheon.j2 b/instalacao-rbb-node/roles/lacchain-bootnode/templates/startpantheon.j2 new file mode 100755 index 00000000..ec4179a3 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/templates/startpantheon.j2 @@ -0,0 +1,3 @@ +#!/bin/bash + +LOG4J_CONFIGURATION_FILE=/root/lacchain/log.xml pantheon --data-path /root/lacchain/data --genesis-file=/root/lacchain/data/genesis.json --network-id {{net_id}} --permissions-nodes-contract-enabled --permissions-nodes-contract-address=0x0000000000000000000000000000000000009999 --config-file=/root/lacchain/config.toml --metrics-push-enabled --metrics-push-port=9091 --metrics-push-host=35.184.17.253 --metrics-push-prometheus-job="{{node_name}}" --bootnodes \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tests/inventory b/instalacao-rbb-node/roles/lacchain-bootnode/tests/inventory new file mode 100755 index 00000000..878877b0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/tests/test.yml b/instalacao-rbb-node/roles/lacchain-bootnode/tests/test.yml new file mode 100755 index 00000000..f8f2a01c --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - lacchain-validator-node diff --git a/instalacao-rbb-node/roles/lacchain-bootnode/vars/main.yml b/instalacao-rbb-node/roles/lacchain-bootnode/vars/main.yml new file mode 100755 index 00000000..5046856f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-bootnode/vars/main.yml @@ -0,0 +1,34 @@ +--- +# initdb +leveldburi: "https://src.fedoraproject.org/lookaside/pkgs/leveldb/" +leveldbtempnumber: "c59258f2f58ce2d5680e9ab3da4ab0923d91cd4648dcf63cdaa26cdde92bf45e094544539ad11d8e09a4a4813435286143ed0e86c21c6c31a0596903ed4744d2" +leveldb_version: "leveldb-1.20.tar.gz" +leveldb_release: "leveldb-1.20" + +# vars node +node_type: "validator" +net_id: 648629 +time: '{{lookup(''pipe'',''date "+%Y-%m-%d %H:%M:%S"'')}}' + +# vars for libsodium +libsodium_base_url: https://download.libsodium.org/libsodium/releases +libsodium_version: libsodium-1.0.17-stable.tar.gz + +# vars file for java +java_rel: "java11.02" +javahome: "/usr/local/java" +file_owner: pantheon + +oracle_java_apt_repository: "ppa:linuxuprising/java" +oracle_java_cache_valid_time: 3600 +oracle_java_deb_package: "oracle-java11-installer-local" +oracle_java_debconf_package_default: "oracle-java11-set-default" +oracle_java_home: "/usr/lib/jvm/java-11-oracle" +oracle_java_license_version: "shared/accepted-oracle-license-v1-2" +oracle_java_state: latest + +#CENTOS -REDHAT +oracle_java_dir_source: '/usr/local/src' + +#### +mode: "auto" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/README.md b/instalacao-rbb-node/roles/lacchain-validator-node/README.md new file mode 100755 index 00000000..225dd44b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/defaults/java-debian-ubuntu.yml b/instalacao-rbb-node/roles/lacchain-validator-node/defaults/java-debian-ubuntu.yml new file mode 100755 index 00000000..807b9bd0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/defaults/java-debian-ubuntu.yml @@ -0,0 +1,12 @@ +--- +# file: laccchain-validator-node/defaults/java-debian-ubuntu.yml +# +# Default java variables for Ubuntu Linux distributions. +# +oracle_java_apt_repository: "ppa:linuxuprising/java" +oracle_java_cache_valid_time: 3600 +oracle_java_deb_package: "oracle-java11-installer-local" +oracle_java_debconf_package_default: "oracle-java11-set-default" +oracle_java_home: "/usr/lib/jvm/java-11-oracle" +oracle_java_license_version: "shared/accepted-oracle-license-v1-2" +oracle_java_state: latest diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/defaults/java-redhat.yml b/instalacao-rbb-node/roles/lacchain-validator-node/defaults/java-redhat.yml new file mode 100755 index 00000000..99509ec6 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/defaults/java-redhat.yml @@ -0,0 +1,14 @@ +--- +# file: lacchain-validator-node/defaults/java-redhat.yml +# +# Default variables for Redhat-based Linux distributions. +# + +oracle_java_dir_source: "/usr/local/src" +oracle_java_download_timeout: 60 +oracle_java_rpm_filename: "jdk-11.0.2_linux-x64_bin.rpm" +oracle_java_home: "/usr/java/default" +oracle_java_rpm_url: "http://download.oracle.com/otn-pub/java/jdk/11.0.2+9/f51449fcd52f4d52b93a989c5c56ed3c/jdk-11.0.2_linux-x64_bin.rpm" +oracle_java_rpm_validate_certs: yes +oracle_java_version: 11 +oracle_java_version_string: 11.0.2 diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/defaults/main.yml b/instalacao-rbb-node/roles/lacchain-validator-node/defaults/main.yml new file mode 100755 index 00000000..b11dd2e3 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/defaults/main.yml @@ -0,0 +1,32 @@ +--- +# defaults file for docker-ce-ansible-role + +docker_state: present + +docker_cleanup_packages_EL: + - "docker" + - "docker-common" + - "docker-client" + - "docker-engine" + +docker_cleanup_packages_Ubuntu: + - "docker.io" + - "docker-engine" + - "containerd" + +docker_prerequisite_packages_Ubuntu: + - "apt-transport-https" + - "ca-certificates" + - "curl" + - "software-properties-common" + +docker_prerequisite_packages_EL: + - "device-mapper-persistent-data" + - "lvm2" + +docker_prerequisite_packages_EL_RHEL: + - "container-selinux" + +docker_prerequisite_packages_Ubuntu_1404: + - "linux-image-extra-{{ ansible_kernel }}" + - "linux-image-extra-virtual" diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/genesis.json b/instalacao-rbb-node/roles/lacchain-validator-node/files/genesis.json new file mode 100755 index 00000000..fa05a352 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/genesis.json @@ -0,0 +1,47 @@ +{ + "config": { + "chainId": 648629, + "constantinopleFixBlock": 0, + "contractSizeLimit": 2147483647, + "ibft2": { + "blockperiodseconds": 2, + "epochlength": 30000, + "requesttimeoutseconds": 4 + } + }, + "nonce": "0x0", + "timestamp": "0x58ee40ba", + "extraData": "0xf83ea00000000000000000000000000000000000000000000000000000000000000000d5945bcdbcc9fb38a57c4f04e4a40ee906ca4861984b808400000000c0", + "gasLimit": "0x2FEFD800", + "difficulty": "0x1", + "mixHash": "0x63746963616c2062797a616e74696e65206661756c7420746f6c6572616e6365", + "coinbase": "0x0000000000000000000000000000000000000000", + "alloc": { + "0xF53Ccfc9747E1a781F4e43638b50470e69D140Cb": { + "balance": "1000000000000000000000000000" + }, + "0x749e5F3842Ce88a655BCf00DBb026C1A6734214c": { + "balance": "1000000000000000000000000000" + }, + "0x0000000000000000000000000000000000008888": { + "comment": "Account Ingress smart contract", + "balance": "0", + "code": "608060405234801561001057600080fd5b50600436106100bb576000357c0100000000000000000000000000000000000000000000000000000000900480638aa10435116100835780638aa10435146101f9578063936421d514610217578063a43e04d814610348578063e001f8411461038e578063fe9fbb80146103f4576100bb565b80630d2020dd146100c057806310d9042e1461012e578063116013061461018d5780631e7c27cb146101ab5780634dc3fefc146101c9575b600080fd5b6100ec600480360360208110156100d657600080fd5b8101908080359060200190929190505050610450565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b610136610508565b6040518080602001828103825283818151815260200191508051906020019060200280838360005b8381101561017957808201518184015260208101905061015e565b505050509050019250505060405180910390f35b610195610560565b6040518082815260200191505060405180910390f35b6101b3610566565b6040518082815260200191505060405180910390f35b6101f7600480360360208110156101df57600080fd5b8101908080351515906020019092919050505061056c565b005b610201610665565b6040518082815260200191505060405180910390f35b61032e600480360360c081101561022d57600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803590602001909291908035906020019092919080359060200190929190803590602001906401000000008111156102a857600080fd5b8201836020820111156102ba57600080fd5b803590602001918460018302840111640100000000831117156102dc57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600081840152601f19601f82011690508083019250505050505050919291929050505061066f565b604051808215151515815260200191505060405180910390f35b6103746004803603602081101561035e57600080fd5b8101908080359060200190929190505050610889565b604051808215151515815260200191505060405180910390f35b6103da600480360360408110156103a457600080fd5b8101908080359060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610b6e565b604051808215151515815260200191505060405180910390f35b6104366004803603602081101561040a57600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610f1b565b604051808215151515815260200191505060405180910390f35b60008060010282116104ca576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b6003600083815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff169050919050565b6060600280548060200260200160405190810160405280929190818152602001828054801561055657602002820191906000526020600020905b815481526020019060010190808311610542575b5050505050905090565b60005481565b60015481565b3373ffffffffffffffffffffffffffffffffffffffff16600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1614610627576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260338152602001806111106033913960400191505060405180910390fd5b7f9a90898411a81dd648299737f986c95672bedd792b2c45a5c158d8365d54575f81604051808215151515815260200191505060405180910390a150565b6000600454905090565b60008073ffffffffffffffffffffffffffffffffffffffff16610693600054610450565b73ffffffffffffffffffffffffffffffffffffffff1614156106b8576001905061087f565b600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663936421d58888888888886040518763ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808773ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200185815260200184815260200183815260200180602001828103825283818151815260200191508051906020019080838360005b838110156107f25780820151818401526020810190506107d7565b50505050905090810190601f16801561081f5780820380516001836020036101000a031916815260200191505b5097505050505050505060206040518083038186803b15801561084157600080fd5b505afa158015610855573d6000803e3d6000fd5b505050506040513d602081101561086b57600080fd5b810190808051906020019092919050505090505b9695505050505050565b6000806001028211610903576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b600060028054905011610961576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252604781526020018061116e6047913960600191505060405180910390fd5b61096a33610f1b565b6109bf576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b815260200180611143602b913960400191505060405180910390fd5b60008090505b600280549050811015610b635782600282815481106109e057fe5b90600052602060002001541415610b56576003600060028381548110610a0257fe5b90600052602060002001548152602001908152602001600020600080820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690556001820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690555050600260016002805490500381548110610a8157fe5b906000526020600020015460028281548110610a9957fe5b9060005260206000200181905550600260016002805490500381548110610abc57fe5b90600052602060002001600090556002805480919060019003610adf9190611078565b507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af600084604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a16001915050610b69565b80806001019150506109c5565b50600090505b919050565b6000806001028311610be8576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b610bf133610f1b565b610c46576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b815260200180611143602b913960400191505060405180910390fd5b610c4e6110a4565b600360008581526020019081526020016000206040518060400160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020016001820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815250509050600073ffffffffffffffffffffffffffffffffffffffff16816020015173ffffffffffffffffffffffffffffffffffffffff161415610dc75760405180604001604052803373ffffffffffffffffffffffffffffffffffffffff1681526020018473ffffffffffffffffffffffffffffffffffffffff1681525090506002849080600181540180825580915050906001820390600052602060002001600090919290919091505550610e00565b82816020019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff16815250505b806003600086815260200190815260200160002060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff1602179055509050507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af8385604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1600191505092915050565b60008073ffffffffffffffffffffffffffffffffffffffff16610f3f600154610450565b73ffffffffffffffffffffffffffffffffffffffff161415610f645760019050611073565b60036000600154815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663fe9fbb80836040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060206040518083038186803b15801561103557600080fd5b505afa158015611049573d6000803e3d6000fd5b505050506040513d602081101561105f57600080fd5b810190808051906020019092919050505090505b919050565b81548183558181111561109f5781836000526020600020918201910161109e91906110ea565b5b505050565b6040518060400160405280600073ffffffffffffffffffffffffffffffffffffffff168152602001600073ffffffffffffffffffffffffffffffffffffffff1681525090565b61110c91905b808211156111085760008160009055506001016110f0565b5090565b9056fe4f6e6c792052756c657320636f6e74726163742063616e20747269676765722052756c6573206368616e6765206576656e74734e6f7420617574686f72697a656420746f2075706461746520636f6e74726163742072656769737472792e4d7573742068617665206174206c65617374206f6e65207265676973746572656420636f6e747261637420746f20657865637574652064656c657465206f7065726174696f6e2ea165627a7a72305820084ef97932e13971f11fe752caa186aa7e7bb7cefe2b2382b528200d1213fcbf0029", + "storage": { + "0x0000000000000000000000000000000000000000000000000000000000000000": "0x72756c6573000000000000000000000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000001": "0x61646d696e697374726174696f6e000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000004": "0x0f4240" + } + }, + "0x0000000000000000000000000000000000009999": { + "comment": "Node Ingress smart contract", + "balance": "0", + "code": "60806040526004361061009e576000357c0100000000000000000000000000000000000000000000000000000000900480630d2020dd146100a357806310d9042e1461011e578063116013061461018a5780631e7c27cb146101b55780633620b1df146101e05780634dc3fefc146102a45780638aa10435146102e1578063a43e04d81461030c578063e001f8411461035f578063fe9fbb80146103d2575b600080fd5b3480156100af57600080fd5b506100dc600480360360208110156100c657600080fd5b810190808035906020019092919050505061043b565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b34801561012a57600080fd5b506101336104f5565b6040518080602001828103825283818151815260200191508051906020019060200280838360005b8381101561017657808201518184015260208101905061015b565b505050509050019250505060405180910390f35b34801561019657600080fd5b5061019f61054d565b6040518082815260200191505060405180910390f35b3480156101c157600080fd5b506101ca610553565b6040518082815260200191505060405180910390f35b3480156101ec57600080fd5b5061028e600480360361010081101561020457600080fd5b81019080803590602001909291908035906020019092919080356fffffffffffffffffffffffffffffffff19169060200190929190803561ffff169060200190929190803590602001909291908035906020019092919080356fffffffffffffffffffffffffffffffff19169060200190929190803561ffff169060200190929190505050610559565b6040518082815260200191505060405180910390f35b3480156102b057600080fd5b506102df600480360360208110156102c757600080fd5b81019080803515159060200190929190505050610746565b005b3480156102ed57600080fd5b506102f6610884565b6040518082815260200191505060405180910390f35b34801561031857600080fd5b506103456004803603602081101561032f57600080fd5b810190808035906020019092919050505061088e565b604051808215151515815260200191505060405180910390f35b34801561036b57600080fd5b506103b86004803603604081101561038257600080fd5b8101908080359060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610c2f565b604051808215151515815260200191505060405180910390f35b3480156103de57600080fd5b50610421600480360360208110156103f557600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050611023565b604051808215151515815260200191505060405180910390f35b600080600102821115156104b7576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b6003600083815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff169050919050565b6060600280548060200260200160405190810160405280929190818152602001828054801561054357602002820191906000526020600020905b81548152602001906001019080831161052f575b5050505050905090565b60005481565b60015481565b60008073ffffffffffffffffffffffffffffffffffffffff1661057d60005461043b565b73ffffffffffffffffffffffffffffffffffffffff1614156105c4577f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff600102905061073a565b600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16633620b1df8a8a8a8a8a8a8a8a6040518963ffffffff167c010000000000000000000000000000000000000000000000000000000002815260040180898152602001888152602001876fffffffffffffffffffffffffffffffff19166fffffffffffffffffffffffffffffffff191681526020018661ffff1661ffff168152602001858152602001848152602001836fffffffffffffffffffffffffffffffff19166fffffffffffffffffffffffffffffffff191681526020018261ffff1661ffff1681526020019850505050505050505060206040518083038186803b1580156106fc57600080fd5b505afa158015610710573d6000803e3d6000fd5b505050506040513d602081101561072657600080fd5b810190808051906020019092919050505090505b98975050505050505050565b3373ffffffffffffffffffffffffffffffffffffffff16600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16141515610846576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260338152602001807f4f6e6c792052756c657320636f6e74726163742063616e20747269676765722081526020017f52756c6573206368616e6765206576656e74730000000000000000000000000081525060400191505060405180910390fd5b7f66120f934b66d52127e448f8e94c2460ea62821335e0dd18e89ed38a4a09b41381604051808215151515815260200191505060405180910390a150565b6000600454905090565b6000806001028211151561090a576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b60006002805490501115156109d3576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260478152602001807f4d7573742068617665206174206c65617374206f6e652072656769737465726581526020017f6420636f6e747261637420746f20657865637574652064656c657465206f706581526020017f726174696f6e2e0000000000000000000000000000000000000000000000000081525060600191505060405180910390fd5b6109dc33611023565b1515610a76576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b8152602001807f4e6f7420617574686f72697a656420746f2075706461746520636f6e7472616381526020017f742072656769737472792e00000000000000000000000000000000000000000081525060400191505060405180910390fd5b60008090505b600280549050811015610c245782600282815481101515610a9957fe5b90600052602060002001541415610c175760036000600283815481101515610abd57fe5b90600052602060002001548152602001908152602001600020600080820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690556001820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff021916905550506002600160028054905003815481101515610b3e57fe5b9060005260206000200154600282815481101515610b5857fe5b90600052602060002001819055506002600160028054905003815481101515610b7d57fe5b90600052602060002001600090556002805480919060019003610ba09190611180565b507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af600084604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a16001915050610c2a565b8080600101915050610a7c565b50600090505b919050565b60008060010283111515610cab576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b610cb433611023565b1515610d4e576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b8152602001807f4e6f7420617574686f72697a656420746f2075706461746520636f6e7472616381526020017f742072656769737472792e00000000000000000000000000000000000000000081525060400191505060405180910390fd5b610d566111ac565b600360008581526020019081526020016000206040805190810160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020016001820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815250509050600073ffffffffffffffffffffffffffffffffffffffff16816020015173ffffffffffffffffffffffffffffffffffffffff161415610ecf5760408051908101604052803373ffffffffffffffffffffffffffffffffffffffff1681526020018473ffffffffffffffffffffffffffffffffffffffff1681525090506002849080600181540180825580915050906001820390600052602060002001600090919290919091505550610f08565b82816020019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff16815250505b806003600086815260200190815260200160002060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff1602179055509050507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af8385604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1600191505092915050565b60008073ffffffffffffffffffffffffffffffffffffffff1661104760015461043b565b73ffffffffffffffffffffffffffffffffffffffff16141561106c576001905061117b565b60036000600154815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663fe9fbb80836040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060206040518083038186803b15801561113d57600080fd5b505afa158015611151573d6000803e3d6000fd5b505050506040513d602081101561116757600080fd5b810190808051906020019092919050505090505b919050565b8154818355818111156111a7578183600052602060002091820191016111a691906111f2565b5b505050565b6040805190810160405280600073ffffffffffffffffffffffffffffffffffffffff168152602001600073ffffffffffffffffffffffffffffffffffffffff1681525090565b61121491905b808211156112105760008160009055506001016111f8565b5090565b9056fea165627a7a72305820983bfe3942b9e8017923c6c8ab25cd06562512a2ca87192d3dca6d6bfb17de9d0029", + "storage": { + "0x0000000000000000000000000000000000000000000000000000000000000000": "0x72756c6573000000000000000000000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000001": "0x61646d696e697374726174696f6e000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000004": "0x0f4240" + } + } + } +} diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/java-bin.sh b/instalacao-rbb-node/roles/lacchain-validator-node/files/java-bin.sh new file mode 100755 index 00000000..a0ef897f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/java-bin.sh @@ -0,0 +1 @@ +export PATH=$PATH:/usr/local/java/bin \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/java-path.sh b/instalacao-rbb-node/roles/lacchain-validator-node/files/java-path.sh new file mode 100755 index 00000000..54e43fce --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/java-path.sh @@ -0,0 +1,2 @@ +export JAVAPATH=$HOME/java +export PATH=$JAVAPATH/bin:$PATH \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/log.xml b/instalacao-rbb-node/roles/lacchain-validator-node/files/log.xml new file mode 100755 index 00000000..a61283d0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/log.xml @@ -0,0 +1,76 @@ + + + + INFO + %d{yyyy-MM-dd'T'HH:mm:ss.SSSZ} %p %m%n + + + + + %d %p %c{1.} [%t] %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/nodeAddress b/instalacao-rbb-node/roles/lacchain-validator-node/files/nodeAddress new file mode 100755 index 00000000..2b51dd75 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/nodeAddress @@ -0,0 +1 @@ +0x18af5bfa9222e79fb2793a2008ed0b3c8e900999 \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/orion.service b/instalacao-rbb-node/roles/lacchain-validator-node/files/orion.service new file mode 100755 index 00000000..90a3b0a2 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/orion.service @@ -0,0 +1,10 @@ +[Unit] +Description=Orion client + +[Service] +Type=simple +Restart=always +ExecStart=/root/lacchain/start-orion.sh + +[Install] +WantedBy=default.target diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/pantheon.service b/instalacao-rbb-node/roles/lacchain-validator-node/files/pantheon.service new file mode 100755 index 00000000..4692bbe1 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/pantheon.service @@ -0,0 +1,10 @@ +[Unit] +Description=Ethereum Pantheon client + +[Service] +Type=simple +Restart=always +ExecStart=/root/lacchain/start-pantheon.sh + +[Install] +WantedBy=default.target diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/permissions_config.toml b/instalacao-rbb-node/roles/lacchain-validator-node/files/permissions_config.toml new file mode 100755 index 00000000..45990e82 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/permissions_config.toml @@ -0,0 +1,2 @@ +accounts-whitelist=["0x18af5bfa9222e79fb2793a2008ed0b3c8e900999"] +nodes-whitelist=["enode://0fd7b7570bd37eb0bb21dabe543a811b8d4bb886af44db79e1990a1e5bc55c4ab9d42293dbcb550935ba5cde7d596176781301ce87d995159cc8537acc0a40f5@34.74.191.37:60606","enode://8b417b77f371836458da853d7e33241ee0f1e379e28045ac7adaeca2697b64bfa7b4cadcd5c8da6f5b39c1b503f4253a0c7f35643cef08b1aaf301b50995971c@34.73.199.100:60606","enode://f315dbc0e4a172a587121376b8c4fe591b832fbecd81fd7a98211a770aeb7fbfbb7a5a0318cc9e176996948bd42a211db660d7150a5b67fe7b59ca9ea2cc912c@35.243.157.207:60606","enode://6f1fd27306269dd11a5db0ee3c2d17067610fe7453d28d2a69d73f356640d1c30f01ffe62f3509afdc540526ee71cad476436c762cab5eaa25f14f729c019897@35.243.157.207:60606","enode://6f1fd27306269dd11a5db0ee3c2d17067610fe7453d28d2a69d73f356640d1c30f01ffe62f3509afdc540526ee71cad476436c762cab5eaa25f14f729c019897@35.243.157.207:60606","enode://e2735fd97bfdffcdbc8f6a770de38a475500c3b845b900cf60c0ac0fe361795f8cf4cd7f7d082dfef62b4462b700af02a4db48bafe223b4d895e62eccc03545f@35.243.157.207:60606","enode://f09595b21d6dc3834932c3192099f95eb0dc635f6f5dd31cf499e08d801a09de6633af409a199079a23169722fbb05a59e0cc4397a7854fe0946495d2c58ab65@35.243.157.207:60606","enode://065155cfc13968015d856e431c6b9ab56689a7196511e12d72eb375277e04a2d77d34308fb4fb218a46b167fdd2833242e8d0a69fcddee14893ac0994a860593@35.243.157.207:60606","enode://065155cfc13968015d856e431c6b9ab56689a7196511e12d72eb375277e04a2d77d34308fb4fb218a46b167fdd2833242e8d0a69fcddee14893ac0994a860593@35.243.157.207:60606","enode://065155cfc13968015d856e431c6b9ab56689a7196511e12d72eb375277e04a2d77d34308fb4fb218a46b167fdd2833242e8d0a69fcddee14893ac0994a860593@35.243.157.207:60606","enode://268db2e63bd626faeaaa7380262ee9e3a2dca85309b97dfad2ff725e59cfb8937a94a8914053369986e1aacbf435faa3d91cbe52bfc2e243300e9f31fd826ed6@35.243.157.207:60606","enode://268db2e63bd626faeaaa7380262ee9e3a2dca85309b97dfad2ff725e59cfb8937a94a8914053369986e1aacbf435faa3d91cbe52bfc2e243300e9f31fd826ed6@35.243.157.207:60606","enode://268db2e63bd626faeaaa7380262ee9e3a2dca85309b97dfad2ff725e59cfb8937a94a8914053369986e1aacbf435faa3d91cbe52bfc2e243300e9f31fd826ed6@35.243.157.207:60606","enode://268db2e63bd626faeaaa7380262ee9e3a2dca85309b97dfad2ff725e59cfb8937a94a8914053369986e1aacbf435faa3d91cbe52bfc2e243300e9f31fd826ed6@35.243.157.207:60606","enode://fb8ea7e32d40882eacbf5854659219616f5ef772119cc27177d9c935b5c9ea84a5e5912fab36533eb276ac4dd1f2759f9d0feeec64a5de541a09e4f7e1eae89e@35.196.9.100:60606","enode://f6e186aa13100414643544c1b54b0d87a300f3b111c4428bc469bc9c4b654d74de667236b148bf8ba62c98443016dd8ffcef0949dd6d3bb6c413f86d3f213f3e@35.196.9.100:60606","enode://f6e186aa13100414643544c1b54b0d87a300f3b111c4428bc469bc9c4b654d74de667236b148bf8ba62c98443016dd8ffcef0949dd6d3bb6c413f86d3f213f3e@35.196.9.100:60606","enode://f54c174f22a8c9f9ccf530cdce9c322f595eb514f8878cdadd721b8509ddc41374d4646d33c827063bb04db09fbde97758205af11c65ffca70ca67dc554b1857@177.223.197.118:60606","enode://941f5acce35a7628e712fb2ef8c57d43a5dbec5aa1b24fcd003f1e928a2f3426df8ee47f1ea61bc1a220b378584384c45c6075f78be1e4d01fbf2c5b8940c429@200.208.28.117:60606","enode://f54c174f22a8c9f9ccf530cdce9c322f595eb514f8878cdadd721b8509ddc41374d4646d33c827063bb04db09fbde97758205af11c65ffca70ca67dc554b1857@177.223.197.118:60606","enode://f54c174f22a8c9f9ccf530cdce9c322f595eb514f8878cdadd721b8509ddc41374d4646d33c827063bb04db09fbde97758205af11c65ffca70ca67dc554b1857@177.223.197.118:60606"] diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/files/static-nodes.json b/instalacao-rbb-node/roles/lacchain-validator-node/files/static-nodes.json new file mode 100755 index 00000000..d773c637 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/files/static-nodes.json @@ -0,0 +1,3 @@ +[ + "enode://8b417b77f371836458da853d7e33241ee0f1e379e28045ac7adaeca2697b64bfa7b4cadcd5c8da6f5b39c1b503f4253a0c7f35643cef08b1aaf301b50995971c@34.74.191.37:60606" +] diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/handlers/main.yml b/instalacao-rbb-node/roles/lacchain-validator-node/handlers/main.yml new file mode 100755 index 00000000..a4bc966a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/handlers/main.yml @@ -0,0 +1,4 @@ +--- +# handlers file for lacchain-writer-node +- name: run ldconfig + shell: ldconfig diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/meta/main.yml b/instalacao-rbb-node/roles/lacchain-validator-node/meta/main.yml new file mode 100755 index 00000000..adc97a8f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/meta/main.yml @@ -0,0 +1,59 @@ +galaxy_info: + author: Adrian Pareja + description: install pantheon node + company: everis + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Some suggested licenses: + # - BSD (default) + # - MIT + # - GPLv2 + # - GPLv3 + # - Apache + # - CC-BY + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 1.2 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + #github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: + [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: + [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/clean-files.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/clean-files.yaml new file mode 100755 index 00000000..38cae364 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/clean-files.yaml @@ -0,0 +1,10 @@ +--- +- name: Remove old constellation file + file: + path: ~/lacchain/tmp/permissioned-nodes_general.json + state: absent + +- name: Remove old permissioned nodes file + file: + path: ~/lacchain/tmp/permissioned-nodes_validator.json + state: absent diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/init-besu.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/init-besu.yaml new file mode 100755 index 00000000..13865d06 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/init-besu.yaml @@ -0,0 +1,83 @@ +--- +- name: Init pantheon + debug: + msg: "Init Pantheon" + +- name: create lacchain directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/data/keystore", mode: "0440" } + - { dest: "~/lacchain/logs", mode: "0440" } + - { dest: "~/lacchain/tmp", mode: "0440" } + +#- name: Copy password to file +# copy: +# dest: "~/lacchain/tmp/.account_pass" +# content: | +# {{password}} +# when: first_node + +- name: initializing pantheon from genesis.json + debug: + msg: Initializing Pantheon + +- name: Copy genesis ibft2.0 file + copy: + src: "{{ role_path }}/files/genesis.json" + dest: ~/lacchain/data/genesis.json + mode: 0755 + +- name: Copy node key to first validator node + copy: + src: "{{ role_path }}/files/key" + dest: ~/lacchain/data/key + mode: 0700 + when: first_node + +- name: Generate node key + shell: pantheon --data-path=/root/lacchain/data public-key export-address --to=/root/lacchain/data/nodeAddress | grep -oE "0x[A-Fa-f0-9]*" | sed 's/0x//' + register: enode_key + +- name: print enode key + debug: + msg: enode://{{enode_key.stdout}}@{{node_ip}}:60606 + +- name: copy address to first validator node + copy: + src: "{{ role_path }}/files/UTC--2017-09-20T08-43-59.003454005Z--58b8527743f89389b754c63489262fdfc9ba9db6" + dest: ~/lacchain/data/keystore/UTC--2017-09-20T08-43-59.003454005Z--58b8527743f89389b754c63489262fdfc9ba9db6 + mode: 0700 + when: first_node + +- name: Generate shell script to execute pantheon service + template: + src: "startpantheon.j2" + dest: "~/lacchain/start-pantheon.sh" + mode: 0775 + force: yes + +- name: Generate Pantheon configuration file + template: + src: "pantheon-config.j2" + dest: "~/lacchain/config.toml" + mode: 0775 + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/pantheon.service" + dest: /lib/systemd/system/pantheon.service + mode: 0775 + +- name: Copy Log configuration file to lacchain + copy: + src: "{{ role_path }}/files/log.xml" + dest: "~/lacchain/log.xml" + mode: 0775 + +- name: Enable service pantheon + service: + name: pantheon + enabled: yes diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/init-orion.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/init-orion.yaml new file mode 100755 index 00000000..7e255211 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/init-orion.yaml @@ -0,0 +1,73 @@ +--- +- name: initializing constellation + debug: + msg: initializing constellation + +- name: create orion directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/orion", mode: "0440" } + - { dest: "~/lacchain/orion/keystore", mode: "0440" } + +- name: copy password to file + copy: + dest: ~/lacchain/tmp/.account_pass + content: | + {{password}} + +#- name: Copy constellation nodes file +# copy: +# src: "{{ role_path }}/files/constellation-nodes.json" +# dest: ~/lacchain/tmp/constellation-nodes.json +# mode: 0755 + +#- name: update constellation node files +# replace: +# path: ~/lacchain/tmp/constellation-nodes.json +# regexp: '9000/"$' +# replace: '9000/",' + +#- name: update constellation nodes file +# lineinfile: +# path: ~/lacchain/tmp/constellation-nodes.json +# regexp: "$]$" +# insertbefore: "^]$" +# line: ' "https://{{node_ip.stdout}}:9000/"' + +#- name: Fetch constellation_nodes updated +# fetch: +# src: ~/lacchain/tmp/constellation-nodes.json +# dest: "{{ role_path }}/files/" +# flat: yes + +- name: generate configuration orion file + template: + src: "orion.j2" + dest: "~/lacchain/orion/orion.conf" + force: yes + +- name: generate pair keys + shell: cat ~/lacchain/tmp/.account_pass | orion --generatekeys nodeKey + args: + chdir: ~/lacchain/orion/keystore + +- name: Generate shell script to execute orion service + template: + src: "startorion.j2" + dest: "~/lacchain/start-orion.sh" + mode: 0775 + force: yes + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/orion.service" + dest: /lib/systemd/system/orion.service + mode: 0775 + +- name: Enable service orion + service: + name: orion + enabled: yes diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-besu.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-besu.yaml new file mode 100755 index 00000000..75a3e03c --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-besu.yaml @@ -0,0 +1,75 @@ +--- +- name: Install besu + debug: + msg: "Installing Besu" + +- name: previous clearing + shell: rm -rf /tmp/besu && mkdir /tmp/besu + args: + warn: false + +- name: pull besu binaries + get_url: + url: "https://hyperledger.jfrog.io/ui/api/v1/download?repoKey=besu-binaries&path=besu%2F{{ besu_release_version }}%2Fbesu-{{ besu_release_version }}.tar.gz" + dest: "/tmp/besu/besu.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Besu tarball + unarchive: + src: "/tmp/besu/besu.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * besu + args: + chdir: /tmp/transit + +- name: Deleting old folders + shell: rm -rf /usr/local/besu + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/besu /usr/local + + #removing old link +- name: Deleting old installed versions of besu or pantheon + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Symbolic link for besu (pantheon and besu are linked to BESU) + file: + src: "/usr/local/besu/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "besu", dest: "pantheon" } + - { src: "besu.bat", dest: "pantheon.bat" } + - { src: "besu", dest: "besu" } + - { src: "besu.bat", dest: "besu.bat" } + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit /tmp/besu + args: + warn: false diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-docker-redhat.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-docker-redhat.yaml new file mode 100755 index 00000000..757ca3b6 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-docker-redhat.yaml @@ -0,0 +1,52 @@ +--- +# tasks file for docker-ce-ansible-role + +- name: Remove previous docker installation + yum: + name: "{{ docker_cleanup_packages_EL }}" + state: absent + +- name: Install prerequisite packages + yum: + name: "{{ docker_prerequisite_packages_EL }}" + state: present + +- name: Enable additional repository (for RHEL only) + rhsm_repository: + name: "rhel-7-server-extras-rpms" + state: present + when: ansible_distribution == "RedHat" + +- name: Install additional prerequisite packages (for RHEL only) + yum: + name: "{{ docker_prerequisite_packages_EL_RHEL }}" + state: present + when: ansible_distribution == "RedHat" + +- name: Import Docker CE repository gpg key + rpm_key: + key: https://download.docker.com/linux/centos/gpg + state: present + +- name: Add Docker CE repository + get_url: + url: https://download.docker.com/linux/centos/docker-ce.repo + dest: /etc/yum.repos.d/docker-ce.repo + force: yes + owner: root + group: root + mode: 0644 + +- name: Install Docker CE + yum: + name: docker-ce + state: present + update_cache: yes + +- name: Enable docker + shell: systemctl enable docker.service + become: yes + +- name: Start docker + shell: systemctl start docker.service + become: yes diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-docker-ubuntu.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-docker-ubuntu.yaml new file mode 100755 index 00000000..9bdd6575 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-docker-ubuntu.yaml @@ -0,0 +1,35 @@ +--- +# tasks file for docker-ce-ansible-role + +- name: Remove previous docker installation + apt: + name: "{{ docker_cleanup_packages_Ubuntu }}" + state: absent + +- name: Install prerequisite packages + apt: + name: "{{ docker_prerequisite_packages_Ubuntu }}" + state: present + +- name: Install prerequisite packages (for Ubuntu 14.04 only) + apt: + name: "{{ docker_prerequisite_packages_Ubuntu_1404 }}" + state: present + when: ansible_distribution_version == "14.04" + +- name: Import Docker CE repository gpg key + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + +- name: Add Docker CE repository + apt_repository: + repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable" + state: present + +- name: Install Docker CE + apt: + name: docker-ce + state: present + update_cache: yes diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-java-centos.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-java-centos.yaml new file mode 100755 index 00000000..59655d11 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-java-centos.yaml @@ -0,0 +1,16 @@ +- name: Get java version + shell: ls | grep "jdk-11" | grep "_linux-x64_bin.rpm" + args: + chdir: "{{oracle_java_dir_source}}" + register: oracle_java_rpm_filename + +- name: Print found Java version + debug: + msg: "Found java version: {{ oracle_java_rpm_filename.stdout}}" + + +- name: install java + package: + name="{{ oracle_java_dir_source }}/{{ oracle_java_rpm_filename.stdout }}" + state=present + become: yes \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-java-ubuntu.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-java-ubuntu.yaml new file mode 100755 index 00000000..623bb600 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-java-ubuntu.yaml @@ -0,0 +1,41 @@ +--- +# file: oracle-java/tasks/installation/debian/main.yml +# +# Task file to install Oracle Java Development Kit in a system with a Debian based Linux distribution. +# + +- name: debian | ensure the apt repository key is present + apt_key: id="{{ oracle_java_apt_repository_key }}" + keyserver=keyserver.ubuntu.com + state=present + when: oracle_java_apt_repository_key is defined + +#become: yes +- name: debian | ensure the apt repository is present + apt_repository: repo="{{ oracle_java_apt_repository }}" + update_cache=yes + state=present + +#become: yes +- name: debian | set license as accepted + debconf: name="{{ oracle_java_deb_package }}" + question="{{ oracle_java_license_version }}" + value='true' + vtype='select' + +#become: yes +- name: debian | ensure Java is installed + apt: name="{{ oracle_java_deb_package }}" + state={{ oracle_java_state }} + cache_valid_time={{ oracle_java_cache_valid_time }} + update_cache=yes + register: oracle_java_task_apt_install +#become: yes + +#- name: debian | set Java version as default +# apt: name="{{ oracle_java_debconf_package_default }}" +# state=latest +# register: oracle_java_task_set_default +# when: oracle_java_set_as_default +# become: yes + diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-orion.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-orion.yaml new file mode 100755 index 00000000..bd7e5809 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install-orion.yaml @@ -0,0 +1,46 @@ +--- +- name: Install orion + debug: + msg: "Installing Orion" + +- name: Include installation libsodium for {{ ansible_distribution }} + import_tasks: "ubuntu-install-libsodium.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: Fix Libsodium for {{ ansible_distribution }} +# import_tasks: "rhel-install-libsodium.yaml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: Include installation leveldb for {{ ansible_distribution }} + import_tasks: "ubuntu-install-leveldb.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: Download orion source code +# git: +# repo: "https://github.com/PegaSysEng/orion.git" +# dest: "/tmp/orion" +# version: 65749f00ada641c4dfd5982b293a4e59962be695 + +#- name: Building Orion +# shell: "gradle build -x test" +# args: +# chdir: /tmp/orion/ +- name: Download Orion Binaries + get_url: + url: "https://bintray.com/consensys/binaries/download_file?file_path=orion-1.3.2.tar.gz" + dest: "/tmp" + +- name: Extract the Orion tarball + unarchive: + src: "/tmp/orion-1.3.2.tar.gz" + dest: /usr/local + copy: no + +- name: Symbolic link for pantheon + file: + src: "/usr/local/orion-1.3.2/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "orion", dest: "orion" } + - { src: "orion.bat", dest: "orion.bat" } diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install.yaml new file mode 100755 index 00000000..291b55f9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/install.yaml @@ -0,0 +1,40 @@ +--- +- name: install dependencies for {{ ansible_distribution }} + import_tasks: "ubuntu-dependencies.yml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: install dependencies for {{ ansible_distribution }} +# import_tasks: "rhel-dependencies.yml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install java for {{ ansible_distribution }} + import_tasks: "install-java-ubuntu.yaml" + when: ansible_distribution |lower == 'ubuntu' + +- name: install java for {{ ansible_distribution }} + import_tasks: "install-java-centos.yaml" + when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install docker for {{ ansible_distribution }} + import_tasks: "install-docker-ubuntu.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: install docker for {{ ansible_distribution }} +# import_tasks: "install-docker-redhat.yaml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install besu + import_tasks: "install-besu.yaml" + +- name: init besu + import_tasks: "init-besu.yaml" + +- name: start node + import_tasks: "start-node.yaml" + when: first_node + +- name: start ethstats client + import_tasks: "start-ethstats-client.yaml" + +- name: clean files + import_tasks: "clean-files.yaml" diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/main.yml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/main.yml new file mode 100755 index 00000000..fa9526db --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Install Validator Node + import_tasks: "install.yaml" + when: install == true + +- name: Update Validator Node + import_tasks: "update.yaml" diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/rhel-dependencies.yml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/rhel-dependencies.yml new file mode 100755 index 00000000..1a4af92e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/rhel-dependencies.yml @@ -0,0 +1,28 @@ +--- + - name: download epel repository + get_url: + url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm" + dest: "/tmp/epel-release-latest-7.noarch.rpm" + + - name: install epel repository + yum: + name: "/tmp/epel-release-latest-7.noarch.rpm" + + - name: install dependencies for {{ ansible_distribution }} + yum: + name: "{{ item }}" + with_items: + - "*" + - "gmp-devel" + - "gcc" + - "gcc-c++" + - "make" + - "openssl-devel" + - "libdb-devel" + - "ncurses-devel" + - "wget" + - "nmap-ncat" + - "libsodium-devel" + - "libdb-devel" + - "leveldb-devel" + - "git" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-ethstats-client.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-ethstats-client.yaml new file mode 100755 index 00000000..3de3cee9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-ethstats-client.yaml @@ -0,0 +1,3 @@ +--- +- name: start docker ethstats client + shell: mkdir -p /opt/ethstats-cli && docker run -d --log-driver json-file --log-opt max-size=1m --log-opt max-file=1 --restart always --net host -v /opt/ethstats-cli/:/root/.config/configstore/ alethio/ethstats-cli --register --account-email {{node_email}} --node-name "{{node_name}}" --server-url http://35.236.236.77:3000 --client-url ws://127.0.0.1:4546 diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-node.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-node.yaml new file mode 100755 index 00000000..3ee0fd68 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-node.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Pantheon Node + debug: + msg: Starting Pantheon Node + +- name: Execute Pantheon service + service: + name: pantheon + state: started diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-orion.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-orion.yaml new file mode 100755 index 00000000..9b3de46b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/start-orion.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Orion Enclave + debug: + msg: Starting Orion Node + +- name: Execute Orion service + service: + name: orion + state: started \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/stop-node.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/stop-node.yaml new file mode 100755 index 00000000..20960d98 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/stop-node.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Besu Node + debug: + msg: Stopping Besu Node + +- name: Stop Pantheon service + service: + name: pantheon + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/stop-orion.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/stop-orion.yaml new file mode 100755 index 00000000..389e553a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/stop-orion.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Orion Enclave + debug: + msg: Stopping Orion Node + +- name: Stop Orion service + service: + name: orion + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-dependencies.yml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-dependencies.yml new file mode 100755 index 00000000..60d165a8 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-dependencies.yml @@ -0,0 +1,19 @@ +--- +- name: install dependencies for {{ ansible_distribution }} + apt: + name: "{{ item }}" + with_items: + - software-properties-common + - unzip + - wget + - git + - make + - gcc + # - libsodium-dev + - build-essential + - libdb-dev + - zlib1g-dev + - libtinfo-dev + - sysvbanner + - psmisc + - libdb5.3-dev diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-install-leveldb.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-install-leveldb.yaml new file mode 100755 index 00000000..ae1a2f01 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-install-leveldb.yaml @@ -0,0 +1,59 @@ +--- +- name: download leveldb + get_url: + url: "{{leveldburi}}/{{leveldb_version}}/sha512/{{ leveldbtempnumber }}/{{leveldb_version}}" + dest: "/tmp/{{leveldb_version}}" + +- name: Extract leveldb + unarchive: + src: "/tmp/{{leveldb_version}}" + dest: "/tmp" + copy: no + +- name: Set command Shell + lineinfile: + path: /tmp/{{leveldb_release}}/Makefile + regexp: '^(.*)./build_detect_platform(.*)$' + line: ' sh ./build_detect_platform build_config.mk ./)' + backrefs: yes + +- name: make leveldb + shell: make + args: + chdir: "/tmp/{{leveldb_release}}" + +- name: move ibleveldb.* + copy: + src: "/tmp/{{leveldb_release}}/out-static/{{ item }}" + dest: "/usr/local/lib" + remote_src: yes + with_items: + - libleveldb.a + - libmemenv.a + +- name: move ibleveldb.* + copy: + src: "/tmp/{{leveldb_release}}/out-shared/{{ item }}" + dest: "/usr/local/lib" + remote_src: yes + with_items: + - libleveldb.so.1.20 + - libleveldb.so + - libleveldb.so.1 + +#- name: symbolic link for liblevel +# file: +# src: "/usr/local/lib/libleveldb.so.1.9" +# dest: "/usr/local/lib/{{ item }}" +# state: link +# with_items: +# - "libleveldb.so" +# - "libleveldb.so.1" + +- name: move leveldb folder + command: "cp -R leveldb /usr/local/lib" + args: + chdir: "/tmp/{{leveldb_release}}/include" + notify: run ldconfig + +- meta: flush_handlers diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-install-libsodium.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-install-libsodium.yaml new file mode 100755 index 00000000..198f7b5a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/ubuntu-install-libsodium.yaml @@ -0,0 +1,18 @@ +--- +# Installing libsodium +- name: Download libsodium tar + get_url: + url: "{{libsodium_base_url}}/{{libsodium_version}}" + dest: "/tmp/{{libsodium_version}}" + mode: 0440 + +- name: Extract the libsodium tarball + unarchive: + src: "/tmp/{{libsodium_version}}" + dest: /usr/local + copy: no + +- name: "Installing libsodium" + shell: sh ./configure && make && make check && make install + args: + chdir: "/usr/local/libsodium-stable" diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/update-besu.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/update-besu.yaml new file mode 100755 index 00000000..aeab432e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/update-besu.yaml @@ -0,0 +1,81 @@ +--- +- name: Update besu + debug: + msg: "Updating Besu" + +- name: previous clearing + shell: rm -rf /tmp/besu && mkdir /tmp/besu + args: + warn: false + +- name: pull besu binaries + get_url: + url: "https://hyperledger.jfrog.io/ui/api/v1/download?repoKey=besu-binaries&path=besu%2F{{ besu_release_version }}%2Fbesu-{{ besu_release_version }}.zip" + dest: "/tmp/besu/besu_{{ besu_release_version }}.zip" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Besu tarball + unarchive: + src: "/tmp/besu/besu_{{ besu_release_version }}.zip" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * besu + args: + chdir: /tmp/transit + +- name: stop besu #stopping node before starting the update process + import_tasks: "stop-node.yaml" + +- name: Deleting old folders + shell: rm -rf /usr/local/besu + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/besu /usr/local + + #removing old link +- name: Deleting old installed versions of besu or pantheon + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Symbolic link for besu (pantheon and besu are linked to BESU) + file: + src: "/usr/local/besu/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "besu", dest: "pantheon" } + - { src: "besu.bat", dest: "pantheon.bat" } + - { src: "besu", dest: "besu" } + - { src: "besu.bat", dest: "besu.bat" } + +- name: start node + import_tasks: "start-node.yaml" + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit /tmp/besu + args: + warn: false diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tasks/update.yaml b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/update.yaml new file mode 100755 index 00000000..6710538e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tasks/update.yaml @@ -0,0 +1,3 @@ +--- +- name: Update Besu Node + import_tasks: "update-besu.yaml" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/templates/java.j2 b/instalacao-rbb-node/roles/lacchain-validator-node/templates/java.j2 new file mode 100755 index 00000000..27818aab --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/templates/java.j2 @@ -0,0 +1,6 @@ +#!/bin/bash + +export GOHOME="{{ javahome }}" +export GOPATH="$HOME/workspace" + +export PATH=$PATH:{{ javahome }}/bin \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/templates/orion.j2 b/instalacao-rbb-node/roles/lacchain-validator-node/templates/orion.j2 new file mode 100755 index 00000000..eadc9995 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/templates/orion.j2 @@ -0,0 +1,11 @@ +#!/bin/bash + +nodeurl = "http://127.0.0.1:4040/" +nodeport = 4040 +nodenetworkinterface = "0.0.0.0" +clienturl = "http://127.0.0.1:4444/" +clientport = 4444 +publickeys = ["/root/lacchain/orion/keystore/nodeKey.pub"] +privatekeys = ["/root/lacchain/orion/keystore/nodeKey.key"] +passwords = "/root/lacchain/tmp/.account_pass" +tls = "off" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/templates/pantheon-config.j2 b/instalacao-rbb-node/roles/lacchain-validator-node/templates/pantheon-config.j2 new file mode 100755 index 00000000..dd80f893 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/templates/pantheon-config.j2 @@ -0,0 +1,26 @@ +# RPC +rpc-http-enabled=true +graphql-http-enabled=true +rpc-ws-enabled=true +rpc-http-port=4545 +graphql-http-port=4547 +rpc-ws-port=4546 +rpc-http-api=["ETH","NET","IBFT"] +## Uncomment the following lines to allow RPC from remote locations (risky) +# host-whitelist=["*"] +# rpc-http-host="0.0.0.0" +# graphql-http-host="0.0.0.0" + + +# Orion +#privacy-enabled=true +#privacy-url="http://127.0.0.1:4444" +#privacy-public-key-file="/root/lacchain/orion/keystore/nodeKey.pub" + +# Networking +p2p-host="{{node_ip}}" +p2p-port=60606 +bootnodes=["enode://91ca844776cc9bf69cd4eadaeefdf105815b61ec7ba0fef0ab3fc0c954a8af3bfbbdbc9975ca8cd6d1bd366bcd69df2066f2ed17bed4d1c53164d46e94afa03b@35.188.197.198:60606", "enode://c1c9170ace6301fe416b636c0f91816b7a9184c29562b55dfbcbbb48305d6717322c07a1e0d0432b89c1bef468f93963cd94a4ec2d90cd5d53f6e16b3767c328@200.225.100.107:60606"] + +# Gas +min-gas-price=0 diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/templates/startorion.j2 b/instalacao-rbb-node/roles/lacchain-validator-node/templates/startorion.j2 new file mode 100755 index 00000000..d21d79fa --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/templates/startorion.j2 @@ -0,0 +1,3 @@ +#!/bin/bash + +orion /root/lacchain/orion/orion.conf \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/templates/startpantheon.j2 b/instalacao-rbb-node/roles/lacchain-validator-node/templates/startpantheon.j2 new file mode 100755 index 00000000..51c35bb9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/templates/startpantheon.j2 @@ -0,0 +1,3 @@ +#!/bin/bash + +LOG4J_CONFIGURATION_FILE=/root/lacchain/log.xml pantheon --data-path /root/lacchain/data --genesis-file=/root/lacchain/data/genesis.json --network-id {{net_id}} --permissions-nodes-contract-enabled --permissions-nodes-contract-address=0x0000000000000000000000000000000000009999 --config-file=/root/lacchain/config.toml --metrics-push-enabled --metrics-push-port=9091 --metrics-push-host=35.184.17.253 --metrics-push-prometheus-job="{{node_name}}" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tests/inventory b/instalacao-rbb-node/roles/lacchain-validator-node/tests/inventory new file mode 100755 index 00000000..878877b0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/tests/test.yml b/instalacao-rbb-node/roles/lacchain-validator-node/tests/test.yml new file mode 100755 index 00000000..f8f2a01c --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - lacchain-validator-node diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/vars/main.yml b/instalacao-rbb-node/roles/lacchain-validator-node/vars/main.yml new file mode 100755 index 00000000..637b5fce --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/vars/main.yml @@ -0,0 +1,34 @@ +--- +# initdb +leveldburi: "https://src.fedoraproject.org/lookaside/pkgs/leveldb/" +leveldbtempnumber: "c59258f2f58ce2d5680e9ab3da4ab0923d91cd4648dcf63cdaa26cdde92bf45e094544539ad11d8e09a4a4813435286143ed0e86c21c6c31a0596903ed4744d2" +leveldb_version: "leveldb-1.20.tar.gz" +leveldb_release: "leveldb-1.20" + +# vars node +node_type: "validator" +net_id: 648629 +time: '{{lookup(''pipe'',''date "+%Y-%m-%d %H:%M:%S"'')}}' + +# vars for libsodium +libsodium_base_url: https://download.libsodium.org/libsodium/releases +libsodium_version: libsodium-1.0.17-stable.tar.gz + +# vars file for java +java_rel: "java9.02" +javahome: "/usr/local/java" +file_owner: pantheon + +oracle_java_apt_repository: "ppa:linuxuprising/java" +oracle_java_cache_valid_time: 3600 +oracle_java_deb_package: "oracle-java11-installer-local" +oracle_java_debconf_package_default: "oracle-java11-set-default" +oracle_java_home: "/usr/lib/jvm/java-11-oracle" +oracle_java_license_version: "shared/accepted-oracle-license-v1-2" +oracle_java_state: latest + +#CENTOS -REDHAT +oracle_java_dir_source: '/usr/local/src' + +#### +mode: "auto" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-validator-node/vars/permissions_config.toml b/instalacao-rbb-node/roles/lacchain-validator-node/vars/permissions_config.toml new file mode 100755 index 00000000..bbace9c4 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-validator-node/vars/permissions_config.toml @@ -0,0 +1,2 @@ +accounts-whitelist=["0x18af5bfa9222e79fb2793a2008ed0b3c8e900999"] +nodes-whitelist=["enode://0fd7b7570bd37eb0bb21dabe543a811b8d4bb886af44db79e1990a1e5bc55c4ab9d42293dbcb550935ba5cde7d596176781301ce87d995159cc8537acc0a40f5@34.74.191.37:60606","enode://8b417b77f371836458da853d7e33241ee0f1e379e28045ac7adaeca2697b64bfa7b4cadcd5c8da6f5b39c1b503f4253a0c7f35643cef08b1aaf301b50995971c@34.73.199.100:60606"] diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/README.md b/instalacao-rbb-node/roles/lacchain-writer-node/README.md new file mode 100755 index 00000000..225dd44b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/defaults/java-debian-ubuntu.yml b/instalacao-rbb-node/roles/lacchain-writer-node/defaults/java-debian-ubuntu.yml new file mode 100755 index 00000000..807b9bd0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/defaults/java-debian-ubuntu.yml @@ -0,0 +1,12 @@ +--- +# file: laccchain-validator-node/defaults/java-debian-ubuntu.yml +# +# Default java variables for Ubuntu Linux distributions. +# +oracle_java_apt_repository: "ppa:linuxuprising/java" +oracle_java_cache_valid_time: 3600 +oracle_java_deb_package: "oracle-java11-installer-local" +oracle_java_debconf_package_default: "oracle-java11-set-default" +oracle_java_home: "/usr/lib/jvm/java-11-oracle" +oracle_java_license_version: "shared/accepted-oracle-license-v1-2" +oracle_java_state: latest diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/defaults/java-redhat.yml b/instalacao-rbb-node/roles/lacchain-writer-node/defaults/java-redhat.yml new file mode 100755 index 00000000..99509ec6 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/defaults/java-redhat.yml @@ -0,0 +1,14 @@ +--- +# file: lacchain-validator-node/defaults/java-redhat.yml +# +# Default variables for Redhat-based Linux distributions. +# + +oracle_java_dir_source: "/usr/local/src" +oracle_java_download_timeout: 60 +oracle_java_rpm_filename: "jdk-11.0.2_linux-x64_bin.rpm" +oracle_java_home: "/usr/java/default" +oracle_java_rpm_url: "http://download.oracle.com/otn-pub/java/jdk/11.0.2+9/f51449fcd52f4d52b93a989c5c56ed3c/jdk-11.0.2_linux-x64_bin.rpm" +oracle_java_rpm_validate_certs: yes +oracle_java_version: 11 +oracle_java_version_string: 11.0.2 diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/defaults/main.yml b/instalacao-rbb-node/roles/lacchain-writer-node/defaults/main.yml new file mode 100755 index 00000000..b11dd2e3 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/defaults/main.yml @@ -0,0 +1,32 @@ +--- +# defaults file for docker-ce-ansible-role + +docker_state: present + +docker_cleanup_packages_EL: + - "docker" + - "docker-common" + - "docker-client" + - "docker-engine" + +docker_cleanup_packages_Ubuntu: + - "docker.io" + - "docker-engine" + - "containerd" + +docker_prerequisite_packages_Ubuntu: + - "apt-transport-https" + - "ca-certificates" + - "curl" + - "software-properties-common" + +docker_prerequisite_packages_EL: + - "device-mapper-persistent-data" + - "lvm2" + +docker_prerequisite_packages_EL_RHEL: + - "container-selinux" + +docker_prerequisite_packages_Ubuntu_1404: + - "linux-image-extra-{{ ansible_kernel }}" + - "linux-image-extra-virtual" diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/genesis.json b/instalacao-rbb-node/roles/lacchain-writer-node/files/genesis.json new file mode 100755 index 00000000..fa05a352 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/genesis.json @@ -0,0 +1,47 @@ +{ + "config": { + "chainId": 648629, + "constantinopleFixBlock": 0, + "contractSizeLimit": 2147483647, + "ibft2": { + "blockperiodseconds": 2, + "epochlength": 30000, + "requesttimeoutseconds": 4 + } + }, + "nonce": "0x0", + "timestamp": "0x58ee40ba", + "extraData": "0xf83ea00000000000000000000000000000000000000000000000000000000000000000d5945bcdbcc9fb38a57c4f04e4a40ee906ca4861984b808400000000c0", + "gasLimit": "0x2FEFD800", + "difficulty": "0x1", + "mixHash": "0x63746963616c2062797a616e74696e65206661756c7420746f6c6572616e6365", + "coinbase": "0x0000000000000000000000000000000000000000", + "alloc": { + "0xF53Ccfc9747E1a781F4e43638b50470e69D140Cb": { + "balance": "1000000000000000000000000000" + }, + "0x749e5F3842Ce88a655BCf00DBb026C1A6734214c": { + "balance": "1000000000000000000000000000" + }, + "0x0000000000000000000000000000000000008888": { + "comment": "Account Ingress smart contract", + "balance": "0", + "code": "608060405234801561001057600080fd5b50600436106100bb576000357c0100000000000000000000000000000000000000000000000000000000900480638aa10435116100835780638aa10435146101f9578063936421d514610217578063a43e04d814610348578063e001f8411461038e578063fe9fbb80146103f4576100bb565b80630d2020dd146100c057806310d9042e1461012e578063116013061461018d5780631e7c27cb146101ab5780634dc3fefc146101c9575b600080fd5b6100ec600480360360208110156100d657600080fd5b8101908080359060200190929190505050610450565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b610136610508565b6040518080602001828103825283818151815260200191508051906020019060200280838360005b8381101561017957808201518184015260208101905061015e565b505050509050019250505060405180910390f35b610195610560565b6040518082815260200191505060405180910390f35b6101b3610566565b6040518082815260200191505060405180910390f35b6101f7600480360360208110156101df57600080fd5b8101908080351515906020019092919050505061056c565b005b610201610665565b6040518082815260200191505060405180910390f35b61032e600480360360c081101561022d57600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803590602001909291908035906020019092919080359060200190929190803590602001906401000000008111156102a857600080fd5b8201836020820111156102ba57600080fd5b803590602001918460018302840111640100000000831117156102dc57600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600081840152601f19601f82011690508083019250505050505050919291929050505061066f565b604051808215151515815260200191505060405180910390f35b6103746004803603602081101561035e57600080fd5b8101908080359060200190929190505050610889565b604051808215151515815260200191505060405180910390f35b6103da600480360360408110156103a457600080fd5b8101908080359060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610b6e565b604051808215151515815260200191505060405180910390f35b6104366004803603602081101561040a57600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610f1b565b604051808215151515815260200191505060405180910390f35b60008060010282116104ca576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b6003600083815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff169050919050565b6060600280548060200260200160405190810160405280929190818152602001828054801561055657602002820191906000526020600020905b815481526020019060010190808311610542575b5050505050905090565b60005481565b60015481565b3373ffffffffffffffffffffffffffffffffffffffff16600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1614610627576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260338152602001806111106033913960400191505060405180910390fd5b7f9a90898411a81dd648299737f986c95672bedd792b2c45a5c158d8365d54575f81604051808215151515815260200191505060405180910390a150565b6000600454905090565b60008073ffffffffffffffffffffffffffffffffffffffff16610693600054610450565b73ffffffffffffffffffffffffffffffffffffffff1614156106b8576001905061087f565b600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663936421d58888888888886040518763ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808773ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200185815260200184815260200183815260200180602001828103825283818151815260200191508051906020019080838360005b838110156107f25780820151818401526020810190506107d7565b50505050905090810190601f16801561081f5780820380516001836020036101000a031916815260200191505b5097505050505050505060206040518083038186803b15801561084157600080fd5b505afa158015610855573d6000803e3d6000fd5b505050506040513d602081101561086b57600080fd5b810190808051906020019092919050505090505b9695505050505050565b6000806001028211610903576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b600060028054905011610961576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252604781526020018061116e6047913960600191505060405180910390fd5b61096a33610f1b565b6109bf576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b815260200180611143602b913960400191505060405180910390fd5b60008090505b600280549050811015610b635782600282815481106109e057fe5b90600052602060002001541415610b56576003600060028381548110610a0257fe5b90600052602060002001548152602001908152602001600020600080820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690556001820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690555050600260016002805490500381548110610a8157fe5b906000526020600020015460028281548110610a9957fe5b9060005260206000200181905550600260016002805490500381548110610abc57fe5b90600052602060002001600090556002805480919060019003610adf9190611078565b507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af600084604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a16001915050610b69565b80806001019150506109c5565b50600090505b919050565b6000806001028311610be8576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b610bf133610f1b565b610c46576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b815260200180611143602b913960400191505060405180910390fd5b610c4e6110a4565b600360008581526020019081526020016000206040518060400160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020016001820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815250509050600073ffffffffffffffffffffffffffffffffffffffff16816020015173ffffffffffffffffffffffffffffffffffffffff161415610dc75760405180604001604052803373ffffffffffffffffffffffffffffffffffffffff1681526020018473ffffffffffffffffffffffffffffffffffffffff1681525090506002849080600181540180825580915050906001820390600052602060002001600090919290919091505550610e00565b82816020019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff16815250505b806003600086815260200190815260200160002060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff1602179055509050507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af8385604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1600191505092915050565b60008073ffffffffffffffffffffffffffffffffffffffff16610f3f600154610450565b73ffffffffffffffffffffffffffffffffffffffff161415610f645760019050611073565b60036000600154815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663fe9fbb80836040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060206040518083038186803b15801561103557600080fd5b505afa158015611049573d6000803e3d6000fd5b505050506040513d602081101561105f57600080fd5b810190808051906020019092919050505090505b919050565b81548183558181111561109f5781836000526020600020918201910161109e91906110ea565b5b505050565b6040518060400160405280600073ffffffffffffffffffffffffffffffffffffffff168152602001600073ffffffffffffffffffffffffffffffffffffffff1681525090565b61110c91905b808211156111085760008160009055506001016110f0565b5090565b9056fe4f6e6c792052756c657320636f6e74726163742063616e20747269676765722052756c6573206368616e6765206576656e74734e6f7420617574686f72697a656420746f2075706461746520636f6e74726163742072656769737472792e4d7573742068617665206174206c65617374206f6e65207265676973746572656420636f6e747261637420746f20657865637574652064656c657465206f7065726174696f6e2ea165627a7a72305820084ef97932e13971f11fe752caa186aa7e7bb7cefe2b2382b528200d1213fcbf0029", + "storage": { + "0x0000000000000000000000000000000000000000000000000000000000000000": "0x72756c6573000000000000000000000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000001": "0x61646d696e697374726174696f6e000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000004": "0x0f4240" + } + }, + "0x0000000000000000000000000000000000009999": { + "comment": "Node Ingress smart contract", + "balance": "0", + "code": "60806040526004361061009e576000357c0100000000000000000000000000000000000000000000000000000000900480630d2020dd146100a357806310d9042e1461011e578063116013061461018a5780631e7c27cb146101b55780633620b1df146101e05780634dc3fefc146102a45780638aa10435146102e1578063a43e04d81461030c578063e001f8411461035f578063fe9fbb80146103d2575b600080fd5b3480156100af57600080fd5b506100dc600480360360208110156100c657600080fd5b810190808035906020019092919050505061043b565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b34801561012a57600080fd5b506101336104f5565b6040518080602001828103825283818151815260200191508051906020019060200280838360005b8381101561017657808201518184015260208101905061015b565b505050509050019250505060405180910390f35b34801561019657600080fd5b5061019f61054d565b6040518082815260200191505060405180910390f35b3480156101c157600080fd5b506101ca610553565b6040518082815260200191505060405180910390f35b3480156101ec57600080fd5b5061028e600480360361010081101561020457600080fd5b81019080803590602001909291908035906020019092919080356fffffffffffffffffffffffffffffffff19169060200190929190803561ffff169060200190929190803590602001909291908035906020019092919080356fffffffffffffffffffffffffffffffff19169060200190929190803561ffff169060200190929190505050610559565b6040518082815260200191505060405180910390f35b3480156102b057600080fd5b506102df600480360360208110156102c757600080fd5b81019080803515159060200190929190505050610746565b005b3480156102ed57600080fd5b506102f6610884565b6040518082815260200191505060405180910390f35b34801561031857600080fd5b506103456004803603602081101561032f57600080fd5b810190808035906020019092919050505061088e565b604051808215151515815260200191505060405180910390f35b34801561036b57600080fd5b506103b86004803603604081101561038257600080fd5b8101908080359060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610c2f565b604051808215151515815260200191505060405180910390f35b3480156103de57600080fd5b50610421600480360360208110156103f557600080fd5b81019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050611023565b604051808215151515815260200191505060405180910390f35b600080600102821115156104b7576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b6003600083815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff169050919050565b6060600280548060200260200160405190810160405280929190818152602001828054801561054357602002820191906000526020600020905b81548152602001906001019080831161052f575b5050505050905090565b60005481565b60015481565b60008073ffffffffffffffffffffffffffffffffffffffff1661057d60005461043b565b73ffffffffffffffffffffffffffffffffffffffff1614156105c4577f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff600102905061073a565b600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16633620b1df8a8a8a8a8a8a8a8a6040518963ffffffff167c010000000000000000000000000000000000000000000000000000000002815260040180898152602001888152602001876fffffffffffffffffffffffffffffffff19166fffffffffffffffffffffffffffffffff191681526020018661ffff1661ffff168152602001858152602001848152602001836fffffffffffffffffffffffffffffffff19166fffffffffffffffffffffffffffffffff191681526020018261ffff1661ffff1681526020019850505050505050505060206040518083038186803b1580156106fc57600080fd5b505afa158015610710573d6000803e3d6000fd5b505050506040513d602081101561072657600080fd5b810190808051906020019092919050505090505b98975050505050505050565b3373ffffffffffffffffffffffffffffffffffffffff16600360008054815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16141515610846576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260338152602001807f4f6e6c792052756c657320636f6e74726163742063616e20747269676765722081526020017f52756c6573206368616e6765206576656e74730000000000000000000000000081525060400191505060405180910390fd5b7f66120f934b66d52127e448f8e94c2460ea62821335e0dd18e89ed38a4a09b41381604051808215151515815260200191505060405180910390a150565b6000600454905090565b6000806001028211151561090a576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b60006002805490501115156109d3576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260478152602001807f4d7573742068617665206174206c65617374206f6e652072656769737465726581526020017f6420636f6e747261637420746f20657865637574652064656c657465206f706581526020017f726174696f6e2e0000000000000000000000000000000000000000000000000081525060600191505060405180910390fd5b6109dc33611023565b1515610a76576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b8152602001807f4e6f7420617574686f72697a656420746f2075706461746520636f6e7472616381526020017f742072656769737472792e00000000000000000000000000000000000000000081525060400191505060405180910390fd5b60008090505b600280549050811015610c245782600282815481101515610a9957fe5b90600052602060002001541415610c175760036000600283815481101515610abd57fe5b90600052602060002001548152602001908152602001600020600080820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff02191690556001820160006101000a81549073ffffffffffffffffffffffffffffffffffffffff021916905550506002600160028054905003815481101515610b3e57fe5b9060005260206000200154600282815481101515610b5857fe5b90600052602060002001819055506002600160028054905003815481101515610b7d57fe5b90600052602060002001600090556002805480919060019003610ba09190611180565b507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af600084604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a16001915050610c2a565b8080600101915050610a7c565b50600090505b919050565b60008060010283111515610cab576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825260208152602001807f436f6e7472616374206e616d65206d757374206e6f7420626520656d7074792e81525060200191505060405180910390fd5b610cb433611023565b1515610d4e576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602b8152602001807f4e6f7420617574686f72697a656420746f2075706461746520636f6e7472616381526020017f742072656769737472792e00000000000000000000000000000000000000000081525060400191505060405180910390fd5b610d566111ac565b600360008581526020019081526020016000206040805190810160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020016001820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815250509050600073ffffffffffffffffffffffffffffffffffffffff16816020015173ffffffffffffffffffffffffffffffffffffffff161415610ecf5760408051908101604052803373ffffffffffffffffffffffffffffffffffffffff1681526020018473ffffffffffffffffffffffffffffffffffffffff1681525090506002849080600181540180825580915050906001820390600052602060002001600090919290919091505550610f08565b82816020019073ffffffffffffffffffffffffffffffffffffffff16908173ffffffffffffffffffffffffffffffffffffffff16815250505b806003600086815260200190815260200160002060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff1602179055509050507fe3d908a1f6d2467f8e7c8198f30125843211345eedb763beb4cdfb7fe728a5af8385604051808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020018281526020019250505060405180910390a1600191505092915050565b60008073ffffffffffffffffffffffffffffffffffffffff1661104760015461043b565b73ffffffffffffffffffffffffffffffffffffffff16141561106c576001905061117b565b60036000600154815260200190815260200160002060010160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663fe9fbb80836040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060206040518083038186803b15801561113d57600080fd5b505afa158015611151573d6000803e3d6000fd5b505050506040513d602081101561116757600080fd5b810190808051906020019092919050505090505b919050565b8154818355818111156111a7578183600052602060002091820191016111a691906111f2565b5b505050565b6040805190810160405280600073ffffffffffffffffffffffffffffffffffffffff168152602001600073ffffffffffffffffffffffffffffffffffffffff1681525090565b61121491905b808211156112105760008160009055506001016111f8565b5090565b9056fea165627a7a72305820983bfe3942b9e8017923c6c8ab25cd06562512a2ca87192d3dca6d6bfb17de9d0029", + "storage": { + "0x0000000000000000000000000000000000000000000000000000000000000000": "0x72756c6573000000000000000000000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000001": "0x61646d696e697374726174696f6e000000000000000000000000000000000000", + "0x0000000000000000000000000000000000000000000000000000000000000004": "0x0f4240" + } + } + } +} diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/health-check.service b/instalacao-rbb-node/roles/lacchain-writer-node/files/health-check.service new file mode 100755 index 00000000..ff548d8b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/health-check.service @@ -0,0 +1,10 @@ +[Unit] +Description=health-check service + +[Service] +Type=notify +ExecStart=/root/lacchain/health-check/health-check +Restart=always + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/java-bin.sh b/instalacao-rbb-node/roles/lacchain-writer-node/files/java-bin.sh new file mode 100755 index 00000000..a0ef897f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/java-bin.sh @@ -0,0 +1 @@ +export PATH=$PATH:/usr/local/java/bin \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/java-path.sh b/instalacao-rbb-node/roles/lacchain-writer-node/files/java-path.sh new file mode 100755 index 00000000..54e43fce --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/java-path.sh @@ -0,0 +1,2 @@ +export JAVAPATH=$HOME/java +export PATH=$JAVAPATH/bin:$PATH \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/log.xml b/instalacao-rbb-node/roles/lacchain-writer-node/files/log.xml new file mode 100755 index 00000000..a61283d0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/log.xml @@ -0,0 +1,76 @@ + + + + INFO + %d{yyyy-MM-dd'T'HH:mm:ss.SSSZ} %p %m%n + + + + + %d %p %c{1.} [%t] %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx-rhel.conf b/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx-rhel.conf new file mode 100755 index 00000000..1a169787 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx-rhel.conf @@ -0,0 +1,13 @@ +user nginx; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + include /etc/nginx/conf.d/ssl.conf; +} diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx-ubuntu.conf b/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx-ubuntu.conf new file mode 100755 index 00000000..41724bbe --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx-ubuntu.conf @@ -0,0 +1,13 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + include /etc/nginx/conf.d/ssl.conf; +} diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx.repo b/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx.repo new file mode 100755 index 00000000..fd254d86 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/nginx.repo @@ -0,0 +1,15 @@ +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/nodeAddress b/instalacao-rbb-node/roles/lacchain-writer-node/files/nodeAddress new file mode 100755 index 00000000..2b51dd75 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/nodeAddress @@ -0,0 +1 @@ +0x18af5bfa9222e79fb2793a2008ed0b3c8e900999 \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/orion.service b/instalacao-rbb-node/roles/lacchain-writer-node/files/orion.service new file mode 100755 index 00000000..f5a20dc3 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/orion.service @@ -0,0 +1,12 @@ +[Unit] +Description=Orion client +PartOf=health-check.service + +[Service] +Type=simple +Restart=always +ExecStart=/root/lacchain/start-orion.sh +MemoryLimit=2048M + +[Install] +WantedBy=default.target diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/pantheon.service b/instalacao-rbb-node/roles/lacchain-writer-node/files/pantheon.service new file mode 100755 index 00000000..d9c10e4b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/pantheon.service @@ -0,0 +1,11 @@ +[Unit] +Description=Ethereum Pantheon client + +[Service] +Type=simple +Restart=always +ExecStart=/root/lacchain/start-pantheon.sh +MemoryLimit=2048M + +[Install] +WantedBy=default.target diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/permissions_config.toml b/instalacao-rbb-node/roles/lacchain-writer-node/files/permissions_config.toml new file mode 100755 index 00000000..e99481cf --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/permissions_config.toml @@ -0,0 +1,2 @@ +accounts-whitelist=["0x18af5bfa9222e79fb2793a2008ed0b3c8e900999"] +nodes-whitelist=["enode://2b51e2a1b6a34da3965008bd28efc4d110aca9815fe6bd32839bb49ad1a9e3f4e0fd48e764cbac6d034012b70fadd02ace48a6c79e9b8bd58bb3d6f23ea40c59@34.68.63.164:60606", "enode://91ca844776cc9bf69cd4eadaeefdf105815b61ec7ba0fef0ab3fc0c954a8af3bfbbdbc9975ca8cd6d1bd366bcd69df2066f2ed17bed4d1c53164d46e94afa03b@35.188.197.198:60606"] diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/files/static-nodes.json b/instalacao-rbb-node/roles/lacchain-writer-node/files/static-nodes.json new file mode 100755 index 00000000..d773c637 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/files/static-nodes.json @@ -0,0 +1,3 @@ +[ + "enode://8b417b77f371836458da853d7e33241ee0f1e379e28045ac7adaeca2697b64bfa7b4cadcd5c8da6f5b39c1b503f4253a0c7f35643cef08b1aaf301b50995971c@34.74.191.37:60606" +] diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/handlers/main.yml b/instalacao-rbb-node/roles/lacchain-writer-node/handlers/main.yml new file mode 100755 index 00000000..a4bc966a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/handlers/main.yml @@ -0,0 +1,4 @@ +--- +# handlers file for lacchain-writer-node +- name: run ldconfig + shell: ldconfig diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/meta/main.yml b/instalacao-rbb-node/roles/lacchain-writer-node/meta/main.yml new file mode 100755 index 00000000..adc97a8f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/meta/main.yml @@ -0,0 +1,59 @@ +galaxy_info: + author: Adrian Pareja + description: install pantheon node + company: everis + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Some suggested licenses: + # - BSD (default) + # - MIT + # - GPLv2 + # - GPLv3 + # - Apache + # - CC-BY + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 1.2 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + #github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: + [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: + [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/agreements-acceptance.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/agreements-acceptance.yml new file mode 100755 index 00000000..b54ddb39 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/agreements-acceptance.yml @@ -0,0 +1,7 @@ +--- +- fail: + msg: 'Plase Accept the conditions by typing Y when prompted.' + when: " (haveRead != 'Y' and haveRead != 'y') or ( isAgree != 'Y' and isAgree != 'y' ) " + +- debug: + msg: "Starting Installation" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/build-executable.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/build-executable.yaml new file mode 100755 index 00000000..80d630b9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/build-executable.yaml @@ -0,0 +1,16 @@ +- name: Download health-check source code + git: + repo: "https://github.com/lacchain/node-health-check.git" + dest: "/root/go/src/healthCheck" + +- name: install health-dependencies for {{ ansible_distribution }} + yum: + name: "{{ item }}" + with_items: + - "systemd-devel" + when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: Build health check executable program + shell: export GO111MODULE=off && go get ./... && go build -o health-check + args: + chdir: "/root/go/src/healthCheck" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/clean-files.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/clean-files.yaml new file mode 100755 index 00000000..38cae364 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/clean-files.yaml @@ -0,0 +1,10 @@ +--- +- name: Remove old constellation file + file: + path: ~/lacchain/tmp/permissioned-nodes_general.json + state: absent + +- name: Remove old permissioned nodes file + file: + path: ~/lacchain/tmp/permissioned-nodes_validator.json + state: absent diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/configure-nginx.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/configure-nginx.yml new file mode 100755 index 00000000..6102bd82 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/configure-nginx.yml @@ -0,0 +1,42 @@ +- name: Delete previous nginx.conf + file: + path: /etc/nginx/nginx.conf + state: absent + +- name: Copy ubuntu ngix.conf file + template: + src: "{{ role_path }}/files/nginx-ubuntu.conf" + dest: /etc/nginx/nginx.conf + mode: 0644 + when: ansible_distribution |lower == 'ubuntu' + +- name: Copy centos ngix.conf file + template: + src: "{{ role_path }}/files/nginx-rhel.conf" + dest: /etc/nginx/nginx.conf + mode: 0644 + when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: Copy ssl config file + template: + src: "ssl.conf.j2" + dest: "/etc/nginx/conf.d/ssl.conf" + mode: 0644 + +- name: Configure nginx.service(always restart) + shell: cp /lib/systemd/system/nginx.service tempservice && cat tempservice | sed -E 's/vice]/vice]\nRestart=always/' > /lib/systemd/system/nginx.service && rm tempservice + become: true + +- name: Reload systemctl daemon + shell: systemctl daemon-reload + become: true + +- name: Enable nginx service + service: + name: nginx + enabled: yes + +- name: Restart nginx service + service: + name: nginx + state: restarted \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/create-self-signed-certificate.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/create-self-signed-certificate.yaml new file mode 100755 index 00000000..a9e9f895 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/create-self-signed-certificate.yaml @@ -0,0 +1,27 @@ +- name: Create nginx ssl directory + file: + path: ~/lacchain/nginx + state: directory + mode: '0644' + force: yes + +- name: Create private directory + file: + path: /etc/ssl/private + state: directory + mode: '0644' + force: no + +- name: generate configuration openssl file + template: + src: "openssl.j2" + dest: "~/lacchain/nginx/openssl.cnf" + force: yes + +- name: Create self signed certificate + shell: openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt -subj "/C=US/ST=Washington/L=Seatle/O=Lacchain/OU=Network/CN={{dns_name}}" -config /root/lacchain/nginx/openssl.cnf + become: yes + +- name: Create Diffie Hellman Group + shell: openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + become: yes \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-besu.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-besu.yaml new file mode 100755 index 00000000..faab958a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-besu.yaml @@ -0,0 +1,76 @@ +--- +- name: Init pantheon + debug: + msg: "Init Pantheon" + +- name: create lacchain directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/data/keystore", mode: "0440" } + - { dest: "~/lacchain/logs", mode: "0440" } + - { dest: "~/lacchain/tmp", mode: "0440" } + +- name: initializing pantheon from genesis.json + debug: + msg: Initializing Pantheon + +- name: Copy genesis ibft2.0 file + copy: + src: "{{ role_path }}/files/genesis.json" + dest: ~/lacchain/data/genesis.json + mode: 0755 + +- name: Copy node key to first validator node + copy: + src: "{{ role_path }}/files/key" + dest: ~/lacchain/data/key + mode: 0700 + when: first_node + +- name: Generate node key + shell: pantheon --data-path=/root/lacchain/data public-key export-address --to=/root/lacchain/data/nodeAddress | grep -oE "0x[A-Fa-f0-9]*" | sed 's/0x//' + register: enode_key + +- name: print enode key + debug: + msg: enode://{{enode_key.stdout}}@{{node_ip}}:60606 + +- name: copy address to first validator node + copy: + src: "{{ role_path }}/files/UTC--2017-09-20T08-43-59.003454005Z--58b8527743f89389b754c63489262fdfc9ba9db6" + dest: ~/lacchain/data/keystore/UTC--2017-09-20T08-43-59.003454005Z--58b8527743f89389b754c63489262fdfc9ba9db6 + mode: 0700 + when: first_node + +- name: Generate shell script to execute pantheon service + template: + src: "startpantheon.j2" + dest: "~/lacchain/start-pantheon.sh" + mode: 0775 + force: yes + +- name: Generate Pantheon configuration file + template: + src: "pantheon-config.j2" + dest: "~/lacchain/config.toml" + mode: 0775 + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/pantheon.service" + dest: /lib/systemd/system/pantheon.service + mode: 0775 + +- name: Copy Log configuration file to lacchain + copy: + src: "{{ role_path }}/files/log.xml" + dest: "~/lacchain/log.xml" + mode: 0775 + +- name: Enable service pantheon + service: + name: pantheon + enabled: yes diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-health-check.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-health-check.yaml new file mode 100755 index 00000000..0bc38ff0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-health-check.yaml @@ -0,0 +1,36 @@ +--- +- name: Health Check + debug: + msg: Configuring Health Check Service + +- name: create Health Check directory + file: + path: "/root/lacchain/health-check" + mode: "0755" + state: directory + +- name: Move executable health-check program + shell: mv /root/go/src/healthCheck/health-check /root/lacchain/health-check/ + args: + warn: false + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/health-check.service" + dest: /lib/systemd/system/health-check.service + mode: 0775 + +- name: Reload systemctl daemon + shell: systemctl daemon-reload + args: + warn: false + +- name: Enable service Health-Check + service: + name: health-check + enabled: yes + +- name: Start Health check service + service: + name: health-check + state: restarted \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-orion-certificate.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-orion-certificate.yaml new file mode 100755 index 00000000..583f932d --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-orion-certificate.yaml @@ -0,0 +1,39 @@ +- name: create orion directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/orion/certificates", mode: "0440" } + - { dest: "~/lacchain/orion/certificates/CAs", mode: "0440" } + +- name: generate configuration openssl file + template: + src: "openssl.j2" + dest: "~/lacchain/orion/openssl.cnf" + force: yes + +- name: generating CA Key + shell: openssl genrsa -out orion_ca.key 2048 + args: + chdir: ~/lacchain/orion/certificates + +- name: generating CA Certificate + shell: openssl req -x509 -new -nodes -key /root/lacchain/orion/certificates/orion_ca.key -sha256 -days 1024 -out orion_ca.pem -subj "/C=US/ST=Washington/L=Seatle/O=Lacchain/OU=Network/CN=Lacchain CA" + args: + chdir: ~/lacchain/orion/certificates + +- name: generating Orion Certificate Key + shell: openssl genrsa -out orion_cer.key 2048 + args: + chdir: ~/lacchain/orion/certificates + +- name: generating Certificate Signig Request + shell: openssl req -new -key /root/lacchain/orion/certificates/orion_cer.key -out orion_cer.csr -subj "/C=US/ST=Washington/L=Seatle/O=Lacchain/OU=Network/CN={{dns_name}}" -config /root/lacchain/orion/openssl.cnf + args: + chdir: ~/lacchain/orion/certificates + +- name: Signing CSR using CA key + shell: openssl x509 -req -in /root/lacchain/orion/certificates/orion_cer.csr -CA /root/lacchain/orion/certificates/orion_ca.pem -CAkey /root/lacchain/orion/certificates/orion_ca.key -CAcreateserial -out orion_cer.pem -days 500 -sha256 -extfile /root/lacchain/orion/openssl.cnf -extensions v3_req + args: + chdir: ~/lacchain/orion/certificates \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-orion.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-orion.yaml new file mode 100755 index 00000000..c31d404b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-orion.yaml @@ -0,0 +1,51 @@ +--- +- name: initializing constellation + debug: + msg: initializing constellation + +- name: create orion directories + file: + path: "{{ item.dest }}" + mode: "{{ item.mode }}" + state: directory + with_items: + - { dest: "~/lacchain/orion", mode: "0440" } + - { dest: "~/lacchain/orion/keystore", mode: "0440" } + +- name: copy password to file + copy: + dest: ~/lacchain/tmp/.account_pass + content: | + {{password}} + +- name: create certificates + import_tasks: "init-orion-certificate.yaml" + +- name: generate configuration orion file + template: + src: "orion.j2" + dest: "~/lacchain/orion/orion.conf" + force: yes + +- name: generate pair keys + shell: cat ~/lacchain/tmp/.account_pass | orion --generatekeys nodeKey + args: + chdir: ~/lacchain/orion/keystore + +- name: Generate shell script to execute orion service + template: + src: "startorion.j2" + dest: "~/lacchain/start-orion.sh" + mode: 0775 + force: yes + +- name: Copy service file to systemd + copy: + src: "{{ role_path }}/files/orion.service" + dest: /lib/systemd/system/orion.service + mode: 0775 + +- name: Enable service orion + service: + name: orion + enabled: yes diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-tuning.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-tuning.yaml new file mode 100755 index 00000000..694faf33 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/init-tuning.yaml @@ -0,0 +1,19 @@ +--- +- name: Init Tunning + debug: + msg: "Init Tuning" + +- name: Set Overcommit memory + shell: "echo vm.overcommit_memory = 2 >> /etc/sysctl.conf" + +- name: Set Overcommit ratio + shell: "echo vm.overcommit_ratio = 100 >> /etc/sysctl.conf" + +- name: Fixing misstyping swappiness + shell: "sed -i 's/vm.swappines =/swappiness =/g' /etc/sysctl.conf" + +- name: Set max map count + shell: "sysctl -w vm.max_map_count=131072" + +- name: Set Overcommit + shell: "sysctl -p" diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-besu.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-besu.yaml new file mode 100755 index 00000000..75a3e03c --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-besu.yaml @@ -0,0 +1,75 @@ +--- +- name: Install besu + debug: + msg: "Installing Besu" + +- name: previous clearing + shell: rm -rf /tmp/besu && mkdir /tmp/besu + args: + warn: false + +- name: pull besu binaries + get_url: + url: "https://hyperledger.jfrog.io/ui/api/v1/download?repoKey=besu-binaries&path=besu%2F{{ besu_release_version }}%2Fbesu-{{ besu_release_version }}.tar.gz" + dest: "/tmp/besu/besu.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Besu tarball + unarchive: + src: "/tmp/besu/besu.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * besu + args: + chdir: /tmp/transit + +- name: Deleting old folders + shell: rm -rf /usr/local/besu + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/besu /usr/local + + #removing old link +- name: Deleting old installed versions of besu or pantheon + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Symbolic link for besu (pantheon and besu are linked to BESU) + file: + src: "/usr/local/besu/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "besu", dest: "pantheon" } + - { src: "besu.bat", dest: "pantheon.bat" } + - { src: "besu", dest: "besu" } + - { src: "besu.bat", dest: "besu.bat" } + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit /tmp/besu + args: + warn: false diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-docker-redhat.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-docker-redhat.yaml new file mode 100755 index 00000000..b8c5b3df --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-docker-redhat.yaml @@ -0,0 +1,52 @@ +--- +# tasks file for docker-ce-ansible-role + +- name: Remove previous docker installation + yum: + name: "{{ docker_cleanup_packages_EL }}" + state: absent + +- name: Install prerequisite packages + yum: + name: "{{ docker_prerequisite_packages_EL }}" + state: present + +- name: Enable additional repository (for RHEL only) + rhsm_repository: + name: "rhel-7-server-extras-rpms" + state: present + when: ansible_distribution == "RedHat" + +- name: Install additional prerequisite packages (for RHEL only) + yum: + name: "{{ docker_prerequisite_packages_EL_RHEL }}" + state: present + when: ansible_distribution == "RedHat" + +- name: Import Docker CE repository gpg key + rpm_key: + key: https://download.docker.com/linux/centos/gpg + state: present + +- name: Add Docker CE repository + get_url: + url: https://download.docker.com/linux/centos/docker-ce.repo + dest: /etc/yum.repos.d/docker-ce.repo + force: yes + owner: root + group: root + mode: 0644 + +- name: Install Docker CE + yum: + name: docker-ce + state: present + update_cache: yes + +- name: Enable docker + shell: systemctl enable docker.service + become: yes + +- name: Start docker + shell: systemctl start docker.service + become: yes diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-docker-ubuntu.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-docker-ubuntu.yaml new file mode 100755 index 00000000..9bdd6575 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-docker-ubuntu.yaml @@ -0,0 +1,35 @@ +--- +# tasks file for docker-ce-ansible-role + +- name: Remove previous docker installation + apt: + name: "{{ docker_cleanup_packages_Ubuntu }}" + state: absent + +- name: Install prerequisite packages + apt: + name: "{{ docker_prerequisite_packages_Ubuntu }}" + state: present + +- name: Install prerequisite packages (for Ubuntu 14.04 only) + apt: + name: "{{ docker_prerequisite_packages_Ubuntu_1404 }}" + state: present + when: ansible_distribution_version == "14.04" + +- name: Import Docker CE repository gpg key + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + +- name: Add Docker CE repository + apt_repository: + repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable" + state: present + +- name: Install Docker CE + apt: + name: docker-ce + state: present + update_cache: yes diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-go.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-go.yaml new file mode 100755 index 00000000..47e9e1ab --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-go.yaml @@ -0,0 +1,9 @@ +- name: install go + package: + name="golang" + state=present + become: yes + +- name: "Preparing GOPATH" + shell: mkdir -p /root/go/src/github + ignore_errors: yes diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-java-centos.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-java-centos.yaml new file mode 100755 index 00000000..59655d11 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-java-centos.yaml @@ -0,0 +1,16 @@ +- name: Get java version + shell: ls | grep "jdk-11" | grep "_linux-x64_bin.rpm" + args: + chdir: "{{oracle_java_dir_source}}" + register: oracle_java_rpm_filename + +- name: Print found Java version + debug: + msg: "Found java version: {{ oracle_java_rpm_filename.stdout}}" + + +- name: install java + package: + name="{{ oracle_java_dir_source }}/{{ oracle_java_rpm_filename.stdout }}" + state=present + become: yes \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-java-ubuntu.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-java-ubuntu.yaml new file mode 100755 index 00000000..623bb600 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-java-ubuntu.yaml @@ -0,0 +1,41 @@ +--- +# file: oracle-java/tasks/installation/debian/main.yml +# +# Task file to install Oracle Java Development Kit in a system with a Debian based Linux distribution. +# + +- name: debian | ensure the apt repository key is present + apt_key: id="{{ oracle_java_apt_repository_key }}" + keyserver=keyserver.ubuntu.com + state=present + when: oracle_java_apt_repository_key is defined + +#become: yes +- name: debian | ensure the apt repository is present + apt_repository: repo="{{ oracle_java_apt_repository }}" + update_cache=yes + state=present + +#become: yes +- name: debian | set license as accepted + debconf: name="{{ oracle_java_deb_package }}" + question="{{ oracle_java_license_version }}" + value='true' + vtype='select' + +#become: yes +- name: debian | ensure Java is installed + apt: name="{{ oracle_java_deb_package }}" + state={{ oracle_java_state }} + cache_valid_time={{ oracle_java_cache_valid_time }} + update_cache=yes + register: oracle_java_task_apt_install +#become: yes + +#- name: debian | set Java version as default +# apt: name="{{ oracle_java_debconf_package_default }}" +# state=latest +# register: oracle_java_task_set_default +# when: oracle_java_set_as_default +# become: yes + diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-nginx-rhel.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-nginx-rhel.yml new file mode 100755 index 00000000..1b703281 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-nginx-rhel.yml @@ -0,0 +1,17 @@ +- name: install nginx prerequisites + package: + name: yum-utils + state: present + +- name: Setup nginx repository + copy: + src: "{{ role_path }}/files/nginx.repo" + dest: /etc/yum.repos.d + mode: 0644 + +- name: install nginx + package: + name: nginx + state: present + disable_gpg_check: yes + \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-nginx-ubuntu.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-nginx-ubuntu.yml new file mode 100755 index 00000000..2e34887f --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-nginx-ubuntu.yml @@ -0,0 +1,28 @@ +- name: install dependencies for nginx + apt: + name: "{{ item }}" + with_items: + - gnupg2 + - curl + - ca-certificates + - lsb-release +- name: + shell: echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + +- name: Add official nginx signing key + shell: curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add - + +- name: Verify nignx proper key is configured + shell: apt-key fingerprint ABF5BD827BD9BF62 + become: true + +- name: Update apt packages + become: true + apt: + update_cache: yes + +- name: Install nginx + apt: + name: nginx + state: latest + install_recommends: no \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-orion.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-orion.yaml new file mode 100755 index 00000000..b784cfab --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install-orion.yaml @@ -0,0 +1,47 @@ +--- +- name: Install orion + debug: + msg: "Installing Orion" + +- name: Include installation libsodium for {{ ansible_distribution }} + import_tasks: "ubuntu-install-libsodium.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: Fix Libsodium for {{ ansible_distribution }} +# import_tasks: "rhel-install-libsodium.yaml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: Include installation leveldb for {{ ansible_distribution }} + import_tasks: "ubuntu-install-leveldb.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: Download orion source code +# git: +# repo: "https://github.com/PegaSysEng/orion.git" +# dest: "/tmp/orion" +# version: 65749f00ada641c4dfd5982b293a4e59962be695 + +#- name: Building Orion +# shell: "gradle build -x test" +# args: +# chdir: /tmp/orion/ +- name: Download Orion Binaries + get_url: + url: "https://artifacts.consensys.net/public/orion/raw/names/orion.tar.gz/versions/1.3.2/orion-1.3.2.tar.gz" + # url: "https://bintray.com/consensys/binaries/download_file?file_path=orion-1.3.2.tar.gz" + dest: "/tmp" + +- name: Extract the Orion tarball + unarchive: + src: "/tmp/orion-1.3.2.tar.gz" + dest: /usr/local + copy: no + +- name: Symbolic link for orion + file: + src: "/usr/local/orion-1.3.2/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "orion", dest: "orion" } + - { src: "orion.bat", dest: "orion.bat" } diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install.yaml new file mode 100755 index 00000000..c8f60c55 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/install.yaml @@ -0,0 +1,58 @@ +--- +- name: Acceptance Verification + import_tasks: "agreements-acceptance.yml" + +- name: install dependencies for {{ ansible_distribution }} + import_tasks: "ubuntu-dependencies.yml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: install dependencies for {{ ansible_distribution }} +# import_tasks: "rhel-dependencies.yml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install java for {{ ansible_distribution }} + import_tasks: "install-java-ubuntu.yaml" + when: ansible_distribution |lower == 'ubuntu' + +- name: install java for {{ ansible_distribution }} + import_tasks: "install-java-centos.yaml" + when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install docker for {{ ansible_distribution }} + import_tasks: "install-docker-ubuntu.yaml" + when: ansible_distribution |lower == 'ubuntu' + +#- name: install docker for {{ ansible_distribution }} +# import_tasks: "install-docker-redhat.yaml" +# when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: install Besu + import_tasks: "install-besu.yaml" + +- name: init besu + import_tasks: "init-besu.yaml" + +#- name: install orion +# import_tasks: "install-orion.yaml" + +#- name: init orion +# import_tasks: "init-orion.yaml" + +- name: start node + import_tasks: "start-node.yaml" + when: first_node + +- name: start ethstats client + import_tasks: "start-ethstats-client.yaml" + +- name: Prepare Health Check Service + import_tasks: "prepare-health-check.yaml" + +- name: install nginx + import_tasks: "prepare-nginx.yml" + +- name: clean files + import_tasks: "clean-files.yaml" + +- name: init tunning + import_tasks: "init-tuning.yaml" diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/main.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/main.yml new file mode 100755 index 00000000..cbc85b17 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Install Writer Node + import_tasks: "install.yaml" + when: install == true + +- name: Update Writer Node + import_tasks: "update.yaml" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/prepare-health-check.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/prepare-health-check.yaml new file mode 100755 index 00000000..80f2f730 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/prepare-health-check.yaml @@ -0,0 +1,8 @@ +- name: Install Golang program + import_tasks: "install-go.yaml" + +- name: build executable health-check + import_tasks: "build-executable.yaml" + +- name: Init health check service + import_tasks: "init-health-check.yaml" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/prepare-nginx.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/prepare-nginx.yml new file mode 100755 index 00000000..06dc8df0 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/prepare-nginx.yml @@ -0,0 +1,14 @@ +--- +- name: Install nginx for {{ ansible_distribution }} + import_tasks: "install-nginx-ubuntu.yml" + when: ansible_distribution |lower == 'ubuntu' + +- name: Install nginx for {{ ansible_distribution }} + import_tasks: "install-nginx-rhel.yml" + when: (ansible_distribution |lower == 'redhat') or (ansible_distribution |lower == 'centos') + +- name: Create Certificates + import_tasks: "create-self-signed-certificate.yaml" + +- name: Configure nginx + import_tasks: "configure-nginx.yml" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/rhel-dependencies.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/rhel-dependencies.yml new file mode 100755 index 00000000..1a4af92e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/rhel-dependencies.yml @@ -0,0 +1,28 @@ +--- + - name: download epel repository + get_url: + url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm" + dest: "/tmp/epel-release-latest-7.noarch.rpm" + + - name: install epel repository + yum: + name: "/tmp/epel-release-latest-7.noarch.rpm" + + - name: install dependencies for {{ ansible_distribution }} + yum: + name: "{{ item }}" + with_items: + - "*" + - "gmp-devel" + - "gcc" + - "gcc-c++" + - "make" + - "openssl-devel" + - "libdb-devel" + - "ncurses-devel" + - "wget" + - "nmap-ncat" + - "libsodium-devel" + - "libdb-devel" + - "leveldb-devel" + - "git" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-ethstats-client.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-ethstats-client.yaml new file mode 100755 index 00000000..3de3cee9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-ethstats-client.yaml @@ -0,0 +1,3 @@ +--- +- name: start docker ethstats client + shell: mkdir -p /opt/ethstats-cli && docker run -d --log-driver json-file --log-opt max-size=1m --log-opt max-file=1 --restart always --net host -v /opt/ethstats-cli/:/root/.config/configstore/ alethio/ethstats-cli --register --account-email {{node_email}} --node-name "{{node_name}}" --server-url http://35.236.236.77:3000 --client-url ws://127.0.0.1:4546 diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-health-check.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-health-check.yaml new file mode 100755 index 00000000..14c977a4 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-health-check.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Health Node + debug: + msg: Starting Health Check Service Node + +- name: Starting Health Check + service: + name: health-check + state: restarted \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-node.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-node.yaml new file mode 100755 index 00000000..af40fd5e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-node.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Besu Node + debug: + msg: Starting Besu Node + +- name: Execute Pantheon service + service: + name: pantheon + state: started diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-orion.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-orion.yaml new file mode 100755 index 00000000..9b3de46b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/start-orion.yaml @@ -0,0 +1,9 @@ +--- +- name: Start Orion Enclave + debug: + msg: Starting Orion Node + +- name: Execute Orion service + service: + name: orion + state: started \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-health-check.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-health-check.yaml new file mode 100755 index 00000000..12fdef97 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-health-check.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Health Node + debug: + msg: Stopping Health Check Service Node + +- name: Stop Health Check + service: + name: health-check + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-node.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-node.yaml new file mode 100755 index 00000000..20960d98 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-node.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Besu Node + debug: + msg: Stopping Besu Node + +- name: Stop Pantheon service + service: + name: pantheon + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-orion.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-orion.yaml new file mode 100755 index 00000000..389e553a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/stop-orion.yaml @@ -0,0 +1,9 @@ +--- +- name: Stop Orion Enclave + debug: + msg: Stopping Orion Node + +- name: Stop Orion service + service: + name: orion + state: stopped \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-dependencies.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-dependencies.yml new file mode 100755 index 00000000..4f164ed4 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-dependencies.yml @@ -0,0 +1,42 @@ +--- +- name: install dependencies for {{ ansible_distribution }} + apt: + name: "{{ item }}" + with_items: + - software-properties-common + - unzip + - wget + - git + - make + - gcc + # - libsodium-dev + - build-essential + - libdb-dev + - zlib1g-dev + - libtinfo-dev + - sysvbanner + - psmisc + - libdb5.3-dev + +- name: install Gradle + get_url: + url: https://services.gradle.org/distributions/gradle-6.0-bin.zip + dest: /tmp/ + force: yes + owner: root + group: root + mode: 0644 + +- name: unzip Gradle + unarchive: + src: "/tmp/gradle-6.0-bin.zip" + dest: /usr/local + copy: no + +- name: Symbolic link for pantheon + file: + src: "/usr/local/gradle-6.0/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "gradle", dest: "gradle" } \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-install-leveldb.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-install-leveldb.yaml new file mode 100755 index 00000000..1a863c0e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-install-leveldb.yaml @@ -0,0 +1,59 @@ +--- +- name: download leveldb + get_url: + url: "{{leveldburi}}/{{leveldb_version}}/sha512/{{ leveldbtempnumber }}/{{leveldb_version}}" + dest: "/tmp/{{leveldb_version}}" + +- name: Extract leveldb + unarchive: + src: "/tmp/{{leveldb_version}}" + dest: "/tmp" + copy: no + +- name: Set command Shell + lineinfile: + path: /tmp/{{leveldb_release}}/Makefile + regexp: '^(.*)./build_detect_platform(.*)$' + line: ' sh ./build_detect_platform build_config.mk ./)' + backrefs: yes + +- name: make leveldb + shell: make + args: + chdir: "/tmp/{{leveldb_release}}" + +- name: move ibleveldb.* + copy: + src: "/tmp/{{leveldb_release}}/out-static/{{ item }}" + dest: "/usr/local/lib" + remote_src: yes + with_items: + - libleveldb.a + - libmemenv.a + +- name: move ibleveldb.* + copy: + src: "/tmp/{{leveldb_release}}/out-shared/{{ item }}" + dest: "/usr/local/lib" + remote_src: yes + with_items: + - libleveldb.so.1.20 + - libleveldb.so + - libleveldb.so.1 + +#- name: symbolic link for liblevel +# file: +# src: "/usr/local/lib/libleveldb.so.1.9" +# dest: "/usr/local/lib/{{ item }}" +# state: link +# with_items: +# - "libleveldb.so" +# - "libleveldb.so.1" + +- name: move leveldb folder + command: "cp -R leveldb /usr/local/lib" + args: + chdir: "/tmp/{{leveldb_release}}/include" + notify: run ldconfig + +- meta: flush_handlers diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-install-libsodium.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-install-libsodium.yaml new file mode 100755 index 00000000..198f7b5a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/ubuntu-install-libsodium.yaml @@ -0,0 +1,18 @@ +--- +# Installing libsodium +- name: Download libsodium tar + get_url: + url: "{{libsodium_base_url}}/{{libsodium_version}}" + dest: "/tmp/{{libsodium_version}}" + mode: 0440 + +- name: Extract the libsodium tarball + unarchive: + src: "/tmp/{{libsodium_version}}" + dest: /usr/local + copy: no + +- name: "Installing libsodium" + shell: sh ./configure && make && make check && make install + args: + chdir: "/usr/local/libsodium-stable" diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update-besu.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update-besu.yaml new file mode 100755 index 00000000..aebe7e0a --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update-besu.yaml @@ -0,0 +1,75 @@ +--- +- name: Update besu + debug: + msg: "Updating Besu" + +- name: previous clearing + shell: rm -rf /tmp/besu && mkdir /tmp/besu + args: + warn: false + +- name: pull besu binaries + get_url: + url: "https://hyperledger.jfrog.io/ui/api/v1/download?repoKey=besu-binaries&path=besu%2F{{ besu_release_version }}%2Fbesu-{{ besu_release_version }}.tar.gz" + dest: "/tmp/besu/besu.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Besu tarball + unarchive: + src: "/tmp/besu/besu.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * besu + args: + chdir: /tmp/transit + +- name: Deleting old folders + shell: rm -rf /usr/local/besu + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/besu /usr/local + + #removing old link +- name: Deleting old installed versions of besu or pantheon + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "pantheon" } + - { dest: "pantheon.bat" } + - { dest: "besu"} + - { dest: "besu.bat"} + +- name: Symbolic link for besu (pantheon and besu are linked to BESU) + file: + src: "/usr/local/besu/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "besu", dest: "pantheon" } + - { src: "besu.bat", dest: "pantheon.bat" } + - { src: "besu", dest: "besu" } + - { src: "besu.bat", dest: "besu.bat" } + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit /tmp/besu + args: + warn: false diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update-orion.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update-orion.yaml new file mode 100755 index 00000000..4aa4ccc1 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update-orion.yaml @@ -0,0 +1,68 @@ +--- +- name: Update orion + debug: + msg: "Updating Orion" + +- name: previous clearing + shell: rm -rf /tmp/orion && mkdir /tmp/orion + args: + warn: false + +- name: pull orion binaries + get_url: + url: "https://bintray.com/consensys/binaries/download_file?file_path=orion-{{ orion_release_version}}.tar.gz" + dest: "/tmp/orion/orion.tar.gz" + +- name: Preparing temporal folder + shell: rm -rf /tmp/transit/ && mkdir /tmp/transit #deleting and creating a new + args: + warn: false + +- name: Extract the Orion tarball + unarchive: + src: "/tmp/orion/orion.tar.gz" + dest: /tmp/transit #/usr/local + copy: no + +- name: Renaming extracted file + shell: mv * orion + args: + chdir: /tmp/transit + +- name: Deleting old folders + shell: rm -rf /usr/local/orion + args: + warn: false + +- name: moving files to /usr + shell: mv /tmp/transit/orion /usr/local + +- name: Deleting old installed versions of orion + file: + path: /usr/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "orion" } + - { dest: "orion.bat" } + +- name: Support for deployments prior to centos support + file: + path: /usr/local/bin/{{ item.dest }} + state: absent + with_items: + - { dest: "orion" } + - { dest: "orion.bat" } + +- name: Symbolic link for orion + file: + src: "/usr/local/orion/bin/{{ item.src }}" + dest: "/usr/bin/{{ item.dest }}" + state: link + with_items: + - { src: "orion", dest: "orion" } + - { src: "orion.bat", dest: "orion.bat" } + +- name: clearing unnecessary folders + shell: rm -rf /tmp/transit && rm -rf /tmp/orion + args: + warn: false \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update.yaml b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update.yaml new file mode 100755 index 00000000..486b910b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tasks/update.yaml @@ -0,0 +1,66 @@ +--- +- name: Verifiying health check daemon is installed + shell: ls /lib/systemd/system/ | grep health-check.service + register: healthCheck + ignore_errors: yes + +- name: Stopping Health Check Daemon before updating + import_tasks: "stop-health-check.yaml" + when: (healthCheck.stdout == 'health-check.service') + +#- name: stop enclave +# import_tasks: "stop-orion.yaml" + +- name: stop pantheon + import_tasks: "stop-node.yaml" + +- name: Update Besu Node + import_tasks: "update-besu.yaml" + +#- name: Update Orion Node +# import_tasks: "update-orion.yaml" + +#- name: Copy service file to systemd +# copy: +# src: "{{ role_path }}/files/orion.service" +# dest: /lib/systemd/system/orion.service +# mode: 0775 + +#- name: Enable service orion +# service: +# name: orion +# enabled: yes + +#- name: Verifying certificate is created +# shell: ls /root/lacchain/orion/certificates | grep orion_cer.pem +# register: certificate +# ignore_errors: yes + +#- name: Create Orion Certificate +# import_tasks: "init-orion-certificate.yaml" +# when: (certificate.stdout != 'orion_cer.pem') + +- name: Init Tunning + import_tasks: "init-tuning.yaml" + +- name: Prepare Health Check Service + import_tasks: "prepare-health-check.yaml" + +- name: Verifiying nginx is installed + shell: ls /lib/systemd/system/ | grep nginx.service + register: nginx + ignore_errors: yes + +- name: install nginx + import_tasks: "prepare-nginx.yml" + when: (nginx.stdout != 'nginx.service') + +- name: Restarting Health Check Daemon + import_tasks: "start-health-check.yaml" + when: (healthCheck.stdout == 'health-check.service') + +#- name: start orion +# import_tasks: "start-orion.yaml" + +- name: start besu + import_tasks: "start-node.yaml" diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/health-check.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/health-check.j2 new file mode 100755 index 00000000..aa84d0d7 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/health-check.j2 @@ -0,0 +1,21 @@ +#!/bin/bash +#eval `./healthCheckexe` +###################### +#0 => Do nothing +#1 => restart orion +###################### + +INPUT_STRING=$(./healthCheckexe) +case $INPUT_STRING in + "0") + echo "Successful response from Orion service" + ;; + "1") + echo "Orion isn't responding, restarting Orion..." + systemctl restart orion + break + ;; + *) + echo "Unexpected response from golang program, please check health check program" + ;; +esac \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/java.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/java.j2 new file mode 100755 index 00000000..27818aab --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/java.j2 @@ -0,0 +1,6 @@ +#!/bin/bash + +export GOHOME="{{ javahome }}" +export GOPATH="$HOME/workspace" + +export PATH=$PATH:{{ javahome }}/bin \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/openssl.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/openssl.j2 new file mode 100755 index 00000000..3d7b9ed3 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/openssl.j2 @@ -0,0 +1,335 @@ +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +[ new_oids ] + +# Policies used by the TSA examples. +tsa_policy1 = 1.2.3.4.1 +tsa_policy2 = 1.2.3.4.5.6 +tsa_policy3 = 1.2.3.4.5.7 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several certs with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem# The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extensions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = default # use public key default MD +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString (PKIX recommendation before 2004) +# utf8only: only UTF8Strings (PKIX recommendation after 2004). +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. +string_mask = utf8only + +req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +#organizationalUnitName_default = + +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This is required for TSA certificates. +# extendedKeyUsage = critical,timeStamping + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment +subjectAltName = @alt_names + +[alt_names] +DNS.1 = {{dns_name}} +DNS.2 = localhost +IP.1 = {{node_ip}} +IP.2 = 127.0.0.1 + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer + +basicConstraints = critical,CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo + +#################################################################### +[ tsa ] + +default_tsa = tsa_config1 # the default TSA section + +[ tsa_config1 ] + +# These are used by the TSA reply generation only. +dir = ./demoCA # TSA root directory +serial = $dir/tsaserial # The current serial number (mandatory) +crypto_device = builtin # OpenSSL engine to use for signing +signer_cert = $dir/tsacert.pem # The TSA signing certificate + # (optional) +certs = $dir/cacert.pem # Certificate chain to include in reply + # (optional) +signer_key = $dir/private/tsakey.pem # The TSA private key (optional) +signer_digest = sha256 # Signing digest to use. (Optional) +default_policy = tsa_policy1 # Policy if request did not specify it + # (optional) +other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) +digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory) +accuracy = secs:1, millisecs:500, microsecs:100 # (optional) +clock_precision_digits = 0 # number of digits after dot. (optional) +ordering = yes # Is ordering defined for timestamps? + # (optional, default: no) +tsa_name = yes # Must the TSA name be included in the reply? + # (optional, default: no) +ess_cert_id_chain = no # Must the ESS cert id chain be included? + # (optional, default: no) +ess_cert_id_alg = sha1 # algorithm to compute certificate + # identifier (optional, default: sha1) \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/orion.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/orion.j2 new file mode 100755 index 00000000..b40ce33b --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/orion.j2 @@ -0,0 +1,23 @@ +#!/bin/bash + +nodeurl = "https://{{node_ip}}:4040/" +nodeport = 4040 +nodenetworkinterface = "0.0.0.0" +clienturl = "http://127.0.0.1:4444/" +clientport = 4444 +publickeys = ["/root/lacchain/orion/keystore/nodeKey.pub"] +privatekeys = ["/root/lacchain/orion/keystore/nodeKey.key"] +passwords = "/root/lacchain/tmp/.account_pass" +othernodes = [] +tls = "strict" + +tlsservercert = "/root/lacchain/orion/certificates/orion_cer.pem" +tlsserverchain = ["/root/lacchain/orion/certificates/orion_ca.pem"] +tlsserverkey = "/root/lacchain/orion/certificates/orion_cer.key" + +tlsclientcert = "/root/lacchain/orion/certificates/orion_cer.pem" +tlsclientchain = ["/root/lacchain/orion/certificates/orion_ca.pem"] +tlsclientkey = "/root/lacchain/orion/certificates/orion_cer.key" + +tlsservertrust = "ca" +tlsclienttrust = "ca" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/pantheon-config.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/pantheon-config.j2 new file mode 100755 index 00000000..0b292d86 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/pantheon-config.j2 @@ -0,0 +1,26 @@ +# RPC +rpc-http-enabled=true +graphql-http-enabled=true +rpc-ws-enabled=true +rpc-http-port=4545 +graphql-http-port=4547 +rpc-ws-port=4546 +rpc-http-api=["ETH","NET","IBFT","WEB3"] +## Uncomment the following lines to allow RPC from remote locations (risky) +host-whitelist=["*"] +rpc-http-host="0.0.0.0" +rpc-http-cors-origins=["*"] +graphql-http-host="0.0.0.0" + +# Orion +privacy-enabled=true +privacy-url="http://127.0.0.1:4444" +privacy-public-key-file="/root/lacchain/orion/keystore/nodeKey.pub" + +# Networking +p2p-host="{{node_ip}}" +p2p-port=60606 +bootnodes=["enode://91ca844776cc9bf69cd4eadaeefdf105815b61ec7ba0fef0ab3fc0c954a8af3bfbbdbc9975ca8cd6d1bd366bcd69df2066f2ed17bed4d1c53164d46e94afa03b@35.188.197.198:60606", "enode://c1c9170ace6301fe416b636c0f91816b7a9184c29562b55dfbcbbb48305d6717322c07a1e0d0432b89c1bef468f93963cd94a4ec2d90cd5d53f6e16b3767c328@200.225.100.107:60606"] + +# Gas +min-gas-price=0 diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/ssl.conf.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/ssl.conf.j2 new file mode 100755 index 00000000..20b9bb2e --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/ssl.conf.j2 @@ -0,0 +1,35 @@ +server { + listen 443 http2 ssl; +# listen [::]:443 http2 ssl; + + server_name {{node_ip}}; + + ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; + ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + + ######################################################################## + # Strong SSL security # + ######################################################################## + + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; + ssl_ecdh_curve secp384r1; + ssl_session_cache shared:SSL:10m; + ssl_session_tickets off; + ssl_stapling on; + ssl_stapling_verify on; + resolver 8.8.8.8 8.8.4.4 valid=300s; + resolver_timeout 5s; + + add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + + ################################## + location / { + proxy_pass http://localhost:4545; + } +} diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/startorion.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/startorion.j2 new file mode 100755 index 00000000..d21d79fa --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/startorion.j2 @@ -0,0 +1,3 @@ +#!/bin/bash + +orion /root/lacchain/orion/orion.conf \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/templates/startpantheon.j2 b/instalacao-rbb-node/roles/lacchain-writer-node/templates/startpantheon.j2 new file mode 100755 index 00000000..51c35bb9 --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/templates/startpantheon.j2 @@ -0,0 +1,3 @@ +#!/bin/bash + +LOG4J_CONFIGURATION_FILE=/root/lacchain/log.xml pantheon --data-path /root/lacchain/data --genesis-file=/root/lacchain/data/genesis.json --network-id {{net_id}} --permissions-nodes-contract-enabled --permissions-nodes-contract-address=0x0000000000000000000000000000000000009999 --config-file=/root/lacchain/config.toml --metrics-push-enabled --metrics-push-port=9091 --metrics-push-host=35.184.17.253 --metrics-push-prometheus-job="{{node_name}}" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/tests/test.yml b/instalacao-rbb-node/roles/lacchain-writer-node/tests/test.yml new file mode 100755 index 00000000..f8f2a01c --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - lacchain-validator-node diff --git a/instalacao-rbb-node/roles/lacchain-writer-node/vars/main.yml b/instalacao-rbb-node/roles/lacchain-writer-node/vars/main.yml new file mode 100755 index 00000000..637b5fce --- /dev/null +++ b/instalacao-rbb-node/roles/lacchain-writer-node/vars/main.yml @@ -0,0 +1,34 @@ +--- +# initdb +leveldburi: "https://src.fedoraproject.org/lookaside/pkgs/leveldb/" +leveldbtempnumber: "c59258f2f58ce2d5680e9ab3da4ab0923d91cd4648dcf63cdaa26cdde92bf45e094544539ad11d8e09a4a4813435286143ed0e86c21c6c31a0596903ed4744d2" +leveldb_version: "leveldb-1.20.tar.gz" +leveldb_release: "leveldb-1.20" + +# vars node +node_type: "validator" +net_id: 648629 +time: '{{lookup(''pipe'',''date "+%Y-%m-%d %H:%M:%S"'')}}' + +# vars for libsodium +libsodium_base_url: https://download.libsodium.org/libsodium/releases +libsodium_version: libsodium-1.0.17-stable.tar.gz + +# vars file for java +java_rel: "java9.02" +javahome: "/usr/local/java" +file_owner: pantheon + +oracle_java_apt_repository: "ppa:linuxuprising/java" +oracle_java_cache_valid_time: 3600 +oracle_java_deb_package: "oracle-java11-installer-local" +oracle_java_debconf_package_default: "oracle-java11-set-default" +oracle_java_home: "/usr/lib/jvm/java-11-oracle" +oracle_java_license_version: "shared/accepted-oracle-license-v1-2" +oracle_java_state: latest + +#CENTOS -REDHAT +oracle_java_dir_source: '/usr/local/src' + +#### +mode: "auto" \ No newline at end of file diff --git a/instalacao-rbb-node/roles/vars/.gitkeep b/instalacao-rbb-node/roles/vars/.gitkeep new file mode 100755 index 00000000..e69de29b diff --git a/instalacao-rbb-node/site-lacchain-backup.yml b/instalacao-rbb-node/site-lacchain-backup.yml new file mode 100755 index 00000000..16f6ed1f --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-backup.yml @@ -0,0 +1,12 @@ +- hosts: all + gather_facts: yes + become: yes + vars_prompt: + - name: "backup" + prompt: "Would you like to backup your node? (yes/no)" + private: no + - name: "restore" + prompt: "Would you like to restore your node? (yes/no)" + private: no + roles: + - lacchain-backup-node diff --git a/instalacao-rbb-node/site-lacchain-bootnode.yml b/instalacao-rbb-node/site-lacchain-bootnode.yml new file mode 100755 index 00000000..e4b4659b --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-bootnode.yml @@ -0,0 +1,7 @@ +- hosts: bootnodes + gather_facts: yes + become: yes + vars: + install: true + roles: + - lacchain-bootnode diff --git a/instalacao-rbb-node/site-lacchain-cloud.yml b/instalacao-rbb-node/site-lacchain-cloud.yml new file mode 100755 index 00000000..0a3b4b0c --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-cloud.yml @@ -0,0 +1,43 @@ +- name: Compute Engine Instance + hosts: localhost + vars: + service_account_email: "adriancc5.5@gmail.com" + credentials_file: "/home/adrian/.ssh/google_compute_engine" + project_id: "everisconf" + tasks: + - name: create multiple instances + gce: + instance_names: test1 + zone: us-east1-b + machine_type: n1-standard-1 + image: ubuntu-1804-bionic-v20180823 + state: present + service_account_email: "{{ service_account_email }}" + credentials_file: "{{ credentials_file }}" + project_id: "{{ project_id }}" + metadata: '{ "startup-script" : "apt-get update" }' + register: gce + + - name: Save host data + add_host: + hostname: "{{ item.public_ip }}" + groupname: gce_instances_ips + with_items: "{{ gce.instance_data }}" + + - name: Wait for SSH for instances + wait_for: + delay: 1 + host: "{{ item.public_ip }}" + port: 22 + state: started + timeout: 30 + with_items: "{{ gce.instance_data }}" + + - name: Configure Hosts + hosts: gce_instances_ips + become: yes + become_method: sudo + roles: + - lacchain-validator-node + tags: + - config diff --git a/instalacao-rbb-node/site-lacchain-update-bootnode.yml b/instalacao-rbb-node/site-lacchain-update-bootnode.yml new file mode 100755 index 00000000..e83b9d39 --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-update-bootnode.yml @@ -0,0 +1,5 @@ +- hosts: bootnodes + gather_facts: yes + become: yes + roles: + - lacchain-bootnode diff --git a/instalacao-rbb-node/site-lacchain-update-validator.yml b/instalacao-rbb-node/site-lacchain-update-validator.yml new file mode 100755 index 00000000..93de5333 --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-update-validator.yml @@ -0,0 +1,5 @@ +- hosts: validators + gather_facts: yes + become: yes + roles: + - lacchain-validator-node diff --git a/instalacao-rbb-node/site-lacchain-update-writer.yml b/instalacao-rbb-node/site-lacchain-update-writer.yml new file mode 100755 index 00000000..3a7f0da0 --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-update-writer.yml @@ -0,0 +1,5 @@ +- hosts: writer + gather_facts: yes + become: yes + roles: + - lacchain-writer-node diff --git a/instalacao-rbb-node/site-lacchain-update.yml b/instalacao-rbb-node/site-lacchain-update.yml new file mode 100755 index 00000000..c2817895 --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-update.yml @@ -0,0 +1,12 @@ +- hosts: all + gather_facts: yes + become: yes + vars_prompt: + - name: "backup" + prompt: "Would you like to update a validator node? (yes/no)" + private: no + - name: "restore" + prompt: "Would you like to update a writer node? (yes/no)" + private: no + roles: + - lacchain-update-node diff --git a/instalacao-rbb-node/site-lacchain-validator.yml b/instalacao-rbb-node/site-lacchain-validator.yml new file mode 100755 index 00000000..b3749e89 --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-validator.yml @@ -0,0 +1,7 @@ +- hosts: validators + gather_facts: yes + become: yes + vars: + install: true + roles: + - lacchain-validator-node diff --git a/instalacao-rbb-node/site-lacchain-writer.yml b/instalacao-rbb-node/site-lacchain-writer.yml new file mode 100755 index 00000000..b1cb5924 --- /dev/null +++ b/instalacao-rbb-node/site-lacchain-writer.yml @@ -0,0 +1,15 @@ +- hosts: writer + gather_facts: yes + become: yes + vars: + install: true + vars_prompt: + - name: "Please read the terms and conditions before installing this software: https://github.com/lacchain/pantheon-network/blob/master/TERMS_AND_COND_WRITER_NODE.md .Press ENTER " + - name: "haveRead" + prompt: "Have you read the Terms and Conditions of use of LACChain Test Network? [Y/N]" + private: Y + - name: "isAgree" + prompt: "Do you agree with the Terms and Conditions of use of LACChain Test Network? [Y/N]" + private: Y + roles: + - lacchain-writer-node diff --git a/monitoramento.md b/monitoramento.md new file mode 100644 index 00000000..e90f042a --- /dev/null +++ b/monitoramento.md @@ -0,0 +1,107 @@ + + + +# Monitoração e Responsabilidades +Toda instituição participante deve monitorar e tratar incidentes de seus próprios nós + +Toda instituição participante deve poder monitorar localmente os dados de todos os nós da RBB necessário para detecção de seus próprios incidentes. + +# Tipos de Monitoração + +LL- Local para detecção de incidentes + +GL- Global para detecção de incidentes locais + +MN- Global longo Prazo – Monitoramento de negócio + +GG- global para detecção de incidentes na rede inteira _ Saúde da rede + +# Premissas II + +GL- Global para detecção de incidentes locais +Para obter dados gerados por nós de outras instituições da rede, uma instituição pode + + (a) buscar um subconjunto dos dados diretamente de todos os nós da rede e/ou + + (b) buscar dados do monitoramento GG. + +Buscar diretamente nos diversos nós da rede preserva a descentralização e minimiza possíveis erros uma vez que o dado é recuperado no local em que se originou. + + + +GG- global para detecção de incidentes na rede inteira _ Saúde da rede +Pelo menos duas instituições da rede devem fazer o monitoramento com input de todos os nós da rede e oferecer uma visão global de toda a rede. + +Existe uma equipe técnica responsável por cuidar da saúde global da rede, incluindo incidentes com causa desconhecida. Essa equipe pode ser composta por um subconjunto das instituições participantes, com rotatividade. + +# De onde extrair as métricas + +1. Besu e Server + +Foco em estado dos nós e servidores + +Contém visão em alto nível da rede + + +2. Diretamente na rede Blockchain + +Foco em endereços, smart contracts e transações. +Inclui visão em alto nível dos nós +(fora do escopo no momento) + +# Tipos de Métricas + +1.Servidores e Processos + +Monitora o uso de CPU e uso de espaço em Disco. Também engloba uso da JVM pelo processo do Besu. +Cada instituição já deve ter padrões estabelecidos para essas métricas. + + +2.Especifica da RBB + +Monitora sincronização, conectividade e uso da rede. +Importante alinhamento nas métricas e limites para incidentes. + + +![Captura de tela de 2021-12-14 15-58-25](https://user-images.githubusercontent.com/71888455/146213676-cbdc0ab7-5bfd-400e-acf1-ad3b95709f8d.png) + +![Captura de tela de 2021-12-14 15-58-54](https://user-images.githubusercontent.com/71888455/146213746-08a5d304-653d-46fe-bbc7-868eeb1ea374.png) + +![Captura de tela de 2021-12-14 15-59-08](https://user-images.githubusercontent.com/71888455/146213948-671d882c-1f70-43eb-a0bb-3be42dae5090.png) + +![Captura de tela de 2021-12-14 15-59-24](https://user-images.githubusercontent.com/71888455/146214013-b56ecf68-1a9c-47c6-af37-225016ffcbf8.png) + +![Captura de tela de 2021-12-15 12-17-46](https://user-images.githubusercontent.com/71888455/146214095-6aae336d-d28c-4b09-a38e-51fa2d24903a.png) + +![Captura de tela de 2021-12-14 16-06-07](https://user-images.githubusercontent.com/71888455/146214229-4cfc1b12-c9a8-4da1-ad8e-f49013d465b2.png) + +![Captura de tela de 2021-12-14 16-06-23](https://user-images.githubusercontent.com/71888455/146214233-7a48ce44-29da-4fc8-a8bd-768d8c6d7421.png) + + +# SLA + +Nós validadores devem estar operacionais pelo menos ?% do tempo. + + +Nós boot e registradores devem estar operacionais pelo menos ?% do tempo. Obs.: Nós registradores também precisam respeitar SLA da aplicação que está oferecendo. + +# Implementação + +A troca de mensagens de monitoramento não deve impactar negativamente no desempenho dos nós da RBB + +A comunicação das métricas coletadas entre as diferentes instituições seguirá o formato de dados do Prometheus. O Prometheus pode ser utilizado para a coleta, armazenamento e consulta de métricas, mas as instituições também podem optar por outra ferramenta de monitoração. + +Não existe nenhuma restrição para seleção de ferramenta de gestão de incidentes. A instituição pode selecionar a mais adequada segundo a operação de sua produção de TI. + +Além de servir para geração de incidentes, as métricas listadas também podem ser apresentadas em dashboards. Caso as instituições participantes optem pela adoção do Grafana, existe um modelo disponível gerado pelo BNDES. + + +![Captura de tela de 2021-12-13 13-56-52](https://user-images.githubusercontent.com/71888455/146039396-ff30f6e3-aa6a-454f-81c4-0860e2dcb49b.png) + + + + + + + + diff --git a/rbb-setup.tgz b/rbb-setup.tgz new file mode 100644 index 00000000..fd379589 Binary files /dev/null and b/rbb-setup.tgz differ diff --git a/roteiro_adesao.md b/roteiro_adesao.md new file mode 100644 index 00000000..2bb4ce15 --- /dev/null +++ b/roteiro_adesao.md @@ -0,0 +1,23 @@ +# Roteiro para solicitação de adesão à RBB + +Nos procedimentos abaixo, todos os documentos são digitais e suas assinaturas, quando requeridas, deverão seguir as especificações da ICP-Brasil. Os documentos solicitados podem ser enviados para o e-mail blockchaingov@bndes.gov.br (não obrigatório). + +Os solicitantes à RBB devem: +- Preencher, assinar e apresentar o [Termo de Adesão](documentos/Termo-de-Adesao_RBB.docx). Sobre o seu preenchimento: + - O Termo de Adesão deverá especificar se o novo aderente será um **Partícipe Parceiro** ou um **Partícipe Associado**, conforme detalhado no [Acordo de Cooperação](documentos/ACT_TCU_BNDES_RBB.pdf), Cláusula II, Parágrafo I. + - Preencher a designação de representantes para acompanhar o Acordo, conforme o [Acordo de Cooperação](documentos/ACT_TCU_BNDES_RBB.pdf), Cláusula II, Inciso X. + - Caso seja enviado o modelo anterior de Termo de Adesão, sem a indicação do representante, poderá ser usado o [modelo de carta de indicação de representante](documentos/Modelo-Carta-indicação-representante.doc). +- Os representantes indicados no item anterior devem assinar o [Termo de Confidencialidade](documentos/Termo_de_Confidencialidade_RBB.docx). + - O Termo de Confidencialidade pode ser apresentado posteriormente à aceitação do novo partícipe. +- Entidades nacionais de direito privado sem fins lucrativos ou empresas estatais, federais, estaduais, municipais e distritais devem: + - Apresentar Estatuto ou Contrato Social, acompanhado dos atos constitutivos e/ou modificativos, oficialmente arquivados e publicados. + - Ata da Assembleia Geral e, se for o caso, Ata da Reunião do Conselho de Administração em que houver sido eleita a diretoria em exercício, oficialmente arquivadas e publicadas. No caso de não haver diretoria, apresentar a Ata referente ao órgão de administração. + - No caso de entidade de direito privado sem fins lucrativos, apresentar um relato da experiência da entidade na tecnologia blockchain de tal forma a atender a Cláusula II, Parágrafo IV, Inciso III do [Acordo de Cooperação](documentos/ACT_TCU_BNDES_RBB.pdf). + - Quando cabível, preencher [declaração](documentos/Declaração_Parte_Relacionada.doc) de que não é Parte Relacionada às Empresas do Sistema BNDES (em observância à Política para Transações com Partes Relacionadas do Sistema BNDES). Ser Parte Relacionada não impede a adesão à RBB. +- Estados, municípios ou distrito federal ou qualquer órgão ou entidade da administração pública direta federal, estadual, municipal e distrital, autarquias e fundações de direito público federais, estaduais, distritais ou municipais ou órgão ou entidade do poder legislativo ou do poder judiciário devem: + - Apresentar Decreto ou Ato de criação do órgão/Lei instituidora, além de cópia do Estatuto/Regimento Interno. + - Apresentar Ato do Chefe do Poder Executivo de nomeação do dirigente/representante legal. + - Se o Partícipe Aderente for Estado, Distrito Federal e Município ou órgão ou entidade de sua Administração Pública Direta, deverá ser apresentada, ainda: + - A respectiva Constituição (Estados) ou Lei Orgânica (Distrito Federal ou Municípios) e eventuais emendas, acompanhada de declaração do representante do Partícipe Aderente informando que não houve alterações posteriores no texto. + - Certidão Negativa de Débitos relativos aos Tributos Federais e à Dívida Ativa da União (CND) ou Certidão Positiva com Efeitos de Negativa de Débitos relativos aos Tributos Federais e à Dívida Ativa da União (CPEND), expedida conjuntamente pela Secretaria da Receita Federal do Brasil (RFB) e pela Procuradoria-Geral da Fazenda Nacional (PGFN), por meio de INTERNET, a ser extraída no endereço www.receita.fazenda.gov.br ou www.pgfn.fazenda.gov.br. + - Comprovação da regularidade previdenciária relacionada ao regime próprio de previdência social, mediante a apresentação do Certificado de Regularidade Previdenciária - CRP, expedido pelo Ministério da Previdência e Assistência Social, por meio da INTERNET, nos endereços www.previdenciasocial.gov.br ou www.receita.fazenda.gov.br ou [declaração](documentos/Declaração_Previdência.doc) firmada pelos representantes legais do Partícipe Aderente. diff --git a/roteiro_monitoramento_ethstats.md b/roteiro_monitoramento_ethstats.md new file mode 100644 index 00000000..0a226778 --- /dev/null +++ b/roteiro_monitoramento_ethstats.md @@ -0,0 +1,168 @@ +# Roteiro de Instalação do EthStats. + +## EthStats + +Executar o EthStats Lite em nodes do Besu. + +### Instalando o Servidor + +Obter o repositório: + +~~~shell +git clone https://github.com/Alethio/ethstats-network-server.git +~~~ + +Ir até `/ethstats-network-server/docker/lite-mode/memory-persistence directory`: + +~~~shell +cd ethstats-network-server/docker/lite-mode/memory-persistence +~~~ + +Atualizar o arquivo `docker-compose.yml` com o configurações da rede: + + - NETWORK_ID=648629 + - NETWORK_NAME=RBB + - NETSTATS_API_URL=`http://`:3030 + - DS_URL=``:6020 + - DS_USER=frontend + - DS_PASS=password + +Ajustar as portas de acesso. + +- ports: + - 3000:3000 + - 3030:3030 + - 8888:8888 + - 6020:6020 + - 80:80 + +Arquivo fica em `ethstats-network-server/docker/lite-mode/memory-persistence/docker-compose.yml` + +Conteúdo do arquivo `docker-compose.yml` utilizado: + +~~~yaml +version: '3.7' +services: + server: + container_name: ethstats-network-server + image: alethio/ethstats-network-server:latest + restart: always + depends_on: + - deepstream + ports: + - 3000:3000 + - 3030:3030 + - 8888:8888 + environment: + - NETWORK_ID=648629 + - NETWORK_NAME=RBB + - LITE=1 + - LITE_DB_PERSIST=0 + - LITE_API_PORT=3030 + - APP_PORT=3000 + - METRICS_PORT=8888 + - DEEPSTREAM_HOST=deepstream + command: ["./bin/app.js", "-v"] + deepstream: + container_name: ethstats-network-deepstream + image: deepstreamio/deepstream.io:3.2.2 + restart: always + ports: + - 6020:6020 + dashboard: + container_name: ethstats-network-dashboard + image: alethio/ethstats-network-dashboard:latest + restart: always + depends_on: + - server + volumes: + - ../../config/nginx/conf.d:/etc/nginx/conf.d + ports: + - 80:80 + environment: + - NETSTATS_API_URL=http://:3030 + - DS_URL=:6020 + - DS_USER=frontend + - DS_PASS=password +~~~ + + + +Iniciar o servidor EthStats com Docker compose: + +~~~shell +docker-compose up -d +~~~ + +Acessar o dashboard em: `http://` no navegador. + + +### Iniciando o cliente nos nodes da rede. + +Para adaptar o cliente para se comunicar com a nossa rede do Laboratório, foi necessário realizar os seguintes procedimentos em cada um dos servidores (bootnode, writer e validators): + + +1- Parar/Remover container que esteja em execução com o cliente + +~~~shell +# Consultar processos em execução com docker ps +docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +3e68206d5644 alethio/ethstats-cli "./bin/ethstats-cli.…" 5 weeks ago Up 12 days silly_wiles + +# Parar o container +docker stop 3e68206d5644 +docker rm 3e68206d5644 +~~~ + +2- Caso esteja seguinto o roteiro de instalação utilizando o rbb-cli: + + 2.1 : rbb-cli: + +~~~shell + ./rbb-cli config set nodes.validator.ports+=[\"4546:4546\"] + ./rbb-cli config set nodes.validator.environment.BESU_RPC_WS_ENABLED=true + ./rbb-cli config set nodes.validator.environment.BESU_RPC_WS_PORT=4546 + ./rbb-cli config render-templates + +~~~ + + 2.2 : Caso contrário, criar as variáveis de ambiente no docker-compose (`docker-compose.yml`) + +- environment: + BESU_RPC_WS_ENABLED: "true" + BESU_RPC_WS_PORT: "4546" +- ports: + - 4546:4546 + + +docker-compose up -d + + +3- Modificar no arquivo `/opt/ethstats-cli/ethstats-cli.json`, o `secretKey` com a senha de acesso ao servidor EthStats (configurado em `DS_PASS`) e `firstRun` para `true`. + +~~~shell + "secretKey": "SenhaDeAcessoAoEthstatsServer", + "firstRun": true +~~~ + +3-Iniciar nova instância do `alethio/ethstats-cli`, passando as configurações: + +* --node-name +* --account-email +* --server-url +* --client-url + +Exemplo: + +~~~shell +docker run -d --restart always --net host -v /opt/ethstats-cli/:/root/.config/configstore/ alethio/ethstats-cli --register --account-email rbb@exemplo.gov.br --node-name "" --server-url http://:3000 --client-url ws://127.0.0.1:4546 +~~~ + +Com tudo configurado adequadamente espera-se obter uma tela parecida com a imagem abaixo: + +##### EthStats da Rede Teste RBB + +![EthStats da Rede Teste RBB](imagens/ethstats.JPG) + + diff --git "a/tecnico/Observer/Apresenta\303\247\303\243o Observer.pdf" "b/tecnico/Observer/Apresenta\303\247\303\243o Observer.pdf" new file mode 100644 index 00000000..aee1a62d Binary files /dev/null and "b/tecnico/Observer/Apresenta\303\247\303\243o Observer.pdf" differ diff --git "a/tecnico/Observer/Apresenta\303\247\303\243o Observer.pptx" "b/tecnico/Observer/Apresenta\303\247\303\243o Observer.pptx" new file mode 100644 index 00000000..320b4ed9 Binary files /dev/null and "b/tecnico/Observer/Apresenta\303\247\303\243o Observer.pptx" differ