81 lines
3.7 KiB
Bash
Executable File
81 lines
3.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Deploy canonical static-nodes.json and permissions-nodes.toml to ALL Besu nodes.
|
|
# Source: config/besu-node-lists/ (single source of truth).
|
|
# Ensures identical node lists on every validator, sentry, and RPC for correct permissioning.
|
|
#
|
|
# Usage: ./scripts/deploy-besu-node-lists-to-all.sh [--dry-run]
|
|
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
|
|
source "${PROJECT_ROOT}/scripts/lib/load-project-env.sh" 2>/dev/null || true
|
|
|
|
SSH_OPTS=(-o ConnectTimeout=20 -o ServerAliveInterval=15 -o ServerAliveCountMax=3 -o StrictHostKeyChecking=accept-new)
|
|
|
|
DRY_RUN=false
|
|
[[ "${1:-}" == "--dry-run" ]] && DRY_RUN=true
|
|
|
|
STATIC="${PROJECT_ROOT}/config/besu-node-lists/static-nodes.json"
|
|
PERMS="${PROJECT_ROOT}/config/besu-node-lists/permissions-nodes.toml"
|
|
|
|
if [[ ! -f "$STATIC" ]] || [[ ! -f "$PERMS" ]]; then
|
|
echo "ERROR: Canonical files not found:" >&2
|
|
[[ ! -f "$STATIC" ]] && echo " $STATIC" >&2
|
|
[[ ! -f "$PERMS" ]] && echo " $PERMS" >&2
|
|
echo "See config/besu-node-lists/README.md" >&2
|
|
exit 1
|
|
fi
|
|
|
|
host_for_vmid() {
|
|
local vmid="$1"
|
|
if type get_host_for_vmid >/dev/null 2>&1; then
|
|
get_host_for_vmid "$vmid"
|
|
elif [[ "$vmid" -le 1002 ]] || [[ "$vmid" == "1500" ]] || [[ "$vmid" == "1501" ]] || [[ "$vmid" == "1502" ]] || [[ "$vmid" == "2101" ]]; then
|
|
echo "${PROXMOX_R630_01:-${PROXMOX_HOST_R630_01:-192.168.11.11}}"
|
|
elif [[ "$vmid" == "2201" ]] || [[ "$vmid" == "2303" ]] || [[ "$vmid" == "2401" ]]; then
|
|
echo "${PROXMOX_R630_02:-${PROXMOX_HOST_R630_02:-192.168.11.12}}"
|
|
else
|
|
echo "${PROXMOX_HOST_ML110:-192.168.11.10}"
|
|
fi
|
|
}
|
|
|
|
BESU_VMIDS=(1000 1001 1002 1003 1004 1500 1501 1502 1503 1504 1505 1506 1507 1508 2101 2102 2201 2301 2303 2304 2305 2306 2307 2308 2400 2401 2402 2403)
|
|
|
|
echo "Deploying Besu node lists from config/besu-node-lists/ to all nodes"
|
|
echo " static-nodes.json -> /etc/besu/static-nodes.json"
|
|
echo " permissions-nodes.toml -> /etc/besu/permissions-nodes.toml"
|
|
echo ""
|
|
|
|
# Group by host to minimize scp/ssh
|
|
declare -A VMIDS_ON_HOST
|
|
for vmid in "${BESU_VMIDS[@]}"; do
|
|
host="$(host_for_vmid "$vmid")"
|
|
[[ -z "$host" ]] && continue
|
|
VMIDS_ON_HOST[$host]+=" $vmid"
|
|
done
|
|
|
|
for host in "${!VMIDS_ON_HOST[@]}"; do
|
|
vmids="${VMIDS_ON_HOST[$host]}"
|
|
echo "--- Host $host (VMIDs:${vmids}) ---"
|
|
if $DRY_RUN; then
|
|
echo " [dry-run] would scp and pct push to:${vmids}"
|
|
continue
|
|
fi
|
|
scp "${SSH_OPTS[@]}" -q "$STATIC" "$PERMS" "root@${host}:/tmp/" || { echo " Failed to scp to $host"; continue; }
|
|
for vmid in $vmids; do
|
|
if ssh "${SSH_OPTS[@]}" "root@${host}" "pct status $vmid 2>/dev/null | grep -q running" 2>/dev/null; then
|
|
# timeout: pct push can hang on slow storage; do not block the whole fleet deploy
|
|
ssh "${SSH_OPTS[@]}" "root@${host}" "timeout 180 bash -c 'pct push $vmid /tmp/static-nodes.json /etc/besu/static-nodes.json && pct push $vmid /tmp/permissions-nodes.toml /etc/besu/permissions-nodes.toml && (pct exec $vmid -- chown besu:besu /etc/besu/static-nodes.json /etc/besu/permissions-nodes.toml 2>/dev/null || pct exec $vmid -- chown root:root /etc/besu/static-nodes.json /etc/besu/permissions-nodes.toml 2>/dev/null)'" 2>/dev/null && echo " OK VMID $vmid" || echo " Skip/fail VMID $vmid"
|
|
else
|
|
echo " Skip VMID $vmid (not running)"
|
|
fi
|
|
done
|
|
ssh "${SSH_OPTS[@]}" "root@${host}" "rm -f /tmp/static-nodes.json /tmp/permissions-nodes.toml" 2>/dev/null || true
|
|
done
|
|
|
|
echo ""
|
|
echo "Done. To reload static-nodes.json and permissions-nodes.toml immediately, run:"
|
|
echo " bash scripts/besu/restart-besu-reload-node-lists.sh"
|