feat: enable telegraf geoip role for peer cache

resources/ansible/peer_cache_node.yml

@@ -22,6 +22,8 @@
     - antctl
     - role: telegraf-configuration
       become: True
+    - role: telegraf-geoip
+      become: True
     - node
     - role: cache_webserver
       become: True

resources/ansible/roles/cache_webserver/tasks/main.yml

@@ -22,6 +22,11 @@
     dest: /etc/nginx/sites-available/default
   when: json_files.matched > 0
 
+- name: ensure nginx status site file is set
+  template:
+    src: nginx_status.conf.j2
+    dest: /etc/nginx/sites-available/nginx_status
+
 - name: reload nginx to apply changes
   service:
     name: nginx

resources/ansible/roles/cache_webserver/templates/nginx.conf.j2

@@ -1,6 +1,12 @@
 server {
     listen 80;
 
+    location / {
+        access_log off;
+        log_not_found off;
+        return 404;
+    }
+
     location /bootstrap_cache.json {
         alias {{ bootstrap_cache_dir }}/{{ json_files.files[0].path | basename }};
     }

resources/ansible/roles/cache_webserver/templates/nginx_status.conf.j2

@@ -0,0 +1,9 @@
+server {
+    listen 127.0.0.1:8080;
+
+    location /nginx_status {
+        stub_status;
+        allow 127.0.0.1;
+        deny all;
+    }
+}

resources/ansible/roles/prerequisites/tasks/main.yml

@@ -38,6 +38,30 @@
   retries: 20
   delay: 10
 
+- name: prerequisites for telegraf-geoip
+  apt:
+    name: 
+      - golang-go
+    state: present
+
+- name: clone telegraf-geoip repo
+  ansible.builtin.git:
+    repo: https://github.com/a-bali/telegraf-geoip
+    dest: /root/telegraf-geoip
+
+- name: build telegraf-geoip
+  ansible.builtin.shell: |
+    cd /root/telegraf-geoip
+    go build -o geoip cmd/main.go
+
+- name: copy telegraf-geoip to /usr/local/bin
+  ansible.builtin.command:
+    cmd: cp /root/telegraf-geoip/geoip /usr/local/bin/
+
+- name: set permissions for telegraf-geoip
+  ansible.builtin.command:
+    cmd: chmod 755 /usr/local/bin/geoip
+
 # Retry logic for other package installations
 - name: install packages
   ansible.builtin.package:
@@ -59,3 +83,4 @@
 
 - name: Install boto3
   ansible.builtin.command: pip3 install boto3 --prefix /usr
+

resources/ansible/roles/telegraf-configuration/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-network_dashboard_branch: rc-2024.12.1
+network_dashboard_branch: main
 network_dashboard_github_url: git@github.com:maidsafe/network-dashboard.git
 network_dashboard_repo_path: /root/network-dashboard
 network_dashboard_sk_path: /root/.ssh/network-dashboard

resources/ansible/roles/telegraf-configuration/tasks/main.yml

@@ -93,6 +93,12 @@
     path: /etc/telegraf-elasticsearch
     state: directory
 
+# This empty dir is required for the service to work.
+- name: create telegraf-elasticsearch.d subdir
+  file:
+    path: /etc/telegraf-elasticsearch/telegraf-elasticsearch.d
+    state: directory
+
 - name: copy telegraf elasticsearch config file from network dashboard repo
   copy:
     src: "{{ network_dashboard_repo_path }}/telegraf/ConfigurationFile/antnodes/telegraf_ant_multi_node_elasticsearch.conf"

resources/ansible/roles/telegraf-geoip/defaults/main.yml

@@ -0,0 +1,5 @@
+---
+network_dashboard_branch: main
+network_dashboard_github_url: git@github.com:maidsafe/network-dashboard.git
+network_dashboard_repo_path: /root/network-dashboard
+network_dashboard_sk_path: /root/.ssh/network-dashboard

resources/ansible/roles/telegraf-geoip/tasks/main.yml

@@ -0,0 +1,103 @@
+---
+# This role has to be run after the telegraf-configuration role.
+- name: stop telegraf service
+  systemd:
+    name: telegraf
+    state: stopped
+
+- name: stop telegraf-elasticsearch service
+  systemd:
+    name: telegraf-elasticsearch
+    state: stopped
+
+- name: ensure target directory exists
+  file:
+    path: "{{ network_dashboard_repo_path }}"
+    state: directory
+
+- name: check if network dashboard repo already cloned
+  stat:
+    path: "{{ network_dashboard_repo_path }}/.git"
+  register: repo_stat
+
+- name: clone the network dashboard repo
+  git:
+    repo: "{{ network_dashboard_github_url }}"
+    dest: "{{ network_dashboard_repo_path }}"
+    version: "{{ network_dashboard_branch }}"
+    key_file: "{{ network_dashboard_sk_path }}"
+    accept_hostkey: yes
+  when: not repo_stat.stat.exists
+
+- name: ensure GeoIP directory exists
+  file:
+    path: /var/lib/geoip
+    state: directory
+    mode: '0755'
+
+- name: copy over MaxMind's GeoIP
+  copy:
+    src: "{{ network_dashboard_repo_path }}/telegraf/Plugins/geoip/GeoLite2-City.mmdb"
+    dest: /var/lib/geoip/GeoLite2-City.mmdb
+    mode: '0644'
+    remote_src: yes
+
+- name: copy over Telegraf-Geoip Processor Plugin configuration file
+  copy:
+    src: "{{ network_dashboard_repo_path }}/telegraf/Plugins/geoip/geoip_config_file_influxdb"
+    dest: /var/lib/geoip/geoip_config_file_influxdb
+    mode: '0644'
+    remote_src: yes
+
+- name: copy over Telegraf-Geoip Processor Plugin configuration file
+  copy:
+    src: "{{ network_dashboard_repo_path }}/telegraf/Plugins/geoip/geoip_config_file_elasticsearch"
+    dest: /var/lib/geoip/geoip_config_file_elasticsearch
+    mode: '0644'
+    remote_src: yes
+
+- name: Add telegraf user to adm group
+  user:
+    name: telegraf
+    groups: adm
+    append: yes
+
+- name: copy telegraf nginx config file
+  copy:
+    src: "{{ network_dashboard_repo_path }}/telegraf/ConfigurationFile/peer_cache_nodes/telegraf_nginx.conf"
+    dest: /etc/telegraf/telegraf.d/telegraf_nginx.conf
+    remote_src: yes
+
+- name: create telegraf-elasticsearch.d subdir
+  file:
+    path: /etc/telegraf-elasticsearch/telegraf-elasticsearch.d
+    state: directory
+    mode: '0755'
+
+- name: copy telegraf nginx elasticsearch config file
+  copy:
+    src: "{{ network_dashboard_repo_path }}/telegraf/ConfigurationFile/peer_cache_nodes/telegraf_nginx_elasticsearch.conf"
+    dest: /etc/telegraf-elasticsearch/telegraf-elasticsearch.d/telegraf_nginx_elasticsearch.conf
+    remote_src: yes
+
+- name: copy telegraf elasticsearch system service file
+  copy:
+    src: "{{ network_dashboard_repo_path }}/telegraf/SystemServiceFile/telegraf-elasticsearch.service"
+    dest: /lib/systemd/system/telegraf-elasticsearch.service
+    remote_src: yes
+
+- name: reload the configuration files for systemctl daemon
+  become: True
+  command: systemctl daemon-reload
+
+- name: start telegraf-elasticsearch service
+  systemd:
+    name: telegraf-elasticsearch
+    enabled: yes
+    state: started
+
+- name: start telegraf service
+  systemd:
+    name: telegraf
+    enabled: yes
+    state: started

resources/terraform/testnet/digital-ocean/dev.tfvars

@@ -3,10 +3,10 @@ evm_node_droplet_image_id = 172723723
 evm_node_vm_count = 1
 nat_gateway_droplet_image_id = 172724206
 node_droplet_size = "s-4vcpu-8gb"
-node_droplet_image_id = 172724059
+node_droplet_image_id = 173265007
 node_vm_count = 10
 peer_cache_droplet_size = "s-2vcpu-4gb"
-peer_cache_droplet_image_id = 172723952
+peer_cache_droplet_image_id = 173264988
 peer_cache_node_vm_count = 3
 private_node_vm_count = 1
 setup_nat_gateway = true

resources/terraform/testnet/digital-ocean/staging.tfvars

@@ -3,10 +3,10 @@ evm_node_droplet_image_id = 172723723
 evm_node_vm_count = 1
 nat_gateway_droplet_image_id = 172724206
 node_droplet_size = "s-4vcpu-8gb"
-node_droplet_image_id = 172724059
+node_droplet_image_id = 173265007
 node_vm_count = 39
 peer_cache_droplet_size = "s-2vcpu-4gb"
-peer_cache_droplet_image_id = 172723952
+peer_cache_droplet_image_id = 173264988
 peer_cache_node_vm_count = 3
 private_node_vm_count = 1
 setup_nat_gateway = true

src/ansible/inventory.rs

@@ -8,7 +8,7 @@ use super::AnsibleRunner;
 use crate::{
     ansible::AnsibleBinary, error::Error, inventory::VirtualMachine, run_external_command, Result,
 };
-use log::{debug, warn};
+use log::{debug, error, warn};
 use serde::Deserialize;
 use std::{
     collections::HashMap,
@@ -229,10 +229,13 @@ pub fn generate_environment_inventory(
             continue;
         }
 
-        let mut contents = std::fs::read_to_string(src_path)?;
+        let mut contents = std::fs::read_to_string(src_path).inspect_err(|err| {
+            error!("Failed to read inventory template file at {src_path:?}: {err}",)
+        })?;
         contents = contents.replace("env_value", environment_name);
         contents = contents.replace("type_value", inventory_type.tag());
-        std::fs::write(&dest_path, contents)?;
+        std::fs::write(&dest_path, contents)
+            .inspect_err(|err| error!("Failed to write inventory file at {dest_path:?}: {err}",))?;
         debug!("Created inventory file at {dest_path:#?}");
     }