This service provides a containerized faucet server for providing a custom token and ETH using Docker Compose. The server can be deployed to production using the included Ansible playbooks, or deployed locally using Docker.
- Copy over config file
cp faucet-service.env.example faucet-service.env- Update the config to reflect your environment. If you're running it locally you'll want to open the server up to localhost connections. If you are deploying remotely you'll want to ensure that only certain domains are allowed; i.e.
http://faucet.medcredits.io. A local env file may look like:
# faucet-service.env
FAUCET_CONFIG_API_CORS_ORIGINS=["http://localhost:3000"]Docker must be installed.
- Start the localhost server
./up.sh- Stop the localhost server
./down.shLogs are available at /docker/var/logs or you can view the live container logs:
cd docker
docker-compose logs -fAnsible is a server orchestration tool that simply connects to remote instances using SSH. You can create or update an EC2 instance using the provided Ansible playbook.
You'll need to acquire the correct EC2 key-pair pem file and set up SSH. You can place the key-pair pem file in ~/.ssh and update ~/.ssh/config appropriately:
# ~/.ssh/config
Host <18.210.76.115> <-- [Or your elastic IP here]
StrictHostKeyChecking no
HostName 18.210.76.115
User ec2-user
IdentityFile ~/.ssh/faucet-key-pair.pemNote the Host is faucet. This is required by the Ansible playbooks.
Make sure to create a new security group before running Ansible, open up SSH for your IP address on that security group, and write the security group's ID in the playbook under: group_id
Ansible requires hosts to be configured. In Ansible parlance this represents your 'inventory'. Hosts are the machines it connects to.
- Create ~/.ansible.cfg that defines where the host file is:
# ~/.ansible.cfg
[defaults]
inventory = ~/.ansible/hosts- Create a hosts file with the AWS elastic IP in ~/.ansible/hosts:
# ~/.ansible/hosts
[faucet-server]
<ec2.elastic-ip.here>
[local]
localhost ansible_connection=localAnsible requires the user to have SSH access to the remote machine that it manages. Make sure you have an AWS MedCredits IAM account with the 'developer' group. Ensure your credentials have been added to your ~/.aws/credentials file:
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
[medcredits]
aws_access_key_id = ...
aws_secret_access_key = ...
Once your credentials have been added, export them into your terminal session. To easily export any AWS profile to your terminal have a look at this bash function. Otherwise you can simply export AWS_ACCES... with cut-and-paste.
The Ansible playbook will update the configuration for the existing server, or create a new one if it doesn't exist. The playbook expects an Elastic IP to exist with the ip 18.210.76.115.
NOTE: This Ansible playbook needs to run a couple of times. Once to wait for the server to start, another to wait for the docker service. You'll likely have to run it a couple of times if you're starting from scratch.
- Ensure the faucet-service.env file has been configured for a production deploy:
# faucet-service.env
FAUCET_CONFIG_API_CORS_ORIGINS=["https://hippocrates.medcredits.io"]- If the server has been setup previously, skip to step 3. Otherwise setup a new server:
ansible-playbook setup-playbook.yml- To update the docker configuration and standard HTTP nginx config run:
ansible-playbook update-playbook.ymlOnce the service is running, you can connect to Faucet as you would normally. The container exposes the port 8080 and proxies traffic to port 80.
If after running docker-compose up you see an error like Error: api not running you will need to delete
the 'api' file in the Faucet repo directory. The docker-compose.yml places this at ~/.faucet-service/data/api
- Add a CRON job to renew the certificate
- Add to the README how to request the certificate initially
- Figure out upgrading pip, used sudo to upgrade it after ssh'ing in
- Had to run
sudo ln -s /usr/local/bin/pip /usr/bin/pipthrough ssh as sudo couldn't find pip