Deploy monitoring via Ansible

README.md

@@ -100,6 +100,8 @@ You can use this wallet by running the `chainnet-nespv` wallet to send transacti
 $ ./bin/chainnet-nespv send --config default-config.yaml --address random --amount 1 --fee 10 --wallet-key-path <wallet.pem>
 ```
 
+`todo()`: add example with P2PKH payment too  
+
 ### Step 3: Extract the Public Key in Base58 Format
 To receive rewards, you'll need to extract the public key from the wallet in `base58` format. This can be done as follows:
 ```bash
@@ -147,12 +149,12 @@ $ docker run -v ./path/to/data:/data -e CONFIG_FILE=/data/config.yaml -p 8080:80
 ### Remote nodes with Ansible
 Running the `chainnet-node` on a remote node:
 ```bash
-$ ansible-playbook -i ansible/hosts.ini ansible/deploy.yml -e "target=node config=../config/examples/seed-node-config.yaml"
+$ ansible-playbook -i ansible/inventories/seed/hosts.ini -e @ansible/config/node-seed.yml ansible/playbooks/blockchain.yml
 ```
 
 Running the `chainnet-miner` on a remote node:
 ```bash
-$ ansible-playbook -i ansible/hosts.ini ansible/deploy.yml -e "target=miner config=../config/examples/seed-node-config.yaml"
+$ ansible-playbook -i ansible/inventories/seed/hosts.ini -e @ansible/config/miner-seed.yml ansible/playbooks/blockchain.yml
 ```
 
 ### Run in Kubernetes 
@@ -172,7 +174,21 @@ Generate a ECDSA `secp256r1` private key in PEM format:
 $ openssl ecparam -name prime256v1 -genkey -noout -out ecdsa-priv-key.pem
 ```
 
+## Setting up monitoring with Prometheus and Grafana
+In order to provide monitoring Grafana, Prometheus and Nginx must be installed. You can do so by running the following 
+Ansible playbook: 
+```bash
+$ ansible-playbook -i ansible/inventories/seed/hosts.ini ansible/playbooks/monitoring.yml
+```
+
+Once the monitoring stack is installed and you have configured the domain requested to the correct IP, you can access 
+the Grafana dashboard at `URL` and admin credentials. 
 
+If you need to enable HTTPS, you can use `Certbot` to generate the keys and certificates for the domain via the following 
+playbook: 
+```bash
+$ ansible-playbook -i ansible/inventories/seed/hosts.ini -l seed-1.chainnet.yago.ninja ansible/playbooks/monitoringTLS.yml -e "certificate_domain=dashboard.chainnet.yago.ninja certificate_email=me@yago.ninja"
+```
 ## Architecture
 ```ascii
 ┌──────────────────┐                 ┌──────────────────┐

ansible/config/miner-seed.yml

@@ -0,0 +1,2 @@
+target: miner
+config: ../../config/examples/seed-node-config.yaml

ansible/config/node-seed.yml

@@ -0,0 +1,2 @@
+target: node
+config: ../../config/examples/seed-node-config.yaml

ansible/playbooks/blockchain.yml

@@ -0,0 +1,17 @@
+---
+- name: Deploy Chainnet blockchain on the network
+  hosts: all
+  become: true  # Use sudo privileges
+  become_method: sudo
+  vars:
+    app_dir: /var/chainnet
+    config: 'default-config.yaml'
+    repo_url: 'https://github.com/yago-123/chainnet.git'
+    branch: 'add-grafana-monitoring'
+    go_version: '1.23.0'
+    go_tar: "/tmp/go{{ go_version }}.linux-amd64.tar.gz"
+    go_code: /usr/local
+    go_bin_path: "{{ go_code }}/go/bin"
+    target: "{{ node }}"
+  roles:
+    - blockchain

ansible/playbooks/monitoring.yml

@@ -0,0 +1,7 @@
+---
+- name: Install Prometheus, Grafana, and Nginx
+  hosts: all
+  become: true
+  become_method: sudo
+  roles:
+    - monitoring

ansible/playbooks/monitoringTLS.yml

@@ -0,0 +1,8 @@
+- name: Setup Certbot and Configure SSL
+  become: yes
+  hosts: all
+  vars:
+    certificate_domain: dashboard.chainnet.yago.ninja
+    certificate_email: me@yago.ninja
+  roles:
+    - monitoringTLS

ansible/playbooks/roles/blockchain/tasks/main.yml

@@ -0,0 +1,99 @@
+---
+- name: Ensure apt is up to date and install necessary packages
+  apt:
+    update_cache: yes
+    name:
+      - make
+      - protobuf-compiler
+    state: present
+  tags:
+    - update
+    - packages
+
+- name: Create application directory
+  file:
+    path: "{{ app_dir }}"
+    state: directory
+    mode: '0755'
+  tags:
+    - directory
+
+- name: Clone the repository
+  git:
+    repo: "{{ repo_url }}"
+    dest: "{{ app_dir }}"
+    version: "{{ branch }}"
+    force: yes
+    update: yes
+  tags:
+    - git
+
+- name: Download and install Go binary
+  block:
+    - name: Download Go binary
+      get_url:
+        url: "https://go.dev/dl/go{{ go_version }}.linux-amd64.tar.gz"
+        dest: "{{ go_tar }}"
+
+    - name: Extract Go binary
+      unarchive:
+        src: "{{ go_tar }}"
+        dest: "{{ go_code }}"
+        remote_src: yes
+  tags:
+    - go
+
+- name: Install Go tools
+  shell: |
+    go install google.golang.org/protobuf/cmd/protoc-gen-go@latest && \
+    go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest
+  environment:
+    PATH: "{{ go_bin_path }}"
+  tags:
+    - go-tools
+
+- name: Build the application with make
+  shell: make {{ target }}
+  args:
+    chdir: "{{ app_dir }}"
+  environment:
+    PATH: "/usr/bin:{{ ansible_env.PATH }}:{{ go_bin_path }}:{{ ansible_env.HOME }}/go/bin"
+  tags:
+    - build
+
+- name: Copy the configuration file
+  copy:
+    src: "{{ config }}"
+    dest: "{{ app_dir }}/config.yaml"
+    mode: '0644'
+
+- name: Check if identity file path is defined
+  debug:
+    msg: "The identity file path is not defined for this host."
+  when: identity_path is not defined
+
+- name: Copy identity file to the target machine
+  copy:
+    src: "{{ identity_path }}"
+    dest: "{{ app_dir }}/identity.pem"
+    mode: '0600'
+  when: identity_path is defined
+
+- name: Template systemd service file
+  template:
+    src: "templates/systemd-chain.service.j2"
+    dest: "/etc/systemd/system/{{ target }}.service"
+    mode: '0644'
+
+- name: Reload systemd daemon
+  command: systemctl daemon-reload
+
+- name: Enable service
+  systemd:
+    name: "{{ target }}"
+    enabled: yes
+
+- name: Restart service
+  systemd:
+    name: "{{ target }}"
+    state: restarted

ansible/playbooks/roles/monitoring/files/prom.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=Prometheus Monitoring
+After=network.target
+
+[Service]
+User=root
+ExecStart=/usr/local/bin/prometheus \
+  --config.file=/etc/prometheus/prometheus.yml \
+  --web.listen-address="0.0.0.0:9092"
+[Install]
+WantedBy=multi-user.target

ansible/playbooks/roles/monitoring/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: Reload Nginx
+  systemd:
+    name: nginx
+    state: reloaded

ansible/playbooks/roles/monitoring/tasks/01_install_dependencies.yml

@@ -0,0 +1,12 @@
+---
+- name: Install prerequisites
+  apt:
+    name:
+      - wget
+      - curl
+      - gnupg
+      - apt-transport-https
+      - software-properties-common
+      - nginx
+    state: present
+    update_cache: yes

ansible/playbooks/roles/monitoring/tasks/02_install_prometheus.yml

@@ -0,0 +1,38 @@
+---
+- name: Download Prometheus binary
+  get_url:
+    url: "https://github.com/prometheus/prometheus/releases/download/v2.47.0/prometheus-2.47.0.linux-amd64.tar.gz"
+    dest: /tmp/prometheus.tar.gz
+
+- name: Extract Prometheus binary
+  unarchive:
+    src: /tmp/prometheus.tar.gz
+    dest: /opt/
+    remote_src: yes
+
+- name: Move Prometheus binaries
+  command: mv /opt/prometheus-2.47.0.linux-amd64/prometheus /usr/local/bin/
+
+- name: Move Prometheus related files
+  copy:
+    src: /opt/prometheus-2.47.0.linux-amd64/
+    dest: /etc/prometheus/
+    remote_src: yes
+
+- name: Provide Prometheus configuration
+  template:
+    src: templates/prometheus.yml.j2
+    dest: /etc/prometheus/prometheus.yml
+    mode: '0644'
+
+- name: Create Prometheus systemd service file
+  template:
+    src: files/prom.service
+    dest: /etc/systemd/system/prometheus.service
+    mode: '0644'
+
+- name: Start Prometheus service
+  systemd:
+    name: prometheus
+    enabled: true
+    state: started