2026-02-12 15:46:57 -08:00
|
|
|
#!/usr/bin/env bash
|
2026-04-12 06:44:12 -07:00
|
|
|
# Deploy canonical static-nodes.json and permissions-nodes.toml to selected Besu nodes.
|
2026-02-12 15:46:57 -08:00
|
|
|
# Source: config/besu-node-lists/ (single source of truth).
|
|
|
|
|
# Ensures identical node lists on every validator, sentry, and RPC for correct permissioning.
|
|
|
|
|
#
|
2026-04-12 06:44:12 -07:00
|
|
|
# Usage:
|
|
|
|
|
# ./scripts/deploy-besu-node-lists-to-all.sh
|
|
|
|
|
# ./scripts/deploy-besu-node-lists-to-all.sh --vmid 2301
|
|
|
|
|
# ./scripts/deploy-besu-node-lists-to-all.sh --apply --vmid 2301
|
2026-02-12 15:46:57 -08:00
|
|
|
|
|
|
|
|
set -euo pipefail
|
|
|
|
|
|
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
|
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
2026-04-12 06:44:12 -07:00
|
|
|
source "${PROJECT_ROOT}/scripts/lib/load-project-env.sh"
|
2026-02-12 15:46:57 -08:00
|
|
|
|
2026-03-28 00:25:13 -07:00
|
|
|
SSH_OPTS=(-o ConnectTimeout=20 -o ServerAliveInterval=15 -o ServerAliveCountMax=3 -o StrictHostKeyChecking=accept-new)
|
|
|
|
|
|
2026-04-12 06:44:12 -07:00
|
|
|
DRY_RUN=true
|
|
|
|
|
TARGET_VMIDS=()
|
|
|
|
|
|
|
|
|
|
usage() {
|
|
|
|
|
cat <<'EOF'
|
|
|
|
|
Usage: ./scripts/deploy-besu-node-lists-to-all.sh [--apply] [--dry-run] [--vmid <N>]
|
|
|
|
|
|
|
|
|
|
Options:
|
|
|
|
|
--dry-run Print intended actions only (default)
|
|
|
|
|
--apply Push node-list files to selected nodes
|
|
|
|
|
--vmid <N> Limit to one VMID; repeatable
|
|
|
|
|
EOF
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
|
|
|
case "$1" in
|
|
|
|
|
--dry-run)
|
|
|
|
|
DRY_RUN=true
|
|
|
|
|
shift
|
|
|
|
|
;;
|
|
|
|
|
--apply)
|
|
|
|
|
DRY_RUN=false
|
|
|
|
|
shift
|
|
|
|
|
;;
|
|
|
|
|
--vmid)
|
|
|
|
|
[[ $# -ge 2 ]] || { usage >&2; exit 2; }
|
|
|
|
|
TARGET_VMIDS+=("$2")
|
|
|
|
|
shift 2
|
|
|
|
|
;;
|
|
|
|
|
-h|--help)
|
|
|
|
|
usage
|
|
|
|
|
exit 0
|
|
|
|
|
;;
|
|
|
|
|
*)
|
|
|
|
|
echo "Unknown argument: $1" >&2
|
|
|
|
|
usage >&2
|
|
|
|
|
exit 2
|
|
|
|
|
;;
|
|
|
|
|
esac
|
|
|
|
|
done
|
2026-02-12 15:46:57 -08:00
|
|
|
|
|
|
|
|
STATIC="${PROJECT_ROOT}/config/besu-node-lists/static-nodes.json"
|
|
|
|
|
PERMS="${PROJECT_ROOT}/config/besu-node-lists/permissions-nodes.toml"
|
|
|
|
|
|
|
|
|
|
if [[ ! -f "$STATIC" ]] || [[ ! -f "$PERMS" ]]; then
|
|
|
|
|
echo "ERROR: Canonical files not found:" >&2
|
|
|
|
|
[[ ! -f "$STATIC" ]] && echo " $STATIC" >&2
|
|
|
|
|
[[ ! -f "$PERMS" ]] && echo " $PERMS" >&2
|
|
|
|
|
echo "See config/besu-node-lists/README.md" >&2
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
2026-04-12 06:12:20 -07:00
|
|
|
BESU_VMIDS=(1000 1001 1002 1003 1004 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 2101 2102 2103 2201 2301 2303 2304 2305 2306 2307 2308 2400 2401 2402 2403)
|
2026-02-12 15:46:57 -08:00
|
|
|
|
2026-04-12 06:44:12 -07:00
|
|
|
selected_vmid() {
|
|
|
|
|
local vmid="$1"
|
|
|
|
|
[[ ${#TARGET_VMIDS[@]} -eq 0 ]] && return 0
|
|
|
|
|
local wanted
|
|
|
|
|
for wanted in "${TARGET_VMIDS[@]}"; do
|
|
|
|
|
[[ "$vmid" == "$wanted" ]] && return 0
|
|
|
|
|
done
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
echo "Deploying Besu node lists from config/besu-node-lists/ to selected nodes"
|
2026-02-12 15:46:57 -08:00
|
|
|
echo " static-nodes.json -> /etc/besu/static-nodes.json"
|
|
|
|
|
echo " permissions-nodes.toml -> /etc/besu/permissions-nodes.toml"
|
|
|
|
|
echo ""
|
|
|
|
|
|
|
|
|
|
# Group by host to minimize scp/ssh
|
|
|
|
|
declare -A VMIDS_ON_HOST
|
|
|
|
|
for vmid in "${BESU_VMIDS[@]}"; do
|
2026-04-12 06:44:12 -07:00
|
|
|
selected_vmid "$vmid" || continue
|
|
|
|
|
host="$(get_host_for_vmid "$vmid")"
|
2026-02-12 15:46:57 -08:00
|
|
|
[[ -z "$host" ]] && continue
|
|
|
|
|
VMIDS_ON_HOST[$host]+=" $vmid"
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
for host in "${!VMIDS_ON_HOST[@]}"; do
|
|
|
|
|
vmids="${VMIDS_ON_HOST[$host]}"
|
|
|
|
|
echo "--- Host $host (VMIDs:${vmids}) ---"
|
|
|
|
|
if $DRY_RUN; then
|
|
|
|
|
echo " [dry-run] would scp and pct push to:${vmids}"
|
|
|
|
|
continue
|
|
|
|
|
fi
|
2026-03-28 00:25:13 -07:00
|
|
|
scp "${SSH_OPTS[@]}" -q "$STATIC" "$PERMS" "root@${host}:/tmp/" || { echo " Failed to scp to $host"; continue; }
|
2026-02-12 15:46:57 -08:00
|
|
|
for vmid in $vmids; do
|
2026-03-28 00:25:13 -07:00
|
|
|
if ssh "${SSH_OPTS[@]}" "root@${host}" "pct status $vmid 2>/dev/null | grep -q running" 2>/dev/null; then
|
|
|
|
|
# timeout: pct push can hang on slow storage; do not block the whole fleet deploy
|
|
|
|
|
ssh "${SSH_OPTS[@]}" "root@${host}" "timeout 180 bash -c 'pct push $vmid /tmp/static-nodes.json /etc/besu/static-nodes.json && pct push $vmid /tmp/permissions-nodes.toml /etc/besu/permissions-nodes.toml && (pct exec $vmid -- chown besu:besu /etc/besu/static-nodes.json /etc/besu/permissions-nodes.toml 2>/dev/null || pct exec $vmid -- chown root:root /etc/besu/static-nodes.json /etc/besu/permissions-nodes.toml 2>/dev/null)'" 2>/dev/null && echo " OK VMID $vmid" || echo " Skip/fail VMID $vmid"
|
2026-02-12 15:46:57 -08:00
|
|
|
else
|
|
|
|
|
echo " Skip VMID $vmid (not running)"
|
|
|
|
|
fi
|
|
|
|
|
done
|
2026-03-28 00:25:13 -07:00
|
|
|
ssh "${SSH_OPTS[@]}" "root@${host}" "rm -f /tmp/static-nodes.json /tmp/permissions-nodes.toml" 2>/dev/null || true
|
2026-02-12 15:46:57 -08:00
|
|
|
done
|
|
|
|
|
|
|
|
|
|
echo ""
|
|
|
|
|
echo "Done. To reload static-nodes.json and permissions-nodes.toml immediately, run:"
|
2026-04-12 06:44:12 -07:00
|
|
|
echo " bash scripts/besu/restart-besu-reload-node-lists.sh --apply [--vmid <N>]"
|
