Ansible Automations

This guide is auto-synced from README.md in the pocket-automations repo. Edit it there — changes here are overwritten on every build.

Ansible automation for deploying Pocket Network provider infrastructure on Ubuntu.

The project targets operators who need a guided path from a small single-node setup to redundant production deployments. The default stack is:

  • pocketd from poktroll for Pocket Network CLI and chain interaction.
  • pocket-relay-miner for production relay serving, split into stateless relayers and stateful miners coordinated through Redis.
  • Igniter Provider as the mandatory staking operations platform.
  • Igniter Middleman as an optional delegator-facing staking application.

Product Boundary

Igniter owns supplier staking and staking lifecycle operations. Ansible does not submit supplier staking, service update, or unstaking transactions directly. Ansible prepares the infrastructure that Igniter needs, validates readiness, deploys dependencies, configures services, and documents any manual or UI-driven steps that remain.

Default Assumptions

  • Ubuntu is the default operating system target.
  • Documentation and code are written in English.
  • HA RelayMiner is the default relay-mining implementation for new deployments.
  • Standard pocketd relayminer support is legacy-only and should not be the default path.
  • PostgreSQL, Temporal, Redis, reverse proxy, and service endpoints must be secured before production use.

Documentation

Quick Start

Generate a guided production single-host inventory:

bash
scripts/generate-inventory.sh

Then validate and deploy:

bash
ansible-inventory -i inventories/generated/<host-name>/hosts.yml --list
ansible-playbook -i inventories/generated/<host-name>/hosts.yml playbooks/site.yml
ansible-playbook -i inventories/generated/<host-name>/hosts.yml playbooks/validate.yml

The generated profile enables both HA RelayMiner relayer and miner. Reward readiness still requires supplier keys, successful Igniter Provider bootstrap, and supplier lifecycle configuration in Igniter.

The generated profile also deploys Prometheus and Grafana for HA RelayMiner monitoring. Grafana is private by default, with an explicit wizard option for public Caddy routing protected by basic auth.

Source Of Truth

Use the current Pocket Network documentation at https://docs.pocket.network/. Older dev.poktroll.com documentation is deprecated for this project unless explicitly requested.

In this section

Beginner Deployment Guide

This guide walks a new operator through a production-oriented single-host deployment. It includes Igniter Provider, PostgreSQL, Temporal, Redis, HA RelayMiner relayer, HA…

Learn more →

HA Validation Matrix

This matrix defines what must be tested before claiming a topology is production-validated.

Learn more →

Igniter Role In The Automation

Igniter is the operational control plane for staking. This project should treat Igniter as the component that owns supplier lifecycle, delegator workflows, provider registration,…

Learn more →

Implementation Roadmap

This roadmap is organized into granular implementation phases that can become separate commits and pull requests.

Learn more →

Monitoring

The monitoring role deploys Prometheus and Grafana for HA RelayMiner metrics.

Learn more →

Post-Deploy Checklist

Use this checklist after playbooks/site.yml completes.

Learn more →

Production Security Hardening

This guide covers security hardening that is in scope for the automation. Backup, restore, and disaster recovery are intentionally out of scope.

Learn more →

Release Process

Pocket Automations uses small tagged releases once the project reaches a coherent operator-facing state.

Learn more →

Secret Rotation

This guide documents rotation boundaries for secrets managed or referenced by Pocket Automations.

Learn more →

Setup Wizard

scripts/generate-inventory.sh is a local bash wizard that creates a guided production-single-host inventory.

Learn more →

Technical Architecture

This document defines the first implementation target for Pocket Automations.

Learn more →

Troubleshooting

Start with the validation report:

Learn more →

Upgrades

Use playbooks/upgrade.yml for day-2 component updates after the initial deployment.

Learn more →

Validation Workflow

Run validation after playbooks/site.yml or whenever an operator changes inventory, secrets, DNS, backend services, or reverse proxy settings.

Learn more →