roq-ansible#

The roq-ansible project contains a set of Ansible roles useful for provisioning a server.

All the roles are based on group membership.

For example, if you define an Ansible Playbook, you will need an inventory file

[MY_SERVER]
my_server ansible_host="192.168.0.1" backups="/mnt/Backups/{{ ansible_hostname }}"

[secure]
my_server

[trading]
my_server

This shows that we have defined a host with the my_server identifier, which belongs to the following groups

  • secure

  • trading

By convention it implicitly also belongs to the all group.

When you run your Ansible Playbook, the roles will be matched to groups to find out if a role has to be executed for the particular host.

Some roles use group membership to e.g. create config files. This is the case for Prometheus and NGINX: they both require information about what gateways have been installed.

all#

Role

Description

baseline

Establish a baseline for all other roles

  • Ensure all required directories exists

  • Ensure all packages are up to date on your Linux distribution

kernel

Configure the Linux kernel

  • Enable Docker real-time scheduling

chrony

Install and enable chrony for time-synchronization

sysstat

Install and enable sysstat performance monitoring tools

sysadmin

Install various useful sysadmin tools

python

Establish a Python baseline

  • Install setuptools and pip

docker

Install Docker CE

conda

Install Mambaforge

postgres

Install the Postgres database

nginx

Install the NGINX load-balancer

roq-backup

Install backup scripts

secure#

Role

Description

sshd

Secure the SSH server process

  • Only permit key-based access

  • Follow best practices

fail2ban

Install and enable the Fail2ban intrusion prevention framework

trading#

Role

Description

redis

Install the Redis in-memory data structure store

clickhouse

Install the ClickHouse time-series database

prometheus

Install the Prometheus monitoring system and time-series database

grafana

Install the Grafana observability platform

dev#

Role

Description

toolchain

Install the Conda C++ compiler toolchain

virtualbox

Install the VirtualBox hosted hypervisor for virtualization

vagrant

Install the Vagrant tool for building and managing virtual machine environments

roq_clickhouse#

Role

Description

roq-clickhouse

Install the service exporting gateway event-logs to ClickHouse

roq_binance#

Role

Description

roq-binance

Install the Binance gateway

More details here.

roq_bitmex#

Role

Description

roq-bitmex

Install the BitMEX gateway

More details here.

roq_bitstamp#

Role

Description

roq-bitstamp

Install the Bitstamp gateway

More details here.

roq_coinbase_pro#

Role

Description

roq-coinbase-pro

Install the Coinbase PRO gateway

More details here.

roq_deribit#

Role

Description

roq-deribit

Install the Deribit gateway

More details here.

roq_gemini#

Role

Description

roq-gemini

Install the Gemini gateway

More details here.

roq_hitbtc#

Role

Description

roq-hitbtc

Install the HitBTC gateway

More details here.

roq_kraken#

Role

Description

roq-kraken

Install the Kraken gateway

More details here.

References#