fix: duplicate values, validations, examples (#5)

Author: lbkolev

README.md

@@ -1,31 +1,29 @@
 ## <p align="center">terraform-aws-eth-node</p>
-### <p align="center">Spin up an ETH client on AWS</p>
+### <p align="center">Spin up ETH clients. On AWS. In a minute.</p>
 
-- The deployment takes no more than two minutes
-- The default OS the nodes get configured on is debian12
-- All clients are managed by systemd
+- The deployment takes no more than a minute
+- The default OS is `debian12`
+- All clients are managed through systemd
 
 - The module takes care of the:
-  - EC2's configuration
-  - creation & management of the volumes that'll hold the chains' data
-  - mounting of the volumes
-  - the installation & configuration of the specified ethereum node(s)
-  - EC2's security group
+  - EC2's setup, configuration & lifecycle
+  - Creation & management of the volumes that'll hold the chains' data
 
 - Full examples can be found in the [examples](./examples/) directory.
-> :warning: Be mindful with the security group's configuration. All the examples are simplified to allow all external traffic, which in most cases environments shouldn't happen.
+> :warning: Be mindful with the security group's configuration. All the examples are simplified to allow all external traffic, which in most cases isn't recommended.
 
-## Example with both Besu & Nimbus client
+## Example with Reth & Lighthouse running sepolia
 ```hcl
 module "nodes" {
   source = "../../"
 
-  name      = "besu-nimbus-mainnet"
-  subnet_id = "/subnet-id/"
+  name      = "[reth-lighthouse]-sepolia"
+  subnet_id = data.aws_subnets.this.ids[0]
 
   ec2 = {
-    instance_type               = "m4.xlarge"
-    associate_public_ip_address = true
+    instance_type               = "c4.xlarge"
+    associate_public_ip_address = true # required if you ever intend to access the nodes from outside the vpc
+    key_name                    = module.key_pair.key_pair_name # # required to access the ec2
   }
 
   security_group = [
@@ -56,34 +54,32 @@ module "nodes" {
       to          = 8546
       protocol    = "tcp"
       cidr_blocks = ["0.0.0.0/0"]
-    },
+    }
   ]
 
   clients = [
     {
-      name        = "besu"
-      package_url = "https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/23.7.2/besu-23.7.2.tar.gz"
-      cmd         = "besu --data-path=/besu"
+      name        = "reth"
+      package_url = "https://github.com/paradigmxyz/reth/releases/download/v0.1.0-alpha.8/reth-v0.1.0-alpha.8-x86_64-unknown-linux-gnu.tar.gz"
+      cmd         = "reth node --chain=sepolia --full --datadir=/reth --authrpc.addr=127.0.0.1 --authrpc.port 8551 --authrpc.jwtsecret=/root/jwt.hex --http --http.addr=0.0.0.0 --http.port=8545 --ws --ws.addr=0.0.0.0 --ws.port=8546 --ws.origins '*' --ws.api eth,net,web3,debug,txpool --bootnodes enode://9246d00bc8fd1742e5ad2428b80fc4dc45d786283e05ef6edbd9002cbc335d40998444732fbe921cb88e1d2c73d1b1de53bae6a2237996e9bfe14f871baf7066@18.168.182.86:30303,enode://ec66ddcf1a974950bd4c782789a7e04f8aa7110a72569b6e65fcd51e937e74eed303b1ea734e4d19cfaec9fbff9b6ee65bf31dcb50ba79acce9dd63a6aca61c7@52.14.151.177:30303"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdb"
-        type        = "gp3"
-        size        = 1000 // GB
-        mountpoint  = "/besu"
+        type        = "gp2"
+        size        = 100 # GB
+        mountpoint  = "/reth"
       }
     },
     {
-      name        = "nimbus"
-      package_url = "https://github.com/status-im/nimbus-eth2/releases/download/v23.8.0/nimbus-eth2_Linux_amd64_23.8.0_d014d0a5.tar.gz"
-      cmd         = "nimbus --data-dir=/nimbus"
+      name        = "lighthouse"
+      package_url = "https://github.com/sigp/lighthouse/releases/download/v4.4.1/lighthouse-v4.4.1-x86_64-unknown-linux-gnu-portable.tar.gz"
+      cmd         = "lighthouse bn --network=sepolia --datadir=/lighthouse --execution-jwt=/root/jwt.hex --execution-endpoint=http://127.0.0.1:8551 --disable-deposit-contract-sync --checkpoint-sync-url https://sepolia.checkpoint-sync.ethpandaops.io"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdc"
-        type        = "gp3"
-        size        = 1000 // GB
-        mountpoint  = "/nimbus"
+        type        = "gp2"
+        size        = 2 # GB
+        mountpoint  = "/lighthouse"
       }
     }
   ]

examples/besu-nimbus-mainnet/main.tf

@@ -60,7 +60,6 @@ module "nodes" {
       package_url = "https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/23.7.2/besu-23.7.2.tar.gz"
       cmd         = "besu --data-path=/besu"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdb"
         type        = "gp3"
@@ -73,11 +72,10 @@ module "nodes" {
       package_url = "https://github.com/status-im/nimbus-eth2/releases/download/v23.8.0/nimbus-eth2_Linux_amd64_23.8.0_d014d0a5.tar.gz"
       cmd         = "nimbus --data-dir=/nimbus"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdc"
         type        = "gp3"
-        size        = 1000 # GB
+        size        = 100 # GB
         mountpoint  = "/nimbus"
       }
     }

examples/geth-teku-mainnet/main.tf

@@ -18,7 +18,7 @@ module "nodes" {
   subnet_id = data.aws_subnets.this.ids[0]
 
   ec2 = {
-    instance_type               = "m4.xlarge"
+    type                        = "m4.xlarge"
     associate_public_ip_address = true
     key_name                    = module.key_pair.key_pair_name
   }
@@ -60,11 +60,10 @@ module "nodes" {
       package_url = "https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-1.12.2-bed84606.tar.gz"
       cmd         = "geth --datadir=/geth --http --http.addr=0.0.0.0 --http.port=8545 --ws --ws.addr=0.0.0.0 --ws.port=8546 --ws.origins '*' --ws.api eth,net,web3,debug,txpool --authrpc.addr=127.0.0.1 --authrpc.port 8551 --authrpc.jwtsecret=/geth/jwt.hex --bootnodes enode://9246d00bc8fd1742e5ad2428b80fc4dc45d786283e05ef6edbd9002cbc335d40998444732fbe921cb88e1d2c73d1b1de53bae6a2237996e9bfe14f871baf7066@18.168.182.86:30303,enode://ec66ddcf1a974950bd4c782789a7e04f8aa7110a72569b6e65fcd51e937e74eed303b1ea734e4d19cfaec9fbff9b6ee65bf31dcb50ba79acce9dd63a6aca61c7@52.14.151.177:30303"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdb"
         type        = "gp3"
-        size        = 1000
+        size        = 1500
         mountpoint  = "/geth"
       }
     },
@@ -73,11 +72,10 @@ module "nodes" {
       package_url = "https://artifacts.consensys.net/public/teku/raw/names/teku.tar.gz/versions/23.9.0/teku-23.9.0.tar.gz"
       cmd         = "teku --data-beacon-path=/teku --data-path=/teku --ee-endpoint=http://localhost:8551"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdc"
         type        = "gp2"
-        size        = 1000
+        size        = 100
         mountpoint  = "/teku"
       }
     }

examples/reth-lighthouse-sepolia/main.tf

@@ -58,9 +58,8 @@ module "nodes" {
     {
       name        = "reth"
       package_url = "https://github.com/paradigmxyz/reth/releases/download/v0.1.0-alpha.8/reth-v0.1.0-alpha.8-x86_64-unknown-linux-gnu.tar.gz"
-      cmd         = "reth node --chain=sepolia --full --datadir=/reth"
+      cmd         = "reth node --chain=sepolia --full --datadir=/reth --authrpc.addr=127.0.0.1 --authrpc.port 8551 --authrpc.jwtsecret=/root/jwt.hex --http --http.addr=0.0.0.0 --http.port=8545 --ws --ws.addr=0.0.0.0 --ws.port=8546 --ws.origins '*' --ws.api eth,net,web3,debug,txpool --bootnodes enode://9246d00bc8fd1742e5ad2428b80fc4dc45d786283e05ef6edbd9002cbc335d40998444732fbe921cb88e1d2c73d1b1de53bae6a2237996e9bfe14f871baf7066@18.168.182.86:30303,enode://ec66ddcf1a974950bd4c782789a7e04f8aa7110a72569b6e65fcd51e937e74eed303b1ea734e4d19cfaec9fbff9b6ee65bf31dcb50ba79acce9dd63a6aca61c7@52.14.151.177:30303"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdb"
         type        = "gp2"
@@ -70,14 +69,13 @@ module "nodes" {
     },
     {
       name        = "lighthouse"
-      package_url = "https://github.com/sigp/lighthouse/releases/download/v4.4.1/lighthouse-v4.4.1-x86_64-unknown-linux-gnu.tar.gz"
-      cmd         = "lighthouse bn --network sepolia --datadir=/lighthouse --disable-deposit-contract-sync --checkpoint-sync-url https://sepolia.checkpoint-sync.ethpandaops.io"
+      package_url = "https://github.com/sigp/lighthouse/releases/download/v4.4.1/lighthouse-v4.4.1-x86_64-unknown-linux-gnu-portable.tar.gz"
+      cmd         = "lighthouse bn --network=sepolia --datadir=/lighthouse --execution-jwt=/root/jwt.hex --execution-endpoint=http://127.0.0.1:8551 --disable-deposit-contract-sync --checkpoint-sync-url https://sepolia.checkpoint-sync.ethpandaops.io"
 
-      create_ebs = true
       ebs = {
         device_name = "xvdc"
         type        = "gp2"
-        size        = 70 # GB
+        size        = 2 # GB
         mountpoint  = "/lighthouse"
       }
     }

main.tf

@@ -90,3 +90,10 @@ resource "aws_volume_attachment" "this" {
   volume_id   = each.value.external_volume_id == null ? aws_ebs_volume.this[each.key].id : each.value.external_volume_id
   instance_id = aws_instance.this.id
 }
+
+resource "aws_ec2_instance_state" "this" {
+  count = var.ec2.state == null ? 0 : 1
+
+  instance_id = aws_instance.this.id
+  state       = var.ec2.state
+}

variables.tf

@@ -1,6 +1,6 @@
 variable "name" {
   type        = string
-  description = "The generic name to apply across the different resources"
+  description = "The generic name to apply across the different resources created in AWS"
 }
 
 variable "subnet_id" {
@@ -33,10 +33,10 @@ variable "ami" {
 
 variable "ec2" {
   type = object({
-    type                        = optional(string)
+    type                        = optional(string, "t2.micro")
+    state                       = optional(string, "running")
     associate_public_ip_address = bool
-    key_name                    = string
-    security_group_ids          = optional(list(string)) # optional external SGs; ones created outside of this module.
+    security_group_ids          = optional(list(string)) # external SGs;
     disable_api_stop            = optional(bool)
     disable_api_termination     = optional(bool)
     ebs_optimized               = optional(bool)
@@ -45,14 +45,29 @@ variable "ec2" {
     key_name                    = optional(string)
   })
   description = "The EC2 configuration"
+  default = {
+    type                        = "t2.micro",
+    state                       = "running",
+    associate_public_ip_address = true
+  }
+
+  validation {
+    condition     = can(regex("^((a1|c1|c3|c4|c5|c5a|c5ad|c5d|c5n|c6a|c6g|c6gd|c6gn|c6i|c6id|c7g|cc2|d2|d3|d3en|dl1|f1|g2|g3|g3s|g4ad|g4dn|g5|g5g|h1|i2|i3|i3en|i4i|im4gn|inf1|is4gen|m1|m2|m3|m4|m5|m5a|m5ad|m5d|m5dn|m5n|m5zn|m6a|m6g|m6gd|m6i|m6id|mac1|mac2|p2|p3|p3dn|p4d|r3|r4|r5|r5a|r5ad|r5b|r5d|r5dn|r5n|r6a|r6g|r6gd|r6i|r6id|t1|t2|t3|t3a|t4g|trn1|u-12tb1|u-3tb1|u-6tb1|u-9tb1|vt1|x1|x1e|x2gd|x2idn|x2iedn|x2iezn|z1d)\\.(10xlarge|112xlarge|12xlarge|16xlarge|18xlarge|24xlarge|2xlarge|32xlarge|3xlarge|48xlarge|4xlarge|56xlarge|6xlarge|8xlarge|9xlarge|large|medium|metal|micro|nano|small|xlarge))$", var.ec2.type))
+    error_message = "value must be a valid EC2 instance type"
+  }
+
+  validation {
+    condition     = contains(["running", "stopped"], var.ec2.state)
+    error_message = "Invalid EC2 state. Valid states are: running, stopped"
+  }
 }
 
 variable "clients" {
   type = list(
     object({
-      name        = string
-      package_url = string
-      cmd         = string
+      name        = string # name of the ethereum client
+      package_url = string # link to the url of the binary to download
+      cmd         = string # the startup command of the client
 
       ebs = optional(object({
         device_name = string
@@ -68,10 +83,18 @@ variable "clients" {
         size     = optional(number)
       }))
   }))
-  description = "The ETH clients to deploy on the EC2"
+  description = "The nodes to deploy on the EC2"
+
+  validation {
+    condition     = length(var.clients) > 0
+    error_message = "You must provide at least one client"
+  }
 
   validation {
-    condition     = alltrue([for client in var.clients : true if contains(["geth", "nethermind", "besu", "erigon", "reth", "lighthouse", "nimbus", "prysm", "teku"], client.name)])
+    condition = length([
+      for c in var.clients :
+      true if contains(["geth", "nethermind", "besu", "erigon", "reth", "lighthouse", "nimbus", "prysm", "teku"], c.name)
+    ]) == length(var.clients)
     error_message = "Invalid client name. Valid names are: geth, nethermind, besu, erigon, reth, lighthouse, nimbus, prysm, teku"
   }
 }