How to deploy Decentralized Private Storage

# How to deploy Decentralized Private Storage Decentralized Private Storage consists of: - Backend (NodeJS app, internet accessible) - Manager (Rust app, interacts with Backend by RabbitMQ) - Watchdog (Rust app, runs TSS process to verify system healthiness) - Vault (Stores private keys, accessible only by Manager) - RabbitMQ (Transports messages between Manager and Backend) - PostgreSQL (Database for Backend) - Redis (Database for Backend) # Helm 3 ## Prerequisites - Working Kubernetes cluster with Traefik - `vault` client - Cloned git repository [tookey-io/deploy](https://github.com/tookey-io/deploy) ## Deploy `dependencies` Helm chart Contains Databases and other containers, that don't require configuration through `services-values.yaml`. 1. Create namespace for Tookey: `kubectl apply -f kubectl_namespace.yaml` 2. Deploy dependencies helm chart: `helm upgrade --install tookey-dependencies ./dependencies -n tookey --kube-context kube-context` 3. Verify that all containers are ready 4. Port-forward vault service: `kubectl port-forward -n tookey vault-0 8200:http` 5. Configure vault address: `export VAULT_ADDR='http://localhost:8200'` 6. Initialize vault: `vault operator init` 1. Save Unseal keys and Root token. For more information see [Vault Docs](https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-deploy#initializing-the-vault) 7. Unseal vault by entering 3 different unseal keys to: `vault operator unseal` 1. Unsealing is required after each vault restart ## Deploy `services` Helm chart Contains Tookey services. 1. Fill `services-values.yaml` according to comments 2. Deploy services helm chart: `helm upgrade --install tookey-services ./services -n tookey --kube-context kube-context -f services-values.yaml` 3. Verify that all containers are ready 4. After a couple of minutes check watchdog's metrics to verify healthiness `kubectl exec -n tookey --context kube-context watchdog-0 -t -- curl http://localhost:3000/metrics | grep status` # Docker Compose ## Prerequisites - Working Docker installation - `vault` client - Cloned git repository [tookey-io/deploy](https://github.com/tookey-io/deploy) ## Deploy `dependencies` compose file Contains Databases and other containers, that don't require configuration through ENV. 1. Create shared docker network: `docker network create tookey` 2. Deploy dependencies containers: `docker-compose up -d -p tookey-dependencies -f ./dependencies/docker-compose.yaml` 3. Verify that all containers are launched 4. Configure vault address: `export VAULT_ADDR='http://localhost:8200'` 5. Initialize vault: `vault operator init` 1. Save Unseal keys and Root token. For more information see [Vault Docs](https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-deploy#initializing-the-vault) 6. Unseal vault by entering 3 different unseal keys to: `vault operator unseal` 1. Unsealing is required after each vault restart ## Deploy `services` Helm chart Contains Tookey services. 1. Fill `services/backend.env`, `services/manager.env`, `services/watchdog.env` according to comments 2. Deploy services containers: `docker-compose up -d -p tookey-services -f ./services/docker-compose.yaml` 3. Verify that all containers are launched 4. After a couple of minutes check watchdog's metrics to verify healthiness `docker exec tookey-watchdog -- curl http://localhost:3000/metrics | grep status`