From 8db457a8aeff2ad67b8c5e98f6a18865dc0d283b Mon Sep 17 00:00:00 2001
From: Kirill Shklyaev <kirill@anytype.io>
Date: Wed, 4 Oct 2023 11:49:33 +0300
Subject: [PATCH] Init release

---
 .github/workflows/cla.yml                     | 17 ++++
 .github/workflows/release.yml                 | 26 ++++++
 LICENSE.md                                    | 21 +++++
 README.md                                     | 82 +++++++++++++++++++
 any-sync-consensusnode.yml                    |  5 ++
 any-sync-coordinator.yml                      |  5 ++
 any-sync-filenode.yml                         |  5 ++
 any-sync-node.yml                             |  6 ++
 group_vars/any_sync.yml                       | 66 +++++++++++++++
 inventory.ini                                 | 22 +++++
 .../any-sync-consensusnode/defaults/main.yml  | 50 +++++++++++
 .../any-sync-consensusnode/handlers/main.yml  |  6 ++
 roles/any-sync-consensusnode/tasks/config.yml | 24 ++++++
 .../any-sync-consensusnode/tasks/install.yml  | 21 +++++
 roles/any-sync-consensusnode/tasks/main.yml   | 16 ++++
 .../any-sync-consensusnode/tasks/service.yml  |  7 ++
 .../templates/config.yml.j2                   | 21 +++++
 .../templates/service.j2                      | 19 +++++
 roles/any-sync-coordinator/defaults/main.yml  | 53 ++++++++++++
 roles/any-sync-coordinator/handlers/main.yml  |  6 ++
 roles/any-sync-coordinator/tasks/config.yml   | 30 +++++++
 roles/any-sync-coordinator/tasks/install.yml  | 21 +++++
 roles/any-sync-coordinator/tasks/main.yml     | 16 ++++
 roles/any-sync-coordinator/tasks/service.yml  |  7 ++
 .../templates/config.yml.j2                   | 22 +++++
 .../templates/network.yml.j2                  | 15 ++++
 .../any-sync-coordinator/templates/service.j2 | 19 +++++
 roles/any-sync-filenode/defaults/main.yml     | 50 +++++++++++
 roles/any-sync-filenode/handlers/main.yml     |  6 ++
 roles/any-sync-filenode/tasks/config.yml      | 31 +++++++
 roles/any-sync-filenode/tasks/install.yml     | 50 +++++++++++
 roles/any-sync-filenode/tasks/main.yml        | 16 ++++
 roles/any-sync-filenode/tasks/service.yml     |  7 ++
 .../templates/aws_credentials.j2              |  3 +
 .../any-sync-filenode/templates/config.yml.j2 | 21 +++++
 roles/any-sync-filenode/templates/service.j2  | 19 +++++
 roles/any-sync-node/defaults/main.yml         | 54 ++++++++++++
 roles/any-sync-node/handlers/main.yml         |  6 ++
 roles/any-sync-node/tasks/config.yml          | 24 ++++++
 roles/any-sync-node/tasks/install.yml         | 21 +++++
 roles/any-sync-node/tasks/main.yml            | 16 ++++
 roles/any-sync-node/tasks/service.yml         |  7 ++
 roles/any-sync-node/templates/config.yml.j2   | 22 +++++
 roles/any-sync-node/templates/service.j2      | 19 +++++
 44 files changed, 980 insertions(+)
 create mode 100644 .github/workflows/cla.yml
 create mode 100644 .github/workflows/release.yml
 create mode 100644 LICENSE.md
 create mode 100644 README.md
 create mode 100644 any-sync-consensusnode.yml
 create mode 100644 any-sync-coordinator.yml
 create mode 100644 any-sync-filenode.yml
 create mode 100644 any-sync-node.yml
 create mode 100644 group_vars/any_sync.yml
 create mode 100644 inventory.ini
 create mode 100644 roles/any-sync-consensusnode/defaults/main.yml
 create mode 100644 roles/any-sync-consensusnode/handlers/main.yml
 create mode 100644 roles/any-sync-consensusnode/tasks/config.yml
 create mode 100644 roles/any-sync-consensusnode/tasks/install.yml
 create mode 100644 roles/any-sync-consensusnode/tasks/main.yml
 create mode 100644 roles/any-sync-consensusnode/tasks/service.yml
 create mode 100644 roles/any-sync-consensusnode/templates/config.yml.j2
 create mode 100644 roles/any-sync-consensusnode/templates/service.j2
 create mode 100644 roles/any-sync-coordinator/defaults/main.yml
 create mode 100644 roles/any-sync-coordinator/handlers/main.yml
 create mode 100644 roles/any-sync-coordinator/tasks/config.yml
 create mode 100644 roles/any-sync-coordinator/tasks/install.yml
 create mode 100644 roles/any-sync-coordinator/tasks/main.yml
 create mode 100644 roles/any-sync-coordinator/tasks/service.yml
 create mode 100644 roles/any-sync-coordinator/templates/config.yml.j2
 create mode 100644 roles/any-sync-coordinator/templates/network.yml.j2
 create mode 100644 roles/any-sync-coordinator/templates/service.j2
 create mode 100644 roles/any-sync-filenode/defaults/main.yml
 create mode 100644 roles/any-sync-filenode/handlers/main.yml
 create mode 100644 roles/any-sync-filenode/tasks/config.yml
 create mode 100644 roles/any-sync-filenode/tasks/install.yml
 create mode 100644 roles/any-sync-filenode/tasks/main.yml
 create mode 100644 roles/any-sync-filenode/tasks/service.yml
 create mode 100644 roles/any-sync-filenode/templates/aws_credentials.j2
 create mode 100644 roles/any-sync-filenode/templates/config.yml.j2
 create mode 100644 roles/any-sync-filenode/templates/service.j2
 create mode 100644 roles/any-sync-node/defaults/main.yml
 create mode 100644 roles/any-sync-node/handlers/main.yml
 create mode 100644 roles/any-sync-node/tasks/config.yml
 create mode 100644 roles/any-sync-node/tasks/install.yml
 create mode 100644 roles/any-sync-node/tasks/main.yml
 create mode 100644 roles/any-sync-node/tasks/service.yml
 create mode 100644 roles/any-sync-node/templates/config.yml.j2
 create mode 100644 roles/any-sync-node/templates/service.j2

diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml
new file mode 100644
index 0000000..d2000d1
--- /dev/null
+++ b/.github/workflows/cla.yml
@@ -0,0 +1,17 @@
+name: "CLA Check"
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened,closed,synchronize]
+
+permissions:
+  actions: write
+  contents: write
+  pull-requests: write
+  statuses: write
+
+jobs:
+  cla-check:
+    uses: anyproto/open/.github/workflows/cla.yml@main
+    secrets: inherit
\ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..a6ed8f2
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,26 @@
+on:
+  push:
+    tags:
+    - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+
+name: release
+
+permissions: write-all
+
+jobs:
+  create_release:
+    name: create release
+    runs-on: ubuntu-latest
+    outputs:
+      upload_url: ${{ steps.create_release.outputs.upload_url }}
+    steps:
+      - name: create release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          draft: false
+          prerelease: false
diff --git a/LICENSE.md b/LICENSE.md
new file mode 100644
index 0000000..fada60a
--- /dev/null
+++ b/LICENSE.md
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Any Association
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
+OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c7ae4ce
--- /dev/null
+++ b/README.md
@@ -0,0 +1,82 @@
+# Ansible-anysync
+
+- [Getting Started](#getting-started)
+  - [Prerequisites](#prerequisites)
+  - [Installing](#installing)
+- [Usage](#usage)
+- [Contribution](#contribution)
+
+## Getting Started
+
+Ansible role for any-sync daemons. Currently, this works on Debian and RHEL based linux systems. Tested platforms are:
+* Ubuntu 22.04
+* Amazon Linux 2
+
+You can read the documentation on using any-sync [here](https://tech.anytype.io/).
+
+### Prerequisites
+
+* Minimum Ansible version of 2.10.0 is installed to execute these roles
+* Redis
+* MongoDB
+* S3 object storage (this repository features integration with aws s3)
+
+### Installing
+
+Clone the current repository with roles
+
+```
+git clone https://github.com/anyproto/ansible-anysync.git
+```
+
+Use in a playbook:
+
+```yaml
+- hosts: someserversgroup
+  become: yes
+  roles:
+    - any-sync-coordinator
+    - any-sync-consensusnode
+    - any-sync-filenode
+    - any-sync-node
+```
+
+## Usage
+
+Look to the defaults properties file in `any-sync-*/defaults/main.yml` to see the possible configuration properties.
+
+**You need to customize the default template for sections "account" and "network" in `defaults/main.yml` directory of each role:**
+```yaml
+  account:
+    peerId: CHANGE_ME
+    peerKey: CHANGE_ME
+    signingKey: CHANGE_ME
+```
+```yaml
+  network:
+    networkId: CHANGE_ME
+    nodes:
+    - peerId: CHANGE_ME
+      addresses:
+      - CHANGE_ME:443
+      types:
+      - tree
+     ...
+```
+⚠️ Use [any-sync-tools](https://github.com/anyproto/any-sync-tools) to generate this configuration.
+
+## Contribution
+Thank you for your desire to develop Anytype together!
+
+❤️ This project and everyone involved in it is governed by the [Code of Conduct](https://github.com/anyproto/.github/blob/main/docs/CODE_OF_CONDUCT.md).
+
+🧑‍💻 Check out our [contributing guide](https://github.com/anyproto/.github/blob/main/docs/CONTRIBUTING.md) to learn about asking questions, creating issues, or submitting pull requests.
+
+🫢 For security findings, please email [security@anytype.io](mailto:security@anytype.io) and refer to our [security guide](https://github.com/anyproto/.github/blob/main/docs/SECURITY.md) for more information.
+
+🤝 Follow us on [Github](https://github.com/anyproto) and join the [Contributors Community](https://github.com/orgs/anyproto/discussions).
+
+---
+Made by Any — a Swiss association 🇨🇭
+
+Licensed under [MIT](./LICENSE.md).
diff --git a/any-sync-consensusnode.yml b/any-sync-consensusnode.yml
new file mode 100644
index 0000000..f82d812
--- /dev/null
+++ b/any-sync-consensusnode.yml
@@ -0,0 +1,5 @@
+---
+- hosts: any_sync_consensusnode
+  become: yes
+  roles:
+    - any-sync-consensusnode
diff --git a/any-sync-coordinator.yml b/any-sync-coordinator.yml
new file mode 100644
index 0000000..ace8d30
--- /dev/null
+++ b/any-sync-coordinator.yml
@@ -0,0 +1,5 @@
+---
+- hosts: any_sync_coordinator
+  become: yes
+  roles:
+    - any-sync-coordinator
diff --git a/any-sync-filenode.yml b/any-sync-filenode.yml
new file mode 100644
index 0000000..7744b27
--- /dev/null
+++ b/any-sync-filenode.yml
@@ -0,0 +1,5 @@
+---
+- hosts: any_sync_filenode
+  become: yes
+  roles:
+    - any-sync-filenode
diff --git a/any-sync-node.yml b/any-sync-node.yml
new file mode 100644
index 0000000..a9c6718
--- /dev/null
+++ b/any-sync-node.yml
@@ -0,0 +1,6 @@
+---
+- hosts: any_sync_node[0]
+  become: yes
+  #user: ec2-user
+  roles:
+    - any-sync-node
diff --git a/group_vars/any_sync.yml b/group_vars/any_sync.yml
new file mode 100644
index 0000000..4baab6c
--- /dev/null
+++ b/group_vars/any_sync.yml
@@ -0,0 +1,66 @@
+---
+any_sync_accounts:
+  any-sync-node1:
+    peerId: 12D3KooWLTVK3VgXziU8ZcvvHUebueSBPiJNjXBxm3DQWtqsCbWD
+    peerKey: <change me>
+    signingKey: <change me>
+  any-sync-node2:
+    peerId: 12D3KooWBTWo5KVveQuVEA4VeivgbS7LxGkTgmWspEtpaw3D5xXw
+    peerKey: <change me>
+    signingKey: <change me>
+  any-sync-node3:
+    peerId: 12D3KooWF8HJnjL8MDUAExyg7yEAXhcXKzMwsn3dvivDjKWe7NN5
+    peerKey: <change me>
+    signingKey: <change me>
+  any-sync-filenode1:
+    peerId: 12D3KooWBjzGAnG3Xk8x2PPsCS6z2Hm1gE23NVnmNQEXcDqS7b8A
+    peerKey: <change me>
+    signingKey: <change me>
+  any-sync-coordinator1:
+    peerId: 12D3KooWAiMEfdAdr3t5JnXBxnDfbsX3pN1FvULz8FFWeN1WMSS
+    peerKey: <change me>
+    signingKey: <change me>
+  any-sync-consensusnode1:
+    peerId: 12D3KooWLjZqEbB2sMyqVXZYnhRPR9NvWuRzNUJ4XFi9mY8QKcG
+    peerKey: <change me>
+    signingKey: <change me>
+
+any_sync_network:
+  networkId: N5787WrcATL3f9kDUVxz9yeexEoxxmBLQRhJ47SBNBXEhadc
+  nodes:
+  - peerId: 12D3KooWLTVK3VgXziU8ZcvvHUebueSBPiJNjXBxm3DQWtqsCbWD
+    addresses:
+    - any-sync-node1:443
+    - quic://nany-sync-node1:5430
+    types:
+    - tree
+  - peerId: 12D3KooWBTWo5KVveQuVEA4VeivgbS7LxGkTgmWspEtpaw3D5xXw
+    addresses:
+    - any-sync-node2:443
+    - quic://any-sync-node2:5430
+    types:
+    - tree
+  - peerId: 12D3KooWF8HJnjL8MDUAExyg7yEAXhcXKzMwsn3dvivDjKWe7NN5
+    addresses:
+    - any-sync-node3:443
+    - quic://any-sync-node3:5430
+    types:
+    - tree
+  - peerId: 12D3KooWBjzGAnG3Xk8x2PPsCS6z2Hm1gE23NVnmNQEXcDqS7b8A
+    addresses:
+    - any-sync-filenode1:443
+    - quic://any-sync-filenode1:5430
+    types:
+    - file
+  - peerId: 12D3KooWAiMEfdAdr3t5JnXBxnDfbsX3pN1FvULz8FFWeN1WMSS
+    addresses:
+    - any-sync-coordinator1:443
+    - quic://any-sync-coordinator1:5430
+    types:
+    - coordinator
+  - peerId: 12D3KooWLjZqEbB2sMyqVXZYnhRPR9NvWuRzNUJ4XFi9mY8QKcG
+    addresses:
+    - any-sync-consensusnode1:443
+    - quic://any-sync-consensusnode1:5430
+    types:
+    - consensus
\ No newline at end of file
diff --git a/inventory.ini b/inventory.ini
new file mode 100644
index 0000000..17a2460
--- /dev/null
+++ b/inventory.ini
@@ -0,0 +1,22 @@
+[all:children]
+any_sync
+
+[any_sync_node]
+any-sync-node1 ansible_host=ansible-any-sync-node1.toolpad.org
+any-sync-node2 ansible_host=ansible-any-sync-node2.toolpad.org
+any-sync-node3 ansible_host=ansible-any-sync-node3.toolpad.org
+
+[any_sync_filenode]
+any-sync-filenode1 ansible_host=ansible-any-sync-filenode1.toolpad.org
+
+[any_sync_coordinator]
+any-sync-coordinator1 ansible_host=ansible-any-sync-coordinator1.toolpad.org
+
+[any_sync_consensusnode]
+any-sync-consensusnode1 ansible_host=ansible-any-sync-consensusnode1.toolpad.org
+
+[any_sync:children]
+any_sync_node
+any_sync_filenode
+any_sync_coordinator
+any_sync_consensusnode
\ No newline at end of file
diff --git a/roles/any-sync-consensusnode/defaults/main.yml b/roles/any-sync-consensusnode/defaults/main.yml
new file mode 100644
index 0000000..d336200
--- /dev/null
+++ b/roles/any-sync-consensusnode/defaults/main.yml
@@ -0,0 +1,50 @@
+---
+# user and group that the any_sync_consensusnode service will run as
+any_sync_consensusnode_user: any-sync-consensusnode
+any_sync_consensusnode_group: any-sync-consensusnode
+
+any_sync_consensusnode_version: 0.1.1
+any_sync_consensusnode_release_system: x86_64 # aarch64.rpm x86_64.rpm amd64.deb arm64.deb
+any_sync_consensusnode_release_name_rhel: "any-sync-consensusnode-{{ any_sync_consensusnode_version }}-1.{{ any_sync_consensusnode_release_system }}.rpm"
+any_sync_consensusnode_download_url_rhel: "https://github.com/anyproto/any-sync-consensusnode/releases/download/v{{ any_sync_consensusnode_version}}/{{ any_sync_consensusnode_release_name_rhel }}"
+
+any_sync_consensusnode_release_name_debian: "any-sync-consensusnode_{{ any_sync_consensusnode_version }}_{{ any_sync_consensusnode_release_system }}.deb"
+any_sync_consensusnode_download_url_debian: "https://github.com/anyproto/any-sync-consensusnode/releases/download/v{{ any_sync_consensusnode_version}}/{{ any_sync_consensusnode_release_name_debian }}"
+
+# any sync consensusnode configuration
+# see: https://github.com/anyproto/any-sync-consensusnode/blob/main/etc/any-sync-consensusnode.yml
+any_sync_consensusnode_config_path: /etc/any-sync-consensusnode
+any_sync_consensusnode_networkStorePath: /var/lib/any-sync-consensusnode/networkStore
+any_sync_consensusnode_config:
+  apiServer:
+    server:
+      listenAddrs:
+        - "{{ ansible_host }}:8080"
+    stream:
+      maxMsgSizeMb: 256
+      timeoutMilliseconds: 1000
+  drpc:
+    stream:
+      maxMsgSizeMb: 256
+      timeoutMilliseconds: 1000
+  log:
+    defaultLevel: ''
+    namedLevels: {}
+    production: false
+  mongo:
+    connect: mongodb://any-sync-mongodb1:27017,any-sync-mongodb2:27017,any-sync-mongodb3:27017/?w=majority
+    database: consensus
+    logCollection: log
+  metric:
+    addr: 0.0.0.0:8000
+  yamux:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:443"
+    writeTimeoutSec: 10
+  quic:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:5430"
+    writeTimeoutSec: 10
+  networkStorePath: "{{ any_sync_consensusnode_networkStorePath }}"
diff --git a/roles/any-sync-consensusnode/handlers/main.yml b/roles/any-sync-consensusnode/handlers/main.yml
new file mode 100644
index 0000000..07df086
--- /dev/null
+++ b/roles/any-sync-consensusnode/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Restart any-sync-consensusnode
+  systemd:
+    name: any-sync-consensusnode
+    daemon_reload: yes
+    state: restarted
diff --git a/roles/any-sync-consensusnode/tasks/config.yml b/roles/any-sync-consensusnode/tasks/config.yml
new file mode 100644
index 0000000..a00b15a
--- /dev/null
+++ b/roles/any-sync-consensusnode/tasks/config.yml
@@ -0,0 +1,24 @@
+---
+
+- name: Ensure config path
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+    owner: "{{ any_sync_consensusnode_user }}"
+    group: "{{ any_sync_consensusnode_group }}"
+  with_items:
+    - "{{ any_sync_consensusnode_config_path }}"
+    - "{{ any_sync_consensusnode_networkStorePath }}"
+
+- name: Copy config file
+  template:
+    src: config.yml.j2
+    dest: "{{ any_sync_consensusnode_config_path }}/config.yml"
+  notify: Restart any-sync-consensusnode
+
+- name: Copy systemd init file
+  template:
+    src: service.j2
+    dest: /etc/systemd/system/any-sync-consensusnode.service
+  notify: Restart any-sync-consensusnode
\ No newline at end of file
diff --git a/roles/any-sync-consensusnode/tasks/install.yml b/roles/any-sync-consensusnode/tasks/install.yml
new file mode 100644
index 0000000..ed3ff98
--- /dev/null
+++ b/roles/any-sync-consensusnode/tasks/install.yml
@@ -0,0 +1,21 @@
+---
+- name: Ensure group
+  group:
+    name: "{{ any_sync_consensusnode_group }}"
+    state: present
+
+- name: Сreate a user
+  user:
+    name: "{{ any_sync_consensusnode_user }}"
+    group: "{{ any_sync_consensusnode_group }}"
+    state: present
+
+- name: Remote RPM install with yum
+  yum:
+    name: "{{ any_sync_consensusnode_download_url_rhel }}"
+  when: ansible_os_family == 'RedHat'
+
+- name: Remote DEB install with apt
+  apt:
+    deb: "{{ any_sync_consensusnode_download_url_debian }}"
+  when: ansible_os_family == 'Debian'
\ No newline at end of file
diff --git a/roles/any-sync-consensusnode/tasks/main.yml b/roles/any-sync-consensusnode/tasks/main.yml
new file mode 100644
index 0000000..f62243f
--- /dev/null
+++ b/roles/any-sync-consensusnode/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+
+- name: Install
+  import_tasks: install.yml
+  tags:
+    - install
+
+- name: Configure
+  import_tasks: config.yml
+  tags:
+    - configure
+
+- name: Service
+  import_tasks: service.yml
+  tags:
+    - service
\ No newline at end of file
diff --git a/roles/any-sync-consensusnode/tasks/service.yml b/roles/any-sync-consensusnode/tasks/service.yml
new file mode 100644
index 0000000..f971fb4
--- /dev/null
+++ b/roles/any-sync-consensusnode/tasks/service.yml
@@ -0,0 +1,7 @@
+---
+- name: Start any-sync-consensusnode service
+  systemd:
+    name: any-sync-consensusnode
+    enabled: yes
+    state: started
+    daemon_reload: yes
diff --git a/roles/any-sync-consensusnode/templates/config.yml.j2 b/roles/any-sync-consensusnode/templates/config.yml.j2
new file mode 100644
index 0000000..a6e463f
--- /dev/null
+++ b/roles/any-sync-consensusnode/templates/config.yml.j2
@@ -0,0 +1,21 @@
+#jinja2: lstrip_blocks: "True"
+---
+account:
+  peerId: {{ any_sync_accounts[inventory_hostname]['peerId'] }}
+  peerKey: {{ any_sync_accounts[inventory_hostname]['peerKey'] }}
+  signingKey: {{ any_sync_accounts[inventory_hostname]['signingKey'] }}
+network:
+  networkId: {{ any_sync_network.networkId }}
+  nodes:
+  {% for node in any_sync_network.nodes %}
+  - peerId: {{ node.peerId }}
+    addresses:
+    {% for address in node.addresses %}
+    - {{ address }}
+    {% endfor %}
+    types:
+    {% for type in node.types %}
+    - {{ type }}
+    {% endfor %}
+  {% endfor -%}
+{{ any_sync_consensusnode_config | to_nice_yaml(indent=2) }}
diff --git a/roles/any-sync-consensusnode/templates/service.j2 b/roles/any-sync-consensusnode/templates/service.j2
new file mode 100644
index 0000000..7293ed1
--- /dev/null
+++ b/roles/any-sync-consensusnode/templates/service.j2
@@ -0,0 +1,19 @@
+[Unit]
+Description=any-sync-consensusnode
+Wants=network-online.target
+After=syslog.target network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=simple
+User={{ any_sync_consensusnode_user }}
+Group={{ any_sync_consensusnode_group }}
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+ExecStart=/bin/any-sync-consensusnode -c {{ any_sync_consensusnode_config_path }}/config.yml
+Restart=on-failure
+RestartSec=5
+SyslogIdentifier=any-sync-consensusnode
+StandardOutput=syslog
+StandardError=syslog
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/roles/any-sync-coordinator/defaults/main.yml b/roles/any-sync-coordinator/defaults/main.yml
new file mode 100644
index 0000000..7664498
--- /dev/null
+++ b/roles/any-sync-coordinator/defaults/main.yml
@@ -0,0 +1,53 @@
+---
+# user and group that the any_sync_coordinator service will run as
+any_sync_coordinator_user: any_sync_coordinator
+any_sync_coordinator_group: any_sync_coordinator
+
+any_sync_coordinator_version: 0.3.0
+any_sync_coordinator_release_system: x86_64 # aarch64.rpm x86_64.rpm amd64.deb arm64.deb
+any_sync_coordinator_release_name_rhel: "any-sync-coordinator-{{ any_sync_coordinator_version }}-1.{{ any_sync_coordinator_release_system }}.rpm"
+any_sync_coordinator_download_url_rhel: "https://github.com/anyproto/any-sync-coordinator/releases/download/v{{ any_sync_coordinator_version}}/{{ any_sync_coordinator_release_name_rhel }}"
+
+any_sync_coordinator_release_name_debian: "any-sync-coordinator_{{ any_sync_coordinator_version }}_{{ any_sync_coordinator_release_system }}.deb"
+any_sync_coordinator_download_url_debian: "https://github.com/anyproto/any-sync-coordinator/releases/download/v{{ any_sync_coordinator_version}}/{{ any_sync_coordinator_release_name_debian }}"
+
+# any sync coordinator configuration
+# see: https://github.com/anyproto/any-sync-coordinator/blob/main/etc/any-sync-coordinator.yml
+any_sync_coordinator_config_path: /etc/any-sync-coordinator
+any_sync_coordinator_networkStorePath: /var/lib/any-sync-coordinator/networkStore
+any_sync_coordinator_config:
+  cafeApi:
+    url: "https://<login:pass>@cafe1.anytype.io"
+  drpc:
+    stream:
+      maxMsgSizeMb: 256
+      timeoutMilliseconds: 1000
+  fileLimit:
+    limitAlphaUsers: 10737418240
+    limitDefault: 1073741824
+    limitNightlyUsers: 53687091200
+  log:
+    defaultLevel: ''
+    namedLevels: {}
+    production: false
+  metric:
+    addr: 0.0.0.0:8000
+  mongo:
+    connect: mongodb://any-sync-coordinator-db1:27017,any-sync-coordinator-db2:27017,any-sync-coordinator-db3:27017
+    database: coordinator
+    log: log
+    spaces: spaces
+  spaceStatus:
+    deletionPeriodDays: 30
+    runSeconds: 20
+  yamux:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:443"
+    writeTimeoutSec: 10
+  quic:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:5430"
+    writeTimeoutSec: 10
+  networkStorePath: "{{ any_sync_coordinator_networkStorePath }}"
diff --git a/roles/any-sync-coordinator/handlers/main.yml b/roles/any-sync-coordinator/handlers/main.yml
new file mode 100644
index 0000000..d942ae5
--- /dev/null
+++ b/roles/any-sync-coordinator/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Restart any-sync-coordinator
+  systemd:
+    name: any-sync-coordinator
+    daemon_reload: yes
+    state: restarted
diff --git a/roles/any-sync-coordinator/tasks/config.yml b/roles/any-sync-coordinator/tasks/config.yml
new file mode 100644
index 0000000..a4138b2
--- /dev/null
+++ b/roles/any-sync-coordinator/tasks/config.yml
@@ -0,0 +1,30 @@
+---
+
+- name: Ensure config path
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+    owner: "{{ any_sync_coordinator_user }}"
+    group: "{{ any_sync_coordinator_group }}"
+  with_items:
+    - "{{ any_sync_coordinator_config_path }}"
+    - "{{ any_sync_coordinator_networkStorePath }}"
+
+- name: Copy config file
+  template:
+    src: config.yml.j2
+    dest: "{{ any_sync_coordinator_config_path }}/config.yml"
+  notify: Restart any-sync-coordinator
+
+- name: Copy network config file
+  template:
+    src: network.yml.j2
+    dest: "{{ any_sync_coordinator_config_path }}/network.yml"
+  notify: Restart any-sync-coordinator
+
+- name: Copy systemd init file
+  template:
+    src: service.j2
+    dest: /etc/systemd/system/any-sync-coordinator.service
+  notify: Restart any-sync-coordinator
\ No newline at end of file
diff --git a/roles/any-sync-coordinator/tasks/install.yml b/roles/any-sync-coordinator/tasks/install.yml
new file mode 100644
index 0000000..84de552
--- /dev/null
+++ b/roles/any-sync-coordinator/tasks/install.yml
@@ -0,0 +1,21 @@
+---
+- name: Ensure group
+  group:
+    name: "{{ any_sync_coordinator_group }}"
+    state: present
+
+- name: Сreate a user
+  user:
+    name: "{{ any_sync_coordinator_user }}"
+    group: "{{ any_sync_coordinator_group }}"
+    state: present
+
+- name: Remote RPM install with yum
+  yum:
+    name: "{{ any_sync_coordinator_download_url_rhel }}"
+  when: ansible_os_family == 'RedHat'
+
+- name: Remote DEB install with apt
+  apt:
+    deb: "{{ any_sync_coordinator_download_url_debian }}"
+  when: ansible_os_family == 'Debian'
\ No newline at end of file
diff --git a/roles/any-sync-coordinator/tasks/main.yml b/roles/any-sync-coordinator/tasks/main.yml
new file mode 100644
index 0000000..f62243f
--- /dev/null
+++ b/roles/any-sync-coordinator/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+
+- name: Install
+  import_tasks: install.yml
+  tags:
+    - install
+
+- name: Configure
+  import_tasks: config.yml
+  tags:
+    - configure
+
+- name: Service
+  import_tasks: service.yml
+  tags:
+    - service
\ No newline at end of file
diff --git a/roles/any-sync-coordinator/tasks/service.yml b/roles/any-sync-coordinator/tasks/service.yml
new file mode 100644
index 0000000..fc16c71
--- /dev/null
+++ b/roles/any-sync-coordinator/tasks/service.yml
@@ -0,0 +1,7 @@
+---
+- name: Start any-sync-coordinator service
+  systemd:
+    name: any-sync-coordinator
+    enabled: yes
+    state: started
+    daemon_reload: yes
diff --git a/roles/any-sync-coordinator/templates/config.yml.j2 b/roles/any-sync-coordinator/templates/config.yml.j2
new file mode 100644
index 0000000..e4d66a5
--- /dev/null
+++ b/roles/any-sync-coordinator/templates/config.yml.j2
@@ -0,0 +1,22 @@
+#jinja2: lstrip_blocks: "True"
+---
+account:
+  peerId: {{ any_sync_accounts[inventory_hostname]['peerId'] }}
+  peerKey: {{ any_sync_accounts[inventory_hostname]['peerKey'] }}
+  signingKey: {{ any_sync_accounts[inventory_hostname]['signingKey'] }}
+network:
+  networkId: {{ any_sync_network.networkId }}
+  nodes:
+  {% for node in any_sync_network.nodes %}
+  - peerId: {{ node.peerId }}
+    addresses:
+    {% for address in node.addresses %}
+    - {{ address }}
+    {% endfor %}
+    types:
+    {% for type in node.types %}
+    - {{ type }}
+    {% endfor %}
+  {% endfor -%}
+
+{{ any_sync_coordinator_config | to_nice_yaml(indent=2) }}
diff --git a/roles/any-sync-coordinator/templates/network.yml.j2 b/roles/any-sync-coordinator/templates/network.yml.j2
new file mode 100644
index 0000000..ee36266
--- /dev/null
+++ b/roles/any-sync-coordinator/templates/network.yml.j2
@@ -0,0 +1,15 @@
+#jinja2: lstrip_blocks: "True"
+---
+networkId: {{ any_sync_network.networkId }}
+nodes:
+{% for node in any_sync_network.nodes %}
+- peerId: {{ node.peerId }}
+  addresses:
+  {% for address in node.addresses %}
+  - {{ address }}
+  {% endfor %}
+  types:
+  {% for type in node.types %}
+  - {{ type }}
+  {% endfor %}
+{% endfor -%}
diff --git a/roles/any-sync-coordinator/templates/service.j2 b/roles/any-sync-coordinator/templates/service.j2
new file mode 100644
index 0000000..be8306e
--- /dev/null
+++ b/roles/any-sync-coordinator/templates/service.j2
@@ -0,0 +1,19 @@
+[Unit]
+Description=coordinator from any-sync protocol
+Wants=network-online.target
+After=syslog.target network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=simple
+User={{ any_sync_coordinator_user }}
+Group={{ any_sync_coordinator_group }}
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+ExecStart=/bin/any-sync-coordinator -c {{ any_sync_coordinator_config_path }}/config.yml
+Restart=on-failure
+RestartSec=5
+SyslogIdentifier=any-sync-coordinator
+StandardOutput=syslog
+StandardError=syslog
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/roles/any-sync-filenode/defaults/main.yml b/roles/any-sync-filenode/defaults/main.yml
new file mode 100644
index 0000000..3fe4b63
--- /dev/null
+++ b/roles/any-sync-filenode/defaults/main.yml
@@ -0,0 +1,50 @@
+---
+# user and group that the any_sync_filenode service will run as
+any_sync_filenode_user: any-sync-filenode
+any_sync_filenode_group: any-sync-filenode
+
+any_sync_filenode_version: 0.4.1
+any_sync_filenode_release_system: x86_64 # aarch64.rpm x86_64.rpm amd64.deb arm64.deb
+any_sync_filenode_release_name_rhel: "any-sync-filenode-{{ any_sync_filenode_version }}-1.{{ any_sync_filenode_release_system }}.rpm"
+any_sync_filenode_download_url_rhel: "https://github.com/anyproto/any-sync-filenode/releases/download/v{{ any_sync_filenode_version}}/{{ any_sync_filenode_release_name_rhel }}"
+
+any_sync_filenode_release_name_debian: "any-sync-filenode_{{ any_sync_filenode_version }}_{{ any_sync_filenode_release_system }}.deb"
+any_sync_filenode_download_url_debian: "https://github.com/anyproto/any-sync-filenode/releases/download/v{{ any_sync_filenode_version}}/{{ any_sync_filenode_release_name_debian }}"
+
+# any sync filenode configuration
+# see: https://github.com/anyproto/any-sync-filenode/blob/main/etc/any-sync-filenode.yml
+any_sync_filenode_config_path: /etc/any-sync-filenode
+any_sync_filenode_networkStorePath: /var/lib/any-sync-filenode/networkStore
+any_sync_filenode_aws_access: CHANGE_ME
+any_sync_filenode_aws_secret_access: CHANGE_ME
+any_sync_filenode_config:
+  drpc:
+    stream:
+      maxMsgSizeMb: 256
+      timeoutMilliseconds: 1000
+  log:
+    defaultLevel: ''
+    namedLevels: {}
+    production: false
+  metric:
+    addr: 0.0.0.0:8000
+  redis:
+    isCluster: true
+    # example of redis instances initialization
+    url: redis://any-sync-redis1:6379?dial_timeout=3&read_timeout=6s&addr=any-sync-redis1:6380&addr=any-sync-redis2:6379&addr=any-sync-redis2:6380&addr=any-sync-redis3:6379&addr=any-sync-redis3:6380
+  s3Store:
+    bucket: filenode
+    maxThreads: 16
+    profile: default
+    region: eu-central-2
+  yamux:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:443"
+    writeTimeoutSec: 10
+  quic:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:5430"
+    writeTimeoutSec: 10
+  networkStorePath: "{{ any_sync_filenode_networkStorePath }}"
diff --git a/roles/any-sync-filenode/handlers/main.yml b/roles/any-sync-filenode/handlers/main.yml
new file mode 100644
index 0000000..b4bfb04
--- /dev/null
+++ b/roles/any-sync-filenode/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Restart any-sync-filenode
+  systemd:
+    name: any-sync-filenode
+    daemon_reload: yes
+    state: restarted
diff --git a/roles/any-sync-filenode/tasks/config.yml b/roles/any-sync-filenode/tasks/config.yml
new file mode 100644
index 0000000..f4587d2
--- /dev/null
+++ b/roles/any-sync-filenode/tasks/config.yml
@@ -0,0 +1,31 @@
+---
+
+- name: Ensure config path
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+    owner: "{{ any_sync_filenode_user }}"
+    group: "{{ any_sync_filenode_group }}"
+  with_items:
+    - "{{ any_sync_filenode_config_path }}"
+    - "{{ any_sync_filenode_networkStorePath }}"
+    - "/home/{{ any_sync_filenode_user }}/.aws"
+
+- name: Copy credentials aws_cli
+  template:
+    src: aws_credentials.j2
+    dest: "/home/{{ any_sync_filenode_user }}/.aws/credentials"
+    mode: 0755
+
+- name: Copy config file
+  template:
+    src: config.yml.j2
+    dest: "{{ any_sync_filenode_config_path }}/config.yml"
+  notify: Restart any-sync-filenode
+
+- name: Copy systemd init file
+  template:
+    src: service.j2
+    dest: /etc/systemd/system/any-sync-filenode.service
+  notify: Restart any-sync-filenode
\ No newline at end of file
diff --git a/roles/any-sync-filenode/tasks/install.yml b/roles/any-sync-filenode/tasks/install.yml
new file mode 100644
index 0000000..6cbb10f
--- /dev/null
+++ b/roles/any-sync-filenode/tasks/install.yml
@@ -0,0 +1,50 @@
+---
+- name: Ensure group
+  group:
+    name: "{{ any_sync_filenode_group }}"
+    state: present
+
+- name: Сreate a user
+  user:
+    name: "{{ any_sync_filenode_user }}"
+    group: "{{ any_sync_filenode_group }}"
+    state: present
+
+- name: Download AWS CLI package
+  become: false
+  get_url:
+    url: "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip"
+    dest: "/tmp/awscliv2.zip"
+  register: _download_archive
+  until: _download_archive is succeeded
+  retries: 5
+  delay: 2
+
+- name: Extract AWS CLI package
+  become: false
+  unarchive:
+    src: "/tmp/awscliv2.zip"
+    dest: "/tmp/"
+    creates: "/tmp/awscliv2"
+    remote_src: yes
+
+- name: Check if AWS CLI is installed
+  command: aws --version
+  register: aws_version
+  ignore_errors: yes
+
+- name: Install AWS CLI
+  shell: sudo ./aws/install
+  args:
+    chdir: /tmp/
+  when: "'aws' not in aws_version.stderr"
+
+- name: Remote RPM install with yum
+  yum:
+    name: "{{ any_sync_filenode_download_url_rhel }}"
+  when: ansible_os_family == 'RedHat'
+
+- name: Remote DEB install with apt
+  apt:
+    deb: "{{ any_sync_filenode_download_url_debian }}"
+  when: ansible_os_family == 'Debian'
\ No newline at end of file
diff --git a/roles/any-sync-filenode/tasks/main.yml b/roles/any-sync-filenode/tasks/main.yml
new file mode 100644
index 0000000..f62243f
--- /dev/null
+++ b/roles/any-sync-filenode/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+
+- name: Install
+  import_tasks: install.yml
+  tags:
+    - install
+
+- name: Configure
+  import_tasks: config.yml
+  tags:
+    - configure
+
+- name: Service
+  import_tasks: service.yml
+  tags:
+    - service
\ No newline at end of file
diff --git a/roles/any-sync-filenode/tasks/service.yml b/roles/any-sync-filenode/tasks/service.yml
new file mode 100644
index 0000000..8d3b36a
--- /dev/null
+++ b/roles/any-sync-filenode/tasks/service.yml
@@ -0,0 +1,7 @@
+---
+- name: Start any-sync-filenode service
+  systemd:
+    name: any-sync-filenode
+    enabled: yes
+    state: started
+    daemon_reload: yes
diff --git a/roles/any-sync-filenode/templates/aws_credentials.j2 b/roles/any-sync-filenode/templates/aws_credentials.j2
new file mode 100644
index 0000000..da1db6c
--- /dev/null
+++ b/roles/any-sync-filenode/templates/aws_credentials.j2
@@ -0,0 +1,3 @@
+[default]
+aws_access_key_id = {{ any_sync_filenode_aws_access }}
+aws_secret_access_key = {{ any_sync_filenode_aws_secret_access }}
\ No newline at end of file
diff --git a/roles/any-sync-filenode/templates/config.yml.j2 b/roles/any-sync-filenode/templates/config.yml.j2
new file mode 100644
index 0000000..3c22367
--- /dev/null
+++ b/roles/any-sync-filenode/templates/config.yml.j2
@@ -0,0 +1,21 @@
+#jinja2: lstrip_blocks: "True"
+---
+account:
+  peerId: {{ any_sync_accounts[inventory_hostname]['peerId'] }}
+  peerKey: {{ any_sync_accounts[inventory_hostname]['peerKey'] }}
+  signingKey: {{ any_sync_accounts[inventory_hostname]['signingKey'] }}
+network:
+  networkId: {{ any_sync_network.networkId }}
+  nodes:
+  {% for node in any_sync_network.nodes %}
+  - peerId: {{ node.peerId }}
+    addresses:
+    {% for address in node.addresses %}
+    - {{ address }}
+    {% endfor %}
+    types:
+    {% for type in node.types %}
+    - {{ type }}
+    {% endfor %}
+  {% endfor -%}
+{{ any_sync_filenode_config | to_nice_yaml(indent=2) }}
diff --git a/roles/any-sync-filenode/templates/service.j2 b/roles/any-sync-filenode/templates/service.j2
new file mode 100644
index 0000000..60470b1
--- /dev/null
+++ b/roles/any-sync-filenode/templates/service.j2
@@ -0,0 +1,19 @@
+[Unit]
+Description=filenode from any-sync protocol
+Wants=network-online.target
+After=syslog.target network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=simple
+User={{ any_sync_filenode_user }}
+Group={{ any_sync_filenode_group }}
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+ExecStart=/bin/any-sync-filenode -c {{ any_sync_filenode_config_path }}/config.yml
+Restart=on-failure
+RestartSec=5
+SyslogIdentifier=any-sync-filenode
+StandardOutput=syslog
+StandardError=syslog
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/roles/any-sync-node/defaults/main.yml b/roles/any-sync-node/defaults/main.yml
new file mode 100644
index 0000000..032abd2
--- /dev/null
+++ b/roles/any-sync-node/defaults/main.yml
@@ -0,0 +1,54 @@
+---
+# user and group that the any_sync_node service will run as
+any_sync_node_user: any-sync-node
+any_sync_node_group: any-sync-node
+
+any_sync_node_version: 0.3.2
+any_sync_node_release_system: x86_64 # available: aarch64.rpm x86_64.rpm amd64.deb arm64.deb
+any_sync_node_release_name_rhel: "any-sync-node-{{ any_sync_node_version }}-1.{{ any_sync_node_release_system }}.rpm"
+any_sync_node_download_url_rhel: "https://github.com/anyproto/any-sync-node/releases/download/v{{ any_sync_node_version}}/{{ any_sync_node_release_name_rhel }}"
+
+any_sync_node_release_name_debian: "any-sync-node_{{ any_sync_node_version }}_{{ any_sync_node_release_system }}.deb"
+any_sync_node_download_url_debian: "https://github.com/anyproto/any-sync-node/releases/download/v{{ any_sync_node_version}}/{{ any_sync_node_release_name_debian }}"
+
+# any sync node configuration
+# see: https://github.com/anyproto/any-sync-node/blob/main/etc/any-sync-node.yml
+any_sync_node_config_path: /etc/any-sync-node
+any_sync_node_networkStorePath: /var/lib/any-sync-node/networkStore
+any_sync_node_config:
+  apiServer:
+    server:
+      listenAddrs:
+        - "{{ ansible_host }}:8080"
+    stream:
+      maxMsgSizeMb: 256
+      timeoutMilliseconds: 1000
+  drpc:
+    stream:
+      maxMsgSizeMb: 256
+      timeoutMilliseconds: 1000
+  log:
+    defaultLevel: ''
+    namedLevels: {}
+    production: false
+  metric:
+    addr: 0.0.0.0:8000
+  nodeSync:
+    periodicSyncHours: 2
+    syncOnStart: true
+  space:
+    gcTTL: 60
+    syncPeriod: 600
+  storage:
+    path: "/storage"
+  yamux:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:443"
+    writeTimeoutSec: 10
+  quic:
+    dialTimeoutSec: 10
+    listenAddrs:
+    - "{{ ansible_host }}:5430"
+    writeTimeoutSec: 10
+  networkStorePath: "{{ any_sync_node_networkStorePath }}"
diff --git a/roles/any-sync-node/handlers/main.yml b/roles/any-sync-node/handlers/main.yml
new file mode 100644
index 0000000..b128716
--- /dev/null
+++ b/roles/any-sync-node/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Restart any-sync-node
+  systemd:
+    name: any-sync-node
+    daemon_reload: yes
+    state: restarted
diff --git a/roles/any-sync-node/tasks/config.yml b/roles/any-sync-node/tasks/config.yml
new file mode 100644
index 0000000..048bb78
--- /dev/null
+++ b/roles/any-sync-node/tasks/config.yml
@@ -0,0 +1,24 @@
+---
+
+- name: Ensure config path
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+    owner: "{{ any_sync_node_user }}"
+    group: "{{ any_sync_node_group }}"
+  with_items:
+    - "{{ any_sync_node_config_path }}"
+    - "{{ any_sync_node_networkStorePath }}"
+
+- name: Copy config file
+  template:
+    src: config.yml.j2
+    dest: "{{ any_sync_node_config_path }}/config.yml"
+  notify: Restart any-sync-node
+
+- name: Copy systemd init file
+  template:
+    src: service.j2
+    dest: /etc/systemd/system/any-sync-node.service
+  notify: Restart any-sync-node
\ No newline at end of file
diff --git a/roles/any-sync-node/tasks/install.yml b/roles/any-sync-node/tasks/install.yml
new file mode 100644
index 0000000..70e206d
--- /dev/null
+++ b/roles/any-sync-node/tasks/install.yml
@@ -0,0 +1,21 @@
+---
+- name: Ensure group
+  group:
+    name: "{{ any_sync_node_group }}"
+    state: present
+
+- name: Сreate a user
+  user:
+    name: "{{ any_sync_node_user }}"
+    group: "{{ any_sync_node_group }}"
+    state: present
+
+- name: Remote RPM install with yum
+  yum:
+    name: "{{ any_sync_node_download_url_rhel }}"
+  when: ansible_os_family == 'RedHat'
+
+- name: Remote DEB install with apt
+  apt:
+    deb: "{{ any_sync_node_download_url_debian }}"
+  when: ansible_os_family == 'Debian'
\ No newline at end of file
diff --git a/roles/any-sync-node/tasks/main.yml b/roles/any-sync-node/tasks/main.yml
new file mode 100644
index 0000000..f62243f
--- /dev/null
+++ b/roles/any-sync-node/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+
+- name: Install
+  import_tasks: install.yml
+  tags:
+    - install
+
+- name: Configure
+  import_tasks: config.yml
+  tags:
+    - configure
+
+- name: Service
+  import_tasks: service.yml
+  tags:
+    - service
\ No newline at end of file
diff --git a/roles/any-sync-node/tasks/service.yml b/roles/any-sync-node/tasks/service.yml
new file mode 100644
index 0000000..2159980
--- /dev/null
+++ b/roles/any-sync-node/tasks/service.yml
@@ -0,0 +1,7 @@
+---
+- name: Start any-sync-node service
+  systemd:
+    name: any-sync-node
+    enabled: yes
+    state: started
+    daemon_reload: yes
diff --git a/roles/any-sync-node/templates/config.yml.j2 b/roles/any-sync-node/templates/config.yml.j2
new file mode 100644
index 0000000..53a3423
--- /dev/null
+++ b/roles/any-sync-node/templates/config.yml.j2
@@ -0,0 +1,22 @@
+#jinja2: lstrip_blocks: "True"
+---
+account:
+  peerId: {{ any_sync_accounts[inventory_hostname]['peerId'] }}
+  peerKey: {{ any_sync_accounts[inventory_hostname]['peerKey'] }}
+  signingKey: {{ any_sync_accounts[inventory_hostname]['signingKey'] }}
+network:
+  networkId: {{ any_sync_network.networkId }}
+  nodes:
+  {% for node in any_sync_network.nodes %}
+  - peerId: {{ node.peerId }}
+    addresses:
+    {% for address in node.addresses %}
+    - {{ address }}
+    {% endfor %}
+    types:
+    {% for type in node.types %}
+    - {{ type }}
+    {% endfor %}
+  {% endfor -%}
+
+{{ any_sync_node_config | to_nice_yaml(indent=2) }}
diff --git a/roles/any-sync-node/templates/service.j2 b/roles/any-sync-node/templates/service.j2
new file mode 100644
index 0000000..8e3eb8d
--- /dev/null
+++ b/roles/any-sync-node/templates/service.j2
@@ -0,0 +1,19 @@
+[Unit]
+Description=Node from any-sync protocol
+Wants=network-online.target
+After=syslog.target network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=simple
+User={{ any_sync_node_user }}
+Group={{ any_sync_node_group }}
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+ExecStart=/bin/any-sync-node -c {{ any_sync_node_config_path }}/config.yml
+Restart=on-failure
+RestartSec=5
+SyslogIdentifier=any-sync-node
+StandardOutput=syslog
+StandardError=syslog
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file